nss-3.35/nss/.hg_archival.txt0000644000000000000000000000021013230126417014256 0ustar 00000000000000repo: 9949429068caa6bb8827a8ceeaa7c605d722f47f node: 256ac50bbb6b863e75fd4a533fc24d23eaae269e branch: NSS_3_35_BRANCH tag: NSS_3_35_RTM nss-3.35/nss/.clang-format0000644000000000000000000000371313230126417013556 0ustar 00000000000000--- Language: Cpp # BasedOnStyle: Mozilla AccessModifierOffset: -2 AlignAfterOpenBracket: true AlignEscapedNewlinesLeft: false AlignOperands: true AlignTrailingComments: true AllowAllParametersOfDeclarationOnNextLine: false AllowShortBlocksOnASingleLine: false AllowShortCaseLabelsOnASingleLine: false AllowShortIfStatementsOnASingleLine: false AllowShortLoopsOnASingleLine: false AllowShortFunctionsOnASingleLine: All AlwaysBreakAfterDefinitionReturnType: true AlwaysBreakTemplateDeclarations: false AlwaysBreakBeforeMultilineStrings: false BreakBeforeBinaryOperators: false BreakBeforeTernaryOperators: true BreakConstructorInitializersBeforeComma: false BinPackParameters: true BinPackArguments: true ColumnLimit: 0 ConstructorInitializerAllOnOneLineOrOnePerLine: true ConstructorInitializerIndentWidth: 4 DerivePointerAlignment: true ExperimentalAutoDetectBinPacking: false IndentCaseLabels: true IndentWrappedFunctionNames: false IndentFunctionDeclarationAfterType: false MaxEmptyLinesToKeep: 1 KeepEmptyLinesAtTheStartOfBlocks: true NamespaceIndentation: None ObjCBlockIndentWidth: 2 ObjCSpaceAfterProperty: true ObjCSpaceBeforeProtocolList: false PenaltyBreakBeforeFirstCallParameter: 19 PenaltyBreakComment: 300 PenaltyBreakString: 1000 PenaltyBreakFirstLessLess: 120 PenaltyExcessCharacter: 1000000 PenaltyReturnTypeOnItsOwnLine: 200 PointerAlignment: Right SpacesBeforeTrailingComments: 1 Cpp11BracedListStyle: false Standard: Cpp03 IndentWidth: 4 TabWidth: 8 UseTab: Never BreakBeforeBraces: Linux SpacesInParentheses: false SpacesInSquareBrackets: false SpacesInAngles: false SpaceInEmptyParentheses: false SpacesInCStyleCastParentheses: false SpaceAfterCStyleCast: false SpacesInContainerLiterals: true SpaceBeforeAssignmentOperators: true ContinuationIndentWidth: 4 CommentPragmas: '^ IWYU pragma:' ForEachMacros: [ foreach, Q_FOREACH, BOOST_FOREACH ] SpaceBeforeParens: ControlStatements DisableFormat: false SortIncludes: false ... nss-3.35/nss/.gitignore0000644000000000000000000000024713230126417013172 0ustar 00000000000000*~ *.swp *OPT.OBJ/ *DBG.OBJ/ *DBG.OBJD/ out/* *.pyc *.bak *.out *.rej *.patch GPATH GRTAGS GTAGS #* .#* .ycm_extra_conf.py* fuzz/libFuzzer/* fuzz/corpus fuzz/out .chk nss-3.35/nss/.hgignore0000644000000000000000000000026113230126417013001 0ustar 00000000000000syntax: glob *~ *OPT.OBJ/* *DBG.OBJ/* *DBG.OBJD/* out/* *.pyc *.bak *.out *.rej *.patch GPATH GRTAGS GTAGS #* .#* .ycm_extra_conf.py* fuzz/libFuzzer/* fuzz/corpus fuzz/out .chk nss-3.35/nss/.taskcluster.yml0000644000000000000000000000511013230126417014341 0ustar 00000000000000--- version: 0 metadata: name: "NSS Continuous Integration" description: "The Taskcluster task graph for the NSS tree" owner: "mozilla-taskcluster-maintenance@mozilla.com" source: {{{source}}} scopes: # Note the below scopes are insecure however these get overriden on the server # side to whatever scopes are set by mozilla-taskcluster. - queue:* - docker-worker:* - scheduler:* # Available mustache parameters (see the mozilla-taskcluster source): # # - owner: push user (email address) # - source: URL of this YAML file # - url: repository URL # - project: alias for the destination repository (basename of # the repo url) # - level: SCM level of the destination repository # (1 = try, 3 = core) # - revision: (short) hg revision of the head of the push # - revision_hash: (long) hg revision of the head of the push # - comment: comment of the push # - pushlog_id: id in the pushlog table of the repository # # and functions: # - as_slugid: convert a label into a slugId # - from_now: generate a timestamp at a fixed offset from now tasks: - taskId: '{{#as_slugid}}decision task{{/as_slugid}}' reruns: 3 task: created: '{{now}}' deadline: '{{#from_now}}1 day{{/from_now}}' expires: '{{#from_now}}14 days{{/from_now}}' metadata: owner: mozilla-taskcluster-maintenance@mozilla.com source: {{{source}}} name: "NSS Decision Task" description: | The task that creates all of the other tasks in the task graph workerType: "hg-worker" provisionerId: "aws-provisioner-v1" tags: createdForUser: {{owner}} routes: - "tc-treeherder-stage.v2.{{project}}.{{revision}}.{{pushlog_id}}" - "tc-treeherder.v2.{{project}}.{{revision}}.{{pushlog_id}}" payload: image: nssdev/nss-decision:0.0.2 env: TC_OWNER: {{owner}} TC_SOURCE: {{{source}}} TC_PROJECT: {{project}} TC_COMMENT: '{{comment}}' NSS_PUSHLOG_ID: '{{pushlog_id}}' NSS_HEAD_REPOSITORY: '{{{url}}}' NSS_HEAD_REVISION: '{{revision}}' maxRunTime: 1800 command: - bash - -cx - > bin/checkout.sh && nss/automation/taskcluster/scripts/extend_task_graph.sh features: taskclusterProxy: true extra: treeherder: symbol: D build: platform: nss-decision machine: platform: nss-decision nss-3.35/nss/COPYING0000644000000000000000000004326413230126417012243 0ustar 00000000000000NSS is available under the Mozilla Public License, version 2, a copy of which is below. Note on GPL Compatibility ------------------------- The MPL 2, section 3.3, permits you to combine NSS with code under the GNU General Public License (GPL) version 2, or any later version of that license, to make a Larger Work, and distribute the result under the GPL. The only condition is that you must also make NSS, and any changes you have made to it, available to recipients under the terms of the MPL 2 also. Anyone who receives the combined code from you does not have to continue to dual licence in this way, and may, if they wish, distribute under the terms of either of the two licences - either the MPL alone or the GPL alone. However, we discourage people from distributing copies of NSS under the GPL alone, because it means that any improvements they make cannot be reincorporated into the main version of NSS. There is never a need to do this for license compatibility reasons. Note on LGPL Compatibility -------------------------- The above also applies to combining MPLed code in a single library with code under the GNU Lesser General Public License (LGPL) version 2.1, or any later version of that license. If the LGPLed code and the MPLed code are not in the same library, then the copyleft coverage of the two licences does not overlap, so no issues arise. Mozilla Public License Version 2.0 ================================== 1. Definitions -------------- 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. 1.3. "Contribution" means Covered Software of a particular Contributor. 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. 1.5. "Incompatible With Secondary Licenses" means (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. 1.6. "Executable Form" means any form of the work other than Source Code Form. 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. 1.8. "License" means this document. 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. 1.10. "Modifications" means any of the following: (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or (b) any new file in Source Code Form that contains any Covered Software. 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. 1.13. "Source Code Form" means the form of the work preferred for making modifications. 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. License Grants and Conditions -------------------------------- 2.1. Grants Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. 2.2. Effective Date The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. 2.3. Limitations on Grant Scope The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: (a) for any code that a Contributor has removed from Covered Software; or (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). 2.4. Subsequent Licenses No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). 2.5. Representation Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. 2.6. Fair Use This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. 2.7. Conditions Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. 3. Responsibilities ------------------- 3.1. Distribution of Source Form All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. 3.2. Distribution of Executable Form If You distribute Covered Software in Executable Form then: (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. 3.3. Distribution of a Larger Work You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). 3.4. Notices You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. 3.5. Application of Additional Terms You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. 4. Inability to Comply Due to Statute or Regulation --------------------------------------------------- If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Termination -------------- 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. ************************************************************************ * * * 6. Disclaimer of Warranty * * ------------------------- * * * * Covered Software is provided under this License on an "as is" * * basis, without warranty of any kind, either expressed, implied, or * * statutory, including, without limitation, warranties that the * * Covered Software is free of defects, merchantable, fit for a * * particular purpose or non-infringing. The entire risk as to the * * quality and performance of the Covered Software is with You. * * Should any Covered Software prove defective in any respect, You * * (not any Contributor) assume the cost of any necessary servicing, * * repair, or correction. This disclaimer of warranty constitutes an * * essential part of this License. No use of any Covered Software is * * authorized under this License except under this disclaimer. * * * ************************************************************************ ************************************************************************ * * * 7. Limitation of Liability * * -------------------------- * * * * Under no circumstances and under no legal theory, whether tort * * (including negligence), contract, or otherwise, shall any * * Contributor, or anyone who distributes Covered Software as * * permitted above, be liable to You for any direct, indirect, * * special, incidental, or consequential damages of any character * * including, without limitation, damages for lost profits, loss of * * goodwill, work stoppage, computer failure or malfunction, or any * * and all other commercial damages or losses, even if such party * * shall have been informed of the possibility of such damages. This * * limitation of liability shall not apply to liability for death or * * personal injury resulting from such party's negligence to the * * extent applicable law prohibits such limitation. Some * * jurisdictions do not allow the exclusion or limitation of * * incidental or consequential damages, so this exclusion and * * limitation may not apply to You. * * * ************************************************************************ 8. Litigation ------------- Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. 9. Miscellaneous ---------------- This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. 10. Versions of the License --------------------------- 10.1. New Versions Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. 10.2. Effect of New Versions You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. 10.3. Modified Versions If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice ------------------------------------------- This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/. If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. You may add additional accurate notices of copyright ownership. Exhibit B - "Incompatible With Secondary Licenses" Notice --------------------------------------------------------- This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. nss-3.35/nss/Makefile0000644000000000000000000001162313230126417012642 0ustar 00000000000000#! gmake # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. ####################################################################### # (1) Include initial platform-independent assignments (MANDATORY). # ####################################################################### include manifest.mn ####################################################################### # (2) Include "global" configuration information. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/config.mk ####################################################################### # (3) Include "component" configuration information. (OPTIONAL) # ####################################################################### ####################################################################### # (4) Include "local" platform-dependent assignments (OPTIONAL). # ####################################################################### ifdef NSS_DISABLE_GTESTS DIRS := $(filter-out gtests,$(DIRS)) DIRS := $(filter-out cpputil,$(DIRS)) endif ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/rules.mk ####################################################################### # (6) Execute "component" rules. (OPTIONAL) # ####################################################################### ####################################################################### # (7) Execute "local" rules. (OPTIONAL). # ####################################################################### nss_build_all: build_nspr all latest nss_clean_all: clobber_nspr clobber NSPR_CONFIG_STATUS = $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME)/config.status NSPR_CONFIGURE = $(CORE_DEPTH)/../nspr/configure # # Translate coreconf build options to NSPR configure options. # ifeq ($(OS_TARGET),Android) NSPR_CONFIGURE_OPTS += --with-android-ndk=$(ANDROID_NDK) \ --target=$(ANDROID_PREFIX) \ --with-android-version=$(OS_TARGET_RELEASE) \ --with-android-toolchain=$(ANDROID_TOOLCHAIN) \ --with-android-platform=$(ANDROID_SYSROOT) endif ifdef BUILD_OPT NSPR_CONFIGURE_OPTS += --disable-debug --enable-optimize endif ifdef USE_X32 NSPR_CONFIGURE_OPTS += --enable-x32 endif ifdef USE_64 NSPR_CONFIGURE_OPTS += --enable-64bit endif ifeq ($(OS_TARGET),WIN95) NSPR_CONFIGURE_OPTS += --enable-win32-target=WIN95 endif ifdef USE_DEBUG_RTL NSPR_CONFIGURE_OPTS += --enable-debug-rtl endif ifdef USE_STATIC_RTL NSPR_CONFIGURE_OPTS += --enable-static-rtl endif ifdef NS_USE_GCC NSPR_CONFIGURE_ENV = CC=gcc CXX=g++ endif ifdef CC NSPR_CONFIGURE_ENV = CC=$(CC) endif ifdef CCC NSPR_CONFIGURE_ENV += CXX=$(CCC) endif # Remove -arch definitions. NSPR can't handle that. NSPR_CONFIGURE_ENV := $(filter-out -arch x86_64,$(NSPR_CONFIGURE_ENV)) NSPR_CONFIGURE_ENV := $(filter-out -arch i386,$(NSPR_CONFIGURE_ENV)) NSPR_CONFIGURE_ENV := $(filter-out -arch ppc,$(NSPR_CONFIGURE_ENV)) # # Some pwd commands on Windows (for example, the pwd # command in Cygwin) return a pathname that begins # with a (forward) slash. When such a pathname is # passed to Windows build tools (for example, cl), it # is mistaken as a command-line option. If that is the case, # we use a relative pathname as NSPR's prefix on Windows. # USEABSPATH="YES" ifeq (,$(filter-out WIN%,$(OS_TARGET))) ifeq (,$(findstring :,$(shell pwd))) USEABSPATH="NO" endif endif ifeq ($(USEABSPATH),"YES") NSPR_PREFIX = $(shell pwd)/../dist/$(OBJDIR_NAME) else NSPR_PREFIX = $$(topsrcdir)/../dist/$(OBJDIR_NAME) endif ifndef NSS_GYP_PREFIX $(NSPR_CONFIG_STATUS): $(NSPR_CONFIGURE) mkdir -p $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME) cd $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME) ; \ $(NSPR_CONFIGURE_ENV) sh ../configure \ $(NSPR_CONFIGURE_OPTS) \ --with-dist-prefix='$(NSPR_PREFIX)' \ --with-dist-includedir='$(NSPR_PREFIX)/include' else $(NSPR_CONFIG_STATUS): $(NSPR_CONFIGURE) mkdir -p $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME) cd $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME) ; \ $(NSPR_CONFIGURE_ENV) sh ../configure \ $(NSPR_CONFIGURE_OPTS) \ --prefix='$(NSS_GYP_PREFIX)' endif build_nspr: $(NSPR_CONFIG_STATUS) $(MAKE) -C $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME) install_nspr: build_nspr $(MAKE) -C $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME) install clobber_nspr: $(NSPR_CONFIG_STATUS) $(MAKE) -C $(CORE_DEPTH)/../nspr/$(OBJDIR_NAME) clobber build_docs: $(MAKE) -C $(CORE_DEPTH)/doc clean_docs: $(MAKE) -C $(CORE_DEPTH)/doc clean nss_RelEng_bld: import all package: $(MAKE) -C pkg publish latest: echo $(OBJDIR_NAME) > $(CORE_DEPTH)/../dist/latest nss-3.35/nss/automation/abi-check/expected-report-libfreebl3.so.txt0000644000000000000000000000000013230126417023455 0ustar 00000000000000nss-3.35/nss/automation/abi-check/expected-report-libfreeblpriv3.so.txt0000644000000000000000000000000013230126417024356 0ustar 00000000000000nss-3.35/nss/automation/abi-check/expected-report-libnspr4.so.txt0000644000000000000000000000044113230126417023212 0ustar 00000000000000Functions changes summary: 1 Removed, 0 Changed, 0 Added function Variables changes summary: 0 Removed, 0 Changed, 0 Added variable 1 Removed function: 'function void PR_EXPERIMENTAL_ONLY_IN_4_17_GetOverlappedIOHandle(void**)' {PR_EXPERIMENTAL_ONLY_IN_4_17_GetOverlappedIOHandle} nss-3.35/nss/automation/abi-check/expected-report-libnss3.so.txt0000644000000000000000000000000013230126417023021 0ustar 00000000000000nss-3.35/nss/automation/abi-check/expected-report-libnssckbi.so.txt0000644000000000000000000000000013230126417023567 0ustar 00000000000000nss-3.35/nss/automation/abi-check/expected-report-libnssdbm3.so.txt0000644000000000000000000000000013230126417023504 0ustar 00000000000000nss-3.35/nss/automation/abi-check/expected-report-libnsssysinit.so.txt0000644000000000000000000000000013230126417024361 0ustar 00000000000000nss-3.35/nss/automation/abi-check/expected-report-libnssutil3.so.txt0000644000000000000000000000000013230126417023717 0ustar 00000000000000nss-3.35/nss/automation/abi-check/expected-report-libplc4.so.txt0000644000000000000000000000000013230126417022775 0ustar 00000000000000nss-3.35/nss/automation/abi-check/expected-report-libplds4.so.txt0000644000000000000000000000000013230126417023161 0ustar 00000000000000nss-3.35/nss/automation/abi-check/expected-report-libsmime3.so.txt0000644000000000000000000000000013230126417023330 0ustar 00000000000000nss-3.35/nss/automation/abi-check/expected-report-libsoftokn3.so.txt0000644000000000000000000000000013230126417023701 0ustar 00000000000000nss-3.35/nss/automation/abi-check/expected-report-libssl3.so.txt0000644000000000000000000000022613230126417023031 0ustar 00000000000000Functions changes summary: 0 Removed, 0 Changed (5 filtered out), 0 Added function Variables changes summary: 0 Removed, 0 Changed, 0 Added variable nss-3.35/nss/automation/abi-check/previous-nss-release0000644000000000000000000000002013230126417021173 0ustar 00000000000000NSS_3_34_BRANCH nss-3.35/nss/automation/buildbot-slave/bbenv-example.sh0000644000000000000000000000264013230126417021356 0ustar 00000000000000#! /bin/bash # Each buildbot-slave requires a bbenv.sh file that defines # machine specific variables. This is an example file. HOST=$(hostname | cut -d. -f1) export HOST # if your machine's IP isn't registered in DNS, # you must set appropriate environment variables # that can be resolved locally. # For example, if localhost.localdomain works on your system, set: #HOST=localhost #DOMSUF=localdomain #export DOMSUF ARCH=$(uname -s) ulimit -c unlimited 2> /dev/null export NSPR_LOG_MODULES="pkix:1" #export JAVA_HOME_32= #export JAVA_HOME_64= #enable if you have PKITS data #export PKITS_DATA=$HOME/pkits/data/ NSS_BUILD_TARGET="clean nss_build_all" JSS_BUILD_TARGET="clean all" MAKE=gmake AWK=awk PATCH=patch if [ "${ARCH}" = "SunOS" ]; then AWK=nawk PATCH=gpatch ARCH=SunOS/$(uname -p) fi if [ "${ARCH}" = "Linux" -a -f /etc/system-release ]; then VERSION=`sed -e 's; release ;;' -e 's; (.*)$;;' -e 's;Red Hat Enterprise Linux Server;RHEL;' -e 's;Red Hat Enterprise Linux Workstation;RHEL;' /etc/system-release` ARCH=Linux/${VERSION} echo ${ARCH} fi PROCESSOR=$(uname -p) if [ "${PROCESSOR}" = "ppc64" ]; then ARCH="${ARCH}/ppc64" fi if [ "${PROCESSOR}" = "powerpc" ]; then ARCH="${ARCH}/ppc" fi PORT_64_DBG=8543 PORT_64_OPT=8544 PORT_32_DBG=8545 PORT_32_OPT=8546 if [ "${NSS_TESTS}" = "memleak" ]; then PORT_64_DBG=8547 PORT_64_OPT=8548 PORT_32_DBG=8549 PORT_32_OPT=8550 fi nss-3.35/nss/automation/buildbot-slave/build.sh0000755000000000000000000003241313230126417017734 0ustar 00000000000000#! /bin/bash # Ensure a failure of the first command inside a pipe # won't be hidden by commands later in the pipe. # (e.g. as in ./dosomething | grep) set -o pipefail proc_args() { while [ -n "$1" ]; do OPT=$(echo $1 | cut -d= -f1) VAL=$(echo $1 | cut -d= -f2) case $OPT in "--build-nss") BUILD_NSS=1 ;; "--test-nss") TEST_NSS=1 ;; "--check-abi") CHECK_ABI=1 ;; "--build-jss") BUILD_JSS=1 ;; "--test-jss") TEST_JSS=1 ;; "--memtest") NSS_TESTS="memleak" export NSS_TESTS ;; "--nojsssign") NO_JSS_SIGN=1 ;; *) echo "Usage: $0 ..." echo " --memtest - run the memory leak tests" echo " --nojsssign - try to sign jss" echo " --build-nss" echo " --build-jss" echo " --test-nss" echo " --test-jss" echo " --check-abi" exit 1 ;; esac shift done } set_env() { TOPDIR=$(pwd) HGDIR=$(pwd)$(echo "/hg") OUTPUTDIR=$(pwd)$(echo "/output") LOG_ALL="${OUTPUTDIR}/all.log" LOG_TMP="${OUTPUTDIR}/tmp.log" echo "hello" |grep --line-buffered hello >/dev/null 2>&1 [ $? -eq 0 ] && GREP_BUFFER="--line-buffered" } print_log() { DATE=$(date "+TB [%Y-%m-%d %H:%M:%S]") echo "${DATE} $*" echo "${DATE} $*" >> ${LOG_ALL} } print_result() { TESTNAME=$1 RET=$2 EXP=$3 if [ ${RET} -eq ${EXP} ]; then print_log "${TESTNAME} PASSED" else print_log "${TESTNAME} FAILED" fi } print_env() { print_log "######## Environment variables ########" uname -a | tee -a ${LOG_ALL} if [ -e "/etc/redhat-release" ]; then cat "/etc/redhat-release" | tee -a ${LOG_ALL} fi # don't print the MAIL command, it might contain a password env | grep -v "^MAIL=" | tee -a ${LOG_ALL} } set_cycle() { BITS=$1 OPT=$2 if [ "${BITS}" = "64" ]; then USE_64=1 JAVA_HOME=${JAVA_HOME_64} PORT_DBG=${PORT_64_DBG} PORT_OPT=${PORT_64_OPT} else USE_64= JAVA_HOME=${JAVA_HOME_32} PORT_DBG=${PORT_32_DBG} PORT_OPT=${PORT_32_OPT} fi export USE_64 export JAVA_HOME BUILD_OPT= if [ "${OPT}" = "OPT" ]; then BUILD_OPT=1 XPCLASS=xpclass.jar PORT=${PORT_OPT} else BUILD_OPT= XPCLASS=xpclass_dbg.jar PORT=${PORT_DBG} fi export BUILD_OPT PORT_JSS_SERVER=$(expr ${PORT} + 20) PORT_JSSE_SERVER=$(expr ${PORT} + 40) export PORT export PORT_JSS_SERVER export PORT_JSSE_SERVER } build_nss() { print_log "######## NSS - build - ${BITS} bits - ${OPT} ########" print_log "$ cd ${HGDIR}/nss" cd ${HGDIR}/nss print_log "$ ${MAKE} ${NSS_BUILD_TARGET}" #${MAKE} ${NSS_BUILD_TARGET} 2>&1 | tee -a ${LOG_ALL} | grep ${GREP_BUFFER} "^${MAKE}" ${MAKE} ${NSS_BUILD_TARGET} 2>&1 | tee -a ${LOG_ALL} RET=$? print_result "NSS - build - ${BITS} bits - ${OPT}" ${RET} 0 if [ ${RET} -eq 0 ]; then return 0 else tail -100 ${LOG_ALL} return ${RET} fi } build_jss() { print_log "######## JSS - build - ${BITS} bits - ${OPT} ########" print_log "$ cd ${HGDIR}/jss" cd ${HGDIR}/jss print_log "$ ${MAKE} ${JSS_BUILD_TARGET}" #${MAKE} ${JSS_BUILD_TARGET} 2>&1 | tee -a ${LOG_ALL} | grep ${GREP_BUFFER} "^${MAKE}" ${MAKE} ${JSS_BUILD_TARGET} 2>&1 | tee -a ${LOG_ALL} RET=$? print_result "JSS build - ${BITS} bits - ${OPT}" ${RET} 0 [ ${RET} -eq 0 ] || return ${RET} print_log "$ cd ${HGDIR}/dist" cd ${HGDIR}/dist if [ -z "${NO_JSS_SIGN}" ]; then print_log "cat ${TOPDIR}/keystore.pw | ${JAVA_HOME}/bin/jarsigner -keystore ${TOPDIR}/keystore -internalsf ${XPCLASS} jssdsa" cat ${TOPDIR}/keystore.pw | ${JAVA_HOME}/bin/jarsigner -keystore ${TOPDIR}/keystore -internalsf ${XPCLASS} jssdsa >> ${LOG_ALL} 2>&1 RET=$? print_result "JSS - sign JAR files - ${BITS} bits - ${OPT}" ${RET} 0 [ ${RET} -eq 0 ] || return ${RET} fi print_log "${JAVA_HOME}/bin/jarsigner -verify -certs ${XPCLASS}" ${JAVA_HOME}/bin/jarsigner -verify -certs ${XPCLASS} >> ${LOG_ALL} 2>&1 RET=$? print_result "JSS - verify JAR files - ${BITS} bits - ${OPT}" ${RET} 0 [ ${RET} -eq 0 ] || return ${RET} return 0 } test_nss() { print_log "######## NSS - tests - ${BITS} bits - ${OPT} ########" if [ "${OS_TARGET}" = "Android" ]; then print_log "$ cd ${HGDIR}/nss/tests/remote" cd ${HGDIR}/nss/tests/remote print_log "$ make test_android" make test_android 2>&1 | tee ${LOG_TMP} | grep ${GREP_BUFFER} ": #" OUTPUTFILE=${HGDIR}/tests_results/security/*.1/output.log else print_log "$ cd ${HGDIR}/nss/tests" cd ${HGDIR}/nss/tests print_log "$ ./all.sh" ./all.sh 2>&1 | tee ${LOG_TMP} | egrep ${GREP_BUFFER} ": #|^\[.{10}\] " OUTPUTFILE=${LOG_TMP} fi cat ${LOG_TMP} >> ${LOG_ALL} tail -n2 ${HGDIR}/tests_results/security/*.1/results.html | grep END_OF_TEST >> ${LOG_ALL} RET=$? print_log "######## details of detected failures (if any) ########" grep -B50 FAILED ${OUTPUTFILE} [ $? -eq 1 ] || RET=1 print_result "NSS - tests - ${BITS} bits - ${OPT}" ${RET} 0 return ${RET} } check_abi() { print_log "######## NSS ABI CHECK - ${BITS} bits - ${OPT} ########" print_log "######## creating temporary HG clones ########" rm -rf ${HGDIR}/baseline mkdir ${HGDIR}/baseline BASE_NSS=`cat ${HGDIR}/nss/automation/abi-check/previous-nss-release` hg clone -u "${BASE_NSS}" "${HGDIR}/nss" "${HGDIR}/baseline/nss" if [ $? -ne 0 ]; then echo "invalid tag in automation/abi-check/previous-nss-release" return 1 fi BASE_NSPR=NSPR_$(head -1 ${HGDIR}/baseline/nss/automation/release/nspr-version.txt | cut -d . -f 1-2 | tr . _)_BRANCH hg clone -u "${BASE_NSPR}" "${HGDIR}/nspr" "${HGDIR}/baseline/nspr" if [ $? -ne 0 ]; then echo "nonexisting tag ${BASE_NSPR} derived from ${BASE_NSS} automation/release/nspr-version.txt" # Assume that version hasn't been released yet, fall back to trunk pushd "${HGDIR}/baseline/nspr" hg update default popd fi print_log "######## building baseline NSPR/NSS ########" pushd ${HGDIR}/baseline/nss print_log "$ ${MAKE} ${NSS_BUILD_TARGET}" ${MAKE} ${NSS_BUILD_TARGET} 2>&1 | tee -a ${LOG_ALL} RET=$? print_result "NSS - build - ${BITS} bits - ${OPT}" ${RET} 0 if [ ${RET} -ne 0 ]; then tail -100 ${LOG_ALL} return ${RET} fi popd ABI_PROBLEM_FOUND=0 ABI_REPORT=${OUTPUTDIR}/abi-diff.txt rm -f ${ABI_REPORT} PREVDIST=${HGDIR}/baseline/dist NEWDIST=${HGDIR}/dist ALL_SOs="libfreebl3.so libfreeblpriv3.so libnspr4.so libnss3.so libnssckbi.so libnssdbm3.so libnsssysinit.so libnssutil3.so libplc4.so libplds4.so libsmime3.so libsoftokn3.so libssl3.so" for SO in ${ALL_SOs}; do if [ ! -f ${HGDIR}/nss/automation/abi-check/expected-report-$SO.txt ]; then touch ${HGDIR}/nss/automation/abi-check/expected-report-$SO.txt fi abidiff --hd1 $PREVDIST/public/ --hd2 $NEWDIST/public \ $PREVDIST/*/lib/$SO $NEWDIST/*/lib/$SO \ > ${HGDIR}/nss/automation/abi-check/new-report-$SO.txt if [ $? -ne 0 ]; then ABI_PROBLEM_FOUND=1 print_log "FAILED to run abidiff {$PREVDIST , $NEWDIST} for $SO, or failed writing to ${HGDIR}/nss/automation/abi-check/new-report-$SO.txt" fi if [ ! -f ${HGDIR}/nss/automation/abi-check/expected-report-$SO.txt ]; then ABI_PROBLEM_FOUND=1 print_log "FAILED to access report file: ${HGDIR}/nss/automation/abi-check/expected-report-$SO.txt" fi diff -wB -u ${HGDIR}/nss/automation/abi-check/expected-report-$SO.txt \ ${HGDIR}/nss/automation/abi-check/new-report-$SO.txt >> ${ABI_REPORT} if [ ! -f ${ABI_REPORT} ]; then ABI_PROBLEM_FOUND=1 print_log "FAILED to compare exepcted and new report: ${HGDIR}/nss/automation/abi-check/new-report-$SO.txt" fi done if [ -s ${ABI_REPORT} ]; then print_log "FAILED: there are new unexpected ABI changes" cat ${ABI_REPORT} return 1 elif [ $ABI_PROBLEM_FOUND -ne 0 ]; then print_log "FAILED: failure executing the ABI checks" cat ${ABI_REPORT} return 1 fi return 0 } test_jss() { print_log "######## JSS - tests - ${BITS} bits - ${OPT} ########" print_log "$ cd ${HGDIR}/jss" cd ${HGDIR}/jss print_log "$ ${MAKE} platform" PLATFORM=$(${MAKE} platform) print_log "PLATFORM=${PLATFORM}" print_log "$ cd ${HGDIR}/jss/org/mozilla/jss/tests" cd ${HGDIR}/jss/org/mozilla/jss/tests print_log "$ perl all.pl dist ${HGDIR}/dist/${PLATFORM}" perl all.pl dist ${HGDIR}/dist/${PLATFORM} 2>&1 | tee ${LOG_TMP} cat ${LOG_TMP} >> ${LOG_ALL} tail -n2 ${LOG_TMP} | grep JSSTEST_RATE > /dev/null RET=$? grep FAIL ${LOG_TMP} [ $? -eq 1 ] || RET=1 print_result "JSS - tests - ${BITS} bits - ${OPT}" ${RET} 0 return ${RET} } create_objdir_dist_link() { # compute relevant 'dist' OBJDIR_NAME subdirectory names for JSS and NSS OS_TARGET=`uname -s` OS_RELEASE=`uname -r | sed 's/-.*//' | sed 's/-.*//' | cut -d . -f1,2` CPU_TAG=_`uname -m` # OBJDIR_NAME_COMPILER appears to be defined for NSS but not JSS OBJDIR_NAME_COMPILER=_cc LIBC_TAG=_glibc IMPL_STRATEGY=_PTH if [ "${RUN_BITS}" = "64" ]; then OBJDIR_TAG=_${RUN_BITS}_${RUN_OPT}.OBJ else OBJDIR_TAG=_${RUN_OPT}.OBJ fi # define NSS_OBJDIR_NAME NSS_OBJDIR_NAME=${OS_TARGET}${OS_RELEASE}${CPU_TAG}${OBJDIR_NAME_COMPILER} NSS_OBJDIR_NAME=${NSS_OBJDIR_NAME}${LIBC_TAG}${IMPL_STRATEGY}${OBJDIR_TAG} print_log "create_objdir_dist_link(): NSS_OBJDIR_NAME='${NSS_OBJDIR_NAME}'" # define JSS_OBJDIR_NAME JSS_OBJDIR_NAME=${OS_TARGET}${OS_RELEASE}${CPU_TAG} JSS_OBJDIR_NAME=${JSS_OBJDIR_NAME}${LIBC_TAG}${IMPL_STRATEGY}${OBJDIR_TAG} print_log "create_objdir_dist_link(): JSS_OBJDIR_NAME='${JSS_OBJDIR_NAME}'" if [ -e "${HGDIR}/dist/${NSS_OBJDIR_NAME}" ]; then SOURCE=${HGDIR}/dist/${NSS_OBJDIR_NAME} TARGET=${HGDIR}/dist/${JSS_OBJDIR_NAME} ln -s ${SOURCE} ${TARGET} >/dev/null 2>&1 fi } build_and_test() { if [ -n "${BUILD_NSS}" ]; then build_nss [ $? -eq 0 ] || return 1 fi if [ -n "${TEST_NSS}" ]; then test_nss [ $? -eq 0 ] || return 1 fi if [ -n "${CHECK_ABI}" ]; then check_abi [ $? -eq 0 ] || return 1 fi if [ -n "${BUILD_JSS}" ]; then create_objdir_dist_link build_jss [ $? -eq 0 ] || return 1 fi if [ -n "${TEST_JSS}" ]; then test_jss [ $? -eq 0 ] || return 1 fi return 0 } run_cycle() { print_env build_and_test RET=$? grep ^TinderboxPrint ${LOG_ALL} return ${RET} } prepare() { rm -rf ${OUTPUTDIR}.oldest >/dev/null 2>&1 mv ${OUTPUTDIR}.older ${OUTPUTDIR}.oldest >/dev/null 2>&1 mv ${OUTPUTDIR}.old ${OUTPUTDIR}.older >/dev/null 2>&1 mv ${OUTPUTDIR}.last ${OUTPUTDIR}.old >/dev/null 2>&1 mv ${OUTPUTDIR} ${OUTPUTDIR}.last >/dev/null 2>&1 mkdir -p ${OUTPUTDIR} # Remove temporary test files from previous jobs, that weren't cleaned up # by move_results(), e.g. caused by unexpected interruptions. rm -rf ${HGDIR}/tests_results/ cd ${HGDIR}/nss if [ -n "${FEWER_STRESS_ITERATIONS}" ]; then sed -i 's/-c_1000_/-c_500_/g' tests/ssl/sslstress.txt fi return 0 } move_results() { cd ${HGDIR} if [ -n "${TEST_NSS}" ]; then mv -f tests_results ${OUTPUTDIR} fi tar -c -z --dereference -f ${OUTPUTDIR}/dist.tgz dist rm -rf dist } run_all() { set_cycle ${BITS} ${OPT} prepare run_cycle RESULT=$? print_log "### result of run_cycle is ${RESULT}" move_results return ${RESULT} } main() { VALID=0 RET=1 FAIL=0 for BITS in 32 64; do echo ${RUN_BITS} | grep ${BITS} > /dev/null [ $? -eq 0 ] || continue for OPT in DBG OPT; do echo ${RUN_OPT} | grep ${OPT} > /dev/null [ $? -eq 0 ] || continue VALID=1 set_env run_all RET=$? print_log "### result of run_all is ${RET}" if [ ${RET} -ne 0 ]; then FAIL=${RET} fi done done if [ ${VALID} -ne 1 ]; then echo "Need to set valid bits/opt values." return 1 fi return ${FAIL} } #function killallsub() #{ # FINAL_RET=$? # for proc in `jobs -p` # do # kill -9 $proc # done # return ${FINAL_RET} #} #trap killallsub EXIT #IS_RUNNING_FILE="./build-is-running" #if [ -a $IS_RUNNING_FILE ]; then # echo "exiting, because old job is still running" # exit 1 #fi #touch $IS_RUNNING_FILE echo "tinderbox args: $0 $@" . ${ENVVARS} proc_args "$@" main RET=$? print_log "### result of main is ${RET}" #rm $IS_RUNNING_FILE exit ${RET} nss-3.35/nss/automation/buildbot-slave/reboot.bat0000644000000000000000000000015613230126417020257 0ustar 00000000000000IF EXIST ..\buildbot-is-building ( del ..\buildbot-is-building shutdown /r /t 0 timeout /t 120 ) nss-3.35/nss/automation/buildbot-slave/startbuild.bat0000644000000000000000000000051713230126417021143 0ustar 00000000000000echo running > ..\buildbot-is-building echo running: "%MOZILLABUILD%\msys\bin\bash" -c "hg/nss/automation/buildbot-slave/build.sh %*" "%MOZILLABUILD%\msys\bin\bash" -c "hg/nss/automation/buildbot-slave/build.sh %*" if %errorlevel% neq 0 ( set EXITCODE=1 ) else ( set EXITCODE=0 ) del ..\buildbot-is-building exit /b %EXITCODE% nss-3.35/nss/automation/clang-format/Dockerfile0000644000000000000000000000105413230126417017723 0ustar 00000000000000FROM ubuntu:16.04 MAINTAINER Franziskus Kiefer RUN useradd -d /home/worker -s /bin/bash -m worker WORKDIR /home/worker # Install dependencies. ADD setup.sh /tmp/setup.sh RUN bash /tmp/setup.sh # Change user. USER worker # Env variables. ENV HOME /home/worker ENV SHELL /bin/bash ENV USER worker ENV LOGNAME worker ENV HOSTNAME taskcluster-worker ENV LANG en_US.UTF-8 ENV LC_ALL en_US.UTF-8 ENV HOST localhost ENV DOMSUF localdomain # Entrypoint. ENTRYPOINT ["/home/worker/nss/automation/clang-format/run_clang_format.sh"] nss-3.35/nss/automation/clang-format/run_clang_format.sh0000755000000000000000000000321613230126417021612 0ustar 00000000000000#!/usr/bin/env bash if [[ $(id -u) -eq 0 ]]; then # Drop privileges by re-running this script. # Note: this mangles arguments, better to avoid running scripts as root. exec su worker -c "$0 $*" fi set -e # Apply clang-format on the provided folder and verify that this doesn't change any file. # If any file differs after formatting, the script eventually exits with 1. # Any differences between formatted and unformatted files is printed to stdout to give a hint what's wrong. # Includes a default set of directories NOT to clang-format on. blacklist=( "./automation" \ "./coreconf" \ "./doc" \ "./pkg" \ "./tests" \ "./lib/libpkix" \ "./lib/zlib" \ "./lib/sqlite" \ "./gtests/google_test" \ "./out" \ ) top=$(cd "$(dirname $0)/../.."; pwd -P) if [ $# -gt 0 ]; then dirs=("$@") else cd "$top" dirs=($(find . -maxdepth 2 -mindepth 1 -type d ! -path '*/.*' -print)) fi format_folder() { for black in "${blacklist[@]}"; do if [[ "$1" == "$black"* ]]; then echo "skip $1" return 1 fi done return 0 } for dir in "${dirs[@]}"; do if format_folder "$dir"; then c="${dir//[^\/]}" echo "formatting $dir ..." depth=() if [ "${#c}" == "1" ]; then depth+=(-maxdepth 1) fi find "$dir" "${depth[@]}" -type f \( -name '*.[ch]' -o -name '*.cc' \) -exec clang-format -i {} \+ fi done TMPFILE=$(mktemp /tmp/$(basename $0).XXXXXX) trap 'rm -f $TMPFILE' exit if [[ -d "$top/.hg" ]]; then hg diff --git "$top" | tee $TMPFILE else git -C "$top" diff | tee $TMPFILE fi [[ ! -s $TMPFILE ]] nss-3.35/nss/automation/clang-format/setup.sh0000644000000000000000000000216713230126417017433 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Update packages. export DEBIAN_FRONTEND=noninteractive apt-get -y update && apt-get -y upgrade # Install packages. apt_packages=() apt_packages+=('ca-certificates') apt_packages+=('curl') apt_packages+=('xz-utils') apt_packages+=('mercurial') apt_packages+=('git') apt_packages+=('locales') apt-get install -y --no-install-recommends ${apt_packages[@]} # Download clang. curl -L https://releases.llvm.org/3.9.1/clang+llvm-3.9.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz -o clang.tar.xz curl -L https://releases.llvm.org/3.9.1/clang+llvm-3.9.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz.sig -o clang.tar.xz.sig # Verify the signature. gpg --keyserver pool.sks-keyservers.net --recv-keys B6C8F98282B944E3B0D5C2530FC3042E345AD05D gpg --verify clang.tar.xz.sig # Install into /usr/local/. tar xJvf *.tar.xz -C /usr/local --strip-components=1 # Cleanup. function cleanup() { rm -f clang.tar.xz clang.tar.xz.sig } trap cleanup ERR EXIT locale-gen en_US.UTF-8 dpkg-reconfigure locales # Cleanup. rm -rf ~/.ccache ~/.cache apt-get autoremove -y apt-get clean apt-get autoclean # We're done. Remove this script. rm $0 nss-3.35/nss/automation/ossfuzz/build.sh0000755000000000000000000000333013230126417016537 0ustar 00000000000000#!/bin/bash -eu # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. # ################################################################################ # List of targets disabled for oss-fuzz. declare -A disabled=([pkcs8]=1) # List of targets we want to fuzz in TLS and non-TLS mode. declare -A tls_targets=([tls-client]=1 [tls-server]=1 [dtls-client]=1 [dtls-server]=1) # Helper function that copies a fuzzer binary and its seed corpus. copy_fuzzer() { local fuzzer=$1 local name=$2 # Copy the binary. cp ../dist/Debug/bin/$fuzzer $OUT/$name # Zip and copy the corpus, if any. if [ -d "$SRC/nss-corpus/$name" ]; then zip $OUT/${name}_seed_corpus.zip $SRC/nss-corpus/$name/* else zip $OUT/${name}_seed_corpus.zip $SRC/nss-corpus/*/* fi } # Copy libFuzzer options cp fuzz/options/*.options $OUT/ # Build the library (non-TLS fuzzing mode). CXX="$CXX -stdlib=libc++" LDFLAGS="$CFLAGS" \ ./build.sh -c -v --fuzz=oss --fuzz --disable-tests # Copy fuzzing targets. for fuzzer in $(find ../dist/Debug/bin -name "nssfuzz-*" -printf "%f\n"); do name=${fuzzer:8} if [ -z "${disabled[$name]:-}" ]; then [ -n "${tls_targets[$name]:-}" ] && name="${name}-no_fuzzer_mode" copy_fuzzer $fuzzer $name fi done # Build the library again (TLS fuzzing mode). CXX="$CXX -stdlib=libc++" LDFLAGS="$CFLAGS" \ ./build.sh -c -v --fuzz=oss --fuzz=tls --disable-tests # Copy dual mode targets in TLS mode. for name in "${!tls_targets[@]}"; do if [ -z "${disabled[$name]:-}" ]; then copy_fuzzer nssfuzz-$name $name fi done nss-3.35/nss/automation/release/nspr-version.txt0000644000000000000000000000047613230126417020214 0ustar 000000000000004.18 # The first line of this file must contain the human readable NSPR # version number, which is the minimum required version of NSPR # that is supported by this version of NSS. # # This information is used by release automation, # when creating an NSS source archive. # # All other lines in this file are ignored. nss-3.35/nss/automation/release/nss-release-helper.py0000755000000000000000000003135413230126417021060 0ustar 00000000000000#!/usr/bin/python # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. import os import sys import datetime import shutil import glob from optparse import OptionParser from subprocess import check_call from subprocess import check_output nssutil_h = "lib/util/nssutil.h" softkver_h = "lib/softoken/softkver.h" nss_h = "lib/nss/nss.h" nssckbi_h = "lib/ckfw/builtins/nssckbi.h" abi_base_version_file = "automation/abi-check/previous-nss-release" abi_report_files = ['automation/abi-check/expected-report-libfreebl3.so.txt', 'automation/abi-check/expected-report-libfreeblpriv3.so.txt', 'automation/abi-check/expected-report-libnspr4.so.txt', 'automation/abi-check/expected-report-libnss3.so.txt', 'automation/abi-check/expected-report-libnssckbi.so.txt', 'automation/abi-check/expected-report-libnssdbm3.so.txt', 'automation/abi-check/expected-report-libnsssysinit.so.txt', 'automation/abi-check/expected-report-libnssutil3.so.txt', 'automation/abi-check/expected-report-libplc4.so.txt', 'automation/abi-check/expected-report-libplds4.so.txt', 'automation/abi-check/expected-report-libsmime3.so.txt', 'automation/abi-check/expected-report-libsoftokn3.so.txt', 'automation/abi-check/expected-report-libssl3.so.txt'] def check_call_noisy(cmd, *args, **kwargs): print "Executing command:", cmd check_call(cmd, *args, **kwargs) o = OptionParser(usage="client.py [options] remove_beta | set_beta | print_library_versions | print_root_ca_version | set_root_ca_version | set_version_to_minor_release | set_version_to_patch_release | set_release_candidate_number | set_4_digit_release_number | create_nss_release_archive") try: options, args = o.parse_args() action = args[0] except IndexError: o.print_help() sys.exit(2) def exit_with_failure(what): print "failure: ", what sys.exit(2) def check_files_exist(): if (not os.path.exists(nssutil_h) or not os.path.exists(softkver_h) or not os.path.exists(nss_h) or not os.path.exists(nssckbi_h)): exit_with_failure("cannot find expected header files, must run from inside NSS hg directory") def sed_inplace(sed_expression, filename): backup_file = filename + '.tmp' check_call_noisy(["sed", "-i.tmp", sed_expression, filename]) os.remove(backup_file) def toggle_beta_status(is_beta): check_files_exist() if (is_beta): print "adding Beta status to version numbers" sed_inplace('s/^\(#define *NSSUTIL_VERSION *\"[0-9.]\+\)\" *$/\\1 Beta\"/', nssutil_h) sed_inplace('s/^\(#define *NSSUTIL_BETA *\)PR_FALSE *$/\\1PR_TRUE/', nssutil_h) sed_inplace('s/^\(#define *SOFTOKEN_VERSION *\"[0-9.]\+\" *SOFTOKEN_ECC_STRING\) *$/\\1 \" Beta"/', softkver_h) sed_inplace('s/^\(#define *SOFTOKEN_BETA *\)PR_FALSE *$/\\1PR_TRUE/', softkver_h) sed_inplace('s/^\(#define *NSS_VERSION *\"[0-9.]\+\" *_NSS_CUSTOMIZED\) *$/\\1 \" Beta"/', nss_h) sed_inplace('s/^\(#define *NSS_BETA *\)PR_FALSE *$/\\1PR_TRUE/', nss_h) else: print "removing Beta status from version numbers" sed_inplace('s/^\(#define *NSSUTIL_VERSION *\"[0-9.]\+\) *Beta\" *$/\\1\"/', nssutil_h) sed_inplace('s/^\(#define *NSSUTIL_BETA *\)PR_TRUE *$/\\1PR_FALSE/', nssutil_h) sed_inplace('s/^\(#define *SOFTOKEN_VERSION *\"[0-9.]\+\" *SOFTOKEN_ECC_STRING\) *\" *Beta\" *$/\\1/', softkver_h) sed_inplace('s/^\(#define *SOFTOKEN_BETA *\)PR_TRUE *$/\\1PR_FALSE/', softkver_h) sed_inplace('s/^\(#define *NSS_VERSION *\"[0-9.]\+\" *_NSS_CUSTOMIZED\) *\" *Beta\" *$/\\1/', nss_h) sed_inplace('s/^\(#define *NSS_BETA *\)PR_TRUE *$/\\1PR_FALSE/', nss_h) print "please run 'hg stat' and 'hg diff' to verify the files have been verified correctly" def print_beta_versions(): check_call_noisy(["egrep", "#define *NSSUTIL_VERSION|#define *NSSUTIL_BETA", nssutil_h]) check_call_noisy(["egrep", "#define *SOFTOKEN_VERSION|#define *SOFTOKEN_BETA", softkver_h]) check_call_noisy(["egrep", "#define *NSS_VERSION|#define *NSS_BETA", nss_h]) def remove_beta_status(): print "--- removing beta flags. Existing versions were:" print_beta_versions() toggle_beta_status(False) print "--- finished modifications, new versions are:" print_beta_versions() def set_beta_status(): print "--- adding beta flags. Existing versions were:" print_beta_versions() toggle_beta_status(True) print "--- finished modifications, new versions are:" print_beta_versions() def print_library_versions(): check_files_exist() check_call_noisy(["egrep", "#define *NSSUTIL_VERSION|#define NSSUTIL_VMAJOR|#define *NSSUTIL_VMINOR|#define *NSSUTIL_VPATCH|#define *NSSUTIL_VBUILD|#define *NSSUTIL_BETA", nssutil_h]) check_call_noisy(["egrep", "#define *SOFTOKEN_VERSION|#define SOFTOKEN_VMAJOR|#define *SOFTOKEN_VMINOR|#define *SOFTOKEN_VPATCH|#define *SOFTOKEN_VBUILD|#define *SOFTOKEN_BETA", softkver_h]) check_call_noisy(["egrep", "#define *NSS_VERSION|#define NSS_VMAJOR|#define *NSS_VMINOR|#define *NSS_VPATCH|#define *NSS_VBUILD|#define *NSS_BETA", nss_h]) def print_root_ca_version(): check_files_exist() check_call_noisy(["grep", "define *NSS_BUILTINS_LIBRARY_VERSION", nssckbi_h]) def ensure_arguments_after_action(how_many, usage): if (len(sys.argv) != (2+how_many)): exit_with_failure("incorrect number of arguments, expected parameters are:\n" + usage) def set_major_versions(major): sed_inplace('s/^\(#define *NSSUTIL_VMAJOR *\).*$/\\1' + major + '/', nssutil_h) sed_inplace('s/^\(#define *SOFTOKEN_VMAJOR *\).*$/\\1' + major + '/', softkver_h) sed_inplace('s/^\(#define *NSS_VMAJOR *\).*$/\\1' + major + '/', nss_h) def set_minor_versions(minor): sed_inplace('s/^\(#define *NSSUTIL_VMINOR *\).*$/\\1' + minor + '/', nssutil_h) sed_inplace('s/^\(#define *SOFTOKEN_VMINOR *\).*$/\\1' + minor + '/', softkver_h) sed_inplace('s/^\(#define *NSS_VMINOR *\).*$/\\1' + minor + '/', nss_h) def set_patch_versions(patch): sed_inplace('s/^\(#define *NSSUTIL_VPATCH *\).*$/\\1' + patch + '/', nssutil_h) sed_inplace('s/^\(#define *SOFTOKEN_VPATCH *\).*$/\\1' + patch + '/', softkver_h) sed_inplace('s/^\(#define *NSS_VPATCH *\).*$/\\1' + patch + '/', nss_h) def set_build_versions(build): sed_inplace('s/^\(#define *NSSUTIL_VBUILD *\).*$/\\1' + build + '/', nssutil_h) sed_inplace('s/^\(#define *SOFTOKEN_VBUILD *\).*$/\\1' + build + '/', softkver_h) sed_inplace('s/^\(#define *NSS_VBUILD *\).*$/\\1' + build + '/', nss_h) def set_full_lib_versions(version): sed_inplace('s/^\(#define *NSSUTIL_VERSION *\"\)\([0-9.]\+\)\(.*\)$/\\1' + version + '\\3/', nssutil_h) sed_inplace('s/^\(#define *SOFTOKEN_VERSION *\"\)\([0-9.]\+\)\(.*\)$/\\1' + version + '\\3/', softkver_h) sed_inplace('s/^\(#define *NSS_VERSION *\"\)\([0-9.]\+\)\(.*\)$/\\1' + version + '\\3/', nss_h) def set_root_ca_version(): ensure_arguments_after_action(2, "major_version minor_version") major = args[1].strip() minor = args[2].strip() version = major + '.' + minor sed_inplace('s/^\(#define *NSS_BUILTINS_LIBRARY_VERSION *\"\).*$/\\1' + version + '/', nssckbi_h) sed_inplace('s/^\(#define *NSS_BUILTINS_LIBRARY_VERSION_MAJOR *\).*$/\\1' + major + '/', nssckbi_h) sed_inplace('s/^\(#define *NSS_BUILTINS_LIBRARY_VERSION_MINOR *\).*$/\\1' + minor + '/', nssckbi_h) def set_all_lib_versions(version, major, minor, patch, build): grep_major = check_output(['grep', 'define.*NSS_VMAJOR', nss_h]) grep_minor = check_output(['grep', 'define.*NSS_VMINOR', nss_h]) old_major = int(grep_major.split()[2]); old_minor = int(grep_minor.split()[2]); new_major = int(major) new_minor = int(minor) if (old_major < new_major or (old_major == new_major and old_minor < new_minor)): print "You're increasing the minor (or major) version:" print "- erasing ABI comparison expectations" new_branch = "NSS_" + str(old_major) + "_" + str(old_minor) + "_BRANCH" print "- setting reference branch to the branch of the previous version: " + new_branch with open(abi_base_version_file, "w") as abi_base: abi_base.write("%s\n" % new_branch) for report_file in abi_report_files: with open(report_file, "w") as report_file_handle: report_file_handle.truncate() set_full_lib_versions(version) set_major_versions(major) set_minor_versions(minor) set_patch_versions(patch) set_build_versions(build) def set_version_to_minor_release(): ensure_arguments_after_action(2, "major_version minor_version") major = args[1].strip() minor = args[2].strip() version = major + '.' + minor patch = "0" build = "0" set_all_lib_versions(version, major, minor, patch, build) def set_version_to_patch_release(): ensure_arguments_after_action(3, "major_version minor_version patch_release") major = args[1].strip() minor = args[2].strip() patch = args[3].strip() version = major + '.' + minor + '.' + patch build = "0" set_all_lib_versions(version, major, minor, patch, build) def set_release_candidate_number(): ensure_arguments_after_action(1, "release_candidate_number") build = args[1].strip() set_build_versions(build) def set_4_digit_release_number(): ensure_arguments_after_action(4, "major_version minor_version patch_release 4th_digit_release_number") major = args[1].strip() minor = args[2].strip() patch = args[3].strip() build = args[4].strip() version = major + '.' + minor + '.' + patch + '.' + build set_all_lib_versions(version, major, minor, patch, build) def create_nss_release_archive(): ensure_arguments_after_action(3, "nss_release_version nss_hg_release_tag path_to_stage_directory") nssrel = args[1].strip() #e.g. 3.19.3 nssreltag = args[2].strip() #e.g. NSS_3_19_3_RTM stagedir = args[3].strip() #e.g. ../stage with open('automation/release/nspr-version.txt') as nspr_version_file: nsprrel = next(nspr_version_file).strip() nspr_tar = "nspr-" + nsprrel + ".tar.gz" nsprtar_with_path= stagedir + "/v" + nsprrel + "/src/" + nspr_tar if (not os.path.exists(nsprtar_with_path)): exit_with_failure("cannot find nspr archive at expected location " + nsprtar_with_path) nss_stagedir= stagedir + "/" + nssreltag + "/src" if (os.path.exists(nss_stagedir)): exit_with_failure("nss stage directory already exists: " + nss_stagedir) nss_tar = "nss-" + nssrel + ".tar.gz" check_call_noisy(["mkdir", "-p", nss_stagedir]) check_call_noisy(["hg", "archive", "-r", nssreltag, "--prefix=nss-" + nssrel + "/nss", stagedir + "/" + nssreltag + "/src/" + nss_tar, "-X", ".hgtags"]) check_call_noisy(["tar", "-xz", "-C", nss_stagedir, "-f", nsprtar_with_path]) print "changing to directory " + nss_stagedir os.chdir(nss_stagedir) check_call_noisy(["tar", "-xz", "-f", nss_tar]) check_call_noisy(["mv", "-i", "nspr-" + nsprrel + "/nspr", "nss-" + nssrel + "/"]) check_call_noisy(["rmdir", "nspr-" + nsprrel]) nss_nspr_tar = "nss-" + nssrel + "-with-nspr-" + nsprrel + ".tar.gz" check_call_noisy(["tar", "-cz", "--remove-files", "-f", nss_nspr_tar, "nss-" + nssrel]) check_call("sha1sum " + nss_tar + " " + nss_nspr_tar + " > SHA1SUMS", shell=True) check_call("sha256sum " + nss_tar + " " + nss_nspr_tar + " > SHA256SUMS", shell=True) print "created directory " + nss_stagedir + " with files:" check_call_noisy(["ls", "-l"]) if action in ('remove_beta'): remove_beta_status() elif action in ('set_beta'): set_beta_status() elif action in ('print_library_versions'): print_library_versions() elif action in ('print_root_ca_version'): print_root_ca_version() elif action in ('set_root_ca_version'): set_root_ca_version() # x.y version number - 2 parameters elif action in ('set_version_to_minor_release'): set_version_to_minor_release() # x.y.z version number - 3 parameters elif action in ('set_version_to_patch_release'): set_version_to_patch_release() # change the release candidate number, usually increased by one, # usually if previous release candiate had a bug # 1 parameter elif action in ('set_release_candidate_number'): set_release_candidate_number() # use the build/release candiate number in the identifying version number # 4 parameters elif action in ('set_4_digit_release_number'): set_4_digit_release_number() elif action in ('create_nss_release_archive'): create_nss_release_archive() else: o.print_help() sys.exit(2) sys.exit(0) nss-3.35/nss/automation/taskcluster/docker-aarch64/Dockerfile0000644000000000000000000000122013230126417022405 0ustar 00000000000000FROM franziskus/xenial:aarch64 MAINTAINER Franziskus Kiefer RUN useradd -d /home/worker -s /bin/bash -m worker WORKDIR /home/worker # Add build and test scripts. ADD bin /home/worker/bin RUN chmod +x /home/worker/bin/* # Install dependencies. ADD setup.sh /tmp/setup.sh RUN bash /tmp/setup.sh # Change user. # USER worker # See bug 1347473. # Env variables. ENV HOME /home/worker ENV SHELL /bin/bash ENV USER worker ENV LOGNAME worker ENV HOSTNAME taskcluster-worker ENV LANG en_US.UTF-8 ENV LC_ALL en_US.UTF-8 ENV HOST localhost ENV DOMSUF localdomain # Set a default command for debugging. CMD ["/bin/bash", "--login"] nss-3.35/nss/automation/taskcluster/docker-aarch64/bin/checkout.sh0000755000000000000000000000062113230126417023333 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x if [ $(id -u) = 0 ]; then # Drop privileges by re-running this script. exec su worker $0 fi # Default values for testing. REVISION=${NSS_HEAD_REVISION:-default} REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} # Clone NSS. for i in 0 2 5; do sleep $i hg clone -r $REVISION $REPOSITORY nss && exit 0 rm -rf nss done exit 1 nss-3.35/nss/automation/taskcluster/docker-aarch64/setup.sh0000755000000000000000000000213113230126417022114 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x export DEBIAN_FRONTEND=noninteractive apt-get -y update apt-get -y install software-properties-common # Add more repos add-apt-repository "deb http://ports.ubuntu.com/ xenial main restricted universe multiverse" add-apt-repository "deb http://ports.ubuntu.com/ xenial-security main restricted universe multiverse" add-apt-repository "deb http://ports.ubuntu.com/ xenial-updates main restricted universe multiverse" add-apt-repository "deb http://ports.ubuntu.com/ xenial-backports main restricted universe multiverse" # Update. apt-get -y update apt-get -y dist-upgrade apt_packages=() apt_packages+=('build-essential') apt_packages+=('ca-certificates') apt_packages+=('curl') apt_packages+=('libxml2-utils') apt_packages+=('zlib1g-dev') apt_packages+=('ninja-build') apt_packages+=('gyp') apt_packages+=('mercurial') apt_packages+=('locales') # Install packages. apt-get install -y --no-install-recommends ${apt_packages[@]} locale-gen en_US.UTF-8 dpkg-reconfigure locales # Cleanup. rm -rf ~/.ccache ~/.cache apt-get autoremove -y apt-get clean apt-get autoclean rm $0 nss-3.35/nss/automation/taskcluster/docker-arm/Dockerfile0000644000000000000000000000113613230126417021742 0ustar 00000000000000FROM armv7/armhf-ubuntu:16.04 MAINTAINER Franziskus Kiefer RUN useradd -d /home/worker -s /bin/bash -m worker WORKDIR /home/worker # Add build and test scripts. ADD bin /home/worker/bin RUN chmod +x /home/worker/bin/* # Install dependencies. ADD setup.sh /tmp/setup.sh RUN bash /tmp/setup.sh # Env variables. ENV HOME /home/worker ENV SHELL /bin/bash ENV USER worker ENV LOGNAME worker ENV HOSTNAME taskcluster-worker ENV LANG en_US.UTF-8 ENV LC_ALL en_US.UTF-8 ENV HOST localhost ENV DOMSUF localdomain # Set a default command for debugging. CMD ["/bin/bash", "--login"] nss-3.35/nss/automation/taskcluster/docker-arm/bin/checkout.sh0000755000000000000000000000105713230126417022666 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x if [ $(id -u) = 0 ]; then # set up fake uname if [ ! -f /bin/uname-real ]; then mv /bin/uname /bin/uname-real ln -s /home/worker/bin/uname.sh /bin/uname fi # Drop privileges by re-running this script. exec su worker $0 fi # Default values for testing. REVISION=${NSS_HEAD_REVISION:-default} REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} # Clone NSS. for i in 0 2 5; do sleep $i hg clone -r $REVISION $REPOSITORY nss && exit 0 rm -rf nss done exit 1 nss-3.35/nss/automation/taskcluster/docker-arm/bin/uname.sh0000755000000000000000000000042013230126417022157 0ustar 00000000000000#!/bin/bash args=`getopt rmvs $*` set -- $args for i do if [ "$i" == "-v" ]; then /bin/uname-real -v fi if [ "$i" == "-r" ]; then echo "4.4.16-v7+" fi if [ "$i" == "-m" ]; then echo "armv7l" fi if [ "$i" == "-s" ]; then echo "Linux" fi donenss-3.35/nss/automation/taskcluster/docker-arm/setup.sh0000755000000000000000000000125213230126417021446 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x export DEBIAN_FRONTEND=noninteractive # Update. apt-get -y update apt-get -y dist-upgrade apt_packages=() apt_packages+=('build-essential') apt_packages+=('ca-certificates') apt_packages+=('curl') apt_packages+=('locales') apt_packages+=('python-dev') apt_packages+=('python-pip') apt_packages+=('python-setuptools') apt_packages+=('zlib1g-dev') # Install packages. apt-get install -y --no-install-recommends ${apt_packages[@]} # Latest Mercurial. pip install --upgrade pip pip install Mercurial locale-gen en_US.UTF-8 dpkg-reconfigure locales # Cleanup. rm -rf ~/.ccache ~/.cache apt-get autoremove -y apt-get clean apt-get autoclean rm $0 nss-3.35/nss/automation/taskcluster/docker-clang-3.9/Dockerfile0000644000000000000000000000114213230126417022553 0ustar 00000000000000FROM ubuntu:16.04 MAINTAINER Tim Taubert RUN useradd -d /home/worker -s /bin/bash -m worker WORKDIR /home/worker # Add build and test scripts. ADD bin /home/worker/bin RUN chmod +x /home/worker/bin/* # Install dependencies. ADD setup.sh /tmp/setup.sh RUN bash /tmp/setup.sh # Change user. USER worker # Env variables. ENV HOME /home/worker ENV SHELL /bin/bash ENV USER worker ENV LOGNAME worker ENV HOSTNAME taskcluster-worker ENV LANG en_US.UTF-8 ENV LC_ALL en_US.UTF-8 ENV HOST localhost ENV DOMSUF localdomain # Set a default command for debugging. CMD ["/bin/bash", "--login"] nss-3.35/nss/automation/taskcluster/docker-clang-3.9/bin/checkout.sh0000644000000000000000000000062113230126417023473 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x if [ $(id -u) = 0 ]; then # Drop privileges by re-running this script. exec su worker $0 fi # Default values for testing. REVISION=${NSS_HEAD_REVISION:-default} REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} # Clone NSS. for i in 0 2 5; do sleep $i hg clone -r $REVISION $REPOSITORY nss && exit 0 rm -rf nss done exit 1 nss-3.35/nss/automation/taskcluster/docker-clang-3.9/setup.sh0000644000000000000000000000246013230126417022261 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Update packages. export DEBIAN_FRONTEND=noninteractive apt-get -y update && apt-get -y upgrade # Need this to add keys for PPAs below. apt-get install -y --no-install-recommends apt-utils apt_packages=() apt_packages+=('ca-certificates') apt_packages+=('curl') apt_packages+=('locales') apt_packages+=('xz-utils') # Latest Mercurial. apt_packages+=('mercurial') apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE echo "deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main" > /etc/apt/sources.list.d/mercurial.list # Install packages. apt-get -y update apt-get install -y --no-install-recommends ${apt_packages[@]} # Download clang. curl -LO https://releases.llvm.org/3.9.1/clang+llvm-3.9.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz curl -LO https://releases.llvm.org/3.9.1/clang+llvm-3.9.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz.sig # Verify the signature. gpg --keyserver pool.sks-keyservers.net --recv-keys B6C8F98282B944E3B0D5C2530FC3042E345AD05D gpg --verify *.tar.xz.sig # Install into /usr/local/. tar xJvf *.tar.xz -C /usr/local --strip-components=1 # Cleanup. rm *.tar.xz* locale-gen en_US.UTF-8 dpkg-reconfigure locales # Cleanup. rm -rf ~/.ccache ~/.cache apt-get autoremove -y apt-get clean apt-get autoclean rm $0 nss-3.35/nss/automation/taskcluster/docker-decision/Dockerfile0000644000000000000000000000114213230126417022755 0ustar 00000000000000FROM ubuntu:16.04 MAINTAINER Tim Taubert RUN useradd -d /home/worker -s /bin/bash -m worker WORKDIR /home/worker # Add build and test scripts. ADD bin /home/worker/bin RUN chmod +x /home/worker/bin/* # Install dependencies. ADD setup.sh /tmp/setup.sh RUN bash /tmp/setup.sh # Change user. USER worker # Env variables. ENV HOME /home/worker ENV SHELL /bin/bash ENV USER worker ENV LOGNAME worker ENV HOSTNAME taskcluster-worker ENV LANG en_US.UTF-8 ENV LC_ALL en_US.UTF-8 ENV HOST localhost ENV DOMSUF localdomain # Set a default command for debugging. CMD ["/bin/bash", "--login"] nss-3.35/nss/automation/taskcluster/docker-decision/bin/checkout.sh0000644000000000000000000000045413230126417023701 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Default values for testing. REVISION=${NSS_HEAD_REVISION:-default} REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} # Clone NSS. for i in 0 2 5; do sleep $i hg clone -r $REVISION $REPOSITORY nss && exit 0 rm -rf nss done exit 1 nss-3.35/nss/automation/taskcluster/docker-decision/setup.sh0000644000000000000000000000154113230126417022462 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Update packages. export DEBIAN_FRONTEND=noninteractive apt-get -y update && apt-get -y upgrade # Need those to install newer packages below. apt-get install -y --no-install-recommends apt-utils curl ca-certificates locales # Latest Mercurial. apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE echo "deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main" > /etc/apt/sources.list.d/mercurial.list # Install packages. apt-get -y update && apt-get install -y --no-install-recommends mercurial # Latest Node.JS. curl -sL https://deb.nodesource.com/setup_6.x | bash - apt-get install -y --no-install-recommends nodejs locale-gen en_US.UTF-8 dpkg-reconfigure locales # Cleanup. rm -rf ~/.ccache ~/.cache apt-get autoremove -y apt-get clean apt-get autoclean rm $0 nss-3.35/nss/automation/taskcluster/docker-fuzz/Dockerfile0000644000000000000000000000127213230126417022162 0ustar 00000000000000FROM ubuntu:16.04 MAINTAINER Tim Taubert RUN useradd -d /home/worker -s /bin/bash -m worker WORKDIR /home/worker # Add build and test scripts. ADD bin /home/worker/bin RUN chmod +x /home/worker/bin/* # Install dependencies. ADD setup.sh /tmp/setup.sh RUN bash /tmp/setup.sh # Change user. USER worker # Env variables. ENV HOME /home/worker ENV SHELL /bin/bash ENV USER worker ENV LOGNAME worker ENV HOSTNAME taskcluster-worker ENV LANG en_US.UTF-8 ENV LC_ALL en_US.UTF-8 ENV HOST localhost ENV DOMSUF localdomain # LLVM 4.0 ENV PATH "${PATH}:/home/worker/third_party/llvm-build/Release+Asserts/bin/" # Set a default command for debugging. CMD ["/bin/bash", "--login"] nss-3.35/nss/automation/taskcluster/docker-fuzz/bin/checkout.sh0000644000000000000000000000062113230126417023076 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x if [ $(id -u) = 0 ]; then # Drop privileges by re-running this script. exec su worker $0 fi # Default values for testing. REVISION=${NSS_HEAD_REVISION:-default} REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} # Clone NSS. for i in 0 2 5; do sleep $i hg clone -r $REVISION $REPOSITORY nss && exit 0 rm -rf nss done exit 1 nss-3.35/nss/automation/taskcluster/docker-fuzz/setup.sh0000644000000000000000000000275413230126417021672 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Update packages. export DEBIAN_FRONTEND=noninteractive apt-get -y update && apt-get -y upgrade # Need this to add keys for PPAs below. apt-get install -y --no-install-recommends apt-utils apt_packages=() apt_packages+=('build-essential') apt_packages+=('ca-certificates') apt_packages+=('curl') apt_packages+=('git') apt_packages+=('gyp') apt_packages+=('libssl-dev') apt_packages+=('libxml2-utils') apt_packages+=('locales') apt_packages+=('ninja-build') apt_packages+=('pkg-config') apt_packages+=('zlib1g-dev') # 32-bit builds apt_packages+=('gcc-multilib') apt_packages+=('g++-multilib') # Latest Mercurial. apt_packages+=('mercurial') apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE echo "deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main" > /etc/apt/sources.list.d/mercurial.list # Install packages. apt-get -y update apt-get install -y --no-install-recommends ${apt_packages[@]} # 32-bit builds dpkg --add-architecture i386 apt-get -y update apt-get install -y --no-install-recommends libssl-dev:i386 # Install LLVM/clang-4.0. mkdir clang-tmp git clone -n --depth 1 https://chromium.googlesource.com/chromium/src/tools/clang clang-tmp/clang git -C clang-tmp/clang checkout HEAD scripts/update.py clang-tmp/clang/scripts/update.py rm -fr clang-tmp locale-gen en_US.UTF-8 dpkg-reconfigure locales # Cleanup. rm -rf ~/.ccache ~/.cache apt-get autoremove -y apt-get clean apt-get autoclean rm $0 nss-3.35/nss/automation/taskcluster/docker-gcc-4.4/Dockerfile0000644000000000000000000000114213230126417022217 0ustar 00000000000000FROM ubuntu:14.04 MAINTAINER Tim Taubert RUN useradd -d /home/worker -s /bin/bash -m worker WORKDIR /home/worker # Add build and test scripts. ADD bin /home/worker/bin RUN chmod +x /home/worker/bin/* # Install dependencies. ADD setup.sh /tmp/setup.sh RUN bash /tmp/setup.sh # Change user. USER worker # Env variables. ENV HOME /home/worker ENV SHELL /bin/bash ENV USER worker ENV LOGNAME worker ENV HOSTNAME taskcluster-worker ENV LANG en_US.UTF-8 ENV LC_ALL en_US.UTF-8 ENV HOST localhost ENV DOMSUF localdomain # Set a default command for debugging. CMD ["/bin/bash", "--login"] nss-3.35/nss/automation/taskcluster/docker-gcc-4.4/bin/checkout.sh0000644000000000000000000000062113230126417023137 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x if [ $(id -u) = 0 ]; then # Drop privileges by re-running this script. exec su worker $0 fi # Default values for testing. REVISION=${NSS_HEAD_REVISION:-default} REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} # Clone NSS. for i in 0 2 5; do sleep $i hg clone -r $REVISION $REPOSITORY nss && exit 0 rm -rf nss done exit 1 nss-3.35/nss/automation/taskcluster/docker-gcc-4.4/setup.sh0000644000000000000000000000111513230126417021721 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Update packages. export DEBIAN_FRONTEND=noninteractive apt-get -y update && apt-get -y upgrade apt_packages=() apt_packages+=('ca-certificates') apt_packages+=('g++-4.4') apt_packages+=('gcc-4.4') apt_packages+=('locales') apt_packages+=('make') apt_packages+=('mercurial') apt_packages+=('zlib1g-dev') # Install packages. apt-get -y update apt-get install -y --no-install-recommends ${apt_packages[@]} locale-gen en_US.UTF-8 dpkg-reconfigure locales # Cleanup. rm -rf ~/.ccache ~/.cache apt-get autoremove -y apt-get clean apt-get autoclean rm $0 nss-3.35/nss/automation/taskcluster/docker-hacl/Dockerfile0000644000000000000000000000157613230126417022102 0ustar 00000000000000FROM ubuntu:xenial MAINTAINER Franziskus Kiefer # Based on the HACL* image from Benjamin Beurdouche and # the original F* formula with Daniel Fabian # Pinned versions of HACL* (F* and KreMLin are pinned as submodules) ENV haclrepo https://github.com/mitls/hacl-star.git # Define versions of dependencies ENV opamv 4.04.2 ENV haclversion dcd48329d535727dbde93877b124c5ec4a7a2b20 # Install required packages and set versions ADD setup.sh /tmp/setup.sh RUN bash /tmp/setup.sh # Create user, add scripts. RUN useradd -ms /bin/bash worker WORKDIR /home/worker ADD bin /home/worker/bin RUN chmod +x /home/worker/bin/* USER worker # Build F*, HACL*, verify. Install a few more dependencies. ENV OPAMYES true ENV PATH "/home/worker/hacl-star/dependencies/z3/bin:$PATH" ADD setup-user.sh /tmp/setup-user.sh ADD license.txt /tmp/license.txt RUN bash /tmp/setup-user.sh nss-3.35/nss/automation/taskcluster/docker-hacl/bin/checkout.sh0000755000000000000000000000062113230126417023012 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x if [ $(id -u) = 0 ]; then # Drop privileges by re-running this script. exec su worker $0 fi # Default values for testing. REVISION=${NSS_HEAD_REVISION:-default} REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} # Clone NSS. for i in 0 2 5; do sleep $i hg clone -r $REVISION $REPOSITORY nss && exit 0 rm -rf nss done exit 1 nss-3.35/nss/automation/taskcluster/docker-hacl/license.txt0000644000000000000000000000115213230126417022261 0ustar 00000000000000/* Copyright 2016-2017 INRIA and Microsoft Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ nss-3.35/nss/automation/taskcluster/docker-hacl/setup-user.sh0000644000000000000000000000176013230126417022553 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Prepare build (OCaml packages) opam init echo ". /home/worker/.opam/opam-init/init.sh > /dev/null 2> /dev/null || true" >> .bashrc opam switch -v ${opamv} opam install ocamlfind batteries sqlite3 fileutils yojson ppx_deriving_yojson zarith pprint menhir ulex process fix wasm stdint # Get the HACL* code git clone ${haclrepo} hacl-star git -C hacl-star checkout ${haclversion} # Prepare submodules, and build, verify, test, and extract c code # This caches the extracted c code (pins the HACL* version). All we need to do # on CI now is comparing the code in this docker image with the one in NSS. opam config exec -- make -C hacl-star prepare -j$(nproc) make -C hacl-star verify-nss -j$(nproc) make -C hacl-star -f Makefile.build snapshots/nss -j$(nproc) KOPTS="-funroll-loops 5" make -C hacl-star/code/curve25519 test -j$(nproc) make -C hacl-star/code/salsa-family test -j$(nproc) make -C hacl-star/code/poly1305 test -j$(nproc) # Cleanup. rm -rf ~/.ccache ~/.cache nss-3.35/nss/automation/taskcluster/docker-hacl/setup.sh0000644000000000000000000000174613230126417021603 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Update packages. export DEBIAN_FRONTEND=noninteractive apt-get -qq update apt-get install --yes libssl-dev libsqlite3-dev g++-5 gcc-5 m4 make opam pkg-config python libgmp3-dev cmake curl libtool-bin autoconf wget locales update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-5 200 update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-5 200 # Get clang-format-3.9 curl -LO https://releases.llvm.org/3.9.1/clang+llvm-3.9.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz curl -LO https://releases.llvm.org/3.9.1/clang+llvm-3.9.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz.sig # Verify the signature. gpg --keyserver pool.sks-keyservers.net --recv-keys B6C8F98282B944E3B0D5C2530FC3042E345AD05D gpg --verify *.tar.xz.sig # Install into /usr/local/. tar xJvf *.tar.xz -C /usr/local --strip-components=1 # Cleanup. rm *.tar.xz* locale-gen en_US.UTF-8 dpkg-reconfigure locales # Cleanup. rm -rf ~/.ccache ~/.cache apt-get autoremove -y apt-get clean apt-get autoclean nss-3.35/nss/automation/taskcluster/docker/Dockerfile0000644000000000000000000000125713230126417021171 0ustar 00000000000000FROM ubuntu:16.04 MAINTAINER Tim Taubert RUN useradd -d /home/worker -s /bin/bash -m worker WORKDIR /home/worker # Add build and test scripts. ADD bin /home/worker/bin RUN chmod +x /home/worker/bin/* # Install dependencies. ADD setup.sh /tmp/setup.sh RUN bash /tmp/setup.sh # Change user. USER worker # Env variables. ENV HOME /home/worker ENV SHELL /bin/bash ENV USER worker ENV LOGNAME worker ENV HOSTNAME taskcluster-worker ENV LANG en_US.UTF-8 ENV LC_ALL en_US.UTF-8 ENV HOST localhost ENV DOMSUF localdomain # Rust + Go ENV PATH "${PATH}:/home/worker/.cargo/bin/:/usr/lib/go-1.6/bin" # Set a default command for debugging. CMD ["/bin/bash", "--login"] nss-3.35/nss/automation/taskcluster/docker/bin/checkout.sh0000644000000000000000000000062113230126417022102 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x if [ $(id -u) = 0 ]; then # Drop privileges by re-running this script. exec su worker $0 fi # Default values for testing. REVISION=${NSS_HEAD_REVISION:-default} REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} # Clone NSS. for i in 0 2 5; do sleep $i hg clone -r $REVISION $REPOSITORY nss && exit 0 rm -rf nss done exit 1 nss-3.35/nss/automation/taskcluster/docker/setup.sh0000644000000000000000000000413113230126417020665 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Update packages. export DEBIAN_FRONTEND=noninteractive apt-get -y update && apt-get -y upgrade # Need this to add keys for PPAs below. apt-get install -y --no-install-recommends apt-utils apt_packages=() apt_packages+=('build-essential') apt_packages+=('ca-certificates') apt_packages+=('curl') apt_packages+=('npm') apt_packages+=('git') apt_packages+=('golang-1.6') apt_packages+=('libxml2-utils') apt_packages+=('locales') apt_packages+=('ninja-build') apt_packages+=('pkg-config') apt_packages+=('zlib1g-dev') # 32-bit builds apt_packages+=('lib32z1-dev') apt_packages+=('gcc-multilib') apt_packages+=('g++-multilib') # ct-verif and sanitizers apt_packages+=('valgrind') # Latest Mercurial. apt_packages+=('mercurial') apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE echo "deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main" > /etc/apt/sources.list.d/mercurial.list # gcc 4.8 and 6 apt_packages+=('g++-6') apt_packages+=('g++-4.8') apt_packages+=('g++-6-multilib') apt_packages+=('g++-4.8-multilib') apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 60C317803A41BA51845E371A1E9377A2BA9EF27F echo "deb http://ppa.launchpad.net/ubuntu-toolchain-r/test/ubuntu xenial main" > /etc/apt/sources.list.d/toolchain.list # Install packages. apt-get -y update apt-get install -y --no-install-recommends ${apt_packages[@]} # Download clang. curl -LO https://releases.llvm.org/4.0.0/clang+llvm-4.0.0-x86_64-linux-gnu-ubuntu-16.04.tar.xz curl -LO https://releases.llvm.org/4.0.0/clang+llvm-4.0.0-x86_64-linux-gnu-ubuntu-16.04.tar.xz.sig # Verify the signature. gpg --keyserver pool.sks-keyservers.net --recv-keys B6C8F98282B944E3B0D5C2530FC3042E345AD05D gpg --verify *.tar.xz.sig # Install into /usr/local/. tar xJvf *.tar.xz -C /usr/local --strip-components=1 # Cleanup. rm *.tar.xz* # Install latest Rust (stable). su worker -c "curl https://sh.rustup.rs -sSf | sh -s -- -y" locale-gen en_US.UTF-8 dpkg-reconfigure locales # Cleanup. rm -rf ~/.ccache ~/.cache apt-get autoremove -y apt-get clean apt-get autoclean rm $0 nss-3.35/nss/automation/taskcluster/graph/npm-shrinkwrap.json0000644000000000000000000017216713230126417022715 0ustar 00000000000000{ "name": "decision-task", "version": "0.0.1", "dependencies": { "amqplib": { "version": "0.4.2", "from": "amqplib@>=0.4.1 <0.5.0", "resolved": "https://registry.npmjs.org/amqplib/-/amqplib-0.4.2.tgz", "dependencies": { "isarray": { "version": "0.0.1", "from": "isarray@0.0.1", "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz" }, "readable-stream": { "version": "1.1.14", "from": "readable-stream@>=1.0.0 <2.0.0 >=1.1.9", "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.1.14.tgz" } } }, "ansi-regex": { "version": "2.0.0", "from": "ansi-regex@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz" }, "ansi-styles": { "version": "2.2.1", "from": "ansi-styles@>=2.1.0 <3.0.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-2.2.1.tgz" }, "anymatch": { "version": "1.3.0", "from": "anymatch@>=1.3.0 <2.0.0", "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-1.3.0.tgz" }, "argparse": { "version": "1.0.9", "from": "argparse@>=1.0.7 <2.0.0", "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.9.tgz" }, "arr-diff": { "version": "2.0.0", "from": "arr-diff@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/arr-diff/-/arr-diff-2.0.0.tgz" }, "arr-flatten": { "version": "1.0.1", "from": "arr-flatten@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/arr-flatten/-/arr-flatten-1.0.1.tgz" }, "array-find-index": { "version": "1.0.2", "from": "array-find-index@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/array-find-index/-/array-find-index-1.0.2.tgz" }, "array-uniq": { "version": "1.0.3", "from": "array-uniq@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/array-uniq/-/array-uniq-1.0.3.tgz" }, "array-unique": { "version": "0.2.1", "from": "array-unique@>=0.2.1 <0.3.0", "resolved": "https://registry.npmjs.org/array-unique/-/array-unique-0.2.1.tgz" }, "arrify": { "version": "1.0.1", "from": "arrify@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/arrify/-/arrify-1.0.1.tgz" }, "asap": { "version": "1.0.0", "from": "asap@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/asap/-/asap-1.0.0.tgz" }, "asn1": { "version": "0.2.3", "from": "asn1@>=0.2.3 <0.3.0", "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.3.tgz" }, "assert-plus": { "version": "0.2.0", "from": "assert-plus@>=0.2.0 <0.3.0", "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-0.2.0.tgz" }, "async": { "version": "2.1.1", "from": "async@*", "resolved": "https://registry.npmjs.org/async/-/async-2.1.1.tgz" }, "async-each": { "version": "1.0.1", "from": "async-each@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/async-each/-/async-each-1.0.1.tgz" }, "asynckit": { "version": "0.4.0", "from": "asynckit@>=0.4.0 <0.5.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz" }, "aws-sign2": { "version": "0.6.0", "from": "aws-sign2@>=0.6.0 <0.7.0", "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.6.0.tgz" }, "aws4": { "version": "1.5.0", "from": "aws4@>=1.2.1 <2.0.0", "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.5.0.tgz" }, "babel-cli": { "version": "6.16.0", "from": "babel-cli@>=6.14.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-cli/-/babel-cli-6.16.0.tgz" }, "babel-code-frame": { "version": "6.16.0", "from": "babel-code-frame@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-code-frame/-/babel-code-frame-6.16.0.tgz" }, "babel-compile": { "version": "2.0.0", "from": "babel-compile@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/babel-compile/-/babel-compile-2.0.0.tgz" }, "babel-core": { "version": "6.17.0", "from": "babel-core@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-core/-/babel-core-6.17.0.tgz" }, "babel-generator": { "version": "6.17.0", "from": "babel-generator@>=6.17.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-generator/-/babel-generator-6.17.0.tgz" }, "babel-helper-call-delegate": { "version": "6.8.0", "from": "babel-helper-call-delegate@>=6.8.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-helper-call-delegate/-/babel-helper-call-delegate-6.8.0.tgz" }, "babel-helper-define-map": { "version": "6.9.0", "from": "babel-helper-define-map@>=6.9.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-helper-define-map/-/babel-helper-define-map-6.9.0.tgz" }, "babel-helper-function-name": { "version": "6.8.0", "from": "babel-helper-function-name@>=6.8.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-helper-function-name/-/babel-helper-function-name-6.8.0.tgz" }, "babel-helper-get-function-arity": { "version": "6.8.0", "from": "babel-helper-get-function-arity@>=6.8.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-helper-get-function-arity/-/babel-helper-get-function-arity-6.8.0.tgz" }, "babel-helper-hoist-variables": { "version": "6.8.0", "from": "babel-helper-hoist-variables@>=6.8.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-helper-hoist-variables/-/babel-helper-hoist-variables-6.8.0.tgz" }, "babel-helper-optimise-call-expression": { "version": "6.8.0", "from": "babel-helper-optimise-call-expression@>=6.8.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-helper-optimise-call-expression/-/babel-helper-optimise-call-expression-6.8.0.tgz" }, "babel-helper-regex": { "version": "6.9.0", "from": "babel-helper-regex@>=6.8.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-helper-regex/-/babel-helper-regex-6.9.0.tgz" }, "babel-helper-remap-async-to-generator": { "version": "6.16.2", "from": "babel-helper-remap-async-to-generator@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-helper-remap-async-to-generator/-/babel-helper-remap-async-to-generator-6.16.2.tgz" }, "babel-helper-replace-supers": { "version": "6.16.0", "from": "babel-helper-replace-supers@>=6.14.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-helper-replace-supers/-/babel-helper-replace-supers-6.16.0.tgz" }, "babel-helpers": { "version": "6.16.0", "from": "babel-helpers@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-helpers/-/babel-helpers-6.16.0.tgz" }, "babel-messages": { "version": "6.8.0", "from": "babel-messages@>=6.8.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-messages/-/babel-messages-6.8.0.tgz" }, "babel-plugin-check-es2015-constants": { "version": "6.8.0", "from": "babel-plugin-check-es2015-constants@>=6.3.13 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-check-es2015-constants/-/babel-plugin-check-es2015-constants-6.8.0.tgz" }, "babel-plugin-syntax-async-functions": { "version": "6.13.0", "from": "babel-plugin-syntax-async-functions@>=6.8.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-syntax-async-functions/-/babel-plugin-syntax-async-functions-6.13.0.tgz" }, "babel-plugin-transform-async-to-generator": { "version": "6.16.0", "from": "babel-plugin-transform-async-to-generator@>=6.8.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-async-to-generator/-/babel-plugin-transform-async-to-generator-6.16.0.tgz" }, "babel-plugin-transform-es2015-arrow-functions": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-arrow-functions@>=6.3.13 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-arrow-functions/-/babel-plugin-transform-es2015-arrow-functions-6.8.0.tgz" }, "babel-plugin-transform-es2015-block-scoped-functions": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-block-scoped-functions@>=6.3.13 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-block-scoped-functions/-/babel-plugin-transform-es2015-block-scoped-functions-6.8.0.tgz" }, "babel-plugin-transform-es2015-block-scoping": { "version": "6.15.0", "from": "babel-plugin-transform-es2015-block-scoping@>=6.14.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-block-scoping/-/babel-plugin-transform-es2015-block-scoping-6.15.0.tgz" }, "babel-plugin-transform-es2015-classes": { "version": "6.14.0", "from": "babel-plugin-transform-es2015-classes@>=6.14.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-classes/-/babel-plugin-transform-es2015-classes-6.14.0.tgz" }, "babel-plugin-transform-es2015-computed-properties": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-computed-properties@>=6.3.13 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-computed-properties/-/babel-plugin-transform-es2015-computed-properties-6.8.0.tgz" }, "babel-plugin-transform-es2015-destructuring": { "version": "6.16.0", "from": "babel-plugin-transform-es2015-destructuring@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-destructuring/-/babel-plugin-transform-es2015-destructuring-6.16.0.tgz" }, "babel-plugin-transform-es2015-duplicate-keys": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-duplicate-keys@>=6.6.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-duplicate-keys/-/babel-plugin-transform-es2015-duplicate-keys-6.8.0.tgz" }, "babel-plugin-transform-es2015-for-of": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-for-of@>=6.6.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-for-of/-/babel-plugin-transform-es2015-for-of-6.8.0.tgz" }, "babel-plugin-transform-es2015-function-name": { "version": "6.9.0", "from": "babel-plugin-transform-es2015-function-name@>=6.9.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-function-name/-/babel-plugin-transform-es2015-function-name-6.9.0.tgz" }, "babel-plugin-transform-es2015-literals": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-literals@>=6.3.13 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-literals/-/babel-plugin-transform-es2015-literals-6.8.0.tgz" }, "babel-plugin-transform-es2015-modules-amd": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-modules-amd@>=6.8.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-modules-amd/-/babel-plugin-transform-es2015-modules-amd-6.8.0.tgz" }, "babel-plugin-transform-es2015-modules-commonjs": { "version": "6.16.0", "from": "babel-plugin-transform-es2015-modules-commonjs@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-modules-commonjs/-/babel-plugin-transform-es2015-modules-commonjs-6.16.0.tgz" }, "babel-plugin-transform-es2015-modules-systemjs": { "version": "6.14.0", "from": "babel-plugin-transform-es2015-modules-systemjs@>=6.14.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-modules-systemjs/-/babel-plugin-transform-es2015-modules-systemjs-6.14.0.tgz" }, "babel-plugin-transform-es2015-modules-umd": { "version": "6.12.0", "from": "babel-plugin-transform-es2015-modules-umd@>=6.12.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-modules-umd/-/babel-plugin-transform-es2015-modules-umd-6.12.0.tgz" }, "babel-plugin-transform-es2015-object-super": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-object-super@>=6.3.13 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-object-super/-/babel-plugin-transform-es2015-object-super-6.8.0.tgz" }, "babel-plugin-transform-es2015-parameters": { "version": "6.17.0", "from": "babel-plugin-transform-es2015-parameters@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-parameters/-/babel-plugin-transform-es2015-parameters-6.17.0.tgz" }, "babel-plugin-transform-es2015-shorthand-properties": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-shorthand-properties@>=6.3.13 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-shorthand-properties/-/babel-plugin-transform-es2015-shorthand-properties-6.8.0.tgz" }, "babel-plugin-transform-es2015-spread": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-spread@>=6.3.13 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-spread/-/babel-plugin-transform-es2015-spread-6.8.0.tgz" }, "babel-plugin-transform-es2015-sticky-regex": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-sticky-regex@>=6.3.13 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-sticky-regex/-/babel-plugin-transform-es2015-sticky-regex-6.8.0.tgz" }, "babel-plugin-transform-es2015-template-literals": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-template-literals@>=6.6.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-template-literals/-/babel-plugin-transform-es2015-template-literals-6.8.0.tgz" }, "babel-plugin-transform-es2015-typeof-symbol": { "version": "6.8.0", "from": "babel-plugin-transform-es2015-typeof-symbol@>=6.6.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-typeof-symbol/-/babel-plugin-transform-es2015-typeof-symbol-6.8.0.tgz" }, "babel-plugin-transform-es2015-unicode-regex": { "version": "6.11.0", "from": "babel-plugin-transform-es2015-unicode-regex@>=6.3.13 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-unicode-regex/-/babel-plugin-transform-es2015-unicode-regex-6.11.0.tgz" }, "babel-plugin-transform-regenerator": { "version": "6.16.1", "from": "babel-plugin-transform-regenerator@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-regenerator/-/babel-plugin-transform-regenerator-6.16.1.tgz" }, "babel-plugin-transform-runtime": { "version": "6.15.0", "from": "babel-plugin-transform-runtime@>=6.9.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-runtime/-/babel-plugin-transform-runtime-6.15.0.tgz" }, "babel-plugin-transform-strict-mode": { "version": "6.11.3", "from": "babel-plugin-transform-strict-mode@>=6.8.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-plugin-transform-strict-mode/-/babel-plugin-transform-strict-mode-6.11.3.tgz" }, "babel-polyfill": { "version": "6.16.0", "from": "babel-polyfill@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-polyfill/-/babel-polyfill-6.16.0.tgz" }, "babel-preset-es2015": { "version": "6.16.0", "from": "babel-preset-es2015@>=6.9.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-preset-es2015/-/babel-preset-es2015-6.16.0.tgz" }, "babel-preset-taskcluster": { "version": "3.0.0", "from": "babel-preset-taskcluster@>=3.0.0 <4.0.0", "resolved": "https://registry.npmjs.org/babel-preset-taskcluster/-/babel-preset-taskcluster-3.0.0.tgz" }, "babel-register": { "version": "6.16.3", "from": "babel-register@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-register/-/babel-register-6.16.3.tgz" }, "babel-runtime": { "version": "6.11.6", "from": "babel-runtime@>=6.11.6 <7.0.0", "resolved": "https://registry.npmjs.org/babel-runtime/-/babel-runtime-6.11.6.tgz" }, "babel-template": { "version": "6.16.0", "from": "babel-template@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-template/-/babel-template-6.16.0.tgz" }, "babel-traverse": { "version": "6.16.0", "from": "babel-traverse@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-traverse/-/babel-traverse-6.16.0.tgz" }, "babel-types": { "version": "6.16.0", "from": "babel-types@>=6.16.0 <7.0.0", "resolved": "https://registry.npmjs.org/babel-types/-/babel-types-6.16.0.tgz" }, "babylon": { "version": "6.11.6", "from": "babylon@>=6.11.0 <7.0.0", "resolved": "https://registry.npmjs.org/babylon/-/babylon-6.11.6.tgz" }, "balanced-match": { "version": "0.4.2", "from": "balanced-match@>=0.4.1 <0.5.0", "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-0.4.2.tgz" }, "bcrypt-pbkdf": { "version": "1.0.0", "from": "bcrypt-pbkdf@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.0.tgz" }, "bin-version": { "version": "1.0.4", "from": "bin-version@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/bin-version/-/bin-version-1.0.4.tgz" }, "bin-version-check": { "version": "2.1.0", "from": "bin-version-check@>=2.1.0 <3.0.0", "resolved": "https://registry.npmjs.org/bin-version-check/-/bin-version-check-2.1.0.tgz" }, "binary-extensions": { "version": "1.7.0", "from": "binary-extensions@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-1.7.0.tgz" }, "bitsyntax": { "version": "0.0.4", "from": "bitsyntax@>=0.0.4 <0.1.0", "resolved": "https://registry.npmjs.org/bitsyntax/-/bitsyntax-0.0.4.tgz" }, "bl": { "version": "1.1.2", "from": "bl@>=1.1.2 <1.2.0", "resolved": "https://registry.npmjs.org/bl/-/bl-1.1.2.tgz", "dependencies": { "readable-stream": { "version": "2.0.6", "from": "readable-stream@>=2.0.5 <2.1.0", "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.0.6.tgz" } } }, "boom": { "version": "2.10.1", "from": "boom@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/boom/-/boom-2.10.1.tgz" }, "brace-expansion": { "version": "1.1.6", "from": "brace-expansion@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.6.tgz" }, "braces": { "version": "1.8.5", "from": "braces@>=1.8.2 <2.0.0", "resolved": "https://registry.npmjs.org/braces/-/braces-1.8.5.tgz" }, "buffer-more-ints": { "version": "0.0.2", "from": "buffer-more-ints@0.0.2", "resolved": "https://registry.npmjs.org/buffer-more-ints/-/buffer-more-ints-0.0.2.tgz" }, "buffer-shims": { "version": "1.0.0", "from": "buffer-shims@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/buffer-shims/-/buffer-shims-1.0.0.tgz" }, "builtin-modules": { "version": "1.1.1", "from": "builtin-modules@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz" }, "camelcase": { "version": "2.1.1", "from": "camelcase@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.1.tgz" }, "camelcase-keys": { "version": "2.1.0", "from": "camelcase-keys@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/camelcase-keys/-/camelcase-keys-2.1.0.tgz" }, "caseless": { "version": "0.11.0", "from": "caseless@>=0.11.0 <0.12.0", "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.11.0.tgz" }, "chalk": { "version": "1.1.1", "from": "chalk@1.1.1", "resolved": "https://registry.npmjs.org/chalk/-/chalk-1.1.1.tgz" }, "chokidar": { "version": "1.6.0", "from": "chokidar@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-1.6.0.tgz" }, "combined-stream": { "version": "1.0.5", "from": "combined-stream@>=1.0.5 <1.1.0", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.5.tgz" }, "commander": { "version": "2.9.0", "from": "commander@>=2.8.1 <3.0.0", "resolved": "https://registry.npmjs.org/commander/-/commander-2.9.0.tgz" }, "component-emitter": { "version": "1.2.1", "from": "component-emitter@>=1.2.0 <1.3.0", "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.2.1.tgz" }, "concat-map": { "version": "0.0.1", "from": "concat-map@0.0.1", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz" }, "convert-source-map": { "version": "1.3.0", "from": "convert-source-map@>=1.1.0 <2.0.0", "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.3.0.tgz" }, "cookiejar": { "version": "2.0.6", "from": "cookiejar@2.0.6", "resolved": "https://registry.npmjs.org/cookiejar/-/cookiejar-2.0.6.tgz" }, "core-js": { "version": "2.4.1", "from": "core-js@>=2.4.0 <3.0.0", "resolved": "https://registry.npmjs.org/core-js/-/core-js-2.4.1.tgz" }, "core-util-is": { "version": "1.0.2", "from": "core-util-is@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz" }, "cryptiles": { "version": "2.0.5", "from": "cryptiles@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/cryptiles/-/cryptiles-2.0.5.tgz" }, "currently-unhandled": { "version": "0.4.1", "from": "currently-unhandled@>=0.4.1 <0.5.0", "resolved": "https://registry.npmjs.org/currently-unhandled/-/currently-unhandled-0.4.1.tgz" }, "dashdash": { "version": "1.14.0", "from": "dashdash@>=1.12.0 <2.0.0", "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.0.tgz", "dependencies": { "assert-plus": { "version": "1.0.0", "from": "assert-plus@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz" } } }, "debug": { "version": "2.2.0", "from": "debug@>=2.1.1 <3.0.0", "resolved": "https://registry.npmjs.org/debug/-/debug-2.2.0.tgz" }, "decamelize": { "version": "1.2.0", "from": "decamelize@>=1.1.2 <2.0.0", "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz" }, "delayed-stream": { "version": "1.0.0", "from": "delayed-stream@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz" }, "detect-indent": { "version": "3.0.1", "from": "detect-indent@>=3.0.1 <4.0.0", "resolved": "https://registry.npmjs.org/detect-indent/-/detect-indent-3.0.1.tgz" }, "ecc-jsbn": { "version": "0.1.1", "from": "ecc-jsbn@>=0.1.1 <0.2.0", "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz" }, "error-ex": { "version": "1.3.0", "from": "error-ex@>=1.2.0 <2.0.0", "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz" }, "escape-string-regexp": { "version": "1.0.5", "from": "escape-string-regexp@>=1.0.2 <2.0.0", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz" }, "esprima": { "version": "2.7.3", "from": "esprima@>=2.6.0 <3.0.0", "resolved": "https://registry.npmjs.org/esprima/-/esprima-2.7.3.tgz" }, "esutils": { "version": "2.0.2", "from": "esutils@>=2.0.2 <3.0.0", "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.2.tgz" }, "eventsource": { "version": "0.1.6", "from": "eventsource@>=0.1.6 <0.2.0", "resolved": "https://registry.npmjs.org/eventsource/-/eventsource-0.1.6.tgz" }, "expand-brackets": { "version": "0.1.5", "from": "expand-brackets@>=0.1.4 <0.2.0", "resolved": "https://registry.npmjs.org/expand-brackets/-/expand-brackets-0.1.5.tgz" }, "expand-range": { "version": "1.8.2", "from": "expand-range@>=1.8.1 <2.0.0", "resolved": "https://registry.npmjs.org/expand-range/-/expand-range-1.8.2.tgz" }, "extend": { "version": "3.0.0", "from": "extend@>=3.0.0 <3.1.0", "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.0.tgz" }, "extglob": { "version": "0.3.2", "from": "extglob@>=0.3.1 <0.4.0", "resolved": "https://registry.npmjs.org/extglob/-/extglob-0.3.2.tgz" }, "extsprintf": { "version": "1.0.2", "from": "extsprintf@1.0.2", "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.0.2.tgz" }, "faye-websocket": { "version": "0.11.0", "from": "faye-websocket@>=0.11.0 <0.12.0", "resolved": "https://registry.npmjs.org/faye-websocket/-/faye-websocket-0.11.0.tgz" }, "filename-regex": { "version": "2.0.0", "from": "filename-regex@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/filename-regex/-/filename-regex-2.0.0.tgz" }, "fill-range": { "version": "2.2.3", "from": "fill-range@>=2.1.0 <3.0.0", "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-2.2.3.tgz" }, "find-up": { "version": "1.1.2", "from": "find-up@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/find-up/-/find-up-1.1.2.tgz", "dependencies": { "path-exists": { "version": "2.1.0", "from": "path-exists@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz" } } }, "find-versions": { "version": "1.2.1", "from": "find-versions@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/find-versions/-/find-versions-1.2.1.tgz" }, "flatmap": { "version": "0.0.3", "from": "flatmap@0.0.3", "resolved": "https://registry.npmjs.org/flatmap/-/flatmap-0.0.3.tgz" }, "for-in": { "version": "0.1.6", "from": "for-in@>=0.1.5 <0.2.0", "resolved": "https://registry.npmjs.org/for-in/-/for-in-0.1.6.tgz" }, "for-own": { "version": "0.1.4", "from": "for-own@>=0.1.3 <0.2.0", "resolved": "https://registry.npmjs.org/for-own/-/for-own-0.1.4.tgz" }, "forever-agent": { "version": "0.6.1", "from": "forever-agent@>=0.6.1 <0.7.0", "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz" }, "form-data": { "version": "2.0.0", "from": "form-data@>=2.0.0 <2.1.0", "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.0.0.tgz" }, "formidable": { "version": "1.0.17", "from": "formidable@>=1.0.14 <1.1.0", "resolved": "https://registry.npmjs.org/formidable/-/formidable-1.0.17.tgz" }, "fs-readdir-recursive": { "version": "0.1.2", "from": "fs-readdir-recursive@>=0.1.0 <0.2.0", "resolved": "https://registry.npmjs.org/fs-readdir-recursive/-/fs-readdir-recursive-0.1.2.tgz" }, "fs-walk": { "version": "0.0.1", "from": "fs-walk@0.0.1", "resolved": "https://registry.npmjs.org/fs-walk/-/fs-walk-0.0.1.tgz" }, "fs.realpath": { "version": "1.0.0", "from": "fs.realpath@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz" }, "generate-function": { "version": "2.0.0", "from": "generate-function@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/generate-function/-/generate-function-2.0.0.tgz" }, "generate-object-property": { "version": "1.2.0", "from": "generate-object-property@>=1.1.0 <2.0.0", "resolved": "https://registry.npmjs.org/generate-object-property/-/generate-object-property-1.2.0.tgz" }, "get-stdin": { "version": "4.0.1", "from": "get-stdin@>=4.0.1 <5.0.0", "resolved": "https://registry.npmjs.org/get-stdin/-/get-stdin-4.0.1.tgz" }, "getpass": { "version": "0.1.6", "from": "getpass@>=0.1.1 <0.2.0", "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.6.tgz", "dependencies": { "assert-plus": { "version": "1.0.0", "from": "assert-plus@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz" } } }, "glob": { "version": "5.0.15", "from": "glob@>=5.0.5 <6.0.0", "resolved": "https://registry.npmjs.org/glob/-/glob-5.0.15.tgz" }, "glob-base": { "version": "0.3.0", "from": "glob-base@>=0.3.0 <0.4.0", "resolved": "https://registry.npmjs.org/glob-base/-/glob-base-0.3.0.tgz" }, "glob-parent": { "version": "2.0.0", "from": "glob-parent@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-2.0.0.tgz" }, "globals": { "version": "8.18.0", "from": "globals@>=8.3.0 <9.0.0", "resolved": "https://registry.npmjs.org/globals/-/globals-8.18.0.tgz" }, "graceful-fs": { "version": "4.1.9", "from": "graceful-fs@>=4.1.2 <5.0.0", "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.9.tgz" }, "graceful-readlink": { "version": "1.0.1", "from": "graceful-readlink@>=1.0.0", "resolved": "https://registry.npmjs.org/graceful-readlink/-/graceful-readlink-1.0.1.tgz" }, "har-validator": { "version": "2.0.6", "from": "har-validator@>=2.0.6 <2.1.0", "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-2.0.6.tgz" }, "has-ansi": { "version": "2.0.0", "from": "has-ansi@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/has-ansi/-/has-ansi-2.0.0.tgz" }, "hawk": { "version": "3.1.3", "from": "hawk@>=3.1.3 <3.2.0", "resolved": "https://registry.npmjs.org/hawk/-/hawk-3.1.3.tgz" }, "hoek": { "version": "2.16.3", "from": "hoek@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/hoek/-/hoek-2.16.3.tgz" }, "home-or-tmp": { "version": "1.0.0", "from": "home-or-tmp@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/home-or-tmp/-/home-or-tmp-1.0.0.tgz" }, "hosted-git-info": { "version": "2.1.5", "from": "hosted-git-info@>=2.1.4 <3.0.0", "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.5.tgz" }, "http-signature": { "version": "1.1.1", "from": "http-signature@>=1.1.0 <1.2.0", "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.1.1.tgz" }, "indent-string": { "version": "2.1.0", "from": "indent-string@>=2.1.0 <3.0.0", "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-2.1.0.tgz", "dependencies": { "repeating": { "version": "2.0.1", "from": "repeating@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/repeating/-/repeating-2.0.1.tgz" } } }, "inflight": { "version": "1.0.6", "from": "inflight@>=1.0.4 <2.0.0", "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz" }, "inherits": { "version": "2.0.3", "from": "inherits@>=2.0.1 <3.0.0", "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz" }, "intersect": { "version": "1.0.1", "from": "intersect@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/intersect/-/intersect-1.0.1.tgz" }, "invariant": { "version": "2.2.1", "from": "invariant@>=2.2.0 <3.0.0", "resolved": "https://registry.npmjs.org/invariant/-/invariant-2.2.1.tgz" }, "is-arrayish": { "version": "0.2.1", "from": "is-arrayish@>=0.2.1 <0.3.0", "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz" }, "is-binary-path": { "version": "1.0.1", "from": "is-binary-path@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-1.0.1.tgz" }, "is-buffer": { "version": "1.1.4", "from": "is-buffer@>=1.0.2 <2.0.0", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.4.tgz" }, "is-builtin-module": { "version": "1.0.0", "from": "is-builtin-module@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz" }, "is-dotfile": { "version": "1.0.2", "from": "is-dotfile@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/is-dotfile/-/is-dotfile-1.0.2.tgz" }, "is-equal-shallow": { "version": "0.1.3", "from": "is-equal-shallow@>=0.1.3 <0.2.0", "resolved": "https://registry.npmjs.org/is-equal-shallow/-/is-equal-shallow-0.1.3.tgz" }, "is-extendable": { "version": "0.1.1", "from": "is-extendable@>=0.1.1 <0.2.0", "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz" }, "is-extglob": { "version": "1.0.0", "from": "is-extglob@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-1.0.0.tgz" }, "is-finite": { "version": "1.0.2", "from": "is-finite@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/is-finite/-/is-finite-1.0.2.tgz" }, "is-glob": { "version": "2.0.1", "from": "is-glob@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-2.0.1.tgz" }, "is-my-json-valid": { "version": "2.15.0", "from": "is-my-json-valid@>=2.12.4 <3.0.0", "resolved": "https://registry.npmjs.org/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz" }, "is-number": { "version": "2.1.0", "from": "is-number@>=2.1.0 <3.0.0", "resolved": "https://registry.npmjs.org/is-number/-/is-number-2.1.0.tgz" }, "is-posix-bracket": { "version": "0.1.1", "from": "is-posix-bracket@>=0.1.0 <0.2.0", "resolved": "https://registry.npmjs.org/is-posix-bracket/-/is-posix-bracket-0.1.1.tgz" }, "is-primitive": { "version": "2.0.0", "from": "is-primitive@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/is-primitive/-/is-primitive-2.0.0.tgz" }, "is-property": { "version": "1.0.2", "from": "is-property@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/is-property/-/is-property-1.0.2.tgz" }, "is-typedarray": { "version": "1.0.0", "from": "is-typedarray@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz" }, "is-utf8": { "version": "0.2.1", "from": "is-utf8@>=0.2.0 <0.3.0", "resolved": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz" }, "isarray": { "version": "1.0.0", "from": "isarray@1.0.0", "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz" }, "isobject": { "version": "2.1.0", "from": "isobject@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/isobject/-/isobject-2.1.0.tgz" }, "isstream": { "version": "0.1.2", "from": "isstream@>=0.1.2 <0.2.0", "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz" }, "jodid25519": { "version": "1.0.2", "from": "jodid25519@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/jodid25519/-/jodid25519-1.0.2.tgz" }, "js-tokens": { "version": "2.0.0", "from": "js-tokens@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-2.0.0.tgz" }, "js-yaml": { "version": "3.6.1", "from": "js-yaml@>=3.6.1 <4.0.0", "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.6.1.tgz" }, "jsbn": { "version": "0.1.0", "from": "jsbn@>=0.1.0 <0.2.0", "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.0.tgz" }, "jsesc": { "version": "1.3.0", "from": "jsesc@>=1.3.0 <2.0.0", "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-1.3.0.tgz" }, "json-schema": { "version": "0.2.3", "from": "json-schema@0.2.3", "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz" }, "json-stringify-safe": { "version": "5.0.1", "from": "json-stringify-safe@>=5.0.1 <5.1.0", "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz" }, "json3": { "version": "3.3.2", "from": "json3@>=3.3.2 <4.0.0", "resolved": "https://registry.npmjs.org/json3/-/json3-3.3.2.tgz" }, "json5": { "version": "0.4.0", "from": "json5@>=0.4.0 <0.5.0", "resolved": "https://registry.npmjs.org/json5/-/json5-0.4.0.tgz" }, "jsonpointer": { "version": "4.0.0", "from": "jsonpointer@>=4.0.0 <5.0.0", "resolved": "https://registry.npmjs.org/jsonpointer/-/jsonpointer-4.0.0.tgz" }, "jsprim": { "version": "1.3.1", "from": "jsprim@>=1.2.2 <2.0.0", "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.3.1.tgz" }, "kind-of": { "version": "3.0.4", "from": "kind-of@>=3.0.2 <4.0.0", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.0.4.tgz" }, "load-json-file": { "version": "1.1.0", "from": "load-json-file@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz" }, "lodash": { "version": "4.16.4", "from": "lodash@>=4.2.0 <5.0.0", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.16.4.tgz" }, "log-symbols": { "version": "1.0.2", "from": "log-symbols@>=1.0.2 <2.0.0", "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-1.0.2.tgz" }, "loose-envify": { "version": "1.2.0", "from": "loose-envify@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.2.0.tgz", "dependencies": { "js-tokens": { "version": "1.0.3", "from": "js-tokens@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-1.0.3.tgz" } } }, "loud-rejection": { "version": "1.6.0", "from": "loud-rejection@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/loud-rejection/-/loud-rejection-1.6.0.tgz" }, "map-obj": { "version": "1.0.1", "from": "map-obj@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/map-obj/-/map-obj-1.0.1.tgz" }, "meow": { "version": "3.7.0", "from": "meow@>=3.5.0 <4.0.0", "resolved": "https://registry.npmjs.org/meow/-/meow-3.7.0.tgz" }, "merge": { "version": "1.2.0", "from": "merge@>=1.2.0 <2.0.0", "resolved": "https://registry.npmjs.org/merge/-/merge-1.2.0.tgz" }, "methods": { "version": "1.1.2", "from": "methods@>=1.1.1 <1.2.0", "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz" }, "micromatch": { "version": "2.3.11", "from": "micromatch@>=2.1.5 <3.0.0", "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-2.3.11.tgz" }, "mime": { "version": "1.3.4", "from": "mime@1.3.4", "resolved": "https://registry.npmjs.org/mime/-/mime-1.3.4.tgz" }, "mime-db": { "version": "1.24.0", "from": "mime-db@>=1.24.0 <1.25.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.24.0.tgz" }, "mime-types": { "version": "2.1.12", "from": "mime-types@>=2.1.7 <2.2.0", "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.12.tgz" }, "minimatch": { "version": "3.0.3", "from": "minimatch@>=3.0.2 <4.0.0", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.3.tgz" }, "minimist": { "version": "1.2.0", "from": "minimist@>=1.2.0 <2.0.0", "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz" }, "mkdirp": { "version": "0.5.1", "from": "mkdirp@>=0.5.1 <0.6.0", "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz", "dependencies": { "minimist": { "version": "0.0.8", "from": "minimist@0.0.8", "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz" } } }, "ms": { "version": "0.7.1", "from": "ms@0.7.1", "resolved": "https://registry.npmjs.org/ms/-/ms-0.7.1.tgz" }, "node-uuid": { "version": "1.4.7", "from": "node-uuid@>=1.4.7 <1.5.0", "resolved": "https://registry.npmjs.org/node-uuid/-/node-uuid-1.4.7.tgz" }, "normalize-package-data": { "version": "2.3.5", "from": "normalize-package-data@>=2.3.4 <3.0.0", "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz" }, "normalize-path": { "version": "2.0.1", "from": "normalize-path@>=2.0.1 <3.0.0", "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-2.0.1.tgz" }, "number-is-nan": { "version": "1.0.1", "from": "number-is-nan@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz" }, "oauth-sign": { "version": "0.8.2", "from": "oauth-sign@>=0.8.1 <0.9.0", "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.8.2.tgz" }, "object-assign": { "version": "4.1.0", "from": "object-assign@>=4.0.1 <5.0.0", "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.0.tgz" }, "object.omit": { "version": "2.0.0", "from": "object.omit@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/object.omit/-/object.omit-2.0.0.tgz" }, "once": { "version": "1.4.0", "from": "once@>=1.3.0 <2.0.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz" }, "original": { "version": "1.0.0", "from": "original@>=0.0.5", "resolved": "https://registry.npmjs.org/original/-/original-1.0.0.tgz", "dependencies": { "url-parse": { "version": "1.0.5", "from": "url-parse@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.0.5.tgz" } } }, "os-tmpdir": { "version": "1.0.2", "from": "os-tmpdir@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/os-tmpdir/-/os-tmpdir-1.0.2.tgz" }, "output-file-sync": { "version": "1.1.2", "from": "output-file-sync@>=1.1.0 <2.0.0", "resolved": "https://registry.npmjs.org/output-file-sync/-/output-file-sync-1.1.2.tgz" }, "parse-glob": { "version": "3.0.4", "from": "parse-glob@>=3.0.4 <4.0.0", "resolved": "https://registry.npmjs.org/parse-glob/-/parse-glob-3.0.4.tgz" }, "parse-json": { "version": "2.2.0", "from": "parse-json@>=2.2.0 <3.0.0", "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz" }, "path-exists": { "version": "1.0.0", "from": "path-exists@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-1.0.0.tgz" }, "path-is-absolute": { "version": "1.0.1", "from": "path-is-absolute@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz" }, "path-type": { "version": "1.1.0", "from": "path-type@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz" }, "pify": { "version": "2.3.0", "from": "pify@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz" }, "pinkie": { "version": "2.0.4", "from": "pinkie@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz" }, "pinkie-promise": { "version": "2.0.1", "from": "pinkie-promise@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.1.tgz" }, "preserve": { "version": "0.2.0", "from": "preserve@>=0.2.0 <0.3.0", "resolved": "https://registry.npmjs.org/preserve/-/preserve-0.2.0.tgz" }, "private": { "version": "0.1.6", "from": "private@>=0.1.6 <0.2.0", "resolved": "https://registry.npmjs.org/private/-/private-0.1.6.tgz" }, "process-nextick-args": { "version": "1.0.7", "from": "process-nextick-args@>=1.0.6 <1.1.0", "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-1.0.7.tgz" }, "promise": { "version": "6.1.0", "from": "promise@>=6.1.0 <7.0.0", "resolved": "https://registry.npmjs.org/promise/-/promise-6.1.0.tgz" }, "qs": { "version": "6.2.1", "from": "qs@>=6.2.0 <6.3.0", "resolved": "https://registry.npmjs.org/qs/-/qs-6.2.1.tgz" }, "querystringify": { "version": "0.0.4", "from": "querystringify@>=0.0.0 <0.1.0", "resolved": "https://registry.npmjs.org/querystringify/-/querystringify-0.0.4.tgz" }, "randomatic": { "version": "1.1.5", "from": "randomatic@>=1.1.3 <2.0.0", "resolved": "https://registry.npmjs.org/randomatic/-/randomatic-1.1.5.tgz" }, "read-pkg": { "version": "1.1.0", "from": "read-pkg@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz" }, "read-pkg-up": { "version": "1.0.1", "from": "read-pkg-up@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz" }, "readable-stream": { "version": "2.1.5", "from": "readable-stream@>=2.0.2 <3.0.0", "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.1.5.tgz" }, "readdirp": { "version": "2.1.0", "from": "readdirp@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-2.1.0.tgz" }, "redent": { "version": "1.0.0", "from": "redent@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/redent/-/redent-1.0.0.tgz" }, "reduce-component": { "version": "1.0.1", "from": "reduce-component@1.0.1", "resolved": "https://registry.npmjs.org/reduce-component/-/reduce-component-1.0.1.tgz" }, "regenerate": { "version": "1.3.1", "from": "regenerate@>=1.2.1 <2.0.0", "resolved": "https://registry.npmjs.org/regenerate/-/regenerate-1.3.1.tgz" }, "regenerator-runtime": { "version": "0.9.5", "from": "regenerator-runtime@>=0.9.5 <0.10.0", "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.9.5.tgz" }, "regex-cache": { "version": "0.4.3", "from": "regex-cache@>=0.4.2 <0.5.0", "resolved": "https://registry.npmjs.org/regex-cache/-/regex-cache-0.4.3.tgz" }, "regexpu-core": { "version": "2.0.0", "from": "regexpu-core@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/regexpu-core/-/regexpu-core-2.0.0.tgz" }, "regjsgen": { "version": "0.2.0", "from": "regjsgen@>=0.2.0 <0.3.0", "resolved": "https://registry.npmjs.org/regjsgen/-/regjsgen-0.2.0.tgz" }, "regjsparser": { "version": "0.1.5", "from": "regjsparser@>=0.1.4 <0.2.0", "resolved": "https://registry.npmjs.org/regjsparser/-/regjsparser-0.1.5.tgz", "dependencies": { "jsesc": { "version": "0.5.0", "from": "jsesc@>=0.5.0 <0.6.0", "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-0.5.0.tgz" } } }, "repeat-element": { "version": "1.1.2", "from": "repeat-element@>=1.1.2 <2.0.0", "resolved": "https://registry.npmjs.org/repeat-element/-/repeat-element-1.1.2.tgz" }, "repeat-string": { "version": "1.5.4", "from": "repeat-string@>=1.5.2 <2.0.0", "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.5.4.tgz" }, "repeating": { "version": "1.1.3", "from": "repeating@>=1.1.0 <2.0.0", "resolved": "https://registry.npmjs.org/repeating/-/repeating-1.1.3.tgz" }, "request": { "version": "2.75.0", "from": "request@>=2.65.0 <3.0.0", "resolved": "https://registry.npmjs.org/request/-/request-2.75.0.tgz" }, "requires-port": { "version": "1.0.0", "from": "requires-port@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz" }, "rimraf": { "version": "2.5.4", "from": "rimraf@>=2.4.3 <3.0.0", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.5.4.tgz", "dependencies": { "glob": { "version": "7.1.1", "from": "glob@>=7.0.5 <8.0.0", "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.1.tgz" } } }, "semver": { "version": "4.3.6", "from": "semver@>=4.0.3 <5.0.0", "resolved": "https://registry.npmjs.org/semver/-/semver-4.3.6.tgz" }, "semver-regex": { "version": "1.0.0", "from": "semver-regex@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/semver-regex/-/semver-regex-1.0.0.tgz" }, "semver-truncate": { "version": "1.1.2", "from": "semver-truncate@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/semver-truncate/-/semver-truncate-1.1.2.tgz", "dependencies": { "semver": { "version": "5.3.0", "from": "semver@>=5.3.0 <6.0.0", "resolved": "https://registry.npmjs.org/semver/-/semver-5.3.0.tgz" } } }, "set-immediate-shim": { "version": "1.0.1", "from": "set-immediate-shim@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/set-immediate-shim/-/set-immediate-shim-1.0.1.tgz" }, "shebang-regex": { "version": "1.0.0", "from": "shebang-regex@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-1.0.0.tgz" }, "signal-exit": { "version": "3.0.1", "from": "signal-exit@>=3.0.0 <4.0.0", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.1.tgz" }, "slash": { "version": "1.0.0", "from": "slash@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/slash/-/slash-1.0.0.tgz" }, "slugid": { "version": "1.1.0", "from": "slugid@>=1.1.0 <2.0.0", "resolved": "https://registry.npmjs.org/slugid/-/slugid-1.1.0.tgz" }, "sntp": { "version": "1.0.9", "from": "sntp@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/sntp/-/sntp-1.0.9.tgz" }, "sockjs-client": { "version": "1.1.1", "from": "sockjs-client@>=1.0.3 <2.0.0", "resolved": "https://registry.npmjs.org/sockjs-client/-/sockjs-client-1.1.1.tgz" }, "source-map": { "version": "0.5.6", "from": "source-map@>=0.5.0 <0.6.0", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.6.tgz" }, "source-map-support": { "version": "0.4.3", "from": "source-map-support@>=0.4.2 <0.5.0", "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.4.3.tgz" }, "spdx-correct": { "version": "1.0.2", "from": "spdx-correct@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz" }, "spdx-expression-parse": { "version": "1.0.4", "from": "spdx-expression-parse@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.4.tgz" }, "spdx-license-ids": { "version": "1.2.2", "from": "spdx-license-ids@>=1.0.2 <2.0.0", "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.2.tgz" }, "sprintf-js": { "version": "1.0.3", "from": "sprintf-js@>=1.0.2 <1.1.0", "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz" }, "sshpk": { "version": "1.10.1", "from": "sshpk@>=1.7.0 <2.0.0", "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.10.1.tgz", "dependencies": { "assert-plus": { "version": "1.0.0", "from": "assert-plus@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz" } } }, "string_decoder": { "version": "0.10.31", "from": "string_decoder@>=0.10.0 <0.11.0", "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz" }, "stringstream": { "version": "0.0.5", "from": "stringstream@>=0.0.4 <0.1.0", "resolved": "https://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz" }, "strip-ansi": { "version": "3.0.1", "from": "strip-ansi@>=3.0.0 <4.0.0", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz" }, "strip-bom": { "version": "2.0.0", "from": "strip-bom@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz" }, "strip-indent": { "version": "1.0.1", "from": "strip-indent@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/strip-indent/-/strip-indent-1.0.1.tgz" }, "superagent": { "version": "1.7.2", "from": "superagent@>=1.7.0 <1.8.0", "resolved": "https://registry.npmjs.org/superagent/-/superagent-1.7.2.tgz", "dependencies": { "async": { "version": "0.9.2", "from": "async@>=0.9.0 <0.10.0", "resolved": "https://registry.npmjs.org/async/-/async-0.9.2.tgz" }, "combined-stream": { "version": "0.0.7", "from": "combined-stream@>=0.0.4 <0.1.0", "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-0.0.7.tgz" }, "delayed-stream": { "version": "0.0.5", "from": "delayed-stream@0.0.5", "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-0.0.5.tgz" }, "form-data": { "version": "0.2.0", "from": "form-data@0.2.0", "resolved": "https://registry.npmjs.org/form-data/-/form-data-0.2.0.tgz" }, "isarray": { "version": "0.0.1", "from": "isarray@0.0.1", "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz" }, "mime-db": { "version": "1.12.0", "from": "mime-db@>=1.12.0 <1.13.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.12.0.tgz" }, "mime-types": { "version": "2.0.14", "from": "mime-types@>=2.0.3 <2.1.0", "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.0.14.tgz" }, "qs": { "version": "2.3.3", "from": "qs@2.3.3", "resolved": "https://registry.npmjs.org/qs/-/qs-2.3.3.tgz" }, "readable-stream": { "version": "1.0.27-1", "from": "readable-stream@1.0.27-1", "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.27-1.tgz" } } }, "superagent-hawk": { "version": "0.0.6", "from": "superagent-hawk@>=0.0.6 <0.0.7", "resolved": "https://registry.npmjs.org/superagent-hawk/-/superagent-hawk-0.0.6.tgz", "dependencies": { "boom": { "version": "0.4.2", "from": "boom@>=0.4.0 <0.5.0", "resolved": "https://registry.npmjs.org/boom/-/boom-0.4.2.tgz" }, "cryptiles": { "version": "0.2.2", "from": "cryptiles@>=0.2.0 <0.3.0", "resolved": "https://registry.npmjs.org/cryptiles/-/cryptiles-0.2.2.tgz" }, "hawk": { "version": "1.0.0", "from": "hawk@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/hawk/-/hawk-1.0.0.tgz" }, "hoek": { "version": "0.9.1", "from": "hoek@>=0.9.0 <0.10.0", "resolved": "https://registry.npmjs.org/hoek/-/hoek-0.9.1.tgz" }, "qs": { "version": "0.6.6", "from": "qs@>=0.6.6 <0.7.0", "resolved": "https://registry.npmjs.org/qs/-/qs-0.6.6.tgz" }, "sntp": { "version": "0.2.4", "from": "sntp@>=0.2.0 <0.3.0", "resolved": "https://registry.npmjs.org/sntp/-/sntp-0.2.4.tgz" } } }, "superagent-promise": { "version": "0.2.0", "from": "superagent-promise@>=0.2.0 <0.3.0", "resolved": "https://registry.npmjs.org/superagent-promise/-/superagent-promise-0.2.0.tgz" }, "supports-color": { "version": "2.0.0", "from": "supports-color@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz" }, "taskcluster-client": { "version": "1.4.0", "from": "taskcluster-client@>=1.2.1 <2.0.0", "resolved": "https://registry.npmjs.org/taskcluster-client/-/taskcluster-client-1.4.0.tgz", "dependencies": { "hawk": { "version": "2.3.1", "from": "hawk@>=2.3.1 <3.0.0", "resolved": "https://registry.npmjs.org/hawk/-/hawk-2.3.1.tgz" }, "lodash": { "version": "3.10.1", "from": "lodash@>=3.6.0 <4.0.0", "resolved": "https://registry.npmjs.org/lodash/-/lodash-3.10.1.tgz" } } }, "to-fast-properties": { "version": "1.0.2", "from": "to-fast-properties@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-1.0.2.tgz" }, "tough-cookie": { "version": "2.3.1", "from": "tough-cookie@>=2.3.0 <2.4.0", "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.3.1.tgz" }, "trim-newlines": { "version": "1.0.0", "from": "trim-newlines@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-1.0.0.tgz" }, "tunnel-agent": { "version": "0.4.3", "from": "tunnel-agent@>=0.4.1 <0.5.0", "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.4.3.tgz" }, "tweetnacl": { "version": "0.14.3", "from": "tweetnacl@>=0.14.0 <0.15.0", "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.3.tgz" }, "url-join": { "version": "0.0.1", "from": "url-join@>=0.0.1 <0.0.2", "resolved": "https://registry.npmjs.org/url-join/-/url-join-0.0.1.tgz" }, "url-parse": { "version": "1.1.6", "from": "url-parse@>=1.1.1 <2.0.0", "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.1.6.tgz" }, "user-home": { "version": "1.1.1", "from": "user-home@>=1.1.1 <2.0.0", "resolved": "https://registry.npmjs.org/user-home/-/user-home-1.1.1.tgz" }, "util-deprecate": { "version": "1.0.2", "from": "util-deprecate@>=1.0.1 <1.1.0", "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz" }, "uuid": { "version": "2.0.3", "from": "uuid@>=2.0.1 <3.0.0", "resolved": "https://registry.npmjs.org/uuid/-/uuid-2.0.3.tgz" }, "v8flags": { "version": "2.0.11", "from": "v8flags@>=2.0.10 <3.0.0", "resolved": "https://registry.npmjs.org/v8flags/-/v8flags-2.0.11.tgz" }, "validate-npm-package-license": { "version": "3.0.1", "from": "validate-npm-package-license@>=3.0.1 <4.0.0", "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz" }, "verror": { "version": "1.3.6", "from": "verror@1.3.6", "resolved": "https://registry.npmjs.org/verror/-/verror-1.3.6.tgz" }, "websocket-driver": { "version": "0.6.5", "from": "websocket-driver@>=0.5.1", "resolved": "https://registry.npmjs.org/websocket-driver/-/websocket-driver-0.6.5.tgz" }, "websocket-extensions": { "version": "0.1.1", "from": "websocket-extensions@>=0.1.1", "resolved": "https://registry.npmjs.org/websocket-extensions/-/websocket-extensions-0.1.1.tgz" }, "when": { "version": "3.6.4", "from": "when@>=3.6.2 <3.7.0", "resolved": "https://registry.npmjs.org/when/-/when-3.6.4.tgz" }, "wrappy": { "version": "1.0.2", "from": "wrappy@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz" }, "xtend": { "version": "4.0.1", "from": "xtend@>=4.0.0 <5.0.0", "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.1.tgz" } } } nss-3.35/nss/automation/taskcluster/graph/package.json0000644000000000000000000000114513230126417021313 0ustar 00000000000000{ "name": "decision-task", "version": "0.0.1", "private": true, "author": "Tim Taubert ", "description": "Decision Task for NSS", "scripts": { "compile": "babel-compile -p taskcluster src:lib", "install": "npm run compile" }, "dependencies": { "babel-cli": "^6.14.0", "babel-compile": "^2.0.0", "babel-preset-taskcluster": "^3.0.0", "babel-runtime": "^6.11.6", "flatmap": "0.0.3", "intersect": "^1.0.1", "js-yaml": "^3.6.1", "merge": "^1.2.0", "minimist": "^1.2.0", "slugid": "^1.1.0", "taskcluster-client": "^1.2.1" } } nss-3.35/nss/automation/taskcluster/graph/src/context_hash.js0000644000000000000000000000324713230126417022646 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ import fs from "fs"; import path from "path"; import crypto from "crypto"; import flatmap from "flatmap"; // Compute the SHA-256 digest. function sha256(data) { let hash = crypto.createHash("sha256"); hash.update(data); return hash.digest("hex"); } // Recursively collect a list of all files of a given directory. function collectFilesInDirectory(dir) { return flatmap(fs.readdirSync(dir), entry => { let entry_path = path.join(dir, entry); if (fs.lstatSync(entry_path).isDirectory()) { return collectFilesInDirectory(entry_path); } return [entry_path]; }); } // A list of hashes for each file in the given path. function collectFileHashes(context_path) { let root = path.join(__dirname, "../../../.."); let dir = path.join(root, context_path); let files = collectFilesInDirectory(dir).sort(); return files.map(file => { return sha256(file + "|" + fs.readFileSync(file, "utf-8")); }); } // Compute a context hash for the given context path. export default function (context_path) { // Regenerate all images when the image_builder changes. let hashes = collectFileHashes("automation/taskcluster/image_builder"); // Regenerate images when the image itself changes. hashes = hashes.concat(collectFileHashes(context_path)); // Generate a new prefix every month to ensure the image stays buildable. let now = new Date(); let prefix = `${now.getUTCFullYear()}-${now.getUTCMonth() + 1}:`; return sha256(prefix + hashes.join(",")); } nss-3.35/nss/automation/taskcluster/graph/src/extend.js0000644000000000000000000006550013230126417021446 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ import merge from "./merge"; import * as queue from "./queue"; const LINUX_IMAGE = { name: "linux", path: "automation/taskcluster/docker" }; const LINUX_CLANG39_IMAGE = { name: "linux-clang-3.9", path: "automation/taskcluster/docker-clang-3.9" }; const LINUX_GCC44_IMAGE = { name: "linux-gcc-4.4", path: "automation/taskcluster/docker-gcc-4.4" }; const FUZZ_IMAGE = { name: "fuzz", path: "automation/taskcluster/docker-fuzz" }; const HACL_GEN_IMAGE = { name: "hacl", path: "automation/taskcluster/docker-hacl" }; const WINDOWS_CHECKOUT_CMD = "bash -c \"hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss || " + "(sleep 2; hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss) || " + "(sleep 5; hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss)\""; const MAC_CHECKOUT_CMD = ["bash", "-c", "hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss || " + "(sleep 2; hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss) || " + "(sleep 5; hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss)"]; /*****************************************************************************/ queue.filter(task => { if (task.group == "Builds") { // Remove extra builds on {A,UB}San and ARM. if (task.collection == "asan" || task.platform == "aarch64") { return false; } // Make modular builds only on Linux make. if (task.symbol == "modular" && task.collection != "make") { return false; } } if (task.tests == "bogo" || task.tests == "interop") { // No windows if (task.platform == "windows2012-64" || task.platform == "windows2012-32") { return false; } // No ARM; TODO: enable if (task.platform == "aarch64") { return false; } // No mac if (task.platform == "mac") { return false; } } if (task.tests == "fips" && task.platform == "mac") { return false; } // Only old make builds have -Ddisable_libpkix=0 and can run chain tests. if (task.tests == "chains" && task.collection != "make") { return false; } if (task.group == "Test") { // Don't run test builds on old make platforms, and not for fips gyp. if (task.collection == "make" || task.collection == "fips") { return false; } } // Don't run additional hardware tests on ARM (we don't have anything there). if (task.group == "Cipher" && task.platform == "aarch64" && task.env && (task.env.NSS_DISABLE_PCLMUL == "1" || task.env.NSS_DISABLE_HW_AES == "1" || task.env.NSS_DISABLE_AVX == "1")) { return false; } return true; }); queue.map(task => { if (task.collection == "asan") { // CRMF and FIPS tests still leak, unfortunately. if (task.tests == "crmf") { task.env.ASAN_OPTIONS = "detect_leaks=0"; } } // We don't run FIPS SSL tests if (task.tests == "ssl") { if (!task.env) { task.env = {}; } task.env.NSS_SSL_TESTS = "crl iopr policy"; } // Windows is slow. if (task.platform == "windows2012-64" && task.tests == "chains") { task.maxRunTime = 7200; } return task; }); /*****************************************************************************/ export default async function main() { await scheduleLinux("Linux 32 (opt)", { platform: "linux32", image: LINUX_IMAGE }, "-m32 --opt"); await scheduleLinux("Linux 32 (debug)", { platform: "linux32", collection: "debug", image: LINUX_IMAGE }, "-m32"); await scheduleLinux("Linux 64 (opt)", { platform: "linux64", image: LINUX_IMAGE }, "--opt"); await scheduleLinux("Linux 64 (debug)", { platform: "linux64", collection: "debug", image: LINUX_IMAGE }); await scheduleLinux("Linux 64 (debug, make)", { env: {USE_64: "1"}, platform: "linux64", image: LINUX_IMAGE, collection: "make", command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/build.sh" ], }); await scheduleLinux("Linux 64 (opt, make)", { env: {USE_64: "1", BUILD_OPT: "1"}, platform: "linux64", image: LINUX_IMAGE, collection: "make", command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/build.sh" ], }); await scheduleLinux("Linux 32 (debug, make)", { platform: "linux32", image: LINUX_IMAGE, collection: "make", command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/build.sh" ], }); await scheduleLinux("Linux 64 (ASan, debug)", { env: { UBSAN_OPTIONS: "print_stacktrace=1", NSS_DISABLE_ARENA_FREE_LIST: "1", NSS_DISABLE_UNLOAD: "1", CC: "clang", CCC: "clang++", }, platform: "linux64", collection: "asan", image: LINUX_IMAGE, features: ["allowPtrace"], }, "--ubsan --asan"); await scheduleLinux("Linux 64 (FIPS opt)", { platform: "linux64", collection: "fips", image: LINUX_IMAGE, }, "--enable-fips --opt"); await scheduleWindows("Windows 2012 64 (debug, make)", { platform: "windows2012-64", collection: "make", env: {USE_64: "1"} }, "build.sh"); await scheduleWindows("Windows 2012 32 (debug, make)", { platform: "windows2012-32", collection: "make" }, "build.sh"); await scheduleWindows("Windows 2012 64 (opt)", { platform: "windows2012-64", }, "build_gyp.sh --opt"); await scheduleWindows("Windows 2012 64 (debug)", { platform: "windows2012-64", collection: "debug" }, "build_gyp.sh"); await scheduleWindows("Windows 2012 32 (opt)", { platform: "windows2012-32", }, "build_gyp.sh --opt -m32"); await scheduleWindows("Windows 2012 32 (debug)", { platform: "windows2012-32", collection: "debug" }, "build_gyp.sh -m32"); await scheduleFuzzing(); await scheduleFuzzing32(); await scheduleTools(); let aarch64_base = { image: "franziskus/nss-aarch64-ci", provisioner: "localprovisioner", workerType: "nss-aarch64", platform: "aarch64", maxRunTime: 7200 }; await scheduleLinux("Linux AArch64 (debug)", merge({ command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/build_gyp.sh" ], collection: "debug", }, aarch64_base) ); await scheduleLinux("Linux AArch64 (opt)", merge({ command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/build_gyp.sh --opt" ], collection: "opt", }, aarch64_base) ); await scheduleMac("Mac (opt)", {collection: "opt"}, "--opt"); await scheduleMac("Mac (debug)", {collection: "debug"}); } async function scheduleMac(name, base, args = "") { let mac_base = merge(base, { env: { PATH: "/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin", NSS_TASKCLUSTER_MAC: "1", DOMSUF: "localdomain", HOST: "localhost", }, provisioner: "localprovisioner", workerType: "nss-macos-10-12", platform: "mac" }); // Build base definition. let build_base = merge({ command: [ MAC_CHECKOUT_CMD, ["bash", "-c", "nss/automation/taskcluster/scripts/build_gyp.sh", args] ], provisioner: "localprovisioner", workerType: "nss-macos-10-12", platform: "mac", maxRunTime: 7200, artifacts: [{ expires: 24 * 7, type: "directory", path: "public" }], kind: "build", symbol: "B" }, mac_base); // The task that builds NSPR+NSS. let task_build = queue.scheduleTask(merge(build_base, {name})); // The task that generates certificates. let task_cert = queue.scheduleTask(merge(build_base, { name: "Certificates", command: [ MAC_CHECKOUT_CMD, ["bash", "-c", "nss/automation/taskcluster/scripts/gen_certs.sh"] ], parent: task_build, symbol: "Certs" })); // Schedule tests. scheduleTests(task_build, task_cert, merge(mac_base, { command: [ MAC_CHECKOUT_CMD, ["bash", "-c", "nss/automation/taskcluster/scripts/run_tests.sh"] ] })); return queue.submit(); } /*****************************************************************************/ async function scheduleLinux(name, base, args = "") { // Build base definition. let build_base = merge({ command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/build_gyp.sh " + args ], artifacts: { public: { expires: 24 * 7, type: "directory", path: "/home/worker/artifacts" } }, kind: "build", symbol: "B" }, base); // The task that builds NSPR+NSS. let task_build = queue.scheduleTask(merge(build_base, {name})); // Make builds run FIPS tests, which need an extra FIPS build. if (base.collection == "make") { let extra_build = queue.scheduleTask(merge(build_base, { env: { NSS_FORCE_FIPS: "1" }, group: "FIPS", name: `${name} w/ NSS_FORCE_FIPS` })); // The task that generates certificates. let task_cert = queue.scheduleTask(merge(build_base, { name: "Certificates", command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/gen_certs.sh" ], parent: extra_build, symbol: "Certs-F", group: "FIPS", })); // Schedule FIPS tests. queue.scheduleTask(merge(base, { parent: task_cert, name: "FIPS", command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/run_tests.sh" ], cycle: "standard", kind: "test", name: "FIPS tests", symbol: "Tests-F", tests: "fips", group: "FIPS" })); } // The task that generates certificates. let task_cert = queue.scheduleTask(merge(build_base, { name: "Certificates", command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/gen_certs.sh" ], parent: task_build, symbol: "Certs" })); // Schedule tests. scheduleTests(task_build, task_cert, merge(base, { command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/run_tests.sh" ] })); // Extra builds. let extra_base = merge({group: "Builds"}, build_base); queue.scheduleTask(merge(extra_base, { name: `${name} w/ clang-4.0`, env: { CC: "clang", CCC: "clang++", }, symbol: "clang-4.0" })); queue.scheduleTask(merge(extra_base, { name: `${name} w/ gcc-4.4`, image: LINUX_GCC44_IMAGE, env: { USE_64: "1", CC: "gcc-4.4", CCC: "g++-4.4", // gcc-4.6 introduced nullptr. NSS_DISABLE_GTESTS: "1", }, // Use the old Makefile-based build system, GYP doesn't have a proper GCC // version check for __int128 support. It's mainly meant to cover RHEL6. command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/build.sh", ], symbol: "gcc-4.4" })); queue.scheduleTask(merge(extra_base, { name: `${name} w/ gcc-4.8`, env: { CC: "gcc-4.8", CCC: "g++-4.8" }, symbol: "gcc-4.8" })); queue.scheduleTask(merge(extra_base, { name: `${name} w/ gcc-6.1`, env: { CC: "gcc-6", CCC: "g++-6" }, symbol: "gcc-6.1" })); queue.scheduleTask(merge(extra_base, { name: `${name} w/ modular builds`, env: {NSS_BUILD_MODULAR: "1"}, command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/build.sh", ], symbol: "modular" })); await scheduleTestBuilds(merge(base, {group: "Test"}), args); return queue.submit(); } /*****************************************************************************/ function scheduleFuzzingRun(base, name, target, max_len, symbol = null, corpus = null) { const MAX_FUZZ_TIME = 300; queue.scheduleTask(merge(base, { name, command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/fuzz.sh " + `${target} nss/fuzz/corpus/${corpus || target} ` + `-max_total_time=${MAX_FUZZ_TIME} ` + `-max_len=${max_len}` ], symbol: symbol || name })); } async function scheduleFuzzing() { let base = { env: { ASAN_OPTIONS: "allocator_may_return_null=1:detect_stack_use_after_return=1", UBSAN_OPTIONS: "print_stacktrace=1", NSS_DISABLE_ARENA_FREE_LIST: "1", NSS_DISABLE_UNLOAD: "1", CC: "clang", CCC: "clang++" }, features: ["allowPtrace"], platform: "linux64", collection: "fuzz", image: FUZZ_IMAGE }; // Build base definition. let build_base = merge({ command: [ "/bin/bash", "-c", "bin/checkout.sh && " + "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --fuzz" ], artifacts: { public: { expires: 24 * 7, type: "directory", path: "/home/worker/artifacts" } }, kind: "build", symbol: "B" }, base); // The task that builds NSPR+NSS. let task_build = queue.scheduleTask(merge(build_base, { name: "Linux x64 (debug, fuzz)" })); // The task that builds NSPR+NSS (TLS fuzzing mode). let task_build_tls = queue.scheduleTask(merge(build_base, { name: "Linux x64 (debug, TLS fuzz)", symbol: "B", group: "TLS", command: [ "/bin/bash", "-c", "bin/checkout.sh && " + "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --fuzz=tls" ], })); // Schedule tests. queue.scheduleTask(merge(base, { parent: task_build_tls, name: "Gtests", command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/run_tests.sh" ], env: {GTESTFILTER: "*Fuzz*"}, tests: "ssl_gtests gtests", cycle: "standard", symbol: "Gtest", kind: "test" })); // Schedule fuzzing runs. let run_base = merge(base, {parent: task_build, kind: "test"}); scheduleFuzzingRun(run_base, "CertDN", "certDN", 4096); scheduleFuzzingRun(run_base, "QuickDER", "quickder", 10000); // Schedule MPI fuzzing runs. let mpi_base = merge(run_base, {group: "MPI"}); let mpi_names = ["add", "addmod", "div", "mod", "mulmod", "sqr", "sqrmod", "sub", "submod"]; for (let name of mpi_names) { scheduleFuzzingRun(mpi_base, `MPI (${name})`, `mpi-${name}`, 4096, name); } scheduleFuzzingRun(mpi_base, `MPI (invmod)`, `mpi-invmod`, 256, "invmod"); scheduleFuzzingRun(mpi_base, `MPI (expmod)`, `mpi-expmod`, 2048, "expmod"); // Schedule TLS fuzzing runs (non-fuzzing mode). let tls_base = merge(run_base, {group: "TLS"}); scheduleFuzzingRun(tls_base, "TLS Client", "tls-client", 20000, "client-nfm", "tls-client-no_fuzzer_mode"); scheduleFuzzingRun(tls_base, "TLS Server", "tls-server", 20000, "server-nfm", "tls-server-no_fuzzer_mode"); scheduleFuzzingRun(tls_base, "DTLS Client", "dtls-client", 20000, "dtls-client-nfm", "dtls-client-no_fuzzer_mode"); scheduleFuzzingRun(tls_base, "DTLS Server", "dtls-server", 20000, "dtls-server-nfm", "dtls-server-no_fuzzer_mode"); // Schedule TLS fuzzing runs (fuzzing mode). let tls_fm_base = merge(tls_base, {parent: task_build_tls}); scheduleFuzzingRun(tls_fm_base, "TLS Client", "tls-client", 20000, "client"); scheduleFuzzingRun(tls_fm_base, "TLS Server", "tls-server", 20000, "server"); scheduleFuzzingRun(tls_fm_base, "DTLS Client", "dtls-client", 20000, "dtls-client"); scheduleFuzzingRun(tls_fm_base, "DTLS Server", "dtls-server", 20000, "dtls-server"); return queue.submit(); } async function scheduleFuzzing32() { let base = { env: { ASAN_OPTIONS: "allocator_may_return_null=1:detect_stack_use_after_return=1", UBSAN_OPTIONS: "print_stacktrace=1", NSS_DISABLE_ARENA_FREE_LIST: "1", NSS_DISABLE_UNLOAD: "1", CC: "clang", CCC: "clang++" }, features: ["allowPtrace"], platform: "linux32", collection: "fuzz", image: FUZZ_IMAGE }; // Build base definition. let build_base = merge({ command: [ "/bin/bash", "-c", "bin/checkout.sh && " + "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --fuzz -m32" ], artifacts: { public: { expires: 24 * 7, type: "directory", path: "/home/worker/artifacts" } }, kind: "build", symbol: "B" }, base); // The task that builds NSPR+NSS. let task_build = queue.scheduleTask(merge(build_base, { name: "Linux 32 (debug, fuzz)" })); // The task that builds NSPR+NSS (TLS fuzzing mode). let task_build_tls = queue.scheduleTask(merge(build_base, { name: "Linux 32 (debug, TLS fuzz)", symbol: "B", group: "TLS", command: [ "/bin/bash", "-c", "bin/checkout.sh && " + "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --fuzz=tls -m32" ], })); // Schedule tests. queue.scheduleTask(merge(base, { parent: task_build_tls, name: "Gtests", command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/run_tests.sh" ], env: {GTESTFILTER: "*Fuzz*"}, tests: "ssl_gtests gtests", cycle: "standard", symbol: "Gtest", kind: "test" })); // Schedule fuzzing runs. let run_base = merge(base, {parent: task_build, kind: "test"}); scheduleFuzzingRun(run_base, "CertDN", "certDN", 4096); scheduleFuzzingRun(run_base, "QuickDER", "quickder", 10000); // Schedule MPI fuzzing runs. let mpi_base = merge(run_base, {group: "MPI"}); let mpi_names = ["add", "addmod", "div", "expmod", "mod", "mulmod", "sqr", "sqrmod", "sub", "submod"]; for (let name of mpi_names) { scheduleFuzzingRun(mpi_base, `MPI (${name})`, `mpi-${name}`, 4096, name); } scheduleFuzzingRun(mpi_base, `MPI (invmod)`, `mpi-invmod`, 256, "invmod"); // Schedule TLS fuzzing runs (non-fuzzing mode). let tls_base = merge(run_base, {group: "TLS"}); scheduleFuzzingRun(tls_base, "TLS Client", "tls-client", 20000, "client-nfm", "tls-client-no_fuzzer_mode"); scheduleFuzzingRun(tls_base, "TLS Server", "tls-server", 20000, "server-nfm", "tls-server-no_fuzzer_mode"); scheduleFuzzingRun(tls_base, "DTLS Client", "dtls-client", 20000, "dtls-client-nfm", "dtls-client-no_fuzzer_mode"); scheduleFuzzingRun(tls_base, "DTLS Server", "dtls-server", 20000, "dtls-server-nfm", "dtls-server-no_fuzzer_mode"); // Schedule TLS fuzzing runs (fuzzing mode). let tls_fm_base = merge(tls_base, {parent: task_build_tls}); scheduleFuzzingRun(tls_fm_base, "TLS Client", "tls-client", 20000, "client"); scheduleFuzzingRun(tls_fm_base, "TLS Server", "tls-server", 20000, "server"); scheduleFuzzingRun(tls_fm_base, "DTLS Client", "dtls-client", 20000, "dtls-client"); scheduleFuzzingRun(tls_fm_base, "DTLS Server", "dtls-server", 20000, "dtls-server"); return queue.submit(); } /*****************************************************************************/ async function scheduleTestBuilds(base, args = "") { // Build base definition. let build = merge({ command: [ "/bin/bash", "-c", "bin/checkout.sh && " + "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --test --ct-verif " + args ], artifacts: { public: { expires: 24 * 7, type: "directory", path: "/home/worker/artifacts" } }, kind: "build", symbol: "B", name: "Linux 64 (debug, test)" }, base); // The task that builds NSPR+NSS. let task_build = queue.scheduleTask(build); // Schedule tests. queue.scheduleTask(merge(base, { parent: task_build, name: "mpi", command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/run_tests.sh" ], tests: "mpi", cycle: "standard", symbol: "mpi", kind: "test" })); queue.scheduleTask(merge(base, { parent: task_build, command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/run_tests.sh" ], name: "Gtests", symbol: "Gtest", tests: "gtests", cycle: "standard", kind: "test" })); return queue.submit(); } /*****************************************************************************/ async function scheduleWindows(name, base, build_script) { base = merge(base, { workerType: "nss-win2012r2", env: { PATH: "c:\\mozilla-build\\python;c:\\mozilla-build\\msys\\local\\bin;" + "c:\\mozilla-build\\7zip;c:\\mozilla-build\\info-zip;" + "c:\\mozilla-build\\python\\Scripts;c:\\mozilla-build\\yasm;" + "c:\\mozilla-build\\msys\\bin;c:\\Windows\\system32;" + "c:\\mozilla-build\\upx391w;c:\\mozilla-build\\moztools-x64\\bin;" + "c:\\mozilla-build\\wget", DOMSUF: "localdomain", HOST: "localhost", } }); // Build base definition. let build_base = merge(base, { command: [ WINDOWS_CHECKOUT_CMD, `bash -c 'nss/automation/taskcluster/windows/${build_script}'` ], artifacts: [{ expires: 24 * 7, type: "directory", path: "public\\build" }], kind: "build", symbol: "B" }); // Make builds run FIPS tests, which need an extra FIPS build. if (base.collection == "make") { let extra_build = queue.scheduleTask(merge(build_base, { env: { NSS_FORCE_FIPS: "1" }, group: "FIPS", name: `${name} w/ NSS_FORCE_FIPS` })); // The task that generates certificates. let task_cert = queue.scheduleTask(merge(build_base, { name: "Certificates", command: [ WINDOWS_CHECKOUT_CMD, "bash -c nss/automation/taskcluster/windows/gen_certs.sh" ], parent: extra_build, symbol: "Certs-F", group: "FIPS", })); // Schedule FIPS tests. queue.scheduleTask(merge(base, { parent: task_cert, name: "FIPS", command: [ WINDOWS_CHECKOUT_CMD, "bash -c nss/automation/taskcluster/windows/run_tests.sh" ], cycle: "standard", kind: "test", name: "FIPS tests", symbol: "Tests-F", tests: "fips", group: "FIPS" })); } // The task that builds NSPR+NSS. let task_build = queue.scheduleTask(merge(build_base, {name})); // The task that generates certificates. let task_cert = queue.scheduleTask(merge(build_base, { name: "Certificates", command: [ WINDOWS_CHECKOUT_CMD, "bash -c nss/automation/taskcluster/windows/gen_certs.sh" ], parent: task_build, symbol: "Certs" })); // Schedule tests. scheduleTests(task_build, task_cert, merge(base, { command: [ WINDOWS_CHECKOUT_CMD, "bash -c nss/automation/taskcluster/windows/run_tests.sh" ] })); return queue.submit(); } /*****************************************************************************/ function scheduleTests(task_build, task_cert, test_base) { test_base = merge({kind: "test"}, test_base); // Schedule tests that do NOT need certificates. let no_cert_base = merge(test_base, {parent: task_build}); queue.scheduleTask(merge(no_cert_base, { name: "Gtests", symbol: "Gtest", tests: "ssl_gtests gtests", cycle: "standard" })); queue.scheduleTask(merge(no_cert_base, { name: "Bogo tests", symbol: "Bogo", tests: "bogo", cycle: "standard" })); queue.scheduleTask(merge(no_cert_base, { name: "Interop tests", symbol: "Interop", tests: "interop", cycle: "standard" })); queue.scheduleTask(merge(no_cert_base, { name: "Chains tests", symbol: "Chains", tests: "chains" })); queue.scheduleTask(merge(no_cert_base, { name: "Cipher tests", symbol: "Default", tests: "cipher", group: "Cipher" })); queue.scheduleTask(merge(no_cert_base, { name: "Cipher tests", symbol: "NoAESNI", tests: "cipher", env: {NSS_DISABLE_HW_AES: "1"}, group: "Cipher" })); queue.scheduleTask(merge(no_cert_base, { name: "Cipher tests", symbol: "NoPCLMUL", tests: "cipher", env: {NSS_DISABLE_PCLMUL: "1"}, group: "Cipher" })); queue.scheduleTask(merge(no_cert_base, { name: "Cipher tests", symbol: "NoAVX", tests: "cipher", env: {NSS_DISABLE_AVX: "1"}, group: "Cipher" })); queue.scheduleTask(merge(no_cert_base, { name: "EC tests", symbol: "EC", tests: "ec" })); queue.scheduleTask(merge(no_cert_base, { name: "Lowhash tests", symbol: "Lowhash", tests: "lowhash" })); queue.scheduleTask(merge(no_cert_base, { name: "SDR tests", symbol: "SDR", tests: "sdr" })); // Schedule tests that need certificates. let cert_base = merge(test_base, {parent: task_cert}); queue.scheduleTask(merge(cert_base, { name: "CRMF tests", symbol: "CRMF", tests: "crmf" })); queue.scheduleTask(merge(cert_base, { name: "DB tests", symbol: "DB", tests: "dbtests" })); queue.scheduleTask(merge(cert_base, { name: "Merge tests", symbol: "Merge", tests: "merge" })); queue.scheduleTask(merge(cert_base, { name: "S/MIME tests", symbol: "SMIME", tests: "smime" })); queue.scheduleTask(merge(cert_base, { name: "Tools tests", symbol: "Tools", tests: "tools" })); // SSL tests, need certificates too. let ssl_base = merge(cert_base, {tests: "ssl", group: "SSL"}); queue.scheduleTask(merge(ssl_base, { name: "SSL tests (standard)", symbol: "standard", cycle: "standard" })); queue.scheduleTask(merge(ssl_base, { name: "SSL tests (pkix)", symbol: "pkix", cycle: "pkix" })); queue.scheduleTask(merge(ssl_base, { name: "SSL tests (sharedb)", symbol: "sharedb", cycle: "sharedb" })); queue.scheduleTask(merge(ssl_base, { name: "SSL tests (upgradedb)", symbol: "upgradedb", cycle: "upgradedb" })); } /*****************************************************************************/ async function scheduleTools() { let base = { platform: "nss-tools", kind: "test" }; queue.scheduleTask(merge(base, { symbol: "clang-format-3.9", name: "clang-format-3.9", image: LINUX_CLANG39_IMAGE, command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/clang-format/run_clang_format.sh" ] })); queue.scheduleTask(merge(base, { symbol: "scan-build-4.0", name: "scan-build-4.0", image: LINUX_IMAGE, env: { USE_64: "1", CC: "clang", CCC: "clang++", }, artifacts: { public: { expires: 24 * 7, type: "directory", path: "/home/worker/artifacts" } }, command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/run_scan_build.sh" ] })); queue.scheduleTask(merge(base, { symbol: "hacl", name: "hacl", image: HACL_GEN_IMAGE, command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/run_hacl.sh" ] })); return queue.submit(); } nss-3.35/nss/automation/taskcluster/graph/src/image_builder.js0000644000000000000000000000353313230126417022745 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ import * as queue from "./queue"; import context_hash from "./context_hash"; import taskcluster from "taskcluster-client"; async function taskHasImageArtifact(taskId) { let queue = new taskcluster.Queue(); let {artifacts} = await queue.listLatestArtifacts(taskId); return artifacts.some(artifact => artifact.name == "public/image.tar"); } async function findTaskWithImageArtifact(ns) { let index = new taskcluster.Index(); let {taskId} = await index.findTask(ns); let has_image = await taskHasImageArtifact(taskId); return has_image ? taskId : null; } export async function findTask({name, path}) { let hash = await context_hash(path); let ns = `docker.images.v1.${process.env.TC_PROJECT}.${name}.hash.${hash}`; return findTaskWithImageArtifact(ns).catch(() => null); } export async function buildTask({name, path}) { let hash = await context_hash(path); let ns = `docker.images.v1.${process.env.TC_PROJECT}.${name}.hash.${hash}`; return { name: "Image Builder", image: "nssdev/image_builder:0.1.5", routes: ["index." + ns], env: { NSS_HEAD_REPOSITORY: process.env.NSS_HEAD_REPOSITORY, NSS_HEAD_REVISION: process.env.NSS_HEAD_REVISION, PROJECT: process.env.TC_PROJECT, CONTEXT_PATH: path, HASH: hash }, artifacts: { "public/image.tar": { type: "file", expires: 24 * 90, path: "/artifacts/image.tar" } }, command: [ "/bin/bash", "-c", "bin/checkout.sh && nss/automation/taskcluster/scripts/build_image.sh" ], platform: "nss-decision", features: ["dind"], maxRunTime: 7200, kind: "build", symbol: "I" }; } nss-3.35/nss/automation/taskcluster/graph/src/index.js0000644000000000000000000000066713230126417021271 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ import * as try_syntax from "./try_syntax"; import extend from "./extend"; // Init try syntax filter. if (process.env.TC_PROJECT == "nss-try") { try_syntax.initFilter(); } // Extend the task graph. extend().catch(console.error); nss-3.35/nss/automation/taskcluster/graph/src/merge.js0000644000000000000000000000053213230126417021250 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ import {recursive as merge} from "merge"; // We always want to clone. export default function (...args) { return merge(true, ...args); } nss-3.35/nss/automation/taskcluster/graph/src/queue.js0000644000000000000000000001340513230126417021300 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ import {clone} from "merge"; import merge from "./merge"; import slugid from "slugid"; import taskcluster from "taskcluster-client"; import * as image_builder from "./image_builder"; let maps = []; let filters = []; let tasks = new Map(); let image_tasks = new Map(); let queue = new taskcluster.Queue({ baseUrl: "http://taskcluster/queue/v1" }); function fromNow(hours) { let d = new Date(); d.setHours(d.getHours() + (hours|0)); return d.toJSON(); } function parseRoutes(routes) { let rv = [ `tc-treeherder.v2.${process.env.TC_PROJECT}.${process.env.NSS_HEAD_REVISION}.${process.env.NSS_PUSHLOG_ID}`, ...routes ]; // Notify about failures (except on try). if (process.env.TC_PROJECT != "nss-try") { rv.push(`notify.email.${process.env.TC_OWNER}.on-failed`, `notify.email.${process.env.TC_OWNER}.on-exception`); } return rv; } function parseFeatures(list) { return list.reduce((map, feature) => { map[feature] = true; return map; }, {}); } function parseArtifacts(artifacts) { let copy = clone(artifacts); Object.keys(copy).forEach(key => { copy[key].expires = fromNow(copy[key].expires); }); return copy; } function parseCollection(name) { let collection = {}; collection[name] = true; return collection; } function parseTreeherder(def) { let treeherder = { build: { platform: def.platform }, machine: { platform: def.platform }, symbol: def.symbol, jobKind: def.kind }; if (def.group) { treeherder.groupSymbol = def.group; } if (def.collection) { treeherder.collection = parseCollection(def.collection); } if (def.tier) { treeherder.tier = def.tier; } return treeherder; } function convertTask(def) { let scopes = []; let dependencies = []; let env = merge({ NSS_HEAD_REPOSITORY: process.env.NSS_HEAD_REPOSITORY, NSS_HEAD_REVISION: process.env.NSS_HEAD_REVISION }, def.env || {}); if (def.parent) { dependencies.push(def.parent); env.TC_PARENT_TASK_ID = def.parent; } if (def.tests) { env.NSS_TESTS = def.tests; } if (def.cycle) { env.NSS_CYCLES = def.cycle; } let payload = { env, command: def.command, maxRunTime: def.maxRunTime || 3600 }; if (def.image) { payload.image = def.image; } if (def.artifacts) { payload.artifacts = parseArtifacts(def.artifacts); } if (def.features) { payload.features = parseFeatures(def.features); if (payload.features.allowPtrace) { scopes.push("docker-worker:feature:allowPtrace"); } } return { provisionerId: def.provisioner || "aws-provisioner-v1", workerType: def.workerType || "hg-worker", schedulerId: "task-graph-scheduler", scopes, created: fromNow(0), deadline: fromNow(24), dependencies, routes: parseRoutes(def.routes || []), metadata: { name: def.name, description: def.name, owner: process.env.TC_OWNER, source: process.env.TC_SOURCE }, payload, extra: { treeherder: parseTreeherder(def) } }; } export function map(fun) { maps.push(fun); } export function filter(fun) { filters.push(fun); } export function scheduleTask(def) { let taskId = slugid.v4(); tasks.set(taskId, merge({}, def)); return taskId; } export async function submit() { let promises = new Map(); for (let [taskId, task] of tasks) { // Allow filtering tasks before we schedule them. if (!filters.every(filter => filter(task))) { continue; } // Allow changing tasks before we schedule them. maps.forEach(map => { task = map(merge({}, task)) }); let log_id = `${task.name} @ ${task.platform}[${task.collection || "opt"}]`; console.log(`+ Submitting ${log_id}.`); let parent = task.parent; // Convert the task definition. task = await convertTask(task); // Convert the docker image definition. let image_def = task.payload.image; if (image_def && image_def.hasOwnProperty("path")) { let key = `${image_def.name}:${image_def.path}`; let data = {}; // Check the cache first. if (image_tasks.has(key)) { data = image_tasks.get(key); } else { data.taskId = await image_builder.findTask(image_def); data.isPending = !data.taskId; // No task found. if (data.isPending) { let image_task = await image_builder.buildTask(image_def); // Schedule a new image builder task immediately. data.taskId = slugid.v4(); try { await queue.createTask(data.taskId, convertTask(image_task)); } catch (e) { console.error("! FAIL: Scheduling image builder task failed."); continue; /* Skip this task on failure. */ } } // Store in cache. image_tasks.set(key, data); } if (data.isPending) { task.dependencies.push(data.taskId); } task.payload.image = { path: "public/image.tar", taskId: data.taskId, type: "task-image" }; } // Wait for the parent task to be created before scheduling dependants. let predecessor = parent ? promises.get(parent) : Promise.resolve(); promises.set(taskId, predecessor.then(() => { // Schedule the task. return queue.createTask(taskId, task).catch(err => { console.error(`! FAIL: Scheduling ${log_id} failed.`, err); }); })); } // Wait for all requests to finish. if (promises.length) { await Promise.all([...promises.values()]); console.log("=== Total:", promises.length, "tasks. ==="); } tasks.clear(); } nss-3.35/nss/automation/taskcluster/graph/src/try_syntax.js0000644000000000000000000001203313230126417022374 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ import * as queue from "./queue"; import intersect from "intersect"; import parse_args from "minimist"; function parseOptions(opts) { opts = parse_args(opts.split(/\s+/), { default: {build: "do", platform: "all", unittests: "none", tools: "none"}, alias: {b: "build", p: "platform", u: "unittests", t: "tools", e: "extra-builds"}, string: ["build", "platform", "unittests", "tools", "extra-builds"] }); // Parse build types (d=debug, o=opt). let builds = intersect(opts.build.split(""), ["d", "o"]); // If the given value is nonsense default to debug and opt builds. if (builds.length == 0) { builds = ["d", "o"]; } // Parse platforms. let allPlatforms = ["linux", "linux64", "linux64-asan", "linux64-fips", "win", "win64", "win-make", "win64-make", "linux64-make", "linux-make", "linux-fuzz", "linux64-fuzz", "aarch64", "mac"]; let platforms = intersect(opts.platform.split(/\s*,\s*/), allPlatforms); // If the given value is nonsense or "none" default to all platforms. if (platforms.length == 0 && opts.platform != "none") { platforms = allPlatforms; } // Parse unit tests. let aliases = {"gtests": "gtest"}; let allUnitTests = ["bogo", "crmf", "chains", "cipher", "db", "ec", "fips", "gtest", "interop", "lowhash", "merge", "sdr", "smime", "tools", "ssl", "mpi", "scert", "spki"]; let unittests = intersect(opts.unittests.split(/\s*,\s*/).map(t => { return aliases[t] || t; }), allUnitTests); // If the given value is "all" run all tests. // If it's nonsense then don't run any tests. if (opts.unittests == "all") { unittests = allUnitTests; } else if (unittests.length == 0) { unittests = []; } // Parse tools. let allTools = ["clang-format", "scan-build", "hacl"]; let tools = intersect(opts.tools.split(/\s*,\s*/), allTools); // If the given value is "all" run all tools. // If it's nonsense then don't run any tools. if (opts.tools == "all") { tools = allTools; } else if (tools.length == 0) { tools = []; } return { builds: builds, platforms: platforms, unittests: unittests, extra: (opts.e == "all"), tools: tools }; } function filter(opts) { return function (task) { // Filter tools. We can immediately return here as those // are not affected by platform or build type selectors. if (task.platform == "nss-tools") { return opts.tools.some(tool => { return task.symbol.toLowerCase().startsWith(tool); }); } // Filter unit tests. if (task.tests) { let found = opts.unittests.some(test => { if (task.group && task.group.toLowerCase() == "ssl" && test == "ssl") { return true; } if (task.group && task.group.toLowerCase() == "cipher" && test == "cipher") { return true; } return task.symbol.toLowerCase().startsWith(test); }); if (!found) { return false; } } // Filter extra builds. if (task.group == "Builds" && !opts.extra) { return false; } let coll = name => name == (task.collection || "opt"); // Filter by platform. let found = opts.platforms.some(platform => { let aliases = { "linux": "linux32", "linux-fuzz": "linux32", "linux64-asan": "linux64", "linux64-fips": "linux64", "linux64-fuzz": "linux64", "linux64-make": "linux64", "linux-make": "linux32", "win64-make": "windows2012-64", "win-make": "windows2012-32", "win64": "windows2012-64", "win": "windows2012-32" }; // Check the platform name. let keep = (task.platform == (aliases[platform] || platform)); // Additional checks. if (platform == "linux64-asan") { keep &= coll("asan"); } else if (platform == "linux64-fips") { keep &= coll("fips"); } else if (platform == "linux64-make" || platform == "linux-make" || platform == "win64-make" || platform == "win-make") { keep &= coll("make"); } else if (platform == "linux64-fuzz" || platform == "linux-fuzz") { keep &= coll("fuzz"); } else { keep &= coll("opt") || coll("debug"); } return keep; }); if (!found) { return false; } // Finally, filter by build type. let isDebug = coll("debug") || coll("asan") || coll("make") || coll("fuzz"); return (isDebug && opts.builds.includes("d")) || (!isDebug && opts.builds.includes("o")); } } export function initFilter() { let comment = process.env.TC_COMMENT || ""; // Check for try syntax in changeset comment. let match = comment.match(/^\s*try:\s*(.*)\s*$/); // Add try syntax filter. if (match) { queue.filter(filter(parseOptions(match[1]))); } } nss-3.35/nss/automation/taskcluster/image_builder/Dockerfile0000644000000000000000000000153613230126417022512 0ustar 00000000000000FROM ubuntu:16.04 MAINTAINER Tim Taubert WORKDIR /home/worker ENV DEBIAN_FRONTEND noninteractive RUN apt-get update && apt-get install -y apt-transport-https apt-utils RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 && \ sh -c "echo deb https://get.docker.io/ubuntu docker main \ > /etc/apt/sources.list.d/docker.list" RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE && \ sh -c "echo deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main \ > /etc/apt/sources.list.d/mercurial.list" RUN apt-get update && apt-get install -y \ lxc-docker-1.6.1 \ mercurial ADD bin /home/worker/bin RUN chmod +x /home/worker/bin/* # Set a default command useful for debugging CMD ["/bin/bash", "--login"] nss-3.35/nss/automation/taskcluster/image_builder/VERSION0000644000000000000000000000000613230126417021557 0ustar 000000000000000.1.5 nss-3.35/nss/automation/taskcluster/image_builder/bin/checkout.sh0000644000000000000000000000045413230126417023427 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Default values for testing. REVISION=${NSS_HEAD_REVISION:-default} REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} # Clone NSS. for i in 0 2 5; do sleep $i hg clone -r $REVISION $REPOSITORY nss && exit 0 rm -rf nss done exit 1 nss-3.35/nss/automation/taskcluster/scripts/build.sh0000755000000000000000000000073213230126417021052 0ustar 00000000000000#!/usr/bin/env bash source $(dirname "$0")/tools.sh if [ -n "$NSS_BUILD_MODULAR" ]; then $(dirname "$0")/build_nspr.sh || exit $? $(dirname "$0")/build_util.sh || exit $? $(dirname "$0")/build_softoken.sh || exit $? $(dirname "$0")/build_nss.sh || exit $? exit fi # Clone NSPR if needed. hg_clone https://hg.mozilla.org/projects/nspr ./nspr default # Build. make -C nss nss_build_all # Package. mkdir artifacts tar cvfjh artifacts/dist.tar.bz2 dist nss-3.35/nss/automation/taskcluster/scripts/build_gyp.sh0000755000000000000000000000052513230126417021731 0ustar 00000000000000#!/usr/bin/env bash source $(dirname "$0")/tools.sh # Clone NSPR if needed. hg_clone https://hg.mozilla.org/projects/nspr ./nspr default # Build. nss/build.sh -g -v "$@" # Package. if [[ $(uname) = "Darwin" ]]; then mkdir -p public tar cvfjh public/dist.tar.bz2 dist else mkdir artifacts tar cvfjh artifacts/dist.tar.bz2 dist fi nss-3.35/nss/automation/taskcluster/scripts/build_image.sh0000755000000000000000000000133213230126417022211 0ustar 00000000000000#!/bin/bash -vex set -x -e -v # Prefix errors with taskcluster error prefix so that they are parsed by Treeherder raise_error() { echo echo "[taskcluster-image-build:error] $1" exit 1 } # Ensure that the PROJECT is specified so the image can be indexed test -n "$PROJECT" || raise_error "Project must be provided." test -n "$HASH" || raise_error "Context Hash must be provided." CONTEXT_PATH=/home/worker/nss/$CONTEXT_PATH test -d $CONTEXT_PATH || raise_error "Context Path $CONTEXT_PATH does not exist." test -f "$CONTEXT_PATH/Dockerfile" || raise_error "Dockerfile must be present in $CONTEXT_PATH." docker build -t $PROJECT:$HASH $CONTEXT_PATH mkdir /artifacts docker save $PROJECT:$HASH > /artifacts/image.tar nss-3.35/nss/automation/taskcluster/scripts/build_nspr.sh0000755000000000000000000000050613230126417022113 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x source $(dirname $0)/tools.sh # Clone NSPR if needed. hg_clone https://hg.mozilla.org/projects/nspr nspr default # Build. rm -rf dist make -C nss build_nspr # Package. test -d artifacts || mkdir artifacts rm -rf dist-nspr mv dist dist-nspr tar cvfjh artifacts/dist-nspr.tar.bz2 dist-nspr nss-3.35/nss/automation/taskcluster/scripts/build_nss.sh0000755000000000000000000000207613230126417021740 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x source $(dirname $0)/tools.sh source $(dirname $0)/split.sh test -d dist-softoken || { echo "run build_softoken.sh first" 1>&2; exit 1; } rm -rf nss-nss split_nss nss nss-nss # Build. export NSS_BUILD_WITHOUT_SOFTOKEN=1 export NSS_USE_SYSTEM_FREEBL=1 platform=`make -s -C nss platform` export NSPR_LIB_DIR="$PWD/dist-nspr/$platform/lib" export NSSUTIL_LIB_DIR="$PWD/dist-util/$platform/lib" export FREEBL_LIB_DIR="$PWD/dist-softoken/$platform/lib" export SOFTOKEN_LIB_DIR="$PWD/dist-softoken/$platform/lib" export FREEBL_LIBS=-lfreebl export NSS_NO_PKCS11_BYPASS=1 export FREEBL_NO_DEPEND=1 export LIBRARY_PATH="$PWD/dist-nspr/$platform/lib:$PWD/dist-util/$platform/lib:$PWD/dist-softoken/$platform/lib" export LD_LIBRARY_PATH="$LIBRARY_PATH:$LD_LIBRARY_PATH" export INCLUDES="-I$PWD/dist-nspr/$platform/include -I$PWD/dist-util/public/nss -I$PWD/dist-softoken/public/nss" rm -rf dist make -C nss-nss nss_build_all # Package. test -d artifacts || mkdir artifacts rm -rf dist-nss mv dist dist-nss tar cvfjh artifacts/dist-nss.tar.bz2 dist-nss nss-3.35/nss/automation/taskcluster/scripts/build_softoken.sh0000755000000000000000000000144113230126417022760 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x source $(dirname $0)/tools.sh source $(dirname $0)/split.sh test -d dist-util || { echo "run build_util.sh first" 1>&2; exit 1; } rm -rf nss-softoken split_softoken nss nss-softoken # Build. platform=`make -s -C nss platform` export LIBRARY_PATH="$PWD/dist-nspr/$platform/lib:$PWD/dist-util/$platform/lib" export LD_LIBRARY_PATH="$LIBRARY_PATH:$LD_LIBRARY_PATH" export INCLUDES="-I$PWD/dist-nspr/$platform/include -I$PWD/dist-util/public/nss" export NSS_BUILD_SOFTOKEN_ONLY=1 rm -rf dist make -C nss-softoken nss_build_all mv dist/private/nss/blapi.h dist/public/nss mv dist/private/nss/alghmac.h dist/public/nss # Package. test -d artifacts || mkdir artifacts rm -rf dist-softoken mv dist dist-softoken tar cvfjh artifacts/dist-softoken.tar.bz2 dist-softoken nss-3.35/nss/automation/taskcluster/scripts/build_util.sh0000755000000000000000000000104213230126417022102 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x source $(dirname $0)/tools.sh source $(dirname $0)/split.sh rm -rf nss-util split_util nss nss-util # Build. platform=`make -s -C nss platform` export LIBRARY_PATH="$PWD/dist-nspr/$platform/lib" export LD_LIBRARY_PATH="$LIBRARY_PATH:$LD_LIBRARY_PATH" export INCLUDES="-I$PWD/dist-nspr/$platform/include" export NSS_BUILD_UTIL_ONLY=1 rm -rf dist make -C nss-util nss_build_all # Package. test -d artifacts || mkdir artifacts rm -rf dist-util mv dist dist-util tar cvfjh artifacts/dist-util.tar.bz2 dist-util nss-3.35/nss/automation/taskcluster/scripts/extend_task_graph.sh0000755000000000000000000000032713230126417023445 0ustar 00000000000000#!/usr/bin/env bash source $(dirname "$0")/tools.sh mkdir -p /home/worker/artifacts # Install Node.JS dependencies. cd nss/automation/taskcluster/graph/ && npm install # Extend the task graph. node lib/index.js nss-3.35/nss/automation/taskcluster/scripts/fuzz.sh0000755000000000000000000000100713230126417020745 0ustar 00000000000000#!/usr/bin/env bash source $(dirname "$0")/tools.sh type="$1" shift # Fetch artifact if needed. fetch_dist # Clone corpus. ./nss/fuzz/config/clone_corpus.sh # Ensure we have a corpus. if [ ! -d "nss/fuzz/corpus/$type" ]; then mkdir -p nss/fuzz/corpus/$type set +x # Create a corpus out of what we have. for f in $(find nss/fuzz/corpus -type f); do cp $f "nss/fuzz/corpus/$type" done set -x fi # Fetch objdir name. objdir=$(cat dist/latest) # Run nssfuzz. dist/$objdir/bin/nssfuzz-"$type" "$@" nss-3.35/nss/automation/taskcluster/scripts/gen_certs.sh0000755000000000000000000000076413230126417021731 0ustar 00000000000000#!/usr/bin/env bash source $(dirname "$0")/tools.sh # Fetch artifact if needed. fetch_dist # Generate certificates. NSS_TESTS=cert NSS_CYCLES="standard pkix sharedb" $(dirname $0)/run_tests.sh # Reset test counter so that test runs pick up our certificates. echo 1 > tests_results/security/localhost # Package. if [[ $(uname) = "Darwin" ]]; then mkdir -p public tar cvfjh public/dist.tar.bz2 dist tests_results else mkdir artifacts tar cvfjh artifacts/dist.tar.bz2 dist tests_results fi nss-3.35/nss/automation/taskcluster/scripts/run_hacl.sh0000755000000000000000000000233313230126417021545 0ustar 00000000000000#!/usr/bin/env bash if [[ $(id -u) -eq 0 ]]; then # Drop privileges by re-running this script. # Note: this mangles arguments, better to avoid running scripts as root. exec su worker -c "$0 $*" fi set -e -x -v # The docker image this is running in has the HACL* and NSS sources. # The extracted C code from HACL* is already generated and the HACL* tests were # successfully executed. # Verify Poly1305 (doesn't work in docker image build) make verify -C ~/hacl-star/code/poly1305 -j$(nproc) # Add license header to specs spec_files=($(find ~/hacl-star/specs -type f -name '*.fst')) for f in "${spec_files[@]}"; do cat /tmp/license.txt "$f" > /tmp/tmpfile && mv /tmp/tmpfile "$f" done # Format the extracted C code. cd ~/hacl-star/snapshots/nss cp ~/nss/.clang-format . find . -type f -name '*.[ch]' -exec clang-format -i {} \+ # These diff commands will return 1 if there are differences and stop the script. files=($(find ~/nss/lib/freebl/verified/ -type f -name '*.[ch]')) for f in "${files[@]}"; do diff $f $(basename "$f") done # Check that the specs didn't change either. cd ~/hacl-star/specs files=($(find ~/nss/lib/freebl/verified/specs -type f)) for f in "${files[@]}"; do diff $f $(basename "$f") done nss-3.35/nss/automation/taskcluster/scripts/run_scan_build.sh0000755000000000000000000000244113230126417022741 0ustar 00000000000000#!/usr/bin/env bash source $(dirname "$0")/tools.sh # Clone NSPR if needed. if [ ! -d "nspr" ]; then hg_clone https://hg.mozilla.org/projects/nspr ./nspr default fi # Build. cd nss make nss_build_all # What we want to scan. # key: directory to scan # value: number of errors expected in that directory declare -A scan=( \ [lib/base]=0 \ [lib/certdb]=0 \ [lib/certhigh]=0 \ [lib/ckfw]=0 \ [lib/crmf]=0 \ [lib/cryptohi]=0 \ [lib/dev]=0 \ [lib/freebl]=0 \ [lib/nss]=0 \ [lib/ssl]=0 \ [lib/util]=0 \ ) # remove .OBJ directories to force a rebuild of just the select few for i in "${!scan[@]}"; do find "$i" -name "*.OBJ" -exec rm -rf {} \+ done # run scan-build (only building affected directories) scan-build -o /home/worker/artifacts --use-cc=$CC --use-c++=$CCC make nss_build_all && cd .. # print errors we found set +v +x STATUS=0 for i in "${!scan[@]}"; do n=$(grep -Rn "$i" /home/worker/artifacts/*/report-*.html | wc -l) if [ $n -ne ${scan[$i]} ]; then STATUS=1 echo "$(date '+%T') WARNING - TEST-UNEXPECTED-FAIL: $i contains $n scan-build errors" elif [ $n -ne 0 ]; then echo "$(date '+%T') WARNING - TEST-EXPECTED-FAIL: $i contains $n scan-build errors" fi done exit $STATUS nss-3.35/nss/automation/taskcluster/scripts/run_tests.sh0000755000000000000000000000020413230126417021773 0ustar 00000000000000#!/usr/bin/env bash source $(dirname "$0")/tools.sh # Fetch artifact if needed. fetch_dist # Run tests. cd nss/tests && ./all.sh nss-3.35/nss/automation/taskcluster/scripts/split.sh0000644000000000000000000001141713230126417021105 0ustar 00000000000000copy_top() { srcdir_="$1" dstdir_="$2" files=`find "$srcdir_" -maxdepth 1 -mindepth 1 -type f` for f in $files; do cp -p "$f" "$dstdir_" done } split_util() { nssdir="$1" dstdir="$2" # Prepare a source tree only containing files to build nss-util: # # nss/dbm full directory # nss/coreconf full directory # nss top files only # nss/lib top files only # nss/lib/util full directory # Copy everything. cp -R $nssdir $dstdir # Remove subdirectories that we don't want. rm -rf $dstdir/cmd rm -rf $dstdir/lib rm -rf $dstdir/automation rm -rf $dstdir/doc # Start with an empty cmd lib directories to be filled selectively. mkdir $dstdir/cmd cp $nssdir/cmd/Makefile $dstdir/cmd cp $nssdir/cmd/manifest.mn $dstdir/cmd cp $nssdir/cmd/platlibs.mk $dstdir/cmd cp $nssdir/cmd/platrules.mk $dstdir/cmd # Copy some files at the top and the util subdirectory recursively. mkdir $dstdir/lib cp $nssdir/lib/Makefile $dstdir/lib cp $nssdir/lib/manifest.mn $dstdir/lib cp -R $nssdir/lib/util $dstdir/lib/util } split_softoken() { nssdir="$1" dstdir="$2" # Prepare a source tree only containing files to build nss-softoken: # # nss/dbm full directory # nss/coreconf full directory # nss top files only # nss/lib top files only # nss/lib/freebl full directory # nss/lib/softoken full directory # nss/lib/softoken/dbm full directory # Copy everything. cp -R $nssdir $dstdir # Skip gtests when building. sed '/^DIRS = /s/ cpputil gtests$//' $nssdir/manifest.mn > $dstdir/manifest.mn-t && mv $dstdir/manifest.mn-t $dstdir/manifest.mn # Remove subdirectories that we don't want. rm -rf $dstdir/cmd rm -rf $dstdir/tests rm -rf $dstdir/lib rm -rf $dstdir/pkg rm -rf $dstdir/automation rm -rf $dstdir/gtests rm -rf $dstdir/cpputil rm -rf $dstdir/doc # Start with an empty lib directory and copy only what we need. mkdir $dstdir/lib copy_top $nssdir/lib $dstdir/lib cp -R $nssdir/lib/dbm $dstdir/lib/dbm cp -R $nssdir/lib/freebl $dstdir/lib/freebl cp -R $nssdir/lib/softoken $dstdir/lib/softoken cp -R $nssdir/lib/sqlite $dstdir/lib/sqlite mkdir $dstdir/cmd copy_top $nssdir/cmd $dstdir/cmd cp -R $nssdir/cmd/bltest $dstdir/cmd/bltest cp -R $nssdir/cmd/ecperf $dstdir/cmd/ecperf cp -R $nssdir/cmd/fbectest $dstdir/cmd/fbectest cp -R $nssdir/cmd/fipstest $dstdir/cmd/fipstest cp -R $nssdir/cmd/lib $dstdir/cmd/lib cp -R $nssdir/cmd/lowhashtest $dstdir/cmd/lowhashtest cp -R $nssdir/cmd/shlibsign $dstdir/cmd/shlibsign mkdir $dstdir/tests copy_top $nssdir/tests $dstdir/tests cp -R $nssdir/tests/cipher $dstdir/tests/cipher cp -R $nssdir/tests/common $dstdir/tests/common cp -R $nssdir/tests/ec $dstdir/tests/ec cp -R $nssdir/tests/lowhash $dstdir/tests/lowhash cp $nssdir/lib/util/verref.h $dstdir/lib/freebl cp $nssdir/lib/util/verref.h $dstdir/lib/softoken cp $nssdir/lib/util/verref.h $dstdir/lib/softoken/legacydb } split_nss() { nssdir="$1" dstdir="$2" # Prepare a source tree only containing files to build nss: # # nss/dbm full directory # nss/coreconf full directory # nss top files only # nss/lib top files only # nss/lib/freebl full directory # nss/lib/softoken full directory # nss/lib/softoken/dbm full directory # Copy everything. cp -R $nssdir $dstdir # Remove subdirectories that we don't want. rm -rf $dstdir/lib/freebl rm -rf $dstdir/lib/softoken rm -rf $dstdir/lib/util rm -rf $dstdir/cmd/bltest rm -rf $dstdir/cmd/fipstest rm -rf $dstdir/cmd/rsaperf_low # Copy these headers until the upstream bug is accepted # Upstream https://bugzilla.mozilla.org/show_bug.cgi?id=820207 cp $nssdir/lib/softoken/lowkeyi.h $dstdir/cmd/rsaperf cp $nssdir/lib/softoken/lowkeyti.h $dstdir/cmd/rsaperf # Copy verref.h which will be needed later during the build phase. cp $nssdir/lib/util/verref.h $dstdir/lib/ckfw/builtins/verref.h cp $nssdir/lib/util/verref.h $dstdir/lib/nss/verref.h cp $nssdir/lib/util/verref.h $dstdir/lib/smime/verref.h cp $nssdir/lib/util/verref.h $dstdir/lib/ssl/verref.h cp $nssdir/lib/util/templates.c $dstdir/lib/nss/templates.c # FIXME: Skip util_gtest because it links with libnssutil.a. Note # that we can't use libnssutil3.so instead, because util_gtest # depends on internal symbols not exported from the shared library. sed '/ util_gtest \\/d' $dstdir/gtests/manifest.mn > $dstdir/gtests/manifest.mn-t && mv $dstdir/gtests/manifest.mn-t $dstdir/gtests/manifest.mn } nss-3.35/nss/automation/taskcluster/scripts/tools.sh0000644000000000000000000000161613230126417021112 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x if [[ $(id -u) -eq 0 ]]; then # Drop privileges by re-running this script. # Note: this mangles arguments, better to avoid running scripts as root. exec su worker -c "$0 $*" fi # Usage: hg_clone repo dir [revision=@] hg_clone() { repo=$1 dir=$2 rev=${3:-@} if [ -d "$dir" ]; then hg pull -R "$dir" -ur "$rev" "$repo" && return rm -rf "$dir" fi for i in 0 2 5; do sleep $i hg clone -r "$rev" "$repo" "$dir" && return rm -rf "$dir" done exit 1 } fetch_dist() { url=https://queue.taskcluster.net/v1/task/$TC_PARENT_TASK_ID/artifacts/public/dist.tar.bz2 if [ ! -d "dist" ]; then for i in 0 2 5; do sleep $i curl --retry 3 -Lo dist.tar.bz2 $url && tar xvjf dist.tar.bz2 && return rm -fr dist.tar.bz2 dist done exit 1 fi } nss-3.35/nss/automation/taskcluster/windows/build.sh0000644000000000000000000000047313230126417021054 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Set up the toolchain. if [ "$USE_64" = 1 ]; then source $(dirname $0)/setup64.sh else source $(dirname $0)/setup32.sh fi # Clone NSPR. hg_clone https://hg.mozilla.org/projects/nspr nspr default # Build. make -C nss nss_build_all # Package. 7z a public/build/dist.7z dist nss-3.35/nss/automation/taskcluster/windows/build_gyp.sh0000644000000000000000000000130613230126417021727 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Set up the toolchain. if [[ "$@" == *"-m32"* ]]; then source $(dirname $0)/setup32.sh else source $(dirname $0)/setup64.sh fi # Install GYP. cd gyp python -m virtualenv test-env test-env/Scripts/python setup.py install test-env/Scripts/python -m pip install --upgrade pip test-env/Scripts/pip install --upgrade setuptools cd .. export GYP_MSVS_OVERRIDE_PATH="${VSPATH}" export GYP_MSVS_VERSION="2015" export GYP="${PWD}/gyp/test-env/Scripts/gyp" # Fool GYP. touch "${VSPATH}/VC/vcvarsall.bat" # Clone NSPR. hg_clone https://hg.mozilla.org/projects/nspr nspr default # Build with gyp. GYP=${GYP} ./nss/build.sh -g -v "$@" # Package. 7z a public/build/dist.7z dist nss-3.35/nss/automation/taskcluster/windows/gen_certs.sh0000644000000000000000000000101713230126417021721 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Set up the toolchain. source $(dirname $0)/setup.sh # Fetch artifact. wget -t 3 --retry-connrefused -w 5 --random-wait https://queue.taskcluster.net/v1/task/$TC_PARENT_TASK_ID/artifacts/public/build/dist.7z -O dist.7z 7z x dist.7z # Generate certificates. NSS_TESTS=cert NSS_CYCLES="standard pkix sharedb" nss/tests/all.sh # Reset test counter so that test runs pick up our certificates. echo 1 > tests_results/security/localhost # Package. 7z a public/build/dist.7z dist tests_results nss-3.35/nss/automation/taskcluster/windows/releng.manifest0000644000000000000000000000160313230126417022421 0ustar 00000000000000[ { "version": "Visual Studio 2017 15.4.2 / SDK 10.0.15063.0", "size": 303146863, "digest": "18700889e6b5e81613b9cf57ce4e0d46a6ee45bb4c5c33bae2604a5275326128775b8a032a1eb178c5db973746d565340c4e36d98375789e1d5bd836ab16ba58", "algorithm": "sha512", "filename": "vs2017_15.4.2.zip", "unpack": true }, { "version": "Ninja 1.7.1", "size": 184821, "digest": "e4f9a1ae624a2630e75264ba37d396d9c7407d6e6aea3763056210ba6e1387908bd31cf4037a6a3661a418e86c4d2761e0c333e6a3bd0d66549d2b0d72d3f43b", "algorithm": "sha512", "filename": "ninja171.zip", "unpack": true }, { "size": 13063963, "visibility": "public", "digest": "47a19f8f863eab3414abab2b9e9bd901ab896c799b3d9254b456b2f59374b085b99de805e21069a0819f01eecb3f43f7e2395a8c644c04bcbfa5711261cca29d", "algorithm": "sha512", "filename": "gyp-2017-05-23.zip", "unpack": true } ] nss-3.35/nss/automation/taskcluster/windows/run_tests.sh0000644000000000000000000000046413230126417022003 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x # Set up the toolchain. source $(dirname $0)/setup.sh # Fetch artifact. wget -t 3 --retry-connrefused -w 5 --random-wait https://queue.taskcluster.net/v1/task/$TC_PARENT_TASK_ID/artifacts/public/build/dist.7z -O dist.7z 7z x dist.7z # Run tests. cd nss/tests && ./all.sh nss-3.35/nss/automation/taskcluster/windows/setup.sh0000644000000000000000000000157313230126417021117 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x export VSPATH="$(pwd)/vs2017_15.4.2" export NINJA_PATH="$(pwd)/ninja/bin" export WINDOWSSDKDIR="${VSPATH}/SDK" export VS90COMNTOOLS="${VSPATH}/VC" export INCLUDE="${VSPATH}/VC/include:${VSPATH}/SDK/Include/10.0.15063.0/ucrt:${VSPATH}/SDK/Include/10.0.15063.0/shared:${VSPATH}/SDK/Include/10.0.15063.0/um" # Usage: hg_clone repo dir [revision=@] hg_clone() { repo=$1 dir=$2 rev=${3:-@} for i in 0 2 5; do sleep $i hg clone -r "$rev" "$repo" "$dir" && return rm -rf "$dir" done exit 1 } hg_clone https://hg.mozilla.org/build/tools tools default tools/scripts/tooltool/tooltool_wrapper.sh $(dirname $0)/releng.manifest https://tooltool.mozilla-releng.net/ non-existant-file.sh /c/mozilla-build/python/python.exe /c/builds/tooltool.py --authentication-file /c/builds/relengapi.tok -c /c/builds/tooltool_cache nss-3.35/nss/automation/taskcluster/windows/setup32.sh0000644000000000000000000000104113230126417021252 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x source $(dirname $0)/setup.sh export WIN32_REDIST_DIR="${VSPATH}/VC/redist/x86/Microsoft.VC141.CRT" export WIN_UCRT_REDIST_DIR="${VSPATH}/SDK/Redist/ucrt/DLLs/x86" export PATH="${NINJA_PATH}:${VSPATH}/VC/bin/Hostx64/x86:${VSPATH}/VC/bin/Hostx64/x64:${VSPATH}/VC/Hostx86/x86:${VSPATH}/SDK/bin/10.0.15063.0/x64:${VSPATH}/VC/redist/x86/Microsoft.VC141.CRT:${VSPATH}/SDK/Redist/ucrt/DLLs/x86:${PATH}" export LIB="${VSPATH}/VC/lib/x86:${VSPATH}/SDK/lib/10.0.15063.0/ucrt/x86:${VSPATH}/SDK/lib/10.0.15063.0/um/x86" nss-3.35/nss/automation/taskcluster/windows/setup64.sh0000644000000000000000000000101013230126417021253 0ustar 00000000000000#!/usr/bin/env bash set -v -e -x source $(dirname $0)/setup.sh export WIN32_REDIST_DIR="${VSPATH}/VC/redist/x64/Microsoft.VC141.CRT" export WIN_UCRT_REDIST_DIR="${VSPATH}/SDK/Redist/ucrt/DLLs/x64" export PATH="${NINJA_PATH}:${VSPATH}/VC/bin/Hostx64/x64:${VSPATH}/VC/bin/Hostx86/x86:${VSPATH}/SDK/bin/10.0.15063.0/x64:${VSPATH}/VC/redist/x64/Microsoft.VC141.CRT:${VSPATH}/SDK/Redist/ucrt/DLLs/x64:${PATH}" export LIB="${VSPATH}/VC/lib/x64:${VSPATH}/SDK/lib/10.0.15063.0/ucrt/x64:${VSPATH}/SDK/lib/10.0.15063.0/um/x64" nss-3.35/nss/build.sh0000755000000000000000000001365513230126417012647 0ustar 00000000000000#!/usr/bin/env bash # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. ################################################################################ # # This script builds NSS with gyp and ninja. # # This build system is still under development. It does not yet support all # the features or platforms that NSS supports. set -e cwd=$(cd $(dirname $0); pwd -P) source "$cwd"/coreconf/nspr.sh source "$cwd"/coreconf/sanitizers.sh GYP=${GYP:-gyp} # Usage info show_help() { cat "$cwd"/help.txt } run_verbose() { if [ "$verbose" = 1 ]; then echo "$@" exec 3>&1 else exec 3>/dev/null fi "$@" 1>&3 2>&3 exec 3>&- } if [ -n "$CCC" ] && [ -z "$CXX" ]; then export CXX="$CCC" fi opt_build=0 build_64=0 clean=0 rebuild_gyp=0 rebuild_nspr=0 target=Debug verbose=0 fuzz=0 fuzz_tls=0 fuzz_oss=0 no_local_nspr=0 armhf=0 gyp_params=(--depth="$cwd" --generator-output=".") nspr_params=() ninja_params=() # try to guess sensible defaults arch=$(python "$cwd"/coreconf/detect_host_arch.py) if [ "$arch" = "x64" -o "$arch" = "aarch64" ]; then build_64=1 elif [ "$arch" = "arm" ]; then armhf=1 fi # parse command line arguments while [ $# -gt 0 ]; do case $1 in -c) clean=1 ;; -cc) clean_only=1 ;; --gyp|-g) rebuild_gyp=1 ;; --nspr) nspr_clean; rebuild_nspr=1 ;; -j) ninja_params+=(-j "$2"); shift ;; -v) ninja_params+=(-v); verbose=1 ;; --test) gyp_params+=(-Dtest_build=1) ;; --clang) export CC=clang; export CCC=clang++; export CXX=clang++ ;; --gcc) export CC=gcc; export CCC=g++; export CXX=g++ ;; --fuzz) fuzz=1 ;; --fuzz=oss) fuzz=1; fuzz_oss=1 ;; --fuzz=tls) fuzz=1; fuzz_tls=1 ;; --scan-build) enable_scanbuild ;; --scan-build=?*) enable_scanbuild "${1#*=}" ;; --opt|-o) opt_build=1 ;; -m32|--m32) build_64=0 ;; --asan) enable_sanitizer asan ;; --msan) enable_sanitizer msan ;; --ubsan) enable_ubsan ;; --ubsan=?*) enable_ubsan "${1#*=}" ;; --sancov) enable_sancov ;; --sancov=?*) enable_sancov "${1#*=}" ;; --pprof) gyp_params+=(-Duse_pprof=1) ;; --ct-verif) gyp_params+=(-Dct_verif=1) ;; --disable-tests) gyp_params+=(-Ddisable_tests=1) ;; --no-zdefs) gyp_params+=(-Dno_zdefs=1) ;; --system-sqlite) gyp_params+=(-Duse_system_sqlite=1) ;; --with-nspr=?*) set_nspr_path "${1#*=}"; no_local_nspr=1 ;; --system-nspr) set_nspr_path "/usr/include/nspr/:"; no_local_nspr=1 ;; --enable-libpkix) gyp_params+=(-Ddisable_libpkix=0) ;; --enable-fips) gyp_params+=(-Ddisable_fips=0) ;; *) show_help; exit 2 ;; esac shift done if [ "$opt_build" = 1 ]; then target=Release else target=Debug fi if [ "$build_64" = 1 ]; then nspr_params+=(--enable-64bit) elif [ ! "$armhf" = 1 ]; then gyp_params+=(-Dtarget_arch=ia32) fi if [ "$fuzz" = 1 ]; then source "$cwd"/coreconf/fuzz.sh fi # set paths target_dir="$cwd"/out/$target mkdir -p "$target_dir" dist_dir="$cwd"/../dist dist_dir=$(mkdir -p "$dist_dir"; cd "$dist_dir"; pwd -P) gyp_params+=(-Dnss_dist_dir="$dist_dir") # -c = clean first if [ "$clean" = 1 -o "$clean_only" = 1 ]; then nspr_clean rm -rf "$cwd"/out rm -rf "$dist_dir" # -cc = only clean, don't build if [ "$clean_only" = 1 ]; then echo "Cleaned" exit 0 fi fi # This saves a canonical representation of arguments that we are passing to gyp # or the NSPR build so that we can work out if a rebuild is needed. # Caveat: This can fail for arguments that are position-dependent. # e.g., "-e 2 -f 1" and "-e 1 -f 2" canonicalize the same. check_config() { local newconf="$1".new oldconf="$1" shift mkdir -p $(dirname "$newconf") echo CC="$CC" >"$newconf" echo CCC="$CCC" >>"$newconf" echo CXX="$CXX" >>"$newconf" for i in "$@"; do echo $i; done | sort >>"$newconf" # Note: The following diff fails if $oldconf isn't there as well, which # happens if we don't have a previous successful build. ! diff -q "$newconf" "$oldconf" >/dev/null 2>&1 } gyp_config="$cwd"/out/gyp_config nspr_config="$cwd"/out/$target/nspr_config # If we don't have a build directory make sure that we rebuild. if [ ! -d "$target_dir" ]; then rebuild_nspr=1 rebuild_gyp=1 elif [ ! -d "$dist_dir"/$target ]; then rebuild_nspr=1 fi # Update NSPR ${C,CXX,LD}FLAGS. nspr_set_flags $sanitizer_flags if check_config "$nspr_config" "${nspr_params[@]}" \ nspr_cflags="$nspr_cflags" \ nspr_cxxflags="$nspr_cxxflags" \ nspr_ldflags="$nspr_ldflags"; then rebuild_nspr=1 fi # Forward sanitizer flags. if [ ! -z "$sanitizer_flags" ]; then gyp_params+=(-Dsanitizer_flags="$sanitizer_flags") fi if check_config "$gyp_config" "${gyp_params[@]}"; then rebuild_gyp=1 fi # save the chosen target mkdir -p "$dist_dir" echo $target > "$dist_dir"/latest if [[ "$rebuild_nspr" = 1 && "$no_local_nspr" = 0 ]]; then nspr_build "${nspr_params[@]}" mv -f "$nspr_config".new "$nspr_config" fi if [ "$rebuild_gyp" = 1 ]; then if ! hash ${GYP} 2> /dev/null; then echo "Please install gyp" 1>&2 exit 1 fi # These extra arguments aren't used in determining whether to rebuild. obj_dir="$dist_dir"/$target gyp_params+=(-Dnss_dist_obj_dir=$obj_dir) if [ "$no_local_nspr" = 0 ]; then set_nspr_path "$obj_dir/include/nspr:$obj_dir/lib" fi run_verbose run_scanbuild ${GYP} -f ninja "${gyp_params[@]}" "$cwd"/nss.gyp mv -f "$gyp_config".new "$gyp_config" fi # Run ninja. if hash ninja 2>/dev/null; then ninja=ninja elif hash ninja-build 2>/dev/null; then ninja=ninja-build else echo "Please install ninja" 1>&2 exit 1 fi run_scanbuild $ninja -C "$target_dir" "${ninja_params[@]}" nss-3.35/nss/cmd/Makefile0000644000000000000000000000161513230126417013405 0ustar 00000000000000#! gmake # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. CORE_DEPTH = .. DEPTH = .. include manifest.mn include $(CORE_DEPTH)/coreconf/config.mk ifdef BUILD_LIBPKIX_TESTS DIRS += libpkix endif ifeq ($(NSS_BUILD_WITHOUT_SOFTOKEN),1) BLTEST_SRCDIR = ECPERF_SRCDIR = FREEBL_ECTEST_SRCDIR = FIPSTEST_SRCDIR = SHLIBSIGN_SRCDIR = else BLTEST_SRCDIR = bltest ECPERF_SRCDIR = ecperf FREEBL_ECTEST_SRCDIR = fbectest FIPSTEST_SRCDIR = fipstest SHLIBSIGN_SRCDIR = shlibsign endif LOWHASHTEST_SRCDIR= ifeq ($(FREEBL_LOWHASH),1) LOWHASHTEST_SRCDIR = lowhashtest # Add the lowhashtest directory to DIRS. endif INCLUDES += \ -I$(DIST)/../public/security \ -I./include \ $(NULL) include $(CORE_DEPTH)/coreconf/rules.mk symbols:: @echo "TARGETS = $(TARGETS)" nss-3.35/nss/cmd/addbuiltin/Makefile0000644000000000000000000000354113230126417015524 0ustar 00000000000000#! gmake # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. ####################################################################### # (1) Include initial platform-independent assignments (MANDATORY). # ####################################################################### include manifest.mn ####################################################################### # (2) Include "global" configuration information. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/config.mk ####################################################################### # (3) Include "component" configuration information. (OPTIONAL) # ####################################################################### ####################################################################### # (4) Include "local" platform-dependent assignments (OPTIONAL). # ####################################################################### include ../platlibs.mk ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/rules.mk ####################################################################### # (6) Execute "component" rules. (OPTIONAL) # ####################################################################### ####################################################################### # (7) Execute "local" rules. (OPTIONAL). # ####################################################################### include ../platrules.mk nss-3.35/nss/cmd/addbuiltin/addbuiltin.c0000644000000000000000000004771013230126417016355 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* * Tool for converting builtin CA certs. */ #include "nssrenam.h" #include "nss.h" #include "cert.h" #include "certdb.h" #include "secutil.h" #include "pk11func.h" #if defined(WIN32) #include #include #endif void dumpbytes(unsigned char *buf, int len) { int i; for (i = 0; i < len; i++) { if ((i != 0) && ((i & 0xf) == 0)) { printf("\n"); } printf("\\%03o", buf[i]); } printf("\n"); } int hasPositiveTrust(unsigned int trust) { if (trust & CERTDB_TRUSTED) { if (trust & CERTDB_TRUSTED_CA) { return PR_TRUE; } else { return PR_FALSE; } } else { if (trust & CERTDB_TRUSTED_CA) { return PR_TRUE; } else if (trust & CERTDB_VALID_CA) { return PR_TRUE; } else if (trust & CERTDB_TERMINAL_RECORD) { return PR_FALSE; } else { return PR_FALSE; } } return PR_FALSE; } char * getTrustString(unsigned int trust) { if (trust & CERTDB_TRUSTED) { if (trust & CERTDB_TRUSTED_CA) { return "CKT_NSS_TRUSTED_DELEGATOR"; } else { return "CKT_NSS_TRUSTED"; } } else { if (trust & CERTDB_TRUSTED_CA) { return "CKT_NSS_TRUSTED_DELEGATOR"; } else if (trust & CERTDB_VALID_CA) { return "CKT_NSS_VALID_DELEGATOR"; } else if (trust & CERTDB_TERMINAL_RECORD) { return "CKT_NSS_NOT_TRUSTED"; } else { return "CKT_NSS_MUST_VERIFY_TRUST"; } } return "CKT_NSS_TRUST_UNKNOWN"; /* not reached */ } static const SEC_ASN1Template serialTemplate[] = { { SEC_ASN1_INTEGER, offsetof(CERTCertificate, serialNumber) }, { 0 } }; void print_crl_info(CERTName *name, SECItem *serial) { PRBool saveWrapeState = SECU_GetWrapEnabled(); SECU_EnableWrap(PR_FALSE); SECU_PrintNameQuotesOptional(stdout, name, "# Issuer", 0, PR_FALSE); printf("\n"); SECU_PrintInteger(stdout, serial, "# Serial Number", 0); SECU_EnableWrap(saveWrapeState); } static SECStatus ConvertCRLEntry(SECItem *sdder, PRInt32 crlentry, char *nickname) { int rv; PLArenaPool *arena = NULL; CERTSignedCrl *newCrl = NULL; CERTCrlEntry *entry; CERTName *name = NULL; SECItem *derName = NULL; SECItem *serial = NULL; rv = SEC_ERROR_NO_MEMORY; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) return rv; newCrl = CERT_DecodeDERCrlWithFlags(arena, sdder, SEC_CRL_TYPE, CRL_DECODE_DEFAULT_OPTIONS); if (!newCrl) return SECFailure; name = &newCrl->crl.name; derName = &newCrl->crl.derName; if (newCrl->crl.entries != NULL) { PRInt32 iv = 0; while ((entry = newCrl->crl.entries[iv++]) != NULL) { if (crlentry == iv) { serial = &entry->serialNumber; break; } } } if (!name || !derName || !serial) return SECFailure; printf("\n# Distrust \"%s\"\n", nickname); print_crl_info(name, serial); printf("CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST\n"); printf("CKA_TOKEN CK_BBOOL CK_TRUE\n"); printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n"); printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"); printf("CKA_LABEL UTF8 \"%s\"\n", nickname); printf("CKA_ISSUER MULTILINE_OCTAL\n"); dumpbytes(derName->data, derName->len); printf("END\n"); printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n"); printf("\\002\\%03o", serial->len); /* 002: type integer; len >=3 digits */ dumpbytes(serial->data, serial->len); printf("END\n"); printf("CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_NOT_TRUSTED\n"); printf("CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_NOT_TRUSTED\n"); printf("CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_NOT_TRUSTED\n"); printf("CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE\n"); PORT_FreeArena(arena, PR_FALSE); return rv; } void print_info(SECItem *sdder, CERTCertificate *c) { PRBool saveWrapeState = SECU_GetWrapEnabled(); SECU_EnableWrap(PR_FALSE); SECU_PrintNameQuotesOptional(stdout, &c->issuer, "# Issuer", 0, PR_FALSE); printf("\n"); SECU_PrintInteger(stdout, &c->serialNumber, "# Serial Number", 0); SECU_PrintNameQuotesOptional(stdout, &c->subject, "# Subject", 0, PR_FALSE); printf("\n"); SECU_PrintTimeChoice(stdout, &c->validity.notBefore, "# Not Valid Before", 0); SECU_PrintTimeChoice(stdout, &c->validity.notAfter, "# Not Valid After ", 0); SECU_PrintFingerprints(stdout, sdder, "# Fingerprint", 0); SECU_EnableWrap(saveWrapeState); } static SECStatus ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust, PRBool excludeCert, PRBool excludeHash) { SECStatus rv = SECSuccess; CERTCertificate *cert; unsigned char sha1_hash[SHA1_LENGTH]; unsigned char md5_hash[MD5_LENGTH]; SECItem *serial = NULL; PRBool step_up = PR_FALSE; const char *trust_info; cert = CERT_DecodeDERCertificate(sdder, PR_FALSE, nickname); if (!cert) { return SECFailure; } serial = SEC_ASN1EncodeItem(NULL, NULL, cert, serialTemplate); if (!serial) { return SECFailure; } if (!excludeCert) { printf("\n#\n# Certificate \"%s\"\n#\n", nickname); print_info(sdder, cert); printf("CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n"); printf("CKA_TOKEN CK_BBOOL CK_TRUE\n"); printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n"); printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"); printf("CKA_LABEL UTF8 \"%s\"\n", nickname); printf("CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n"); printf("CKA_SUBJECT MULTILINE_OCTAL\n"); dumpbytes(cert->derSubject.data, cert->derSubject.len); printf("END\n"); printf("CKA_ID UTF8 \"0\"\n"); printf("CKA_ISSUER MULTILINE_OCTAL\n"); dumpbytes(cert->derIssuer.data, cert->derIssuer.len); printf("END\n"); printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n"); dumpbytes(serial->data, serial->len); printf("END\n"); printf("CKA_VALUE MULTILINE_OCTAL\n"); dumpbytes(sdder->data, sdder->len); printf("END\n"); if (hasPositiveTrust(trust->sslFlags) || hasPositiveTrust(trust->emailFlags) || hasPositiveTrust(trust->objectSigningFlags)) { printf("CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE\n"); } } if ((trust->sslFlags | trust->emailFlags | trust->objectSigningFlags) == CERTDB_TERMINAL_RECORD) trust_info = "Distrust"; else trust_info = "Trust for"; printf("\n# %s \"%s\"\n", trust_info, nickname); print_info(sdder, cert); printf("CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST\n"); printf("CKA_TOKEN CK_BBOOL CK_TRUE\n"); printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n"); printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"); printf("CKA_LABEL UTF8 \"%s\"\n", nickname); if (!excludeHash) { PK11_HashBuf(SEC_OID_SHA1, sha1_hash, sdder->data, sdder->len); printf("CKA_CERT_SHA1_HASH MULTILINE_OCTAL\n"); dumpbytes(sha1_hash, SHA1_LENGTH); printf("END\n"); PK11_HashBuf(SEC_OID_MD5, md5_hash, sdder->data, sdder->len); printf("CKA_CERT_MD5_HASH MULTILINE_OCTAL\n"); dumpbytes(md5_hash, MD5_LENGTH); printf("END\n"); } printf("CKA_ISSUER MULTILINE_OCTAL\n"); dumpbytes(cert->derIssuer.data, cert->derIssuer.len); printf("END\n"); printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n"); dumpbytes(serial->data, serial->len); printf("END\n"); printf("CKA_TRUST_SERVER_AUTH CK_TRUST %s\n", getTrustString(trust->sslFlags)); printf("CKA_TRUST_EMAIL_PROTECTION CK_TRUST %s\n", getTrustString(trust->emailFlags)); printf("CKA_TRUST_CODE_SIGNING CK_TRUST %s\n", getTrustString(trust->objectSigningFlags)); #ifdef notdef printf("CKA_TRUST_CLIENT_AUTH CK_TRUST CKT_NSS_TRUSTED\n"); printf("CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST CKT_NSS_TRUSTED_DELEGATOR\n"); printf("CKA_TRUST_NON_REPUDIATION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR\n"); printf("CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST CKT_NSS_TRUSTED_DELEGATOR\n"); printf("CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST CKT_NSS_TRUSTED_DELEGATOR\n"); printf("CKA_TRUST_KEY_AGREEMENT CK_TRUST CKT_NSS_TRUSTED_DELEGATOR\n"); printf("CKA_TRUST_KEY_CERT_SIGN CK_TRUST CKT_NSS_TRUSTED_DELEGATOR\n"); #endif step_up = (trust->sslFlags & CERTDB_GOVT_APPROVED_CA); printf("CKA_TRUST_STEP_UP_APPROVED CK_BBOOL %s\n", step_up ? "CK_TRUE" : "CK_FALSE"); PORT_Free(sdder->data); return (rv); } void printheader() { printf("# \n" "# This Source Code Form is subject to the terms of the Mozilla Public\n" "# License, v. 2.0. If a copy of the MPL was not distributed with this\n" "# file, You can obtain one at http://mozilla.org/MPL/2.0/.\n" "#\n" "# certdata.txt\n" "#\n" "# This file contains the object definitions for the certs and other\n" "# information \"built into\" NSS.\n" "#\n" "# Object definitions:\n" "#\n" "# Certificates\n" "#\n" "# -- Attribute -- -- type -- -- value --\n" "# CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n" "# CKA_TOKEN CK_BBOOL CK_TRUE\n" "# CKA_PRIVATE CK_BBOOL CK_FALSE\n" "# CKA_MODIFIABLE CK_BBOOL CK_FALSE\n" "# CKA_LABEL UTF8 (varies)\n" "# CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n" "# CKA_SUBJECT DER+base64 (varies)\n" "# CKA_ID byte array (varies)\n" "# CKA_ISSUER DER+base64 (varies)\n" "# CKA_SERIAL_NUMBER DER+base64 (varies)\n" "# CKA_VALUE DER+base64 (varies)\n" "# CKA_NSS_EMAIL ASCII7 (unused here)\n" "#\n" "# Trust\n" "#\n" "# -- Attribute -- -- type -- -- value --\n" "# CKA_CLASS CK_OBJECT_CLASS CKO_TRUST\n" "# CKA_TOKEN CK_BBOOL CK_TRUE\n" "# CKA_PRIVATE CK_BBOOL CK_FALSE\n" "# CKA_MODIFIABLE CK_BBOOL CK_FALSE\n" "# CKA_LABEL UTF8 (varies)\n" "# CKA_ISSUER DER+base64 (varies)\n" "# CKA_SERIAL_NUMBER DER+base64 (varies)\n" "# CKA_CERT_HASH binary+base64 (varies)\n" "# CKA_EXPIRES CK_DATE (not used here)\n" "# CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST (varies)\n" "# CKA_TRUST_NON_REPUDIATION CK_TRUST (varies)\n" "# CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST (varies)\n" "# CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST (varies)\n" "# CKA_TRUST_KEY_AGREEMENT CK_TRUST (varies)\n" "# CKA_TRUST_KEY_CERT_SIGN CK_TRUST (varies)\n" "# CKA_TRUST_CRL_SIGN CK_TRUST (varies)\n" "# CKA_TRUST_SERVER_AUTH CK_TRUST (varies)\n" "# CKA_TRUST_CLIENT_AUTH CK_TRUST (varies)\n" "# CKA_TRUST_CODE_SIGNING CK_TRUST (varies)\n" "# CKA_TRUST_EMAIL_PROTECTION CK_TRUST (varies)\n" "# CKA_TRUST_IPSEC_END_SYSTEM CK_TRUST (varies)\n" "# CKA_TRUST_IPSEC_TUNNEL CK_TRUST (varies)\n" "# CKA_TRUST_IPSEC_USER CK_TRUST (varies)\n" "# CKA_TRUST_TIME_STAMPING CK_TRUST (varies)\n" "# (other trust attributes can be defined)\n" "#\n" "\n" "#\n" "# The object to tell NSS that this is a root list and we don't\n" "# have to go looking for others.\n" "#\n" "BEGINDATA\n" "CKA_CLASS CK_OBJECT_CLASS CKO_NSS_BUILTIN_ROOT_LIST\n" "CKA_TOKEN CK_BBOOL CK_TRUE\n" "CKA_PRIVATE CK_BBOOL CK_FALSE\n" "CKA_MODIFIABLE CK_BBOOL CK_FALSE\n" "CKA_LABEL UTF8 \"Mozilla Builtin Roots\"\n"); } static void Usage(char *progName) { fprintf(stderr, "%s -t trust -n nickname [-i certfile] [-c] [-h]\n", progName); fprintf(stderr, "\tRead a der-encoded cert from certfile or stdin, and output\n" "\tit to stdout in a format suitable for the builtin root module.\n" "\tExample: %s -n MyCA -t \"C,C,C\" -i myca.der >> certdata.txt\n", progName); fprintf(stderr, "%s -D -n label [-i certfile]\n", progName); fprintf(stderr, "\tRead a der-encoded cert from certfile or stdin, and output\n" "\ta distrust record.\n" "\t(-D is equivalent to -t p,p,p -c -h)\n"); fprintf(stderr, "%s -C -e crl-entry-number -n label [-i crlfile]\n", progName); fprintf(stderr, "\tRead a CRL from crlfile or stdin, and output\n" "\ta distrust record (issuer+serial).\n" "\t(-C implies -c -h)\n"); fprintf(stderr, "%-15s trust flags (cCTpPuw).\n", "-t trust"); fprintf(stderr, "%-15s nickname to assign to builtin cert, or\n", "-n nickname"); fprintf(stderr, "%-15s a label for the distrust record.\n", ""); fprintf(stderr, "%-15s exclude the certificate (only add a trust record)\n", "-c"); fprintf(stderr, "%-15s exclude hash from trust record\n", "-h"); fprintf(stderr, "%-15s (useful to distrust any matching issuer/serial)\n", ""); fprintf(stderr, "%-15s (not allowed when adding positive trust)\n", ""); fprintf(stderr, "%-15s a CRL entry number, as shown by \"crlutil -S\"\n", "-e"); fprintf(stderr, "%-15s input file to read (default stdin)\n", "-i file"); fprintf(stderr, "%-15s (pipe through atob if the cert is b64-encoded)\n", ""); exit(-1); } enum { opt_Input = 0, opt_Nickname, opt_Trust, opt_Distrust, opt_ExcludeCert, opt_ExcludeHash, opt_DistrustCRL, opt_CRLEnry }; static secuCommandFlag addbuiltin_options[] = { { /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE }, { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE }, { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE }, { /* opt_Distrust */ 'D', PR_FALSE, 0, PR_FALSE }, { /* opt_ExcludeCert */ 'c', PR_FALSE, 0, PR_FALSE }, { /* opt_ExcludeHash */ 'h', PR_FALSE, 0, PR_FALSE }, { /* opt_DistrustCRL */ 'C', PR_FALSE, 0, PR_FALSE }, { /* opt_CRLEnry */ 'e', PR_TRUE, 0, PR_FALSE }, }; int main(int argc, char **argv) { SECStatus rv; char *nickname = NULL; char *trusts = NULL; char *progName; PRFileDesc *infile; CERTCertTrust trust = { 0 }; SECItem derItem = { 0 }; PRInt32 crlentry = 0; PRInt32 mutuallyExclusiveOpts = 0; PRBool decodeTrust = PR_FALSE; secuCommand addbuiltin = { 0 }; addbuiltin.numOptions = sizeof(addbuiltin_options) / sizeof(secuCommandFlag); addbuiltin.options = addbuiltin_options; progName = strrchr(argv[0], '/'); progName = progName ? progName + 1 : argv[0]; rv = SECU_ParseCommandLine(argc, argv, progName, &addbuiltin); if (rv != SECSuccess) Usage(progName); if (addbuiltin.options[opt_Trust].activated) ++mutuallyExclusiveOpts; if (addbuiltin.options[opt_Distrust].activated) ++mutuallyExclusiveOpts; if (addbuiltin.options[opt_DistrustCRL].activated) ++mutuallyExclusiveOpts; if (mutuallyExclusiveOpts != 1) { fprintf(stderr, "%s: you must specify exactly one of -t or -D or -C\n", progName); Usage(progName); } if (addbuiltin.options[opt_DistrustCRL].activated) { if (!addbuiltin.options[opt_CRLEnry].activated) { fprintf(stderr, "%s: you must specify the CRL entry number.\n", progName); Usage(progName); } else { crlentry = atoi(addbuiltin.options[opt_CRLEnry].arg); if (crlentry < 1) { fprintf(stderr, "%s: The CRL entry number must be > 0.\n", progName); Usage(progName); } } } if (!addbuiltin.options[opt_Nickname].activated) { fprintf(stderr, "%s: you must specify parameter -n (a nickname or a label).\n", progName); Usage(progName); } if (addbuiltin.options[opt_Input].activated) { infile = PR_Open(addbuiltin.options[opt_Input].arg, PR_RDONLY, 00660); if (!infile) { fprintf(stderr, "%s: failed to open input file.\n", progName); exit(1); } } else { #if defined(WIN32) /* If we're going to read binary data from stdin, we must put stdin ** into O_BINARY mode or else incoming \r\n's will become \n's, ** and latin-1 characters will be altered. */ int smrv = _setmode(_fileno(stdin), _O_BINARY); if (smrv == -1) { fprintf(stderr, "%s: Cannot change stdin to binary mode. Use -i option instead.\n", progName); exit(1); } #endif infile = PR_STDIN; } #if defined(WIN32) /* We must put stdout into O_BINARY mode or else the output will include ** carriage returns. */ { int smrv = _setmode(_fileno(stdout), _O_BINARY); if (smrv == -1) { fprintf(stderr, "%s: Cannot change stdout to binary mode.\n", progName); exit(1); } } #endif nickname = strdup(addbuiltin.options[opt_Nickname].arg); NSS_NoDB_Init(NULL); if (addbuiltin.options[opt_Distrust].activated || addbuiltin.options[opt_DistrustCRL].activated) { addbuiltin.options[opt_ExcludeCert].activated = PR_TRUE; addbuiltin.options[opt_ExcludeHash].activated = PR_TRUE; } if (addbuiltin.options[opt_Distrust].activated) { trusts = strdup("p,p,p"); decodeTrust = PR_TRUE; } else if (addbuiltin.options[opt_Trust].activated) { trusts = strdup(addbuiltin.options[opt_Trust].arg); decodeTrust = PR_TRUE; } if (decodeTrust) { rv = CERT_DecodeTrustString(&trust, trusts); if (rv) { fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName); Usage(progName); } } if (addbuiltin.options[opt_Trust].activated && addbuiltin.options[opt_ExcludeHash].activated) { if ((trust.sslFlags | trust.emailFlags | trust.objectSigningFlags) != CERTDB_TERMINAL_RECORD) { fprintf(stderr, "%s: Excluding the hash only allowed with distrust.\n", progName); Usage(progName); } } SECU_FileToItem(&derItem, infile); /*printheader();*/ if (addbuiltin.options[opt_DistrustCRL].activated) { rv = ConvertCRLEntry(&derItem, crlentry, nickname); } else { rv = ConvertCertificate(&derItem, nickname, &trust, addbuiltin.options[opt_ExcludeCert].activated, addbuiltin.options[opt_ExcludeHash].activated); if (rv) { fprintf(stderr, "%s: failed to convert certificate.\n", progName); exit(1); } } if (NSS_Shutdown() != SECSuccess) { exit(1); } return (SECSuccess); } nss-3.35/nss/cmd/addbuiltin/addbuiltin.gyp0000644000000000000000000000104513230126417016721 0ustar 00000000000000# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. { 'includes': [ '../../coreconf/config.gypi', '../../cmd/platlibs.gypi' ], 'targets': [ { 'target_name': 'addbuiltin', 'type': 'executable', 'sources': [ 'addbuiltin.c' ], 'dependencies': [ '<(DEPTH)/exports.gyp:nss_exports' ] } ], 'variables': { 'module': 'nss' } }nss-3.35/nss/cmd/addbuiltin/manifest.mn0000644000000000000000000000077413230126417016233 0ustar 00000000000000# # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. CORE_DEPTH = ../.. # MODULE public and private header directories are implicitly REQUIRED. MODULE = nss CSRCS = \ addbuiltin.c \ $(NULL) # The MODULE is always implicitly required. # Listing it here in REQUIRES makes it appear twice in the cc command line. REQUIRES = seccmd PROGRAM = addbuiltin nss-3.35/nss/cmd/atob/Makefile0000644000000000000000000000354013230126417014331 0ustar 00000000000000#! gmake # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. ####################################################################### # (1) Include initial platform-independent assignments (MANDATORY). # ####################################################################### include manifest.mn ####################################################################### # (2) Include "global" configuration information. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/config.mk ####################################################################### # (3) Include "component" configuration information. (OPTIONAL) # ####################################################################### ####################################################################### # (4) Include "local" platform-dependent assignments (OPTIONAL). # ####################################################################### include ../platlibs.mk ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/rules.mk ####################################################################### # (6) Execute "component" rules. (OPTIONAL) # ####################################################################### ####################################################################### # (7) Execute "local" rules. (OPTIONAL). # ####################################################################### include ../platrules.mk nss-3.35/nss/cmd/atob/atob.c0000644000000000000000000001052513230126417013763 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "plgetopt.h" #include "secutil.h" #include "nssb64.h" #include #if defined(XP_WIN) || (defined(__sun) && !defined(SVR4)) #if !defined(WIN32) extern int fread(char *, size_t, size_t, FILE *); extern int fwrite(char *, size_t, size_t, FILE *); extern int fprintf(FILE *, char *, ...); #endif #endif #if defined(WIN32) #include "fcntl.h" #include "io.h" #endif static PRInt32 output_binary(void *arg, const unsigned char *obuf, PRInt32 size) { FILE *outFile = arg; int nb; nb = fwrite(obuf, 1, size, outFile); if (nb != size) { PORT_SetError(SEC_ERROR_IO); return -1; } return nb; } static PRBool isBase64Char(char c) { return ((c >= 'A' && c <= 'Z') || (c >= 'a' && c <= 'z') || (c >= '0' && c <= '9') || c == '+' || c == '/' || c == '='); } static SECStatus decode_file(FILE *outFile, FILE *inFile) { NSSBase64Decoder *cx; SECStatus status = SECFailure; char ibuf[4096]; const char *ptr; cx = NSSBase64Decoder_Create(output_binary, outFile); if (!cx) { return -1; } for (;;) { if (feof(inFile)) break; if (!fgets(ibuf, sizeof(ibuf), inFile)) { if (ferror(inFile)) { PORT_SetError(SEC_ERROR_IO); goto loser; } /* eof */ break; } for (ptr = ibuf; *ptr; ++ptr) { char c = *ptr; if (c == '\n' || c == '\r') { break; /* found end of line */ } if (!isBase64Char(c)) { ptr = ibuf; /* ignore line */ break; } } if (ibuf == ptr) { continue; /* skip empty or non-base64 line */ } status = NSSBase64Decoder_Update(cx, ibuf, ptr - ibuf); if (status != SECSuccess) goto loser; } return NSSBase64Decoder_Destroy(cx, PR_FALSE); loser: (void)NSSBase64Decoder_Destroy(cx, PR_TRUE); return status; } static void Usage(char *progName) { fprintf(stderr, "Usage: %s [-i input] [-o output]\n", progName); fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n", "-i input"); fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n", "-o output"); exit(-1); } int main(int argc, char **argv) { char *progName; SECStatus rv; FILE *inFile, *outFile; PLOptState *optstate; PLOptStatus status; inFile = 0; outFile = 0; progName = strrchr(argv[0], '/'); progName = progName ? progName + 1 : argv[0]; /* Parse command line arguments */ optstate = PL_CreateOptState(argc, argv, "?hi:o:"); while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { switch (optstate->option) { case '?': case 'h': Usage(progName); break; case 'i': inFile = fopen(optstate->value, "r"); if (!inFile) { fprintf(stderr, "%s: unable to open \"%s\" for reading\n", progName, optstate->value); return -1; } break; case 'o': outFile = fopen(optstate->value, "wb"); if (!outFile) { fprintf(stderr, "%s: unable to open \"%s\" for writing\n", progName, optstate->value); return -1; } break; } } if (!inFile) inFile = stdin; if (!outFile) { #if defined(WIN32) int smrv = _setmode(_fileno(stdout), _O_BINARY); if (smrv == -1) { fprintf(stderr, "%s: Cannot change stdout to binary mode. Use -o option instead.\n", progName); return smrv; } #endif outFile = stdout; } rv = decode_file(outFile, inFile); if (rv != SECSuccess) { fprintf(stderr, "%s: lossage: error=%d errno=%d\n", progName, PORT_GetError(), errno); return -1; } return 0; } nss-3.35/nss/cmd/atob/atob.gyp0000644000000000000000000000120713230126417014335 0ustar 00000000000000# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. { 'includes': [ '../../coreconf/config.gypi', '../../cmd/platlibs.gypi' ], 'targets': [ { 'target_name': 'atob', 'type': 'executable', 'sources': [ 'atob.c' ], 'dependencies': [ '<(DEPTH)/exports.gyp:dbm_exports', '<(DEPTH)/exports.gyp:nss_exports' ] } ], 'target_defaults': { 'defines': [ 'NSPR20' ] }, 'variables': { 'module': 'nss' } }nss-3.35/nss/cmd/atob/manifest.mn0000644000000000000000000000112313230126417015026 0ustar 00000000000000# # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. CORE_DEPTH = ../.. # MODULE public and private header directories are implicitly REQUIRED. MODULE = nss # This next line is used by .mk files # and gets translated into $LINCS in manifest.mnw # The MODULE is always implicitly required. # Listing it here in REQUIRES makes it appear twice in the cc command line. REQUIRES = seccmd dbm DEFINES = -DNSPR20 CSRCS = atob.c PROGRAM = atob nss-3.35/nss/cmd/bltest/Makefile0000644000000000000000000000377013230126417014706 0ustar 00000000000000#! gmake # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. ####################################################################### # (1) Include initial platform-independent assignments (MANDATORY). # ####################################################################### include manifest.mn #MKPROG = purify -cache-dir=/u/mcgreer/pcache -best-effort \ # -always-use-cache-dir $(CC) ####################################################################### # (2) Include "global" configuration information. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/config.mk ####################################################################### # (3) Include "component" configuration information. (OPTIONAL) # ####################################################################### ####################################################################### # (4) Include "local" platform-dependent assignments (OPTIONAL). # ####################################################################### include ../platlibs.mk #EXTRA_SHARED_LIBS += \ # -L/usr/lib \ # -lposix4 \ # $(NULL) ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/rules.mk ####################################################################### # (6) Execute "component" rules. (OPTIONAL) # ####################################################################### ####################################################################### # (7) Execute "local" rules. (OPTIONAL). # ####################################################################### include ../platrules.mk nss-3.35/nss/cmd/bltest/blapitest.c0000644000000000000000000043653113230126417015406 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include #include #include "blapi.h" #include "secrng.h" #include "prmem.h" #include "prprf.h" #include "prtime.h" #include "prsystem.h" #include "plstr.h" #include "nssb64.h" #include "basicutil.h" #include "plgetopt.h" #include "softoken.h" #include "nspr.h" #include "secport.h" #include "secoid.h" #include "nssutil.h" #include "ecl-curve.h" #include "pkcs1_vectors.h" SECStatus EC_DecodeParams(const SECItem *encodedParams, ECParams **ecparams); SECStatus EC_CopyParams(PLArenaPool *arena, ECParams *dstParams, const ECParams *srcParams); char *progName; char *testdir = NULL; #define BLTEST_DEFAULT_CHUNKSIZE 4096 #define WORDSIZE sizeof(unsigned long) #define CHECKERROR(rv, ln) \ if (rv) { \ PRErrorCode prerror = PR_GetError(); \ PR_fprintf(PR_STDERR, "%s: ERR %d (%s) at line %d.\n", progName, \ prerror, PORT_ErrorToString(prerror), ln); \ exit(-1); \ } /* Macros for performance timing. */ #define TIMESTART() \ time1 = PR_IntervalNow(); #define TIMEFINISH(time, reps) \ time2 = (PRIntervalTime)(PR_IntervalNow() - time1); \ time1 = PR_IntervalToMilliseconds(time2); \ time = ((double)(time1)) / reps; #define TIMEMARK(seconds) \ time1 = PR_SecondsToInterval(seconds); \ { \ PRInt64 tmp; \ if (time2 == 0) { \ time2 = 1; \ } \ LL_DIV(tmp, time1, time2); \ if (tmp < 10) { \ if (tmp == 0) { \ opsBetweenChecks = 1; \ } else { \ LL_L2I(opsBetweenChecks, tmp); \ } \ } else { \ opsBetweenChecks = 10; \ } \ } \ time2 = time1; \ time1 = PR_IntervalNow(); #define TIMETOFINISH() \ PR_IntervalNow() - time1 >= time2 static void Usage() { #define PRINTUSAGE(subject, option, predicate) \ fprintf(stderr, "%10s %s\t%s\n", subject, option, predicate); fprintf(stderr, "\n"); PRINTUSAGE(progName, "[-DEHSVR]", "List available cipher modes"); /* XXX */ fprintf(stderr, "\n"); PRINTUSAGE(progName, "-E -m mode ", "Encrypt a buffer"); PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]"); PRINTUSAGE("", "", "[-b bufsize] [-g keysize] [-e exp] [-r rounds]"); PRINTUSAGE("", "", "[-w wordsize] [-p repetitions | -5 time_interval]"); PRINTUSAGE("", "", "[-4 th_num]"); PRINTUSAGE("", "-m", "cipher mode to use"); PRINTUSAGE("", "-i", "file which contains input buffer"); PRINTUSAGE("", "-o", "file for output buffer"); PRINTUSAGE("", "-k", "file which contains key"); PRINTUSAGE("", "-v", "file which contains initialization vector"); PRINTUSAGE("", "-b", "size of input buffer"); PRINTUSAGE("", "-g", "key size (in bytes)"); PRINTUSAGE("", "-p", "do performance test"); PRINTUSAGE("", "-4", "run test in multithread mode. th_num number of parallel threads"); PRINTUSAGE("", "-5", "run test for specified time interval(in seconds)"); PRINTUSAGE("", "--aad", "File with contains additional auth data"); PRINTUSAGE("(rsa)", "-e", "rsa public exponent"); PRINTUSAGE("(rc5)", "-r", "number of rounds"); PRINTUSAGE("(rc5)", "-w", "wordsize (32 or 64)"); fprintf(stderr, "\n"); PRINTUSAGE(progName, "-D -m mode", "Decrypt a buffer"); PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]"); PRINTUSAGE("", "", "[-p repetitions | -5 time_interval] [-4 th_num]"); PRINTUSAGE("", "-m", "cipher mode to use"); PRINTUSAGE("", "-i", "file which contains input buffer"); PRINTUSAGE("", "-o", "file for output buffer"); PRINTUSAGE("", "-k", "file which contains key"); PRINTUSAGE("", "-v", "file which contains initialization vector"); PRINTUSAGE("", "-p", "do performance test"); PRINTUSAGE("", "-4", "run test in multithread mode. th_num number of parallel threads"); PRINTUSAGE("", "-5", "run test for specified time interval(in seconds)"); PRINTUSAGE("", "--aad", "File with contains additional auth data"); fprintf(stderr, "\n"); PRINTUSAGE(progName, "-H -m mode", "Hash a buffer"); PRINTUSAGE("", "", "[-i plaintext] [-o hash]"); PRINTUSAGE("", "", "[-b bufsize]"); PRINTUSAGE("", "", "[-p repetitions | -5 time_interval] [-4 th_num]"); PRINTUSAGE("", "-m", "cipher mode to use"); PRINTUSAGE("", "-i", "file which contains input buffer"); PRINTUSAGE("", "-o", "file for hash"); PRINTUSAGE("", "-b", "size of input buffer"); PRINTUSAGE("", "-p", "do performance test"); PRINTUSAGE("", "-4", "run test in multithread mode. th_num number of parallel threads"); PRINTUSAGE("", "-5", "run test for specified time interval(in seconds)"); fprintf(stderr, "\n"); PRINTUSAGE(progName, "-S -m mode", "Sign a buffer"); PRINTUSAGE("", "", "[-i plaintext] [-o signature] [-k key]"); PRINTUSAGE("", "", "[-b bufsize]"); PRINTUSAGE("", "", "[-n curvename]"); PRINTUSAGE("", "", "[-p repetitions | -5 time_interval] [-4 th_num]"); PRINTUSAGE("", "-m", "cipher mode to use"); PRINTUSAGE("", "-i", "file which contains input buffer"); PRINTUSAGE("", "-o", "file for signature"); PRINTUSAGE("", "-k", "file which contains key"); PRINTUSAGE("", "-n", "name of curve for EC key generation; one of:"); PRINTUSAGE("", "", " nistp256, nistp384, nistp521"); PRINTUSAGE("", "-p", "do performance test"); PRINTUSAGE("", "-4", "run test in multithread mode. th_num number of parallel threads"); PRINTUSAGE("", "-5", "run test for specified time interval(in seconds)"); fprintf(stderr, "\n"); PRINTUSAGE(progName, "-V -m mode", "Verify a signed buffer"); PRINTUSAGE("", "", "[-i plaintext] [-s signature] [-k key]"); PRINTUSAGE("", "", "[-p repetitions | -5 time_interval] [-4 th_num]"); PRINTUSAGE("", "-m", "cipher mode to use"); PRINTUSAGE("", "-i", "file which contains input buffer"); PRINTUSAGE("", "-s", "file which contains signature of input buffer"); PRINTUSAGE("", "-k", "file which contains key"); PRINTUSAGE("", "-p", "do performance test"); PRINTUSAGE("", "-4", "run test in multithread mode. th_num number of parallel threads"); PRINTUSAGE("", "-5", "run test for specified time interval(in seconds)"); fprintf(stderr, "\n"); PRINTUSAGE(progName, "-N -m mode -b bufsize", "Create a nonce plaintext and key"); PRINTUSAGE("", "", "[-g keysize] [-u cxreps]"); PRINTUSAGE("", "-g", "key size (in bytes)"); PRINTUSAGE("", "-u", "number of repetitions of context creation"); fprintf(stderr, "\n"); PRINTUSAGE(progName, "-R [-g keysize] [-e exp]", "Test the RSA populate key function"); PRINTUSAGE("", "", "[-r repetitions]"); PRINTUSAGE("", "-g", "key size (in bytes)"); PRINTUSAGE("", "-e", "rsa public exponent"); PRINTUSAGE("", "-r", "repetitions of the test"); fprintf(stderr, "\n"); PRINTUSAGE(progName, "-F", "Run the FIPS self-test"); fprintf(stderr, "\n"); PRINTUSAGE(progName, "-T [-m mode1,mode2...]", "Run the BLAPI self-test"); fprintf(stderr, "\n"); exit(1); } /* Helper functions for ascii<-->binary conversion/reading/writing */ /* XXX argh */ struct item_with_arena { SECItem *item; PLArenaPool *arena; }; static PRInt32 get_binary(void *arg, const unsigned char *ibuf, PRInt32 size) { struct item_with_arena *it = arg; SECItem *binary = it->item; SECItem *tmp; int index; if (binary->data == NULL) { tmp = SECITEM_AllocItem(it->arena, NULL, size); binary->data = tmp->data; binary->len = tmp->len; index = 0; } else { SECITEM_ReallocItem(NULL, binary, binary->len, binary->len + size); index = binary->len; } PORT_Memcpy(&binary->data[index], ibuf, size); return binary->len; } static SECStatus atob(SECItem *ascii, SECItem *binary, PLArenaPool *arena) { SECStatus status; NSSBase64Decoder *cx; struct item_with_arena it; int len; binary->data = NULL; binary->len = 0; it.item = binary; it.arena = arena; len = (strncmp((const char *)&ascii->data[ascii->len - 2], "\r\n", 2)) ? ascii->len : ascii->len - 2; cx = NSSBase64Decoder_Create(get_binary, &it); status = NSSBase64Decoder_Update(cx, (const char *)ascii->data, len); status = NSSBase64Decoder_Destroy(cx, PR_FALSE); return status; } static PRInt32 output_ascii(void *arg, const char *obuf, PRInt32 size) { PRFileDesc *outfile = arg; PRInt32 nb = PR_Write(outfile, obuf, size); if (nb != size) { PORT_SetError(SEC_ERROR_IO); return -1; } return nb; } static SECStatus btoa_file(SECItem *binary, PRFileDesc *outfile) { SECStatus status; NSSBase64Encoder *cx; if (binary->len == 0) return SECSuccess; cx = NSSBase64Encoder_Create(output_ascii, outfile); status = NSSBase64Encoder_Update(cx, binary->data, binary->len); status = NSSBase64Encoder_Destroy(cx, PR_FALSE); status = PR_Write(outfile, "\r\n", 2); return status; } SECStatus hex_from_2char(unsigned char *c2, unsigned char *byteval) { int i; unsigned char offset; *byteval = 0; for (i = 0; i < 2; i++) { if (c2[i] >= '0' && c2[i] <= '9') { offset = c2[i] - '0'; *byteval |= offset << 4 * (1 - i); } else if (c2[i] >= 'a' && c2[i] <= 'f') { offset = c2[i] - 'a'; *byteval |= (offset + 10) << 4 * (1 - i); } else if (c2[i] >= 'A' && c2[i] <= 'F') { offset = c2[i] - 'A'; *byteval |= (offset + 10) << 4 * (1 - i); } else { return SECFailure; } } return SECSuccess; } SECStatus char2_from_hex(unsigned char byteval, char *c2) { int i; unsigned char offset; for (i = 0; i < 2; i++) { offset = (byteval >> 4 * (1 - i)) & 0x0f; if (offset < 10) { c2[i] = '0' + offset; } else { c2[i] = 'A' + offset - 10; } } return SECSuccess; } void serialize_key(SECItem *it, int ni, PRFileDesc *file) { unsigned char len[4]; int i; NSSBase64Encoder *cx; cx = NSSBase64Encoder_Create(output_ascii, file); for (i = 0; i < ni; i++, it++) { len[0] = (it->len >> 24) & 0xff; len[1] = (it->len >> 16) & 0xff; len[2] = (it->len >> 8) & 0xff; len[3] = (it->len & 0xff); NSSBase64Encoder_Update(cx, len, 4); NSSBase64Encoder_Update(cx, it->data, it->len); } NSSBase64Encoder_Destroy(cx, PR_FALSE); PR_Write(file, "\r\n", 2); } void key_from_filedata(PLArenaPool *arena, SECItem *it, int ns, int ni, SECItem *filedata) { int fpos = 0; int i, len; unsigned char *buf = filedata->data; for (i = 0; i < ni; i++) { len = (buf[fpos++] & 0xff) << 24; len |= (buf[fpos++] & 0xff) << 16; len |= (buf[fpos++] & 0xff) << 8; len |= (buf[fpos++] & 0xff); if (ns <= i) { if (len > 0) { it->len = len; it->data = PORT_ArenaAlloc(arena, it->len); PORT_Memcpy(it->data, &buf[fpos], it->len); } else { it->len = 0; it->data = NULL; } it++; } fpos += len; } } static RSAPrivateKey * rsakey_from_filedata(PLArenaPool *arena, SECItem *filedata) { RSAPrivateKey *key; key = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(RSAPrivateKey)); key->arena = arena; key_from_filedata(arena, &key->version, 0, 9, filedata); return key; } static PQGParams * pqg_from_filedata(PLArenaPool *arena, SECItem *filedata) { PQGParams *pqg; pqg = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams)); pqg->arena = arena; key_from_filedata(arena, &pqg->prime, 0, 3, filedata); return pqg; } static DSAPrivateKey * dsakey_from_filedata(PLArenaPool *arena, SECItem *filedata) { DSAPrivateKey *key; key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey)); key->params.arena = arena; key_from_filedata(arena, &key->params.prime, 0, 5, filedata); return key; } static ECPrivateKey * eckey_from_filedata(PLArenaPool *arena, SECItem *filedata) { ECPrivateKey *key; SECStatus rv; ECParams *tmpECParams = NULL; key = (ECPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(ECPrivateKey)); /* read and convert params */ key->ecParams.arena = arena; key_from_filedata(arena, &key->ecParams.DEREncoding, 0, 1, filedata); rv = SECOID_Init(); CHECKERROR(rv, __LINE__); rv = EC_DecodeParams(&key->ecParams.DEREncoding, &tmpECParams); CHECKERROR(rv, __LINE__); rv = EC_CopyParams(key->ecParams.arena, &key->ecParams, tmpECParams); CHECKERROR(rv, __LINE__); rv = SECOID_Shutdown(); CHECKERROR(rv, __LINE__); PORT_FreeArena(tmpECParams->arena, PR_TRUE); /* read key */ key_from_filedata(arena, &key->publicValue, 1, 3, filedata); return key; } typedef struct curveNameTagPairStr { char *curveName; SECOidTag curveOidTag; } CurveNameTagPair; static CurveNameTagPair nameTagPair[] = { { "sect163k1", SEC_OID_SECG_EC_SECT163K1 }, { "nistk163", SEC_OID_SECG_EC_SECT163K1 }, { "sect163r1", SEC_OID_SECG_EC_SECT163R1 }, { "sect163r2", SEC_OID_SECG_EC_SECT163R2 }, { "nistb163", SEC_OID_SECG_EC_SECT163R2 }, { "sect193r1", SEC_OID_SECG_EC_SECT193R1 }, { "sect193r2", SEC_OID_SECG_EC_SECT193R2 }, { "sect233k1", SEC_OID_SECG_EC_SECT233K1 }, { "nistk233", SEC_OID_SECG_EC_SECT233K1 }, { "sect233r1", SEC_OID_SECG_EC_SECT233R1 }, { "nistb233", SEC_OID_SECG_EC_SECT233R1 }, { "sect239k1", SEC_OID_SECG_EC_SECT239K1 }, { "sect283k1", SEC_OID_SECG_EC_SECT283K1 }, { "nistk283", SEC_OID_SECG_EC_SECT283K1 }, { "sect283r1", SEC_OID_SECG_EC_SECT283R1 }, { "nistb283", SEC_OID_SECG_EC_SECT283R1 }, { "sect409k1", SEC_OID_SECG_EC_SECT409K1 }, { "nistk409", SEC_OID_SECG_EC_SECT409K1 }, { "sect409r1", SEC_OID_SECG_EC_SECT409R1 }, { "nistb409", SEC_OID_SECG_EC_SECT409R1 }, { "sect571k1", SEC_OID_SECG_EC_SECT571K1 }, { "nistk571", SEC_OID_SECG_EC_SECT571K1 }, { "sect571r1", SEC_OID_SECG_EC_SECT571R1 }, { "nistb571", SEC_OID_SECG_EC_SECT571R1 }, { "secp160k1", SEC_OID_SECG_EC_SECP160K1 }, { "secp160r1", SEC_OID_SECG_EC_SECP160R1 }, { "secp160r2", SEC_OID_SECG_EC_SECP160R2 }, { "secp192k1", SEC_OID_SECG_EC_SECP192K1 }, { "secp192r1", SEC_OID_SECG_EC_SECP192R1 }, { "nistp192", SEC_OID_SECG_EC_SECP192R1 }, { "secp224k1", SEC_OID_SECG_EC_SECP224K1 }, { "secp224r1", SEC_OID_SECG_EC_SECP224R1 }, { "nistp224", SEC_OID_SECG_EC_SECP224R1 }, { "secp256k1", SEC_OID_SECG_EC_SECP256K1 }, { "secp256r1", SEC_OID_SECG_EC_SECP256R1 }, { "nistp256", SEC_OID_SECG_EC_SECP256R1 }, { "secp384r1", SEC_OID_SECG_EC_SECP384R1 }, { "nistp384", SEC_OID_SECG_EC_SECP384R1 }, { "secp521r1", SEC_OID_SECG_EC_SECP521R1 }, { "nistp521", SEC_OID_SECG_EC_SECP521R1 }, { "prime192v1", SEC_OID_ANSIX962_EC_PRIME192V1 }, { "prime192v2", SEC_OID_ANSIX962_EC_PRIME192V2 }, { "prime192v3", SEC_OID_ANSIX962_EC_PRIME192V3 }, { "prime239v1", SEC_OID_ANSIX962_EC_PRIME239V1 }, { "prime239v2", SEC_OID_ANSIX962_EC_PRIME239V2 }, { "prime239v3", SEC_OID_ANSIX962_EC_PRIME239V3 }, { "c2pnb163v1", SEC_OID_ANSIX962_EC_C2PNB163V1 }, { "c2pnb163v2", SEC_OID_ANSIX962_EC_C2PNB163V2 }, { "c2pnb163v3", SEC_OID_ANSIX962_EC_C2PNB163V3 }, { "c2pnb176v1", SEC_OID_ANSIX962_EC_C2PNB176V1 }, { "c2tnb191v1", SEC_OID_ANSIX962_EC_C2TNB191V1 }, { "c2tnb191v2", SEC_OID_ANSIX962_EC_C2TNB191V2 }, { "c2tnb191v3", SEC_OID_ANSIX962_EC_C2TNB191V3 }, { "c2onb191v4", SEC_OID_ANSIX962_EC_C2ONB191V4 }, { "c2onb191v5", SEC_OID_ANSIX962_EC_C2ONB191V5 }, { "c2pnb208w1", SEC_OID_ANSIX962_EC_C2PNB208W1 }, { "c2tnb239v1", SEC_OID_ANSIX962_EC_C2TNB239V1 }, { "c2tnb239v2", SEC_OID_ANSIX962_EC_C2TNB239V2 }, { "c2tnb239v3", SEC_OID_ANSIX962_EC_C2TNB239V3 }, { "c2onb239v4", SEC_OID_ANSIX962_EC_C2ONB239V4 }, { "c2onb239v5", SEC_OID_ANSIX962_EC_C2ONB239V5 }, { "c2pnb272w1", SEC_OID_ANSIX962_EC_C2PNB272W1 }, { "c2pnb304w1", SEC_OID_ANSIX962_EC_C2PNB304W1 }, { "c2tnb359v1", SEC_OID_ANSIX962_EC_C2TNB359V1 }, { "c2pnb368w1", SEC_OID_ANSIX962_EC_C2PNB368W1 }, { "c2tnb431r1", SEC_OID_ANSIX962_EC_C2TNB431R1 }, { "secp112r1", SEC_OID_SECG_EC_SECP112R1 }, { "secp112r2", SEC_OID_SECG_EC_SECP112R2 }, { "secp128r1", SEC_OID_SECG_EC_SECP128R1 }, { "secp128r2", SEC_OID_SECG_EC_SECP128R2 }, { "sect113r1", SEC_OID_SECG_EC_SECT113R1 }, { "sect113r2", SEC_OID_SECG_EC_SECT113R2 }, { "sect131r1", SEC_OID_SECG_EC_SECT131R1 }, { "sect131r2", SEC_OID_SECG_EC_SECT131R2 }, { "curve25519", SEC_OID_CURVE25519 }, }; static SECItem * getECParams(const char *curve) { SECItem *ecparams; SECOidData *oidData = NULL; SECOidTag curveOidTag = SEC_OID_UNKNOWN; /* default */ int i, numCurves; if (curve != NULL) { numCurves = sizeof(nameTagPair) / sizeof(CurveNameTagPair); for (i = 0; ((i < numCurves) && (curveOidTag == SEC_OID_UNKNOWN)); i++) { if (PL_strcmp(curve, nameTagPair[i].curveName) == 0) curveOidTag = nameTagPair[i].curveOidTag; } } /* Return NULL if curve name is not recognized */ if ((curveOidTag == SEC_OID_UNKNOWN) || (oidData = SECOID_FindOIDByTag(curveOidTag)) == NULL) { fprintf(stderr, "Unrecognized elliptic curve %s\n", curve); return NULL; } ecparams = SECITEM_AllocItem(NULL, NULL, (2 + oidData->oid.len)); /* * ecparams->data needs to contain the ASN encoding of an object ID (OID) * representing the named curve. The actual OID is in * oidData->oid.data so we simply prepend 0x06 and OID length */ ecparams->data[0] = SEC_ASN1_OBJECT_ID; ecparams->data[1] = oidData->oid.len; memcpy(ecparams->data + 2, oidData->oid.data, oidData->oid.len); return ecparams; } static void dump_pqg(PQGParams *pqg) { SECU_PrintInteger(stdout, &pqg->prime, "PRIME:", 0); SECU_PrintInteger(stdout, &pqg->subPrime, "SUBPRIME:", 0); SECU_PrintInteger(stdout, &pqg->base, "BASE:", 0); } static void dump_dsakey(DSAPrivateKey *key) { dump_pqg(&key->params); SECU_PrintInteger(stdout, &key->publicValue, "PUBLIC VALUE:", 0); SECU_PrintInteger(stdout, &key->privateValue, "PRIVATE VALUE:", 0); } static void dump_ecp(ECParams *ecp) { /* TODO other fields */ SECU_PrintInteger(stdout, &ecp->base, "BASE POINT:", 0); } static void dump_eckey(ECPrivateKey *key) { dump_ecp(&key->ecParams); SECU_PrintInteger(stdout, &key->publicValue, "PUBLIC VALUE:", 0); SECU_PrintInteger(stdout, &key->privateValue, "PRIVATE VALUE:", 0); } static void dump_rsakey(RSAPrivateKey *key) { SECU_PrintInteger(stdout, &key->version, "VERSION:", 0); SECU_PrintInteger(stdout, &key->modulus, "MODULUS:", 0); SECU_PrintInteger(stdout, &key->publicExponent, "PUBLIC EXP:", 0); SECU_PrintInteger(stdout, &key->privateExponent, "PRIVATE EXP:", 0); SECU_PrintInteger(stdout, &key->prime1, "CRT PRIME 1:", 0); SECU_PrintInteger(stdout, &key->prime2, "CRT PRIME 2:", 0); SECU_PrintInteger(stdout, &key->exponent1, "CRT EXP 1:", 0); SECU_PrintInteger(stdout, &key->exponent2, "CRT EXP 2:", 0); SECU_PrintInteger(stdout, &key->coefficient, "CRT COEFFICIENT:", 0); } typedef enum { bltestBase64Encoded, /* Base64 encoded ASCII */ bltestBinary, /* straight binary */ bltestHexSpaceDelim, /* 0x12 0x34 0xab 0xCD ... */ bltestHexStream /* 1234abCD ... */ } bltestIOMode; typedef struct { SECItem buf; SECItem pBuf; bltestIOMode mode; PRFileDesc *file; } bltestIO; typedef SECStatus (*bltestSymmCipherFn)(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen); typedef SECStatus (*bltestAEADFn)(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen, const unsigned char *nonce, unsigned int nonceLen, const unsigned char *ad, unsigned int adLen); typedef SECStatus (*bltestPubKeyCipherFn)(void *key, SECItem *output, const SECItem *input); typedef SECStatus (*bltestHashCipherFn)(unsigned char *dest, const unsigned char *src, PRUint32 src_length); /* Note: Algorithms are grouped in order to support is_symmkeyCipher / * is_pubkeyCipher / is_hashCipher / is_sigCipher */ typedef enum { bltestINVALID = -1, bltestDES_ECB, /* Symmetric Key Ciphers */ bltestDES_CBC, /* . */ bltestDES_EDE_ECB, /* . */ bltestDES_EDE_CBC, /* . */ bltestRC2_ECB, /* . */ bltestRC2_CBC, /* . */ bltestRC4, /* . */ #ifdef NSS_SOFTOKEN_DOES_RC5 bltestRC5_ECB, /* . */ bltestRC5_CBC, /* . */ #endif bltestAES_ECB, /* . */ bltestAES_CBC, /* . */ bltestAES_CTS, /* . */ bltestAES_CTR, /* . */ bltestAES_GCM, /* . */ bltestCAMELLIA_ECB, /* . */ bltestCAMELLIA_CBC, /* . */ bltestSEED_ECB, /* SEED algorithm */ bltestSEED_CBC, /* SEED algorithm */ bltestCHACHA20, /* ChaCha20 + Poly1305 */ bltestRSA, /* Public Key Ciphers */ bltestRSA_OAEP, /* . (Public Key Enc.) */ bltestRSA_PSS, /* . (Public Key Sig.) */ bltestECDSA, /* . (Public Key Sig.) */ bltestDSA, /* . (Public Key Sig.) */ bltestMD2, /* Hash algorithms */ bltestMD5, /* . */ bltestSHA1, /* . */ bltestSHA224, /* . */ bltestSHA256, /* . */ bltestSHA384, /* . */ bltestSHA512, /* . */ NUMMODES } bltestCipherMode; static char *mode_strings[] = { "des_ecb", "des_cbc", "des3_ecb", "des3_cbc", "rc2_ecb", "rc2_cbc", "rc4", #ifdef NSS_SOFTOKEN_DOES_RC5 "rc5_ecb", "rc5_cbc", #endif "aes_ecb", "aes_cbc", "aes_cts", "aes_ctr", "aes_gcm", "camellia_ecb", "camellia_cbc", "seed_ecb", "seed_cbc", "chacha20_poly1305", "rsa", "rsa_oaep", "rsa_pss", "ecdsa", /*"pqg",*/ "dsa", "md2", "md5", "sha1", "sha224", "sha256", "sha384", "sha512", }; typedef struct { bltestIO key; bltestIO iv; } bltestSymmKeyParams; typedef struct { bltestSymmKeyParams sk; /* must be first */ bltestIO aad; } bltestAuthSymmKeyParams; typedef struct { bltestIO key; bltestIO iv; int rounds; int wordsize; } bltestRC5Params; typedef struct { bltestIO key; int keysizeInBits; /* OAEP & PSS */ HASH_HashType hashAlg; HASH_HashType maskHashAlg; bltestIO seed; /* salt if PSS */ } bltestRSAParams; typedef struct { bltestIO pqgdata; unsigned int keysize; bltestIO keyseed; bltestIO sigseed; PQGParams *pqg; } bltestDSAParams; typedef struct { char *curveName; bltestIO sigseed; } bltestECDSAParams; typedef struct { bltestIO key; void *privKey; void *pubKey; bltestIO sig; /* if doing verify, the signature (which may come * from sigfile. */ union { bltestRSAParams rsa; bltestDSAParams dsa; bltestECDSAParams ecdsa; } cipherParams; } bltestAsymKeyParams; typedef struct { bltestIO key; /* unused */ PRBool restart; } bltestHashParams; typedef union { bltestIO key; bltestSymmKeyParams sk; bltestAuthSymmKeyParams ask; bltestRC5Params rc5; bltestAsymKeyParams asymk; bltestHashParams hash; } bltestParams; typedef struct bltestCipherInfoStr bltestCipherInfo; struct bltestCipherInfoStr { PLArenaPool *arena; /* link to next in multithreaded test */ bltestCipherInfo *next; PRThread *cipherThread; /* MonteCarlo test flag*/ PRBool mCarlo; /* cipher context */ void *cx; /* I/O streams */ bltestIO input; bltestIO output; /* Cipher-specific parameters */ bltestParams params; /* Cipher mode */ bltestCipherMode mode; /* Cipher function (encrypt/decrypt/sign/verify/hash) */ union { bltestSymmCipherFn symmkeyCipher; bltestAEADFn aeadCipher; bltestPubKeyCipherFn pubkeyCipher; bltestHashCipherFn hashCipher; } cipher; /* performance testing */ int repetitionsToPerfom; int seconds; int repetitions; int cxreps; double cxtime; double optime; }; PRBool is_symmkeyCipher(bltestCipherMode mode) { /* change as needed! */ if (mode >= bltestDES_ECB && mode <= bltestSEED_CBC) return PR_TRUE; return PR_FALSE; } PRBool is_aeadCipher(bltestCipherMode mode) { /* change as needed! */ switch (mode) { case bltestCHACHA20: return PR_TRUE; default: return PR_FALSE; } } PRBool is_authCipher(bltestCipherMode mode) { /* change as needed! */ switch (mode) { case bltestAES_GCM: case bltestCHACHA20: return PR_TRUE; default: return PR_FALSE; } } PRBool is_singleShotCipher(bltestCipherMode mode) { /* change as needed! */ switch (mode) { case bltestAES_GCM: case bltestAES_CTS: case bltestCHACHA20: return PR_TRUE; default: return PR_FALSE; } } PRBool is_pubkeyCipher(bltestCipherMode mode) { /* change as needed! */ if (mode >= bltestRSA && mode <= bltestDSA) return PR_TRUE; return PR_FALSE; } PRBool is_hashCipher(bltestCipherMode mode) { /* change as needed! */ if (mode >= bltestMD2 && mode <= bltestSHA512) return PR_TRUE; return PR_FALSE; } PRBool is_sigCipher(bltestCipherMode mode) { /* change as needed! */ if (mode >= bltestRSA_PSS && mode <= bltestDSA) return PR_TRUE; return PR_FALSE; } PRBool cipher_requires_IV(bltestCipherMode mode) { /* change as needed! */ switch (mode) { case bltestDES_CBC: case bltestDES_EDE_CBC: case bltestRC2_CBC: #ifdef NSS_SOFTOKEN_DOES_RC5 case bltestRC5_CBC: #endif case bltestAES_CBC: case bltestAES_CTS: case bltestAES_CTR: case bltestAES_GCM: case bltestCAMELLIA_CBC: case bltestSEED_CBC: case bltestCHACHA20: return PR_TRUE; default: return PR_FALSE; } } SECStatus finishIO(bltestIO *output, PRFileDesc *file); SECStatus setupIO(PLArenaPool *arena, bltestIO *input, PRFileDesc *file, char *str, int numBytes) { SECStatus rv = SECSuccess; SECItem fileData; SECItem *in; unsigned char *tok; unsigned int i, j; PRBool needToFreeFile = PR_FALSE; if (file && (numBytes == 0 || file == PR_STDIN)) { /* grabbing data from a file */ rv = SECU_FileToItem(&fileData, file); if (rv != SECSuccess) return SECFailure; in = &fileData; needToFreeFile = PR_TRUE; } else if (str) { /* grabbing data from command line */ fileData.data = (unsigned char *)str; fileData.len = PL_strlen(str); in = &fileData; } else if (file) { /* create nonce */ SECITEM_AllocItem(arena, &input->buf, numBytes); RNG_GenerateGlobalRandomBytes(input->buf.data, numBytes); return finishIO(input, file); } else { return SECFailure; } switch (input->mode) { case bltestBase64Encoded: if (in->len == 0) { input->buf.data = NULL; input->buf.len = 0; break; } rv = atob(in, &input->buf, arena); break; case bltestBinary: if (in->len == 0) { input->buf.data = NULL; input->buf.len = 0; break; } if (in->data[in->len - 1] == '\n') --in->len; if (in->data[in->len - 1] == '\r') --in->len; rv = SECITEM_CopyItem(arena, &input->buf, in); break; case bltestHexSpaceDelim: SECITEM_AllocItem(arena, &input->buf, in->len / 5); for (i = 0, j = 0; i < in->len; i += 5, j++) { tok = &in->data[i]; if (tok[0] != '0' || tok[1] != 'x' || tok[4] != ' ') /* bad hex token */ break; rv = hex_from_2char(&tok[2], input->buf.data + j); if (rv) break; } break; case bltestHexStream: SECITEM_AllocItem(arena, &input->buf, in->len / 2); for (i = 0, j = 0; i < in->len; i += 2, j++) { tok = &in->data[i]; rv = hex_from_2char(tok, input->buf.data + j); if (rv) break; } break; } if (needToFreeFile) SECITEM_FreeItem(&fileData, PR_FALSE); return rv; } SECStatus finishIO(bltestIO *output, PRFileDesc *file) { SECStatus rv = SECSuccess; PRInt32 nb; unsigned char byteval; SECItem *it; char hexstr[5]; unsigned int i; if (output->pBuf.len > 0) { it = &output->pBuf; } else { it = &output->buf; } switch (output->mode) { case bltestBase64Encoded: rv = btoa_file(it, file); break; case bltestBinary: nb = PR_Write(file, it->data, it->len); rv = (nb == (PRInt32)it->len) ? SECSuccess : SECFailure; break; case bltestHexSpaceDelim: hexstr[0] = '0'; hexstr[1] = 'x'; hexstr[4] = ' '; for (i = 0; i < it->len; i++) { byteval = it->data[i]; rv = char2_from_hex(byteval, hexstr + 2); nb = PR_Write(file, hexstr, 5); if (rv) break; } PR_Write(file, "\n", 1); break; case bltestHexStream: for (i = 0; i < it->len; i++) { byteval = it->data[i]; rv = char2_from_hex(byteval, hexstr); if (rv) break; nb = PR_Write(file, hexstr, 2); } PR_Write(file, "\n", 1); break; } return rv; } SECStatus bltestCopyIO(PLArenaPool *arena, bltestIO *dest, bltestIO *src) { if (SECITEM_CopyItem(arena, &dest->buf, &src->buf) != SECSuccess) { return SECFailure; } if (src->pBuf.len > 0) { dest->pBuf.len = src->pBuf.len; dest->pBuf.data = dest->buf.data + (src->pBuf.data - src->buf.data); } dest->mode = src->mode; dest->file = src->file; return SECSuccess; } void misalignBuffer(PLArenaPool *arena, bltestIO *io, int off) { ptrdiff_t offset = (ptrdiff_t)io->buf.data % WORDSIZE; int length = io->buf.len; if (offset != off) { SECITEM_ReallocItemV2(arena, &io->buf, length + 2 * WORDSIZE); /* offset may have changed? */ offset = (ptrdiff_t)io->buf.data % WORDSIZE; if (offset != off) { memmove(io->buf.data + off, io->buf.data, length); io->pBuf.data = io->buf.data + off; io->pBuf.len = length; } else { io->pBuf.data = io->buf.data; io->pBuf.len = length; } } else { io->pBuf.data = io->buf.data; io->pBuf.len = length; } } SECStatus des_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { return DES_Encrypt((DESContext *)cx, output, outputLen, maxOutputLen, input, inputLen); } SECStatus des_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { return DES_Decrypt((DESContext *)cx, output, outputLen, maxOutputLen, input, inputLen); } SECStatus rc2_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { return RC2_Encrypt((RC2Context *)cx, output, outputLen, maxOutputLen, input, inputLen); } SECStatus rc2_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { return RC2_Decrypt((RC2Context *)cx, output, outputLen, maxOutputLen, input, inputLen); } SECStatus rc4_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { return RC4_Encrypt((RC4Context *)cx, output, outputLen, maxOutputLen, input, inputLen); } SECStatus rc4_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { return RC4_Decrypt((RC4Context *)cx, output, outputLen, maxOutputLen, input, inputLen); } SECStatus aes_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { return AES_Encrypt((AESContext *)cx, output, outputLen, maxOutputLen, input, inputLen); } SECStatus aes_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { return AES_Decrypt((AESContext *)cx, output, outputLen, maxOutputLen, input, inputLen); } SECStatus chacha20_poly1305_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen, const unsigned char *nonce, unsigned int nonceLen, const unsigned char *ad, unsigned int adLen) { return ChaCha20Poly1305_Seal((ChaCha20Poly1305Context *)cx, output, outputLen, maxOutputLen, input, inputLen, nonce, nonceLen, ad, adLen); } SECStatus chacha20_poly1305_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen, const unsigned char *nonce, unsigned int nonceLen, const unsigned char *ad, unsigned int adLen) { return ChaCha20Poly1305_Open((ChaCha20Poly1305Context *)cx, output, outputLen, maxOutputLen, input, inputLen, nonce, nonceLen, ad, adLen); } SECStatus camellia_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { return Camellia_Encrypt((CamelliaContext *)cx, output, outputLen, maxOutputLen, input, inputLen); } SECStatus camellia_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { return Camellia_Decrypt((CamelliaContext *)cx, output, outputLen, maxOutputLen, input, inputLen); } SECStatus seed_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { return SEED_Encrypt((SEEDContext *)cx, output, outputLen, maxOutputLen, input, inputLen); } SECStatus seed_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { return SEED_Decrypt((SEEDContext *)cx, output, outputLen, maxOutputLen, input, inputLen); } SECStatus rsa_PublicKeyOp(void *cx, SECItem *output, const SECItem *input) { bltestAsymKeyParams *params = (bltestAsymKeyParams *)cx; RSAPublicKey *pubKey = (RSAPublicKey *)params->pubKey; SECStatus rv = RSA_PublicKeyOp(pubKey, output->data, input->data); if (rv == SECSuccess) { output->len = pubKey->modulus.data[0] ? pubKey->modulus.len : pubKey->modulus.len - 1; } return rv; } SECStatus rsa_PrivateKeyOp(void *cx, SECItem *output, const SECItem *input) { bltestAsymKeyParams *params = (bltestAsymKeyParams *)cx; RSAPrivateKey *privKey = (RSAPrivateKey *)params->privKey; SECStatus rv = RSA_PrivateKeyOp(privKey, output->data, input->data); if (rv == SECSuccess) { output->len = privKey->modulus.data[0] ? privKey->modulus.len : privKey->modulus.len - 1; } return rv; } SECStatus rsa_signDigestPSS(void *cx, SECItem *output, const SECItem *input) { bltestAsymKeyParams *params = (bltestAsymKeyParams *)cx; bltestRSAParams *rsaParams = ¶ms->cipherParams.rsa; return RSA_SignPSS((RSAPrivateKey *)params->privKey, rsaParams->hashAlg, rsaParams->maskHashAlg, rsaParams->seed.buf.data, rsaParams->seed.buf.len, output->data, &output->len, output->len, input->data, input->len); } SECStatus rsa_verifyDigestPSS(void *cx, SECItem *output, const SECItem *input) { bltestAsymKeyParams *params = (bltestAsymKeyParams *)cx; bltestRSAParams *rsaParams = ¶ms->cipherParams.rsa; return RSA_CheckSignPSS((RSAPublicKey *)params->pubKey, rsaParams->hashAlg, rsaParams->maskHashAlg, rsaParams->seed.buf.len, output->data, output->len, input->data, input->len); } SECStatus rsa_encryptOAEP(void *cx, SECItem *output, const SECItem *input) { bltestAsymKeyParams *params = (bltestAsymKeyParams *)cx; bltestRSAParams *rsaParams = ¶ms->cipherParams.rsa; return RSA_EncryptOAEP((RSAPublicKey *)params->pubKey, rsaParams->hashAlg, rsaParams->maskHashAlg, NULL, 0, rsaParams->seed.buf.data, rsaParams->seed.buf.len, output->data, &output->len, output->len, input->data, input->len); } SECStatus rsa_decryptOAEP(void *cx, SECItem *output, const SECItem *input) { bltestAsymKeyParams *params = (bltestAsymKeyParams *)cx; bltestRSAParams *rsaParams = ¶ms->cipherParams.rsa; return RSA_DecryptOAEP((RSAPrivateKey *)params->privKey, rsaParams->hashAlg, rsaParams->maskHashAlg, NULL, 0, output->data, &output->len, output->len, input->data, input->len); } SECStatus dsa_signDigest(void *cx, SECItem *output, const SECItem *input) { bltestAsymKeyParams *params = (bltestAsymKeyParams *)cx; if (params->cipherParams.dsa.sigseed.buf.len > 0) { return DSA_SignDigestWithSeed((DSAPrivateKey *)params->privKey, output, input, params->cipherParams.dsa.sigseed.buf.data); } return DSA_SignDigest((DSAPrivateKey *)params->privKey, output, input); } SECStatus dsa_verifyDigest(void *cx, SECItem *output, const SECItem *input) { bltestAsymKeyParams *params = (bltestAsymKeyParams *)cx; return DSA_VerifyDigest((DSAPublicKey *)params->pubKey, output, input); } SECStatus ecdsa_signDigest(void *cx, SECItem *output, const SECItem *input) { bltestAsymKeyParams *params = (bltestAsymKeyParams *)cx; if (params->cipherParams.ecdsa.sigseed.buf.len > 0) { return ECDSA_SignDigestWithSeed( (ECPrivateKey *)params->privKey, output, input, params->cipherParams.ecdsa.sigseed.buf.data, params->cipherParams.ecdsa.sigseed.buf.len); } return ECDSA_SignDigest((ECPrivateKey *)params->privKey, output, input); } SECStatus ecdsa_verifyDigest(void *cx, SECItem *output, const SECItem *input) { bltestAsymKeyParams *params = (bltestAsymKeyParams *)cx; return ECDSA_VerifyDigest((ECPublicKey *)params->pubKey, output, input); } SECStatus bltest_des_init(bltestCipherInfo *cipherInfo, PRBool encrypt) { PRIntervalTime time1, time2; bltestSymmKeyParams *desp = &cipherInfo->params.sk; int minorMode; int i; switch (cipherInfo->mode) { case bltestDES_ECB: minorMode = NSS_DES; break; case bltestDES_CBC: minorMode = NSS_DES_CBC; break; case bltestDES_EDE_ECB: minorMode = NSS_DES_EDE3; break; case bltestDES_EDE_CBC: minorMode = NSS_DES_EDE3_CBC; break; default: return SECFailure; } cipherInfo->cx = (void *)DES_CreateContext(desp->key.buf.data, desp->iv.buf.data, minorMode, encrypt); if (cipherInfo->cxreps > 0) { DESContext **dummycx; dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(DESContext *)); TIMESTART(); for (i = 0; i < cipherInfo->cxreps; i++) { dummycx[i] = (void *)DES_CreateContext(desp->key.buf.data, desp->iv.buf.data, minorMode, encrypt); } TIMEFINISH(cipherInfo->cxtime, 1.0); for (i = 0; i < cipherInfo->cxreps; i++) { DES_DestroyContext(dummycx[i], PR_TRUE); } PORT_Free(dummycx); } if (encrypt) cipherInfo->cipher.symmkeyCipher = des_Encrypt; else cipherInfo->cipher.symmkeyCipher = des_Decrypt; return SECSuccess; } SECStatus bltest_rc2_init(bltestCipherInfo *cipherInfo, PRBool encrypt) { PRIntervalTime time1, time2; bltestSymmKeyParams *rc2p = &cipherInfo->params.sk; int minorMode; int i; switch (cipherInfo->mode) { case bltestRC2_ECB: minorMode = NSS_RC2; break; case bltestRC2_CBC: minorMode = NSS_RC2_CBC; break; default: return SECFailure; } cipherInfo->cx = (void *)RC2_CreateContext(rc2p->key.buf.data, rc2p->key.buf.len, rc2p->iv.buf.data, minorMode, rc2p->key.buf.len); if (cipherInfo->cxreps > 0) { RC2Context **dummycx; dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC2Context *)); TIMESTART(); for (i = 0; i < cipherInfo->cxreps; i++) { dummycx[i] = (void *)RC2_CreateContext(rc2p->key.buf.data, rc2p->key.buf.len, rc2p->iv.buf.data, minorMode, rc2p->key.buf.len); } TIMEFINISH(cipherInfo->cxtime, 1.0); for (i = 0; i < cipherInfo->cxreps; i++) { RC2_DestroyContext(dummycx[i], PR_TRUE); } PORT_Free(dummycx); } if (encrypt) cipherInfo->cipher.symmkeyCipher = rc2_Encrypt; else cipherInfo->cipher.symmkeyCipher = rc2_Decrypt; return SECSuccess; } SECStatus bltest_rc4_init(bltestCipherInfo *cipherInfo, PRBool encrypt) { PRIntervalTime time1, time2; int i; bltestSymmKeyParams *rc4p = &cipherInfo->params.sk; cipherInfo->cx = (void *)RC4_CreateContext(rc4p->key.buf.data, rc4p->key.buf.len); if (cipherInfo->cxreps > 0) { RC4Context **dummycx; dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC4Context *)); TIMESTART(); for (i = 0; i < cipherInfo->cxreps; i++) { dummycx[i] = (void *)RC4_CreateContext(rc4p->key.buf.data, rc4p->key.buf.len); } TIMEFINISH(cipherInfo->cxtime, 1.0); for (i = 0; i < cipherInfo->cxreps; i++) { RC4_DestroyContext(dummycx[i], PR_TRUE); } PORT_Free(dummycx); } if (encrypt) cipherInfo->cipher.symmkeyCipher = rc4_Encrypt; else cipherInfo->cipher.symmkeyCipher = rc4_Decrypt; return SECSuccess; } SECStatus bltest_rc5_init(bltestCipherInfo *cipherInfo, PRBool encrypt) { #ifdef NSS_SOFTOKEN_DOES_RC5 PRIntervalTime time1, time2; bltestRC5Params *rc5p = &cipherInfo->params.rc5; int minorMode; switch (cipherInfo->mode) { case bltestRC5_ECB: minorMode = NSS_RC5; break; case bltestRC5_CBC: minorMode = NSS_RC5_CBC; break; default: return SECFailure; } TIMESTART(); cipherInfo->cx = (void *)RC5_CreateContext(&rc5p->key.buf, rc5p->rounds, rc5p->wordsize, rc5p->iv.buf.data, minorMode); TIMEFINISH(cipherInfo->cxtime, 1.0); if (encrypt) cipherInfo->cipher.symmkeyCipher = RC5_Encrypt; else cipherInfo->cipher.symmkeyCipher = RC5_Decrypt; return SECSuccess; #else return SECFailure; #endif } SECStatus bltest_aes_init(bltestCipherInfo *cipherInfo, PRBool encrypt) { bltestSymmKeyParams *aesp = &cipherInfo->params.sk; bltestAuthSymmKeyParams *gcmp = &cipherInfo->params.ask; int minorMode; int i; int keylen = aesp->key.buf.len; unsigned int blocklen = AES_BLOCK_SIZE; PRIntervalTime time1, time2; unsigned char *params; int len; CK_AES_CTR_PARAMS ctrParams; CK_GCM_PARAMS gcmParams; params = aesp->iv.buf.data; switch (cipherInfo->mode) { case bltestAES_ECB: minorMode = NSS_AES; break; case bltestAES_CBC: minorMode = NSS_AES_CBC; break; case bltestAES_CTS: minorMode = NSS_AES_CTS; break; case bltestAES_CTR: minorMode = NSS_AES_CTR; ctrParams.ulCounterBits = 32; len = PR_MIN(aesp->iv.buf.len, blocklen); PORT_Memset(ctrParams.cb, 0, blocklen); PORT_Memcpy(ctrParams.cb, aesp->iv.buf.data, len); params = (unsigned char *)&ctrParams; break; case bltestAES_GCM: minorMode = NSS_AES_GCM; gcmParams.pIv = gcmp->sk.iv.buf.data; gcmParams.ulIvLen = gcmp->sk.iv.buf.len; gcmParams.pAAD = gcmp->aad.buf.data; gcmParams.ulAADLen = gcmp->aad.buf.len; gcmParams.ulTagBits = blocklen * 8; params = (unsigned char *)&gcmParams; break; default: return SECFailure; } cipherInfo->cx = (void *)AES_CreateContext(aesp->key.buf.data, params, minorMode, encrypt, keylen, blocklen); if (cipherInfo->cxreps > 0) { AESContext **dummycx; dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(AESContext *)); TIMESTART(); for (i = 0; i < cipherInfo->cxreps; i++) { dummycx[i] = (void *)AES_CreateContext(aesp->key.buf.data, params, minorMode, encrypt, keylen, blocklen); } TIMEFINISH(cipherInfo->cxtime, 1.0); for (i = 0; i < cipherInfo->cxreps; i++) { AES_DestroyContext(dummycx[i], PR_TRUE); } PORT_Free(dummycx); } if (encrypt) cipherInfo->cipher.symmkeyCipher = aes_Encrypt; else cipherInfo->cipher.symmkeyCipher = aes_Decrypt; return SECSuccess; } SECStatus bltest_camellia_init(bltestCipherInfo *cipherInfo, PRBool encrypt) { bltestSymmKeyParams *camelliap = &cipherInfo->params.sk; int minorMode; int i; int keylen = camelliap->key.buf.len; PRIntervalTime time1, time2; switch (cipherInfo->mode) { case bltestCAMELLIA_ECB: minorMode = NSS_CAMELLIA; break; case bltestCAMELLIA_CBC: minorMode = NSS_CAMELLIA_CBC; break; default: return SECFailure; } cipherInfo->cx = (void *)Camellia_CreateContext(camelliap->key.buf.data, camelliap->iv.buf.data, minorMode, encrypt, keylen); if (cipherInfo->cxreps > 0) { CamelliaContext **dummycx; dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(CamelliaContext *)); TIMESTART(); for (i = 0; i < cipherInfo->cxreps; i++) { dummycx[i] = (void *)Camellia_CreateContext(camelliap->key.buf.data, camelliap->iv.buf.data, minorMode, encrypt, keylen); } TIMEFINISH(cipherInfo->cxtime, 1.0); for (i = 0; i < cipherInfo->cxreps; i++) { Camellia_DestroyContext(dummycx[i], PR_TRUE); } PORT_Free(dummycx); } if (encrypt) cipherInfo->cipher.symmkeyCipher = camellia_Encrypt; else cipherInfo->cipher.symmkeyCipher = camellia_Decrypt; return SECSuccess; } SECStatus bltest_seed_init(bltestCipherInfo *cipherInfo, PRBool encrypt) { PRIntervalTime time1, time2; bltestSymmKeyParams *seedp = &cipherInfo->params.sk; int minorMode; int i; switch (cipherInfo->mode) { case bltestSEED_ECB: minorMode = NSS_SEED; break; case bltestSEED_CBC: minorMode = NSS_SEED_CBC; break; default: return SECFailure; } cipherInfo->cx = (void *)SEED_CreateContext(seedp->key.buf.data, seedp->iv.buf.data, minorMode, encrypt); if (cipherInfo->cxreps > 0) { SEEDContext **dummycx; dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(SEEDContext *)); TIMESTART(); for (i = 0; i < cipherInfo->cxreps; i++) { dummycx[i] = (void *)SEED_CreateContext(seedp->key.buf.data, seedp->iv.buf.data, minorMode, encrypt); } TIMEFINISH(cipherInfo->cxtime, 1.0); for (i = 0; i < cipherInfo->cxreps; i++) { SEED_DestroyContext(dummycx[i], PR_TRUE); } PORT_Free(dummycx); } if (encrypt) cipherInfo->cipher.symmkeyCipher = seed_Encrypt; else cipherInfo->cipher.symmkeyCipher = seed_Decrypt; return SECSuccess; } SECStatus bltest_chacha20_init(bltestCipherInfo *cipherInfo, PRBool encrypt) { const unsigned int tagLen = 16; const bltestSymmKeyParams *sk = &cipherInfo->params.sk; cipherInfo->cx = ChaCha20Poly1305_CreateContext(sk->key.buf.data, sk->key.buf.len, tagLen); if (encrypt) cipherInfo->cipher.aeadCipher = chacha20_poly1305_Encrypt; else cipherInfo->cipher.aeadCipher = chacha20_poly1305_Decrypt; return SECSuccess; } SECStatus bltest_rsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt) { int i; RSAPrivateKey **dummyKey; RSAPrivateKey *privKey; RSAPublicKey *pubKey; PRIntervalTime time1, time2; bltestAsymKeyParams *asymk = &cipherInfo->params.asymk; bltestRSAParams *rsap = &asymk->cipherParams.rsa; /* RSA key gen was done during parameter setup */ cipherInfo->cx = asymk; privKey = (RSAPrivateKey *)asymk->privKey; /* For performance testing */ if (cipherInfo->cxreps > 0) { /* Create space for n private key objects */ dummyKey = (RSAPrivateKey **)PORT_Alloc(cipherInfo->cxreps * sizeof(RSAPrivateKey *)); /* Time n keygens, storing in the array */ TIMESTART(); for (i = 0; i < cipherInfo->cxreps; i++) dummyKey[i] = RSA_NewKey(rsap->keysizeInBits, &privKey->publicExponent); TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps); /* Free the n key objects */ for (i = 0; i < cipherInfo->cxreps; i++) PORT_FreeArena(dummyKey[i]->arena, PR_TRUE); PORT_Free(dummyKey); } if ((encrypt && !is_sigCipher(cipherInfo->mode)) || (!encrypt && is_sigCipher(cipherInfo->mode))) { /* Have to convert private key to public key. Memory * is freed with private key's arena */ pubKey = (RSAPublicKey *)PORT_ArenaAlloc(privKey->arena, sizeof(RSAPublicKey)); pubKey->modulus.len = privKey->modulus.len; pubKey->modulus.data = privKey->modulus.data; pubKey->publicExponent.len = privKey->publicExponent.len; pubKey->publicExponent.data = privKey->publicExponent.data; asymk->pubKey = (void *)pubKey; } switch (cipherInfo->mode) { case bltestRSA: cipherInfo->cipher.pubkeyCipher = encrypt ? rsa_PublicKeyOp : rsa_PrivateKeyOp; break; case bltestRSA_PSS: cipherInfo->cipher.pubkeyCipher = encrypt ? rsa_signDigestPSS : rsa_verifyDigestPSS; break; case bltestRSA_OAEP: cipherInfo->cipher.pubkeyCipher = encrypt ? rsa_encryptOAEP : rsa_decryptOAEP; break; default: break; } return SECSuccess; } SECStatus blapi_pqg_param_gen(unsigned int keysize, PQGParams **pqg, PQGVerify **vfy) { if (keysize < 1024) { int j = PQG_PBITS_TO_INDEX(keysize); return PQG_ParamGen(j, pqg, vfy); } return PQG_ParamGenV2(keysize, 0, 0, pqg, vfy); } SECStatus bltest_pqg_init(bltestDSAParams *dsap) { SECStatus rv, res; PQGVerify *vfy = NULL; rv = blapi_pqg_param_gen(dsap->keysize, &dsap->pqg, &vfy); CHECKERROR(rv, __LINE__); rv = PQG_VerifyParams(dsap->pqg, vfy, &res); CHECKERROR(res, __LINE__); CHECKERROR(rv, __LINE__); return rv; } SECStatus bltest_dsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt) { int i; DSAPrivateKey **dummyKey; PQGParams *dummypqg; PRIntervalTime time1, time2; bltestAsymKeyParams *asymk = &cipherInfo->params.asymk; bltestDSAParams *dsap = &asymk->cipherParams.dsa; PQGVerify *ignore = NULL; cipherInfo->cx = asymk; /* For performance testing */ if (cipherInfo->cxreps > 0) { /* Create space for n private key objects */ dummyKey = (DSAPrivateKey **)PORT_ZAlloc(cipherInfo->cxreps * sizeof(DSAPrivateKey *)); /* Time n keygens, storing in the array */ TIMESTART(); for (i = 0; i < cipherInfo->cxreps; i++) { dummypqg = NULL; blapi_pqg_param_gen(dsap->keysize, &dummypqg, &ignore); DSA_NewKey(dummypqg, &dummyKey[i]); } TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps); /* Free the n key objects */ for (i = 0; i < cipherInfo->cxreps; i++) PORT_FreeArena(dummyKey[i]->params.arena, PR_TRUE); PORT_Free(dummyKey); } if (!dsap->pqg && dsap->pqgdata.buf.len > 0) { dsap->pqg = pqg_from_filedata(cipherInfo->arena, &dsap->pqgdata.buf); } if (!asymk->privKey && asymk->key.buf.len > 0) { asymk->privKey = dsakey_from_filedata(cipherInfo->arena, &asymk->key.buf); } if (encrypt) { cipherInfo->cipher.pubkeyCipher = dsa_signDigest; } else { /* Have to convert private key to public key. Memory * is freed with private key's arena */ DSAPublicKey *pubkey; DSAPrivateKey *key = (DSAPrivateKey *)asymk->privKey; pubkey = (DSAPublicKey *)PORT_ArenaZAlloc(key->params.arena, sizeof(DSAPublicKey)); pubkey->params.prime.len = key->params.prime.len; pubkey->params.prime.data = key->params.prime.data; pubkey->params.subPrime.len = key->params.subPrime.len; pubkey->params.subPrime.data = key->params.subPrime.data; pubkey->params.base.len = key->params.base.len; pubkey->params.base.data = key->params.base.data; pubkey->publicValue.len = key->publicValue.len; pubkey->publicValue.data = key->publicValue.data; asymk->pubKey = pubkey; cipherInfo->cipher.pubkeyCipher = dsa_verifyDigest; } return SECSuccess; } SECStatus bltest_ecdsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt) { int i; ECPrivateKey **dummyKey; PRIntervalTime time1, time2; bltestAsymKeyParams *asymk = &cipherInfo->params.asymk; cipherInfo->cx = asymk; /* For performance testing */ if (cipherInfo->cxreps > 0) { /* Create space for n private key objects */ dummyKey = (ECPrivateKey **)PORT_ZAlloc(cipherInfo->cxreps * sizeof(ECPrivateKey *)); /* Time n keygens, storing in the array */ TIMESTART(); for (i = 0; i < cipherInfo->cxreps; i++) { EC_NewKey(&((ECPrivateKey *)asymk->privKey)->ecParams, &dummyKey[i]); } TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps); /* Free the n key objects */ for (i = 0; i < cipherInfo->cxreps; i++) PORT_FreeArena(dummyKey[i]->ecParams.arena, PR_TRUE); PORT_Free(dummyKey); } if (!asymk->privKey && asymk->key.buf.len > 0) { asymk->privKey = eckey_from_filedata(cipherInfo->arena, &asymk->key.buf); } if (encrypt) { cipherInfo->cipher.pubkeyCipher = ecdsa_signDigest; } else { /* Have to convert private key to public key. Memory * is freed with private key's arena */ ECPublicKey *pubkey; ECPrivateKey *key = (ECPrivateKey *)asymk->privKey; pubkey = (ECPublicKey *)PORT_ArenaZAlloc(key->ecParams.arena, sizeof(ECPublicKey)); pubkey->ecParams.type = key->ecParams.type; pubkey->ecParams.fieldID.size = key->ecParams.fieldID.size; pubkey->ecParams.fieldID.type = key->ecParams.fieldID.type; pubkey->ecParams.fieldID.u.prime.len = key->ecParams.fieldID.u.prime.len; pubkey->ecParams.fieldID.u.prime.data = key->ecParams.fieldID.u.prime.data; pubkey->ecParams.fieldID.k1 = key->ecParams.fieldID.k1; pubkey->ecParams.fieldID.k2 = key->ecParams.fieldID.k2; pubkey->ecParams.fieldID.k3 = key->ecParams.fieldID.k3; pubkey->ecParams.curve.a.len = key->ecParams.curve.a.len; pubkey->ecParams.curve.a.data = key->ecParams.curve.a.data; pubkey->ecParams.curve.b.len = key->ecParams.curve.b.len; pubkey->ecParams.curve.b.data = key->ecParams.curve.b.data; pubkey->ecParams.curve.seed.len = key->ecParams.curve.seed.len; pubkey->ecParams.curve.seed.data = key->ecParams.curve.seed.data; pubkey->ecParams.base.len = key->ecParams.base.len; pubkey->ecParams.base.data = key->ecParams.base.data; pubkey->ecParams.order.len = key->ecParams.order.len; pubkey->ecParams.order.data = key->ecParams.order.data; pubkey->ecParams.cofactor = key->ecParams.cofactor; pubkey->ecParams.DEREncoding.len = key->ecParams.DEREncoding.len; pubkey->ecParams.DEREncoding.data = key->ecParams.DEREncoding.data; pubkey->ecParams.name = key->ecParams.name; pubkey->publicValue.len = key->publicValue.len; pubkey->publicValue.data = key->publicValue.data; asymk->pubKey = pubkey; cipherInfo->cipher.pubkeyCipher = ecdsa_verifyDigest; } return SECSuccess; } /* XXX unfortunately, this is not defined in blapi.h */ SECStatus md2_HashBuf(unsigned char *dest, const unsigned char *src, PRUint32 src_length) { unsigned int len; MD2Context *cx = MD2_NewContext(); if (cx == NULL) return SECFailure; MD2_Begin(cx); MD2_Update(cx, src, src_length); MD2_End(cx, dest, &len, MD2_LENGTH); MD2_DestroyContext(cx, PR_TRUE); return SECSuccess; } SECStatus md2_restart(unsigned char *dest, const unsigned char *src, PRUint32 src_length) { MD2Context *cx, *cx_cpy; unsigned char *cxbytes; unsigned int len; unsigned int i, quarter; SECStatus rv = SECSuccess; cx = MD2_NewContext(); MD2_Begin(cx); /* divide message by 4, restarting 3 times */ quarter = (src_length + 3) / 4; for (i = 0; i < 4 && src_length > 0; i++) { MD2_Update(cx, src + i * quarter, PR_MIN(quarter, src_length)); len = MD2_FlattenSize(cx); cxbytes = PORT_Alloc(len); MD2_Flatten(cx, cxbytes); cx_cpy = MD2_Resurrect(cxbytes, NULL); if (!cx_cpy) { PR_fprintf(PR_STDERR, "%s: MD2_Resurrect failed!\n", progName); goto finish; } rv = PORT_Memcmp(cx, cx_cpy, len); if (rv) { MD2_DestroyContext(cx_cpy, PR_TRUE); PR_fprintf(PR_STDERR, "%s: MD2_restart failed!\n", progName); goto finish; } MD2_DestroyContext(cx_cpy, PR_TRUE); PORT_Free(cxbytes); src_length -= quarter; } MD2_End(cx, dest, &len, MD2_LENGTH); finish: MD2_DestroyContext(cx, PR_TRUE); return rv; } SECStatus md5_restart(unsigned char *dest, const unsigned char *src, PRUint32 src_length) { SECStatus rv = SECSuccess; MD5Context *cx, *cx_cpy; unsigned char *cxbytes; unsigned int len; unsigned int i, quarter; cx = MD5_NewContext(); MD5_Begin(cx); /* divide message by 4, restarting 3 times */ quarter = (src_length + 3) / 4; for (i = 0; i < 4 && src_length > 0; i++) { MD5_Update(cx, src + i * quarter, PR_MIN(quarter, src_length)); len = MD5_FlattenSize(cx); cxbytes = PORT_Alloc(len); MD5_Flatten(cx, cxbytes); cx_cpy = MD5_Resurrect(cxbytes, NULL); if (!cx_cpy) { PR_fprintf(PR_STDERR, "%s: MD5_Resurrect failed!\n", progName); rv = SECFailure; goto finish; } rv = PORT_Memcmp(cx, cx_cpy, len); if (rv) { MD5_DestroyContext(cx_cpy, PR_TRUE); PR_fprintf(PR_STDERR, "%s: MD5_restart failed!\n", progName); goto finish; } MD5_DestroyContext(cx_cpy, PR_TRUE); PORT_Free(cxbytes); src_length -= quarter; } MD5_End(cx, dest, &len, MD5_LENGTH); finish: MD5_DestroyContext(cx, PR_TRUE); return rv; } SECStatus sha1_restart(unsigned char *dest, const unsigned char *src, PRUint32 src_length) { SECStatus rv = SECSuccess; SHA1Context *cx, *cx_cpy; unsigned char *cxbytes; unsigned int len; unsigned int i, quarter; cx = SHA1_NewContext(); SHA1_Begin(cx); /* divide message by 4, restarting 3 times */ quarter = (src_length + 3) / 4; for (i = 0; i < 4 && src_length > 0; i++) { SHA1_Update(cx, src + i * quarter, PR_MIN(quarter, src_length)); len = SHA1_FlattenSize(cx); cxbytes = PORT_Alloc(len); SHA1_Flatten(cx, cxbytes); cx_cpy = SHA1_Resurrect(cxbytes, NULL); if (!cx_cpy) { PR_fprintf(PR_STDERR, "%s: SHA1_Resurrect failed!\n", progName); rv = SECFailure; goto finish; } rv = PORT_Memcmp(cx, cx_cpy, len); if (rv) { SHA1_DestroyContext(cx_cpy, PR_TRUE); PR_fprintf(PR_STDERR, "%s: SHA1_restart failed!\n", progName); goto finish; } SHA1_DestroyContext(cx_cpy, PR_TRUE); PORT_Free(cxbytes); src_length -= quarter; } SHA1_End(cx, dest, &len, MD5_LENGTH); finish: SHA1_DestroyContext(cx, PR_TRUE); return rv; } SECStatus SHA224_restart(unsigned char *dest, const unsigned char *src, PRUint32 src_length) { SECStatus rv = SECSuccess; SHA224Context *cx, *cx_cpy; unsigned char *cxbytes; unsigned int len; unsigned int i, quarter; cx = SHA224_NewContext(); SHA224_Begin(cx); /* divide message by 4, restarting 3 times */ quarter = (src_length + 3) / 4; for (i = 0; i < 4 && src_length > 0; i++) { SHA224_Update(cx, src + i * quarter, PR_MIN(quarter, src_length)); len = SHA224_FlattenSize(cx); cxbytes = PORT_Alloc(len); SHA224_Flatten(cx, cxbytes); cx_cpy = SHA224_Resurrect(cxbytes, NULL); if (!cx_cpy) { PR_fprintf(PR_STDERR, "%s: SHA224_Resurrect failed!\n", progName); rv = SECFailure; goto finish; } rv = PORT_Memcmp(cx, cx_cpy, len); if (rv) { SHA224_DestroyContext(cx_cpy, PR_TRUE); PR_fprintf(PR_STDERR, "%s: SHA224_restart failed!\n", progName); goto finish; } SHA224_DestroyContext(cx_cpy, PR_TRUE); PORT_Free(cxbytes); src_length -= quarter; } SHA224_End(cx, dest, &len, MD5_LENGTH); finish: SHA224_DestroyContext(cx, PR_TRUE); return rv; } SECStatus SHA256_restart(unsigned char *dest, const unsigned char *src, PRUint32 src_length) { SECStatus rv = SECSuccess; SHA256Context *cx, *cx_cpy; unsigned char *cxbytes; unsigned int len; unsigned int i, quarter; cx = SHA256_NewContext(); SHA256_Begin(cx); /* divide message by 4, restarting 3 times */ quarter = (src_length + 3) / 4; for (i = 0; i < 4 && src_length > 0; i++) { SHA256_Update(cx, src + i * quarter, PR_MIN(quarter, src_length)); len = SHA256_FlattenSize(cx); cxbytes = PORT_Alloc(len); SHA256_Flatten(cx, cxbytes); cx_cpy = SHA256_Resurrect(cxbytes, NULL); if (!cx_cpy) { PR_fprintf(PR_STDERR, "%s: SHA256_Resurrect failed!\n", progName); rv = SECFailure; goto finish; } rv = PORT_Memcmp(cx, cx_cpy, len); if (rv) { SHA256_DestroyContext(cx_cpy, PR_TRUE); PR_fprintf(PR_STDERR, "%s: SHA256_restart failed!\n", progName); goto finish; } SHA256_DestroyContext(cx_cpy, PR_TRUE); PORT_Free(cxbytes); src_length -= quarter; } SHA256_End(cx, dest, &len, MD5_LENGTH); finish: SHA256_DestroyContext(cx, PR_TRUE); return rv; } SECStatus SHA384_restart(unsigned char *dest, const unsigned char *src, PRUint32 src_length) { SECStatus rv = SECSuccess; SHA384Context *cx, *cx_cpy; unsigned char *cxbytes; unsigned int len; unsigned int i, quarter; cx = SHA384_NewContext(); SHA384_Begin(cx); /* divide message by 4, restarting 3 times */ quarter = (src_length + 3) / 4; for (i = 0; i < 4 && src_length > 0; i++) { SHA384_Update(cx, src + i * quarter, PR_MIN(quarter, src_length)); len = SHA384_FlattenSize(cx); cxbytes = PORT_Alloc(len); SHA384_Flatten(cx, cxbytes); cx_cpy = SHA384_Resurrect(cxbytes, NULL); if (!cx_cpy) { PR_fprintf(PR_STDERR, "%s: SHA384_Resurrect failed!\n", progName); rv = SECFailure; goto finish; } rv = PORT_Memcmp(cx, cx_cpy, len); if (rv) { SHA384_DestroyContext(cx_cpy, PR_TRUE); PR_fprintf(PR_STDERR, "%s: SHA384_restart failed!\n", progName); goto finish; } SHA384_DestroyContext(cx_cpy, PR_TRUE); PORT_Free(cxbytes); src_length -= quarter; } SHA384_End(cx, dest, &len, MD5_LENGTH); finish: SHA384_DestroyContext(cx, PR_TRUE); return rv; } SECStatus SHA512_restart(unsigned char *dest, const unsigned char *src, PRUint32 src_length) { SECStatus rv = SECSuccess; SHA512Context *cx, *cx_cpy; unsigned char *cxbytes; unsigned int len; unsigned int i, quarter; cx = SHA512_NewContext(); SHA512_Begin(cx); /* divide message by 4, restarting 3 times */ quarter = (src_length + 3) / 4; for (i = 0; i < 4 && src_length > 0; i++) { SHA512_Update(cx, src + i * quarter, PR_MIN(quarter, src_length)); len = SHA512_FlattenSize(cx); cxbytes = PORT_Alloc(len); SHA512_Flatten(cx, cxbytes); cx_cpy = SHA512_Resurrect(cxbytes, NULL); if (!cx_cpy) { PR_fprintf(PR_STDERR, "%s: SHA512_Resurrect failed!\n", progName); rv = SECFailure; goto finish; } rv = PORT_Memcmp(cx, cx_cpy, len); if (rv) { SHA512_DestroyContext(cx_cpy, PR_TRUE); PR_fprintf(PR_STDERR, "%s: SHA512_restart failed!\n", progName); goto finish; } SHA512_DestroyContext(cx_cpy, PR_TRUE); PORT_Free(cxbytes); src_length -= quarter; } SHA512_End(cx, dest, &len, MD5_LENGTH); finish: SHA512_DestroyContext(cx, PR_TRUE); return rv; } SECStatus pubkeyInitKey(bltestCipherInfo *cipherInfo, PRFileDesc *file, int keysize, int exponent, char *curveName) { int i; SECStatus rv = SECSuccess; bltestAsymKeyParams *asymk = &cipherInfo->params.asymk; bltestRSAParams *rsap; RSAPrivateKey **rsaKey = NULL; bltestDSAParams *dsap; DSAPrivateKey **dsaKey = NULL; SECItem *tmpECParamsDER; ECParams *tmpECParams = NULL; SECItem ecSerialize[3]; ECPrivateKey **ecKey = NULL; switch (cipherInfo->mode) { case bltestRSA: case bltestRSA_PSS: case bltestRSA_OAEP: rsap = &asymk->cipherParams.rsa; rsaKey = (RSAPrivateKey **)&asymk->privKey; if (keysize > 0) { SECItem expitem = { 0, 0, 0 }; SECITEM_AllocItem(cipherInfo->arena, &expitem, sizeof(int)); for (i = 1; i <= sizeof(int); i++) expitem.data[i - 1] = exponent >> (8 * (sizeof(int) - i)); *rsaKey = RSA_NewKey(keysize * 8, &expitem); serialize_key(&(*rsaKey)->version, 9, file); rsap->keysizeInBits = keysize * 8; } else { setupIO(cipherInfo->arena, &asymk->key, file, NULL, 0); *rsaKey = rsakey_from_filedata(cipherInfo->arena, &asymk->key.buf); rsap->keysizeInBits = (*rsaKey)->modulus.len * 8; } break; case bltestDSA: dsap = &asymk->cipherParams.dsa; dsaKey = (DSAPrivateKey **)&asymk->privKey; if (keysize > 0) { dsap->keysize = keysize * 8; if (!dsap->pqg) bltest_pqg_init(dsap); rv = DSA_NewKey(dsap->pqg, dsaKey); CHECKERROR(rv, __LINE__); serialize_key(&(*dsaKey)->params.prime, 5, file); } else { setupIO(cipherInfo->arena, &asymk->key, file, NULL, 0); *dsaKey = dsakey_from_filedata(cipherInfo->arena, &asymk->key.buf); dsap->keysize = (*dsaKey)->params.prime.len * 8; } break; case bltestECDSA: ecKey = (ECPrivateKey **)&asymk->privKey; if (curveName != NULL) { tmpECParamsDER = getECParams(curveName); rv = SECOID_Init(); CHECKERROR(rv, __LINE__); rv = EC_DecodeParams(tmpECParamsDER, &tmpECParams) == SECFailure; CHECKERROR(rv, __LINE__); rv = EC_NewKey(tmpECParams, ecKey); CHECKERROR(rv, __LINE__); ecSerialize[0].type = tmpECParamsDER->type; ecSerialize[0].data = tmpECParamsDER->data; ecSerialize[0].len = tmpECParamsDER->len; ecSerialize[1].type = (*ecKey)->publicValue.type; ecSerialize[1].data = (*ecKey)->publicValue.data; ecSerialize[1].len = (*ecKey)->publicValue.len; ecSerialize[2].type = (*ecKey)->privateValue.type; ecSerialize[2].data = (*ecKey)->privateValue.data; ecSerialize[2].len = (*ecKey)->privateValue.len; serialize_key(&(ecSerialize[0]), 3, file); SECITEM_FreeItem(tmpECParamsDER, PR_TRUE); PORT_FreeArena(tmpECParams->arena, PR_TRUE); rv = SECOID_Shutdown(); CHECKERROR(rv, __LINE__); } else { setupIO(cipherInfo->arena, &asymk->key, file, NULL, 0); *ecKey = eckey_from_filedata(cipherInfo->arena, &asymk->key.buf); } break; default: return SECFailure; } return SECSuccess; } SECStatus cipherInit(bltestCipherInfo *cipherInfo, PRBool encrypt) { PRBool restart; int outlen; switch (cipherInfo->mode) { case bltestDES_ECB: case bltestDES_CBC: case bltestDES_EDE_ECB: case bltestDES_EDE_CBC: SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, cipherInfo->input.pBuf.len); return bltest_des_init(cipherInfo, encrypt); break; case bltestRC2_ECB: case bltestRC2_CBC: SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, cipherInfo->input.pBuf.len); return bltest_rc2_init(cipherInfo, encrypt); break; case bltestRC4: SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, cipherInfo->input.pBuf.len); return bltest_rc4_init(cipherInfo, encrypt); break; #ifdef NSS_SOFTOKEN_DOES_RC5 case bltestRC5_ECB: case bltestRC5_CBC: SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, cipherInfo->input.pBuf.len); #endif return bltest_rc5_init(cipherInfo, encrypt); break; case bltestAES_ECB: case bltestAES_CBC: case bltestAES_CTS: case bltestAES_CTR: case bltestAES_GCM: outlen = cipherInfo->input.pBuf.len; if (cipherInfo->mode == bltestAES_GCM && encrypt) { outlen += 16; } SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, outlen); return bltest_aes_init(cipherInfo, encrypt); break; case bltestCAMELLIA_ECB: case bltestCAMELLIA_CBC: SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, cipherInfo->input.pBuf.len); return bltest_camellia_init(cipherInfo, encrypt); break; case bltestSEED_ECB: case bltestSEED_CBC: SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, cipherInfo->input.pBuf.len); return bltest_seed_init(cipherInfo, encrypt); break; case bltestCHACHA20: outlen = cipherInfo->input.pBuf.len + (encrypt ? 16 : 0); SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, outlen); return bltest_chacha20_init(cipherInfo, encrypt); break; case bltestRSA: case bltestRSA_OAEP: case bltestRSA_PSS: if (encrypt || cipherInfo->mode != bltestRSA_PSS) { /* Don't allocate a buffer for PSS in verify mode, as no actual * output is produced. */ SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, RSA_MAX_MODULUS_BITS / 8); } return bltest_rsa_init(cipherInfo, encrypt); break; case bltestDSA: if (encrypt) { SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, DSA_MAX_SIGNATURE_LEN); } return bltest_dsa_init(cipherInfo, encrypt); break; case bltestECDSA: if (encrypt) { SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, 2 * MAX_ECKEY_LEN); } return bltest_ecdsa_init(cipherInfo, encrypt); break; case bltestMD2: restart = cipherInfo->params.hash.restart; SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, MD2_LENGTH); cipherInfo->cipher.hashCipher = (restart) ? md2_restart : md2_HashBuf; return SECSuccess; break; case bltestMD5: restart = cipherInfo->params.hash.restart; SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, MD5_LENGTH); cipherInfo->cipher.hashCipher = (restart) ? md5_restart : MD5_HashBuf; return SECSuccess; break; case bltestSHA1: restart = cipherInfo->params.hash.restart; SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, SHA1_LENGTH); cipherInfo->cipher.hashCipher = (restart) ? sha1_restart : SHA1_HashBuf; return SECSuccess; break; case bltestSHA224: restart = cipherInfo->params.hash.restart; SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, SHA224_LENGTH); cipherInfo->cipher.hashCipher = (restart) ? SHA224_restart : SHA224_HashBuf; return SECSuccess; break; case bltestSHA256: restart = cipherInfo->params.hash.restart; SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, SHA256_LENGTH); cipherInfo->cipher.hashCipher = (restart) ? SHA256_restart : SHA256_HashBuf; return SECSuccess; break; case bltestSHA384: restart = cipherInfo->params.hash.restart; SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, SHA384_LENGTH); cipherInfo->cipher.hashCipher = (restart) ? SHA384_restart : SHA384_HashBuf; return SECSuccess; break; case bltestSHA512: restart = cipherInfo->params.hash.restart; SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, SHA512_LENGTH); cipherInfo->cipher.hashCipher = (restart) ? SHA512_restart : SHA512_HashBuf; return SECSuccess; break; default: return SECFailure; } return SECSuccess; } SECStatus cipherDoOp(bltestCipherInfo *cipherInfo) { PRIntervalTime time1, time2; SECStatus rv = SECSuccess; int i; unsigned int len; unsigned int maxLen = cipherInfo->output.pBuf.len; unsigned char *dummyOut; dummyOut = PORT_Alloc(maxLen); if (is_symmkeyCipher(cipherInfo->mode)) { const unsigned char *input = cipherInfo->input.pBuf.data; unsigned int inputLen = is_singleShotCipher(cipherInfo->mode) ? cipherInfo->input.pBuf.len : PR_MIN(cipherInfo->input.pBuf.len, 16); unsigned char *output = cipherInfo->output.pBuf.data; unsigned int outputLen = maxLen; unsigned int totalOutputLen = 0; TIMESTART(); rv = (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx, output, &len, outputLen, input, inputLen); CHECKERROR(rv, __LINE__); totalOutputLen += len; if (cipherInfo->input.pBuf.len > inputLen) { input += inputLen; inputLen = cipherInfo->input.pBuf.len - inputLen; output += len; outputLen -= len; rv = (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx, output, &len, outputLen, input, inputLen); CHECKERROR(rv, __LINE__); totalOutputLen += len; } cipherInfo->output.pBuf.len = totalOutputLen; TIMEFINISH(cipherInfo->optime, 1.0); cipherInfo->repetitions = 0; if (cipherInfo->repetitionsToPerfom != 0) { TIMESTART(); for (i = 0; i < cipherInfo->repetitionsToPerfom; i++, cipherInfo->repetitions++) { (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx, dummyOut, &len, maxLen, cipherInfo->input.pBuf.data, cipherInfo->input.pBuf.len); CHECKERROR(rv, __LINE__); } } else { int opsBetweenChecks = 0; TIMEMARK(cipherInfo->seconds); while (!(TIMETOFINISH())) { int j = 0; for (; j < opsBetweenChecks; j++) { (*cipherInfo->cipher.symmkeyCipher)( cipherInfo->cx, dummyOut, &len, maxLen, cipherInfo->input.pBuf.data, cipherInfo->input.pBuf.len); } cipherInfo->repetitions += j; } } TIMEFINISH(cipherInfo->optime, 1.0); } else if (is_aeadCipher(cipherInfo->mode)) { const unsigned char *input = cipherInfo->input.pBuf.data; unsigned int inputLen = cipherInfo->input.pBuf.len; unsigned char *output = cipherInfo->output.pBuf.data; unsigned int outputLen; bltestSymmKeyParams *sk = &cipherInfo->params.sk; bltestAuthSymmKeyParams *ask = &cipherInfo->params.ask; TIMESTART(); rv = (*cipherInfo->cipher.aeadCipher)( cipherInfo->cx, output, &outputLen, maxLen, input, inputLen, sk->iv.buf.data, sk->iv.buf.len, ask->aad.buf.data, ask->aad.buf.len); CHECKERROR(rv, __LINE__); cipherInfo->output.pBuf.len = outputLen; TIMEFINISH(cipherInfo->optime, 1.0); cipherInfo->repetitions = 0; if (cipherInfo->repetitionsToPerfom != 0) { TIMESTART(); for (i = 0; i < cipherInfo->repetitionsToPerfom; i++, cipherInfo->repetitions++) { rv = (*cipherInfo->cipher.aeadCipher)( cipherInfo->cx, output, &outputLen, maxLen, input, inputLen, sk->iv.buf.data, sk->iv.buf.len, ask->aad.buf.data, ask->aad.buf.len); CHECKERROR(rv, __LINE__); } } else { int opsBetweenChecks = 0; TIMEMARK(cipherInfo->seconds); while (!(TIMETOFINISH())) { int j = 0; for (; j < opsBetweenChecks; j++) { (*cipherInfo->cipher.aeadCipher)( cipherInfo->cx, output, &outputLen, maxLen, input, inputLen, sk->iv.buf.data, sk->iv.buf.len, ask->aad.buf.data, ask->aad.buf.len); } cipherInfo->repetitions += j; } } TIMEFINISH(cipherInfo->optime, 1.0); } else if (is_pubkeyCipher(cipherInfo->mode)) { TIMESTART(); rv = (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx, &cipherInfo->output.pBuf, &cipherInfo->input.pBuf); TIMEFINISH(cipherInfo->optime, 1.0); CHECKERROR(rv, __LINE__); cipherInfo->repetitions = 0; if (cipherInfo->repetitionsToPerfom != 0) { TIMESTART(); for (i = 0; i < cipherInfo->repetitionsToPerfom; i++, cipherInfo->repetitions++) { SECItem dummy; dummy.data = dummyOut; dummy.len = maxLen; (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx, &dummy, &cipherInfo->input.pBuf); CHECKERROR(rv, __LINE__); } } else { int opsBetweenChecks = 0; TIMEMARK(cipherInfo->seconds); while (!(TIMETOFINISH())) { int j = 0; for (; j < opsBetweenChecks; j++) { SECItem dummy; dummy.data = dummyOut; dummy.len = maxLen; (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx, &dummy, &cipherInfo->input.pBuf); CHECKERROR(rv, __LINE__); } cipherInfo->repetitions += j; } } TIMEFINISH(cipherInfo->optime, 1.0); } else if (is_hashCipher(cipherInfo->mode)) { TIMESTART(); rv = (*cipherInfo->cipher.hashCipher)(cipherInfo->output.pBuf.data, cipherInfo->input.pBuf.data, cipherInfo->input.pBuf.len); TIMEFINISH(cipherInfo->optime, 1.0); CHECKERROR(rv, __LINE__); cipherInfo->repetitions = 0; if (cipherInfo->repetitionsToPerfom != 0) { TIMESTART(); for (i = 0; i < cipherInfo->repetitionsToPerfom; i++, cipherInfo->repetitions++) { (*cipherInfo->cipher.hashCipher)(dummyOut, cipherInfo->input.pBuf.data, cipherInfo->input.pBuf.len); CHECKERROR(rv, __LINE__); } } else { int opsBetweenChecks = 0; TIMEMARK(cipherInfo->seconds); while (!(TIMETOFINISH())) { int j = 0; for (; j < opsBetweenChecks; j++) { bltestIO *input = &cipherInfo->input; (*cipherInfo->cipher.hashCipher)(dummyOut, input->pBuf.data, input->pBuf.len); CHECKERROR(rv, __LINE__); } cipherInfo->repetitions += j; } } TIMEFINISH(cipherInfo->optime, 1.0); } PORT_Free(dummyOut); return rv; } SECStatus cipherFinish(bltestCipherInfo *cipherInfo) { SECStatus rv = SECSuccess; switch (cipherInfo->mode) { case bltestDES_ECB: case bltestDES_CBC: case bltestDES_EDE_ECB: case bltestDES_EDE_CBC: DES_DestroyContext((DESContext *)cipherInfo->cx, PR_TRUE); break; case bltestAES_GCM: case bltestAES_ECB: case bltestAES_CBC: case bltestAES_CTS: case bltestAES_CTR: AES_DestroyContext((AESContext *)cipherInfo->cx, PR_TRUE); break; case bltestCAMELLIA_ECB: case bltestCAMELLIA_CBC: Camellia_DestroyContext((CamelliaContext *)cipherInfo->cx, PR_TRUE); break; case bltestSEED_ECB: case bltestSEED_CBC: SEED_DestroyContext((SEEDContext *)cipherInfo->cx, PR_TRUE); break; case bltestCHACHA20: ChaCha20Poly1305_DestroyContext((ChaCha20Poly1305Context *) cipherInfo->cx, PR_TRUE); break; case bltestRC2_ECB: case bltestRC2_CBC: RC2_DestroyContext((RC2Context *)cipherInfo->cx, PR_TRUE); break; case bltestRC4: RC4_DestroyContext((RC4Context *)cipherInfo->cx, PR_TRUE); break; #ifdef NSS_SOFTOKEN_DOES_RC5 case bltestRC5_ECB: case bltestRC5_CBC: RC5_DestroyContext((RC5Context *)cipherInfo->cx, PR_TRUE); break; #endif case bltestRSA: /* keys are alloc'ed within cipherInfo's arena, */ case bltestRSA_PSS: /* will be freed with it. */ case bltestRSA_OAEP: case bltestDSA: case bltestECDSA: case bltestMD2: /* hash contexts are ephemeral */ case bltestMD5: case bltestSHA1: case bltestSHA224: case bltestSHA256: case bltestSHA384: case bltestSHA512: return SECSuccess; break; default: return SECFailure; } return rv; } void print_exponent(SECItem *exp) { int i; int e = 0; if (exp->len <= 4) { for (i = exp->len; i >= 0; --i) e |= exp->data[exp->len - i] << 8 * (i - 1); fprintf(stdout, "%12d", e); } else { e = 8 * exp->len; fprintf(stdout, "~2**%-8d", e); } } static void splitToReportUnit(PRInt64 res, int *resArr, int *del, int size) { PRInt64 remaining = res, tmp = 0; PRInt64 Ldel; int i = -1; while (remaining > 0 && ++i < size) { LL_I2L(Ldel, del[i]); LL_MOD(tmp, remaining, Ldel); LL_L2I(resArr[i], tmp); LL_DIV(remaining, remaining, Ldel); } } static char * getHighUnitBytes(PRInt64 res) { int spl[] = { 0, 0, 0, 0 }; int del[] = { 1024, 1024, 1024, 1024 }; char *marks[] = { "b", "Kb", "Mb", "Gb" }; int i = 3; splitToReportUnit(res, spl, del, 4); for (; i > 0; i--) { if (spl[i] != 0) { break; } } return PR_smprintf("%d%s", spl[i], marks[i]); } static void printPR_smpString(const char *sformat, char *reportStr, const char *nformat, PRInt64 rNum) { if (reportStr) { fprintf(stdout, sformat, reportStr); PR_smprintf_free(reportStr); } else { fprintf(stdout, nformat, rNum); } } static char * getHighUnitOps(PRInt64 res) { int spl[] = { 0, 0, 0, 0 }; int del[] = { 1000, 1000, 1000, 1000 }; char *marks[] = { "", "T", "M", "B" }; int i = 3; splitToReportUnit(res, spl, del, 4); for (; i > 0; i--) { if (spl[i] != 0) { break; } } return PR_smprintf("%d%s", spl[i], marks[i]); } void dump_performance_info(bltestCipherInfo *infoList, double totalTimeInt, PRBool encrypt, PRBool cxonly) { bltestCipherInfo *info = infoList; PRInt64 totalIn = 0; PRBool td = PR_TRUE; int repetitions = 0; int cxreps = 0; double cxtime = 0; double optime = 0; while (info != NULL) { repetitions += info->repetitions; cxreps += info->cxreps; cxtime += info->cxtime; optime += info->optime; totalIn += (PRInt64)info->input.buf.len * (PRInt64)info->repetitions; info = info->next; } info = infoList; fprintf(stdout, "#%9s", "mode"); fprintf(stdout, "%12s", "in"); print_td: switch (info->mode) { case bltestDES_ECB: case bltestDES_CBC: case bltestDES_EDE_ECB: case bltestDES_EDE_CBC: case bltestAES_ECB: case bltestAES_CBC: case bltestAES_CTS: case bltestAES_CTR: case bltestAES_GCM: case bltestCAMELLIA_ECB: case bltestCAMELLIA_CBC: case bltestSEED_ECB: case bltestSEED_CBC: case bltestRC2_ECB: case bltestRC2_CBC: case bltestRC4: if (td) fprintf(stdout, "%8s", "symmkey"); else fprintf(stdout, "%8d", 8 * info->params.sk.key.buf.len); break; #ifdef NSS_SOFTOKEN_DOES_RC5 case bltestRC5_ECB: case bltestRC5_CBC: if (info->params.sk.key.buf.len > 0) printf("symmetric key(bytes)=%d,", info->params.sk.key.buf.len); if (info->rounds > 0) printf("rounds=%d,", info->params.rc5.rounds); if (info->wordsize > 0) printf("wordsize(bytes)=%d,", info->params.rc5.wordsize); break; #endif case bltestRSA: case bltestRSA_PSS: case bltestRSA_OAEP: if (td) { fprintf(stdout, "%8s", "rsa_mod"); fprintf(stdout, "%12s", "rsa_pe"); } else { bltestAsymKeyParams *asymk = &info->params.asymk; fprintf(stdout, "%8d", asymk->cipherParams.rsa.keysizeInBits); print_exponent( &((RSAPrivateKey *)asymk->privKey)->publicExponent); } break; case bltestDSA: if (td) { fprintf(stdout, "%8s", "pqg_mod"); } else { fprintf(stdout, "%8d", info->params.asymk.cipherParams.dsa.keysize); } break; case bltestECDSA: if (td) { fprintf(stdout, "%12s", "ec_curve"); } else { ECPrivateKey *key = (ECPrivateKey *)info->params.asymk.privKey; ECCurveName curveName = key->ecParams.name; fprintf(stdout, "%12s", ecCurve_map[curveName] ? ecCurve_map[curveName]->text : "Unsupported curve"); } break; case bltestMD2: case bltestMD5: case bltestSHA1: case bltestSHA256: case bltestSHA384: case bltestSHA512: default: break; } if (!td) { PRInt64 totalThroughPut; printPR_smpString("%8s", getHighUnitOps(repetitions), "%8d", repetitions); printPR_smpString("%8s", getHighUnitOps(cxreps), "%8d", cxreps); fprintf(stdout, "%12.3f", cxtime); fprintf(stdout, "%12.3f", optime); fprintf(stdout, "%12.03f", totalTimeInt / 1000); totalThroughPut = (PRInt64)(totalIn / totalTimeInt * 1000); printPR_smpString("%12s", getHighUnitBytes(totalThroughPut), "%12d", totalThroughPut); fprintf(stdout, "\n"); return; } fprintf(stdout, "%8s", "opreps"); fprintf(stdout, "%8s", "cxreps"); fprintf(stdout, "%12s", "context"); fprintf(stdout, "%12s", "op"); fprintf(stdout, "%12s", "time(sec)"); fprintf(stdout, "%12s", "thrgput"); fprintf(stdout, "\n"); fprintf(stdout, "%8s", mode_strings[info->mode]); fprintf(stdout, "_%c", (cxonly) ? 'c' : (encrypt) ? 'e' : 'd'); printPR_smpString("%12s", getHighUnitBytes(totalIn), "%12d", totalIn); td = !td; goto print_td; } void printmodes() { bltestCipherMode mode; int nummodes = sizeof(mode_strings) / sizeof(char *); fprintf(stderr, "%s: Available modes (specify with -m):\n", progName); for (mode = 0; mode < nummodes; mode++) fprintf(stderr, "%s\n", mode_strings[mode]); } bltestCipherMode get_mode(const char *modestring) { bltestCipherMode mode; int nummodes = sizeof(mode_strings) / sizeof(char *); for (mode = 0; mode < nummodes; mode++) if (PL_strcmp(modestring, mode_strings[mode]) == 0) return mode; fprintf(stderr, "%s: invalid mode: %s\n", progName, modestring); return bltestINVALID; } void load_file_data(PLArenaPool *arena, bltestIO *data, char *fn, bltestIOMode ioMode) { PRFileDesc *file; data->mode = ioMode; data->file = NULL; /* don't use -- not saving anything */ data->pBuf.data = NULL; data->pBuf.len = 0; file = PR_Open(fn, PR_RDONLY, 00660); if (file) { setupIO(arena, data, file, NULL, 0); PR_Close(file); } } HASH_HashType mode_str_to_hash_alg(const SECItem *modeStr) { bltestCipherMode mode; char *tempModeStr = NULL; if (!modeStr || modeStr->len == 0) return HASH_AlgNULL; tempModeStr = PORT_Alloc(modeStr->len + 1); if (!tempModeStr) return HASH_AlgNULL; memcpy(tempModeStr, modeStr->data, modeStr->len); tempModeStr[modeStr->len] = '\0'; mode = get_mode(tempModeStr); PORT_Free(tempModeStr); switch (mode) { case bltestMD2: return HASH_AlgMD2; case bltestMD5: return HASH_AlgMD5; case bltestSHA1: return HASH_AlgSHA1; case bltestSHA224: return HASH_AlgSHA224; case bltestSHA256: return HASH_AlgSHA256; case bltestSHA384: return HASH_AlgSHA384; case bltestSHA512: return HASH_AlgSHA512; default: return HASH_AlgNULL; } } void get_params(PLArenaPool *arena, bltestParams *params, bltestCipherMode mode, int j) { char filename[256]; char *modestr = mode_strings[mode]; bltestIO tempIO; #ifdef NSS_SOFTOKEN_DOES_RC5 FILE *file; char *mark, *param, *val; int index = 0; #endif switch (mode) { case bltestAES_GCM: case bltestCHACHA20: sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "aad", j); load_file_data(arena, ¶ms->ask.aad, filename, bltestBinary); case bltestDES_CBC: case bltestDES_EDE_CBC: case bltestRC2_CBC: case bltestAES_CBC: case bltestAES_CTS: case bltestAES_CTR: case bltestCAMELLIA_CBC: case bltestSEED_CBC: sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j); load_file_data(arena, ¶ms->sk.iv, filename, bltestBinary); case bltestDES_ECB: case bltestDES_EDE_ECB: case bltestRC2_ECB: case bltestRC4: case bltestAES_ECB: case bltestCAMELLIA_ECB: case bltestSEED_ECB: sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); load_file_data(arena, ¶ms->sk.key, filename, bltestBinary); break; #ifdef NSS_SOFTOKEN_DOES_RC5 case bltestRC5_ECB: case bltestRC5_CBC: sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j); load_file_data(arena, ¶ms->sk.iv, filename, bltestBinary); sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); load_file_data(arena, ¶ms->sk.key, filename, bltestBinary); sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "params", j); file = fopen(filename, "r"); if (!file) return; param = malloc(100); len = fread(param, 1, 100, file); while (index < len) { mark = PL_strchr(param, '='); *mark = '\0'; val = mark + 1; mark = PL_strchr(val, '\n'); *mark = '\0'; if (PL_strcmp(param, "rounds") == 0) { params->rc5.rounds = atoi(val); } else if (PL_strcmp(param, "wordsize") == 0) { params->rc5.wordsize = atoi(val); } index += PL_strlen(param) + PL_strlen(val) + 2; param = mark + 1; } break; #endif case bltestRSA_PSS: sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "ciphertext", j); load_file_data(arena, ¶ms->asymk.sig, filename, bltestBase64Encoded); /* fall through */ case bltestRSA_OAEP: sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "seed", j); load_file_data(arena, ¶ms->asymk.cipherParams.rsa.seed, filename, bltestBase64Encoded); sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "hash", j); load_file_data(arena, &tempIO, filename, bltestBinary); params->asymk.cipherParams.rsa.hashAlg = mode_str_to_hash_alg(&tempIO.buf); sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "maskhash", j); load_file_data(arena, &tempIO, filename, bltestBinary); params->asymk.cipherParams.rsa.maskHashAlg = mode_str_to_hash_alg(&tempIO.buf); /* fall through */ case bltestRSA: sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); load_file_data(arena, ¶ms->asymk.key, filename, bltestBase64Encoded); params->asymk.privKey = (void *)rsakey_from_filedata(arena, ¶ms->asymk.key.buf); break; case bltestDSA: sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); load_file_data(arena, ¶ms->asymk.key, filename, bltestBase64Encoded); params->asymk.privKey = (void *)dsakey_from_filedata(arena, ¶ms->asymk.key.buf); sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "pqg", j); load_file_data(arena, ¶ms->asymk.cipherParams.dsa.pqgdata, filename, bltestBase64Encoded); params->asymk.cipherParams.dsa.pqg = pqg_from_filedata(arena, ¶ms->asymk.cipherParams.dsa.pqgdata.buf); sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "keyseed", j); load_file_data(arena, ¶ms->asymk.cipherParams.dsa.keyseed, filename, bltestBase64Encoded); sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "sigseed", j); load_file_data(arena, ¶ms->asymk.cipherParams.dsa.sigseed, filename, bltestBase64Encoded); sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "ciphertext", j); load_file_data(arena, ¶ms->asymk.sig, filename, bltestBase64Encoded); break; case bltestECDSA: sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); load_file_data(arena, ¶ms->asymk.key, filename, bltestBase64Encoded); params->asymk.privKey = (void *)eckey_from_filedata(arena, ¶ms->asymk.key.buf); sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "sigseed", j); load_file_data(arena, ¶ms->asymk.cipherParams.ecdsa.sigseed, filename, bltestBase64Encoded); sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "ciphertext", j); load_file_data(arena, ¶ms->asymk.sig, filename, bltestBase64Encoded); break; case bltestMD2: case bltestMD5: case bltestSHA1: case bltestSHA224: case bltestSHA256: case bltestSHA384: case bltestSHA512: /*params->hash.restart = PR_TRUE;*/ params->hash.restart = PR_FALSE; break; default: break; } } SECStatus verify_self_test(bltestIO *result, bltestIO *cmp, bltestCipherMode mode, PRBool forward, SECStatus sigstatus) { PRBool equal; char *modestr = mode_strings[mode]; equal = SECITEM_ItemsAreEqual(&result->pBuf, &cmp->buf); if (is_sigCipher(mode)) { if (forward) { if (equal) { printf("Signature self-test for %s passed.\n", modestr); } else { printf("Signature self-test for %s failed!\n", modestr); } return equal ? SECSuccess : SECFailure; } else { if (sigstatus == SECSuccess) { printf("Verification self-test for %s passed.\n", modestr); } else { printf("Verification self-test for %s failed!\n", modestr); } return sigstatus; } } else if (is_hashCipher(mode)) { if (equal) { printf("Hash self-test for %s passed.\n", modestr); } else { printf("Hash self-test for %s failed!\n", modestr); } } else { if (forward) { if (equal) { printf("Encryption self-test for %s passed.\n", modestr); } else { printf("Encryption self-test for %s failed!\n", modestr); } } else { if (equal) { printf("Decryption self-test for %s passed.\n", modestr); } else { printf("Decryption self-test for %s failed!\n", modestr); } } } return equal ? SECSuccess : SECFailure; } static SECStatus ReadFileToItem(PLArenaPool *arena, SECItem *dst, const char *filename) { SECItem tmp = { siBuffer, NULL, 0 }; PRFileDesc *file; SECStatus rv; file = PR_Open(filename, PR_RDONLY, 00660); if (!file) { return SECFailure; } rv = SECU_FileToItem(&tmp, file); rv |= SECITEM_CopyItem(arena, dst, &tmp); SECITEM_FreeItem(&tmp, PR_FALSE); PR_Close(file); return rv; } static SECStatus blapi_selftest(bltestCipherMode *modes, int numModes, int inoff, int outoff, PRBool encrypt, PRBool decrypt) { bltestCipherInfo cipherInfo; bltestIO pt, ct; bltestCipherMode mode; bltestParams *params; unsigned int i, j, nummodes, numtests; char *modestr; char filename[256]; PLArenaPool *arena; SECItem item; SECStatus rv = SECSuccess, srv; PORT_Memset(&cipherInfo, 0, sizeof(cipherInfo)); arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); cipherInfo.arena = arena; nummodes = (numModes == 0) ? NUMMODES : numModes; for (i = 0; i < nummodes; i++) { if (numModes > 0) mode = modes[i]; else mode = i; if (mode == bltestINVALID) { fprintf(stderr, "%s: Skipping invalid mode.\n", progName); continue; } modestr = mode_strings[mode]; cipherInfo.mode = mode; params = &cipherInfo.params; /* get the number of tests in the directory */ sprintf(filename, "%s/tests/%s/%s", testdir, modestr, "numtests"); if (ReadFileToItem(arena, &item, filename) != SECSuccess) { fprintf(stderr, "%s: Cannot read file %s.\n", progName, filename); rv = SECFailure; continue; } /* loop over the tests in the directory */ numtests = 0; for (j = 0; j < item.len; j++) { if (!isdigit(item.data[j])) { break; } numtests *= 10; numtests += (int)(item.data[j] - '0'); } for (j = 0; j < numtests; j++) { sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "plaintext", j); load_file_data(arena, &pt, filename, is_sigCipher(mode) ? bltestBase64Encoded : bltestBinary); sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "ciphertext", j); load_file_data(arena, &ct, filename, bltestBase64Encoded); get_params(arena, params, mode, j); /* Forward Operation (Encrypt/Sign/Hash) ** Align the input buffer (plaintext) according to request ** then perform operation and compare to ciphertext */ if (encrypt) { rv |= bltestCopyIO(arena, &cipherInfo.input, &pt); misalignBuffer(arena, &cipherInfo.input, inoff); memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf); rv |= cipherInit(&cipherInfo, PR_TRUE); misalignBuffer(arena, &cipherInfo.output, outoff); rv |= cipherDoOp(&cipherInfo); rv |= cipherFinish(&cipherInfo); rv |= verify_self_test(&cipherInfo.output, &ct, mode, PR_TRUE, SECSuccess); /* If testing hash, only one op to test */ if (is_hashCipher(mode)) continue; if (is_sigCipher(mode)) { /* Verify operations support detached signature files. For ** consistency between tests that run Sign/Verify back to ** back (eg: self-tests) and tests that are only running ** verify operations, copy the output into the sig buf, ** and then copy the sig buf back out when verifying. For ** self-tests, this is unnecessary copying, but for ** verify-only operations, this ensures that the output ** buffer is properly configured */ rv |= bltestCopyIO(arena, ¶ms->asymk.sig, &cipherInfo.output); } } if (!decrypt) continue; /* Reverse Operation (Decrypt/Verify) ** Align the input buffer (ciphertext) according to request ** then perform operation and compare to plaintext */ if (is_sigCipher(mode)) { rv |= bltestCopyIO(arena, &cipherInfo.input, &pt); rv |= bltestCopyIO(arena, &cipherInfo.output, ¶ms->asymk.sig); } else { rv |= bltestCopyIO(arena, &cipherInfo.input, &ct); memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf); } misalignBuffer(arena, &cipherInfo.input, inoff); rv |= cipherInit(&cipherInfo, PR_FALSE); misalignBuffer(arena, &cipherInfo.output, outoff); srv = SECSuccess; srv |= cipherDoOp(&cipherInfo); rv |= cipherFinish(&cipherInfo); rv |= verify_self_test(&cipherInfo.output, &pt, mode, PR_FALSE, srv); } } PORT_FreeArena(arena, PR_FALSE); return rv; } SECStatus dump_file(bltestCipherMode mode, char *filename) { bltestIO keydata; PLArenaPool *arena = NULL; arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); if (!arena) { return SECFailure; } if (mode == bltestRSA || mode == bltestRSA_PSS || mode == bltestRSA_OAEP) { RSAPrivateKey *key; load_file_data(arena, &keydata, filename, bltestBase64Encoded); key = rsakey_from_filedata(arena, &keydata.buf); dump_rsakey(key); } else if (mode == bltestDSA) { #if 0 PQGParams *pqg; get_file_data(filename, &item, PR_TRUE); pqg = pqg_from_filedata(&item); dump_pqg(pqg); #endif DSAPrivateKey *key; load_file_data(arena, &keydata, filename, bltestBase64Encoded); key = dsakey_from_filedata(arena, &keydata.buf); dump_dsakey(key); } else if (mode == bltestECDSA) { ECPrivateKey *key; load_file_data(arena, &keydata, filename, bltestBase64Encoded); key = eckey_from_filedata(arena, &keydata.buf); dump_eckey(key); } PORT_FreeArena(arena, PR_FALSE); return SECFailure; } void ThreadExecTest(void *data) { bltestCipherInfo *cipherInfo = (bltestCipherInfo *)data; if (cipherInfo->mCarlo == PR_TRUE) { int mciter; for (mciter = 0; mciter < 10000; mciter++) { cipherDoOp(cipherInfo); memcpy(cipherInfo->input.buf.data, cipherInfo->output.buf.data, cipherInfo->input.buf.len); } } else { cipherDoOp(cipherInfo); } cipherFinish(cipherInfo); } static void rsaPrivKeyReset(RSAPrivateKey *tstKey) { PLArenaPool *arena; tstKey->version.data = NULL; tstKey->version.len = 0; tstKey->modulus.data = NULL; tstKey->modulus.len = 0; tstKey->publicExponent.data = NULL; tstKey->publicExponent.len = 0; tstKey->privateExponent.data = NULL; tstKey->privateExponent.len = 0; tstKey->prime1.data = NULL; tstKey->prime1.len = 0; tstKey->prime2.data = NULL; tstKey->prime2.len = 0; tstKey->exponent1.data = NULL; tstKey->exponent1.len = 0; tstKey->exponent2.data = NULL; tstKey->exponent2.len = 0; tstKey->coefficient.data = NULL; tstKey->coefficient.len = 0; arena = tstKey->arena; tstKey->arena = NULL; if (arena) { PORT_FreeArena(arena, PR_TRUE); } } #define RSA_TEST_EQUAL(comp) \ if (!SECITEM_ItemsAreEqual(&(src->comp), &(dest->comp))) { \ fprintf(stderr, "key->" #comp " not equal"); \ if (src->comp.len != dest->comp.len) { \ fprintf(stderr, "src_len = %d, dest_len = %d", \ src->comp.len, dest->comp.len); \ } \ fprintf(stderr, "\n"); \ areEqual = PR_FALSE; \ } static PRBool rsaPrivKeysAreEqual(RSAPrivateKey *src, RSAPrivateKey *dest) { PRBool areEqual = PR_TRUE; RSA_TEST_EQUAL(modulus) RSA_TEST_EQUAL(publicExponent) RSA_TEST_EQUAL(privateExponent) RSA_TEST_EQUAL(prime1) RSA_TEST_EQUAL(prime2) RSA_TEST_EQUAL(exponent1) RSA_TEST_EQUAL(exponent2) RSA_TEST_EQUAL(coefficient) if (!areEqual) { fprintf(stderr, "original key:\n"); dump_rsakey(src); fprintf(stderr, "recreated key:\n"); dump_rsakey(dest); } return areEqual; } static int doRSAPopulateTestKV() { RSAPrivateKey tstKey = { 0 }; SECStatus rv; int failed = 0; int i; tstKey.arena = NULL; /* Test public exponent, private exponent, modulus cases from * pkcs1v15sign-vectors.txt. Some are valid PKCS#1 keys but not valid RSA * ones (de = 1 mod lcm(p − 1, q − 1)) */ for (i = 0; i < PR_ARRAY_SIZE(PKCS1_VECTORS); ++i) { struct pkcs1_test_vector *v = &PKCS1_VECTORS[i]; rsaPrivKeyReset(&tstKey); tstKey.privateExponent.data = v->d; tstKey.privateExponent.len = v->d_len; tstKey.publicExponent.data = v->e; tstKey.publicExponent.len = v->e_len; tstKey.modulus.data = v->n; tstKey.modulus.len = v->n_len; rv = RSA_PopulatePrivateKey(&tstKey); if (rv != SECSuccess) { fprintf(stderr, "RSA Populate failed: pkcs1v15sign-vector %d\n", i); failed = 1; } else if (memcmp(v->q, tstKey.prime1.data, v->q_len) || tstKey.prime1.len != v->q_len) { fprintf(stderr, "RSA Populate key mismatch: pkcs1v15sign-vector %d q\n", i); failed = 1; } else if (memcmp(v->p, tstKey.prime2.data, v->p_len) || tstKey.prime1.len != v->p_len) { fprintf(stderr, "RSA Populate key mismatch: pkcs1v15sign-vector %d p\n", i); failed = 1; } else { fprintf(stderr, "RSA Populate success: pkcs1v15sign-vector %d p\n", i); } } PORT_FreeArena(tstKey.arena, PR_TRUE); return failed; } /* * Test the RSA populate command to see that it can really build * keys from its components. */ static int doRSAPopulateTest(unsigned int keySize, unsigned long exponent) { RSAPrivateKey *srcKey; RSAPrivateKey tstKey = { 0 }; SECItem expitem = { 0, 0, 0 }; SECStatus rv; unsigned char pubExp[32]; int expLen = 0; int failed = 0; int i; for (i = 0; i < sizeof(unsigned long); i++) { int shift = (sizeof(unsigned long) - i - 1) * 8; if (expLen || (exponent && ((unsigned long)0xffL << shift))) { pubExp[expLen] = (unsigned char)((exponent >> shift) & 0xff); expLen++; } } expitem.data = pubExp; expitem.len = expLen; srcKey = RSA_NewKey(keySize, &expitem); if (srcKey == NULL) { fprintf(stderr, "RSA Key Gen failed"); return -1; } /* test the basic case - most common, public exponent, modulus, prime */ tstKey.arena = NULL; rsaPrivKeyReset(&tstKey); tstKey.publicExponent = srcKey->publicExponent; tstKey.modulus = srcKey->modulus; tstKey.prime1 = srcKey->prime1; rv = RSA_PopulatePrivateKey(&tstKey); if (rv != SECSuccess) { fprintf(stderr, "RSA Populate failed: pubExp mod p\n"); failed = 1; } else if (!rsaPrivKeysAreEqual(&tstKey, srcKey)) { fprintf(stderr, "RSA Populate key mismatch: pubExp mod p\n"); failed = 1; } /* test the basic2 case, public exponent, modulus, prime2 */ rsaPrivKeyReset(&tstKey); tstKey.publicExponent = srcKey->publicExponent; tstKey.modulus = srcKey->modulus; tstKey.prime1 = srcKey->prime2; /* test with q in the prime1 position */ rv = RSA_PopulatePrivateKey(&tstKey); if (rv != SECSuccess) { fprintf(stderr, "RSA Populate failed: pubExp mod q\n"); failed = 1; } else if (!rsaPrivKeysAreEqual(&tstKey, srcKey)) { fprintf(stderr, "RSA Populate key mismatch: pubExp mod q\n"); failed = 1; } /* test the medium case, private exponent, prime1, prime2 */ rsaPrivKeyReset(&tstKey); tstKey.privateExponent = srcKey->privateExponent; tstKey.prime1 = srcKey->prime2; /* purposefully swap them to make */ tstKey.prime2 = srcKey->prime1; /* sure populated swaps them back */ rv = RSA_PopulatePrivateKey(&tstKey); if (rv != SECSuccess) { fprintf(stderr, "RSA Populate failed: privExp p q\n"); failed = 1; } else if (!rsaPrivKeysAreEqual(&tstKey, srcKey)) { fprintf(stderr, "RSA Populate key mismatch: privExp p q\n"); failed = 1; } /* test the advanced case, public exponent, private exponent, prime2 */ rsaPrivKeyReset(&tstKey); tstKey.privateExponent = srcKey->privateExponent; tstKey.publicExponent = srcKey->publicExponent; tstKey.prime2 = srcKey->prime2; /* use q in the prime2 position */ rv = RSA_PopulatePrivateKey(&tstKey); if (rv != SECSuccess) { fprintf(stderr, "RSA Populate failed: pubExp privExp q\n"); fprintf(stderr, " - not fatal\n"); /* it's possible that we can't uniquely determine the original key * from just the exponents and prime. Populate returns an error rather * than return the wrong key. */ } else if (!rsaPrivKeysAreEqual(&tstKey, srcKey)) { /* if we returned a key, it *must* be correct */ fprintf(stderr, "RSA Populate key mismatch: pubExp privExp q\n"); rv = RSA_PrivateKeyCheck(&tstKey); failed = 1; } /* test the advanced case2, public exponent, private exponent, modulus */ rsaPrivKeyReset(&tstKey); tstKey.privateExponent = srcKey->privateExponent; tstKey.publicExponent = srcKey->publicExponent; tstKey.modulus = srcKey->modulus; rv = RSA_PopulatePrivateKey(&tstKey); if (rv != SECSuccess) { fprintf(stderr, "RSA Populate failed: pubExp privExp mod\n"); failed = 1; } else if (!rsaPrivKeysAreEqual(&tstKey, srcKey)) { fprintf(stderr, "RSA Populate key mismatch: pubExp privExp mod\n"); failed = 1; } PORT_FreeArena(srcKey->arena, PR_TRUE); return failed ? -1 : 0; } /* bltest commands */ enum { cmd_Decrypt = 0, cmd_Encrypt, cmd_FIPS, cmd_Hash, cmd_Nonce, cmd_Dump, cmd_RSAPopulate, cmd_RSAPopulateKV, cmd_Sign, cmd_SelfTest, cmd_Verify }; /* bltest options */ enum { opt_B64 = 0, opt_BufSize, opt_Restart, opt_SelfTestDir, opt_Exponent, opt_SigFile, opt_KeySize, opt_Hex, opt_Input, opt_PQGFile, opt_Key, opt_HexWSpc, opt_Mode, opt_CurveName, opt_Output, opt_Repetitions, opt_ZeroBuf, opt_Rounds, opt_Seed, opt_SigSeedFile, opt_CXReps, opt_IV, opt_WordSize, opt_UseSeed, opt_UseSigSeed, opt_SeedFile, opt_AAD, opt_InputOffset, opt_OutputOffset, opt_MonteCarlo, opt_ThreadNum, opt_SecondsToRun, opt_CmdLine }; static secuCommandFlag bltest_commands[] = { { /* cmd_Decrypt */ 'D', PR_FALSE, 0, PR_FALSE }, { /* cmd_Encrypt */ 'E', PR_FALSE, 0, PR_FALSE }, { /* cmd_FIPS */ 'F', PR_FALSE, 0, PR_FALSE }, { /* cmd_Hash */ 'H', PR_FALSE, 0, PR_FALSE }, { /* cmd_Nonce */ 'N', PR_FALSE, 0, PR_FALSE }, { /* cmd_Dump */ 'P', PR_FALSE, 0, PR_FALSE }, { /* cmd_RSAPopulate */ 'R', PR_FALSE, 0, PR_FALSE }, { /* cmd_RSAPopulateKV */ 'K', PR_FALSE, 0, PR_FALSE }, { /* cmd_Sign */ 'S', PR_FALSE, 0, PR_FALSE }, { /* cmd_SelfTest */ 'T', PR_FALSE, 0, PR_FALSE }, { /* cmd_Verify */ 'V', PR_FALSE, 0, PR_FALSE } }; static secuCommandFlag bltest_options[] = { { /* opt_B64 */ 'a', PR_FALSE, 0, PR_FALSE }, { /* opt_BufSize */ 'b', PR_TRUE, 0, PR_FALSE }, { /* opt_Restart */ 'c', PR_FALSE, 0, PR_FALSE }, { /* opt_SelfTestDir */ 'd', PR_TRUE, 0, PR_FALSE }, { /* opt_Exponent */ 'e', PR_TRUE, 0, PR_FALSE }, { /* opt_SigFile */ 'f', PR_TRUE, 0, PR_FALSE }, { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE }, { /* opt_Hex */ 'h', PR_FALSE, 0, PR_FALSE }, { /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE }, { /* opt_PQGFile */ 'j', PR_TRUE, 0, PR_FALSE }, { /* opt_Key */ 'k', PR_TRUE, 0, PR_FALSE }, { /* opt_HexWSpc */ 'l', PR_FALSE, 0, PR_FALSE }, { /* opt_Mode */ 'm', PR_TRUE, 0, PR_FALSE }, { /* opt_CurveName */ 'n', PR_TRUE, 0, PR_FALSE }, { /* opt_Output */ 'o', PR_TRUE, 0, PR_FALSE }, { /* opt_Repetitions */ 'p', PR_TRUE, 0, PR_FALSE }, { /* opt_ZeroBuf */ 'q', PR_FALSE, 0, PR_FALSE }, { /* opt_Rounds */ 'r', PR_TRUE, 0, PR_FALSE }, { /* opt_Seed */ 's', PR_TRUE, 0, PR_FALSE }, { /* opt_SigSeedFile */ 't', PR_TRUE, 0, PR_FALSE }, { /* opt_CXReps */ 'u', PR_TRUE, 0, PR_FALSE }, { /* opt_IV */ 'v', PR_TRUE, 0, PR_FALSE }, { /* opt_WordSize */ 'w', PR_TRUE, 0, PR_FALSE }, { /* opt_UseSeed */ 'x', PR_FALSE, 0, PR_FALSE }, { /* opt_UseSigSeed */ 'y', PR_FALSE, 0, PR_FALSE }, { /* opt_SeedFile */ 'z', PR_FALSE, 0, PR_FALSE }, { /* opt_AAD */ 0, PR_TRUE, 0, PR_FALSE, "aad" }, { /* opt_InputOffset */ '1', PR_TRUE, 0, PR_FALSE }, { /* opt_OutputOffset */ '2', PR_TRUE, 0, PR_FALSE }, { /* opt_MonteCarlo */ '3', PR_FALSE, 0, PR_FALSE }, { /* opt_ThreadNum */ '4', PR_TRUE, 0, PR_FALSE }, { /* opt_SecondsToRun */ '5', PR_TRUE, 0, PR_FALSE }, { /* opt_CmdLine */ '-', PR_FALSE, 0, PR_FALSE } }; int main(int argc, char **argv) { SECStatus rv = SECFailure; double totalTime = 0.0; PRIntervalTime time1, time2; PRFileDesc *outfile = NULL; bltestCipherInfo *cipherInfoListHead, *cipherInfo = NULL; bltestIOMode ioMode; int bufsize, exponent, curThrdNum; char *curveName = NULL; int i, commandsEntered; int inoff, outoff; int threads = 1; secuCommand bltest; bltest.numCommands = sizeof(bltest_commands) / sizeof(secuCommandFlag); bltest.numOptions = sizeof(bltest_options) / sizeof(secuCommandFlag); bltest.commands = bltest_commands; bltest.options = bltest_options; progName = strrchr(argv[0], '/'); if (!progName) progName = strrchr(argv[0], '\\'); progName = progName ? progName + 1 : argv[0]; rv = NSS_InitializePRErrorTable(); if (rv != SECSuccess) { SECU_PrintPRandOSError(progName); return -1; } rv = RNG_RNGInit(); if (rv != SECSuccess) { SECU_PrintPRandOSError(progName); return -1; } rv = BL_Init(); if (rv != SECSuccess) { SECU_PrintPRandOSError(progName); return -1; } RNG_SystemInfoForRNG(); rv = SECU_ParseCommandLine(argc, argv, progName, &bltest); if (rv == SECFailure) { fprintf(stderr, "%s: command line parsing error!\n", progName); goto print_usage; } rv = SECFailure; cipherInfo = PORT_ZNew(bltestCipherInfo); cipherInfoListHead = cipherInfo; /* Check the number of commands entered on the command line. */ commandsEntered = 0; for (i = 0; i < bltest.numCommands; i++) if (bltest.commands[i].activated) commandsEntered++; if (commandsEntered > 1 && !(commandsEntered == 2 && bltest.commands[cmd_SelfTest].activated)) { fprintf(stderr, "%s: one command at a time!\n", progName); goto print_usage; } if (commandsEntered == 0) { fprintf(stderr, "%s: you must enter a command!\n", progName); goto print_usage; } if (bltest.commands[cmd_Sign].activated) bltest.commands[cmd_Encrypt].activated = PR_TRUE; if (bltest.commands[cmd_Verify].activated) bltest.commands[cmd_Decrypt].activated = PR_TRUE; if (bltest.commands[cmd_Hash].activated) bltest.commands[cmd_Encrypt].activated = PR_TRUE; inoff = outoff = 0; if (bltest.options[opt_InputOffset].activated) inoff = PORT_Atoi(bltest.options[opt_InputOffset].arg); if (bltest.options[opt_OutputOffset].activated) outoff = PORT_Atoi(bltest.options[opt_OutputOffset].arg); testdir = (bltest.options[opt_SelfTestDir].activated) ? strdup(bltest.options[opt_SelfTestDir].arg) : "."; /* * Handle three simple cases first */ /* test the RSA_PopulatePrivateKey function with known vectors */ if (bltest.commands[cmd_RSAPopulateKV].activated) { PORT_Free(cipherInfo); return doRSAPopulateTestKV(); } /* test the RSA_PopulatePrivateKey function */ if (bltest.commands[cmd_RSAPopulate].activated) { unsigned int keySize = 1024; unsigned long exponent = 65537; int rounds = 1; int ret = -1; if (bltest.options[opt_KeySize].activated) { keySize = PORT_Atoi(bltest.options[opt_KeySize].arg); } if (bltest.options[opt_Rounds].activated) { rounds = PORT_Atoi(bltest.options[opt_Rounds].arg); } if (bltest.options[opt_Exponent].activated) { exponent = PORT_Atoi(bltest.options[opt_Exponent].arg); } for (i = 0; i < rounds; i++) { printf("Running RSA Populate test round %d\n", i); ret = doRSAPopulateTest(keySize, exponent); if (ret != 0) { break; } } if (ret != 0) { fprintf(stderr, "RSA Populate test round %d: FAILED\n", i); } PORT_Free(cipherInfo); return ret; } /* Do BLAPI self-test */ if (bltest.commands[cmd_SelfTest].activated) { PRBool encrypt = PR_TRUE, decrypt = PR_TRUE; /* user may specified a set of ciphers to test. parse them. */ bltestCipherMode modesToTest[NUMMODES]; int numModesToTest = 0; char *tok, *str; str = bltest.options[opt_Mode].arg; while (str) { tok = strchr(str, ','); if (tok) *tok = '\0'; modesToTest[numModesToTest++] = get_mode(str); if (tok) { *tok = ','; str = tok + 1; } else { break; } } if (bltest.commands[cmd_Decrypt].activated && !bltest.commands[cmd_Encrypt].activated) encrypt = PR_FALSE; if (bltest.commands[cmd_Encrypt].activated && !bltest.commands[cmd_Decrypt].activated) decrypt = PR_FALSE; rv = blapi_selftest(modesToTest, numModesToTest, inoff, outoff, encrypt, decrypt); PORT_Free(cipherInfo); return rv == SECSuccess ? 0 : 1; } /* Do FIPS self-test */ if (bltest.commands[cmd_FIPS].activated) { CK_RV ckrv = sftk_FIPSEntryOK(); fprintf(stdout, "CK_RV: %ld.\n", ckrv); PORT_Free(cipherInfo); if (ckrv == CKR_OK) return SECSuccess; return SECFailure; } /* * Check command line arguments for Encrypt/Decrypt/Hash/Sign/Verify */ if ((bltest.commands[cmd_Decrypt].activated || bltest.commands[cmd_Verify].activated) && bltest.options[opt_BufSize].activated) { fprintf(stderr, "%s: Cannot use a nonce as input to decrypt/verify.\n", progName); goto print_usage; } if (bltest.options[opt_Mode].activated) { cipherInfo->mode = get_mode(bltest.options[opt_Mode].arg); if (cipherInfo->mode == bltestINVALID) { goto print_usage; } } else { fprintf(stderr, "%s: You must specify a cipher mode with -m.\n", progName); goto print_usage; } if (bltest.options[opt_Repetitions].activated && bltest.options[opt_SecondsToRun].activated) { fprintf(stderr, "%s: Operation time should be defined in either " "repetitions(-p) or seconds(-5) not both", progName); goto print_usage; } if (bltest.options[opt_Repetitions].activated) { cipherInfo->repetitionsToPerfom = PORT_Atoi(bltest.options[opt_Repetitions].arg); } else { cipherInfo->repetitionsToPerfom = 0; } if (bltest.options[opt_SecondsToRun].activated) { cipherInfo->seconds = PORT_Atoi(bltest.options[opt_SecondsToRun].arg); } else { cipherInfo->seconds = 0; } if (bltest.options[opt_CXReps].activated) { cipherInfo->cxreps = PORT_Atoi(bltest.options[opt_CXReps].arg); } else { cipherInfo->cxreps = 0; } if (bltest.options[opt_ThreadNum].activated) { threads = PORT_Atoi(bltest.options[opt_ThreadNum].arg); if (threads <= 0) { threads = 1; } } /* Dump a file (rsakey, dsakey, etc.) */ if (bltest.commands[cmd_Dump].activated) { rv = dump_file(cipherInfo->mode, bltest.options[opt_Input].arg); PORT_Free(cipherInfo); return rv; } /* default input mode is binary */ ioMode = (bltest.options[opt_B64].activated) ? bltestBase64Encoded : (bltest.options[opt_Hex].activated) ? bltestHexStream : (bltest.options[opt_HexWSpc].activated) ? bltestHexSpaceDelim : bltestBinary; if (bltest.options[opt_Exponent].activated) exponent = PORT_Atoi(bltest.options[opt_Exponent].arg); else exponent = 65537; if (bltest.options[opt_CurveName].activated) curveName = PORT_Strdup(bltest.options[opt_CurveName].arg); else curveName = NULL; if (bltest.commands[cmd_Verify].activated && !bltest.options[opt_SigFile].activated) { fprintf(stderr, "%s: You must specify a signature file with -f.\n", progName); print_usage: if (cipherInfo) { PORT_Free(cipherInfo); } Usage(); } if (bltest.options[opt_MonteCarlo].activated) { cipherInfo->mCarlo = PR_TRUE; } else { cipherInfo->mCarlo = PR_FALSE; } for (curThrdNum = 0; curThrdNum < threads; curThrdNum++) { int keysize = 0; PRFileDesc *file = NULL, *infile; bltestParams *params; char *instr = NULL; PLArenaPool *arena; if (curThrdNum > 0) { bltestCipherInfo *newCInfo = PORT_ZNew(bltestCipherInfo); if (!newCInfo) { fprintf(stderr, "%s: Can not allocate memory.\n", progName); goto exit_point; } newCInfo->mode = cipherInfo->mode; newCInfo->mCarlo = cipherInfo->mCarlo; newCInfo->repetitionsToPerfom = cipherInfo->repetitionsToPerfom; newCInfo->seconds = cipherInfo->seconds; newCInfo->cxreps = cipherInfo->cxreps; cipherInfo->next = newCInfo; cipherInfo = newCInfo; } arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); if (!arena) { fprintf(stderr, "%s: Can not allocate memory.\n", progName); goto exit_point; } cipherInfo->arena = arena; params = &cipherInfo->params; /* Set up an encryption key. */ keysize = 0; file = NULL; if (is_symmkeyCipher(cipherInfo->mode) || is_aeadCipher(cipherInfo->mode)) { char *keystr = NULL; /* if key is on command line */ if (bltest.options[opt_Key].activated) { if (bltest.options[opt_CmdLine].activated) { keystr = bltest.options[opt_Key].arg; } else { file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660); } } else { if (bltest.options[opt_KeySize].activated) keysize = PORT_Atoi(bltest.options[opt_KeySize].arg); else keysize = 8; /* use 64-bit default (DES) */ /* save the random key for reference */ file = PR_Open("tmp.key", PR_WRONLY | PR_CREATE_FILE, 00660); } params->key.mode = ioMode; setupIO(cipherInfo->arena, ¶ms->key, file, keystr, keysize); if (file) PR_Close(file); } else if (is_pubkeyCipher(cipherInfo->mode)) { if (bltest.options[opt_Key].activated) { file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660); } else { if (bltest.options[opt_KeySize].activated) keysize = PORT_Atoi(bltest.options[opt_KeySize].arg); else keysize = 64; /* use 512-bit default */ file = PR_Open("tmp.key", PR_WRONLY | PR_CREATE_FILE, 00660); } params->key.mode = bltestBase64Encoded; pubkeyInitKey(cipherInfo, file, keysize, exponent, curveName); PR_Close(file); } /* set up an initialization vector. */ if (cipher_requires_IV(cipherInfo->mode)) { char *ivstr = NULL; bltestSymmKeyParams *skp; file = NULL; #ifdef NSS_SOFTOKEN_DOES_RC5 if (cipherInfo->mode == bltestRC5_CBC) skp = (bltestSymmKeyParams *)¶ms->rc5; else #endif skp = ¶ms->sk; if (bltest.options[opt_IV].activated) { if (bltest.options[opt_CmdLine].activated) { ivstr = bltest.options[opt_IV].arg; } else { file = PR_Open(bltest.options[opt_IV].arg, PR_RDONLY, 00660); } } else { /* save the random iv for reference */ file = PR_Open("tmp.iv", PR_WRONLY | PR_CREATE_FILE, 00660); } memset(&skp->iv, 0, sizeof skp->iv); skp->iv.mode = ioMode; setupIO(cipherInfo->arena, &skp->iv, file, ivstr, keysize); if (file) { PR_Close(file); } } /* set up an initialization vector. */ if (is_authCipher(cipherInfo->mode)) { char *aadstr = NULL; bltestAuthSymmKeyParams *askp; file = NULL; askp = ¶ms->ask; if (bltest.options[opt_AAD].activated) { if (bltest.options[opt_CmdLine].activated) { aadstr = bltest.options[opt_AAD].arg; } else { file = PR_Open(bltest.options[opt_AAD].arg, PR_RDONLY, 00660); } } else { file = NULL; } memset(&askp->aad, 0, sizeof askp->aad); askp->aad.mode = ioMode; setupIO(cipherInfo->arena, &askp->aad, file, aadstr, 0); if (file) { PR_Close(file); } } if (bltest.commands[cmd_Verify].activated) { file = PR_Open(bltest.options[opt_SigFile].arg, PR_RDONLY, 00660); if (is_sigCipher(cipherInfo->mode)) { memset(¶ms->asymk.sig, 0, sizeof(bltestIO)); params->asymk.sig.mode = ioMode; setupIO(cipherInfo->arena, ¶ms->asymk.sig, file, NULL, 0); } if (file) { PR_Close(file); } } if (bltest.options[opt_PQGFile].activated) { file = PR_Open(bltest.options[opt_PQGFile].arg, PR_RDONLY, 00660); params->asymk.cipherParams.dsa.pqgdata.mode = bltestBase64Encoded; setupIO(cipherInfo->arena, ¶ms->asymk.cipherParams.dsa.pqgdata, file, NULL, 0); if (file) { PR_Close(file); } } /* Set up the input buffer */ if (bltest.options[opt_Input].activated) { if (bltest.options[opt_CmdLine].activated) { instr = bltest.options[opt_Input].arg; infile = NULL; } else { /* form file name from testdir and input arg. */ char *filename = bltest.options[opt_Input].arg; if (bltest.options[opt_SelfTestDir].activated && testdir && filename && filename[0] != '/') { filename = PR_smprintf("%s/tests/%s/%s", testdir, mode_strings[cipherInfo->mode], filename); if (!filename) { fprintf(stderr, "%s: Can not allocate memory.\n", progName); goto exit_point; } infile = PR_Open(filename, PR_RDONLY, 00660); PR_smprintf_free(filename); } else { infile = PR_Open(filename, PR_RDONLY, 00660); } } } else if (bltest.options[opt_BufSize].activated) { /* save the random plaintext for reference */ char *tmpFName = PR_smprintf("tmp.in.%d", curThrdNum); if (!tmpFName) { fprintf(stderr, "%s: Can not allocate memory.\n", progName); goto exit_point; } infile = PR_Open(tmpFName, PR_WRONLY | PR_CREATE_FILE, 00660); PR_smprintf_free(tmpFName); } else { infile = PR_STDIN; } if (!infile) { fprintf(stderr, "%s: Failed to open input file.\n", progName); goto exit_point; } cipherInfo->input.mode = ioMode; /* Set up the output stream */ if (bltest.options[opt_Output].activated) { /* form file name from testdir and input arg. */ char *filename = bltest.options[opt_Output].arg; if (bltest.options[opt_SelfTestDir].activated && testdir && filename && filename[0] != '/') { filename = PR_smprintf("%s/tests/%s/%s", testdir, mode_strings[cipherInfo->mode], filename); if (!filename) { fprintf(stderr, "%s: Can not allocate memory.\n", progName); goto exit_point; } outfile = PR_Open(filename, PR_WRONLY | PR_CREATE_FILE, 00660); PR_smprintf_free(filename); } else { outfile = PR_Open(filename, PR_WRONLY | PR_CREATE_FILE, 00660); } } else { outfile = PR_STDOUT; } if (!outfile) { fprintf(stderr, "%s: Failed to open output file.\n", progName); rv = SECFailure; goto exit_point; } cipherInfo->output.mode = ioMode; if (bltest.options[opt_SelfTestDir].activated && ioMode == bltestBinary) cipherInfo->output.mode = bltestBase64Encoded; if (is_hashCipher(cipherInfo->mode)) cipherInfo->params.hash.restart = bltest.options[opt_Restart].activated; bufsize = 0; if (bltest.options[opt_BufSize].activated) bufsize = PORT_Atoi(bltest.options[opt_BufSize].arg); /*infile = NULL;*/ setupIO(cipherInfo->arena, &cipherInfo->input, infile, instr, bufsize); if (infile && infile != PR_STDIN) PR_Close(infile); misalignBuffer(cipherInfo->arena, &cipherInfo->input, inoff); cipherInit(cipherInfo, bltest.commands[cmd_Encrypt].activated); misalignBuffer(cipherInfo->arena, &cipherInfo->output, outoff); } if (!bltest.commands[cmd_Nonce].activated) { TIMESTART(); cipherInfo = cipherInfoListHead; while (cipherInfo != NULL) { cipherInfo->cipherThread = PR_CreateThread(PR_USER_THREAD, ThreadExecTest, cipherInfo, PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD, PR_JOINABLE_THREAD, 0); cipherInfo = cipherInfo->next; } cipherInfo = cipherInfoListHead; while (cipherInfo != NULL) { PR_JoinThread(cipherInfo->cipherThread); finishIO(&cipherInfo->output, outfile); cipherInfo = cipherInfo->next; } TIMEFINISH(totalTime, 1); } cipherInfo = cipherInfoListHead; if (cipherInfo->repetitions > 0 || cipherInfo->cxreps > 0 || threads > 1) dump_performance_info(cipherInfoListHead, totalTime, bltest.commands[cmd_Encrypt].activated, (cipherInfo->repetitions == 0)); rv = SECSuccess; exit_point: if (outfile && outfile != PR_STDOUT) PR_Close(outfile); cipherInfo = cipherInfoListHead; while (cipherInfo != NULL) { bltestCipherInfo *tmpInfo = cipherInfo; if (cipherInfo->arena) PORT_FreeArena(cipherInfo->arena, PR_TRUE); cipherInfo = cipherInfo->next; PORT_Free(tmpInfo); } /*NSS_Shutdown();*/ return SECSuccess; } nss-3.35/nss/cmd/bltest/bltest.gyp0000644000000000000000000000144313230126417015257 0ustar 00000000000000# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. { 'includes': [ '../../coreconf/config.gypi', '../../cmd/platlibs.gypi' ], 'targets': [ { 'target_name': 'bltest', 'type': 'executable', 'sources': [ 'blapitest.c' ], 'dependencies': [ '<(DEPTH)/exports.gyp:dbm_exports', '<(DEPTH)/exports.gyp:nss_exports', '<(DEPTH)/lib/sqlite/sqlite.gyp:sqlite3' ] } ], 'target_defaults': { 'include_dirs': [ '../../nss/lib/softoken' ], 'defines': [ 'NSS_USE_STATIC_LIBS' ] }, 'variables': { 'module': 'nss', 'use_static_libs': 1 } }nss-3.35/nss/cmd/bltest/manifest.mn0000644000000000000000000000067113230126417015405 0ustar 00000000000000# # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. CORE_DEPTH = ../.. MODULE = nss REQUIRES = seccmd dbm softoken INCLUDES += -I$(CORE_DEPTH)/nss/lib/softoken PROGRAM = bltest USE_STATIC_LIBS = 1 EXPORTS = \ $(NULL) PRIVATE_EXPORTS = \ $(NULL) CSRCS = \ blapitest.c \ $(NULL) nss-3.35/nss/cmd/bltest/pkcs1_vectors.h0000644000000000000000000013131713230126417016204 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* Vectors from pkcs1v15sign-vectors.txt */ struct pkcs1_test_vector { unsigned char *n; unsigned long n_len; unsigned char *e; unsigned long e_len; unsigned char *d; unsigned long d_len; unsigned char *p; unsigned long p_len; unsigned char *q; unsigned long q_len; }; struct pkcs1_test_vector PKCS1_VECTORS[15] = { { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, }, { (unsigned char[]){ 0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4, 0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3, 0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b, 0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1, 0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8, 0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37 }, 128, (unsigned char[]){ 0x01, 0x00, 0x01 }, 3, (unsigned char[]){ 0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae, 0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8, 0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70, 0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c, 0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc, 0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25 }, 128, (unsigned char[]){ 0xb6, 0x9d, 0xca, 0x1c, 0xf7, 0xd4, 0xd7, 0xec, 0x81, 0xe7, 0x5b, 0x90, 0xfc, 0xca, 0x87, 0x4a, 0xbc, 0xde, 0x12, 0x3f, 0xd2, 0x70, 0x01, 0x80, 0xaa, 0x90, 0x47, 0x9b, 0x6e, 0x48, 0xde, 0x8d, 0x67, 0xed, 0x24, 0xf9, 0xf1, 0x9d, 0x85, 0xba, 0x27, 0x58, 0x74, 0xf5, 0x42, 0xcd, 0x20, 0xdc, 0x72, 0x3e, 0x69, 0x63, 0x36, 0x4a, 0x1f, 0x94, 0x25, 0x45, 0x2b, 0x26, 0x9a, 0x67, 0x99, 0xfd }, 64, (unsigned char[]){ 0xe7, 0xe8, 0x94, 0x27, 0x20, 0xa8, 0x77, 0x51, 0x72, 0x73, 0xa3, 0x56, 0x05, 0x3e, 0xa2, 0xa1, 0xbc, 0x0c, 0x94, 0xaa, 0x72, 0xd5, 0x5c, 0x6e, 0x86, 0x29, 0x6b, 0x2d, 0xfc, 0x96, 0x79, 0x48, 0xc0, 0xa7, 0x2c, 0xbc, 0xcc, 0xa7, 0xea, 0xcb, 0x35, 0x70, 0x6e, 0x09, 0xa1, 0xdf, 0x55, 0xa1, 0x53, 0x5b, 0xd9, 0xb3, 0xcc, 0x34, 0x16, 0x0b, 0x3b, 0x6d, 0xcd, 0x3e, 0xda, 0x8e, 0x64, 0x43 }, 64, } }; nss-3.35/nss/cmd/bltest/tests/README0000644000000000000000000000522313230126417015263 0ustar 00000000000000This directory contains a set of tests for each cipher supported by BLAPI. Each subdirectory contains known plaintext and ciphertext pairs (and keys and/or iv's if needed). The tests can be run as a full set with: bltest -T or as subsets, for example: bltest -T -m des_ecb,md2,rsa In each subdirectory, the plaintext, key, and iv are ascii, and treated as such. The ciphertext is base64-encoded to avoid the hassle of binary files. To add a test, incremement the value in the numtests file. Create a plaintext, key, and iv file, such that the name of the file is incrememted one from the last set of tests. For example, if you are adding the second test, put your data in files named plaintext1, key1, and iv1 (ignoring key and iv if they are not needed, of course). Make sure your key and iv are the correct number of bytes for your cipher (a trailing \n is okay, but any other trailing bytes will be used!). Once you have your input data, create output data by running bltest on a trusted implementation. For example, for a new DES ECB test, run bltest -E -m des_ecb -i plaintext1 -k key1 -o ciphertext1 -a in the tests/des_ecb directory. Then run bltest -T des_ecb from the cmd/bltest directory in the tree of the implementation you want to test. Note that the -a option above is important, it tells bltest to expect the input to be straight ASCII, and not base64 encoded binary! Special cases: RC5: RC5 can take additional parameters, the number of rounds to perform and the wordsize to use. The number of rounds is between is between 0 and 255, and the wordsize is either is either 16, 32, or 64 bits (at this time only 32-bit is supported). These parameters are specified in a paramsN file, where N is an index as above. The format of the file is "rounds=R\nwordsize=W\n". public key modes (RSA and DSA): Asymmetric key ciphers use keys with special properties, so creating a key file with "Mozilla!" in it will not get you very far! To create a public key, run bltest with the plaintext you want to encrypt, using a trusted implementation. bltest will generate a key and store it in "tmp.key", rename that file to keyN. For example: bltest -E -m rsa -i plaintext0 -o ciphertext0 -e 65537 -g 32 -a mv tmp.key key0 RSA-OAEP/RSA-PSS: RSA-OAEP and RSA-PSS have a number of additional parameters to feed in. - "seedN": The seed or salt to use when encrypting/signing - "hashN" / "maskhashN" - The base digest algorithm and the digest algorithm to use with MGF1, respectively. This should be an ASCII string specifying one of the hash algorithms recognized by bltest (eg: "sha1", "sha256") [note: specifying a keysize (-g) when using RSA is important!] nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext00000644000000000000000000000005613230126417020143 0ustar 00000000000000oJLgOzZ1GiWt3DGo2sPKaOnyGuRz5sZwmDyn4dvAqd8= nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext10000644000000000000000000000003213230126417020136 0ustar 00000000000000AzZ2PpZtkllaVnzJzlN/Xg== nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext100000644000000000000000000000026213230126417020223 0ustar 00000000000000eykx9YVfcXFF4A8VKp9HlDWbH/yz5V9ZTjMJi1HCOmx0oGwdlP3tf9KuQsfbesrv WETLM67dxoUlhe0AIKZpnSy1OAnO/RaRSM5CKSr6sGNEOXgwbFgsGLnODaPQhM5N PEgs/Y/PGoUITon7iLQKCE1elyRm0HZmEm+3YfhAePI= nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext110000644000000000000000000000030613230126417020223 0ustar 00000000000000sJUS8+/57Q2FiQmDpz2tu3w2eNUlgb5kqKj8WG9JDyUhKXpHigWYBA69D1UJ+vsJ afnZ5gDq7zOxuT7tmWh7Fn+JpQZarEOc5G87jSLTCGXmTkXvjNMLaYQ1OoRKEcjN YNug6IZrPuMNJLP6imQ7MoNT4GAQ+oJzyP1U7woraTDlUgquXNWQL5uGozWSykNl nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext120000644000000000000000000000034013230126417020222 0ustar 00000000000000a+ihKABFWjIFOIU+DLoxvS2A6gyFFkpMXCYa5IVBfZPv/i68DQoLUdbqGGM9IQz2 PAxN28J2B/LoHtkRMZHvhtVvO5m+bEFaQVApn7hGznFgtAtjuvEXnRknWi6DaYN2 0ouSVIxo4G5tmU4sFQHtKXAU5wLN7+4vZWRHcGAJYU2AHeHKr3P4t/pWzxupS2MZ M7vld2JDgIUPEXQ1oDVbKw== nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext130000644000000000000000000000005613230126417020227 0ustar 00000000000000UdRHefkNQKgASCdsA1y0nKKke8ubnPcnC5FEeTeH1T8= nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext140000644000000000000000000000013413230126417020225 0ustar 000000000000001fVYl2C/nHYiKP3iNt4fot0trUSNs/qb4MQZbv1Go1yE3RrHfZ21jJWRjLMXpkMK CNL7ao6LDxybcsejRNw0nw== nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext150000644000000000000000000000020413230126417020224 0ustar 00000000000000dTlZdL0ys2ZWVKbI45a4iuNLEjV1hyp6tofY52tG35EailkM0B0vXDML46Zibp3T ql4Q7RTo/4KYEbb+1Q8/UzykOFocvKePXEdE5Q8vg1kWXCSF0TJOdsPq52oMysYp nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext160000644000000000000000000000026213230126417020231 0ustar 00000000000000gVjiFCDyW1nWrpQ/ocvyHwLpefQZ2rASanIbfu9Vvumtl/XM/30jkFe7wZqMN4FC 92cvHV5+F9e+vLAHDoNVys5mYBcaU7YYFq6CSm72nORwtv/TtbtLQ4h02R0nhU07 byWGDTholY3jMH1isTOb3duKMYwM4PM8F8rw6fYECCA= nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext170000644000000000000000000000030613230126417020231 0ustar 00000000000000km2ySMwbog8MV2MafIrvCU95GTe5BZSeNGAkDov6b6SDEVobMQtuQ2nK68UmKIg3 ex3apYAOpJaivf8PmhAx5xKcmiDjViHn8Li6yg2HAw8q58qFk8hZlnegb9SyYAnq 0I/srCTKqc8srTtHDIInQVp7Hg8uqz+tltcKIJyLsmxidnfiUxuUNcpuPERNGVtf nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext180000644000000000000000000000034013230126417020230 0ustar 00000000000000yCzyxHbeqMtqbmB6QNLwORvoLqnshKU3poIPmvuZe3Y5fQBUJPqmp03E6MeqSokA aQ+JS20dyoBnU5PSJDrax2LxWTAeNX6YtyR2IxDNWnuv4cKgMNukb9k6n9uJzBMs qcF9xyAx7Ggi7lqdmdvKZseEwBsIhcu2LinZeAGSfsQVpdIVFY0yX57miUN60bdo StM8DZJzlFGsh/Of+MMbhA== nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext190000644000000000000000000000005613230126417020235 0ustar 00000000000000L6Dfciqf07ZMsY+ys9tV/yJnQidXKJQT+PZXUHQSpkw= nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext20000644000000000000000000000003213230126417020137 0ustar 00000000000000qaFjG/SZaVTrwJOVeyNFiQ== nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext200000644000000000000000000000013413230126417020222 0ustar 00000000000000BdXHdylCGwi3N+QRGfpEONH1cMx3Kk1sPff/7aA4TvhCiM43/ExMfRElpJmwUTZM OJ/WOb3aZH2qO9rasutVlA== nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext210000644000000000000000000000020413230126417020221 0ustar 00000000000000rD1tuv4uD3QGMv2eggv2BEzVsVUcu5zAPAslw5zLfzO4Oqz8pAoyZfK7/4eRU0SK ysuI/Ps7t7EP5GOmjAEJ8Cg4Lj5VexrfAu1kira7iV3wIF0m67+ppf2M69jkvuPc nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext220000644000000000000000000000026213230126417020226 0ustar 00000000000000kLe5YwojePU/UBq3vv8DkVUAgHG8hDjniZMs/T6xKZGVRl5mM4SUY/20Q3Unji/b ExCCHmSSz4D/Fct3JQn7Qm867uJ71JOIgv0q5rW9nZH6SkOxe7Q5675ZwEIxAWOo Kl/lOIeW7uNaGBoScfAL4puFLY+nWbrQH/RnjwEFlM0= nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext230000644000000000000000000000030613230126417020226 0ustar 00000000000000AlSyNGO8q+xaOV63TI+w6xN6B7xvXp9h7AsFfeMFcU+PopQiHJGhWcMVk5uB4wDu kCGS7F8VJUQo2HcveTJOxDKYyiHACzcCc+5eXtkOQ++h4FpdFxIJ/jT58pI326Km cmZQ/TsTIXR9EgiGPGw8az4th5q18leC8Iuo8qu+Y+C+20oifoGvs2u2ZFUINW00 nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext240000644000000000000000000000034013230126417020225 0ustar 00000000000000/Fhz5Q3o+vTGuEunB7CFTp25qy6ffXB/u6M4xoQ6GPxvrOuvZj0mKW+zKbTSbxhJ THngnneWR/m6+odIljDXn0MBYQwjAMGdvzFIt8rIxPSUQQJ1TzMukrb3xedbxhee uHegeNRxkAkCF0TBTxP9KlWiucRNGAAGhahFpPYyx8VqdzBu+maiTQXQiNzXwT/i T8RHJ1ll255NN/vJMERIzQ== nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext30000644000000000000000000000003213230126417020140 0ustar 00000000000000J1z8BBPYzLcFE8OFmx0Pcg== nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext40000644000000000000000000000003213230126417020141 0ustar 00000000000000ybgTX/G1rcQT39BTshvZbQ== nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext50000644000000000000000000000003213230126417020142 0ustar 00000000000000XJ2ETtRvmIUIXl1qT5TH1w== nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext60000644000000000000000000000003213230126417020143 0ustar 00000000000000qf91vXz2YT03Mcd8O20MBA== nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext70000644000000000000000000000005613230126417020152 0ustar 00000000000000xNxh2XJZZ6MCAQSpc48jhoUnzoOaqxdS/YvblagsTQA= nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext80000644000000000000000000000013413230126417020150 0ustar 00000000000000Gblgl3LGPzOGCL9utSyhC+ZQl/icHgkFxCQB/Ud5GuLFRAstRzEWyni9n/L7YBXP 0xZSTq59y5Wuc46+roSkZw== nss-3.35/nss/cmd/bltest/tests/aes_cbc/ciphertext90000644000000000000000000000020413230126417020147 0ustar 00000000000000O4YRv8SXPFzY6YKwc7MxhM0mEQFZFy5EmI61/1ZhoeFvrWclj8v+5VRpJnoS3DdI k7TjUz029WNMMJVYNZbxNaqM0RONyJi8VlHuNakuv4mrautTZmU7xgpw4AdPwR7+ nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv00000644000000000000000000000002113230126417016372 0ustar 00000000000000qwertyuiopasdfgh nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv10000644000000000000000000000002013230126417016372 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv100000644000000000000000000000002013230126417016452 0ustar 000000000000004n\ЮXS,nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv110000644000000000000000000000002013230126417016453 0ustar 00000000000000$_&[vnss-3.35/nss/cmd/bltest/tests/aes_cbc/iv120000644000000000000000000000002013230126417016454 0ustar 00000000000000/H$Jnss-3.35/nss/cmd/bltest/tests/aes_cbc/iv130000644000000000000000000000002013230126417016455 0ustar 00000000000000f~My`P[nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv140000644000000000000000000000002013230126417016456 0ustar 00000000000000Y R9<8nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv150000644000000000000000000000002013230126417016457 0ustar 000000000000006긃lÏc(Fnss-3.35/nss/cmd/bltest/tests/aes_cbc/iv160000644000000000000000000000002013230126417016460 0ustar 00000000000000țЗëOHmnss-3.35/nss/cmd/bltest/tests/aes_cbc/iv170000644000000000000000000000002013230126417016461 0ustar 00000000000000(3E <nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv180000644000000000000000000000002013230126417016462 0ustar 00000000000000$@8,{cUnss-3.35/nss/cmd/bltest/tests/aes_cbc/iv190000644000000000000000000000002013230126417016463 0ustar 0000000000000047EquWnss-3.35/nss/cmd/bltest/tests/aes_cbc/iv20000644000000000000000000000002013230126417016373 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv200000644000000000000000000000002013230126417016453 0ustar 00000000000000+̻lI H*Vnss-3.35/nss/cmd/bltest/tests/aes_cbc/iv210000644000000000000000000000002013230126417016454 0ustar 00000000000000˗ SE ;nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv220000644000000000000000000000002013230126417016455 0ustar 00000000000000LYcY`&u>Inss-3.35/nss/cmd/bltest/tests/aes_cbc/iv230000644000000000000000000000002013230126417016456 0ustar 00000000000000Q? y%mnss-3.35/nss/cmd/bltest/tests/aes_cbc/iv240000644000000000000000000000002013230126417016457 0ustar 00000000000000ՁӶ꡵?~nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv30000644000000000000000000000002013230126417016374 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv40000644000000000000000000000002013230126417016375 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv50000644000000000000000000000002013230126417016376 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv60000644000000000000000000000002013230126417016377 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_cbc/iv70000644000000000000000000000002013230126417016400 0ustar 00000000000000X<e/ 40enss-3.35/nss/cmd/bltest/tests/aes_cbc/iv80000644000000000000000000000002013230126417016401 0ustar 00000000000000 ]`i|Jnss-3.35/nss/cmd/bltest/tests/aes_cbc/iv90000644000000000000000000000002013230126417016402 0ustar 00000000000000e60ָBznss-3.35/nss/cmd/bltest/tests/aes_cbc/key00000644000000000000000000000002113230126417016544 0ustar 00000000000000fedcba9876543210 nss-3.35/nss/cmd/bltest/tests/aes_cbc/key10000644000000000000000000000002013230126417016544 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_cbc/key100000644000000000000000000000002013230126417016624 0ustar 00000000000000đ1E)%Uxnss-3.35/nss/cmd/bltest/tests/aes_cbc/key110000644000000000000000000000002013230126417016625 0ustar 00000000000000}qMnjhjqnss-3.35/nss/cmd/bltest/tests/aes_cbc/key120000644000000000000000000000002013230126417016626 0ustar 00000000000000,A7Q'0W 6xknss-3.35/nss/cmd/bltest/tests/aes_cbc/key130000644000000000000000000000003013230126417016630 0ustar 00000000000000곱XsQ.k!nss-3.35/nss/cmd/bltest/tests/aes_cbc/key140000644000000000000000000000003013230126417016631 0ustar 00000000000000{{Mi~ϖuy|5nss-3.35/nss/cmd/bltest/tests/aes_cbc/key150000644000000000000000000000003013230126417016632 0ustar 00000000000000uZ Ӊ<ɸTTnss-3.35/nss/cmd/bltest/tests/aes_cbc/key160000644000000000000000000000003013230126417016633 0ustar 00000000000000 Ϟhw<1 Unss-3.35/nss/cmd/bltest/tests/aes_cbc/key170000644000000000000000000000003013230126417016634 0ustar 00000000000000+9nss-3.35/nss/cmd/bltest/tests/aes_cbc/key90000644000000000000000000000002013230126417016554 0ustar 00000000000000緺O|4F^nss-3.35/nss/cmd/bltest/tests/aes_cbc/mktst.sh0000644000000000000000000000071713230126417017463 0ustar 00000000000000#!/bin/sh for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 do file="test$i.txt" grep "KEY = " $file | sed -e 's;KEY = ;;' | hex > key$i grep "IV = " $file | sed -e 's;IV = ;;' | hex > iv$i grep "PLAINTEXT = " $file | sed -e 's;PLAINTEXT = ;;' | hex > plaintext$i grep "CIPHERTEXT = " $file | sed -e 's;CIPHERTEXT = ;;' | hex > ciphertext$i.bin btoa < ciphertext$i.bin > ciphertext$i rm ciphertext$i.bin done nss-3.35/nss/cmd/bltest/tests/aes_cbc/numtests0000644000000000000000000000000313230126417017556 0ustar 0000000000000025 nss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext00000644000000000000000000000004113230126417017766 0ustar 000000000000000123456789abcdef0123456789abcdef nss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext10000644000000000000000000000002013230126417017764 0ustar 00000000000000D<']snss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext100000644000000000000000000000020013230126417020044 0ustar 00000000000000jx~ Ve3l@QRd.My^{ҧL.TS ykǚMvъGflMPfTG6³$k{mE_ٿ켦5ΛE˝nss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext110000644000000000000000000000022013230126417020047 0ustar 00000000000000+ͼL`"W 2mM甎TR#D0~7y-@%_B@Ct8>'s; Uw/`?{,b6+q]?nss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext130000644000000000000000000000004013230126417020051 0ustar 00000000000000NLh#!mi9:-Yt@nss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext140000644000000000000000000000010013230126417020047 0ustar 0000000000000078wT"/L-+ y[A0#FhŎIyҖyOnss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext150000644000000000000000000000014013230126417020054 0ustar 00000000000000/_:X :kd1:4~8W#;wS.Qp!B1!Z-+p=Dnss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext190000644000000000000000000000004013230126417020057 0ustar 00000000000000PR 5iurT?f-1 Rnss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext20000644000000000000000000000002013230126417017765 0ustar 00000000000000d u"}Nrnss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext200000644000000000000000000000010013230126417020044 0ustar 000000000000007%k1 sXIC{4ɿOւ5&z an%JV}֎L8V;cnss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext210000644000000000000000000000014013230126417020051 0ustar 00000000000000:ަnBAw^7$^OdH2[`4[xe"nc?3avx\ۻȢkQ;;4i[r JR-6z2,}Ēq}d00ޡiNEaAj0LO㬃KOc8.s4U#Amߝ"$N%,nss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext240000644000000000000000000000024013230126417020055 0ustar 00000000000000 cӆEp aXUh26/J2*ѪtDV{N}J#+(hiV5Yz~ڼ䯩XUWPV$"$+V1 2&5=q_DBEX n,]YH%sAc,0nss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext30000644000000000000000000000002013230126417017766 0ustar 00000000000000zj)xmu9nss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext40000644000000000000000000000002013230126417017767 0ustar 00000000000000-BWdӚ#nss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext50000644000000000000000000000002013230126417017770 0ustar 00000000000000G0 %& T}nss-3.35/nss/cmd/bltest/tests/aes_cbc/plaintext60000644000000000000000000000002013230126417017771 0ustar 00000000000000 $6 key$i grep "Init. Counter" $file | sed -e 's;Init. Counter=;;' | hex > iv$i grep "Ciphertext" $file | sed -e 's;Ciphertext=;;' | hex | btoa > ciphertext$i grep "Plaintext" $file | sed -e 's;Plaintext=;;' | hex > plaintext$i done nss-3.35/nss/cmd/bltest/tests/aes_ctr/numtests0000644000000000000000000000000213230126417017616 0ustar 000000000000003 nss-3.35/nss/cmd/bltest/tests/aes_ctr/plaintext00000644000000000000000000000010013230126417020023 0ustar 00000000000000k.@=~s*-WoEQ0F\ R$EO+A{l7nss-3.35/nss/cmd/bltest/tests/aes_ctr/plaintext10000644000000000000000000000010013230126417020024 0ustar 00000000000000k.@=~s*-WoEQ0F\ R$EO+A{l7nss-3.35/nss/cmd/bltest/tests/aes_ctr/plaintext20000644000000000000000000000010013230126417020025 0ustar 00000000000000k.@=~s*-WoEQ0F\ R$EO+A{l7nss-3.35/nss/cmd/bltest/tests/aes_cts/aes-cts-type-1-vectors.txt0000644000000000000000000000563513230126417022733 0ustar 00000000000000# Raeburn Standards Track [Page 12] # # RFC 3962 AES Encryption for Kerberos 5 February 2005 # # Some test vectors for CBC with ciphertext stealing, using an initial # vector of all-zero. # # Original Test vectors were for AES CTS-3 (Kerberos). These test vectors have been modified for AES CTS-1 (NIST) # Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69 IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 Output: 97 c6 35 35 68 f2 bf 8c b4 d8 a5 80 36 2d a7 ff 7f Next IV: c6 35 35 68 f2 bf 8c b4 d8 a5 80 36 2d a7 ff 7f Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69 IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 fc 00 78 3e 0e fd b2 c1 d4 45 d4 c8 ef f7 ed 22 Next IV: fc 00 78 3e 0e fd b2 c1 d4 45 d4 c8 ef f7 ed 22 Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69 IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8 Next IV: 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8 Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69 IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 68 69 63 6b 65 6e 2c 20 70 6c 65 61 73 65 2c Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 b3 ff fd 94 0c 16 a1 8c 1b 55 49 d2 f8 38 02 9e Next IV: b3 ff fd 94 0c 16 a1 8c 1b 55 49 d2 f8 38 02 9e Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69 IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 68 69 63 6b 65 6e 2c 20 70 6c 65 61 73 65 2c 20 Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8 9d ad 8b bb 96 c4 cd c0 3b c1 03 e1 a1 94 bb d8 Next IV: 9d ad 8b bb 96 c4 cd c0 3b c1 03 e1 a1 94 bb d8 Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69 IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 68 69 63 6b 65 6e 2c 20 70 6c 65 61 73 65 2c 20 61 6e 64 20 77 6f 6e 74 6f 6e 20 73 6f 75 70 2e Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8 9d ad 8b bb 96 c4 cd c0 3b c1 03 e1 a1 94 bb d8 48 07 ef e8 36 ee 89 a5 26 73 0d bc 2f 7b c8 40 Next IV: 48 07 ef e8 36 ee 89 a5 26 73 0d bc 2f 7b c8 40 nss-3.35/nss/cmd/bltest/tests/aes_cts/aes_cts_0.txt0000644000000000000000000000045113230126417020423 0ustar 00000000000000Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69 IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 Output: 97 c6 35 35 68 f2 bf 8c b4 d8 a5 80 36 2d a7 ff 7f Next IV: c6 35 35 68 f2 bf 8c b4 d8 a5 80 36 2d a7 ff 7f nss-3.35/nss/cmd/bltest/tests/aes_cts/aes_cts_1.txt0000644000000000000000000000057513230126417020433 0ustar 00000000000000Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69 IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 fc 00 78 3e 0e fd b2 c1 d4 45 d4 c8 ef f7 ed 22 Next IV: fc 00 78 3e 0e fd b2 c1 d4 45 d4 c8 ef f7 ed 22 nss-3.35/nss/cmd/bltest/tests/aes_cts/aes_cts_2.txt0000644000000000000000000000060313230126417020424 0ustar 00000000000000Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69 IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8 Next IV: 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8 nss-3.35/nss/cmd/bltest/tests/aes_cts/aes_cts_3.txt0000644000000000000000000000073513230126417020433 0ustar 00000000000000Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69 IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 68 69 63 6b 65 6e 2c 20 70 6c 65 61 73 65 2c Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 b3 ff fd 94 0c 16 a1 8c 1b 55 49 d2 f8 38 02 9e Next IV: b3 ff fd 94 0c 16 a1 8c 1b 55 49 d2 f8 38 02 9e nss-3.35/nss/cmd/bltest/tests/aes_cts/aes_cts_4.txt0000644000000000000000000000074313230126417020433 0ustar 00000000000000Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69 IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 68 69 63 6b 65 6e 2c 20 70 6c 65 61 73 65 2c 20 Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8 9d ad 8b bb 96 c4 cd c0 3b c1 03 e1 a1 94 bb d8 Next IV: 9d ad 8b bb 96 c4 cd c0 3b c1 03 e1 a1 94 bb d8 nss-3.35/nss/cmd/bltest/tests/aes_cts/aes_cts_5.txt0000644000000000000000000000110313230126417020423 0ustar 00000000000000Key: 63 68 69 63 6b 65 6e 20 74 65 72 69 79 61 6b 69 IV: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Input: 49 20 77 6f 75 6c 64 20 6c 69 6b 65 20 74 68 65 20 47 65 6e 65 72 61 6c 20 47 61 75 27 73 20 43 68 69 63 6b 65 6e 2c 20 70 6c 65 61 73 65 2c 20 61 6e 64 20 77 6f 6e 74 6f 6e 20 73 6f 75 70 2e Output: 97 68 72 68 d6 ec cc c0 c0 7b 25 e2 5e cf e5 84 39 31 25 23 a7 86 62 d5 be 7f cb cc 98 eb f5 a8 9d ad 8b bb 96 c4 cd c0 3b c1 03 e1 a1 94 bb d8 48 07 ef e8 36 ee 89 a5 26 73 0d bc 2f 7b c8 40 Next IV: 48 07 ef e8 36 ee 89 a5 26 73 0d bc 2f 7b c8 40 nss-3.35/nss/cmd/bltest/tests/aes_cts/ciphertext00000644000000000000000000000003213230126417020177 0ustar 00000000000000l8Y1NWjyv4y02KWANi2n/38= nss-3.35/nss/cmd/bltest/tests/aes_cts/ciphertext10000644000000000000000000000005613230126417020206 0ustar 00000000000000l2hyaNbszMDAeyXiXs/l/AB4Pg79ssHURdTI7/ftIg== nss-3.35/nss/cmd/bltest/tests/aes_cts/ciphertext20000644000000000000000000000005613230126417020207 0ustar 00000000000000l2hyaNbszMDAeyXiXs/lhDkxJSOnhmLVvn/LzJjr9ag= nss-3.35/nss/cmd/bltest/tests/aes_cts/ciphertext30000644000000000000000000000010213230126417020200 0ustar 00000000000000l2hyaNbszMDAeyXiXs/lhDkxJSOnhmLVvn/LzJjr9bP//ZQMFqGMG1VJ0vg4Ap4= nss-3.35/nss/cmd/bltest/tests/aes_cts/ciphertext40000644000000000000000000000010213230126417020201 0ustar 00000000000000l2hyaNbszMDAeyXiXs/lhDkxJSOnhmLVvn/LzJjr9aidrYu7lsTNwDvBA+GhlLvY nss-3.35/nss/cmd/bltest/tests/aes_cts/ciphertext50000644000000000000000000000013413230126417020207 0ustar 00000000000000l2hyaNbszMDAeyXiXs/lhDkxJSOnhmLVvn/LzJjr9aidrYu7lsTNwDvBA+GhlLvY SAfv6DbuiaUmcw28L3vIQA== nss-3.35/nss/cmd/bltest/tests/aes_cts/iv00000644000000000000000000000004213230126417016437 0ustar 0000000000000055h򿌴إ6-nss-3.35/nss/cmd/bltest/tests/aes_cts/iv10000644000000000000000000000004213230126417016440 0ustar 00000000000000x>E"nss-3.35/nss/cmd/bltest/tests/aes_cts/iv20000644000000000000000000000004213230126417016441 0ustar 0000000000000091%#bվ̘nss-3.35/nss/cmd/bltest/tests/aes_cts/iv30000644000000000000000000000004213230126417016442 0ustar 00000000000000 UI8nss-3.35/nss/cmd/bltest/tests/aes_cts/iv40000644000000000000000000000004213230126417016443 0ustar 00000000000000;ᡔnss-3.35/nss/cmd/bltest/tests/aes_cts/iv50000644000000000000000000000004213230126417016444 0ustar 00000000000000H6&s /{@nss-3.35/nss/cmd/bltest/tests/aes_cts/key00000644000000000000000000000002013230126417016605 0ustar 00000000000000chicken teriyakinss-3.35/nss/cmd/bltest/tests/aes_cts/key10000644000000000000000000000002013230126417016606 0ustar 00000000000000chicken teriyakinss-3.35/nss/cmd/bltest/tests/aes_cts/key20000644000000000000000000000002013230126417016607 0ustar 00000000000000chicken teriyakinss-3.35/nss/cmd/bltest/tests/aes_cts/key30000644000000000000000000000002013230126417016610 0ustar 00000000000000chicken teriyakinss-3.35/nss/cmd/bltest/tests/aes_cts/key40000644000000000000000000000002013230126417016611 0ustar 00000000000000chicken teriyakinss-3.35/nss/cmd/bltest/tests/aes_cts/key50000644000000000000000000000002013230126417016612 0ustar 00000000000000chicken teriyakinss-3.35/nss/cmd/bltest/tests/aes_cts/mktst.sh0000644000000000000000000000047413230126417017525 0ustar 00000000000000#!/bin/sh for i in 0 1 2 3 4 5 do file="aes_cts_$i.txt" grep "Key" $file | sed -e 's;Key:;;' | hex > key$i grep "IV" $file | sed -e 's;IV:;;' | hex > iv$i grep "Input" $file | sed -e 's;Input:;;' | hex > plaintext$i grep "Output" $file | sed -e 's;Output:;;' | hex | btoa > ciphertext$i done nss-3.35/nss/cmd/bltest/tests/aes_cts/numtests0000644000000000000000000000000213230126417017617 0ustar 000000000000006 nss-3.35/nss/cmd/bltest/tests/aes_cts/plaintext00000644000000000000000000000002113230126417020026 0ustar 00000000000000I would like the nss-3.35/nss/cmd/bltest/tests/aes_cts/plaintext10000644000000000000000000000003713230126417020036 0ustar 00000000000000I would like the General Gau's nss-3.35/nss/cmd/bltest/tests/aes_cts/plaintext20000644000000000000000000000004013230126417020031 0ustar 00000000000000I would like the General Gau's Cnss-3.35/nss/cmd/bltest/tests/aes_cts/plaintext30000644000000000000000000000005713230126417020042 0ustar 00000000000000I would like the General Gau's Chicken, please,nss-3.35/nss/cmd/bltest/tests/aes_cts/plaintext40000644000000000000000000000006013230126417020035 0ustar 00000000000000I would like the General Gau's Chicken, please, nss-3.35/nss/cmd/bltest/tests/aes_cts/plaintext50000644000000000000000000000010013230126417020031 0ustar 00000000000000I would like the General Gau's Chicken, please, and wonton soup.nss-3.35/nss/cmd/bltest/tests/aes_ecb/ciphertext00000644000000000000000000000003213230126417020137 0ustar 00000000000000PVuaCIiaKQhblgFCbVMTTg== nss-3.35/nss/cmd/bltest/tests/aes_ecb/ciphertext10000644000000000000000000000003213230126417020140 0ustar 00000000000000AzZ2PpZtkllaVnzJzlN/Xg== nss-3.35/nss/cmd/bltest/tests/aes_ecb/ciphertext20000644000000000000000000000003213230126417020141 0ustar 00000000000000qaFjG/SZaVTrwJOVeyNFiQ== nss-3.35/nss/cmd/bltest/tests/aes_ecb/ciphertext30000644000000000000000000000003213230126417020142 0ustar 00000000000000J1z8BBPYzLcFE8OFmx0Pcg== nss-3.35/nss/cmd/bltest/tests/aes_ecb/ciphertext40000644000000000000000000000003213230126417020143 0ustar 00000000000000ybgTX/G1rcQT39BTshvZbQ== nss-3.35/nss/cmd/bltest/tests/aes_ecb/ciphertext50000644000000000000000000000003213230126417020144 0ustar 00000000000000XJ2ETtRvmIUIXl1qT5TH1w== nss-3.35/nss/cmd/bltest/tests/aes_ecb/ciphertext60000644000000000000000000000003213230126417020145 0ustar 00000000000000qf91vXz2YT03Mcd8O20MBA== nss-3.35/nss/cmd/bltest/tests/aes_ecb/key00000644000000000000000000000002113230126417016546 0ustar 00000000000000fedcba9876543210 nss-3.35/nss/cmd/bltest/tests/aes_ecb/key10000644000000000000000000000002013230126417016546 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_ecb/key20000644000000000000000000000002013230126417016547 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_ecb/key30000644000000000000000000000003013230126417016551 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_ecb/key40000644000000000000000000000003013230126417016552 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_ecb/key50000644000000000000000000000004013230126417016554 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_ecb/key60000644000000000000000000000004013230126417016555 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_ecb/mktst.sh0000644000000000000000000000054213230126417017461 0ustar 00000000000000#!/bin/sh for i in 1 2 3 4 5 6 do file="test$i.txt" grep "KEY = " $file | sed -e 's;KEY = ;;' | hex > key$i grep "PLAINTEXT = " $file | sed -e 's;PLAINTEXT = ;;' | hex > plaintext$i grep "CIPHERTEXT = " $file | sed -e 's;CIPHERTEXT = ;;' | hex > ciphertext$i.bin btoa < ciphertext$i.bin > ciphertext$i rm ciphertext$i.bin done nss-3.35/nss/cmd/bltest/tests/aes_ecb/numtests0000644000000000000000000000000213230126417017557 0ustar 000000000000007 nss-3.35/nss/cmd/bltest/tests/aes_ecb/plaintext00000644000000000000000000000002113230126417017766 0ustar 000000000000000123456789abcdef nss-3.35/nss/cmd/bltest/tests/aes_ecb/plaintext10000644000000000000000000000002013230126417017766 0ustar 00000000000000D<']snss-3.35/nss/cmd/bltest/tests/aes_ecb/plaintext20000644000000000000000000000002013230126417017767 0ustar 00000000000000d u"}Nrnss-3.35/nss/cmd/bltest/tests/aes_ecb/plaintext30000644000000000000000000000002013230126417017770 0ustar 00000000000000zj)xmu9nss-3.35/nss/cmd/bltest/tests/aes_ecb/plaintext40000644000000000000000000000002013230126417017771 0ustar 00000000000000-BWdӚ#nss-3.35/nss/cmd/bltest/tests/aes_ecb/plaintext50000644000000000000000000000002013230126417017772 0ustar 00000000000000G0 %& T}nss-3.35/nss/cmd/bltest/tests/aes_ecb/plaintext60000644000000000000000000000002013230126417017773 0ustar 00000000000000 $6 #include #include int tohex(int c) { if ((c >= '0') && (c <= '9')) { return c - '0'; } if ((c >= 'a') && (c <= 'f')) { return c - 'a' + 10; } if ((c >= 'A') && (c <= 'F')) { return c - 'A' + 10; } return 0; } int isspace(int c) { if (c <= ' ') return 1; if (c == '\n') return 1; if (c == '\t') return 1; if (c == ':') return 1; if (c == ';') return 1; if (c == ',') return 1; return 0; } void verify_nibble(int nibble, int current) { if (nibble != 0) { fprintf(stderr, "count mismatch %d (nibbles=0x%x)\n", nibble, current); fflush(stderr); } } int main(int argc, char **argv) { int c; int current = 0; int nibble = 0; int skip = 0; if (argv[1]) { skip = atoi(argv[1]); } #define NIBBLE_COUNT 2 while ((c = getchar()) != EOF) { if (isspace(c)) { verify_nibble(nibble, current); continue; } if (skip) { skip--; continue; } current = current << 4 | tohex(c); nibble++; if (nibble == NIBBLE_COUNT) { putchar(current); nibble = 0; current = 0; } } return 0; } nss-3.35/nss/cmd/bltest/tests/aes_gcm/iv00000644000000000000000000000001413230126417016413 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/iv10000644000000000000000000000001413230126417016414 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/iv100000644000000000000000000000001013230126417016470 0ustar 00000000000000ۭnss-3.35/nss/cmd/bltest/tests/aes_gcm/iv110000644000000000000000000000007413230126417016503 0ustar 00000000000000"]UZRijz8SO}ң(QV9BkRTjW7nss-3.35/nss/cmd/bltest/tests/aes_gcm/iv120000644000000000000000000000001413230126417016476 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/iv130000644000000000000000000000001413230126417016477 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/iv140000644000000000000000000000001413230126417016500 0ustar 00000000000000ۭnss-3.35/nss/cmd/bltest/tests/aes_gcm/iv150000644000000000000000000000001413230126417016501 0ustar 00000000000000ۭnss-3.35/nss/cmd/bltest/tests/aes_gcm/iv160000644000000000000000000000001013230126417016476 0ustar 00000000000000ۭnss-3.35/nss/cmd/bltest/tests/aes_gcm/iv170000644000000000000000000000007413230126417016511 0ustar 00000000000000"]UZRijz8SO}ң(QV9BkRTjW7nss-3.35/nss/cmd/bltest/tests/aes_gcm/iv20000644000000000000000000000001413230126417016415 0ustar 00000000000000ۭnss-3.35/nss/cmd/bltest/tests/aes_gcm/iv30000644000000000000000000000001413230126417016416 0ustar 00000000000000ۭnss-3.35/nss/cmd/bltest/tests/aes_gcm/iv40000644000000000000000000000001013230126417016413 0ustar 00000000000000ۭnss-3.35/nss/cmd/bltest/tests/aes_gcm/iv50000644000000000000000000000007413230126417016426 0ustar 00000000000000"]UZRijz8SO}ң(QV9BkRTjW7nss-3.35/nss/cmd/bltest/tests/aes_gcm/iv60000644000000000000000000000001413230126417016421 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/iv70000644000000000000000000000001413230126417016422 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/iv80000644000000000000000000000001413230126417016423 0ustar 00000000000000ۭnss-3.35/nss/cmd/bltest/tests/aes_gcm/iv90000644000000000000000000000001413230126417016424 0ustar 00000000000000ۭnss-3.35/nss/cmd/bltest/tests/aes_gcm/key00000644000000000000000000000002013230126417016562 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/key10000644000000000000000000000002013230126417016563 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/key100000644000000000000000000000003013230126417016644 0ustar 00000000000000钆esmjg0钆esnss-3.35/nss/cmd/bltest/tests/aes_gcm/key110000644000000000000000000000003013230126417016645 0ustar 00000000000000钆esmjg0钆esnss-3.35/nss/cmd/bltest/tests/aes_gcm/key120000644000000000000000000000004013230126417016647 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/key130000644000000000000000000000004013230126417016650 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/key140000644000000000000000000000004013230126417016651 0ustar 00000000000000钆esmjg0钆esmjg0nss-3.35/nss/cmd/bltest/tests/aes_gcm/key150000644000000000000000000000004013230126417016652 0ustar 00000000000000钆esmjg0钆esmjg0nss-3.35/nss/cmd/bltest/tests/aes_gcm/key160000644000000000000000000000004013230126417016653 0ustar 00000000000000钆esmjg0钆esmjg0nss-3.35/nss/cmd/bltest/tests/aes_gcm/key170000644000000000000000000000004013230126417016654 0ustar 00000000000000钆esmjg0钆esmjg0nss-3.35/nss/cmd/bltest/tests/aes_gcm/key20000644000000000000000000000002013230126417016564 0ustar 00000000000000钆esmjg0nss-3.35/nss/cmd/bltest/tests/aes_gcm/key30000644000000000000000000000002013230126417016565 0ustar 00000000000000钆esmjg0nss-3.35/nss/cmd/bltest/tests/aes_gcm/key40000644000000000000000000000002013230126417016566 0ustar 00000000000000钆esmjg0nss-3.35/nss/cmd/bltest/tests/aes_gcm/key50000644000000000000000000000002013230126417016567 0ustar 00000000000000钆esmjg0nss-3.35/nss/cmd/bltest/tests/aes_gcm/key60000644000000000000000000000003013230126417016571 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/key70000644000000000000000000000003013230126417016572 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/key80000644000000000000000000000003013230126417016573 0ustar 00000000000000钆esmjg0钆esnss-3.35/nss/cmd/bltest/tests/aes_gcm/key90000644000000000000000000000003013230126417016574 0ustar 00000000000000钆esmjg0钆esnss-3.35/nss/cmd/bltest/tests/aes_gcm/mktst.sh0000644000000000000000000000077213230126417017503 0ustar 00000000000000#!/bin/sh for i in 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 do file="test$i.txt" grep K= $file | sed -e 's;K=;;' | hex > key$i grep IV= $file | sed -e 's;IV=;;' | hex > iv$i grep "C=" $file | sed -e 's;C=;;' | hex > ciphertext$i.bin grep "P=" $file | sed -e 's;P=;;' | hex > plaintext$i grep "A=" $file | sed -e 's;A=;;' | hex > aad$i grep "T=" $file | sed -e 's;T=;;' | hex >> ciphertext$i.bin btoa < ciphertext$i.bin > ciphertext$i rm ciphertext$i.bin done nss-3.35/nss/cmd/bltest/tests/aes_gcm/numtests0000644000000000000000000000000313230126417017575 0ustar 0000000000000018 nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext00000644000000000000000000000000013230126417020000 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext10000644000000000000000000000002013230126417020003 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext100000644000000000000000000000007413230126417020074 0ustar 0000000000000012%Y ů&S4.L0=1r< h S/$I%j Wc{9nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext110000644000000000000000000000007413230126417020075 0ustar 0000000000000012%Y ů&S4.L0=1r< h S/$I%j Wc{9nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext120000644000000000000000000000000013230126417020063 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext130000644000000000000000000000002013230126417020066 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext140000644000000000000000000000010013230126417020066 0ustar 0000000000000012%Y ů&S4.L0=1r< h S/$I%j Wc{9Unss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext150000644000000000000000000000007413230126417020101 0ustar 0000000000000012%Y ů&S4.L0=1r< h S/$I%j Wc{9nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext160000644000000000000000000000007413230126417020102 0ustar 0000000000000012%Y ů&S4.L0=1r< h S/$I%j Wc{9nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext170000644000000000000000000000007413230126417020103 0ustar 0000000000000012%Y ů&S4.L0=1r< h S/$I%j Wc{9nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext20000644000000000000000000000010013230126417020003 0ustar 0000000000000012%Y ů&S4.L0=1r< h S/$I%j Wc{9Unss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext30000644000000000000000000000007413230126417020016 0ustar 0000000000000012%Y ů&S4.L0=1r< h S/$I%j Wc{9nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext40000644000000000000000000000007413230126417020017 0ustar 0000000000000012%Y ů&S4.L0=1r< h S/$I%j Wc{9nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext50000644000000000000000000000007413230126417020020 0ustar 0000000000000012%Y ů&S4.L0=1r< h S/$I%j Wc{9nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext60000644000000000000000000000000013230126417020006 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext70000644000000000000000000000002013230126417020011 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext80000644000000000000000000000010013230126417020011 0ustar 0000000000000012%Y ů&S4.L0=1r< h S/$I%j Wc{9Unss-3.35/nss/cmd/bltest/tests/aes_gcm/plaintext90000644000000000000000000000007413230126417020024 0ustar 0000000000000012%Y ů&S4.L0=1r< h S/$I%j Wc{9nss-3.35/nss/cmd/bltest/tests/aes_gcm/test0.txt0000644000000000000000000000051313230126417017576 0ustar 00000000000000test="Test Case 1" K=00000000000000000000000000000000 P= IV=000000000000000000000000 H=66e94bd4ef8a2c3b884cfa59ca342b2e Y0=00000000000000000000000000000001 E(K,Y0)=58e2fccefa7e3061367f1d57a4e7455a len(A)||len(C)=00000000000000000000000000000000 GHASH(H,A,C)=00000000000000000000000000000000 C= T=58e2fccefa7e3061367f1d57a4e7455a nss-3.35/nss/cmd/bltest/tests/aes_gcm/test1.txt0000644000000000000000000000077213230126417017606 0ustar 00000000000000test="Test Case 2" K=00000000000000000000000000000000 P=00000000000000000000000000000000 IV=000000000000000000000000 H=66e94bd4ef8a2c3b884cfa59ca342b2e Y0=00000000000000000000000000000001 E(K,Y0)=58e2fccefa7e3061367f1d57a4e7455a Y1=00000000000000000000000000000002 E(K,Y1)=0388dace60b6a392f328c2b971b2fe78 X1 5e2ec746917062882c85b0685353deb7 len(A)||len(C)=00000000000000000000000000000080 GHASH(H,A,C)=f38cbb1ad69223dcc3457ae5b6b0f885 C=0388dace60b6a392f328c2b971b2fe78 T=ab6e47d42cec13bdf53a67b21257bddf nss-3.35/nss/cmd/bltest/tests/aes_gcm/test10.txt0000644000000000000000000000231713230126417017663 0ustar 00000000000000test="Test Case 11" K=feffe9928665731c6d6a8f9467308308feffe9928665731c P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=cafebabefacedbad H=466923ec9ae682214f2c082badb39249 N1=9473c07b02544299cf007c42c5778218 len({})||len(IV)=00000000000000000000000000000040 Y0=a14378078d27258a6292737e1802ada5 E(K,Y0)=7bb6d647c902427ce7cf26563a337371 X1=f3bf7ba3e305aeb05ed0d2e4fe076666 X2=20a51fa2302e9c01b87c48f2c3d91a56 Y1=a14378078d27258a6292737e1802ada6 E(K,Y1)=d621c7bc5690a7b1487dbaab8ac76b22 Y2=a14378078d27258a6292737e1802ada7 E(K,Y2)=43c1ca7de78f4495ad0b18324e61fa25 Y3=a14378078d27258a6292737e1802ada8 E(K,Y3)=e1e0254a0f2f1626e9aa4ff09d7c64ec Y4=a14378078d27258a6292737e1802ada9 E(K,Y4)=5850f4502486a1681a9319ce7d0afa59 X3=8bdedafd6ee8e529689de3a269b8240d X4=6607feb377b49c9ecdbc696344fe22d8 X5=8a19570a06500ba9405fcece4a73fb48 X6=8532826e63ce4a5b89b70fa28f8070fe len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=1e6a133806607858ee80eaf237064089 C=0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7 T=65dcc57fcf623a24094fcca40d3533f8 nss-3.35/nss/cmd/bltest/tests/aes_gcm/test11.txt0000644000000000000000000000264313230126417017666 0ustar 00000000000000test="Test Case 12" K=feffe9928665731c6d6a8f9467308308feffe9928665731c P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b H=466923ec9ae682214f2c082badb39249 N1=19aef0f04763b0c87903c5a217d5314f N2=62120253f79efc978625d1feb03b5b5b N3=b6ce2a84e366de900fa78a1653df77fb N4=374ecad90487f0bb261ba817447e022c len({})||len(IV)=000000000000000000000000000001e0 Y0=4505cdc367a054c5002820e96aebef27 E(K,Y0)=5ea3194f9dd012a3b9bc5103d6e0284d X1=f3bf7ba3e305aeb05ed0d2e4fe076666 X2=20a51fa2302e9c01b87c48f2c3d91a56 Y1=4505cdc367a054c5002820e96aebef28 E(K,Y1)=0b4fba4de46722d9ed691f9f2029df65 Y2=4505cdc367a054c5002820e96aebef29 E(K,Y2)=9b4e088bf380b03540bb87a5a257e437 Y3=4505cdc367a054c5002820e96aebef2a E(K,Y3)=9ddb9c873a5cd48acd3f397cd28f9896 Y4=4505cdc367a054c5002820e96aebef2b E(K,Y4)=5716ee92eff7c4b053d44c0294ea88cd X3=f70d61693ea7f53f08c866d6eedb1e4b X4=dc40bc9a181b35aed66488071ef282ae X5=85ffa424b87b35cac7be9c450f0d7aee X6=65233cbe5251f7d246bfc967a8678647 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=82567fb0b4cc371801eadec005968e94 C=d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b T=dcf566ff291c25bbb8568fc3d376a6d9 nss-3.35/nss/cmd/bltest/tests/aes_gcm/test12.txt0000644000000000000000000000055213230126417017664 0ustar 00000000000000test="Test Case 13" K=0000000000000000000000000000000000000000000000000000000000000000 P= IV=000000000000000000000000 H=dc95c078a2408989ad48a21492842087 Y0=00000000000000000000000000000001 E(K,Y0)=530f8afbc74536b9a963b4f1c4cb738b len(A)||len(C)=00000000000000000000000000000000 GHASH(H,A,C)=00000000000000000000000000000000 C= T=530f8afbc74536b9a963b4f1c4cb738b nss-3.35/nss/cmd/bltest/tests/aes_gcm/test13.txt0000644000000000000000000000103313230126417017660 0ustar 00000000000000test="Test Case 14" K=0000000000000000000000000000000000000000000000000000000000000000 P=00000000000000000000000000000000 IV=000000000000000000000000 H=dc95c078a2408989ad48a21492842087 Y0=00000000000000000000000000000001 E(K,Y0)=530f8afbc74536b9a963b4f1c4cb738b Y1=00000000000000000000000000000002 E(K,Y1)=cea7403d4d606b6e074ec5d3baf39d18 X1=fd6ab7586e556dba06d69cfe6223b262 len(A)||len(C)=00000000000000000000000000000080 GHASH(H,A,C)=83de425c5edc5d498f382c441041ca92 C=cea7403d4d606b6e074ec5d3baf39d18 T=d0d1c8a799996bf0265b98b5d48ab919 nss-3.35/nss/cmd/bltest/tests/aes_gcm/test14.txt0000644000000000000000000000205613230126417017667 0ustar 00000000000000test="Test Case 15" K=feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 IV=cafebabefacedbaddecaf888 H=acbef20579b4b8ebce889bac8732dad7 Y0=cafebabefacedbaddecaf88800000001 E(K,Y0)=fd2caa16a5832e76aa132c1453eeda7e Y1=cafebabefacedbaddecaf88800000002 E(K,Y1)=8b1cf3d561d27be251263e66857164e7 Y2=cafebabefacedbaddecaf88800000003 E(K,Y2)=e29d258faad137135bd49280af645bd8 Y3=cafebabefacedbaddecaf88800000004 E(K,Y3)=908c82ddcc65b26e887f85341f243d1d Y4=cafebabefacedbaddecaf88800000005 E(K,Y4)=749cf39639b79c5d06aa8d5b932fc7f8 X1=fcbefb78635d598eddaf982310670f35 X2=29de812309d3116a6eff7ec844484f3e X3=45fad9deeda9ea561b8f199c3613845b X4=ed95f8e164bf3213febc740f0bd9c6af len(A)||len(C)=00000000000000000000000000000200 GHASH(H,A,C)=4db870d37cb75fcb46097c36230d1612 C=522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad T=b094dac5d93471bdec1a502270e3cc6c nss-3.35/nss/cmd/bltest/tests/aes_gcm/test15.txt0000644000000000000000000000222113230126417017662 0ustar 00000000000000test="Test Case 16" K=feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=cafebabefacedbaddecaf888 H=acbef20579b4b8ebce889bac8732dad7 Y0=cafebabefacedbaddecaf88800000001 E(K,Y0)=fd2caa16a5832e76aa132c1453eeda7e X1=5165d242c2592c0a6375e2622cf925d2 X2=8efa30ce83298b85fe71abefc0cdd01d Y1=cafebabefacedbaddecaf88800000002 E(K,Y1)=8b1cf3d561d27be251263e66857164e7 Y2=cafebabefacedbaddecaf88800000003 E(K,Y2)=e29d258faad137135bd49280af645bd8 Y3=cafebabefacedbaddecaf88800000004 E(K,Y3)=908c82ddcc65b26e887f85341f243d1d Y4=cafebabefacedbaddecaf88800000005 E(K,Y4)=749cf39639b79c5d06aa8d5b932fc7f8 X3=abe07e0bb62354177480b550f9f6cdcc X4=3978e4f141b95f3b4699756b1c3c2082 X5=8abf3c48901debe76837d8a05c7d6e87 X6=9249beaf520c48b912fa120bbf391dc8 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=8bd0c4d8aacd391e67cca447e8c38f65 C=522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662 T=76fc6ece0f4e1768cddf8853bb2d551b nss-3.35/nss/cmd/bltest/tests/aes_gcm/test16.txt0000644000000000000000000000233713230126417017673 0ustar 00000000000000test="Test Case 17" K=feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=cafebabefacedbad H=acbef20579b4b8ebce889bac8732dad7 N1=90c22e3d2aca34b971e8bd09708fae5c len({})||len(IV)=00000000000000000000000000000040 Y0=0095df49dd90abe3e4d252475748f5d4 E(K,Y0)=4f903f37fe611d454217fbfa5cd7d791 X1=5165d242c2592c0a6375e2622cf925d2 X2=8efa30ce83298b85fe71abefc0cdd01d Y1=0095df49dd90abe3e4d252475748f5d5 E(K,Y1)=1a471fd432fc7bd70b1ec8fe5e6d6251 Y2=0095df49dd90abe3e4d252475748f5d6 E(K,Y2)=29bd481e1ea39d20eb63c7ea118b1792 Y3=0095df49dd90abe3e4d252475748f5d7 E(K,Y3)=e2898e46ac5cada3ba83cc1272618a5d Y4=0095df49dd90abe3e4d252475748f5d8 E(K,Y4)=d3c6aefbcea602ce4e1fe026065447bf X3=55e1ff68f9249e64b95223858e5cb936 X4=cef1c034383dc96f733aaa4c99bd3e61 X5=68588d004fd468f5854515039b08165d X6=2378943c034697f72a80fce5059bf3f3 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=75a34288b8c68f811c52b2e9a2f97f63 C=c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f T=3a337dbf46a792c45e454913fe2ea8f2 nss-3.35/nss/cmd/bltest/tests/aes_gcm/test17.txt0000644000000000000000000000266313230126417017676 0ustar 00000000000000test="Test Case 18" K=feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b H=acbef20579b4b8ebce889bac8732dad7 N1=0bfe66e2032f195516379f5fb710f987 N2=f0631554d11409915feec8f9f5102aba N3=749b90dda19a1557fd9e9fd31fed1d14 N4=7a6a833f260d848793b327cb07d1b190 len({})||len(IV)=000000000000000000000000000001e0 Y0=0cd953e2140a5976079f8e2406bc8eb4 E(K,Y0)=71b54d092bb0c3d9ba94538d4096e691 X1=5165d242c2592c0a6375e2622cf925d2 X2=8efa30ce83298b85fe71abefc0cdd01d Y1=0cd953e2140a5976079f8e2406bc8eb5 E(K,Y1)=83bcdd0af41a551452047196ca6b0cba Y2=0cd953e2140a5976079f8e2406bc8eb6 E(K,Y2)=68151b79baea93c38e149b72e545e186 Y3=0cd953e2140a5976079f8e2406bc8eb7 E(K,Y3)=13fccf22159a4d16026ce5d58c7e99fb Y4=0cd953e2140a5976079f8e2406bc8eb8 E(K,Y4)=132b64628a031e79fecd050675a64f07 X3=e963941cfa8c417bdaa3b3d94ab4e905 X4=2178d7f836e5fa105ce0fdf0fc8f0654 X5=bac14eeba3216f966b3e7e011475b832 X6=cc9ae9175729a649936e890bd971a8bf len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=d5ffcf6fc5ac4d69722187421a7f170b C=5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f T=a44a8266ee1c8eb0c8b5d4cf5ae9f19a nss-3.35/nss/cmd/bltest/tests/aes_gcm/test2.txt0000644000000000000000000000201513230126417017577 0ustar 00000000000000test="Test Case 3" K=feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 IV=cafebabefacedbaddecaf888 H=b83b533708bf535d0aa6e52980d53b78 Y0=cafebabefacedbaddecaf88800000001 E(K,Y0)=3247184b3c4f69a44dbcd22887bbb418 Y1=cafebabefacedbaddecaf88800000002 E(K,Y1)=9bb22ce7d9f372c1ee2b28722b25f206 Y2=cafebabefacedbaddecaf88800000003 E(K,Y2)=650d887c3936533a1b8d4e1ea39d2b5c Y3=cafebabefacedbaddecaf88800000004 E(K,Y3)=3de91827c10e9a4f5240647ee5221f20 Y4=cafebabefacedbaddecaf88800000005 E(K,Y4)=aac9e6ccc0074ac0873b9ba85d908bd0 X1=59ed3f2bb1a0aaa07c9f56c6a504647b X2=b714c9048389afd9f9bc5c1d4378e052 X3=47400c6577b1ee8d8f40b2721e86ff10 X4=4796cf49464704b5dd91f159bb1b7f95 len(A)||len(C)=00000000000000000000000000000200 GHASH(H,A,C)=7f1b32b81b820d02614f8895ac1d4eac C=42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985 T=4d5c2af327cd64a62cf35abd2ba6fab4 nss-3.35/nss/cmd/bltest/tests/aes_gcm/test3.txt0000644000000000000000000000216013230126417017601 0ustar 00000000000000test="Test Case 4" K=feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=cafebabefacedbaddecaf888 H=b83b533708bf535d0aa6e52980d53b78 Y0=cafebabefacedbaddecaf88800000001 E(K,Y0)=3247184b3c4f69a44dbcd22887bbb418 X1=ed56aaf8a72d67049fdb9228edba1322 X2=cd47221ccef0554ee4bb044c88150352 Y1=cafebabefacedbaddecaf88800000002 E(K,Y1)=9bb22ce7d9f372c1ee2b28722b25f206 Y2=cafebabefacedbaddecaf88800000003 E(K,Y2)=650d887c3936533a1b8d4e1ea39d2b5c Y3=cafebabefacedbaddecaf88800000004 E(K,Y3)=3de91827c10e9a4f5240647ee5221f20 Y4=cafebabefacedbaddecaf88800000005 E(K,Y4)=aac9e6ccc0074ac0873b9ba85d908bd0 X3=54f5e1b2b5a8f9525c23924751a3ca51 X4=324f585c6ffc1359ab371565d6c45f93 X5=ca7dd446af4aa70cc3c0cd5abba6aa1c X6=1590df9b2eb6768289e57d56274c8570 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=698e57f70e6ecc7fd9463b7260a9ae5f C=42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091 T=5bc94fbc3221a5db94fae95ae7121a47 nss-3.35/nss/cmd/bltest/tests/aes_gcm/test4.txt0000644000000000000000000000227513230126417017611 0ustar 00000000000000test="Test Case 5" K=feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=cafebabefacedbad H=b83b533708bf535d0aa6e52980d53b78 N1=6f288b846e5fed9a18376829c86a6a16 len({})||len(C)=00000000000000000000000000000040 Y0=c43a83c4c4badec4354ca984db252f7d E(K,Y0)=e94ab9535c72bea9e089c93d48e62fb0 X1=ed56aaf8a72d67049fdb9228edba1322 X2=cd47221ccef0554ee4bb044c88150352 Y1=c43a83c4c4badec4354ca984db252f7e E(K,Y1)=b8040969d08295afd226fcda0ddf61cf Y2=c43a83c4c4badec4354ca984db252f7f E(K,Y2)=ef3c83225af93122192ad5c4f15dfe51 Y3=c43a83c4c4badec4354ca984db252f80 E(K,Y3)=6fbc659571f72de104c67b609d2fde67 Y4=c43a83c4c4badec4354ca984db252f81 E(K,Y4)=f8e3581441a1e950785c3ea1430c6fa6 X3=9379e2feae14649c86cf2250e3a81916 X4=65dde904c92a6b3db877c4817b50a5f4 X5=48c53cf863b49a1b0bbfc48c3baaa89d X6=08c873f1c8cec3effc209a07468caab1 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=df586bb4c249b92cb6922877e444d37b C=61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598 T=3612d2e79e3b0785561be14aaca2fccb nss-3.35/nss/cmd/bltest/tests/aes_gcm/test5.txt0000644000000000000000000000261213230126417017605 0ustar 00000000000000test="Test Case 6" K=feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b H=b83b533708bf535d0aa6e52980d53b78 N1=004d6599d7fb1634756e1e299d81630f N2=88ffe8a3c8033df4b54d732f7f88408e N3=24e694cfab657beabba8055aad495e23 N4=d8349a5eda24943c8fbb2ef5168b20cb len({})||len(IV)=000000000000000000000000000001e0 Y0=3bab75780a31c059f83d2a44752f9864 7dc63b399f2d98d57ab073b6baa4138e X1=ed56aaf8a72d67049fdb9228edba1322 X2=cd47221ccef0554ee4bb044c88150352 Y1=3bab75780a31c059f83d2a44752f9865 E(K,Y1)=55d37bbd9ad21353a6f93a690eca9e0e Y2=3bab75780a31c059f83d2a44752f9866 E(K,Y2)=3836bbf6d696e672946a1a01404fa6d5 Y3=3bab75780a31c059f83d2a44752f9867 E(K,Y3)=1dd8a5316ecc35c3e313bca59d2ac94a Y4=3bab75780a31c059f83d2a44752f9868 E(K,Y4)=6742982706a9f154f657d5dc94b746db X3=31727669c63c6f078b5d22adbbbca384 X4=480c00db2679065a7ed2f771a53acacd X5=1c1ae3c355e2214466a9923d2ba6ab35 X6=0694c6f16bb0275a48891d06590344b0 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=1c5afe9760d3932f3c9a878aac3dc3de C=8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5 T=619cc5aefffe0bfa462af43c1699d050 nss-3.35/nss/cmd/bltest/tests/aes_gcm/test6.txt0000644000000000000000000000053113230126417017604 0ustar 00000000000000test="Test Case 7" K=000000000000000000000000000000000000000000000000 P= IV=000000000000000000000000 H=aae06992acbf52a3e8f4a96ec9300bd7 Y0=00000000000000000000000000000001 E(K,Y0)=cd33b28ac773f74ba00ed1f312572435 len(A)||len(C)=00000000000000000000000000000000 GHASH(H,A,C)=00000000000000000000000000000000 C= T=cd33b28ac773f74ba00ed1f312572435 nss-3.35/nss/cmd/bltest/tests/aes_gcm/test7.txt0000644000000000000000000000101213230126417017600 0ustar 00000000000000test="Test Case 8" K=000000000000000000000000000000000000000000000000 P=00000000000000000000000000000000 IV=000000000000000000000000 H=aae06992acbf52a3e8f4a96ec9300bd7 Y0=00000000000000000000000000000001 E(K,Y0)=cd33b28ac773f74ba00ed1f312572435 Y1=00000000000000000000000000000002 E(K,Y1)=98e7247c07f0fe411c267e4384b0f600 X1=90e87315fb7d4e1b4092ec0cbfda5d7d len(A)||len(C)=00000000000000000000000000000080 GHASH(H,A,C)=e2c63f0ac44ad0e02efa05ab6743d4ce C=98e7247c07f0fe411c267e4384b0f600 T=2ff58d80033927ab8ef4d4587514f0fb nss-3.35/nss/cmd/bltest/tests/aes_gcm/test8.txt0000644000000000000000000000203513230126417017607 0ustar 00000000000000test="Test Case 9" K=feffe9928665731c6d6a8f9467308308feffe9928665731c P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 IV=cafebabefacedbaddecaf888 H=466923ec9ae682214f2c082badb39249 Y0=cafebabefacedbaddecaf88800000001 E(K,Y0)=c835aa88aebbc94f5a02e179fdcfc3e4 Y1=cafebabefacedbaddecaf88800000002 E(K,Y1)=e0b1f82ec484eea44e5ff30128df01cd Y2=cafebabefacedbaddecaf88800000003 E(K,Y2)=0339b5b9b3db2e5e4cc9a38986906bee Y3=cafebabefacedbaddecaf88800000004 E(K,Y3)=614b3195542ccc7683ae933c81ec8a62 Y4=cafebabefacedbaddecaf88800000005 E(K,Y4)=a988a97e85eec28e76b95c29b6023003 X1=dddca3f91c17821ffac4a6d0fed176f7 X2=a4e84ac60e2730f4a7e0e1eef708b198 X3=e67592048dd7153973a0dbbb8804bee2 X4=503e86628536625fb746ce3cecea433f len(A)||len(C)=00000000000000000000000000000200 GHASH(H,A,C)=51110d40f6c8fff0eb1ae33445a889f0 C=3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256 T=9924a7c8587336bfb118024db8674a14 nss-3.35/nss/cmd/bltest/tests/aes_gcm/test9.txt0000644000000000000000000000220113230126417017603 0ustar 00000000000000test="Test Case 10" K=feffe9928665731c6d6a8f9467308308feffe9928665731c P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=cafebabefacedbaddecaf888 H=466923ec9ae682214f2c082badb39249 Y0=cafebabefacedbaddecaf88800000001 E(K,Y0)=c835aa88aebbc94f5a02e179fdcfc3e4 X1=f3bf7ba3e305aeb05ed0d2e4fe076666 X2=20a51fa2302e9c01b87c48f2c3d91a56 Y1=cafebabefacedbaddecaf88800000002 E(K,Y1)=e0b1f82ec484eea44e5ff30128df01cd Y2=cafebabefacedbaddecaf88800000003 E(K,Y2)=0339b5b9b3db2e5e4cc9a38986906bee Y3=cafebabefacedbaddecaf88800000004 E(K,Y3)=614b3195542ccc7683ae933c81ec8a62 Y4=cafebabefacedbaddecaf88800000005 E(K,Y4)=a988a97e85eec28e76b95c29b6023003 X3=714f9700ddf520f20695f6180c6e669d X4=e858680b7b240d2ecf7e06bbad4524e2 X5=3f4865abd6bb3fb9f5c4a816f0a9b778 X6=4256f67fe87b4f49422ba11af857c973 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=ed2ce3062e4a8ec06db8b4c490e8a268 C=3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710 T=2519498e80f1478f37ba55bd6d27618c nss-3.35/nss/cmd/bltest/tests/aes_gcm/test_source.txt0000644000000000000000000004343513230126417021110 0ustar 00000000000000# AppendixB AES Test Vectors # From "The Galois/Counter Mode of Operation (GCM)", David A McGree & John Viega, # http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-spec.pdf # # This appendix contains test cases for AES GCM, with AES key sizes of 128, 192, and 256 bits. These # cases use the same notation as in Equations 1 and 2, with the exception that Ni is used in place of # Xi when GHASH is used to compute Y0 , in order to distinguish that case from the later invocation # of GHASH. All values are in hexadecimal, and a zero-length variable is indicated by the absence # of any hex digits. Each line consists of 128 bits of data, and variables whose lengths exceed that # value are continued on successive lines. The leftmost hex digit corresponds to the leftmost four # bits of the variable. For example, the lowest 128 bits of the field polynomial are represented as # e100000000000000000000000000000000. # test="Test Case 1" K=00000000000000000000000000000000 P= IV=000000000000000000000000 H=66e94bd4ef8a2c3b884cfa59ca342b2e Y0=00000000000000000000000000000001 E(K,Y0)=58e2fccefa7e3061367f1d57a4e7455a len(A)||len(C)=00000000000000000000000000000000 GHASH(H,A,C)=00000000000000000000000000000000 C= T=58e2fccefa7e3061367f1d57a4e7455a test="Test Case 2" K=00000000000000000000000000000000 P=00000000000000000000000000000000 IV=000000000000000000000000 H=66e94bd4ef8a2c3b884cfa59ca342b2e Y0=00000000000000000000000000000001 E(K,Y0)=58e2fccefa7e3061367f1d57a4e7455a Y1=00000000000000000000000000000002 E(K,Y1)=0388dace60b6a392f328c2b971b2fe78 X1 5e2ec746917062882c85b0685353deb7 len(A)||len(C)=00000000000000000000000000000080 GHASH(H,A,C)=f38cbb1ad69223dcc3457ae5b6b0f885 C=0388dace60b6a392f328c2b971b2fe78 T=ab6e47d42cec13bdf53a67b21257bddf test="Test Case 3" K=feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 IV=cafebabefacedbaddecaf888 H=b83b533708bf535d0aa6e52980d53b78 Y0=cafebabefacedbaddecaf88800000001 E(K,Y0)=3247184b3c4f69a44dbcd22887bbb418 Y1=cafebabefacedbaddecaf88800000002 E(K,Y1)=9bb22ce7d9f372c1ee2b28722b25f206 Y2=cafebabefacedbaddecaf88800000003 E(K,Y2)=650d887c3936533a1b8d4e1ea39d2b5c Y3=cafebabefacedbaddecaf88800000004 E(K,Y3)=3de91827c10e9a4f5240647ee5221f20 Y4=cafebabefacedbaddecaf88800000005 E(K,Y4)=aac9e6ccc0074ac0873b9ba85d908bd0 X1=59ed3f2bb1a0aaa07c9f56c6a504647b X2=b714c9048389afd9f9bc5c1d4378e052 X3=47400c6577b1ee8d8f40b2721e86ff10 X4=4796cf49464704b5dd91f159bb1b7f95 len(A)||len(C)=00000000000000000000000000000200 GHASH(H,A,C)=7f1b32b81b820d02614f8895ac1d4eac C=42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985 T=4d5c2af327cd64a62cf35abd2ba6fab4 test="Test Case 4" K=feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=cafebabefacedbaddecaf888 H=b83b533708bf535d0aa6e52980d53b78 Y0=cafebabefacedbaddecaf88800000001 E(K,Y0)=3247184b3c4f69a44dbcd22887bbb418 X1=ed56aaf8a72d67049fdb9228edba1322 X2=cd47221ccef0554ee4bb044c88150352 Y1=cafebabefacedbaddecaf88800000002 E(K,Y1)=9bb22ce7d9f372c1ee2b28722b25f206 Y2=cafebabefacedbaddecaf88800000003 E(K,Y2)=650d887c3936533a1b8d4e1ea39d2b5c Y3=cafebabefacedbaddecaf88800000004 E(K,Y3)=3de91827c10e9a4f5240647ee5221f20 Y4=cafebabefacedbaddecaf88800000005 E(K,Y4)=aac9e6ccc0074ac0873b9ba85d908bd0 X3=54f5e1b2b5a8f9525c23924751a3ca51 X4=324f585c6ffc1359ab371565d6c45f93 X5=ca7dd446af4aa70cc3c0cd5abba6aa1c X6=1590df9b2eb6768289e57d56274c8570 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=698e57f70e6ecc7fd9463b7260a9ae5f C=42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091 T=5bc94fbc3221a5db94fae95ae7121a47 test="Test Case 5" K=feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=cafebabefacedbad H=b83b533708bf535d0aa6e52980d53b78 N1=6f288b846e5fed9a18376829c86a6a16 len({})||len(C)=00000000000000000000000000000040 Y0=c43a83c4c4badec4354ca984db252f7d E(K,Y0)=e94ab9535c72bea9e089c93d48e62fb0 X1=ed56aaf8a72d67049fdb9228edba1322 X2=cd47221ccef0554ee4bb044c88150352 Y1=c43a83c4c4badec4354ca984db252f7e E(K,Y1)=b8040969d08295afd226fcda0ddf61cf Y2=c43a83c4c4badec4354ca984db252f7f E(K,Y2)=ef3c83225af93122192ad5c4f15dfe51 Y3=c43a83c4c4badec4354ca984db252f80 E(K,Y3)=6fbc659571f72de104c67b609d2fde67 Y4=c43a83c4c4badec4354ca984db252f81 E(K,Y4)=f8e3581441a1e950785c3ea1430c6fa6 X3=9379e2feae14649c86cf2250e3a81916 X4=65dde904c92a6b3db877c4817b50a5f4 X5=48c53cf863b49a1b0bbfc48c3baaa89d X6=08c873f1c8cec3effc209a07468caab1 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=df586bb4c249b92cb6922877e444d37b C=61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598 T=3612d2e79e3b0785561be14aaca2fccb test="Test Case 6" K=feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b H=b83b533708bf535d0aa6e52980d53b78 N1=004d6599d7fb1634756e1e299d81630f N2=88ffe8a3c8033df4b54d732f7f88408e N3=24e694cfab657beabba8055aad495e23 N4=d8349a5eda24943c8fbb2ef5168b20cb len({})||len(IV)=000000000000000000000000000001e0 Y0=3bab75780a31c059f83d2a44752f9864 7dc63b399f2d98d57ab073b6baa4138e X1=ed56aaf8a72d67049fdb9228edba1322 X2=cd47221ccef0554ee4bb044c88150352 Y1=3bab75780a31c059f83d2a44752f9865 E(K,Y1)=55d37bbd9ad21353a6f93a690eca9e0e Y2=3bab75780a31c059f83d2a44752f9866 E(K,Y2)=3836bbf6d696e672946a1a01404fa6d5 Y3=3bab75780a31c059f83d2a44752f9867 E(K,Y3)=1dd8a5316ecc35c3e313bca59d2ac94a Y4=3bab75780a31c059f83d2a44752f9868 E(K,Y4)=6742982706a9f154f657d5dc94b746db X3=31727669c63c6f078b5d22adbbbca384 X4=480c00db2679065a7ed2f771a53acacd X5=1c1ae3c355e2214466a9923d2ba6ab35 X6=0694c6f16bb0275a48891d06590344b0 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=1c5afe9760d3932f3c9a878aac3dc3de C=8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5 T=619cc5aefffe0bfa462af43c1699d050 test="Test Case 7" K=000000000000000000000000000000000000000000000000 P= IV=000000000000000000000000 H=aae06992acbf52a3e8f4a96ec9300bd7 Y0=00000000000000000000000000000001 E(K,Y0)=cd33b28ac773f74ba00ed1f312572435 len(A)||len(C)=00000000000000000000000000000000 GHASH(H,A,C)=00000000000000000000000000000000 C= T=cd33b28ac773f74ba00ed1f312572435 test="Test Case 8" K=000000000000000000000000000000000000000000000000 P=00000000000000000000000000000000 IV=000000000000000000000000 H=aae06992acbf52a3e8f4a96ec9300bd7 Y0=00000000000000000000000000000001 E(K,Y0)=cd33b28ac773f74ba00ed1f312572435 Y1=00000000000000000000000000000002 E(K,Y1)=98e7247c07f0fe411c267e4384b0f600 X1=90e87315fb7d4e1b4092ec0cbfda5d7d len(A)||len(C)=00000000000000000000000000000080 GHASH(H,A,C)=e2c63f0ac44ad0e02efa05ab6743d4ce C=98e7247c07f0fe411c267e4384b0f600 T=2ff58d80033927ab8ef4d4587514f0fb test="Test Case 9" K=feffe9928665731c6d6a8f9467308308feffe9928665731c P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 IV=cafebabefacedbaddecaf888 H=466923ec9ae682214f2c082badb39249 Y0=cafebabefacedbaddecaf88800000001 E(K,Y0)=c835aa88aebbc94f5a02e179fdcfc3e4 Y1=cafebabefacedbaddecaf88800000002 E(K,Y1)=e0b1f82ec484eea44e5ff30128df01cd Y2=cafebabefacedbaddecaf88800000003 E(K,Y2)=0339b5b9b3db2e5e4cc9a38986906bee Y3=cafebabefacedbaddecaf88800000004 E(K,Y3)=614b3195542ccc7683ae933c81ec8a62 Y4=cafebabefacedbaddecaf88800000005 E(K,Y4)=a988a97e85eec28e76b95c29b6023003 X1=dddca3f91c17821ffac4a6d0fed176f7 X2=a4e84ac60e2730f4a7e0e1eef708b198 X3=e67592048dd7153973a0dbbb8804bee2 X4=503e86628536625fb746ce3cecea433f len(A)||len(C)=00000000000000000000000000000200 GHASH(H,A,C)=51110d40f6c8fff0eb1ae33445a889f0 C=3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256 T=9924a7c8587336bfb118024db8674a14 test="Test Case 10" K=feffe9928665731c6d6a8f9467308308feffe9928665731c P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=cafebabefacedbaddecaf888 H=466923ec9ae682214f2c082badb39249 Y0=cafebabefacedbaddecaf88800000001 E(K,Y0)=c835aa88aebbc94f5a02e179fdcfc3e4 X1=f3bf7ba3e305aeb05ed0d2e4fe076666 X2=20a51fa2302e9c01b87c48f2c3d91a56 Y1=cafebabefacedbaddecaf88800000002 E(K,Y1)=e0b1f82ec484eea44e5ff30128df01cd Y2=cafebabefacedbaddecaf88800000003 E(K,Y2)=0339b5b9b3db2e5e4cc9a38986906bee Y3=cafebabefacedbaddecaf88800000004 E(K,Y3)=614b3195542ccc7683ae933c81ec8a62 Y4=cafebabefacedbaddecaf88800000005 E(K,Y4)=a988a97e85eec28e76b95c29b6023003 X3=714f9700ddf520f20695f6180c6e669d X4=e858680b7b240d2ecf7e06bbad4524e2 X5=3f4865abd6bb3fb9f5c4a816f0a9b778 X6=4256f67fe87b4f49422ba11af857c973 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=ed2ce3062e4a8ec06db8b4c490e8a268 C=3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710 T=2519498e80f1478f37ba55bd6d27618c test="Test Case 11" K=feffe9928665731c6d6a8f9467308308feffe9928665731c P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=cafebabefacedbad H=466923ec9ae682214f2c082badb39249 N1=9473c07b02544299cf007c42c5778218 len({})||len(IV)=00000000000000000000000000000040 Y0=a14378078d27258a6292737e1802ada5 E(K,Y0)=7bb6d647c902427ce7cf26563a337371 X1=f3bf7ba3e305aeb05ed0d2e4fe076666 X2=20a51fa2302e9c01b87c48f2c3d91a56 Y1=a14378078d27258a6292737e1802ada6 E(K,Y1)=d621c7bc5690a7b1487dbaab8ac76b22 Y2=a14378078d27258a6292737e1802ada7 E(K,Y2)=43c1ca7de78f4495ad0b18324e61fa25 Y3=a14378078d27258a6292737e1802ada8 E(K,Y3)=e1e0254a0f2f1626e9aa4ff09d7c64ec Y4=a14378078d27258a6292737e1802ada9 E(K,Y4)=5850f4502486a1681a9319ce7d0afa59 X3=8bdedafd6ee8e529689de3a269b8240d X4=6607feb377b49c9ecdbc696344fe22d8 X5=8a19570a06500ba9405fcece4a73fb48 X6=8532826e63ce4a5b89b70fa28f8070fe len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=1e6a133806607858ee80eaf237064089 C=0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7 T=65dcc57fcf623a24094fcca40d3533f8 test="Test Case 12" K=feffe9928665731c6d6a8f9467308308feffe9928665731c P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b H=466923ec9ae682214f2c082badb39249 N1=19aef0f04763b0c87903c5a217d5314f N2=62120253f79efc978625d1feb03b5b5b N3=b6ce2a84e366de900fa78a1653df77fb N4=374ecad90487f0bb261ba817447e022c len({})||len(IV)=000000000000000000000000000001e0 Y0=4505cdc367a054c5002820e96aebef27 E(K,Y0)=5ea3194f9dd012a3b9bc5103d6e0284d X1=f3bf7ba3e305aeb05ed0d2e4fe076666 X2=20a51fa2302e9c01b87c48f2c3d91a56 Y1=4505cdc367a054c5002820e96aebef28 E(K,Y1)=0b4fba4de46722d9ed691f9f2029df65 Y2=4505cdc367a054c5002820e96aebef29 E(K,Y2)=9b4e088bf380b03540bb87a5a257e437 Y3=4505cdc367a054c5002820e96aebef2a E(K,Y3)=9ddb9c873a5cd48acd3f397cd28f9896 Y4=4505cdc367a054c5002820e96aebef2b E(K,Y4)=5716ee92eff7c4b053d44c0294ea88cd X3=f70d61693ea7f53f08c866d6eedb1e4b X4=dc40bc9a181b35aed66488071ef282ae X5=85ffa424b87b35cac7be9c450f0d7aee X6=65233cbe5251f7d246bfc967a8678647 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=82567fb0b4cc371801eadec005968e94 C=d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b T=dcf566ff291c25bbb8568fc3d376a6d9 test="Test Case 13" K=0000000000000000000000000000000000000000000000000000000000000000 P= IV=000000000000000000000000 H=dc95c078a2408989ad48a21492842087 Y0=00000000000000000000000000000001 E(K,Y0)=530f8afbc74536b9a963b4f1c4cb738b len(A)||len(C)=00000000000000000000000000000000 GHASH(H,A,C)=00000000000000000000000000000000 C= T=530f8afbc74536b9a963b4f1c4cb738b test="Test Case 14" K=0000000000000000000000000000000000000000000000000000000000000000 P=00000000000000000000000000000000 IV=000000000000000000000000 H=dc95c078a2408989ad48a21492842087 Y0=00000000000000000000000000000001 E(K,Y0)=530f8afbc74536b9a963b4f1c4cb738b Y1=00000000000000000000000000000002 E(K,Y1)=cea7403d4d606b6e074ec5d3baf39d18 X1=fd6ab7586e556dba06d69cfe6223b262 len(A)||len(C)=00000000000000000000000000000080 GHASH(H,A,C)=83de425c5edc5d498f382c441041ca92 C=cea7403d4d606b6e074ec5d3baf39d18 T=d0d1c8a799996bf0265b98b5d48ab919 test="Test Case 15" K=feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 IV=cafebabefacedbaddecaf888 H=acbef20579b4b8ebce889bac8732dad7 Y0=cafebabefacedbaddecaf88800000001 E(K,Y0)=fd2caa16a5832e76aa132c1453eeda7e Y1=cafebabefacedbaddecaf88800000002 E(K,Y1)=8b1cf3d561d27be251263e66857164e7 Y2=cafebabefacedbaddecaf88800000003 E(K,Y2)=e29d258faad137135bd49280af645bd8 Y3=cafebabefacedbaddecaf88800000004 E(K,Y3)=908c82ddcc65b26e887f85341f243d1d Y4=cafebabefacedbaddecaf88800000005 E(K,Y4)=749cf39639b79c5d06aa8d5b932fc7f8 X1=fcbefb78635d598eddaf982310670f35 X2=29de812309d3116a6eff7ec844484f3e X3=45fad9deeda9ea561b8f199c3613845b X4=ed95f8e164bf3213febc740f0bd9c6af len(A)||len(C)=00000000000000000000000000000200 GHASH(H,A,C)=4db870d37cb75fcb46097c36230d1612 C=522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad T=b094dac5d93471bdec1a502270e3cc6c test="Test Case 16" K=feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=cafebabefacedbaddecaf888 H=acbef20579b4b8ebce889bac8732dad7 Y0=cafebabefacedbaddecaf88800000001 E(K,Y0)=fd2caa16a5832e76aa132c1453eeda7e X1=5165d242c2592c0a6375e2622cf925d2 X2=8efa30ce83298b85fe71abefc0cdd01d Y1=cafebabefacedbaddecaf88800000002 E(K,Y1)=8b1cf3d561d27be251263e66857164e7 Y2=cafebabefacedbaddecaf88800000003 E(K,Y2)=e29d258faad137135bd49280af645bd8 Y3=cafebabefacedbaddecaf88800000004 E(K,Y3)=908c82ddcc65b26e887f85341f243d1d Y4=cafebabefacedbaddecaf88800000005 E(K,Y4)=749cf39639b79c5d06aa8d5b932fc7f8 X3=abe07e0bb62354177480b550f9f6cdcc X4=3978e4f141b95f3b4699756b1c3c2082 X5=8abf3c48901debe76837d8a05c7d6e87 X6=9249beaf520c48b912fa120bbf391dc8 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=8bd0c4d8aacd391e67cca447e8c38f65 C=522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662 T=76fc6ece0f4e1768cddf8853bb2d551b test="Test Case 17" K=feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=cafebabefacedbad H=acbef20579b4b8ebce889bac8732dad7 N1=90c22e3d2aca34b971e8bd09708fae5c len({})||len(IV)=00000000000000000000000000000040 Y0=0095df49dd90abe3e4d252475748f5d4 E(K,Y0)=4f903f37fe611d454217fbfa5cd7d791 X1=5165d242c2592c0a6375e2622cf925d2 X2=8efa30ce83298b85fe71abefc0cdd01d Y1=0095df49dd90abe3e4d252475748f5d5 E(K,Y1)=1a471fd432fc7bd70b1ec8fe5e6d6251 Y2=0095df49dd90abe3e4d252475748f5d6 E(K,Y2)=29bd481e1ea39d20eb63c7ea118b1792 Y3=0095df49dd90abe3e4d252475748f5d7 E(K,Y3)=e2898e46ac5cada3ba83cc1272618a5d Y4=0095df49dd90abe3e4d252475748f5d8 E(K,Y4)=d3c6aefbcea602ce4e1fe026065447bf X3=55e1ff68f9249e64b95223858e5cb936 X4=cef1c034383dc96f733aaa4c99bd3e61 X5=68588d004fd468f5854515039b08165d X6=2378943c034697f72a80fce5059bf3f3 len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=75a34288b8c68f811c52b2e9a2f97f63 C=c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f T=3a337dbf46a792c45e454913fe2ea8f2 test="Test Case 18" K=feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 P=d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 A=feedfacedeadbeeffeedfacedeadbeefabaddad2 IV=9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b H=acbef20579b4b8ebce889bac8732dad7 N1=0bfe66e2032f195516379f5fb710f987 N2=f0631554d11409915feec8f9f5102aba N3=749b90dda19a1557fd9e9fd31fed1d14 N4=7a6a833f260d848793b327cb07d1b190 len({})||len(IV)=000000000000000000000000000001e0 Y0=0cd953e2140a5976079f8e2406bc8eb4 E(K,Y0)=71b54d092bb0c3d9ba94538d4096e691 X1=5165d242c2592c0a6375e2622cf925d2 X2=8efa30ce83298b85fe71abefc0cdd01d Y1=0cd953e2140a5976079f8e2406bc8eb5 E(K,Y1)=83bcdd0af41a551452047196ca6b0cba Y2=0cd953e2140a5976079f8e2406bc8eb6 E(K,Y2)=68151b79baea93c38e149b72e545e186 Y3=0cd953e2140a5976079f8e2406bc8eb7 E(K,Y3)=13fccf22159a4d16026ce5d58c7e99fb Y4=0cd953e2140a5976079f8e2406bc8eb8 E(K,Y4)=132b64628a031e79fecd050675a64f07 X3=e963941cfa8c417bdaa3b3d94ab4e905 X4=2178d7f836e5fa105ce0fdf0fc8f0654 X5=bac14eeba3216f966b3e7e011475b832 X6=cc9ae9175729a649936e890bd971a8bf len(A)||len(C)=00000000000000a000000000000001e0 GHASH(H,A,C)=d5ffcf6fc5ac4d69722187421a7f170b C=5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f T=a44a8266ee1c8eb0c8b5d4cf5ae9f19a nss-3.35/nss/cmd/bltest/tests/camellia_cbc/ciphertext00000644000000000000000000000003213230126417021134 0ustar 00000000000000taydfPlRJe3wf8Td0xJ9Tw== nss-3.35/nss/cmd/bltest/tests/camellia_cbc/ciphertext10000644000000000000000000000003213230126417021135 0ustar 00000000000000yoYCZwKnUMcS4ADHxnwObA== nss-3.35/nss/cmd/bltest/tests/camellia_cbc/ciphertext20000644000000000000000000000003213230126417021136 0ustar 00000000000000T+Wn4cs1Sbqrh/XtNd4vzQ== nss-3.35/nss/cmd/bltest/tests/camellia_cbc/iv00000644000000000000000000000002113230126417017371 0ustar 00000000000000qwertyuiopasdfgh nss-3.35/nss/cmd/bltest/tests/camellia_cbc/key00000644000000000000000000000002113230126417017543 0ustar 00000000000000fedcba9876543210 nss-3.35/nss/cmd/bltest/tests/camellia_cbc/key10000644000000000000000000000003113230126417017545 0ustar 00000000000000fedcba9876543210fedcba98 nss-3.35/nss/cmd/bltest/tests/camellia_cbc/key20000644000000000000000000000004113230126417017547 0ustar 00000000000000fedcba9876543210fedcba9876543210 nss-3.35/nss/cmd/bltest/tests/camellia_cbc/numtests0000644000000000000000000000000213230126417020554 0ustar 000000000000003 nss-3.35/nss/cmd/bltest/tests/camellia_cbc/plaintext00000644000000000000000000000002113230126417020763 0ustar 000000000000000123456789abcdef nss-3.35/nss/cmd/bltest/tests/camellia_ecb/ciphertext00000644000000000000000000000003213230126417021136 0ustar 000000000000006v0CGxSwow3AhsyhunfdbQ== nss-3.35/nss/cmd/bltest/tests/camellia_ecb/ciphertext10000644000000000000000000000003213230126417021137 0ustar 00000000000000Nf1GwJiBtZT+VPJp+gBhPA== nss-3.35/nss/cmd/bltest/tests/camellia_ecb/ciphertext20000644000000000000000000000003213230126417021140 0ustar 00000000000000ilB/0K3SI86Oecwh7cruGA== nss-3.35/nss/cmd/bltest/tests/camellia_ecb/key00000644000000000000000000000002113230126417017545 0ustar 00000000000000fedcba9876543210 nss-3.35/nss/cmd/bltest/tests/camellia_ecb/key10000644000000000000000000000003113230126417017547 0ustar 00000000000000fedcba9876543210fedcba98 nss-3.35/nss/cmd/bltest/tests/camellia_ecb/key20000644000000000000000000000004113230126417017551 0ustar 00000000000000fedcba9876543210fedcba9876543210 nss-3.35/nss/cmd/bltest/tests/camellia_ecb/numtests0000644000000000000000000000000213230126417020556 0ustar 000000000000003 nss-3.35/nss/cmd/bltest/tests/camellia_ecb/plaintext00000644000000000000000000000002113230126417020765 0ustar 000000000000000123456789abcdef nss-3.35/nss/cmd/bltest/tests/chacha20_poly1305/aad00000644000000000000000000000001413230126417020051 0ustar 00000000000000PQRSnss-3.35/nss/cmd/bltest/tests/chacha20_poly1305/aad10000644000000000000000000000001413230126417020052 0ustar 000000000000003Nnss-3.35/nss/cmd/bltest/tests/chacha20_poly1305/ciphertext00000644000000000000000000000026113230126417021507 0ustar 000000000000000xqNNGSOYNt7hq+8U+9+wqSt7VEpbgj+qeK1pzbuYtY9vqRejKlnEoL6+2naknKLGnHeCp4GCykF1qW2fs07NpLdvX8td4uMmAOu4ygJG1j6syTk+tZ1lFWFgItIMde8P/Te8I5Lep3ldtJlhs7GS2EWGuELWU8J4mp+kC7L0GAGkQ== nss-3.35/nss/cmd/bltest/tests/chacha20_poly1305/ciphertext10000644000000000000000000000057113230126417021514 0ustar 00000000000000ZKCGFXWGGvRg8GLHm+ZDvV6AXP00XPOJ8QhnCsdsjLJMbPwYdV1D7qCe6U44LSawvbe3PDIbAQDU8Dt/NViUzzMvgw5xC5fOmMioSr0LlIEUrRduAI0zvWD5grH/N8hVl5egbvTw72HBhjJOKzUGODYGkHtqfAKw+fYVe1PIZ+S5Fmx2e4BNRqWbUhbN56TpkEDFpAQzIl7igqGwoGxSPq9FNNf4P6EVWwBHcYy8VGoNBysEs1ZO6htCInP1SCcaC7IxYFP6dpkZVevWMVlDTs67TkZtrloQc6ZydicJehBJ5hfZHTYQlPpo8P93mHEwMFvqui7aBN+Ze3FNbG8sKaatXLQCKwJwm+6tnWeJDLsiOSM2/qGFHzg= nss-3.35/nss/cmd/bltest/tests/chacha20_poly1305/iv00000644000000000000000000000001413230126417017742 0ustar 00000000000000@ABCDEFGnss-3.35/nss/cmd/bltest/tests/chacha20_poly1305/iv10000644000000000000000000000001413230126417017743 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/chacha20_poly1305/key00000644000000000000000000000004013230126417020113 0ustar 00000000000000nss-3.35/nss/cmd/bltest/tests/chacha20_poly1305/key10000644000000000000000000000004013230126417020114 0ustar 00000000000000@Uӊ3G9@+ \ punss-3.35/nss/cmd/bltest/tests/chacha20_poly1305/numtests0000644000000000000000000000000213230126417021123 0ustar 000000000000002 nss-3.35/nss/cmd/bltest/tests/chacha20_poly1305/plaintext00000644000000000000000000000016213230126417021340 0ustar 00000000000000Ladies and Gentlemen of the class of '99: If I could offer you only one tip for the future, sunscreen would be it.nss-3.35/nss/cmd/bltest/tests/chacha20_poly1305/plaintext10000644000000000000000000000041113230126417021336 0ustar 00000000000000Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as /“work in progress./”nss-3.35/nss/cmd/bltest/tests/des3_cbc/ciphertext00000644000000000000000000000001513230126417020224 0ustar 00000000000000KV3MDNGKWOc= nss-3.35/nss/cmd/bltest/tests/des3_cbc/iv00000644000000000000000000000001113230126417016457 0ustar 0000000000000012345678 nss-3.35/nss/cmd/bltest/tests/des3_cbc/key00000644000000000000000000000003113230126417016633 0ustar 00000000000000abcdefghijklmnopqrstuvwx nss-3.35/nss/cmd/bltest/tests/des3_cbc/numtests0000644000000000000000000000000213230126417017643 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/des3_cbc/plaintext00000644000000000000000000000001113230126417020051 0ustar 00000000000000Mozilla! nss-3.35/nss/cmd/bltest/tests/des3_ecb/ciphertext00000644000000000000000000000001513230126417020226 0ustar 00000000000000RgckVNh4QcM= nss-3.35/nss/cmd/bltest/tests/des3_ecb/key00000644000000000000000000000003113230126417016635 0ustar 00000000000000abcdefghijklmnopqrstuvwx nss-3.35/nss/cmd/bltest/tests/des3_ecb/numtests0000644000000000000000000000000213230126417017645 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/des3_ecb/plaintext00000644000000000000000000000001113230126417020053 0ustar 00000000000000Mozilla! nss-3.35/nss/cmd/bltest/tests/des_cbc/ciphertext00000644000000000000000000000001513230126417020141 0ustar 00000000000000Perdg9FMYQ4= nss-3.35/nss/cmd/bltest/tests/des_cbc/iv00000644000000000000000000000001113230126417016374 0ustar 0000000000000012345678 nss-3.35/nss/cmd/bltest/tests/des_cbc/key00000644000000000000000000000001113230126417016546 0ustar 00000000000000zyxwvuts nss-3.35/nss/cmd/bltest/tests/des_cbc/numtests0000644000000000000000000000000213230126417017560 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/des_cbc/plaintext00000644000000000000000000000001113230126417017766 0ustar 00000000000000Mozilla! nss-3.35/nss/cmd/bltest/tests/des_ecb/ciphertext00000644000000000000000000000001513230126417020143 0ustar 000000000000003bNoWzzNiFc= nss-3.35/nss/cmd/bltest/tests/des_ecb/key00000644000000000000000000000001113230126417016550 0ustar 00000000000000zyxwvuts nss-3.35/nss/cmd/bltest/tests/des_ecb/numtests0000644000000000000000000000000213230126417017562 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/des_ecb/plaintext00000644000000000000000000000001113230126417017770 0ustar 00000000000000Mozilla! nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext00000644000000000000000000000007113230126417017330 0ustar 00000000000000fB0bnKWvjT6X5NIkZ5l/Y/DXZ6QNI6j0iPhR/ZERkfj67xRnTWY1cg== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext10000644000000000000000000000007213230126417017332 0ustar 00000000000000UO0OgQ4/HHy2rGIzIFhEi9iyhMDGre0XIWtGt+S28ql8GtfMPag/3g== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext100000644000000000000000000000012013230126417017404 0ustar 00000000000000namWZQDenTtrf0QcpVAjP8RQlEvFB+Ac1KywMC1y8fZoHoZ/fYvq6+ukvFsjKHYE pkz+4cFkWVo= nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext110000644000000000000000000000013413230126417017412 0ustar 00000000000000Nj4BxWTzgKJ9fSOyB68/lh1I/AmVSH9gBSd11ySrPRBJFtkbKScpTkKdU3wG3SRj 0YRQGMyihz6Qpsg3tEX93g== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext120000644000000000000000000000013413230126417017413 0ustar 00000000000000BZvunnCLfyDD95GmQO3ulk4KpnKJPEhHmXFYF7Oo9tRL1ByEpyTMhuTwGU7A+/N5 5lTQ1/ah8IvUaBOUIqXDUw== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext130000644000000000000000000000013413230126417017414 0ustar 00000000000000YzBV4FXyN8OJmdgcOXhIw4zOgKVbZJ2eeQXCmOKlFEcrv2gxdmDsHksVSRUCewvA DuGc/Av3XQGTBQTyzhCosA== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext140000644000000000000000000000013413230126417017415 0ustar 00000000000000T9jyXAWQMAJzgdQWfDF0tr4AiMFfClc9fr0Flg9aHrJfVoac7nv2T+xdXW6hW7H6 EWkAOofszBYhuQobiSIm8g== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext150000644000000000000000000000013413230126417017416 0ustar 00000000000000akfqV86uzBFtcZD/bG3Zgxq3W0v2yykQg+Qmi0hu0kUBc1X2mKMqvppNSn3afIWV DN3DSKuKZ1HnL93AGqXR8A== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext160000644000000000000000000000013413230126417017417 0ustar 00000000000000IcoUjN9EvkrpOy81O45RLQOtltr6gGI/3kkiqV8DJzJz5It3o6pEMHSDwt2JXLUd shEhd8GFxZyx3P8y/aAqTw== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext170000644000000000000000000000013413230126417017420 0ustar 00000000000000LlnV8w9zeB04JVtw3t7rOK54308ALB90fAjercZTAVVhXFWy3wyijGCms4XFj6A2 34xLL08ZNXML+PTwvtE2EA== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext180000644000000000000000000000013413230126417017421 0ustar 00000000000000U7rmxvM24usxHB6S2V/ESakpRE74HsQnlmCyANWUM95J86dOlT53p5Qa867+707U mb4gmXag7bP6Xny5YbDBEg== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext190000644000000000000000000000013413230126417017422 0ustar 00000000000000dpVpihR1XbQgboULT18ZxUCwfQfgiqxZHiAIFkbm7tw9rgEVTs/3sZAHqVPxhfBm PvfyU38LFeBPs0PJYfNt4g== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext20000644000000000000000000000007213230126417017333 0ustar 00000000000000r+5xnn+Ei1Q0nMw7T7JgZYM6TY5zTv6ZIlbzEyXnSbwyokoflXs6Gw== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext200000644000000000000000000000013413230126417017412 0ustar 00000000000000pApskFZUxV/FjpnH0aP+6ixb5kgj1Ahs6BHzNM/cRI1keAUJd+xYWYBFTgovJqAw N7khyliKeKTa/36E1JqKbA== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext30000644000000000000000000000007213230126417017334 0ustar 00000000000000dmg6CF1nQurflaYa91+IEnbP0mo7naf5km6qrQvr1IRcZ/zbZNEkUw== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext40000644000000000000000000000007213230126417017335 0ustar 00000000000000d8TZn2KzrX3R/mSY20Wl2nPOe94jhxoAKuUD/auqaoTcyPOHaXN/AQ== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext50000644000000000000000000000007213230126417017336 0ustar 00000000000000pT8fjyC409RyDxSourUiawedmVMR9T9qTla1H2DiDUlXronhYq6mFg== nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext60000644000000000000000000000012013230126417017331 0ustar 00000000000000Rd8vQj6UvxVd1OHZ5j8xXqYG3ThSfUz2Moc4yFmz6O+lvAzL9KPLtlFcS5v3hM+s 3MEB3J+B0x8= nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext70000644000000000000000000000012013230126417017332 0ustar 00000000000000ZRAuj2TssR8GAXsaDA3vPCmJfCd8SpSLH02muSGtCrsnvTwhFmy5au9wwNvV8wec qw3VQ9QSW9E= nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext80000644000000000000000000000012013230126417017333 0ustar 00000000000000nF+kaHndr1wU8H37UyBxX2em/sF5461TNC+20cPhfns8TQrI1J9N0PBMFqCU9C2g r8xskPXxu8g= nss-3.35/nss/cmd/bltest/tests/dsa/ciphertext90000644000000000000000000000012013230126417017334 0ustar 00000000000000WrQ+3mahVogUbR9M1xZHAsDERXvU/d66wEgpU2xY6Ksn0oUSxGBjyWv1vOuPutIy 2PWznEdV0LE= nss-3.35/nss/cmd/bltest/tests/dsa/dsa_fips.txt0000644000000000000000000012561213230126417017510 0ustar 00000000000000# CAVS 11.2 # "SigGen" information for "dsa2_values" # Mod sizes selected: L=1024, N=160, SHA-1 L=1024, N=160, SHA-224 L=1024, N=160, SHA-256 L=1024, N=160, SHA-384 L=1024, N=160, SHA-512 L=2048, N=224, SHA-1 L=2048, N=224, SHA-224 L=2048, N=224, SHA-256 L=2048, N=224, SHA-384 L=2048, N=224, SHA-512 L=2048, N=256, SHA-1 L=2048, N=256, SHA-224 L=2048, N=256, SHA-256 L=2048, N=256, SHA-384 L=2048, N=256, SHA-512 L=3072, N=256, SHA-1 L=3072, N=256, SHA-224 L=3072, N=256, SHA-256 L=3072, N=256, SHA-384 L=3072, N=256, SHA-512 # Generated on Tue Aug 16 11:21:08 2011 # # These sample from NIST were used to generate dsa tests 1-20 # [mod = L=1024, N=160, SHA-1] P = a8f9cd201e5e35d892f85f80e4db2599a5676a3b1d4f190330ed3256b26d0e80a0e49a8fffaaad2a24f472d2573241d4d6d6c7480c80b4c67bb4479c15ada7ea8424d2502fa01472e760241713dab025ae1b02e1703a1435f62ddf4ee4c1b664066eb22f2e3bf28bb70a2a76e4fd5ebe2d1229681b5b06439ac9c7e9d8bde283 Q = f85f0f83ac4df7ea0cdf8f469bfeeaea14156495 G = 2b3152ff6c62f14622b8f48e59f8af46883b38e79b8c74deeae9df131f8b856e3ad6c8455dab87cc0da8ac973417ce4f7878557d6cdf40b35b4a0ca3eb310c6a95d68ce284ad4e25ea28591611ee08b8444bd64b25f3f7c572410ddfb39cc728b9c936f85f419129869929cdb909a6a3a99bbe089216368171bd0ba81de4fe33 Msg = 3b46736d559bd4e0c2c1b2553a33ad3c6cf23cac998d3d0c0e8fa4b19bca06f2f386db2dcff9dca4f40ad8f561ffc308b46c5f31a7735b5fa7e0f9e6cb512e63d7eea05538d66a75cd0d4234b5ccf6c1715ccaaf9cdc0a2228135f716ee9bdee7fc13ec27a03a6d11c5c5b3685f51900b1337153bc6c4e8f52920c33fa37f4e7 X = c53eae6d45323164c7d07af5715703744a63fc3a Y = 313fd9ebca91574e1c2eebe1517c57e0c21b0209872140c5328761bbb2450b33f1b18b409ce9ab7c4cd8fda3391e8e34868357c199e16a6b2eba06d6749def791d79e95d3a4d09b24c392ad89dbf100995ae19c01062056bb14bce005e8731efde175f95b975089bdcdaea562b32786d96f5a31aedf75364008ad4fffebb970b K = 98cbcc4969d845e2461b5f66383dd503712bbcfa R = 50ed0e810e3f1c7cb6ac62332058448bd8b284c0 S = c6aded17216b46b7e4b6f2a97c1ad7cc3da83fde [mod = L=1024, N=160, SHA-224] P = 8b9b32f5ba38faad5e0d506eb555540d0d7963195558ca308b7466228d92a17b3b14b8e0ab77a9f3b2959a09848aa69f8df92cd9e9edef0adf792ce77bfceccadd9352700ca5faecf181fa0c326db1d6e5d352458011e51bd3248f4e3bd7c820d7e0a81932aca1eba390175e53eada197223674e3900263e90f72d94e7447bff Q = bc550e965647fb3a20f245ec8475624abbb26edd G = 11333a931fba503487777376859fdc12f7c687b0948ae889d287f1b7a712ad220ae4f1ce379d0dbb5c9abf419621f005fc123c327e5055d1850634c36d397e689e111d598c1c3636b940c84f42f436846e8e7fcad9012ceda398720f32fffd1a45ab6136ce417069207ac140675b8f86dd063915ae6f62b0cec729fbd509ac17 Msg = fb2128052509488cad0745ed3e6312850dd96ddaf791f1e624e22a6b9beaa65319c325c78ef59cacba0ccfa722259f24f92c17b77a8f6d8e97c93d880d2d8dbbbedcf6acefa06b0e476ca2013d0394bd90d56c10626ef43cea79d1ef0bc7ac452bf9b9acaef70325e055ac006d34024b32204abea4be5faae0a6d46d365ed0d9 X = 6e2e31bbfc670944d7a7120e39a981520614d8a8 Y = 7e339f3757450390160e02291559f30bed0b2d758c5ccc2d8d456232bb435ae49de7e7957e3aad9bfdcf6fd5d9b6ee3b521bc2229a8421dc2aa59b9952345a8fc1de49b348003a9b18da642d7f6f56e3bc665131ae9762088a93786f7b4b72a4bcc308c67e2532a3a5bf09652055cc26bf3b18833598cffd7011f2285f794557 K = 8cb35d255505a4c41421e562d10827266aa68663 R = afee719e7f848b54349ccc3b4fb26065833a4d8e S = 734efe992256f31325e749bc32a24a1f957b3a1b [mod = L=1024, N=160, SHA-256] P = cba13e533637c37c0e80d9fcd052c1e41a88ac325c4ebe13b7170088d54eef4881f3d35eae47c210385a8485d2423a64da3ffda63a26f92cf5a304f39260384a9b7759d8ac1adc81d3f8bfc5e6cb10efb4e0f75867f4e848d1a338586dd0648feeb163647ffe7176174370540ee8a8f588da8cc143d939f70b114a7f981b8483 Q = 95031b8aa71f29d525b773ef8b7c6701ad8a5d99 G = 45bcaa443d4cd1602d27aaf84126edc73bd773de6ece15e97e7fef46f13072b7adcaf7b0053cf4706944df8c4568f26c997ee7753000fbe477a37766a4e970ff40008eb900b9de4b5f9ae06e06db6106e78711f3a67feca74dd5bddcdf675ae4014ee9489a42917fbee3bb9f2a24df67512c1c35c97bfbf2308eaacd28368c5c Msg = 812172f09cbae62517804885754125fc6066e9a902f9db2041eeddd7e8da67e4a2e65d0029c45ecacea6002f9540eb1004c883a8f900fd84a98b5c449ac49c56f3a91d8bed3f08f427935fbe437ce46f75cd666a0707265c61a096698dc2f36b28c65ec7b6e475c8b67ddfb444b2ee6a984e9d6d15233e25e44bd8d7924d129d X = 2eac4f4196fedb3e651b3b00040184cfd6da2ab4 Y = 4cd6178637d0f0de1488515c3b12e203a3c0ca652f2fe30d088dc7278a87affa634a727a721932d671994a958a0f89223c286c3a9b10a96560542e2626b72e0cd28e5133fb57dc238b7fab2de2a49863ecf998751861ae668bf7cad136e6933f57dfdba544e3147ce0e7370fa6e8ff1de690c51b4aeedf0485183889205591e8 K = 85976c5610a74959531040a5512b347eac587e48 R = 76683a085d6742eadf95a61af75f881276cfd26a S = 3b9da7f9926eaaad0bebd4845c67fcdb64d12453 [mod = L=1024, N=160, SHA-384] P = f24a4afc72c7e373a3c30962332fe5405c45930963909418c30792aaf135ddea561e94f24726716b75a18828982e4ce44c1fddcb746487b6b77a9a5a17f868ab50cd621b5bc9da470880b287d7398190a42a5ee22ed8d1ff147e2019810c8298ed68e1ca69d41d555f249e649fb1725ddb075c17b37beff467fdd1609243373f Q = da065a078ddb56ee5d2ad06cafab20820d2c4755 G = 47b5591b79043e4e03ca78a0e277c9a21e2a6b543bf4f044104cd9ac93eff8e101bb6031efc8c596d5d2f92e3a3d0f1f74702dd54f77d3cd46c04dee7a5de9f00ad317691fddcefe4a220a2651acae7fcedda92bfcca855db6705e8d864f8192bf6bf860c00f08ad6493ecc1872e0028d5c86d44505db57422515c3825a6f78a Msg = b0dbbf4a421ba5c5b0e52f09629801c113258c252f29898c3354706e39ec5824be523d0e2f8cfe022cd61165301274d5d621a59755f50404d8b802371ce616defa962e3636ae934ec34e4bcf77a16c7eff8cf4cc08a0f4849d6ad4307e9f8df83f24ad16ab46d1a61d2d7d4e21681eb2ae281a1a5f9bca8573a3f5281d308a5a X = 649820168eb594f59cd9b28b9aefe8cc106a6c4f Y = 43a27b740f422cb2dc3eaa232315883a2f6a22927f997d024f5a638b507b17d3b1cbd3ec691cc674470960a0146efdecb95bb5fe249749e3c806cd5cc3e7f7bab845dadbe1f50b3366fb827a942ce6246dda7bd2c13e1b4a926c0c82c884639552d9d46036f9a4bc2a9e51c2d76e3074d1f53a63224c4279e0fa460474d4ffde K = 33c7ba88ff69707971b25ac344ae4a566e195f99 R = 77c4d99f62b3ad7dd1fe6498db45a5da73ce7bde S = 23871a002ae503fdabaa6a84dcc8f38769737f01 [mod = L=1024, N=160, SHA-512] P = 88d968e9602ecbda6d86f7c970a3ffbeb1da962f28c0afb9270ef05bc330ca98c3adf83c072feb05fb2e293b5065bbb0cbcc930c24d8d07869deaecd92a2604c0f5dd35c5b431fda6a222c52c3562bf7571c710209be8b3b858818788725fe8112b7d6bc82e0ff1cbbf5d6fe94690af2b510e41ad8207dc2c02fb9fa5cefaab5 Q = a665689b9e5b9ce82fd1676006cf4cf67ecc56b7 G = 267e282857417752113fba3fca7155b5ce89e7c8a33c1a29122e2b720965fc04245267ff87fc67a5730fe5b308013aa3266990fbb398185a87e055b443a868ce0ce13ae6aee330b9d25d3bbb362665c5881daf0c5aa75e9d4a82e8f04c91a9ad294822e33978ab0c13fadc45831f9d37da4efa0fc2c5eb01371fa85b7ddb1f82 Msg = 3a84a5314e90fd33bb7cd6ca68720c69058da1da1b359046ae8922cac8afc5e025771635fb4735491521a728441b5cb087d60776ee0ecc2174a41985a82cf46d8f8d8b274a0cc439b00971077c745f8cf701cf56bf9914cc57209b555dc87ca8c13da063270c60fc2c988e692b75a7f2a669903b93d2e14e8efb6fb9f8694a78 X = 07ce8862e64b7f6c7482046dbfc93907123e5214 Y = 60f5341e48ca7a3bc5decee61211dd2727cd8e2fc7635f3aabea262366e458f5c51c311afda916cb0dcdc5d5a5729f573a532b594743199bcfa7454903e74b33ddfe65896306cec20ebd8427682fa501ee06bc4c5d1425cbe31828ba008b19c9da68136cf71840b205919e783a628a5a57cf91cf569b2854ffef7a096eda96c9 K = 2f170907ac69726b14f22056dcb37b4df85f7424 R = a53f1f8f20b8d3d4720f14a8bab5226b079d9953 S = 11f53f6a4e56b51f60e20d4957ae89e162aea616 [mod = L=2048, N=224, SHA-1] P = f2d39ed3062b13c916273600a0f2a029e86d7a4b9217b4f1815bf2b24d9710a57ab33f997294b014585b8d0198dfdccbcd75314da5ff85aa344b45adaeaa979b51a312a7bfa94472fb633f1a6f156bb4458867dfd38403f06b851f00fe2d3484077bded71ab7513d04a140220575fb693395480e4c8402b7a46cec2d37a778c305accd1f13e9f62e865315f4b22cc467c8986ec8e4961ddf810566b0c4ee369ac6aa15e43f4744005826f5bde8071a19e30b6909aac4b3d174237270dad02799d09b8a2cc5f22e66894b5422228b2c234f11f5a771c5b89cf465a2acecbbeeaa1725fe8f9b59422be8991052cb556ddf2c8ce8fa9206dbf39feadc194e00f8e5 Q = 8000000000000000c118f49835e4ef733c4d15800fcf059e884d31b1 G = e3a93c09da6f560e4d483a382a4c546f2335c36a4c35ac1463c08a3e6dd415df56fdc537f25fd5372be63e4f5300780b782f1acd01c8b4eb33414615fd0ea82573acba7ef83f5a943854151afc2d7dfe121fb8cd03335b065b549c5dcc606be9052483bc284e12ac3c8dba09b426e08402030e70bc1cc2bf8957c4ba0630f3f32ad689389ac47443176063f247d9e2296b3ea5b5bc2335828ea1a080ed35918dee212fd031279d1b894f01afec523833669eac031a420e540ba1320a59c424a3e5849a460a56bcb001647885b1433c4f992971746bfe2977ce7259c550b551a6c35761e4a41af764e8d92132fcc0a59d1684eab90d863f29f41cf7578faa908c Msg = edc6fd9b6c6e8a59f283016f7f29ee16deeaa609b5737927162aef34fed985d0bcb550275637ba67831a2d4efccb35296dfe730f4a0b4f4728d1d7d1bb8f4a36238a5c94311fa1134a93a6b4de39c085e9f60ae4e237c0416d58042bb36baa38cba8c896295b745d5376fd8ce42eb6ee5a1b38f87716b265b76e58cfb24a9170 X = 6132e551cdac88409183bd37ee1452cd247d4834b08814b275be3ff5 Y = 289ff18c32a56bb0b8839370647683a38a5a7e291410b93207212adc8088d30f93e9e4abc523f3d46936e7d5c90d88742b36afd37563408f15c8c1a4f7ac24bf05f01008ffee70c8825d57c3a9308bad8a095af2b53b2dda3cbed846d95e301eb9b84766415d11f6c33209a0d28571096ab04a79aa0dc465997529686b68e887cd8a205c2dc8195aef0422eba9979f549ac85548e419413643b7244361153ada1480d238cd00dc16527938955548dd5d027ded1029eeeb8ed6c61b4cd59341d8b15466e9da890a989996f4d7691e6072de136af28b5874bf08bd1f8a60cfb1c00888132909f515e04bce81b02951aa41baac68ffdb8c5dc77a1d32d8f2c10dd7 K = 7197392d32d0af6a7183cc3398556f8f687d86a8ff742be6ad38562f R = 45df2f423e94bf155dd4e1d9e63f315ea606dd38527d4cf6328738c8 S = 59b3e8efa5bc0ccbf4a3cbb6515c4b9bf784cfacdcc101dc9f81d31f [mod = L=2048, N=224, SHA-224] P = aa815c9db1c4d3d2773c7d0d4d1da75ecfc4a39e97d5fa191ffec8b1490a290ce335e5ce87ea620a8a17de0bb64714e2ec840bf00e6ebdb4ffb4e324ca07c3c8717309af1410362a772c9add838b2b0cae1e90ab448adabdacd2e5df59c4187a32a23719d6c57e9400885383bf8f066f23b941920d54c35b4f7cc5044f3b40f17046956307b748e840732844d00a9ce6ec5714293b6265147f15c67f4be38b082b55fdeadb6124689fb76f9d25cc28b8eaa98b562d5c1011e0dcf9b39923240d332d89dc9603b7bddd0c70b83caa2905631b1c83cabbae6c0c0c2efe8f58131ed8351bf93e875f6a73a93cbad470141a2687fbacf2d71c8ddee971ad660729ad Q = ea347e90be7c2875d1fe1db622b4763837c5e27a6037310348c1aa11 G = 2042094ccbc8b8723fc928c12fda671b83295e99c743576f44504be1186323319b5002d24f173df909ea241d6ea5289904ee4636204b2fbe94b068fe093f7962579549551d3af219ad8ed19939eff86bcec834de2f2f78596e89e7cb52c524e177098a56c232eb1f563aa84bc6b026deee6ff51cb441e080f2dafaea1ced86427d1c346be55c66803d4b76d133cd445b4c3482fa415023463c9bf30f2f784223e26057d3aa0d7fbb660630c52e49d4a0325c7389e072aa349f13c966e159752fbb71e9336890f93243fa6e72d299365ee5b3fe266ebf1110568fee4425c847b50210bd484b97431a42856adca3e7d1a9c9c675c7e266918320dd5a78a48c48a9 Msg = e920fc1610718f2b0213d301c0092a51f3c6b0107bbbd8243a9689c044e2d142f202d9d195a5faef4be5acadc9ff6f7d2261e58b517139bcb9489b110423c2e59eb181294ffdae8aad0e624fab974c97f9f5e7dc19d678a9cb3429cf05ec509072856f5adfec6e29bafe8e5ba95593e612843e343111d88a1eaff7dc0a2e277f X = 7b489021578e79e7bd3ee7ab456f659f3dc07c88f5c9a39e4f8cee81 Y = 1ae10c786ad0902c5c685dae5c7121418a377b888b5f2f2bc76623570fd62bcb190b471ad5359c5f062f8819289e956d8aa6f90d1f8cf1ee72d3a1bdfd56c478dc29a19c4569b5a60e3a8f34f60656eac5b25dde5514a5c67b675423204f6ccaf0990617cc7355b9d3ed868978a252020a769ed59a6edaa6efe3377eef45f3f6f3e64179cc7db8b143fb835c5d71bfcfa1e2a9049bccf7fe9ab57546220fe3f4b7521c861739d138507e81a46a6993605441dcb90d6ee4afbc42cabe90a254444968109d7edd9694a023239f1d56175dd1fac115915e24fab563f4fc3f269bed2f300832d112596485a711417aa73bb4ac72a651a1fa5baed3636c720d397008 K = 37fadd419fcbd2b073a06ae96b9eceb63e29aee9ac5fa2bdb31ab85d R = 65102e8f64ecb11f06017b1a0c0def3c29897c277c4a948b1f4da6b9 S = 21ad0abb27bd3c21166cb96aef70c0dbd5f3079cab0dd543d4125bd1 [mod = L=2048, N=224, SHA-256] P = a4c7eaab42c4c73b757770916489f17cd50725cd0a4bc4e1cf67f763b8c1de2d6dab9856baafb008f365b18a42e14dc51f350b88eca0209c5aa4fd71a7a96c765f5901c21e720570d7837bec7c76d2e49344731ca39405d0a879b9e0dcd1a8125fd130ec1e783e654b94e3002e6b629e904ab3877867720cbd54b4270a9e15cd028c7cc796f06c272a660951928fdbeb2dca061b41e932257305742ff16e2f429191d5e5f1a6ddf6e78c5d7722cff80a9c0bd5c8d7aeba8c04438992b075e307c1534c49ad380f477f5f7987dc172c161dca38dcaf3fb3846c72c9119a5299adc748951b3dce0d00d4a9013800b2008203b72465bc6a84ae059a30c4522dea57 Q = ce89fe332b8e4eb3d1e8ddcea5d163a5bc13b63f16993755427aef43 G = 8c465edf5a180730291e080dfc5385397a5006450dba2efe0129264fbd897bb5579ca0eab19aa278220424724b4f2a6f6ee6328432abf661380646097233505339c5519d357d7112b6eec938b85d5aa75cc2e38092f0a530acb54e50fe82c4d562fb0f3036b80b30334023ebbe6637a0010b00c7db86371168563671e1e0f028aedbd45d2d572621a609982a073e51aae27707afbeef29e2ecee84d7a6d5da382be3a35f42b6c66849202ab19d025b869d08776476d1ab981475ad2ad2f3e6fd07e30696d90a626816df60d6ca7afd7b482f942f83b45cc82933731f87faee320900f2aa3e70b1867e1430e40be67c07f9290299ef067b8b24a7515b3f992c07 Msg = cec8d2843dee7cb5f9119b75562585e05c5ce2f4e6457e9bcc3c1c781ccd2c0442b6282aea610f7161dcede176e774861f7d2691be6c894ac3ebf80c0fab21e52a3e63ae0b35025762ccd6c9e1fecc7f9fe00aa55c0c3ae33ae88f66187f9598eba9f863171f3f56484625bf39d883427349b8671d9bb7d396180694e5b546ae X = 551595eccbb003b0bf8ddda184a59da51e459a0d28205e5592ca4cb1 Y = 748a40237211a2d9852596e7a891f43d4eb0ee48826c9cfb336bbb68dbe5a5e16b2e1271d4d13de03644bb85ef6be523a4d4d88415bcd596ba8e0a3c4f6439e981ed013d7d9c70336febf7d420cfed02c267457bb3f3e7c82145d2af54830b942ec74a5d503e4226cd25dd75decd3f50f0a858155d7be799410836ddc559ce99e1ae513808fdaeac34843dd7258f16f67f19205f6f139251a4186da8496d5e90d3fecf8ed10be6c25ff5eb33d960c9a8f4c581c8c724ca43b761e9fdb5af66bffb9d2ebb11a6b504a1fbe4f834ecb6ac254cab513e943b9a953a7084b3305c661bfad434f6a835503c9ade7f4a57f5c965ec301ecde938ee31b4deb038af97b3 K = 6f326546aa174b3d319ef7331ec8dfd363dd78ae583a920165ff7e54 R = 9c5fa46879ddaf5c14f07dfb5320715f67a6fec179e3ad53342fb6d1 S = c3e17e7b3c4d0ac8d49f4dd0f04c16a094f42da0afcc6c90f5f1bbc8 [mod = L=2048, N=224, SHA-384] P = a6bb5333ce343c31c9b2c878ab91eef2fdea35c6db0e716762bfc0d436d87506e865a4d2c8cfbbd626ce8bfe64563ca5686cd8cf081490f02445b289087982495fb69976b10242d6d50fc23b4dbdb0bef78305d9a4d05d9eae65d87a893eaf397e04e39baa85a26c8ffbdef1233287b5f5b6ef6a90f27a69481a932ee47b18d5d27eb107ffb05025e646e8876b5cb567fec1dd35835d42082198531fafbe5ae280c575a1fb0e62e9b3ca37e197ad96d9dde1f33f2cec7d27deae261c83ee8e2002af7eb6e82f6a14796af037577a1032bbc709129caabd8addf870ae2d0595c8fdb37155748f0dea34b44d4f82ed58c2f5b1b8481662ac53473c693410082fbd Q = 8c3ee5bd9a2aaf068bd5845bd55ecf27417055307577bbc3770ec68b G = 43b5a6b6d0bb962ec9766a377c32cc4124f1311188c2ecf95c0cd4a4fa097225b7618cb1276c474578d3bf564c145199c092a1b14baa929c2f3f0f36e0c2dae91eba08be30992a889f2952e0442c37af484a4ecdc3243ccfcb9e3413cf5cdd6630b09fe17efbfde14d8725493019b7b73d1f782b48ef30bec36e00e02ba336d2254fc202a69612cd9446f91d76b739ffa6d8b86052f8dc5f1145801c56241af5ba9037241bd89e6338b58e01310671c268eb5e33acb57d1f99f16440a675827d4017754d601a17ada2fbedf904554a90b01530da8c93cd14ce293cb2bd3e7937e934b79e310fe4d80c13f92f63381355bd80a1abee1a73fdfb6da24ef28002a3 Msg = df5d564db83592c1128be5d29b7036880d55e834a291a745ed8dcd438c4da6b1b9f39412b2c5110730db83c1ccdfe9059dd96ec7ea2bbcb34e3eba72ef0a1d4721c7c0221e29279f014d63facc5bc8f18c539b92ff2af89e568225d6b4cf599cb3dff5e3c6ddfac0a27f10f636ec220abb72630bae9a39c18fd3663e4651ccac X = 4efa5136eb6aa74e92bbfc913b0bfebb613db7a47221fb7b64f42e6f Y = 647979b7960ce7b971ff0e5f6435f42a41b18c9de09a301114a013a7cd01183f176f88838379dcb4efb67daea79def3f042cbcf9cc503b4c2151a2364f7c9437b19643e67e24a36bac4a4cfa293deedf8ec6b154a32aa72985f7d8de235334b546c29def458c55d0c5c0ac5d74e2024ec7d4abc2fda516a2a0b1a4d886ad92c204707828a4fc7794f60ee8a4be1101c9e5518f7e19eebd475f2de6f6ba89c28bd129f13993befe5818440319a79549833196342a31dbaf7d79497dec65ee7dbef70e58f99d0595f6a711409ade3151d45563d53c1cd0a8ab1a18beff6502cbb0c069b114ea7be77898d0f4e549991ba0b368971b1072ece4afc380e9ae329a50 K = 7e0f1ce21d185ae65c0a00395567ea9cf217462b58b9c89c4e5ff9cf R = 5ab43ede66a15688146d1f4cd7164702c0c4457bd4fddebac0482953 S = 6c58e8ab27d28512c46063c96bf5bceb8fbad232d8f5b39c4755d0b1 [mod = L=2048, N=224, SHA-512] P = bfebd000b2d6cd4ab38efba35df334df721d6c2f2b3d956679cbad009f3dfbd002952cc899cc2356ec8769bd3d1ba5a73023729888da92ca48a5ee94c97f4f04a2e3acb4f33a2f0fb3783c31f2c70fa7c70f38214a27dadec8b12e67996a9e85ee3bb148803130147392dc5253c04d7063535e6cd646bfb186984e08b58b74a7be5b333bf32b0abfd5665360e9a923a0c528ff1c62c7253458f5678528719d436e50148741f45dc7dd2c6cac71c55231f12a83fefd2ed0a33ede1b8a51f566fcf7890682cdc1931dc207c92bf2ef4e28ab31661eeb77f1601eea941c9591f038d3f00d912857db05e64b2ad569320061c6f863ff3354d842e7e7ea715afef8d1 Q = aa986df8a064278e9363316a9830bcfa490656faa6d5daa817d87949 G = 8195ad9a478fd985216ee58368366d2edd13c12b3d62239169fa042d91156408b483122f44ed6236b8308a6cdb52f9af3de88ec89e039afad7da3aa66c1976049a8e0a7d18d567baf99fcefe315cada01548386b10b25e52f52ed78eb4d28082e5e1ffee9480c4fe2cc4aafd1efc9d4fd2cc6d155968931271ef15b3240e7fb043a80c8f628befe09d645077c1029d21e0ac8bf0ba9c27714d1b580ede594aa01b3b76f6e745fc1ec07db37e2fd7e98c6c8c6915228e422c309de9f5db168f50249d1be1ed3298090808e2ebb896bb79b8c4cbf94d4c2064e37e612ba4449d7ac210edde211416d64b051dd8046ab041732665411a7f154d31b3e11a51da7fc0 Msg = e9f59c6a5cbe8f5b0cf75008d06a076a6739bdddb39b82143cd03939aa4738a287c2a6f31829bbe15f02cc2ee7d7122dbd132825970daddd8a4d851da86e7edc8940cb1188319218b8e0248a103eae34bc68d85f5a32830d7e5dc7718f74db5e4224c0debe1e841e1eea1a88fee0f85d9fb087cbcee55f86037a646e38346d2b X = 6a5b4ffc44238d1852fb9b74e4c1661be85984043cfeee023f57cac6 Y = af6721bf75dec6a1b76ad35ca3750def31117c5b441c15a306835a1db74c003b86ae9099ebfb745b0aa9cb000cf43fb021513b8f197bc865b22bf949b491809ad752ffc1ca8e54bea16dc7f539e4c55fb70a7743dd28f262f60ef0f2fcaac29e8021a7938c18ffe03075d0b7e0a2b4dcabe46ed1953d33e37f113af519ab0bf0b6186c12b5f6488437f5193096e2fd6a6a1835604794c66b42ae5265c1cf1cb53ae84997975e0318a93ce41e3902e4ef54de3c56555bd19491acd53f3e57464e1f460389dbc5fa80648fa5a5a0f2956e9ec3b8dc441b535c641c362eed770da828649bfd146472b0f46a4c064e459f88bff90dede7ec56177a9a71d167948712 K = 9ced89ea5050982222830efef26e7394f5ab7d837d4549962d285fae R = 9da9966500de9d3b6b7f441ca550233fc450944bc507e01cd4acb030 S = 2d72f1f6681e867f7d8beaebeba4bc5b23287604a64cfee1c164595a [mod = L=2048, N=256, SHA-1] P = c1a59d215573949e0b20a974c2edf2e3137ff2463062f75f1d13df12aba1076bb2d013402b60af6c187fb0fa362167c976c2617c726f9077f09e18c11b60f65008825bd6c02a1f57d3eb0ad41cd547de43d87f2525f971d42b306506e7ca03be63b35f4ada172d0a06924440a14250d7822ac2d5aeafed4619e79d4158a7d5eb2d9f023db181a8f094b2c6cb87cb8535416ac19813f07144660c557745f44a01c6b1029092c129b0d27183e82c5a21a80177ee7476eb95c466fb472bd3d2dc286ce25847e93cbfa9ad39cc57035d0c7b64b926a9c7f5a7b2bc5abcbfbdc0b0e3fede3c1e02c44afc8aefc7957da07a0e5fd12339db8667616f62286df80d58ab Q = 8000000000000000000000001bd62c65e8b87c89797f8f0cbfa55e4a6810e2c7 G = aea5878740f1424d3c6ea9c6b4799615d2749298a17e26207f76cef340ddd390e1b1ad6b6c0010ad015a103342ddd452cac024b36e42d9b8ed52fafae7a1d3ce9e4b21f910d1356eb163a3e5a8184c781bf14492afa2e4b0a56d8884fd01a628b9662739c42e5c5795ade2f5f27e6de1d963917ce8806fc40d021cd87aa3aa3a9e4f0c2c4c45d2959b2578b2fb1a2229c37e181059b9d5e7b7862fa82e2377a49ed0f9dca820a5814079dd6610714efaf8b0cc683d8e72e4c884e6f9d4946b3e8d4cbb92adbbe7d4c47cc30be7f8c37ca81883a1aac6860059ff4640a29ccae73de20b12e63b00a88b2ee9ba94b75eb40a656e15d9ec83731c85d0effcb9ef9f Msg = de3605dbefde353cbe05e0d6098647b6d041460dfd4c000312be1afe7551fd3b93fed76a9763c34e004564b8f7dcacbd99e85030632c94e9b0a032046523b7aacdf934a2dbbdcfceefe66b4e3d1cb29e994ff3a4648a8edd9d58ed71f12399d90624789c4e0eebb0fbd5080f7d730f875a1f290749334cb405e9fd2ae1b4ed65 X = 5a42e77248358f06ae980a2c64f6a22bea2bf7b4fc0015745053c432b7132a67 Y = 880e17c4ae8141750609d8251c0bbd7acf6d0b460ed3688e9a5f990e6c4b5b00875da750e0228a04102a35f57e74b8d2f9b6950f0d1db8d302c5c90a5b8786a82c68ff5b17a57a758496c5f8053e4484a253d9942204d9a1109f4bd2a3ec311a60cf69c685b586d986f565d33dbf5aab7091e31aa4102c4f4b53fbf872d700156465b6c075e7f778471a23502dc0fee41b271c837a1c26691699f3550d060a331099f64837cddec69caebf51bf4ec9f36f2a220fe773cb4d3c02d0446ddd46133532ef1c3c69d432e303502bd05a75279a7809a742ac4a7872b07f1908654049419350e37a95f2ef33361d8d8736d4083dc14c0bb972e14d4c7b97f3ddfccaef K = 2cb9c1d617e127a4770d0a946fb947c5100ed0ca59454ea80479f6885ec10534 R = 363e01c564f380a27d7d23b207af3f961d48fc0995487f60052775d724ab3d10 S = 4916d91b2927294e429d537c06dd2463d1845018cca2873e90a6c837b445fdde [mod = L=2048, N=256, SHA-224] P = d02276ebf3c22ffd666983183a47ae94c9bccbcbf95ddcb491d1f7ce643549199992d37c79e7b032d26ed031b6ba4489f3125826fafb2726a98333ebd9abdde592d8693d9859536d9cc3841a1d24e044d35aced6136256fc6d6b615cf4f4163aa381eb2b4c480825a8eccc56d8ddcf5fe637e38ad9b2974bd2cf68bf271e0d067d2465a8b6b660524f0082598945ada58ea649b9804eb4753408c2c59768c46abb82e3295f3d9ca469f84cc187f572dc4b5a3b39346ec839dfad6f07d6d1f0e215209bb0ecc05c767cf2e7943ac9cfb02eee1e9ef5946e8ce88316b5e15fdcf95a132ef2e4bb0817136528cfa5dd96532f9c3abe5c421620edb6bcbd52234ca9 Q = 8000000012997e8285e4089708f528070c6d7af8a0bd01409e7a079cdb6fc5bb G = 778453049ef262147fed7b59b0ee6764607c51e7b5b5fc6fea7a7a7b1dd6bb283f4a9ae98efd3964b1556758cb15b2a53af8619e74d85898bec77d3b3f382494ae5961a13ffc745da386182291519800f99dd710e00aeb15adee088e2798ee2e46f598526cf0f4667055d1ba009750041dc5cdd2725ff1d97dd340c8518af7671b87d39d67aeced84b66f84e0701efc82a5c9ef954ee576d24c385b14d63037f0d866fd424b4975bdd5485ed740cb932e843f906683f7c7b2c74775d901c361b847b519c0da699638da40bd736b783d2710b2c2cc26ef91271bf4e2c1929f876e902e2057164223bc78d6a2b9f6c0c7a7cb85922f7d6c4287ae23861f8128848 Msg = 39f2d8d503aae8cd17854456ecfad49a18900d4375412bc689181ed9c2ccafea98dca689a72dc75e5367d3d3abfc2169700d5891cff70f69d9aca093b061b9f5057f94636bc2783115254344fb12e33b167272e198838a8728e7744ea9a2e8248e34d5906e298302472637b879de91c1a6f9f331a5cf98a5af29132990d27416 X = 6ba81e6cd4367798aaab8b7af1135183a37c42a766dbd68cd2dce78f2670ef0f Y = 7bb31e98c7a0437f978a73d5dcfbdfbb09cc2499dfaf1eb5256bccd6358cabb5f67d04a42823463b7e957f2b9213f1fa8e5a98d614484701abb8c7d67641fe6ed06fa4527b493ddab2e74640fde3de70da693f1db2b8e26417040af0eea6cab451a795a52e187d2ee241b93f65c86c6d66f45834cce165ac5eb670d4f0095c23ce9757e3bdc636f991ee0073d90a09202edb35cc3ea1cf9adca1617fa0bffd9c126229a604a1d3bf4931ddf0b9942dfc8a2f8c09fcc97032564a79ae1ebe1e2ce49ff57839e7c43fa60b1603d15a450898aa4e4a1ee8065794126d64f013367096a83686b9f158c33b10f5f3b36cf1f6358b3f34f84b101dc26d3db68bcc95c8 K = 45030b79a395b1632700cbaffead97998d02bed8e0656876fc0174e4bdb96f79 R = 059bee9e708b7f20c3f791a640edee964e0aa672893c484799715817b3a8f6d4 S = 4bd41c84a724cc86e4f0194ec0fbf379e654d0d7f6a1f08bd468139422a5c353 [mod = L=2048, N=256, SHA-256] P = a8adb6c0b4cf9588012e5deff1a871d383e0e2a85b5e8e03d814fe13a059705e663230a377bf7323a8fa117100200bfd5adf857393b0bbd67906c081e585410e38480ead51684dac3a38f7b64c9eb109f19739a4517cd7d5d6291e8af20a3fbf17336c7bf80ee718ee087e322ee41047dabefbcc34d10b66b644ddb3160a28c0639563d71993a26543eadb7718f317bf5d9577a6156561b082a10029cd44012b18de6844509fe058ba87980792285f2750969fe89c2cd6498db3545638d5379d125dccf64e06c1af33a6190841d223da1513333a7c9d78462abaab31b9f96d5f34445ceb6309f2f6d2c8dde06441e87980d303ef9a1ff007e8be2f0be06cc15f Q = e71f8567447f42e75f5ef85ca20fe557ab0343d37ed09edc3f6e68604d6b9dfb G = 5ba24de9607b8998e66ce6c4f812a314c6935842f7ab54cd82b19fa104abfb5d84579a623b2574b37d22ccae9b3e415e48f5c0f9bcbdff8071d63b9bb956e547af3a8df99e5d3061979652ff96b765cb3ee493643544c75dbe5bb39834531952a0fb4b0378b3fcbb4c8b5800a5330392a2a04e700bb6ed7e0b85795ea38b1b962741b3f33b9dde2f4ec1354f09e2eb78e95f037a5804b6171659f88715ce1a9b0cc90c27f35ef2f10ff0c7c7a2bb0154d9b8ebe76a3d764aa879af372f4240de8347937e5a90cec9f41ff2f26b8da9a94a225d1a913717d73f10397d2183f1ba3b7b45a68f1ff1893caf69a827802f7b6a48d51da6fbefb64fd9a6c5b75c4561 Msg = 4e3a28bcf90d1d2e75f075d9fbe55b36c5529b17bc3a9ccaba6935c9e20548255b3dfae0f91db030c12f2c344b3a29c4151c5b209f5e319fdf1c23b190f64f1fe5b330cb7c8fa952f9d90f13aff1cb11d63181da9efc6f7e15bfed4862d1a62c7dcf3ba8bf1ff304b102b1ec3f1497dddf09712cf323f5610a9d10c3d9132659 X = 446969025446247f84fdea74d02d7dd13672b2deb7c085be11111441955a377b Y = 5a55dceddd1134ee5f11ed85deb4d634a3643f5f36dc3a70689256469a0b651ad22880f14ab85719434f9c0e407e60ea420e2a0cd29422c4899c416359dbb1e592456f2b3cce233259c117542fd05f31ea25b015d9121c890b90e0bad033be1368d229985aac7226d1c8c2eab325ef3b2cd59d3b9f7de7dbc94af1a9339eb430ca36c26c46ecfa6c5481711496f624e188ad7540ef5df26f8efacb820bd17a1f618acb50c9bc197d4cb7ccac45d824a3bf795c234b556b06aeb929173453252084003f69fe98045fe74002ba658f93475622f76791d9b2623d1b5fff2cc16844746efd2d30a6a8134bfc4c8cc80a46107901fb973c28fc553130f3286c1489da K = 117a529e3fdfc79843a5a4c07539036b865214e014b4928c2a31f47bf62a4fdb R = 633055e055f237c38999d81c397848c38cce80a55b649d9e7905c298e2a51447 S = 2bbf68317660ec1e4b154915027b0bc00ee19cfc0bf75d01930504f2ce10a8b0 [mod = L=2048, N=256, SHA-384] P = a6167c16fff74e29342b8586aed3cd896f7b1635a2286ff16fdff41a06317ca6b05ca2ba7c060ad6db1561621ccb0c40b86a03619bfff32e204cbd90b79dcb5f86ebb493e3bd1988d8097fa23fa4d78fb3cddcb00c466423d8fa719873c37645fe4eecc57171bbedfe56fa9474c96385b8ba378c79972d7aaae69a2ba64cde8e5654f0f7b74550cd3447e7a472a33b4037db468dde31c348aa25e82b7fc41b837f7fc226a6103966ecd8f9d14c2d3149556d43829f137451b8d20f8520b0ce8e3d705f74d0a57ea872c2bdee9714e0b63906cddfdc28b6777d19325000f8ed5278ec5d912d102109319cba3b6469d4672909b4f0dbeec0bbb634b551ba0cf213 Q = 8427529044d214c07574f7b359c2e01c23fd97701b328ac8c1385b81c5373895 G = 6fc232415c31200cf523af3483f8e26ace808d2f1c6a8b863ab042cc7f6b7144b2d39472c3cb4c7681d0732843503d8f858cbe476e6740324aaa295950105978c335069b919ff9a6ff4b410581b80712fe5d3e04ddb4dfd26d5e7fbca2b0c52d8d404343d57b2f9b2a26daa7ece30ceab9e1789f9751aaa9387049965af32650c6ca5b374a5ae70b3f98e053f51857d6bbb17a670e6eaaf89844d641e1e13d5a1b24d053dc6b8fd101c624786951927e426310aba9498a0042b3dc7bbc59d705f80d9b807de415f7e94c5cf9d789992d3bb8336d1d808cb86b56dde09d934bb527033922de14bf307376ab7d22fbcd616f9eda479ab214a17850bdd0802a871c Msg = 8c78cffdcf25d8230b835b30512684c9b252115870b603d1b4ba2eb5d35b33f26d96b684126ec34fff67dfe5c8c856acfe3a9ff45ae11d415f30449bcdc3bf9a9fb5a7e48afeaba6d0b0fc9bce0197eb2bf7a840249d4e550c5a25dc1c71370e67933edad2362fae6fad1efba5c08dc1931ca2841b44b78c0c63a1665ffac860 X = 459eb1588e9f7dd4f286677a7415cb25a1b46e7a7cfadc8a45100383e20da69d Y = 5ca7151bca0e457bbc46f59f71d81ab16688dc0eb7e4d17b166c3326c5b12c5bdebb3613224d1a754023c50b83cb5ecc139096cef28933b3b12ca31038e4089383597c59cc27b902be5da62cae7da5f4af90e9410ed1604082e2e38e25eb0b78dfac0aeb2ad3b19dc23539d2bcd755db1cc6c9805a7dd109e1c98667a5b9d52b21c2772121b8d0d2b246e5fd3da80728e85bbf0d7067d1c6baa64394a29e7fcbf80842bd4ab02b35d83f59805a104e0bd69d0079a065f59e3e6f21573a00da990b72ea537fa98caaa0a58800a7e7a0623e263d4fca65ebb8eded46efdfe7db92c9ebd38062d8f12534f015b186186ee2361d62c24e4f22b3e95da0f9062ce04d K = 2368037a1c7647c683d7e301ac79b7feebc736effe3ab1644b68308b4b28620d R = 4fd8f25c059030027381d4167c3174b6be0088c15f0a573d7ebd05960f5a1eb2 S = 5f56869cee7bf64fec5d5d6ea15bb1fa1169003a87eccc1621b90a1b892226f2 [mod = L=2048, N=256, SHA-512] P = f63da3be9a9616196c6556f3ce6fd8b98bdda9137473da46fed970e2b8d147387a81922065d528a7d6433ebc5e35b15c67ea35a5a5bff5b9cef1cd1e6fe31dda52838da3aa89b9b4e8d9d3c0732ccc4f238ce1b416c4ca93f2c6800e5f4ed41c4f7615cec5531b98680b20dc63f73e70d803aacfaece33d45fa0e39d77c8508209528b9046b5917010791234397e412d22bc0b8d67cbd1cd28a32c2460a0bd86aaba0eea80e16e3245643171e34221760c203a56b8207a1009e6c1a2f6cda85f85c4f9e410b9499233c0ee072e465af4fb4fb9282c5c10e8234fd630ea92f0aae6b97a520db34475707b79a4c175265c0356ccbca827e3837df3d6d0576d9079 Q = 9b7463f8269f0b909abed10991684f36a64ac864e0d6d717c0ef21577a4c3907 G = 972a75f606e8aa3a91ff08fd131a20f5963251304e3d1431b712fa0803d527fd710fb7eb27e52904971cd43ca977199a24dbeeb4b7bc2ba075d3b72eb6b2c5ad8f0e8b8f48c50b554c7e0711f4c7416330806672498f430292724bf98a8ea48c7f53d7b31d8b7528b1a6f087d2c27c335202835b1e314225b37aef8bfcec7d80920c4a460a3d68344ded75ed9ee867fa2a6945063894f563b68633b8b39f83a1aaaf5a96c7f422687e7c84cf8fb8cc5f4504dff087bcb26a95bbf8583f03b3a0e43a356b2bd7e25cdddf7a015300faecc6793c5ee99b6327cb8456e32d9115339d5a6b712b7f9d0301acb05133e3115e454d3a6dd24a1693c94aab5406504bf7 Msg = 8ab01510cfa33cfa5bcff003bba39996fa727693abf6ac010bb959b0b59a15306c0c3a1921af2a76717aa55b39fa3723f4c3229ca9acf6b741614bb551cde8a7220ab97d4b453bec1e05a0eaa42e382bbc7b9b84f8237dc8964ee5b66e9b2a4ca61cf675140efef54fb327a665def8d57ab097e8c53c643fcb58209c4215b608 X = 5f6e545daef6cd1b8d9848dd98758807236ac0b7ff053b32c703eaa3b1147557 Y = 41197ce2233d7e48c803cd64c78f657923b9e36b871401f8661c21d8ba38c6b9b3239db767b11d1d401e5faecbf7a45860cc5f1a54d60286b7d6e1c99fd5b8c84ed851c5357d41ad60163f224d78c996143fff89dd3a8fe123dae1f621427fd8cce76ed138d68fa248f374ae233249625b93f3dd5937d15e541b7effa4df4fea7d52faced615bfe0348418ff93e69a20a52e55c76cc30f307f84e71e4aabc0825eca3a95b4bd58ebfb0029d23a169e9d80ba7d1c5fd35395e6602e089aa9918f08bae35ae1cac7af33694129e98f0dadadd90eaeb6eed25024390b1a60af794734c397b0f509865b134b2867c115d6f489b6dd7e3c82994b45dce2a23c6bc902 K = 5fe61afddbdf04449b24295a52a1a037d3f31441a3cec138b7f0102db86ef132 R = 6a47ea57ceaecc116d7190ff6c6dd9831ab75b4bf6cb291083e4268b486ed245 S = 017355f698a32abe9a4d4a7dda7c85950cddc348ab8a6751e72fddc01aa5d1f0 [mod = L=3072, N=256, SHA-1] P = fd5a6c56dd290f7dd84a29de17126eb4e4487b3eff0a44abe5c59792d2e1200b9c3db44d528b9f7d2248032e4ba0f7bfc4fafc706be511db2276c0b7ecffd38da2e1c2f237a75390c1e4d3239cba8e20e55840ecb05df5f01a1b6977ad1906f2cb544ccfb93b901ad0966b1832ad2dab526244a3156c905c01ac51cb73b9dcd9860d56175a425d846485d9b1f44a8a0c2578e6cf61947bc1a1392fdd320b16a9d70455fe436f2d47ded8e8e605f7486eb578ea7fc4ffd13c07f9996af159fd411e9451403278dd1141a8c926b35c96384bbd6bee09c46f44c36b1ffc7197f5e925dbe0544a68e6ab8c18e426a466b392f9c27dd79fefa9ca163cc5a375539a8559f277f657a535d1964c6a5e91683ef5698ebaa01ef818dbf72cb04c3ff092d188866f25cd405108f566b087f73d2d5beb51fac6de84ae5161a66af9602c7e4bfc146f4820bdfc092faeac69133e4a08a5b202a12498a22e57bad54674ed4b510109d52b5f74e70e1f6f82161718cd4cf00cc9f1958acc8bddcdfbd1fbe46cd1 Q = 800000000000000000000000334a26dd8f49c6811ce81bb1342b06e980f64b75 G = 99ab030a21a5c9818174872167641c81c1e03c9b274cfbc27bc472542927766de5fa0539b3b73f3f16ac866a9aec8b445ded97fbff08834ed98c77e7fc89e5dc657bef766ff7fbf8e76873e17bee412762d56fe1141760ab4d25bafd4b6ef25b49a3506632d1f8e10770930760ec1325932c5a4baf9e90154264ddf442ec5c41fed95d11525151dbcfb3758149bad81c62b9cff7816b8f953b8b7c022590d1584e921dc955f5328ac72983ed5cf0d04056fe0d531e62f8f6c9ab3c0fcd44e14860b7311d2561c77c1d32f6c69dc8f77968c9d881ad9db5e0c114fda8628bca0335eb7fb9e15e625aabab58fc01194c81bf6fb2ce54077b82250e57c6a7b25deb6ee39d4b686a5c307a7612b2d85ee92512413dea297e44f317be7ceb70a3328af0b401001a418562b8ffe4e9771b4b4a8e0b40c791349d5d4e459fe620a1a2fc72e2f6ca28567d4c2632bbde1b49864c06bb12619f132c1da8f571ef613eac739f66ab3914cb3fa1ab86e05e5082ebaa24ebeea4cf51beefc27df512fe3fee7d Msg = ca84af5c9adbc0044db00d7acfb1b493aab0388ffbad47b38cd3e9e3111cfe2cda2a45f751c46862f05bdcec4b698adfd2e1606e484c3be4ac0c379d4fbc7c2cda43e922811d7f6c33040e8e65d5f317684b90e26387cf931fe7c2f515058d753b08137ff2c6b79c910de8283149e6872cb66f7e02e66f2371785129569362f1 X = 433cfd0532ccfd8cdd1b25920d2bb7396987b766240379035b0e86527ce9c52d Y = e7c2ee18c3aa362c0182c6a56c2584628083c73e045beda8d653690c9c2f6544edf9702c57c455273905336a5f5171107a313cd7d0b0f50f8d3342c60219f22a9023394059d05f464c4496d55dab6eb0898527ff4cf5678e7b5bfb5e18d92c4a9d73288cce14530fc4702f6d0397ec39a880c4a72d358730c56633386ede028023c1791f3164d1574e7823c79b8a3ca1343ea166ba6f02b7ff7e9ef2198db107f7cc159f3b6a1c00a78c355c566deb0ac6fde3f633cb9177a1fbc6c1766ca021d5fec470101abb440d2f06982181a8c92b7cdd765336b9a1e1ab70283d6db0a963fb648c37c4e29a74c37577291049ab47cdbc104c04db966681ea8ebb9f00cf4c4a5462117379575fbda4b801979451fa94b19b4e93656705c0f734f3e0914bb96c1e2b8a0fb68faf14296efdf3300ad95bcde8b67cc4b26e6488eef925cfaeac6f0d6567e8b41355f89d1c2b8fe687bfa2df5e287e1305b89b8c388c26196090ac0351abc561aadc797da8ccea4146c3e96095ebce353e0da4c55019052caa K = 40f503abd70fd49a76c67a83e08b062b3fd465ad92be433c080e5f295bb9f559 R = 21ca148cdf44be4ae93b2f353b8e512d03ad96dafa80623fde4922a95f032732 S = 73e48b77a3aa44307483c2dd895cb51db2112177c185c59cb1dcff32fda02a4f [mod = L=3072, N=256, SHA-224] P = f63b3cdd646d8e7ddb57216aa6eec2134d707488a1f29cfa9970645f1227ea5db2e318eea5da1687c7ed90509669345ed6134cff32203ab72aecbfa693d216aeb55d8d28a981f4abff07d1319a799be5dd746f84842817929c305b408598af12045daa2f1ccc8be4d81b513c630f017fec1658aca108a1af6120ec05e3018c4253c9dd35bce062b73d0f2a93d41c481a5c43bb97909682d39a9a60dc3c35e36375dec6ced0d2db3ba0d111bedea701a0e4753624977a9e75b70a74e2b81e38a52ab22da131b35416d3cec9663079746a763476e57598142e39861545daaf8d38a176f26c71f5afebd9c5620da80cf3452b55c37c661b4a1ec0351710b9de4a3cbe0b98b4d9ec89128d97aa7efb19db8ba43cc0be25c200f90e1506cb78ec0c336d7a95613d4204e8ed68d0f0a6c78420105a8d2d438fbd2551a64a1a0b03ffb878742f8c9979cfa87394150281998d51701d5fcfa9696a4989fd25f400955e626b1abe926c0afa69aa6981900effcdd030592f82b2042a47a9a5a8cb0283dc4d Q = 80000000ba4634b5fa4da054bd0ca48ae490e57711f381193842429159ba7ca1 G = 8ad4553c4e49aa24728ab5024417b132d2ca53a55d959458f2f759adb0435beeefa3a2cfcd0038e2420643fc4a4deeb5d9feaa1edf21193b40e14b42982a94f35c58b81147d7189d263c9b12fe63ab9fa5f6f03a2860c186432e3ab04f2ab0f2fb6147bd9bf7ed5d20713b9da21383e2c3a168e7d09d3d8a5a058fd23095b5acfeb864a3306be2425fa1ad32ad6d9382e603b03c68af4af0246397102c4155cba811abf99da7839e77b2eac9970588ca1d0a2361723a164ac9229c2e80dcfa8db4f9e29803effb3168c7fed7a3a6de40dda19a0536af9b5b7afaefb9c70d6ae8df12da658f6236043aea873db29ceb6f07d108f5225687bd0c30e3084e2090b45ae2f92a97b8ecb7a9705c4956b8b31c4a3d61107c84e47adda6c80d5d22dab3d859220f9d5aab13677ae3df168f0c176d176b54506c639853f04ddef2722f39c18e5ce426e14562ad8ff26247af88870efb72c0cce836de8fee67a662378245b502bf1f83099988a093ce7cdc81364c78b1f4a51b800df6137c71d65e6b089a Msg = 957973fc3f3fe3f559065be5d4a0c281cf17959018b9a670d2b3706d41d5812e37301005f8b70ebd2fba3c40a3f377a751b6cb9693e3cb00d92888247d07921d3c1e9257ce08733b8926e0df7bdb6e855f1f851075d4e628d110d42b643b54876e5faa3611477ee68371562555269ed62a9271bad50cc4d46038de2dd41920c2 X = 524a7ea5977f8102b3552930477f5f042401165d4637dcd8b9d13df4f3aae5d0 Y = 42243539e49db9ea19d98d97f6f2a94b23529812df889eaabcfeda01ce4c759487fb89bc82da75fe1c9134361f86de47d16d8eee80e56ac502178e8ed8129477af8bfbd8262c5edd937e1a86c0f0e7b2afe7bcbddfcb5814ced0b756a76ca178423bb4d578c5da183712d968582640aa0ec7e9fb56bfd960d7a57549747d8fb7ade47cfe816c1e57da6633dacc537de060813964bb5b2757a312f9da3d84e60aff98170051d3d90e380b8bcc1986c58ff9dc91e8827d4f9f5fc4b2b2e743cf9389ff02dec01f5d434b430d162e891c3355f91855339f8df58300e4c993ae4df8c4318b5c4bd05283ca4b46b7d2fb0f6476bf15907f50dd4141aa7acac9daa62eccd3a67357122060b6cece0446a93eb230ad93bc9a4d1b1efeeca1e3fc83c119785035b439509ffb7968b1a448b7bd8315753fdf04a256eca1562a11b096c90a36b353659cbde4420e17e90b94c43c7519c60641ceec056f897b97d6bb1861268e0dc79b7c3b6b7639c255bf06865737459126cb465bc1da4a043a1963da7d63 K = 29e4d7790e181b4767903fe0eb37757f33f13337c33588c1fdbfba0e655ab621 R = 2e59d5f30f73781d38255b70dedeeb38ae78df4f002c1f747c08deadc6530155 S = 615c55b2df0ca28c60a6b385c58fa036df8c4b2f4f1935730bf8f4f0bed13610 [mod = L=3072, N=256, SHA-256] P = c7b86d7044218e367453d210e76433e4e27a983db1c560bb9755a8fb7d819912c56cfe002ab1ff3f72165b943c0b28ed46039a07de507d7a29f738603decd1270380a41f971f2592661a64ba2f351d9a69e51a888a05156b7fe1563c4b77ee93a44949138438a2ab8bdcfc49b4e78d1cde766e54984760057d76cd740c94a4dd25a46aa77b18e9d707d6738497d4eac364f4792d9766a16a0e234807e96b8c64d404bbdb876e39b5799ef53fe6cb9bab62ef19fdcc2bdd905beda13b9ef7ac35f1f557cb0dc458c019e2bc19a9f5dfc1e4eca9e6d466564124304a31f038605a3e342da01be1c2b545610edd2c1397a3c8396588c6329efeb4e165af5b368a39a88e4888e39f40bb3de4eb1416672f999fead37aef1ca9643ff32cdbc0fcebe628d7e46d281a989d43dd21432151af68be3f6d56acfbdb6c97d87fcb5e6291bf8b4ee1275ae0eb4383cc753903c8d29f4adb6a547e405decdff288c5f6c7aa30dcb12f84d392493a70933317c0f5e6552601fae18f17e6e5bb6bf396d32d8ab9 Q = 876fa09e1dc62b236ce1c3155ba48b0ccfda29f3ac5a97f7ffa1bd87b68d2a4b G = 110afebb12c7f862b6de03d47fdbc3326e0d4d31b12a8ca95b2dee2123bcc667d4f72c1e7209767d2721f95fbd9a4d03236d54174fbfaff2c4ff7deae4738b20d9f37bf0a1134c288b420af0b5792e47a92513c0413f346a4edbab2c45bdca13f5341c2b55b8ba54932b9217b5a859e553f14bb8c120fbb9d99909dff5ea68e14b379964fd3f3861e5ba5cc970c4a180eef54428703961021e7bd68cb637927b8cbee6805fa27285bfee4d1ef70e02c1a18a7cd78bef1dd9cdad45dde9cd690755050fc4662937ee1d6f4db12807ccc95bc435f11b71e7086048b1dab5913c6055012de82e43a4e50cf93feff5dcab814abc224c5e0025bd868c3fc592041bba04747c10af513fc36e4d91c63ee5253422cf4063398d77c52fcb011427cbfcfa67b1b2c2d1aa4a3da72645cb1c767036054e2f31f88665a54461c885fb3219d5ad8748a01158f6c7c0df5a8c908ba8c3e536822428886c7b500bbc15b49df746b9de5a78fe3b4f6991d0110c3cbff458039dc36261cf46af4bc2515368f4abb7 Msg = cb06e02234263c22b80e832d6dc5a1bee5ea8af3bc2da752441c04027f176158bfe68372bd67f84d489c0d49b07d4025962976be60437be1a2d01d3be0992afa5abe0980e26a9da4ae72f827b423665195cc4eed6fe85c335b32d9c03c945a86e7fa99373f0a30c6eca938b3afb6dff67adb8bece6f8cfec4b6a12ea281e2323 X = 3470832055dade94e14cd8777171d18e5d06f66aeff4c61471e4eba74ee56164 Y = 456a105c713566234838bc070b8a751a0b57767cb75e99114a1a46641e11da1fa9f22914d808ad7148612c1ea55d25301781e9ae0c9ae36a69d87ba039ec7cd864c3ad094873e6e56709fd10d966853d611b1cff15d37fdee424506c184d62c7033358be78c2250943b6f6d043d63b317de56e5ad8d1fd97dd355abe96452f8e435485fb3b907b51900aa3f24418df50b4fcdafbf6137548c39373b8bc4ba3dabb4746ebd17b87fcd6a2f197c107b18ec5b465e6e4cb430d9c0ce78da5988441054a370792b730da9aba41a3169af26176f74e6f7c0c9c9b55b62bbe7ce38d4695d48157e660c2acb63f482f55418150e5fee43ace84c540c3ba7662ae80835c1a2d51890ea96ba206427c41ef8c38aa07d2a365e7e58380d8f4782e22ac2101af732ee22758337b253637838e16f50f56d313d07981880d685557f7d79a6db823c61f1bb3dbc5d50421a4843a6f29690e78aa0f0cff304231818b81fc4a243fc00f09a54c466d6a8c73d32a55e1abd5ec8b4e1afa32a79b01df85a81f3f5cfe K = 3d7c068a3978b2d8fe9034bcad65ad7c300c4440e4085de280e577eea72c1207 R = 53bae6c6f336e2eb311c1e92d95fc449a929444ef81ec4279660b200d59433de S = 49f3a74e953e77a7941af3aefeef4ed499be209976a0edb3fa5e7cb961b0c112 [mod = L=3072, N=256, SHA-384] P = a410d23ed9ad9964d3e401cb9317a25213f75712acbc5c12191abf3f1c0e723e2333b49eb1f95b0f9748d952f04a5ae358859d384403ce364aa3f58dd9769909b45048548c55872a6afbb3b15c54882f96c20df1b2df164f0bac849ca17ad2df63abd75c881922e79a5009f00b7d631622e90e7fa4e980618575e1d6bd1a72d5b6a50f4f6a68b793937c4af95fc11541759a1736577d9448b87792dff07232415512e933755e12250d466e9cc8df150727d747e51fea7964158326b1365d580cb190f4518291598221fdf36c6305c8b8a8ed05663dd7b006e945f592abbecae460f77c71b6ec649d3fd5394202ed7bbbd040f7b8fd57cb06a99be254fa25d71a3760734046c2a0db383e02397913ae67ce65870d9f6c6f67a9d00497be1d763b21937cf9cbf9a24ef97bbcaa07916f8894e5b7fb03258821ac46140965b23c5409ca49026efb2bf95bce025c4183a5f659bf6aaeef56d7933bb29697d7d541348c871fa01f869678b2e34506f6dc0a4c132b689a0ed27dc3c8d53702aa584877 Q = abc67417725cf28fc7640d5de43825f416ebfa80e191c42ee886303338f56045 G = 867d5fb72f5936d1a14ed3b60499662f3124686ef108c5b3da6663a0e86197ec2cc4c9460193a74ff16028ac9441b0c7d27c2272d483ac7cd794d598416c4ff9099a61679d417d478ce5dd974bf349a14575afe74a88b12dd5f6d1cbd3f91ddd597ed68e79eba402613130c224b94ac28714a1f1c552475a5d29cfcdd8e08a6b1d65661e28ef313514d1408f5abd3e06ebe3a7d814d1ede316bf495273ca1d574f42b482eea30db53466f454b51a175a0b89b3c05dda006e719a2e6371669080d768cc038cdfb8098e9aad9b8d83d4b759f43ac9d22b353ed88a33723550150de0361b7a376f37b45d437f71cb711f2847de671ad1059516a1d45755224a15d37b4aeada3f58c69a136daef0636fe38e3752064afe598433e80089fda24b144a462734bef8f77638845b00e59ce7fa4f1daf487a2cada11eaba72bb23e1df6b66a183edd226c440272dd9b06bec0e57f1a0822d2e00212064b6dba64562085f5a75929afa5fe509e0b78e630aaf12f91e4980c9b0d6f7e059a2ea3e23479d930 Msg = ed9a64d3109ef8a9292956b946873ca4bd887ce624b81be81b82c69c67aaddf5655f70fe4768114db2834c71787f858e5165da1a7fa961d855ad7e5bc4b7be31b97dbe770798ef7966152b14b86ae35625a28aee5663b9ef3067cbdfbabd87197e5c842d3092eb88dca57c6c8ad4c00a19ddf2e1967b59bd06ccaef933bc28e7 X = 6d4c934391b7f6fb6e19e3141f8c0018ef5726118a11064358c7d35b37737377 Y = 1f0a5c75e7985d6e70e4fbfda51a10b925f6accb600d7c6510db90ec367b93bb069bd286e8f979b22ef0702f717a8755c18309c87dae3fe82cc3dc8f4b7aa3d5f3876f4d4b3eb68bfe910c43076d6cd0d39fc88dde78f09480db55234e6c8ca59fe2700efec04feee6b4e8ee2413721858be7190dbe905f456edcab55b2dc2916dc1e8731988d9ef8b619abcf8955aa960ef02b3f02a8dc649369222af50f1338ed28d667f3f10cae2a3c28a3c1d08df639c81ada13c8fd198c6dae3d62a3fe9f04c985c65f610c06cb8faea68edb80de6cf07a8e89c00218185a952b23572e34df07ce5b4261e5de427eb503ee1baf5992db6d438b47434c40c22657bc163e7953fa33eff39dc2734607039aadd6ac27e4367131041f845ffa1a13f556bfba2307a5c78f2ccf11298c762e08871968e48dc3d1569d09965cd09da43cf0309a16af1e20fee7da3dc21b364c4615cd5123fa5f9b23cfc4ffd9cfdcea670623840b062d4648d2eba786ad3f7ae337a4284324ace236f9f7174fbf442b99043002f K = 40b5cc685c3d1f59072228af9551683b5b8c8ff65240114ad2dacfccf3928057 R = 7695698a14755db4206e850b4f5f19c540b07d07e08aac591e20081646e6eedc S = 3dae01154ecff7b19007a953f185f0663ef7f2537f0b15e04fb343c961f36de2 [mod = L=3072, N=256, SHA-512] P = c1d0a6d0b5ed615dee76ac5a60dd35ecb000a202063018b1ba0a06fe7a00f765db1c59a680cecfe3ad41475badb5ad50b6147e2596b88d34656052aca79486ea6f6ec90b23e363f3ab8cdc8b93b62a070e02688ea877843a4685c2ba6db111e9addbd7ca4bce65bb10c9ceb69bf806e2ebd7e54edeb7f996a65c907b50efdf8e575bae462a219c302fef2ae81d73cee75274625b5fc29c6d60c057ed9e7b0d46ad2f57fe01f823230f31422722319ce0abf1f141f326c00fbc2be4cdb8944b6fd050bd300bdb1c5f4da72537e553e01d51239c4d461860f1fb4fd8fa79f5d5263ff62fed7008e2e0a2d36bf7b9062d0d75db226c3464b67ba24101b085f2c670c0f87ae530d98ee60c5472f4aa15fb25041e19106354da06bc2b1d322d40ed97b21fd1cdad3025c69da6ce9c7ddf3dcf1ea4d56577bfdec23071c1f05ee4077b5391e9a404eaffe12d1ea62d06acd6bf19e91a158d2066b4cd20e4c4e52ffb1d5204cd022bc7108f2c799fb468866ef1cb09bce09dfd49e4740ff8140497be61 Q = bf65441c987b7737385eadec158dd01614da6f15386248e59f3cddbefc8e9dd1 G = c02ac85375fab80ba2a784b94e4d145b3be0f92090eba17bd12358cf3e03f4379584f8742252f76b1ede3fc37281420e74a963e4c088796ff2bab8db6e9a4530fc67d51f88b905ab43995aab46364cb40c1256f0466f3dbce36203ef228b35e90247e95e5115e831b126b628ee984f349911d30ffb9d613b50a84dfa1f042ba536b82d5101e711c629f9f2096dc834deec63b70f2a2315a6d27323b995aa20d3d0737075186f5049af6f512a0c38a9da06817f4b619b94520edfac85c4a6e2e186225c95a04ec3c3422b8deb284e98d24b31465802008a097c25969e826c2baa59d2cba33d6c1d9f3962330c1fcda7cfb18508fea7d0555e3a169daed353f3ee6f4bb30244319161dff6438a37ca793b24bbb1b1bc2194fc6e6ef60278157899cb03c5dd6fc91a836eb20a25c09945643d95f7bd50d206684d6ffc14d16d82d5f781225bff908392a5793b803f9b70b4dfcb394f9ed81c18e391a09eb3f93a032d81ba670cabfd6f64aa5e3374cb7c2029f45200e4f0bfd820c8bd58dc5eeb34 Msg = 494180eed0951371bbaf0a850ef13679df49c1f13fe3770b6c13285bf3ad93dc4ab018aab9139d74200808e9c55bf88300324cc697efeaa641d37f3acf72d8c97bff0182a35b940150c98a03ef41a3e1487440c923a988e53ca3ce883a2fb532bb7441c122f1dc2f9d0b0bc07f26ba29a35cdf0da846a9d8eab405cbf8c8e77f X = 150b5c51ea6402276bc912322f0404f6d57ff7d32afcaa83b6dfde11abb48181 Y = 6da54f2b0ddb4dcce2da1edfa16ba84953d8429ce60cd111a5c65edcf7ba5b8d9387ab6881c24880b2afbdb437e9ed7ffb8e96beca7ea80d1d90f24d546112629df5c9e9661742cc872fdb3d409bc77b75b17c7e6cfff86261071c4b5c9f9898be1e9e27349b933c34fb345685f8fc6c12470d124cecf51b5d5adbf5e7a2490f8d67aac53a82ed6a2110686cf631c348bcbc4cf156f3a6980163e2feca72a45f6b3d68c10e5a2283b470b7292674490383f75fa26ccf93c0e1c8d0628ca35f2f3d9b6876505d118988957237a2fc8051cb47b410e8b7a619e73b1350a9f6a260c5f16841e7c4db53d8eaa0b4708d62f95b2a72e2f04ca14647bca6b5e3ee707fcdf758b925eb8d4e6ace4fc7443c9bc5819ff9e555be098aa055066828e21b818fedc3aac517a0ee8f9060bd86e0d4cce212ab6a3a243c5ec0274563353ca7103af085e8f41be524fbb75cda88903907df94bfd69373e288949bd0626d85c1398b3073a139d5c747d24afdae7a3e745437335d0ee993eef36a3041c912f7eb58 K = b599111b9f78402cefe7bde8bf553b6ca00d5abaf9a158aa42f2607bf78510bc R = a40a6c905654c55fc58e99c7d1a3feea2c5be64823d4086ce811f334cfdc448d S = 6478050977ec585980454e0a2f26a03037b921ca588a78a4daff7e84d49a8a6c nss-3.35/nss/cmd/bltest/tests/dsa/key00000644000000000000000000000053413230126417015745 0ustar 00000000000000AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc xC6fb0ZLCIzFcq9T5teIAgAAAEAZExhx11sWEqgZ8p140bDXNG96p3u2KoWb/WxW ddqdIS06Nu8Wcu9mC4x8JVzA7HSFj7oz9EwGaZYwp2sDDuMzAAAAFCBwsyI9ujcv 3hwP/HsuO0mLJgYU nss-3.35/nss/cmd/bltest/tests/dsa/key10000644000000000000000000000114413230126417015744 0ustar 00000000000000AAAAgKj5zSAeXjXYkvhfgOTbJZmlZ2o7HU8ZAzDtMlaybQ6AoOSaj/+qrSok9HLS VzJB1NbWx0gMgLTGe7RHnBWtp+qEJNJQL6AUcudgJBcT2rAlrhsC4XA6FDX2Ld9O 5MG2ZAZusi8uO/KLtwoqduT9Xr4tEiloG1sGQ5rJx+nYveKDAAAAFPhfD4OsTffq DN+PRpv+6uoUFWSVAAAAgCsxUv9sYvFGIrj0jln4r0aIOzjnm4x03urp3xMfi4Vu OtbIRV2rh8wNqKyXNBfOT3h4VX1s30CzW0oMo+sxDGqV1ozihK1OJeooWRYR7gi4 REvWSyXz98VyQQ3fs5zHKLnJNvhfQZEphpkpzbkJpqOpm74IkhY2gXG9C6gd5P4z AAAAgDE/2evKkVdOHC7r4VF8V+DCGwIJhyFAxTKHYbuyRQsz8bGLQJzpq3xM2P2j OR6ONIaDV8GZ4WprLroG1nSd73kdeeldOk0Jskw5KtidvxAJla4ZwBBiBWuxS84A Xocx794XX5W5dQib3NrqVisyeG2W9aMa7fdTZACK1P/+u5cLAAAAFMU+rm1FMjFk x9B69XFXA3RKY/w6 nss-3.35/nss/cmd/bltest/tests/dsa/key100000644000000000000000000000221413230126417016023 0ustar 00000000000000AAABAL/r0ACy1s1Ks477o13zNN9yHWwvKz2VZnnLrQCfPfvQApUsyJnMI1bsh2m9 PRulpzAjcpiI2pLKSKXulMl/TwSi46y08zovD7N4PDHyxw+nxw84IUon2t7IsS5n mWqehe47sUiAMTAUc5LcUlPATXBjU15s1ka/sYaYTgi1i3SnvlszO/MrCr/VZlNg 6akjoMUo/xxixyU0WPVnhShxnUNuUBSHQfRdx90sbKxxxVIx8SqD/v0u0KM+3huK UfVm/PeJBoLNwZMdwgfJK/LvTiirMWYe63fxYB7qlByVkfA40/ANkShX2wXmSyrV aTIAYcb4Y/8zVNhC5+fqcVr++NEAAAAcqpht+KBkJ46TYzFqmDC8+kkGVvqm1dqo F9h5SQAAAQCBla2aR4/ZhSFu5YNoNm0u3RPBKz1iI5Fp+gQtkRVkCLSDEi9E7WI2 uDCKbNtS+a896I7IngOa+tfaOqZsGXYEmo4KfRjVZ7r5n87+MVytoBVIOGsQsl5S 9S7XjrTSgILl4f/ulIDE/izEqv0e/J1P0sxtFVlokxJx7xWzJA5/sEOoDI9ii+/g nWRQd8ECnSHgrIvwupwncU0bWA7eWUqgGzt29udF/B7AfbN+L9fpjGyMaRUijkIs MJ3p9dsWj1AknRvh7TKYCQgI4uu4lrt5uMTL+U1MIGTjfmErpESdesIQ7d4hFBbW SwUd2ARqsEFzJmVBGn8VTTGz4RpR2n/AAAABAK9nIb913saht2rTXKN1De8xEXxb RBwVowaDWh23TAA7hq6Qmev7dFsKqcsADPQ/sCFRO48Ze8hlsiv5SbSRgJrXUv/B yo5UvqFtx/U55MVftwp3Q90o8mL2DvDy/KrCnoAhp5OMGP/gMHXQt+CitNyr5G7R lT0z438ROvUZqwvwthhsErX2SIQ39RkwluL9amoYNWBHlMZrQq5SZcHPHLU66EmX l14DGKk85B45AuTvVN48VlVb0ZSRrNU/PldGTh9GA4nbxfqAZI+lpaDylW6ew7jc RBtTXGQcNi7tdw2oKGSb/RRkcrD0akwGTkWfiL/5De3n7FYXeppx0WeUhxIAAAAc altP/EQjjRhS+5t05MFmG+hZhAQ8/u4CP1fKxg== nss-3.35/nss/cmd/bltest/tests/dsa/key110000644000000000000000000000222413230126417016025 0ustar 00000000000000AAABAMGlnSFVc5SeCyCpdMLt8uMTf/JGMGL3Xx0T3xKroQdrstATQCtgr2wYf7D6 NiFnyXbCYXxyb5B38J4YwRtg9lAIglvWwCofV9PrCtQc1UfeQ9h/JSX5cdQrMGUG 58oDvmOzX0raFy0KBpJEQKFCUNeCKsLVrq/tRhnnnUFYp9XrLZ8CPbGBqPCUssbL h8uFNUFqwZgT8HFEZgxVd0X0SgHGsQKQksEpsNJxg+gsWiGoAXfudHbrlcRm+0cr 09LcKGziWEfpPL+prTnMVwNdDHtkuSapx/WnsrxavL+9wLDj/t48HgLESvyK78eV faB6Dl/RIznbhmdhb2IobfgNWKsAAAAggAAAAAAAAAAAAAAAG9YsZei4fIl5f48M v6VeSmgQ4scAAAEArqWHh0DxQk08bqnGtHmWFdJ0kpihfiYgf3bO80Dd05Dhsa1r bAAQrQFaEDNC3dRSysAks25C2bjtUvr656HTzp5LIfkQ0TVusWOj5agYTHgb8USS r6LksKVtiIT9AaYouWYnOcQuXFeVreL18n5t4dljkXzogG/EDQIc2HqjqjqeTwws TEXSlZsleLL7GiIpw34YEFm51ee3hi+oLiN3pJ7Q+dyoIKWBQHndZhBxTvr4sMxo PY5y5MiE5vnUlGs+jUy7kq2759TEfMML5/jDfKgYg6GqxoYAWf9GQKKcyuc94gsS 5jsAqIsu6bqUt160CmVuFdnsg3MchdDv/LnvnwAAAQCIDhfEroFBdQYJ2CUcC716 z20LRg7TaI6aX5kObEtbAIddp1DgIooEECo19X50uNL5tpUPDR240wLFyQpbh4ao LGj/WxelenWElsX4BT5EhKJT2ZQiBNmhEJ9L0qPsMRpgz2nGhbWG2Yb1ZdM9v1qr cJHjGqQQLE9LU/v4ctcAFWRltsB15/d4RxojUC3A/uQbJxyDehwmaRaZ81UNBgoz EJn2SDfN3sacrr9Rv07J828qIg/nc8tNPALQRG3dRhM1Mu8cPGnUMuMDUCvQWnUn mngJp0KsSnhysH8ZCGVASUGTUON6lfLvMzYdjYc21Ag9wUwLuXLhTUx7l/Pd/Mrv AAAAIFpC53JINY8GrpgKLGT2oivqK/e0/AAVdFBTxDK3Eypn nss-3.35/nss/cmd/bltest/tests/dsa/key120000644000000000000000000000222413230126417016026 0ustar 00000000000000AAABANAiduvzwi/9ZmmDGDpHrpTJvMvL+V3ctJHR985kNUkZmZLTfHnnsDLSbtAx trpEifMSWCb6+ycmqYMz69mr3eWS2Gk9mFlTbZzDhBodJOBE01rO1hNiVvxta2Fc 9PQWOqOB6ytMSAglqOzMVtjdz1/mN+OK2bKXS9LPaL8nHg0GfSRlqLa2YFJPAIJZ iUWtpY6mSbmATrR1NAjCxZdoxGq7guMpXz2cpGn4TMGH9XLcS1o7OTRuyDnfrW8H 1tHw4hUgm7DswFx2fPLnlDrJz7Au7h6e9ZRujOiDFrXhX9z5WhMu8uS7CBcTZSjP pd2WUy+cOr5cQhYg7ba8vVIjTKkAAAAggAAAABKZfoKF5AiXCPUoBwxtevigvQFA nnoHnNtvxbsAAAEAd4RTBJ7yYhR/7XtZsO5nZGB8Uee1tfxv6np6ex3Wuyg/Sprp jv05ZLFVZ1jLFbKlOvhhnnTYWJi+x307PzgklK5ZYaE//HRdo4YYIpFRmAD5ndcQ 4ArrFa3uCI4nmO4uRvWYUmzw9GZwVdG6AJdQBB3FzdJyX/HZfdNAyFGK92cbh9Od Z67O2Etm+E4HAe/IKlye+VTuV20kw4WxTWMDfw2Gb9QktJdb3VSF7XQMuTLoQ/kG aD98eyx0d12QHDYbhHtRnA2mmWONpAvXNreD0nELLCzCbvkScb9OLBkp+HbpAuIF cWQiO8eNaiufbAx6fLhZIvfWxCh64jhh+BKISAAAAQB7sx6Yx6BDf5eKc9Xc+9+7 Ccwkmd+vHrUla8zWNYyrtfZ9BKQoI0Y7fpV/K5IT8fqOWpjWFEhHAau4x9Z2Qf5u 0G+kUntJPdqy50ZA/ePecNppPx2yuOJkFwQK8O6myrRRp5WlLhh9LuJBuT9lyGxt ZvRYNMzhZaxetnDU8AlcI86XV+O9xjb5ke4Ac9kKCSAu2zXMPqHPmtyhYX+gv/2c EmIppgSh079JMd3wuZQt/IovjAn8yXAyVkp5rh6+Hizkn/V4OefEP6YLFgPRWkUI mKpOSh7oBleUEm1k8BM2cJaoNoa58VjDOxD187Ns8fY1iz80+EsQHcJtPbaLzJXI AAAAIGuoHmzUNneYqquLevETUYOjfEKnZtvWjNLc548mcO8P nss-3.35/nss/cmd/bltest/tests/dsa/key130000644000000000000000000000222413230126417016027 0ustar 00000000000000AAABAKittsC0z5WIAS5d7/GocdOD4OKoW16OA9gU/hOgWXBeZjIwo3e/cyOo+hFx ACAL/VrfhXOTsLvWeQbAgeWFQQ44SA6tUWhNrDo497ZMnrEJ8Zc5pFF819XWKR6K 8go/vxczbHv4DucY7gh+Mi7kEEfavvvMNNELZrZE3bMWCijAY5Vj1xmTomVD6tt3 GPMXv12Vd6YVZWGwgqEAKc1EASsY3mhEUJ/gWLqHmAeSKF8nUJaf6Jws1kmNs1RW ONU3nRJdzPZOBsGvM6YZCEHSI9oVEzM6fJ14Riq6qzG5+W1fNERc62MJ8vbSyN3g ZEHoeYDTA++aH/AH6L4vC+BswV8AAAAg5x+FZ0R/QudfXvhcog/lV6sDQ9N+0J7c P25oYE1rnfsAAAEAW6JN6WB7iZjmbObE+BKjFMaTWEL3q1TNgrGfoQSr+12EV5pi OyV0s30izK6bPkFeSPXA+by9/4Bx1jubuVblR686jfmeXTBhl5ZS/5a3Zcs+5JNk NUTHXb5bs5g0UxlSoPtLA3iz/LtMi1gApTMDkqKgTnALtu1+C4V5XqOLG5YnQbPz O53eL07BNU8J4ut46V8DelgEthcWWfiHFc4amwzJDCfzXvLxD/DHx6K7AVTZuOvn aj12Sqh5rzcvQkDeg0eTflqQzsn0H/Lya42pqUoiXRqRNxfXPxA5fSGD8bo7e0Wm jx/xiTyvaagngC97akjVHab777ZP2abFt1xFYQAAAQBaVdzt3RE07l8R7YXetNY0 o2Q/XzbcOnBoklZGmgtlGtIogPFKuFcZQ0+cDkB+YOpCDioM0pQixImcQWNZ27Hl kkVvKzzOIzJZwRdUL9BfMeolsBXZEhyJC5DgutAzvhNo0imYWqxyJtHIwuqzJe87 LNWdO59959vJSvGpM560MMo2wmxG7PpsVIFxFJb2JOGIrXVA713yb476y4IL0Xof YYrLUMm8GX1Mt8ysRdgko795XCNLVWsGrrkpFzRTJSCEAD9p/pgEX+dAArplj5NH ViL3Z5HZsmI9G1//LMFoRHRu/S0wpqgTS/xMjMgKRhB5AfuXPCj8VTEw8yhsFIna AAAAIERpaQJURiR/hP3qdNAtfdE2crLet8CFvhERFEGVWjd7 nss-3.35/nss/cmd/bltest/tests/dsa/key140000644000000000000000000000222413230126417016030 0ustar 00000000000000AAABAKYWfBb/904pNCuFhq7TzYlvexY1oihv8W/f9BoGMXymsFyiunwGCtbbFWFi HMsMQLhqA2Gb//MuIEy9kLedy1+G67ST470ZiNgJf6I/pNePs83csAxGZCPY+nGY c8N2Rf5O7MVxcbvt/lb6lHTJY4W4ujeMeZcteqrmmiumTN6OVlTw97dFUM00R+ek cqM7QDfbRo3eMcNIqiXoK3/EG4N/f8ImphA5ZuzY+dFMLTFJVW1Dgp8TdFG40g+F ILDOjj1wX3TQpX6ocsK97pcU4LY5Bs3f3Ci2d30ZMlAA+O1SeOxdkS0QIQkxnLo7 ZGnUZykJtPDb7sC7tjS1UboM8hMAAAAghCdSkETSFMB1dPezWcLgHCP9l3AbMorI wThbgcU3OJUAAAEAb8IyQVwxIAz1I680g/jias6AjS8caouGOrBCzH9rcUSy05Ry w8tMdoHQcyhDUD2PhYy+R25nQDJKqilZUBBZeMM1BpuRn/mm/0tBBYG4BxL+XT4E 3bTf0m1ef7yisMUtjUBDQ9V7L5sqJtqn7OMM6rnheJ+XUaqpOHBJllrzJlDGyls3 SlrnCz+Y4FP1GFfWu7F6Zw5uqviYRNZB4eE9Whsk0FPca4/RAcYkeGlRkn5CYxCr qUmKAEKz3Hu8WdcF+A2bgH3kFffpTFz514mZLTu4M20dgIy4a1bd4J2TS7UnAzki 3hS/MHN2q30i+81hb57aR5qyFKF4UL3QgCqHHAAAAQBcpxUbyg5Fe7xG9Z9x2Bqx ZojcDrfk0XsWbDMmxbEsW967NhMiTRp1QCPFC4PLXswTkJbO8okzs7EsoxA45AiT g1l8WcwnuQK+XaYsrn2l9K+Q6UEO0WBAguLjjiXrC3jfrArrKtOxncI1OdK811Xb HMbJgFp90QnhyYZnpbnVKyHCdyEhuNDSskbl/T2oByjoW78NcGfRxrqmQ5Sinn/L +AhCvUqwKzXYP1mAWhBOC9adAHmgZfWePm8hVzoA2pkLcupTf6mMqqCliACn56Bi PiY9T8pl67jt7Ubv3+fbksnr04Bi2PElNPAVsYYYbuI2HWLCTk8is+ldoPkGLOBN AAAAIEWesViOn33U8oZnenQVyyWhtG56fPrcikUQA4PiDaad nss-3.35/nss/cmd/bltest/tests/dsa/key150000644000000000000000000000222413230126417016031 0ustar 00000000000000AAABAPY9o76alhYZbGVW885v2LmL3akTdHPaRv7ZcOK40Uc4eoGSIGXVKKfWQz68 XjWxXGfqNaWlv/W5zvHNHm/jHdpSg42jqom5tOjZ08BzLMxPI4zhtBbEypPyxoAO X07UHE92Fc7FUxuYaAsg3GP3PnDYA6rPrs4z1F+g4513yFCCCVKLkEa1kXAQeRI0 OX5BLSK8C41ny9HNKKMsJGCgvYaqug7qgOFuMkVkMXHjQiF2DCA6VrggehAJ5sGi 9s2oX4XE+eQQuUmSM8DuBy5GWvT7T7koLFwQ6CNP1jDqkvCq5rl6Ug2zRHVwe3mk wXUmXANWzLyoJ+ODffPW0FdtkHkAAAAgm3Rj+CafC5CavtEJkWhPNqZKyGTg1tcX wO8hV3pMOQcAAAEAlyp19gboqjqR/wj9Exog9ZYyUTBOPRQxtxL6CAPVJ/1xD7fr J+UpBJcc1DypdxmaJNvutLe8K6B107cutrLFrY8Oi49IxQtVTH4HEfTHQWMwgGZy SY9DApJyS/mKjqSMf1PXsx2LdSixpvCH0sJ8M1ICg1seMUIls3rvi/zsfYCSDEpG Cj1oNE3tde2e6Gf6KmlFBjiU9WO2hjO4s5+DoaqvWpbH9CJofnyEz4+4zF9FBN/w h7yyapW7+Fg/A7Og5Do1ayvX4lzd33oBUwD67MZ5PF7pm2Mny4RW4y2RFTOdWmtx K3+dAwGssFEz4xFeRU06bdJKFpPJSqtUBlBL9wAAAQBBGXziIz1+SMgDzWTHj2V5 I7nja4cUAfhmHCHYujjGubMjnbdnsR0dQB5frsv3pFhgzF8aVNYChrfW4cmf1bjI TthRxTV9Qa1gFj8iTXjJlhQ//4ndOo/hI9rh9iFCf9jM527RONaPokjzdK4jMkli W5Pz3Vk30V5UG37/pN9P6n1S+s7WFb/gNIQY/5PmmiClLlXHbMMPMH+E5x5Kq8CC Xso6lbS9WOv7ACnSOhaenYC6fRxf01OV5mAuCJqpkY8IuuNa4crHrzNpQSnpjw2t rdkOrrbu0lAkOQsaYK95RzTDl7D1CYZbE0soZ8EV1vSJtt1+PIKZS0Xc4qI8a8kC AAAAIF9uVF2u9s0bjZhI3Zh1iAcjasC3/wU7MscD6qOxFHVX nss-3.35/nss/cmd/bltest/tests/dsa/key160000644000000000000000000000324413230126417016035 0ustar 00000000000000AAABgP1abFbdKQ992Eop3hcSbrTkSHs+/wpEq+XFl5LS4SALnD20TVKLn30iSAMu S6D3v8T6/HBr5RHbInbAt+z/042i4cLyN6dTkMHk0yOcuo4g5VhA7LBd9fAaG2l3 rRkG8stUTM+5O5Aa0JZrGDKtLatSYkSjFWyQXAGsUctzudzZhg1WF1pCXYRkhdmx 9EqKDCV45s9hlHvBoTkv3TILFqnXBFX+Q28tR97Y6OYF90hutXjqf8T/0TwH+Zlq 8Vn9QR6UUUAyeN0RQajJJrNcljhLvWvuCcRvRMNrH/xxl/XpJdvgVEpo5quMGOQm pGazkvnCfdef76nKFjzFo3VTmoVZ8nf2V6U10ZZMal6RaD71aY66oB74GNv3LLBM P/CS0YiGbyXNQFEI9Wawh/c9LVvrUfrG3oSuUWGmavlgLH5L/BRvSCC9/Akvrqxp Ez5KCKWyAqEkmKIuV7rVRnTtS1EBCdUrX3TnDh9vghYXGM1M8AzJ8ZWKzIvdzfvR ++Rs0QAAACCAAAAAAAAAAAAAAAAzSibdj0nGgRzoG7E0KwbpgPZLdQAAAYCZqwMK IaXJgYF0hyFnZByBweA8mydM+8J7xHJUKSd2beX6BTmztz8/FqyGaprsi0Rd7Zf7 /wiDTtmMd+f8ieXcZXvvdm/3+/jnaHPhe+5BJ2LVb+EUF2CrTSW6/Utu8ltJo1Bm MtH44Qdwkwdg7BMlkyxaS6+ekBVCZN30QuxcQf7ZXRFSUVHbz7N1gUm62Bxiuc/3 gWuPlTuLfAIlkNFYTpIdyVX1MorHKYPtXPDQQFb+DVMeYvj2yas8D81E4UhgtzEd JWHHfB0y9sadyPd5aMnYga2dteDBFP2oYovKAzXrf7nhXmJaq6tY/AEZTIG/b7LO VAd7giUOV8ansl3rbuOdS2hqXDB6dhKy2F7pJRJBPeopfkTzF75863CjMorwtAEA GkGFYrj/5Ol3G0tKjgtAx5E0nV1ORZ/mIKGi/HLi9sooVn1MJjK73htJhkwGuxJh nxMsHaj1ce9hPqxzn2arORTLP6GrhuBeUILrqiTr7qTPUb7vwn31Ev4/7n0AAAGA 58LuGMOqNiwBgsalbCWEYoCDxz4EW+2o1lNpDJwvZUTt+XAsV8RVJzkFM2pfUXEQ ejE819Cw9Q+NM0LGAhnyKpAjOUBZ0F9GTESW1V2rbrCJhSf/TPVnjntb+14Y2SxK nXMojM4UUw/EcC9tA5fsOaiAxKctNYcwxWYzOG7eAoAjwXkfMWTRV054I8ebijyh ND6hZrpvArf/fp7yGY2xB/fMFZ87ahwAp4w1XFZt6wrG/eP2M8uRd6H7xsF2bKAh 1f7EcBAau0QNLwaYIYGoySt83XZTNrmh4atwKD1tsKlj+2SMN8TimnTDdXcpEEmr R828EEwE25ZmgeqOu58Az0xKVGIRc3lXX72kuAGXlFH6lLGbTpNlZwXA9zTz4JFL uWweK4oPto+vFClu/fMwCtlbzei2fMSybmSI7vklz66sbw1lZ+i0E1X4nRwrj+aH v6LfXih+EwW4m4w4jCYZYJCsA1GrxWGq3Hl9qMzqQUbD6WCV6841Pg2kxVAZBSyq AAAAIEM8/QUyzP2M3Rslkg0rtzlph7dmJAN5A1sOhlJ86cUt nss-3.35/nss/cmd/bltest/tests/dsa/key170000644000000000000000000000324413230126417016036 0ustar 00000000000000AAABgPY7PN1kbY5921chaqbuwhNNcHSIofKc+plwZF8SJ+pdsuMY7qXaFofH7ZBQ lmk0XtYTTP8yIDq3Kuy/ppPSFq61XY0oqYH0q/8H0TGaeZvl3XRvhIQoF5KcMFtA hZivEgRdqi8czIvk2BtRPGMPAX/sFlisoQihr2Eg7AXjAYxCU8ndNbzgYrc9DyqT 1BxIGlxDu5eQloLTmppg3Dw142N13sbO0NLbO6DREb7epwGg5HU2JJd6nnW3CnTi uB44pSqyLaExs1QW087JZjB5dGp2NHbldZgULjmGFUXar404oXbybHH1r+vZxWIN qAzzRStVw3xmG0oewDUXELneSjy+C5i02eyJEo2Xqn77GduLpDzAviXCAPkOFQbL eOwMM216lWE9QgTo7WjQ8KbHhCAQWo0tQ4+9JVGmShoLA/+4eHQvjJl5z6hzlBUC gZmNUXAdX8+paWpJif0l9ACVXmJrGr6SbAr6aappgZAO/83QMFkvgrIEKkeppajL AoPcTQAAACCAAAAAukY0tfpNoFS9DKSK5JDldxHzgRk4QkKRWbp8oQAAAYCK1FU8 TkmqJHKKtQJEF7Ey0spTpV2VlFjy91mtsENb7u+jos/NADjiQgZD/EpN7rXZ/qoe 3yEZO0DhS0KYKpTzXFi4EUfXGJ0mPJsS/mOrn6X28DooYMGGQy46sE8qsPL7YUe9 m/ftXSBxO52iE4Piw6Fo59CdPYpaBY/SMJW1rP64ZKMwa+JCX6GtMq1tk4LmA7A8 aK9K8CRjlxAsQVXLqBGr+Z2ng553surJlwWIyh0KI2FyOhZKySKcLoDc+o20+eKY A+/7MWjH/tejpt5A3aGaBTavm1t6+u+5xw1q6N8S2mWPYjYEOuqHPbKc628H0Qj1 IlaHvQww4whOIJC0WuL5Kpe47LepcFxJVrizHEo9YRB8hOR63abIDV0i2rPYWSIP nVqrE2d6498WjwwXbRdrVFBsY5hT8E3e8nIvOcGOXOQm4UVirY/yYkeviIcO+3LA zOg23o/uZ6ZiN4JFtQK/H4MJmYigk8583IE2THix9KUbgA32E3xx1l5rCJoAAAGA QiQ1OeSdueoZ2Y2X9vKpSyNSmBLfiJ6qvP7aAc5MdZSH+4m8gtp1/hyRNDYfht5H 0W2O7oDlasUCF46O2BKUd6+L+9gmLF7dk34ahsDw57Kv57y938tYFM7Qt1anbKF4 Qju01XjF2hg3EtloWCZAqg7H6ftWv9lg16V1SXR9j7et5Hz+gWweV9pmM9rMU33g YIE5ZLtbJ1ejEvnaPYTmCv+YFwBR09kOOAuLzBmGxY/53JHogn1Pn1/EsrLnQ8+T if8C3sAfXUNLQw0WLokcM1X5GFUzn431gwDkyZOuTfjEMYtcS9BSg8pLRrfS+w9k dr8VkH9Q3UFBqnrKydqmLszTpnNXEiBgts7OBEapPrIwrZO8mk0bHv7soeP8g8EZ eFA1tDlQn/t5aLGkSLe9gxV1P98EolbsoVYqEbCWyQo2s1NlnL3kQg4X6QuUxDx1 GcYGQc7sBW+Je5fWuxhhJo4Nx5t8O2t2OcJVvwaGVzdFkSbLRlvB2koEOhlj2n1j AAAAIFJKfqWXf4ECs1UpMEd/XwQkARZdRjfc2LnRPfTzquXQ nss-3.35/nss/cmd/bltest/tests/dsa/key180000644000000000000000000000324413230126417016037 0ustar 00000000000000AAABgMe4bXBEIY42dFPSEOdkM+Tiepg9scVgu5dVqPt9gZkSxWz+ACqx/z9yFluU PAso7UYDmgfeUH16Kfc4YD3s0ScDgKQflx8lkmYaZLovNR2aaeUaiIoFFWt/4VY8 S3fuk6RJSROEOKKri9z8SbTnjRzedm5UmEdgBX12zXQMlKTdJaRqp3sY6dcH1nOE l9Tqw2T0eS2XZqFqDiNIB+lrjGTUBLvbh245tXme9T/my5urYu8Z/cwr3ZBb7aE7 nvesNfH1V8sNxFjAGeK8Gan138Hk7Knm1GZWQSQwSjHwOGBaPjQtoBvhwrVFYQ7d LBOXo8g5ZYjGMp7+tOFlr1s2ijmojkiI459Auz3k6xQWZy+Zn+rTeu8cqWQ/8yzb wPzr5ijX5G0oGpidQ90hQyFRr2i+P21WrPvbbJfYf8teYpG/i07hJ1rg60ODzHU5 A8jSn0rbalR+QF3s3/KIxfbHqjDcsS+E05JJOnCTMxfA9eZVJgH64Y8X5uW7a/OW 0y2KuQAAACCHb6CeHcYrI2zhwxVbpIsMz9op86xal/f/ob2Hto0qSwAAAYARCv67 Esf4YrbeA9R/28Mybg1NMbEqjKlbLe4hI7zGZ9T3LB5yCXZ9JyH5X72aTQMjbVQX T7+v8sT/ferkc4sg2fN78KETTCiLQgrwtXkuR6klE8BBPzRqTturLEW9yhP1NBwr Vbi6VJMrkhe1qFnlU/FLuMEg+7nZmQnf9epo4Us3mWT9Pzhh5bpcyXDEoYDu9UQo cDlhAh571oy2N5J7jL7mgF+icoW/7k0e9w4CwaGKfNeL7x3Zza1F3enNaQdVBQ/E Zik37h1vTbEoB8zJW8Q18Rtx5whgSLHatZE8YFUBLeguQ6TlDPk/7/Xcq4FKvCJM XgAlvYaMP8WSBBu6BHR8EK9RP8NuTZHGPuUlNCLPQGM5jXfFL8sBFCfL/PpnsbLC 0apKPacmRcscdnA2BU4vMfiGZaVEYciF+zIZ1a2HSKARWPbHwN9ajJCLqMPlNoIk KIhse1ALvBW0nfdGud5aeP47T2mR0BEMPL/0WAOdw2Jhz0avS8JRU2j0q7cAAAGA RWoQXHE1ZiNIOLwHC4p1GgtXdny3XpkRShpGZB4R2h+p8ikU2AitcUhhLB6lXSUw F4Hprgya42pp2HugOex82GTDrQlIc+blZwn9ENlmhT1hGxz/FdN/3uQkUGwYTWLH AzNYvnjCJQlDtvbQQ9Y7MX3lblrY0f2X3TVavpZFL45DVIX7O5B7UZAKo/JEGN9Q tPza+/YTdUjDk3O4vEuj2rtHRuvRe4f81qLxl8EHsY7FtGXm5MtDDZwM542lmIRB BUo3B5K3MNqaukGjFpryYXb3Tm98DJybVbYrvnzjjUaV1IFX5mDCrLY/SC9VQYFQ 5f7kOs6ExUDDunZiroCDXBotUYkOqWuiBkJ8Qe+MOKoH0qNl5+WDgNj0eC4irCEB r3Mu4idYM3slNjeDjhb1D1bTE9B5gYgNaFVX99eabbgjxh8bs9vF1QQhpIQ6bylp DniqDwz/MEIxgYuB/EokP8APCaVMRm1qjHPTKlXhq9Xsi04a+jKnmwHfhagfP1z+ AAAAIDRwgyBV2t6U4UzYd3Fx0Y5dBvZq7/TGFHHk66dO5WFk nss-3.35/nss/cmd/bltest/tests/dsa/key190000644000000000000000000000324413230126417016040 0ustar 00000000000000AAABgKQQ0j7ZrZlk0+QBy5MXolIT91cSrLxcEhkavz8cDnI+IzO0nrH5Ww+XSNlS 8Epa41iFnThEA842SqP1jdl2mQm0UEhUjFWHKmr7s7FcVIgvlsIN8bLfFk8LrISc oXrS32Or11yIGSLnmlAJ8At9YxYi6Q5/pOmAYYV14da9GnLVtqUPT2pot5OTfEr5 X8EVQXWaFzZXfZRIuHeS3/ByMkFVEukzdV4SJQ1GbpzI3xUHJ9dH5R/qeWQVgyax Nl1YDLGQ9FGCkVmCIf3zbGMFyLio7QVmPdewBulF9ZKrvsrkYPd8cbbsZJ0/1TlC Au17u9BA97j9V8sGqZviVPol1xo3YHNARsKg2zg+Ajl5E65nzmWHDZ9sb2ep0ASX vh12OyGTfPnL+aJO+Xu8qgeRb4iU5bf7AyWIIaxGFAllsjxUCcpJAm77K/lbzgJc QYOl9lm/aq7vVteTO7KWl9fVQTSMhx+gH4aWeLLjRQb23ApMEytomg7SfcPI1TcC qlhIdwAAACCrxnQXclzyj8dkDV3kOCX0Fuv6gOGRxC7ohjAzOPVgRQAAAYCGfV+3 L1k20aFO07YEmWYvMSRobvEIxbPaZmOg6GGX7CzEyUYBk6dP8WAorJRBsMfSfCJy 1IOsfNeU1ZhBbE/5CZphZ51BfUeM5d2XS/NJoUV1r+dKiLEt1fbRy9P5Hd1ZftaO eeukAmExMMIkuUrChxSh8cVSR1pdKc/N2OCKax1lZh4o7zE1FNFAj1q9Pgbr46fY FNHt4xa/SVJzyh1XT0K0gu6jDbU0ZvRUtRoXWguJs8Bd2gBucZouY3FmkIDXaMwD jN+4CY6arZuNg9S3WfQ6ydIrNT7YijNyNVAVDeA2G3o3bze0XUN/cctxHyhH3mca 0QWVFqHUV1UiShXTe0rq2j9YxpoTba7wY2/jjjdSBkr+WYQz6ACJ/aJLFEpGJzS+ +Pd2OIRbAOWc5/pPHa9IeiytoR6rpyuyPh32tmoYPt0ibEQCct2bBr7A5X8aCCLS 4AISBkttumRWIIX1p1kpr6X+UJ4LeOYwqvEvkeSYDJsNb34Fmi6j4jR52TAAAAGA HwpcdeeYXW5w5Pv9pRoQuSX2rMtgDXxlENuQ7DZ7k7sGm9KG6Pl5si7wcC9xeodV wYMJyH2uP+gsw9yPS3qj1fOHb01LPraL/pEMQwdtbNDTn8iN3njwlIDbVSNObIyl n+JwDv7AT+7mtOjuJBNyGFi+cZDb6QX0Vu3KtVstwpFtwehzGYjZ74thmrz4lVqp YO8Cs/AqjcZJNpIir1DxM47SjWZ/PxDK4qPCijwdCN9jnIGtoTyP0ZjG2uPWKj/p 8EyYXGX2EMBsuPrqaO24DebPB6jonAAhgYWpUrI1cuNN8HzltCYeXeQn61A+4br1 mS221Di0dDTEDCJle8Fj55U/oz7/OdwnNGBwOardasJ+Q2cTEEH4Rf+hoT9Va/ui MHpcePLM8RKYx2LgiHGWjkjcPRVp0JllzQnaQ88DCaFq8eIP7n2j3CGzZMRhXNUS P6X5sjz8T/2c/c6mcGI4QLBi1GSNLrp4atP3rjN6QoQySs4jb59xdPv0QrmQQwAv AAAAIG1Mk0ORt/b7bhnjFB+MABjvVyYRihEGQ1jH01s3c3N3 nss-3.35/nss/cmd/bltest/tests/dsa/key20000644000000000000000000000114413230126417015745 0ustar 00000000000000AAAAgIubMvW6OPqtXg1QbrVVVA0NeWMZVVjKMIt0ZiKNkqF7OxS44Kt3qfOylZoJ hIqmn435LNnp7e8K33ks53v87Mrdk1JwDKX67PGB+gwybbHW5dNSRYAR5RvTJI9O O9fIINfgqBkyrKHro5AXXlPq2hlyI2dOOQAmPpD3LZTnRHv/AAAAFLxVDpZWR/s6 IPJF7IR1Ykq7sm7dAAAAgBEzOpMfulA0h3dzdoWf3BL3xoewlIroidKH8benEq0i CuTxzjedDbtcmr9BliHwBfwSPDJ+UFXRhQY0w205fmieER1ZjBw2NrlAyE9C9DaE bo5/ytkBLO2jmHIPMv/9GkWrYTbOQXBpIHrBQGdbj4bdBjkVrm9isM7HKfvVCawX AAAAgH4znzdXRQOQFg4CKRVZ8wvtCy11jFzMLY1FYjK7Q1rknefnlX46rZv9z2/V 2bbuO1IbwiKahCHcKqWbmVI0Wo/B3kmzSAA6mxjaZC1/b1bjvGZRMa6XYgiKk3hv e0typLzDCMZ+JTKjpb8JZSBVzCa/OxiDNZjP/XAR8ihfeUVXAAAAFG4uMbv8ZwlE 16cSDjmpgVIGFNio nss-3.35/nss/cmd/bltest/tests/dsa/key200000644000000000000000000000324413230126417016030 0ustar 00000000000000AAABgMHQptC17WFd7nasWmDdNeywAKICBjAYsboKBv56APdl2xxZpoDOz+OtQUdb rbWtULYUfiWWuI00ZWBSrKeUhupvbskLI+Nj86uM3IuTtioHDgJojqh3hDpGhcK6 bbER6a3b18pLzmW7EMnOtpv4BuLr1+VO3rf5lqZckHtQ79+OV1uuRiohnDAv7yro HXPO51J0YltfwpxtYMBX7Z57DUatL1f+AfgjIw8xQiciMZzgq/HxQfMmwA+8K+TN uJRLb9BQvTAL2xxfTaclN+VT4B1RI5xNRhhg8ftP2Pp59dUmP/Yv7XAI4uCi02v3 uQYtDXXbImw0ZLZ7okEBsIXyxnDA+HrlMNmO5gxUcvSqFfslBB4ZEGNU2ga8Kx0y LUDtl7If0c2tMCXGnabOnH3fPc8epNVld7/ewjBxwfBe5Ad7U5HppATq/+EtHqYt BqzWvxnpGhWNIGa0zSDkxOUv+x1SBM0CK8cQjyx5n7Rohm7xywm84J39SeR0D/gU BJe+YQAAACC/ZUQcmHt3NzherewVjdAWFNpvFThiSOWfPN2+/I6d0QAAAYDAKshT dfq4C6KnhLlOTRRbO+D5IJDroXvRI1jPPgP0N5WE+HQiUvdrHt4/w3KBQg50qWPk wIh5b/K6uNtumkUw/GfVH4i5BatDmVqrRjZMtAwSVvBGbz2842ID7yKLNekCR+le URXoMbEmtijumE80mRHTD/udYTtQqE36HwQrpTa4LVEB5xHGKfnyCW3INN7sY7cP KiMVptJzI7mVqiDT0HNwdRhvUEmvb1EqDDip2gaBf0thm5RSDt+shcSm4uGGIlyV oE7Dw0IrjesoTpjSSzFGWAIAigl8JZaegmwrqlnSy6M9bB2fOWIzDB/Np8+xhQj+ p9BVXjoWna7TU/Pub0uzAkQxkWHf9kOKN8p5OyS7sbG8IZT8bm72AngVeJnLA8Xd b8kag26yCiXAmUVkPZX3vVDSBmhNb/wU0W2C1feBIlv/kIOSpXk7gD+bcLTfyzlP ntgcGOORoJ6z+ToDLYG6Zwyr/W9kql4zdMt8ICn0UgDk8L/YIMi9WNxe6zQAAAGA baVPKw3bTczi2h7foWuoSVPYQpzmDNERpcZe3Pe6W42Th6togcJIgLKvvbQ36e1/ +46Wvsp+qA0dkPJNVGESYp31yelmF0LMhy/bPUCbx3t1sXx+bP/4YmEHHEtcn5iY vh6eJzSbkzw0+zRWhfj8bBJHDRJM7PUbXVrb9eeiSQ+NZ6rFOoLtaiEQaGz2McNI vLxM8VbzppgBY+L+ynKkX2s9aMEOWiKDtHC3KSZ0SQOD91+ibM+TwOHI0GKMo18v PZtodlBdEYmIlXI3ovyAUctHtBDot6YZ5zsTUKn2omDF8WhB58TbU9jqoLRwjWL5 Wypy4vBMoUZHvKa14+5wf833WLkl641Oas5Px0Q8m8WBn/nlVb4JiqBVBmgo4huB j+3DqsUXoO6PkGC9huDUzOISq2o6JDxewCdFYzU8pxA68IXo9BvlJPu3XNqIkDkH 35S/1pNz4oiUm9BibYXBOYswc6E51cdH0kr9rno+dFQ3M10O6ZPu82owQckS9+tY AAAAIBULXFHqZAIna8kSMi8EBPbVf/fTKvyqg7bf3hGrtIGB nss-3.35/nss/cmd/bltest/tests/dsa/key30000644000000000000000000000114413230126417015746 0ustar 00000000000000AAAAgMuhPlM2N8N8DoDZ/NBSweQaiKwyXE6+E7cXAIjVTu9IgfPTXq5HwhA4WoSF 0kI6ZNo//aY6Jvks9aME85JgOEqbd1nYrBrcgdP4v8XmyxDvtOD3WGf06EjRozhY bdBkj+6xY2R//nF2F0NwVA7oqPWI2ozBQ9k59wsRSn+YG4SDAAAAFJUDG4qnHynV Jbdz74t8ZwGtil2ZAAAAgEW8qkQ9TNFgLSeq+EEm7cc713Pebs4V6X5/70bxMHK3 rcr3sAU89HBpRN+MRWjybJl+53UwAPvkd6N3ZqTpcP9AAI65ALneS1+a4G4G22EG 54cR86Z/7KdN1b3c32da5AFO6UiaQpF/vuO7nyok32dRLBw1yXv78jCOqs0oNoxc AAAAgEzWF4Y30PDeFIhRXDsS4gOjwMplLy/jDQiNxyeKh6/6Y0pyenIZMtZxmUqV ig+JIjwobDqbEKllYFQuJia3LgzSjlEz+1fcI4t/qy3ipJhj7PmYdRhhrmaL98rR NuaTP1ff26VE4xR84Oc3D6bo/x3mkMUbSu7fBIUYOIkgVZHoAAAAFC6sT0GW/ts+ ZRs7AAQBhM/W2iq0 nss-3.35/nss/cmd/bltest/tests/dsa/key40000644000000000000000000000114413230126417015747 0ustar 00000000000000AAAAgPJKSvxyx+Nzo8MJYjMv5UBcRZMJY5CUGMMHkqrxNd3qVh6U8kcmcWt1oYgo mC5M5Ewf3ct0ZIe2t3qaWhf4aKtQzWIbW8naRwiAsofXOYGQpCpe4i7Y0f8UfiAZ gQyCmO1o4cpp1B1VXySeZJ+xcl3bB1wXs3vv9Gf90WCSQzc/AAAAFNoGWgeN21bu XSrQbK+rIIINLEdVAAAAgEe1WRt5BD5OA8p4oOJ3yaIeKmtUO/TwRBBM2ayT7/jh AbtgMe/IxZbV0vkuOj0PH3RwLdVPd9PNRsBN7npd6fAK0xdpH93O/koiCiZRrK5/ zt2pK/zKhV22cF6Nhk+Bkr9r+GDADwitZJPswYcuACjVyG1EUF21dCJRXDglpveK AAAAgEOie3QPQiyy3D6qIyMViDovaiKSf5l9Ak9aY4tQexfTscvT7GkcxnRHCWCg FG797Llbtf4kl0njyAbNXMPn97q4Rdrb4fULM2b7gnqULOYkbdp70sE+G0qSbAyC yIRjlVLZ1GA2+aS8Kp5RwtduMHTR9TpjIkxCeeD6RgR01P/eAAAAFGSYIBaOtZT1 nNmyi5rv6MwQamxP nss-3.35/nss/cmd/bltest/tests/dsa/key50000644000000000000000000000114413230126417015750 0ustar 00000000000000AAAAgIjZaOlgLsvabYb3yXCj/76x2pYvKMCvuScO8FvDMMqYw634PAcv6wX7Lik7 UGW7sMvMkwwk2NB4ad6uzZKiYEwPXdNcW0Mf2moiLFLDViv3VxxxAgm+izuFiBh4 hyX+gRK31ryC4P8cu/XW/pRpCvK1EOQa2CB9wsAvufpc76q1AAAAFKZlaJueW5zo L9FnYAbPTPZ+zFa3AAAAgCZ+KChXQXdSET+6P8pxVbXOiefIozwaKRIuK3IJZfwE JFJn/4f8Z6VzD+WzCAE6oyZpkPuzmBhah+BVtEOoaM4M4TrmruMwudJdO7s2JmXF iB2vDFqnXp1KgujwTJGprSlIIuM5eKsME/rcRYMfnTfaTvoPwsXrATcfqFt92x+C AAAAgGD1NB5Iyno7xd7O5hIR3ScnzY4vx2NfOqvqJiNm5Fj1xRwxGv2pFssNzcXV pXKfVzpTK1lHQxmbz6dFSQPnSzPd/mWJYwbOwg69hCdoL6UB7ga8TF0UJcvjGCi6 AIsZydpoE2z3GECyBZGeeDpiilpXz5HPVpsoVP/veglu2pbJAAAAFAfOiGLmS39s dIIEbb/JOQcSPlIU nss-3.35/nss/cmd/bltest/tests/dsa/key60000644000000000000000000000221413230126417015750 0ustar 00000000000000AAABAPLTntMGKxPJFic2AKDyoCnobXpLkhe08YFb8rJNlxClerM/mXKUsBRYW40B mN/cy811MU2l/4WqNEtFra6ql5tRoxKnv6lEcvtjPxpvFWu0RYhn39OEA/BrhR8A /i00hAd73tcat1E9BKFAIgV1+2kzlUgOTIQCt6Rs7C03p3jDBazNHxPp9i6GUxX0 sizEZ8iYbsjklh3fgQVmsMTuNprGqhXkP0dEAFgm9b3oBxoZ4wtpCarEs9F0I3Jw 2tAnmdCbiizF8i5miUtUIiKLLCNPEfWnccW4nPRloqzsu+6qFyX+j5tZQivomRBS y1Vt3yyM6PqSBtvzn+rcGU4A+OUAAAAcgAAAAAAAAADBGPSYNeTvczxNFYAPzwWe iE0xsQAAAQDjqTwJ2m9WDk1IOjgqTFRvIzXDakw1rBRjwIo+bdQV31b9xTfyX9U3 K+Y+T1MAeAt4LxrNAci06zNBRhX9Dqglc6y6fvg/WpQ4VBUa/C19/hIfuM0DM1sG W1ScXcxga+kFJIO8KE4SrDyNugm0JuCEAgMOcLwcwr+JV8S6BjDz8yrWiTiaxHRD F2Bj8kfZ4ilrPqW1vCM1go6hoIDtNZGN7iEv0DEnnRuJTwGv7FI4M2aerAMaQg5U C6EyClnEJKPlhJpGCla8sAFkeIWxQzxPmSlxdGv+KXfOclnFULVRpsNXYeSkGvdk 6NkhMvzApZ0WhOq5DYY/KfQc91ePqpCMAAABACif8YwypWuwuIOTcGR2g6OKWn4p FBC5MgchKtyAiNMPk+nkq8Uj89RpNufVyQ2IdCs2r9N1Y0CPFcjBpPesJL8F8BAI /+5wyIJdV8OpMIutigla8rU7Ldo8vthG2V4wHrm4R2ZBXRH2wzIJoNKFcQlqsEp5 qg3EZZl1KWhraOiHzYogXC3IGVrvBCLrqZefVJrIVUjkGUE2Q7ckQ2EVOtoUgNI4 zQDcFlJ5OJVVSN1dAn3tECnu647WxhtM1ZNB2LFUZunaiQqYmZb012keYHLeE2ry i1h0vwi9H4pgz7HACIgTKQn1FeBLzoGwKVGqQbqsaP/bjF3Heh0y2PLBDdcAAAAc YTLlUc2siECRg7037hRSzSR9SDSwiBSydb4/9Q== nss-3.35/nss/cmd/bltest/tests/dsa/key70000644000000000000000000000221413230126417015751 0ustar 00000000000000AAABAKqBXJ2xxNPSdzx9DU0dp17PxKOel9X6GR/+yLFJCikM4zXlzofqYgqKF94L tkcU4uyEC/AObr20/7TjJMoHw8hxcwmvFBA2Kncsmt2DiysMrh6Qq0SK2r2s0uXf WcQYejKiNxnWxX6UAIhTg7+PBm8juUGSDVTDW098xQRPO0DxcEaVYwe3SOhAcyhE 0Aqc5uxXFCk7YmUUfxXGf0vjiwgrVf3q22EkaJ+3b50lzCi46qmLVi1cEBHg3Pmz mSMkDTMtidyWA7e93QxwuDyqKQVjGxyDyruubAwMLv6PWBMe2DUb+T6HX2pzqTy6 1HAUGiaH+6zy1xyN3ulxrWYHKa0AAAAc6jR+kL58KHXR/h22IrR2ODfF4npgNzED SMGqEQAAAQAgQglMy8i4cj/JKMEv2mcbgylemcdDV29EUEvhGGMjMZtQAtJPFz35 CeokHW6lKJkE7kY2IEsvvpSwaP4JP3liV5VJVR068hmtjtGZOe/4a87INN4vL3hZ bonny1LFJOF3CYpWwjLrH1Y6qEvGsCbe7m/1HLRB4IDy2vrqHO2GQn0cNGvlXGaA PUt20TPNRFtMNIL6QVAjRjyb8w8veEIj4mBX06oNf7tmBjDFLknUoDJcc4ngcqo0 nxPJZuFZdS+7cekzaJD5MkP6bnLSmTZe5bP+Jm6/ERBWj+5EJchHtQIQvUhLl0Ma QoVq3KPn0anJxnXH4maRgyDdWnikjEipAAABABrhDHhq0JAsXGhdrlxxIUGKN3uI i18vK8dmI1cP1ivLGQtHGtU1nF8GL4gZKJ6VbYqm+Q0fjPHuctOhvf1WxHjcKaGc RWm1pg46jzT2BlbqxbJd3lUUpcZ7Z1QjIE9syvCZBhfMc1W50+2GiXiiUgIKdp7V mm7apu/jN37vRfP28+ZBecx9uLFD+4NcXXG/z6HiqQSbzPf+mrV1RiIP4/S3UhyG FznROFB+gaRqaZNgVEHcuQ1u5K+8Qsq+kKJUREloEJ1+3ZaUoCMjnx1WF13R+sEV kV4k+rVj9Pw/JpvtLzAIMtESWWSFpxFBeqc7tKxyplGh+luu02Nscg05cAgAAAAc e0iQIVeOeee9PuerRW9lnz3AfIj1yaOeT4zugQ== nss-3.35/nss/cmd/bltest/tests/dsa/key80000644000000000000000000000221413230126417015752 0ustar 00000000000000AAABAKTH6qtCxMc7dXdwkWSJ8XzVByXNCkvE4c9n92O4wd4tbauYVrqvsAjzZbGK QuFNxR81C4jsoCCcWqT9caepbHZfWQHCHnIFcNeDe+x8dtLkk0RzHKOUBdCoebng 3NGoEl/RMOweeD5lS5TjAC5rYp6QSrOHeGdyDL1UtCcKnhXNAox8x5bwbCcqZglR ko/b6y3KBhtB6TIlcwV0L/FuL0KRkdXl8abd9ueMXXciz/gKnAvVyNeuuowEQ4mS sHXjB8FTTEmtOA9Hf195h9wXLBYdyjjcrz+zhGxyyRGaUpmtx0iVGz3ODQDUqQE4 ALIAggO3JGW8aoSuBZowxFIt6lcAAAAczon+MyuOTrPR6N3OpdFjpbwTtj8WmTdV QnrvQwAAAQCMRl7fWhgHMCkeCA38U4U5elAGRQ26Lv4BKSZPvYl7tVecoOqxmqJ4 IgQkcktPKm9u5jKEMqv2YTgGRglyM1BTOcVRnTV9cRK27sk4uF1ap1zC44CS8KUw rLVOUP6CxNVi+w8wNrgLMDNAI+u+ZjegAQsAx9uGNxFoVjZx4eDwKK7b1F0tVyYh pgmYKgc+Uaridwevvu8p4uzuhNem1do4K+OjX0K2xmhJICqxnQJbhp0Id2R20auY FHWtKtLz5v0H4waW2QpiaBbfYNbKev17SC+UL4O0XMgpM3Mfh/ruMgkA8qo+cLGG fhQw5AvmfAf5KQKZ7wZ7iySnUVs/mSwHAAABAHSKQCNyEaLZhSWW56iR9D1OsO5I gmyc+zNru2jb5aXhay4ScdTRPeA2RLuF72vlI6TU2IQVvNWWuo4KPE9kOemB7QE9 fZxwM2/r99Qgz+0CwmdFe7Pz58ghRdKvVIMLlC7HSl1QPkImzSXddd7NP1DwqFgV XXvnmUEINt3FWc6Z4a5ROAj9rqw0hD3XJY8W9n8ZIF9vE5JRpBhtqEltXpDT/s+O 0Qvmwl/16zPZYMmo9MWByMckykO3Yen9ta9mv/udLrsRprUEofvk+DTstqwlTKtR PpQ7mpU6cISzMFxmG/rUNPaoNVA8mt5/Slf1yWXsMB7N6TjuMbTesDivl7MAAAAc VRWV7MuwA7C/jd2hhKWdpR5Fmg0oIF5VkspMsQ== nss-3.35/nss/cmd/bltest/tests/dsa/key90000644000000000000000000000221413230126417015753 0ustar 00000000000000AAABAKa7UzPONDwxybLIeKuR7vL96jXG2w5xZ2K/wNQ22HUG6GWk0sjPu9Ymzov+ ZFY8pWhs2M8IFJDwJEWyiQh5gklftpl2sQJC1tUPwjtNvbC+94MF2aTQXZ6uZdh6 iT6vOX4E45uqhaJsj/ve8SMyh7X1tu9qkPJ6aUgaky7kexjV0n6xB/+wUCXmRuiH a1y1Z/7B3TWDXUIIIZhTH6++WuKAxXWh+w5i6bPKN+GXrZbZ3eHzPyzsfSferiYc g+6OIAKvfrboL2oUeWrwN1d6EDK7xwkSnKq9it34cK4tBZXI/bNxVXSPDeo0tE1P gu1YwvWxuEgWYqxTRzxpNBAIL70AAAAcjD7lvZoqrwaL1YRb1V7PJ0FwVTB1d7vD dw7GiwAAAQBDtaa20LuWLsl2ajd8MsxBJPExEYjC7PlcDNSk+glyJbdhjLEnbEdF eNO/VkwUUZnAkqGxS6qSnC8/DzbgwtrpHroIvjCZKoifKVLgRCw3r0hKTs3DJDzP y540E89c3WYwsJ/hfvv94U2HJUkwGbe3PR94K0jvML7DbgDgK6M20iVPwgKmlhLN lEb5HXa3Of+m2LhgUvjcXxFFgBxWJBr1upA3JBvYnmM4tY4BMQZxwmjrXjOstX0f mfFkQKZ1gn1AF3VNYBoXraL77fkEVUqQsBUw2oyTzRTOKTyyvT55N+k0t54xD+TY DBP5L2M4E1W9gKGr7hpz/fttok7ygAKjAAABAGR5ebeWDOe5cf8OX2Q19CpBsYyd 4JowERSgE6fNARg/F2+Ig4N53LTvtn2up53vPwQsvPnMUDtMIVGiNk98lDexlkPm fiSja6xKTPopPe7fjsaxVKMqpymF99jeI1M0tUbCne9FjFXQxcCsXXTiAk7H1KvC /aUWoqCxpNiGrZLCBHB4KKT8d5T2DuikvhEByeVRj34Z7r1HXy3m9rqJwovRKfE5 k77+WBhEAxmnlUmDMZY0KjHbr315SX3sZe59vvcOWPmdBZX2pxFAmt4xUdRVY9U8 HNCoqxoYvv9lAsuwwGmxFOp753iY0PTlSZkboLNolxsQcuzkr8OA6a4ymlAAAAAc TvpRNutqp06Su/yROwv+u2E9t6RyIft7ZPQubw== nss-3.35/nss/cmd/bltest/tests/dsa/keyseed00000644000000000000000000000003613230126417016603 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed10000644000000000000000000000003613230126417016604 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed100000644000000000000000000000005213230126417016662 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA== nss-3.35/nss/cmd/bltest/tests/dsa/keyseed110000644000000000000000000000005613230126417016667 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed120000644000000000000000000000005613230126417016670 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed130000644000000000000000000000005613230126417016671 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed140000644000000000000000000000005613230126417016672 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed150000644000000000000000000000005613230126417016673 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed160000644000000000000000000000005613230126417016674 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed170000644000000000000000000000005613230126417016675 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed180000644000000000000000000000005613230126417016676 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed190000644000000000000000000000005613230126417016677 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed20000644000000000000000000000003613230126417016605 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed200000644000000000000000000000005613230126417016667 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed30000644000000000000000000000003613230126417016606 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed40000644000000000000000000000003613230126417016607 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed50000644000000000000000000000003613230126417016610 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAA= nss-3.35/nss/cmd/bltest/tests/dsa/keyseed60000644000000000000000000000005213230126417016607 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA== nss-3.35/nss/cmd/bltest/tests/dsa/keyseed70000644000000000000000000000005213230126417016610 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA== nss-3.35/nss/cmd/bltest/tests/dsa/keyseed80000644000000000000000000000005213230126417016611 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA== nss-3.35/nss/cmd/bltest/tests/dsa/keyseed90000644000000000000000000000005213230126417016612 0ustar 00000000000000AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA== nss-3.35/nss/cmd/bltest/tests/dsa/numtests0000644000000000000000000000000313230126417016746 0ustar 0000000000000021 nss-3.35/nss/cmd/bltest/tests/dsa/plaintext00000644000000000000000000000003613230126417017162 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/dsa/plaintext10000644000000000000000000000003613230126417017163 0ustar 00000000000000WEKejzcfnh1ppb+WpVTWJ8/VSFw= nss-3.35/nss/cmd/bltest/tests/dsa/plaintext100000644000000000000000000000013413230126417017242 0ustar 00000000000000rBhknAaqqqlnKm/advb86OGGUVWFcbz9ihmsNZcQniSGMCNRB1ROUVCb5azZuiZ+ 4ImIYj1aymGnxDoIS+YZng== nss-3.35/nss/cmd/bltest/tests/dsa/plaintext110000644000000000000000000000003613230126417017244 0ustar 00000000000000PlUtQFJV4fg6RHC9IFSw1nSy/dY= nss-3.35/nss/cmd/bltest/tests/dsa/plaintext120000644000000000000000000000005213230126417017243 0ustar 00000000000000tGiqjB9KQERHn6GvDD8iHrgM5nYcmcaGbRp9nQ== nss-3.35/nss/cmd/bltest/tests/dsa/plaintext130000644000000000000000000000005613230126417017250 0ustar 00000000000000CrhLNBzxdeOM06JwSiDHlsHH0AlCJKHkdpQvJw4OTio= nss-3.35/nss/cmd/bltest/tests/dsa/plaintext140000644000000000000000000000010213230126417017241 0ustar 000000000000004II54Zw0xvxpgkZbrlGIWAPGug2Ih8VgwXb+NG3cRkcdkNR5SHsy/jDgrlTYQGn/ nss-3.35/nss/cmd/bltest/tests/dsa/plaintext150000644000000000000000000000013413230126417017247 0ustar 00000000000000OfmOLA3KSs6DsKB+owDqX4JKdU9bT3xwUOJzPGkrsyKo3mur8w2dklEbOObDF5zg XxEGB/8DFIp8sCqeP2qewg== nss-3.35/nss/cmd/bltest/tests/dsa/plaintext160000644000000000000000000000003613230126417017251 0ustar 00000000000000mbNzEDnv9o8UR+5qjp+UCBlCe70= nss-3.35/nss/cmd/bltest/tests/dsa/plaintext170000644000000000000000000000005213230126417017250 0ustar 00000000000000INmoiblVarLpT/1EghXog/90qXfqHhqcQlUsmg== nss-3.35/nss/cmd/bltest/tests/dsa/plaintext180000644000000000000000000000005613230126417017255 0ustar 00000000000000b5h4y7cMDS2TQtEP6tSlMuxCp3q1hlT3LLt7noMBKrA= nss-3.35/nss/cmd/bltest/tests/dsa/plaintext190000644000000000000000000000010213230126417017246 0ustar 00000000000000kYTu+RQoZJZSUNshOvoBQxBj2N7aAyjFYJzs0WWVBdRaLlujVOVu2dlxGwJktm9M nss-3.35/nss/cmd/bltest/tests/dsa/plaintext20000644000000000000000000000005213230126417017162 0ustar 00000000000000IDdekD+X/lylh+t2yXvLHboeHUZAZUozsUU48g== nss-3.35/nss/cmd/bltest/tests/dsa/plaintext200000644000000000000000000000013413230126417017243 0ustar 00000000000000Q6bpLpUVhU3Sjdd4YG4BnAfUf4u6TrwCAzmSB0q66YryvQBzf3fQ3H4fp4GVuYRV ftjzEtAhCf9OYBtR4GSnvA== nss-3.35/nss/cmd/bltest/tests/dsa/plaintext30000644000000000000000000000005613230126417017167 0ustar 00000000000000Mqqlk48AsWXhRAWNXCGQuvRpPAwqfbTlmnfsFKcKblA= nss-3.35/nss/cmd/bltest/tests/dsa/plaintext40000644000000000000000000000010213230126417017160 0ustar 00000000000000w8+3pOAcqljMh1bLGnWAWlZvlgnJhOJDBC2C0M3mTFrCeylP+FfUSfGfRD2uDS2f nss-3.35/nss/cmd/bltest/tests/dsa/plaintext50000644000000000000000000000013413230126417017166 0ustar 00000000000000PiPosk1QVF3Ck1taH0AunEzHuPxBHnFMTKPWBsxTI9YdZ5XAEzt5QPHQKm7ja20+ bmsWwSw++jcz8N2DY6WW2g== nss-3.35/nss/cmd/bltest/tests/dsa/plaintext60000644000000000000000000000003613230126417017170 0ustar 00000000000000uCkA/iALiJlpG34VqA2JNi5cqJY= nss-3.35/nss/cmd/bltest/tests/dsa/plaintext70000644000000000000000000000005213230126417017167 0ustar 00000000000000KfVXa9k+jC0vrKPpgWQNMrHmPXpYTROh7YXBMw== nss-3.35/nss/cmd/bltest/tests/dsa/plaintext80000644000000000000000000000005613230126417017174 0ustar 00000000000000GC7dULJ04jKDdn7fzRjVyUZm7aDbl31cEJU6STyznuA= nss-3.35/nss/cmd/bltest/tests/dsa/plaintext90000644000000000000000000000010213230126417017165 0ustar 00000000000000hV6v7+GSeeSI2lL+Nu9CJCNoU2pR8eyGkOsfOxb2lBZ42gDIglCTvg88E4ocTsam nss-3.35/nss/cmd/bltest/tests/dsa/pqg00000644000000000000000000000034013230126417015737 0ustar 00000000000000AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc xC6fb0ZLCIzFcq9T5teIAg== nss-3.35/nss/cmd/bltest/tests/dsa/pqg10000644000000000000000000000061413230126417015744 0ustar 00000000000000AAAAgKj5zSAeXjXYkvhfgOTbJZmlZ2o7HU8ZAzDtMlaybQ6AoOSaj/+qrSok9HLS VzJB1NbWx0gMgLTGe7RHnBWtp+qEJNJQL6AUcudgJBcT2rAlrhsC4XA6FDX2Ld9O 5MG2ZAZusi8uO/KLtwoqduT9Xr4tEiloG1sGQ5rJx+nYveKDAAAAFPhfD4OsTffq DN+PRpv+6uoUFWSVAAAAgCsxUv9sYvFGIrj0jln4r0aIOzjnm4x03urp3xMfi4Vu OtbIRV2rh8wNqKyXNBfOT3h4VX1s30CzW0oMo+sxDGqV1ozihK1OJeooWRYR7gi4 REvWSyXz98VyQQ3fs5zHKLnJNvhfQZEphpkpzbkJpqOpm74IkhY2gXG9C6gd5P4z nss-3.35/nss/cmd/bltest/tests/dsa/pqg100000644000000000000000000000137013230126417016024 0ustar 00000000000000AAABAL/r0ACy1s1Ks477o13zNN9yHWwvKz2VZnnLrQCfPfvQApUsyJnMI1bsh2m9 PRulpzAjcpiI2pLKSKXulMl/TwSi46y08zovD7N4PDHyxw+nxw84IUon2t7IsS5n mWqehe47sUiAMTAUc5LcUlPATXBjU15s1ka/sYaYTgi1i3SnvlszO/MrCr/VZlNg 6akjoMUo/xxixyU0WPVnhShxnUNuUBSHQfRdx90sbKxxxVIx8SqD/v0u0KM+3huK UfVm/PeJBoLNwZMdwgfJK/LvTiirMWYe63fxYB7qlByVkfA40/ANkShX2wXmSyrV aTIAYcb4Y/8zVNhC5+fqcVr++NEAAAAcqpht+KBkJ46TYzFqmDC8+kkGVvqm1dqo F9h5SQAAAQCBla2aR4/ZhSFu5YNoNm0u3RPBKz1iI5Fp+gQtkRVkCLSDEi9E7WI2 uDCKbNtS+a896I7IngOa+tfaOqZsGXYEmo4KfRjVZ7r5n87+MVytoBVIOGsQsl5S 9S7XjrTSgILl4f/ulIDE/izEqv0e/J1P0sxtFVlokxJx7xWzJA5/sEOoDI9ii+/g nWRQd8ECnSHgrIvwupwncU0bWA7eWUqgGzt29udF/B7AfbN+L9fpjGyMaRUijkIs MJ3p9dsWj1AknRvh7TKYCQgI4uu4lrt5uMTL+U1MIGTjfmErpESdesIQ7d4hFBbW SwUd2ARqsEFzJmVBGn8VTTGz4RpR2n/A nss-3.35/nss/cmd/bltest/tests/dsa/pqg110000644000000000000000000000140013230126417016017 0ustar 00000000000000AAABAMGlnSFVc5SeCyCpdMLt8uMTf/JGMGL3Xx0T3xKroQdrstATQCtgr2wYf7D6 NiFnyXbCYXxyb5B38J4YwRtg9lAIglvWwCofV9PrCtQc1UfeQ9h/JSX5cdQrMGUG 58oDvmOzX0raFy0KBpJEQKFCUNeCKsLVrq/tRhnnnUFYp9XrLZ8CPbGBqPCUssbL h8uFNUFqwZgT8HFEZgxVd0X0SgHGsQKQksEpsNJxg+gsWiGoAXfudHbrlcRm+0cr 09LcKGziWEfpPL+prTnMVwNdDHtkuSapx/WnsrxavL+9wLDj/t48HgLESvyK78eV faB6Dl/RIznbhmdhb2IobfgNWKsAAAAggAAAAAAAAAAAAAAAG9YsZei4fIl5f48M v6VeSmgQ4scAAAEArqWHh0DxQk08bqnGtHmWFdJ0kpihfiYgf3bO80Dd05Dhsa1r bAAQrQFaEDNC3dRSysAks25C2bjtUvr656HTzp5LIfkQ0TVusWOj5agYTHgb8USS r6LksKVtiIT9AaYouWYnOcQuXFeVreL18n5t4dljkXzogG/EDQIc2HqjqjqeTwws TEXSlZsleLL7GiIpw34YEFm51ee3hi+oLiN3pJ7Q+dyoIKWBQHndZhBxTvr4sMxo PY5y5MiE5vnUlGs+jUy7kq2759TEfMML5/jDfKgYg6GqxoYAWf9GQKKcyuc94gsS 5jsAqIsu6bqUt160CmVuFdnsg3MchdDv/Lnvnw== nss-3.35/nss/cmd/bltest/tests/dsa/pqg120000644000000000000000000000140013230126417016020 0ustar 00000000000000AAABANAiduvzwi/9ZmmDGDpHrpTJvMvL+V3ctJHR985kNUkZmZLTfHnnsDLSbtAx trpEifMSWCb6+ycmqYMz69mr3eWS2Gk9mFlTbZzDhBodJOBE01rO1hNiVvxta2Fc 9PQWOqOB6ytMSAglqOzMVtjdz1/mN+OK2bKXS9LPaL8nHg0GfSRlqLa2YFJPAIJZ iUWtpY6mSbmATrR1NAjCxZdoxGq7guMpXz2cpGn4TMGH9XLcS1o7OTRuyDnfrW8H 1tHw4hUgm7DswFx2fPLnlDrJz7Au7h6e9ZRujOiDFrXhX9z5WhMu8uS7CBcTZSjP pd2WUy+cOr5cQhYg7ba8vVIjTKkAAAAggAAAABKZfoKF5AiXCPUoBwxtevigvQFA nnoHnNtvxbsAAAEAd4RTBJ7yYhR/7XtZsO5nZGB8Uee1tfxv6np6ex3Wuyg/Sprp jv05ZLFVZ1jLFbKlOvhhnnTYWJi+x307PzgklK5ZYaE//HRdo4YYIpFRmAD5ndcQ 4ArrFa3uCI4nmO4uRvWYUmzw9GZwVdG6AJdQBB3FzdJyX/HZfdNAyFGK92cbh9Od Z67O2Etm+E4HAe/IKlye+VTuV20kw4WxTWMDfw2Gb9QktJdb3VSF7XQMuTLoQ/kG aD98eyx0d12QHDYbhHtRnA2mmWONpAvXNreD0nELLCzCbvkScb9OLBkp+HbpAuIF cWQiO8eNaiufbAx6fLhZIvfWxCh64jhh+BKISA== nss-3.35/nss/cmd/bltest/tests/dsa/pqg130000644000000000000000000000140013230126417016021 0ustar 00000000000000AAABAKittsC0z5WIAS5d7/GocdOD4OKoW16OA9gU/hOgWXBeZjIwo3e/cyOo+hFx ACAL/VrfhXOTsLvWeQbAgeWFQQ44SA6tUWhNrDo497ZMnrEJ8Zc5pFF819XWKR6K 8go/vxczbHv4DucY7gh+Mi7kEEfavvvMNNELZrZE3bMWCijAY5Vj1xmTomVD6tt3 GPMXv12Vd6YVZWGwgqEAKc1EASsY3mhEUJ/gWLqHmAeSKF8nUJaf6Jws1kmNs1RW ONU3nRJdzPZOBsGvM6YZCEHSI9oVEzM6fJ14Riq6qzG5+W1fNERc62MJ8vbSyN3g ZEHoeYDTA++aH/AH6L4vC+BswV8AAAAg5x+FZ0R/QudfXvhcog/lV6sDQ9N+0J7c P25oYE1rnfsAAAEAW6JN6WB7iZjmbObE+BKjFMaTWEL3q1TNgrGfoQSr+12EV5pi OyV0s30izK6bPkFeSPXA+by9/4Bx1jubuVblR686jfmeXTBhl5ZS/5a3Zcs+5JNk NUTHXb5bs5g0UxlSoPtLA3iz/LtMi1gApTMDkqKgTnALtu1+C4V5XqOLG5YnQbPz O53eL07BNU8J4ut46V8DelgEthcWWfiHFc4amwzJDCfzXvLxD/DHx6K7AVTZuOvn aj12Sqh5rzcvQkDeg0eTflqQzsn0H/Lya42pqUoiXRqRNxfXPxA5fSGD8bo7e0Wm jx/xiTyvaagngC97akjVHab777ZP2abFt1xFYQ== nss-3.35/nss/cmd/bltest/tests/dsa/pqg140000644000000000000000000000140013230126417016022 0ustar 00000000000000AAABAKYWfBb/904pNCuFhq7TzYlvexY1oihv8W/f9BoGMXymsFyiunwGCtbbFWFi HMsMQLhqA2Gb//MuIEy9kLedy1+G67ST470ZiNgJf6I/pNePs83csAxGZCPY+nGY c8N2Rf5O7MVxcbvt/lb6lHTJY4W4ujeMeZcteqrmmiumTN6OVlTw97dFUM00R+ek cqM7QDfbRo3eMcNIqiXoK3/EG4N/f8ImphA5ZuzY+dFMLTFJVW1Dgp8TdFG40g+F ILDOjj1wX3TQpX6ocsK97pcU4LY5Bs3f3Ci2d30ZMlAA+O1SeOxdkS0QIQkxnLo7 ZGnUZykJtPDb7sC7tjS1UboM8hMAAAAghCdSkETSFMB1dPezWcLgHCP9l3AbMorI wThbgcU3OJUAAAEAb8IyQVwxIAz1I680g/jias6AjS8caouGOrBCzH9rcUSy05Ry w8tMdoHQcyhDUD2PhYy+R25nQDJKqilZUBBZeMM1BpuRn/mm/0tBBYG4BxL+XT4E 3bTf0m1ef7yisMUtjUBDQ9V7L5sqJtqn7OMM6rnheJ+XUaqpOHBJllrzJlDGyls3 SlrnCz+Y4FP1GFfWu7F6Zw5uqviYRNZB4eE9Whsk0FPca4/RAcYkeGlRkn5CYxCr qUmKAEKz3Hu8WdcF+A2bgH3kFffpTFz514mZLTu4M20dgIy4a1bd4J2TS7UnAzki 3hS/MHN2q30i+81hb57aR5qyFKF4UL3QgCqHHA== nss-3.35/nss/cmd/bltest/tests/dsa/pqg150000644000000000000000000000140013230126417016023 0ustar 00000000000000AAABAPY9o76alhYZbGVW885v2LmL3akTdHPaRv7ZcOK40Uc4eoGSIGXVKKfWQz68 XjWxXGfqNaWlv/W5zvHNHm/jHdpSg42jqom5tOjZ08BzLMxPI4zhtBbEypPyxoAO X07UHE92Fc7FUxuYaAsg3GP3PnDYA6rPrs4z1F+g4513yFCCCVKLkEa1kXAQeRI0 OX5BLSK8C41ny9HNKKMsJGCgvYaqug7qgOFuMkVkMXHjQiF2DCA6VrggehAJ5sGi 9s2oX4XE+eQQuUmSM8DuBy5GWvT7T7koLFwQ6CNP1jDqkvCq5rl6Ug2zRHVwe3mk wXUmXANWzLyoJ+ODffPW0FdtkHkAAAAgm3Rj+CafC5CavtEJkWhPNqZKyGTg1tcX wO8hV3pMOQcAAAEAlyp19gboqjqR/wj9Exog9ZYyUTBOPRQxtxL6CAPVJ/1xD7fr J+UpBJcc1DypdxmaJNvutLe8K6B107cutrLFrY8Oi49IxQtVTH4HEfTHQWMwgGZy SY9DApJyS/mKjqSMf1PXsx2LdSixpvCH0sJ8M1ICg1seMUIls3rvi/zsfYCSDEpG Cj1oNE3tde2e6Gf6KmlFBjiU9WO2hjO4s5+DoaqvWpbH9CJofnyEz4+4zF9FBN/w h7yyapW7+Fg/A7Og5Do1ayvX4lzd33oBUwD67MZ5PF7pm2Mny4RW4y2RFTOdWmtx K3+dAwGssFEz4xFeRU06bdJKFpPJSqtUBlBL9w== nss-3.35/nss/cmd/bltest/tests/dsa/pqg160000644000000000000000000000213613230126417016033 0ustar 00000000000000AAABgP1abFbdKQ992Eop3hcSbrTkSHs+/wpEq+XFl5LS4SALnD20TVKLn30iSAMu S6D3v8T6/HBr5RHbInbAt+z/042i4cLyN6dTkMHk0yOcuo4g5VhA7LBd9fAaG2l3 rRkG8stUTM+5O5Aa0JZrGDKtLatSYkSjFWyQXAGsUctzudzZhg1WF1pCXYRkhdmx 9EqKDCV45s9hlHvBoTkv3TILFqnXBFX+Q28tR97Y6OYF90hutXjqf8T/0TwH+Zlq 8Vn9QR6UUUAyeN0RQajJJrNcljhLvWvuCcRvRMNrH/xxl/XpJdvgVEpo5quMGOQm pGazkvnCfdef76nKFjzFo3VTmoVZ8nf2V6U10ZZMal6RaD71aY66oB74GNv3LLBM P/CS0YiGbyXNQFEI9Wawh/c9LVvrUfrG3oSuUWGmavlgLH5L/BRvSCC9/Akvrqxp Ez5KCKWyAqEkmKIuV7rVRnTtS1EBCdUrX3TnDh9vghYXGM1M8AzJ8ZWKzIvdzfvR ++Rs0QAAACCAAAAAAAAAAAAAAAAzSibdj0nGgRzoG7E0KwbpgPZLdQAAAYCZqwMK IaXJgYF0hyFnZByBweA8mydM+8J7xHJUKSd2beX6BTmztz8/FqyGaprsi0Rd7Zf7 /wiDTtmMd+f8ieXcZXvvdm/3+/jnaHPhe+5BJ2LVb+EUF2CrTSW6/Utu8ltJo1Bm MtH44Qdwkwdg7BMlkyxaS6+ekBVCZN30QuxcQf7ZXRFSUVHbz7N1gUm62Bxiuc/3 gWuPlTuLfAIlkNFYTpIdyVX1MorHKYPtXPDQQFb+DVMeYvj2yas8D81E4UhgtzEd JWHHfB0y9sadyPd5aMnYga2dteDBFP2oYovKAzXrf7nhXmJaq6tY/AEZTIG/b7LO VAd7giUOV8ansl3rbuOdS2hqXDB6dhKy2F7pJRJBPeopfkTzF75863CjMorwtAEA GkGFYrj/5Ol3G0tKjgtAx5E0nV1ORZ/mIKGi/HLi9sooVn1MJjK73htJhkwGuxJh nxMsHaj1ce9hPqxzn2arORTLP6GrhuBeUILrqiTr7qTPUb7vwn31Ev4/7n0= nss-3.35/nss/cmd/bltest/tests/dsa/pqg170000644000000000000000000000213613230126417016034 0ustar 00000000000000AAABgPY7PN1kbY5921chaqbuwhNNcHSIofKc+plwZF8SJ+pdsuMY7qXaFofH7ZBQ lmk0XtYTTP8yIDq3Kuy/ppPSFq61XY0oqYH0q/8H0TGaeZvl3XRvhIQoF5KcMFtA hZivEgRdqi8czIvk2BtRPGMPAX/sFlisoQihr2Eg7AXjAYxCU8ndNbzgYrc9DyqT 1BxIGlxDu5eQloLTmppg3Dw142N13sbO0NLbO6DREb7epwGg5HU2JJd6nnW3CnTi uB44pSqyLaExs1QW087JZjB5dGp2NHbldZgULjmGFUXar404oXbybHH1r+vZxWIN qAzzRStVw3xmG0oewDUXELneSjy+C5i02eyJEo2Xqn77GduLpDzAviXCAPkOFQbL eOwMM216lWE9QgTo7WjQ8KbHhCAQWo0tQ4+9JVGmShoLA/+4eHQvjJl5z6hzlBUC gZmNUXAdX8+paWpJif0l9ACVXmJrGr6SbAr6aappgZAO/83QMFkvgrIEKkeppajL AoPcTQAAACCAAAAAukY0tfpNoFS9DKSK5JDldxHzgRk4QkKRWbp8oQAAAYCK1FU8 TkmqJHKKtQJEF7Ey0spTpV2VlFjy91mtsENb7u+jos/NADjiQgZD/EpN7rXZ/qoe 3yEZO0DhS0KYKpTzXFi4EUfXGJ0mPJsS/mOrn6X28DooYMGGQy46sE8qsPL7YUe9 m/ftXSBxO52iE4Piw6Fo59CdPYpaBY/SMJW1rP64ZKMwa+JCX6GtMq1tk4LmA7A8 aK9K8CRjlxAsQVXLqBGr+Z2ng553surJlwWIyh0KI2FyOhZKySKcLoDc+o20+eKY A+/7MWjH/tejpt5A3aGaBTavm1t6+u+5xw1q6N8S2mWPYjYEOuqHPbKc628H0Qj1 IlaHvQww4whOIJC0WuL5Kpe47LepcFxJVrizHEo9YRB8hOR63abIDV0i2rPYWSIP nVqrE2d6498WjwwXbRdrVFBsY5hT8E3e8nIvOcGOXOQm4UVirY/yYkeviIcO+3LA zOg23o/uZ6ZiN4JFtQK/H4MJmYigk8583IE2THix9KUbgA32E3xx1l5rCJo= nss-3.35/nss/cmd/bltest/tests/dsa/pqg180000644000000000000000000000213613230126417016035 0ustar 00000000000000AAABgMe4bXBEIY42dFPSEOdkM+Tiepg9scVgu5dVqPt9gZkSxWz+ACqx/z9yFluU PAso7UYDmgfeUH16Kfc4YD3s0ScDgKQflx8lkmYaZLovNR2aaeUaiIoFFWt/4VY8 S3fuk6RJSROEOKKri9z8SbTnjRzedm5UmEdgBX12zXQMlKTdJaRqp3sY6dcH1nOE l9Tqw2T0eS2XZqFqDiNIB+lrjGTUBLvbh245tXme9T/my5urYu8Z/cwr3ZBb7aE7 nvesNfH1V8sNxFjAGeK8Gan138Hk7Knm1GZWQSQwSjHwOGBaPjQtoBvhwrVFYQ7d LBOXo8g5ZYjGMp7+tOFlr1s2ijmojkiI459Auz3k6xQWZy+Zn+rTeu8cqWQ/8yzb wPzr5ijX5G0oGpidQ90hQyFRr2i+P21WrPvbbJfYf8teYpG/i07hJ1rg60ODzHU5 A8jSn0rbalR+QF3s3/KIxfbHqjDcsS+E05JJOnCTMxfA9eZVJgH64Y8X5uW7a/OW 0y2KuQAAACCHb6CeHcYrI2zhwxVbpIsMz9op86xal/f/ob2Hto0qSwAAAYARCv67 Esf4YrbeA9R/28Mybg1NMbEqjKlbLe4hI7zGZ9T3LB5yCXZ9JyH5X72aTQMjbVQX T7+v8sT/ferkc4sg2fN78KETTCiLQgrwtXkuR6klE8BBPzRqTturLEW9yhP1NBwr Vbi6VJMrkhe1qFnlU/FLuMEg+7nZmQnf9epo4Us3mWT9Pzhh5bpcyXDEoYDu9UQo cDlhAh571oy2N5J7jL7mgF+icoW/7k0e9w4CwaGKfNeL7x3Zza1F3enNaQdVBQ/E Zik37h1vTbEoB8zJW8Q18Rtx5whgSLHatZE8YFUBLeguQ6TlDPk/7/Xcq4FKvCJM XgAlvYaMP8WSBBu6BHR8EK9RP8NuTZHGPuUlNCLPQGM5jXfFL8sBFCfL/PpnsbLC 0apKPacmRcscdnA2BU4vMfiGZaVEYciF+zIZ1a2HSKARWPbHwN9ajJCLqMPlNoIk KIhse1ALvBW0nfdGud5aeP47T2mR0BEMPL/0WAOdw2Jhz0avS8JRU2j0q7c= nss-3.35/nss/cmd/bltest/tests/dsa/pqg190000644000000000000000000000213613230126417016036 0ustar 00000000000000AAABgKQQ0j7ZrZlk0+QBy5MXolIT91cSrLxcEhkavz8cDnI+IzO0nrH5Ww+XSNlS 8Epa41iFnThEA842SqP1jdl2mQm0UEhUjFWHKmr7s7FcVIgvlsIN8bLfFk8LrISc oXrS32Or11yIGSLnmlAJ8At9YxYi6Q5/pOmAYYV14da9GnLVtqUPT2pot5OTfEr5 X8EVQXWaFzZXfZRIuHeS3/ByMkFVEukzdV4SJQ1GbpzI3xUHJ9dH5R/qeWQVgyax Nl1YDLGQ9FGCkVmCIf3zbGMFyLio7QVmPdewBulF9ZKrvsrkYPd8cbbsZJ0/1TlC Au17u9BA97j9V8sGqZviVPol1xo3YHNARsKg2zg+Ajl5E65nzmWHDZ9sb2ep0ASX vh12OyGTfPnL+aJO+Xu8qgeRb4iU5bf7AyWIIaxGFAllsjxUCcpJAm77K/lbzgJc QYOl9lm/aq7vVteTO7KWl9fVQTSMhx+gH4aWeLLjRQb23ApMEytomg7SfcPI1TcC qlhIdwAAACCrxnQXclzyj8dkDV3kOCX0Fuv6gOGRxC7ohjAzOPVgRQAAAYCGfV+3 L1k20aFO07YEmWYvMSRobvEIxbPaZmOg6GGX7CzEyUYBk6dP8WAorJRBsMfSfCJy 1IOsfNeU1ZhBbE/5CZphZ51BfUeM5d2XS/NJoUV1r+dKiLEt1fbRy9P5Hd1ZftaO eeukAmExMMIkuUrChxSh8cVSR1pdKc/N2OCKax1lZh4o7zE1FNFAj1q9Pgbr46fY FNHt4xa/SVJzyh1XT0K0gu6jDbU0ZvRUtRoXWguJs8Bd2gBucZouY3FmkIDXaMwD jN+4CY6arZuNg9S3WfQ6ydIrNT7YijNyNVAVDeA2G3o3bze0XUN/cctxHyhH3mca 0QWVFqHUV1UiShXTe0rq2j9YxpoTba7wY2/jjjdSBkr+WYQz6ACJ/aJLFEpGJzS+ +Pd2OIRbAOWc5/pPHa9IeiytoR6rpyuyPh32tmoYPt0ibEQCct2bBr7A5X8aCCLS 4AISBkttumRWIIX1p1kpr6X+UJ4LeOYwqvEvkeSYDJsNb34Fmi6j4jR52TA= nss-3.35/nss/cmd/bltest/tests/dsa/pqg20000644000000000000000000000061413230126417015745 0ustar 00000000000000AAAAgIubMvW6OPqtXg1QbrVVVA0NeWMZVVjKMIt0ZiKNkqF7OxS44Kt3qfOylZoJ hIqmn435LNnp7e8K33ks53v87Mrdk1JwDKX67PGB+gwybbHW5dNSRYAR5RvTJI9O O9fIINfgqBkyrKHro5AXXlPq2hlyI2dOOQAmPpD3LZTnRHv/AAAAFLxVDpZWR/s6 IPJF7IR1Ykq7sm7dAAAAgBEzOpMfulA0h3dzdoWf3BL3xoewlIroidKH8benEq0i CuTxzjedDbtcmr9BliHwBfwSPDJ+UFXRhQY0w205fmieER1ZjBw2NrlAyE9C9DaE bo5/ytkBLO2jmHIPMv/9GkWrYTbOQXBpIHrBQGdbj4bdBjkVrm9isM7HKfvVCawX nss-3.35/nss/cmd/bltest/tests/dsa/pqg200000644000000000000000000000213613230126417016026 0ustar 00000000000000AAABgMHQptC17WFd7nasWmDdNeywAKICBjAYsboKBv56APdl2xxZpoDOz+OtQUdb rbWtULYUfiWWuI00ZWBSrKeUhupvbskLI+Nj86uM3IuTtioHDgJojqh3hDpGhcK6 bbER6a3b18pLzmW7EMnOtpv4BuLr1+VO3rf5lqZckHtQ79+OV1uuRiohnDAv7yro HXPO51J0YltfwpxtYMBX7Z57DUatL1f+AfgjIw8xQiciMZzgq/HxQfMmwA+8K+TN uJRLb9BQvTAL2xxfTaclN+VT4B1RI5xNRhhg8ftP2Pp59dUmP/Yv7XAI4uCi02v3 uQYtDXXbImw0ZLZ7okEBsIXyxnDA+HrlMNmO5gxUcvSqFfslBB4ZEGNU2ga8Kx0y LUDtl7If0c2tMCXGnabOnH3fPc8epNVld7/ewjBxwfBe5Ad7U5HppATq/+EtHqYt BqzWvxnpGhWNIGa0zSDkxOUv+x1SBM0CK8cQjyx5n7Rohm7xywm84J39SeR0D/gU BJe+YQAAACC/ZUQcmHt3NzherewVjdAWFNpvFThiSOWfPN2+/I6d0QAAAYDAKshT dfq4C6KnhLlOTRRbO+D5IJDroXvRI1jPPgP0N5WE+HQiUvdrHt4/w3KBQg50qWPk wIh5b/K6uNtumkUw/GfVH4i5BatDmVqrRjZMtAwSVvBGbz2842ID7yKLNekCR+le URXoMbEmtijumE80mRHTD/udYTtQqE36HwQrpTa4LVEB5xHGKfnyCW3INN7sY7cP KiMVptJzI7mVqiDT0HNwdRhvUEmvb1EqDDip2gaBf0thm5RSDt+shcSm4uGGIlyV oE7Dw0IrjesoTpjSSzFGWAIAigl8JZaegmwrqlnSy6M9bB2fOWIzDB/Np8+xhQj+ p9BVXjoWna7TU/Pub0uzAkQxkWHf9kOKN8p5OyS7sbG8IZT8bm72AngVeJnLA8Xd b8kag26yCiXAmUVkPZX3vVDSBmhNb/wU0W2C1feBIlv/kIOSpXk7gD+bcLTfyzlP ntgcGOORoJ6z+ToDLYG6Zwyr/W9kql4zdMt8ICn0UgDk8L/YIMi9WNxe6zQ= nss-3.35/nss/cmd/bltest/tests/dsa/pqg30000644000000000000000000000061413230126417015746 0ustar 00000000000000AAAAgMuhPlM2N8N8DoDZ/NBSweQaiKwyXE6+E7cXAIjVTu9IgfPTXq5HwhA4WoSF 0kI6ZNo//aY6Jvks9aME85JgOEqbd1nYrBrcgdP4v8XmyxDvtOD3WGf06EjRozhY bdBkj+6xY2R//nF2F0NwVA7oqPWI2ozBQ9k59wsRSn+YG4SDAAAAFJUDG4qnHynV Jbdz74t8ZwGtil2ZAAAAgEW8qkQ9TNFgLSeq+EEm7cc713Pebs4V6X5/70bxMHK3 rcr3sAU89HBpRN+MRWjybJl+53UwAPvkd6N3ZqTpcP9AAI65ALneS1+a4G4G22EG 54cR86Z/7KdN1b3c32da5AFO6UiaQpF/vuO7nyok32dRLBw1yXv78jCOqs0oNoxc nss-3.35/nss/cmd/bltest/tests/dsa/pqg40000644000000000000000000000061413230126417015747 0ustar 00000000000000AAAAgPJKSvxyx+Nzo8MJYjMv5UBcRZMJY5CUGMMHkqrxNd3qVh6U8kcmcWt1oYgo mC5M5Ewf3ct0ZIe2t3qaWhf4aKtQzWIbW8naRwiAsofXOYGQpCpe4i7Y0f8UfiAZ gQyCmO1o4cpp1B1VXySeZJ+xcl3bB1wXs3vv9Gf90WCSQzc/AAAAFNoGWgeN21bu XSrQbK+rIIINLEdVAAAAgEe1WRt5BD5OA8p4oOJ3yaIeKmtUO/TwRBBM2ayT7/jh AbtgMe/IxZbV0vkuOj0PH3RwLdVPd9PNRsBN7npd6fAK0xdpH93O/koiCiZRrK5/ zt2pK/zKhV22cF6Nhk+Bkr9r+GDADwitZJPswYcuACjVyG1EUF21dCJRXDglpveK nss-3.35/nss/cmd/bltest/tests/dsa/pqg50000644000000000000000000000061413230126417015750 0ustar 00000000000000AAAAgIjZaOlgLsvabYb3yXCj/76x2pYvKMCvuScO8FvDMMqYw634PAcv6wX7Lik7 UGW7sMvMkwwk2NB4ad6uzZKiYEwPXdNcW0Mf2moiLFLDViv3VxxxAgm+izuFiBh4 hyX+gRK31ryC4P8cu/XW/pRpCvK1EOQa2CB9wsAvufpc76q1AAAAFKZlaJueW5zo L9FnYAbPTPZ+zFa3AAAAgCZ+KChXQXdSET+6P8pxVbXOiefIozwaKRIuK3IJZfwE JFJn/4f8Z6VzD+WzCAE6oyZpkPuzmBhah+BVtEOoaM4M4TrmruMwudJdO7s2JmXF iB2vDFqnXp1KgujwTJGprSlIIuM5eKsME/rcRYMfnTfaTvoPwsXrATcfqFt92x+C nss-3.35/nss/cmd/bltest/tests/dsa/pqg60000644000000000000000000000137013230126417015751 0ustar 00000000000000AAABAPLTntMGKxPJFic2AKDyoCnobXpLkhe08YFb8rJNlxClerM/mXKUsBRYW40B mN/cy811MU2l/4WqNEtFra6ql5tRoxKnv6lEcvtjPxpvFWu0RYhn39OEA/BrhR8A /i00hAd73tcat1E9BKFAIgV1+2kzlUgOTIQCt6Rs7C03p3jDBazNHxPp9i6GUxX0 sizEZ8iYbsjklh3fgQVmsMTuNprGqhXkP0dEAFgm9b3oBxoZ4wtpCarEs9F0I3Jw 2tAnmdCbiizF8i5miUtUIiKLLCNPEfWnccW4nPRloqzsu+6qFyX+j5tZQivomRBS y1Vt3yyM6PqSBtvzn+rcGU4A+OUAAAAcgAAAAAAAAADBGPSYNeTvczxNFYAPzwWe iE0xsQAAAQDjqTwJ2m9WDk1IOjgqTFRvIzXDakw1rBRjwIo+bdQV31b9xTfyX9U3 K+Y+T1MAeAt4LxrNAci06zNBRhX9Dqglc6y6fvg/WpQ4VBUa/C19/hIfuM0DM1sG W1ScXcxga+kFJIO8KE4SrDyNugm0JuCEAgMOcLwcwr+JV8S6BjDz8yrWiTiaxHRD F2Bj8kfZ4ilrPqW1vCM1go6hoIDtNZGN7iEv0DEnnRuJTwGv7FI4M2aerAMaQg5U C6EyClnEJKPlhJpGCla8sAFkeIWxQzxPmSlxdGv+KXfOclnFULVRpsNXYeSkGvdk 6NkhMvzApZ0WhOq5DYY/KfQc91ePqpCM nss-3.35/nss/cmd/bltest/tests/dsa/pqg70000644000000000000000000000137013230126417015752 0ustar 00000000000000AAABAKqBXJ2xxNPSdzx9DU0dp17PxKOel9X6GR/+yLFJCikM4zXlzofqYgqKF94L tkcU4uyEC/AObr20/7TjJMoHw8hxcwmvFBA2Kncsmt2DiysMrh6Qq0SK2r2s0uXf WcQYejKiNxnWxX6UAIhTg7+PBm8juUGSDVTDW098xQRPO0DxcEaVYwe3SOhAcyhE 0Aqc5uxXFCk7YmUUfxXGf0vjiwgrVf3q22EkaJ+3b50lzCi46qmLVi1cEBHg3Pmz mSMkDTMtidyWA7e93QxwuDyqKQVjGxyDyruubAwMLv6PWBMe2DUb+T6HX2pzqTy6 1HAUGiaH+6zy1xyN3ulxrWYHKa0AAAAc6jR+kL58KHXR/h22IrR2ODfF4npgNzED SMGqEQAAAQAgQglMy8i4cj/JKMEv2mcbgylemcdDV29EUEvhGGMjMZtQAtJPFz35 CeokHW6lKJkE7kY2IEsvvpSwaP4JP3liV5VJVR068hmtjtGZOe/4a87INN4vL3hZ bonny1LFJOF3CYpWwjLrH1Y6qEvGsCbe7m/1HLRB4IDy2vrqHO2GQn0cNGvlXGaA PUt20TPNRFtMNIL6QVAjRjyb8w8veEIj4mBX06oNf7tmBjDFLknUoDJcc4ngcqo0 nxPJZuFZdS+7cekzaJD5MkP6bnLSmTZe5bP+Jm6/ERBWj+5EJchHtQIQvUhLl0Ma QoVq3KPn0anJxnXH4maRgyDdWnikjEip nss-3.35/nss/cmd/bltest/tests/dsa/pqg80000644000000000000000000000137013230126417015753 0ustar 00000000000000AAABAKTH6qtCxMc7dXdwkWSJ8XzVByXNCkvE4c9n92O4wd4tbauYVrqvsAjzZbGK QuFNxR81C4jsoCCcWqT9caepbHZfWQHCHnIFcNeDe+x8dtLkk0RzHKOUBdCoebng 3NGoEl/RMOweeD5lS5TjAC5rYp6QSrOHeGdyDL1UtCcKnhXNAox8x5bwbCcqZglR ko/b6y3KBhtB6TIlcwV0L/FuL0KRkdXl8abd9ueMXXciz/gKnAvVyNeuuowEQ4mS sHXjB8FTTEmtOA9Hf195h9wXLBYdyjjcrz+zhGxyyRGaUpmtx0iVGz3ODQDUqQE4 ALIAggO3JGW8aoSuBZowxFIt6lcAAAAczon+MyuOTrPR6N3OpdFjpbwTtj8WmTdV QnrvQwAAAQCMRl7fWhgHMCkeCA38U4U5elAGRQ26Lv4BKSZPvYl7tVecoOqxmqJ4 IgQkcktPKm9u5jKEMqv2YTgGRglyM1BTOcVRnTV9cRK27sk4uF1ap1zC44CS8KUw rLVOUP6CxNVi+w8wNrgLMDNAI+u+ZjegAQsAx9uGNxFoVjZx4eDwKK7b1F0tVyYh pgmYKgc+Uaridwevvu8p4uzuhNem1do4K+OjX0K2xmhJICqxnQJbhp0Id2R20auY FHWtKtLz5v0H4waW2QpiaBbfYNbKev17SC+UL4O0XMgpM3Mfh/ruMgkA8qo+cLGG fhQw5AvmfAf5KQKZ7wZ7iySnUVs/mSwH nss-3.35/nss/cmd/bltest/tests/dsa/pqg90000644000000000000000000000137013230126417015754 0ustar 00000000000000AAABAKa7UzPONDwxybLIeKuR7vL96jXG2w5xZ2K/wNQ22HUG6GWk0sjPu9Ymzov+ ZFY8pWhs2M8IFJDwJEWyiQh5gklftpl2sQJC1tUPwjtNvbC+94MF2aTQXZ6uZdh6 iT6vOX4E45uqhaJsj/ve8SMyh7X1tu9qkPJ6aUgaky7kexjV0n6xB/+wUCXmRuiH a1y1Z/7B3TWDXUIIIZhTH6++WuKAxXWh+w5i6bPKN+GXrZbZ3eHzPyzsfSferiYc g+6OIAKvfrboL2oUeWrwN1d6EDK7xwkSnKq9it34cK4tBZXI/bNxVXSPDeo0tE1P gu1YwvWxuEgWYqxTRzxpNBAIL70AAAAcjD7lvZoqrwaL1YRb1V7PJ0FwVTB1d7vD dw7GiwAAAQBDtaa20LuWLsl2ajd8MsxBJPExEYjC7PlcDNSk+glyJbdhjLEnbEdF eNO/VkwUUZnAkqGxS6qSnC8/DzbgwtrpHroIvjCZKoifKVLgRCw3r0hKTs3DJDzP y540E89c3WYwsJ/hfvv94U2HJUkwGbe3PR94K0jvML7DbgDgK6M20iVPwgKmlhLN lEb5HXa3Of+m2LhgUvjcXxFFgBxWJBr1upA3JBvYnmM4tY4BMQZxwmjrXjOstX0f mfFkQKZ1gn1AF3VNYBoXraL77fkEVUqQsBUw2oyTzRTOKTyyvT55N+k0t54xD+TY DBP5L2M4E1W9gKGr7hpz/fttok7ygAKj nss-3.35/nss/cmd/bltest/tests/dsa/sigseed00000644000000000000000000000003613230126417016575 0ustar 00000000000000aHpm2QZI+ZOGfhIfTd+d2wEgVYQ= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed10000644000000000000000000000003613230126417016576 0ustar 00000000000000mMvMSWnYReJGG19mOD3VA3ErvPo= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed100000644000000000000000000000005213230126417016654 0ustar 00000000000000nO2J6lBQmCIigw7+8m5zlPWrfYN9RUmWLShfrg== nss-3.35/nss/cmd/bltest/tests/dsa/sigseed110000644000000000000000000000005613230126417016661 0ustar 00000000000000LLnB1hfhJ6R3DQqUb7lHxRAO0MpZRU6oBHn2iF7BBTQ= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed120000644000000000000000000000005613230126417016662 0ustar 00000000000000RQMLeaOVsWMnAMuv/q2XmY0CvtjgZWh2/AF05L25b3k= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed130000644000000000000000000000005613230126417016663 0ustar 00000000000000EXpSnj/fx5hDpaTAdTkDa4ZSFOAUtJKMKjH0e/YqT9s= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed140000644000000000000000000000005613230126417016664 0ustar 00000000000000I2gDehx2R8aD1+MBrHm3/uvHNu/+OrFkS2gwi0soYg0= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed150000644000000000000000000000005613230126417016665 0ustar 00000000000000X+Ya/dvfBESbJClaUqGgN9PzFEGjzsE4t/AQLbhu8TI= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed160000644000000000000000000000005613230126417016666 0ustar 00000000000000QPUDq9cP1Jp2xnqD4IsGKz/UZa2SvkM8CA5fKVu59Vk= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed170000644000000000000000000000005613230126417016667 0ustar 00000000000000KeTXeQ4YG0dnkD/g6zd1fzPxMzfDNYjB/b+6DmVatiE= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed180000644000000000000000000000005613230126417016670 0ustar 00000000000000PXwGijl4stj+kDS8rWWtfDAMREDkCF3igOV37qcsEgc= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed190000644000000000000000000000005613230126417016671 0ustar 00000000000000QLXMaFw9H1kHIiivlVFoO1uMj/ZSQBFK0trPzPOSgFc= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed20000644000000000000000000000003613230126417016577 0ustar 00000000000000jLNdJVUFpMQUIeVi0QgnJmqmhmM= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed200000644000000000000000000000005613230126417016661 0ustar 00000000000000tZkRG594QCzv573ov1U7bKANWrr5oViqQvJge/eFELw= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed30000644000000000000000000000003613230126417016600 0ustar 00000000000000hZdsVhCnSVlTEEClUSs0fqxYfkg= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed40000644000000000000000000000003613230126417016601 0ustar 00000000000000M8e6iP9pcHlxslrDRK5KVm4ZX5k= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed50000644000000000000000000000003613230126417016602 0ustar 00000000000000LxcJB6xpcmsU8iBW3LN7TfhfdCQ= nss-3.35/nss/cmd/bltest/tests/dsa/sigseed60000644000000000000000000000005213230126417016601 0ustar 00000000000000cZc5LTLQr2pxg8wzmFVvj2h9hqj/dCvmrThWLw== nss-3.35/nss/cmd/bltest/tests/dsa/sigseed70000644000000000000000000000005213230126417016602 0ustar 00000000000000N/rdQZ/L0rBzoGrpa57Otj4prumsX6K9sxq4XQ== nss-3.35/nss/cmd/bltest/tests/dsa/sigseed80000644000000000000000000000005213230126417016603 0ustar 00000000000000bzJlRqoXSz0xnvczHsjf02PdeK5YOpIBZf9+VA== nss-3.35/nss/cmd/bltest/tests/dsa/sigseed90000644000000000000000000000005213230126417016604 0ustar 00000000000000fg8c4h0YWuZcCgA5VWfqnPIXRitYucicTl/5zw== nss-3.35/nss/cmd/bltest/tests/ecdsa/README0000644000000000000000000000011713230126417016337 0ustar 000000000000000 nistp256 1 nistp384 # the following tests are not yet implemented 2 nistp521 nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext00000644000000000000000000000007213230126417017641 0ustar 00000000000000GoWqve3YezF7HOABQjioFL/3oq32oM9pHsGTQTJE7aFE62nItVqAdg== nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext10000644000000000000000000000007213230126417017642 0ustar 00000000000000PM6xHbiwP6Xcb44mg7BHtaJvd8PkxgvHAB1sh2cF0so3naFf0Tj6vQ== nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext100000644000000000000000000000012413230126417017720 0ustar 00000000000000AF3bbyED08NTrUgKmag9HiuUbaW0skXA/Bp9RPjRAD6M0rp3nvLDKozI940jxPP1 nWpHF7VcyCVzJeV6 nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext110000644000000000000000000000012413230126417017721 0ustar 00000000000000AOLrxy4FWd29ToUjOwLs6GyQ+dYZN6NkZ8oVO6dsAEXt55ePlCWZbOtmk6v9PrNG JOsY/MHnGhDeAGRl nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext120000644000000000000000000000013413230126417017723 0ustar 00000000000000aQHMte9cFByD9Ff3rZOPOtPI75luPoxemmgjXIgh/9jEeoTdDk8xuAYQUkayCfs+ DpDaGnOLkfAyZ8GcuaCujg== nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext130000644000000000000000000000014413230126417017725 0ustar 00000000000000AaeVCRJQPbpTqa1+zLd/8xAbkz3KKTr0dlS4tuGC8hc9j5esAeEv+7IklbA3v5Jz jC+nJy4p81iNO5E9H8nfGGckfQSiFzHG nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext140000644000000000000000000000014413230126417017726 0ustar 00000000000000AgU0N7zJPg/1UxmCWD5Z+DqDqkRKjy4heFgayCyopb/u4XErAZArgsjashAxzMKC PSDJasPT90T5Va8sNtjXtSpHWxc2roV9 nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext150000644000000000000000000000020413230126417017724 0ustar 00000000000000NXo8is+7lAoOwWGt7+GBbT/UX8LGs8TXEHBI+tX9311pJ4J3pfBYobgN0ZK6ZBtp dS6PkrPaQp0S9nrfTOS5uAH95eD1eymRfCbOnjTUKzLuIn53V17vRjdcDtLzrhzX nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext160000644000000000000000000000022213230126417017725 0ustar 00000000000000ADhxjBz/ACTy4GJlL0tYZpyNpC4DsXND9lJuU7x9N7g6gkpJyBPw3vBYU1olw6PH dnegpgAm4Gh6MCsZB4KBcLwl1wjt4B3p2eqEqDYn5fiie5f4XuRomvI92jR5Sb+I nBLCHIppt/Q= nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext170000644000000000000000000000022213230126417017726 0ustar 00000000000000AGhHQ6kfdZRgu1svQTXEIewvFVglnUy6ANPumyUbM14AEfRkCUNa1uzvhV1sbWYj qT3egQCA9MTjThDNJeDOvvL6hVVOryUv4+C3RtkpQGCtdml+CSsjVTej8h9JbMds Dme40b2G6fE= nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext180000644000000000000000000000030613230126417017732 0ustar 00000000000000AGBuqk48tufy0bKEWpu+xEHsmi+6KCfdwOSRwLDnpVetGe9AWknHDzeTSwe0QxcE RsEkUZGDpxfzUlCLSSSU+ErrYY/uyLV2AJTb3prB6A2YNwdmFGeRbDoxeOu7FuQA 3gxBQhR+TGMuskeM+BdHFmFrwvTTdHCGzjTBa5S8mbgEJTfeik/it28T/9i+duZ8 nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext190000644000000000000000000000030613230126417017733 0ustar 00000000000000AaiotJfCiWU1d2LFe+t0CcWHDSF7EOlApWYJ+RNRSq8TbkXJIzi6abbb7BovtRwf i/COYwjS7OnkFQ6x5Pdrb7OZ0dTAdDRXAKtXWSKR20Y4fhnx/HUxisFwKrsCEQ3O uVtwDG8rh5V8zjBnCEcs5Iy9CsklucibR0PIyglVmW+ZuY42YNebuOC2VUKqHNF7 nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext20000644000000000000000000000007213230126417017643 0ustar 00000000000000Vli8Hau3xL8oder6ZdM9Y3fMd92jbguiMq6F+9CUjlUQXy5EwAVGeg== nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext200000644000000000000000000000026613230126417017730 0ustar 00000000000000ALAM5hGnex7TvBbSEzDlfv+n5g7aWyRyZsBbl2Y6wW1plSovbq2GcV6w1ZV1Vlot 70zbqkKyNApvTi3xoD4Ens6pAeLMYDILwaQhnyJZWQv3etbWqUKJZNgfH1IDj03k n9hbjYLX3y4bc4CnrhOiv5Ab34s7M8wUYcjC+DbHwhLl/S6N nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext30000644000000000000000000000007213230126417017644 0ustar 00000000000000AFohw5TN/dpmqbhp/T4z1Rl1boAUA6r9eEPJbYN0zf+eHZzyvezxqjxU nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext40000644000000000000000000000007213230126417017645 0ustar 00000000000000AtJdCPXn5yQW34jekhsnsNmaMOeeA3KIVl1d2+7pb6QycUAzYccgwSrp nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext50000644000000000000000000000007213230126417017646 0ustar 00000000000000AzEg0sOGHwxd0o3cv+o9dsRPOzXMAdpgtI6O0uUmVN2+a5qI5FYQlItz nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext60000644000000000000000000000010213230126417017641 0ustar 000000000000005+HDXH/ieN8Bzxd3dfxKZoqbbhsm7jyeqWdemt6Xy0kx+7zwSYsh9Ng5KRdy6wtA nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext70000644000000000000000000000010213230126417017642 0ustar 00000000000000WcS9umnUASP0X6lHvkWJwPY37ZVvAMLBERHLjL3Vzg6QVjwcS8kDVortTFei3aTx nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext80000644000000000000000000000012013230126417017643 0ustar 00000000000000ItpmPaGAaoe2feXPbh5+EASLGnEzyYbEnwJ+JFNSOQcoY4a/cMV2rn8FYyBsEDiZ LPDBU0i2uOg= nss-3.35/nss/cmd/bltest/tests/ecdsa/ciphertext90000644000000000000000000000012013230126417017644 0ustar 00000000000000QjzCVGRUjulOLqeBqC5xpY0GWomOrmQUCtImY0czn98a/jHrdgsSRKiMHukBUxM1 TIRGjkV2L+A= nss-3.35/nss/cmd/bltest/tests/ecdsa/key00000644000000000000000000000024613230126417016255 0ustar 00000000000000AAAACgYIKoZIzj0DAQcAAABBBNGB7n4kH15tKA/SMpetaQVqg6WxIuuUuMQT2tDX NN5jKZfaxD47NsTjTr3x3D5t1qRBYuL6VtdgIuxBIHGG9dcAAAAgaGjyZBL+LN3a 7NkGiHJBfqh7XKNH0AnPF3vFWpostIQ= nss-3.35/nss/cmd/bltest/tests/ecdsa/key10000644000000000000000000000034413230126417016255 0ustar 00000000000000AAAABwYFK4EEACIAAABhBLWMJG3t4khPYcsl3H492rAqukJ1RqJm27pqpN54rFGG r2VDwOfqb9tMninq8IyOh42eaaVOEPXXu4Q/ATWBEfrbTRBjTpzAE2SSPuQma0lM q0RSVECCgdBOKIhB0H6VxAAAADA3WPjUaMWCS9E5KbVDrEcf5CV5tCNNWJQkwjsA yALMCiXJqRVXwbq42WMuaELMW+g= nss-3.35/nss/cmd/bltest/tests/ecdsa/key20000644000000000000000000000045613230126417016262 0ustar 00000000000000AAAABwYFK4EEACMAAACFBAHLMSpMFVyG6mXE7SZ5O5Bwv4d8/QiAB3BzpXkyrU1W jJ9O9uOYTXM+cFtF5v56+LsI4yGkaAl9+RF6lFPjrhpIswCmBmEqMBgZpjoz38my nLHBI9MaFF8AHkRQwD3LJLo4eSZHOVkdIvDYLwicdlgr0zD3Nf76/HB1+0DkBGqE MyG22gAAAEIAFah7z179UbqqdH68pzdZsP1ChXjtYZ11rBM0+HP7yLirxH3ahKTt DjsY19GEjz4gKsaLfLiQ1/Dp+VKVLcBKpk0= nss-3.35/nss/cmd/bltest/tests/ecdsa/numtests0000644000000000000000000000000313230126417017256 0ustar 0000000000000021 nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext00000644000000000000000000000003613230126417017472 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext10000644000000000000000000000003613230126417017473 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext100000644000000000000000000000003613230126417017553 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext110000644000000000000000000000003613230126417017554 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext120000644000000000000000000000003613230126417017555 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext130000644000000000000000000000003613230126417017556 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext140000644000000000000000000000003613230126417017557 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext150000644000000000000000000000003613230126417017560 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext160000644000000000000000000000003613230126417017561 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext170000644000000000000000000000003613230126417017562 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext180000644000000000000000000000003613230126417017563 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext190000644000000000000000000000003613230126417017564 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext20000644000000000000000000000003613230126417017474 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext200000644000000000000000000000003613230126417017554 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext30000644000000000000000000000003613230126417017475 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext40000644000000000000000000000003613230126417017476 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext50000644000000000000000000000003613230126417017477 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext60000644000000000000000000000003613230126417017500 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext70000644000000000000000000000003613230126417017501 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext80000644000000000000000000000003613230126417017502 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/plaintext90000644000000000000000000000003613230126417017503 0ustar 00000000000000qZk+NkcGgWq6PiVxeFDCbJzQ2J0= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed00000644000000000000000000000003613230126417017105 0ustar 00000000000000aHpm2QZI+ZOGfhIfTd+d2wEgVYQ= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed10000644000000000000000000000003613230126417017106 0ustar 00000000000000aHpm2QZI+ZOGfhIfTd+d2wEgVYQ= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed100000644000000000000000000000005213230126417017164 0ustar 00000000000000fjIzMWJpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed110000644000000000000000000000005213230126417017165 0ustar 00000000000000fjIzMWJpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed120000644000000000000000000000005613230126417017172 0ustar 00000000000000/jI1NmJpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA4MDk= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed130000644000000000000000000000006213230126417017170 0ustar 00000000000000ATI4MWJpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA4MDkwYTBi nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed140000644000000000000000000000006213230126417017171 0ustar 00000000000000ATI4MWJpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA4MDkwYTBi nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed150000644000000000000000000000010213230126417017165 0ustar 00000000000000/jM4NGJpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA4MDkwYTBiMGMwZDBlMGYxMDEx nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed160000644000000000000000000000010613230126417017172 0ustar 00000000000000fjQwN2JpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA4MDkwYTBiMGMwZDBlMGYxMDExMTIx nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed170000644000000000000000000000010613230126417017173 0ustar 00000000000000fjQwN2JpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA4MDkwYTBiMGMwZDBlMGYxMDExMTIx nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed180000644000000000000000000000014413230126417017176 0ustar 00000000000000PjU2NmJpdHNPZlRleHQwMDAxMDIwMzA0MDUwNjA3MDgwOTBhMGIwYzBkMGUwZjEwMTExMjEz MTQxNTE2MTcxODE5MWExYjE= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed190000644000000000000000000000014413230126417017177 0ustar 00000000000000PjU2NmJpdHNPZlRleHQwMDAxMDIwMzA0MDUwNjA3MDgwOTBhMGIwYzBkMGUwZjEwMTExMjEz MTQxNTE2MTcxODE5MWExYjE= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed20000644000000000000000000000003613230126417017107 0ustar 00000000000000aHpm2QZI+ZOGfhIfTd+d2wEgVYQ= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed200000644000000000000000000000013413230126417017166 0ustar 00000000000000/jUyMGJpdHNPZlRleHQwMDAxMDIwMzA0MDUwNjA3MDgwOTBhMGIwYzBkMGUwZjEwMTExMjEz MTQxNTE2MTcxODE= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed30000644000000000000000000000003613230126417017110 0ustar 00000000000000aHpm2QZI+ZOGfhIfTd+d2wEgVYQ= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed40000644000000000000000000000003613230126417017111 0ustar 00000000000000aHpm2QZI+ZOGfhIfTd+d2wEgVYQ= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed50000644000000000000000000000003613230126417017112 0ustar 00000000000000aHpm2QZI+ZOGfhIfTd+d2wEgVYQ= nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed60000644000000000000000000000004213230126417017110 0ustar 00000000000000/jE5MmJpdHNPZlRleHQwMDAwMDAwMDAw nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed70000644000000000000000000000004213230126417017111 0ustar 00000000000000/jE5MmJpdHNPZlRleHQwMDAwMDAwMDAw nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed80000644000000000000000000000005213230126417017113 0ustar 00000000000000/jIyNGJpdHNPZlRleHQwMDAwMDAwMDAwMDAwMA== nss-3.35/nss/cmd/bltest/tests/ecdsa/sigseed90000644000000000000000000000005213230126417017114 0ustar 00000000000000/jIyNGJpdHNPZlRleHQwMDAwMDAwMDAwMDAwMA== nss-3.35/nss/cmd/bltest/tests/md2/ciphertext00000644000000000000000000000003113230126417017237 0ustar 00000000000000CS/UNcrWhB5Knt7Gf8Tz3Q== nss-3.35/nss/cmd/bltest/tests/md2/numtests0000644000000000000000000000000213230126417016660 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/md2/plaintext00000644000000000000000000000002113230126417017067 0ustar 0000000000000016-bytes to MD2. nss-3.35/nss/cmd/bltest/tests/md5/ciphertext00000644000000000000000000000003113230126417017242 0ustar 00000000000000XN8lnQuWAiMqmSGfvd8Hdw== nss-3.35/nss/cmd/bltest/tests/md5/numtests0000644000000000000000000000000213230126417016663 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/md5/plaintext00000644000000000000000000000010013230126417017070 0ustar 0000000000000063-byte input to MD5 can be a bit tricky, but no problems here. nss-3.35/nss/cmd/bltest/tests/rc2_cbc/ciphertext00000644000000000000000000000001513230126417020054 0ustar 000000000000003ki6eVsWpY8= nss-3.35/nss/cmd/bltest/tests/rc2_cbc/iv00000644000000000000000000000001113230126417016307 0ustar 0000000000000012345678 nss-3.35/nss/cmd/bltest/tests/rc2_cbc/key00000644000000000000000000000001113230126417016461 0ustar 00000000000000zyxwvuts nss-3.35/nss/cmd/bltest/tests/rc2_cbc/numtests0000644000000000000000000000000213230126417017473 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/rc2_cbc/plaintext00000644000000000000000000000001113230126417017701 0ustar 00000000000000Mozilla! nss-3.35/nss/cmd/bltest/tests/rc2_ecb/ciphertext00000644000000000000000000000001513230126417020056 0ustar 00000000000000WT+tc4fANhQ= nss-3.35/nss/cmd/bltest/tests/rc2_ecb/key00000644000000000000000000000001113230126417016463 0ustar 00000000000000zyxwvuts nss-3.35/nss/cmd/bltest/tests/rc2_ecb/numtests0000644000000000000000000000000213230126417017475 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/rc2_ecb/plaintext00000644000000000000000000000001113230126417017703 0ustar 00000000000000Mozilla! nss-3.35/nss/cmd/bltest/tests/rc4/ciphertext00000644000000000000000000000001513230126417017247 0ustar 0000000000000034sTZJtr20k= nss-3.35/nss/cmd/bltest/tests/rc4/ciphertext10000644000000000000000000000005513230126417017254 0ustar 0000000000000034sTZJtr20nGP6VxS3BIBxxIYm6QGIa1rehFHn51z9M= nss-3.35/nss/cmd/bltest/tests/rc4/key00000644000000000000000000000001113230126417015654 0ustar 00000000000000zyxwvuts nss-3.35/nss/cmd/bltest/tests/rc4/key10000644000000000000000000000001113230126417015655 0ustar 00000000000000zyxwvuts nss-3.35/nss/cmd/bltest/tests/rc4/numtests0000644000000000000000000000000213230126417016666 0ustar 000000000000002 nss-3.35/nss/cmd/bltest/tests/rc4/plaintext00000644000000000000000000000001113230126417017074 0ustar 00000000000000Mozilla! nss-3.35/nss/cmd/bltest/tests/rc4/plaintext10000644000000000000000000000004113230126417017100 0ustar 00000000000000Mozilla!Mozilla!Mozilla!Mozilla! nss-3.35/nss/cmd/bltest/tests/rc5_cbc/ciphertext00000644000000000000000000000001513230126417020057 0ustar 00000000000000qsv4Fn2J6d0= nss-3.35/nss/cmd/bltest/tests/rc5_cbc/iv00000644000000000000000000000001113230126417016312 0ustar 0000000000000012345678 nss-3.35/nss/cmd/bltest/tests/rc5_cbc/key00000644000000000000000000000001113230126417016464 0ustar 00000000000000zyxwvuts nss-3.35/nss/cmd/bltest/tests/rc5_cbc/numtests0000644000000000000000000000000213230126417017476 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/rc5_cbc/params00000644000000000000000000000002513230126417017164 0ustar 00000000000000rounds=10 wordsize=4 nss-3.35/nss/cmd/bltest/tests/rc5_cbc/plaintext00000644000000000000000000000001113230126417017704 0ustar 00000000000000Mozilla! nss-3.35/nss/cmd/bltest/tests/rc5_ecb/ciphertext00000644000000000000000000000001513230126417020061 0ustar 000000000000004ZKK/1v5Ohc= nss-3.35/nss/cmd/bltest/tests/rc5_ecb/key00000644000000000000000000000001113230126417016466 0ustar 00000000000000zyxwvuts nss-3.35/nss/cmd/bltest/tests/rc5_ecb/numtests0000644000000000000000000000000213230126417017500 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/rc5_ecb/params00000644000000000000000000000002513230126417017166 0ustar 00000000000000rounds=10 wordsize=4 nss-3.35/nss/cmd/bltest/tests/rc5_ecb/plaintext00000644000000000000000000000001113230126417017706 0ustar 00000000000000Mozilla! nss-3.35/nss/cmd/bltest/tests/rsa/ciphertext00000644000000000000000000000005513230126417017350 0ustar 00000000000000qPVrXv0y3SC5rY44bIi6GE4Aec8uDpHH7/cCg0FU5as= nss-3.35/nss/cmd/bltest/tests/rsa/key00000644000000000000000000000037413230126417015765 0ustar 00000000000000AAAAAAAAACC5lyu2K2ro8YGnvOCKaL1sFX1HEIblIVbuMXsa8oeFSwAAAAERAAAA IBXVjKwFG6LvPG4WOIjBBzmxGNpkQwDs3W5qZcXVzqahAAAAEOEOH/WnhZCJyM39 oNfhf18AAAAQ0xvmxqXXs3L62xxogUl9lQAAABAaeiHgqkvy4wiQtG1Gkv/tAAAA EMaw2TNu6SFdKFXAYluQdjEAAAAQi0u+IlgKCt/hatGAsTrfzQ== nss-3.35/nss/cmd/bltest/tests/rsa/numtests0000644000000000000000000000000213230126417016763 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/rsa/plaintext00000644000000000000000000000004113230126417017174 0ustar 00000000000000512bitsforRSAPublicKeyEncryption nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext00000644000000000000000000000025713230126417020360 0ustar 00000000000000NU/me0oSbV01/jbHd3kaP3uhPe9ITi05CK/3IvrUaPshaW3pXQvpEcLTF0+K/MIBA197bY5pQC3l RRYYwhpTX6nXv8W43Z/CQ/jPkn2zEyLW6IHqqRqZYXDmV6BaJmQm2YyIAD+Ed8EicJSg2foejEAk MJzh7My1IQA11HrHLoo= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext10000644000000000000000000000025713230126417020361 0ustar 00000000000000ZA2xrMWOBWj+VAfl+bcB3/jDyR5xbFNvx/zsbLW3HBFlmI1KJ54Vd9cw/Hopky4/AMgVFSNtjY4x AXp6Cd9DUtkEzet5qlg63MMeppikwFKD2rqQib5UkfZ8Gk7kjcdLu+ZkOu+EZnm0yzlaNS1e0RWR LfaW/+BwKTKUbXFJK0Q= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext100000644000000000000000000000040413230126417020433 0ustar 00000000000000Iyr7ySf6CML2onuH1KXLCcB9wm+uc9c6kFWIOfT9ZtKBuH7HNLziN7oWZpjtgpEGp95pQs1s3OeP 7Y0uTYFCjmZJDQNiZM75KvlB0+NQVf45geFNKcu5pPZ0cwY7rseaEXn1oXycGDLyg4/X1eWbuWWd VtzooBnt7xuzrMxpfMbMenePYKBkx/b11SnGIQJi4APeWD6B4xZ7iZcfuMDhXUT//vibU9jWTdeX 0Vm1bSsI6lMH6hLCQb1Y1O4nih8u nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext110000644000000000000000000000040413230126417020434 0ustar 00000000000000Q4zH3AimjaJJ5CUF+Fc7pg4sJ3PVspD0z53/cY6EIIHDg+ZwJKDylZTqmHudJeS3OPKFlw0ZWrs6 jIBU49eda5yagye6WW8SWeJxJmdHZpB9jVgv86hHYVSSmtsebRI1ssy07I9mO6nMZwqSvr2FPI2/ acZDbQFvYa3YNulHMkUENCB/n9TEPewqEqlY76Ae/iZpiZteYEwlXFX7cWbeVYnjaVl7sJFowG3V 2xd+BqF0DrLVyC+uym2S/O6ZMbqf nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext120000644000000000000000000000053513230126417020442 0ustar 00000000000000U+pdwIzSYPs7hYVnKH+pFVLDCy/r+6IT8K6HcC0GjRm6sH/ldFI9+0ITnWjDxa/u4L/ky3lpy/OC uATW5hOWFE4tDmB0H4mTwwFLWLmxlXqLq80jr4VPTDVvsWYqpyv8x+WGVZ3EKA0WDBJnhacj6+6+ /3HxFZRECq74fRB5Ood0ojnUoEyH/hRnudr4UgjsbHJVeUqWzCkUL5qL1Bjjwf1nNEsM0IKd87K+ xgJTGWKTxrNNP3XTLyE91Fxic9UFrfTM7RBXy3WPwmru+kQSVe1OZMGZ7gdefxZkYYL9tGRzm2ir Xa/w5j6VUgFoJPBUv008jJCpe7a2VTKE60KfzA== nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext130000644000000000000000000000053513230126417020443 0ustar 00000000000000orGkMKnWV+L6HCu17UP/slwFowj+kJPAEDF5X1h0QAEQgorlj7m1gc6d3dPlSa4EoJhUWb3mxiZZ TnsF3EJ4sqFGXBNoQIgjyF6W3GbDowmDxjlmT8RWmjf+IeWhlbV3bu0t+NjTYa9obnUCKbvWY/Fh hopQYV4MM3vsDKNf7AuxnDbrLgu8wFgvodk6rNsGEGP1nyzh7kNgXl2J7KGD0qzf6fgQEQIq07Q6 PdQX2slLThHqgbGSlm6WaxgggucZZGB7T4AC82KZhEoR8q4PrqwurnD49PmAiKzc0KxVbp/MxRFS GQj60m8ExkIBRQMFd4dYsFOL+LW7FEqCjmKXlQ== nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext140000644000000000000000000000053513230126417020444 0ustar 00000000000000mIbD5nZKi5qE6EFI69jDsaqAUDgaePZocUwW2c/Spu3FaXnFNdne47RLhcGL6JKJkjcXEUciFtld 2pjS7oNHybFN/9/4SqSNJawG99fmU5islnsc6Qkl9n3OBJt/gS2wdCmXp01E/oHb4Oej/q8uXECv iI1VDdu+O8IGV6KVQ/j8KRO5vRphsqsiVuxAm719wNF3F+olxD9C7Sffhzi/SvxnZv96/whZVV7i g5IPTIpjxKc0DLr93DOezbSwUVAC+WyTK1t5Fnr2mcCtP8z98PROhacCYr8uGP40uFBYmXXoZ/+W nUjqvyEicVRs3AWmnstSblKHDINvMHvXmHgO3g== nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext150000644000000000000000000000053513230126417020445 0ustar 00000000000000Yxjp+1wNBeUwfhaDQ26QMpOsRkI1iqoiPXFjATq6h+Lf2o5gxoYOKaHpJoYWPqC5F18ynKOxMaHt 06d3Wai5e61qT49DlvKM9vOcpYES5IFg1uID2qWFbzrKX/7Vd69JlAjj39Iz4+YE2+NKnEyQgt5l UnysYzHSncgOBQig+nEi5/Mp9sylz6NNTR2kF4BUV+AIvsVJ5Hj/nhKnY8R30Vu7ePW2m9V4MPws TtaG15vHKpXYX4gTTGsK/laozPvIVYKLszm9F5Cc8dcN4zNa4HA5CT5gbWVTZd5lULhyzW3h1EDu AxthlF9imtijU7DUCTnpajxFDSqNXu6fZ4CTyA== nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext160000644000000000000000000000053513230126417020446 0ustar 00000000000000dSkIcsz9SkUFZg1lH1babaoJyhMB2JBjL2qZLz1WXO5GSv3tQO07W+k1ZxTqWqdlX0oTZsLxfHKP byxaXR+OKEKbxOb48s/42o3A4KmAjkX9CeovpAyyts5v//XA4VnRG2jZCoX3uE4QOwnmgmZkgMZX UFwJKSWUaKMUeG106rExVzzyNL9X232eZsxnSBkuAC3A3uqTBYXwgx/c2bwz1R957S/8Frz01ZgS /OvKo/kGmw5EVobWRMJcz2O0Vu5fpv/pbxnN91H+2erzWVd1Tb9L/qUhaqGETcUHyy0IDnIuuhUD CMK1/xGTYg8XZuz0SBuvuUO9KSh38hNspJSroA== nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext170000644000000000000000000000053513230126417020447 0ustar 00000000000000LSB6c0Mqj7TAMFGz9zsophdkCY36NMR6IJlfgRWqaBZnm1V+gtvuWEkIxuaXgtfes029Za8GPVf8 p2pf0GlJL9YGjZmE0gk1BWWmLlx38jA4wSyxDGY0cJtUfEb2tKcJvYXKEi10Rl75d2LCl2Pgbbx6 nnOMeL/KAQLcXnnWW5c/KCQMqrLhYaeLV9JiRX7YGV1T48eunaAhiDxtt8JK/dIyLqyXKtPDVMX8 7x4UbDoCkPtnrfAHBm4AQo0s7BjOWPkyhpje/vSy617HaRj94cGYy7OLevxnYmqa7+xDIr/ZDSVj SByaIh94yCcsgtG2KrkU4cafavbvMMpSYNtKRg== nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext20000644000000000000000000000025713230126417020362 0ustar 00000000000000Qjc27QNfYCavJ2w1wLN0GzZeX3bKCRtOjCni8L7+5gNZWqgyLWAtLmJeleuBsvHJck6CLsp224YY zwnFNDUDpDYINbWQO8Y344efsF4O8yaF1a7FBnzXzJb+SyZwturDBmsfz1aGtoWJqvt9YpsC2Phi XKODNiTUgA+wgbHPlOs= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext30000644000000000000000000000025713230126417020363 0ustar 00000000000000RerUylUeZiyYAPGsqCg7BSXmq64wvktKunYvpA/T044iq+/Gl5T267vAXduxEhYkfS9BL9D7qHxu Os2IiBNkb9DkjnhSBPnD9z1tgjlWJyLd3Ydx/sSLg6Me5vWSxM/UvIgXTzsToRKq47n3uA4Pxvcl W6iA3H2AIeIq1qhfB1U= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext40000644000000000000000000000025713230126417020364 0ustar 00000000000000NvbjTZSo002qy6M6ITnQCthak0WoYFHnMHFiAFa5IOIZAFhVohOg8jiXzc1zG0UlfHd/6QggK+/d C1g4axJE6gz1OaBdXRAynaROEwMP12Dc1kTP7yCU0ZENP0M+HHxt0YvB8t9/ZD1mL7ndN+rZBZGQ 9PpmyjnoacTrRJy9xDk= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext50000644000000000000000000000025713230126417020365 0ustar 00000000000000Qs7iYXsezqTbP0gpOG+9Ydr78DjhgNg3yWNm3yTAl7SrD6xr31kNghyfEGQuaBrQW414s3jA9Gzi +tY/dOCtPfBrB11+tfVjb41AO5BZynYbXGK7UqpFAC6nC6rOCN7SQ7nYy9YqaK3iZYMrVlZOQ6b6 Qu0ZmgmXaXQt8VOeglU= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext60000644000000000000000000000040413230126417020360 0ustar 00000000000000JnvNEYrKsfyLqByF1zADy4YQ+lXB2X2o1Ip8fwaJak23UaooQlW502rWXzdlPYKfGzf5e4ABlCVF svwsVac3bKehvksXYMjgWjPlqiUmuNmOMXCI54NMdVsqWbEmMaGCwF1dQ6sXeSZPhFb1Fc5X399R LVST2re3M43Et9eNucCRrDuvU3pp/H9UnZefDv+alP2kFpvU0dGaacmeM8O1VJDVAbObHtrhGP9n k6FTJhWE06Xzn25oLj0XyM0SYfpy nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext70000644000000000000000000000040413230126417020361 0ustar 00000000000000k6yfBnHsKay7RE7/waV0E1HWD9sOOT+/dUrPDeSXYaFIQd93cum8gnc5ZqFYTE1yuuoAEY+D81zK blN8vU2BH1WDspeD2KbZTNMb5w1vUmwQ/wnG+nzgaXlaP80FEf1fy1ZLzIDqnHjzi4ABJTnYpN32 /oHpzdt/UNu7vMfl2GCXzPTsSRifuL8xi+bVoHFdUWtJrxkSWM0y3IM85utGc8A6Gbus6IzFSJX2 NswMHsiQltEc4jWiZcoXZCMqaJro nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext80000644000000000000000000000040413230126417020362 0ustar 00000000000000gevdlQVLDIIu+a12k/Woet+0tMTOcN8t+E7UnATaWLpfwgoZ4abot6OQCyJ5bcToae5rQnktFajs 61bAnGmRToE86o9pMeS47W9CGvKY1ZXJf0eJx8qmEsfvNgmEwhuT7cVAEGi1r0x4qHcbmE1TuOqK 3y9qfUoLp2x14d2fZY8g3tSkYHHUbXeRtWgD2P6n8LD45Brj8JODpvlYX+d1Pqr/0r+UVjEIvuzC B7u1NfX8xwXw3en3CMYvSanJA3HT nss-3.35/nss/cmd/bltest/tests/rsa_oaep/ciphertext90000644000000000000000000000040413230126417020363 0ustar 00000000000000vMNflM3mbLETZiXWJblEMqNbIvPS+hGmE/8PylvVf4e5AszcHNCuvLBxXuhp0dH+OV9nkwA/XspG UFnIhmDURv9fCBhVICJVfjjAimfq2ZEmIlTxBoKXXsVjl3aFN/SXevbV9qrOt/sl3sWTcjAjH9iX ivSRGaKfKeQkq4JytHVieS1clPd0uIKdCw2fGoye3fN1dNX6JI7vqcUnH8XsJXnIG91htBD6Yf42 5CQiHBE63bJ1ZkyAHTTKjGNR5KhY nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash00000644000000000000000000000000513230126417017113 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash10000644000000000000000000000000513230126417017114 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash100000644000000000000000000000000513230126417017174 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash110000644000000000000000000000000513230126417017175 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash120000644000000000000000000000000513230126417017176 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash130000644000000000000000000000000513230126417017177 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash140000644000000000000000000000000513230126417017200 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash150000644000000000000000000000000513230126417017201 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash160000644000000000000000000000000513230126417017202 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash170000644000000000000000000000000513230126417017203 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash20000644000000000000000000000000513230126417017115 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash30000644000000000000000000000000513230126417017116 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash40000644000000000000000000000000513230126417017117 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash50000644000000000000000000000000513230126417017120 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash60000644000000000000000000000000513230126417017121 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash70000644000000000000000000000000513230126417017122 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash80000644000000000000000000000000513230126417017123 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/hash90000644000000000000000000000000513230126417017124 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key00000644000000000000000000000147013230126417016767 0ustar 00000000000000AAAAAQAAAACAqLOyhK+OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx+CwgtaTpef87Wdc9GaFEncsDLxkp0LGxjD1M8jMcvYq6DPEC/JYQumEu3i9v5fAEH1VvbZi9cTg+rmEXLUUjvc5LdOq/5OuHmtme7PUJHYW1PW6ENTP0ibeiNOfFvsAAAADAQABAAAAgFMznP23n8hGamVccxasqFxV/Y9t2Jj9rxGVF+9PUuj9jiWN+T/uGA+g5KspaTzYOxUqVT1KxNGBK4ufpa8Of1X+cwTfQVcJJvMxHxXE1lpzLEgxFu49PS0K81Sa2b98v7eK2IT4TVvrBHJNxzabMd7zfQz1OenPzdPeZTcp6tXRAAAAQNMnN+cmf/4TQbLVwNFQqBtYb7MTK+0vjVJihkqcufMK84vkSFmNQToXLvuALCGs8cEcUgwvJqRx3K0hLqx8o50AAABAzIhT0dVNpjD6wAT0cfKBx7iYLYIkpJDtvrM9Pj1cyTxHZXA9HdeRZC8fEWoN2FK+JBmyr3K/6aAw6GCwKItddwAAAEAOEr8XGOnO9VmbocOIL+gEapCHTu/OjyzMIOTydB+wozo4SK7JyTBfvsvS12gZln1GcazGQx5AN5aNs3h45pXBAAAAQJUpew+Vovpn0AcH1gnf1PwFyJ2vwu9tbqVb7HceozNzTZJR55CC7NqGbv7xPEWeGmMThrfjVMiZ9fESyoXXFYMAAABAT0VsUCSTvcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2h90qjKHS9PvY4Q==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key10000644000000000000000000000147013230126417016770 0ustar 00000000000000AAAAAQAAAACAqLOyhK+OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx+CwgtaTpef87Wdc9GaFEncsDLxkp0LGxjD1M8jMcvYq6DPEC/JYQumEu3i9v5fAEH1VvbZi9cTg+rmEXLUUjvc5LdOq/5OuHmtme7PUJHYW1PW6ENTP0ibeiNOfFvsAAAADAQABAAAAgFMznP23n8hGamVccxasqFxV/Y9t2Jj9rxGVF+9PUuj9jiWN+T/uGA+g5KspaTzYOxUqVT1KxNGBK4ufpa8Of1X+cwTfQVcJJvMxHxXE1lpzLEgxFu49PS0K81Sa2b98v7eK2IT4TVvrBHJNxzabMd7zfQz1OenPzdPeZTcp6tXRAAAAQNMnN+cmf/4TQbLVwNFQqBtYb7MTK+0vjVJihkqcufMK84vkSFmNQToXLvuALCGs8cEcUgwvJqRx3K0hLqx8o50AAABAzIhT0dVNpjD6wAT0cfKBx7iYLYIkpJDtvrM9Pj1cyTxHZXA9HdeRZC8fEWoN2FK+JBmyr3K/6aAw6GCwKItddwAAAEAOEr8XGOnO9VmbocOIL+gEapCHTu/OjyzMIOTydB+wozo4SK7JyTBfvsvS12gZln1GcazGQx5AN5aNs3h45pXBAAAAQJUpew+Vovpn0AcH1gnf1PwFyJ2vwu9tbqVb7HceozNzTZJR55CC7NqGbv7xPEWeGmMThrfjVMiZ9fESyoXXFYMAAABAT0VsUCSTvcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2h90qjKHS9PvY4Q==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key100000644000000000000000000000227013230126417017047 0ustar 00000000000000AAAAAQAAAADAzyzUHjTKOnKOpcuK/2TDbSe971Nk4zb9aNMSPFoZaowocBPoU9UVbVjRUZVFIPtPbXsXq7aBd2WQnFdhGWWdkCsZBu2KKxDBVcJNEkUo2rnurjeb6sZuSkEXhty4/QBi68Aw3hIZoEwqjBt90xMeTWtsruLjGl7UGsFQmy7x7iqxg2S+VoypQcJezIT/nWQ7XsGqrhAqINc/R5t4D9bakQdSEtnqwDoGdNiZ66LkMfTES2Fba6IjK9SzO67XPWJdAAAAAwEAAQAAAMAZjBQeI3FakrzPahGaW8ETiUaNKBH1SNcn4XtKsOuYbW8hHvtTtx98y+qH7mnHXuYVAIxTMt61K/OQq9+/431yBTaBWbJjjB3jJuIdIiUfD7WEizvxUAXSp0Mw8K/pFu5izME0TR2DpwnmBnYnOED383dCSl4KTadfAbMf92gZz5y/3SFSQ8ORfAPvOBmTEuVns7967Tq0V/Nx74oUI/RbaMbiguwRG7ooM7mH/Wn62DvBuMYTxeHqFsEe0SXqfsEAAABg/I1sBL7E65qBksp5AMvlNuLotRnezzOyRZeYxpCd9PF2230jGQ/HK4hlpxiviV8bzZFFKYAnQjtgXnCkfPWDkKjD6I/IxI6LMuPaIQ374+iB6lZ0tqNIwh6T+eVepl79AAAAYNIA1F54iqzqYGpAHQRg+H3VwQJ+EtwaDXWG6JOdnPeJtA9RrARClh3n0hzCHgXIMVXB8qqRkzh8/flWy0jRU7onBAb5u7pTfUmH2eL5lC16FMv//qdP7N2pKNI+JZ9e4QAAAGDbFoAveaLw1F81jWn9M+RLgfroKGIuk6VCU+mX0BsHQ3WdoOgStKpObIvqsjKNVDGVWkGKZ/8mqMXIB6XaNU4F7zHMjPdY9GNzKVCwPiZXJvuU451qVyomJEqwjbdXUq0AAABgoKMXz+ffFCP4em3uhFH04rSmflSX8ptPHk6DC5+t2UARZwJvVZblo5yXgX4PXxbifhnsmQLgHX6m+5qjx2Cv7h44G2neasnAdYWgatnEugC/dcitL6iYpHnoCuKU/tKhAAAAYAsh8zXDUzQutEw6okRFeAwtZVuUAXTK44x8ik5kk8C6n9MDdIJnsIO5p6bLYeQts2K4yYlttwZOAq1a5hWH2hW0ZJyQWUkJ/rN9vLZUvrcmjsgB5ai0qjkRvr2IVC8Fvg==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key110000644000000000000000000000227013230126417017050 0ustar 00000000000000AAAAAQAAAADAzyzUHjTKOnKOpcuK/2TDbSe971Nk4zb9aNMSPFoZaowocBPoU9UVbVjRUZVFIPtPbXsXq7aBd2WQnFdhGWWdkCsZBu2KKxDBVcJNEkUo2rnurjeb6sZuSkEXhty4/QBi68Aw3hIZoEwqjBt90xMeTWtsruLjGl7UGsFQmy7x7iqxg2S+VoypQcJezIT/nWQ7XsGqrhAqINc/R5t4D9bakQdSEtnqwDoGdNiZ66LkMfTES2Fba6IjK9SzO67XPWJdAAAAAwEAAQAAAMAZjBQeI3FakrzPahGaW8ETiUaNKBH1SNcn4XtKsOuYbW8hHvtTtx98y+qH7mnHXuYVAIxTMt61K/OQq9+/431yBTaBWbJjjB3jJuIdIiUfD7WEizvxUAXSp0Mw8K/pFu5izME0TR2DpwnmBnYnOED383dCSl4KTadfAbMf92gZz5y/3SFSQ8ORfAPvOBmTEuVns7967Tq0V/Nx74oUI/RbaMbiguwRG7ooM7mH/Wn62DvBuMYTxeHqFsEe0SXqfsEAAABg/I1sBL7E65qBksp5AMvlNuLotRnezzOyRZeYxpCd9PF2230jGQ/HK4hlpxiviV8bzZFFKYAnQjtgXnCkfPWDkKjD6I/IxI6LMuPaIQ374+iB6lZ0tqNIwh6T+eVepl79AAAAYNIA1F54iqzqYGpAHQRg+H3VwQJ+EtwaDXWG6JOdnPeJtA9RrARClh3n0hzCHgXIMVXB8qqRkzh8/flWy0jRU7onBAb5u7pTfUmH2eL5lC16FMv//qdP7N2pKNI+JZ9e4QAAAGDbFoAveaLw1F81jWn9M+RLgfroKGIuk6VCU+mX0BsHQ3WdoOgStKpObIvqsjKNVDGVWkGKZ/8mqMXIB6XaNU4F7zHMjPdY9GNzKVCwPiZXJvuU451qVyomJEqwjbdXUq0AAABgoKMXz+ffFCP4em3uhFH04rSmflSX8ptPHk6DC5+t2UARZwJvVZblo5yXgX4PXxbifhnsmQLgHX6m+5qjx2Cv7h44G2neasnAdYWgatnEugC/dcitL6iYpHnoCuKU/tKhAAAAYAsh8zXDUzQutEw6okRFeAwtZVuUAXTK44x8ik5kk8C6n9MDdIJnsIO5p6bLYeQts2K4yYlttwZOAq1a5hWH2hW0ZJyQWUkJ/rN9vLZUvrcmjsgB5ai0qjkRvr2IVC8Fvg==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key120000644000000000000000000000307013230126417017050 0ustar 00000000000000AAAAAQAAAAEArkXtVgHOxrjMBfgDk1xnTdvg11xMCf15UfxrDK7DE6jfOZcMUYv/ul7Wjz8NfyKkAp1BPxrgfk6+nkF3ziPn9UBLVp5O4b3PPB+wPvETgC1PhV65tRNLWnyAha3K5vovoUF+w3Y74XGwxit2Dt4jwSrZK5gIhMZB9aj6wmva1KAzgaIv4bdUiFCUyCUG1AGaU1ooav6ycbubpZLeGNz2AMKu6uVuAvfPefwUzzvcfNhP67v5UMqQMEsiGaeqBjrvosPBmA5WDNZK/neVhbYQdle5V4V+/eYBCYirfeQX/IjY84TE5ucsP5Q+DDHAxKXMNvh52KOsnX1Zhg6q2muDuwAAAAMBAAEAAAEABWsEIW/l81SsdyUKS2sMhSWoXFmwvYDFZFCiLV9DjllqMzqodeKR3UP0jLiLnV/A1Jn5/NHDl/mvwHDNnjmMjRnmHbfHQQprJnXfv100W4BNIBrdUC1c4t/LCRzpmXu+vlcwbzg+TViBA/A29+hdGTTRUqMj5KjbRR1vSlsbDxAswVDgL+7iuI3qStTBusyyTYQHLRTh0kpncfdAjuMFZPuG1Dk6NLzwt4hQHRkzA/E6IoSwAfD2Ser3kyjUrFxDCrRBSSCpRg7Rt7xA7GU+h20Jq8UJrkW1JRkBFqDCYQGEgphQnBw786SD5ydAVOFelwdQNumJ9gkygHtSV3UeeQAAAIDs9a7NHlUV//rL11ooFsbr9JAYzftGOOGF1mpzlrb4CQ+AGMf9lcw0uFfcF/DMZRa7E0arTVgsra17QQM1I4e3AzjQhAR8nZU5tkliBLPdbqRCSZIHvsAflkKH/2M2w5hGWDNoRvVuRoYYgcECM9IXa/FaXpbdx4C8hoqnfTznaQAAAIC8RsRk/GrEyng7DrCKPIQbdy9+my8our1YiuiF4aDGHkhYoPslrCmZkPNb6FFkwlm6EXXN1xknBxNRhJkrbCm3Rt0NLKvhQoNffRSMwWFSS0oJlG1IuChHPxzna2y2iGw0XAPgX0HVG1w6kKPyQHPH10pP4l2c8hx1lg8/w4YxgwAAAIDHNWRXHQD7FdCKPemVelCRXXEm6UQtrPQryC6GLlZz/2oAjtTS43RhffifF6FgtDt/2py2trdCGGCYFffUXKJjwVmqMtJy0Sf69LyMotdzeOiusZsK19o8s94K5zFJgPYrbUsKh10d8DwbrjnM2DPvbNfi2VKL8ITR+WnnlOn2wQAAAIAmWLN/bfnBAwvh22gRf6nYfjnqK2k7fm06L3CUdBPuxhQuGPuN/LasVF18hqCtSPhFcXDw77JrxIEmxT79HRaSAZjcKhEH3CgttqgM0wYjYLo/oT9w5DEv8abNa4/EzZxcPbF8bWpXIS9zrin2GTJ7rVmxU4WFhbpOKLYKYqReSQAAAIBvOFJrOSUIVTTvPkFag27ei4YViix8v+zLC9g0ME/saDuo1PR5xDPUNBbmMmliPOoQB3bYWv9AHT//YQ7mVBHOOxNj1jqXCe7eQmR86lYUk9VFcKh5wYaCzZdxC5YgXsMRF9c7XzYiP63W6LqQ3XwO5h1E4WMlHiDH9m6zBRF8uA==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key130000644000000000000000000000307013230126417017051 0ustar 00000000000000AAAAAQAAAAEArkXtVgHOxrjMBfgDk1xnTdvg11xMCf15UfxrDK7DE6jfOZcMUYv/ul7Wjz8NfyKkAp1BPxrgfk6+nkF3ziPn9UBLVp5O4b3PPB+wPvETgC1PhV65tRNLWnyAha3K5vovoUF+w3Y74XGwxit2Dt4jwSrZK5gIhMZB9aj6wmva1KAzgaIv4bdUiFCUyCUG1AGaU1ooav6ycbubpZLeGNz2AMKu6uVuAvfPefwUzzvcfNhP67v5UMqQMEsiGaeqBjrvosPBmA5WDNZK/neVhbYQdle5V4V+/eYBCYirfeQX/IjY84TE5ucsP5Q+DDHAxKXMNvh52KOsnX1Zhg6q2muDuwAAAAMBAAEAAAEABWsEIW/l81SsdyUKS2sMhSWoXFmwvYDFZFCiLV9DjllqMzqodeKR3UP0jLiLnV/A1Jn5/NHDl/mvwHDNnjmMjRnmHbfHQQprJnXfv100W4BNIBrdUC1c4t/LCRzpmXu+vlcwbzg+TViBA/A29+hdGTTRUqMj5KjbRR1vSlsbDxAswVDgL+7iuI3qStTBusyyTYQHLRTh0kpncfdAjuMFZPuG1Dk6NLzwt4hQHRkzA/E6IoSwAfD2Ser3kyjUrFxDCrRBSSCpRg7Rt7xA7GU+h20Jq8UJrkW1JRkBFqDCYQGEgphQnBw786SD5ydAVOFelwdQNumJ9gkygHtSV3UeeQAAAIDs9a7NHlUV//rL11ooFsbr9JAYzftGOOGF1mpzlrb4CQ+AGMf9lcw0uFfcF/DMZRa7E0arTVgsra17QQM1I4e3AzjQhAR8nZU5tkliBLPdbqRCSZIHvsAflkKH/2M2w5hGWDNoRvVuRoYYgcECM9IXa/FaXpbdx4C8hoqnfTznaQAAAIC8RsRk/GrEyng7DrCKPIQbdy9+my8our1YiuiF4aDGHkhYoPslrCmZkPNb6FFkwlm6EXXN1xknBxNRhJkrbCm3Rt0NLKvhQoNffRSMwWFSS0oJlG1IuChHPxzna2y2iGw0XAPgX0HVG1w6kKPyQHPH10pP4l2c8hx1lg8/w4YxgwAAAIDHNWRXHQD7FdCKPemVelCRXXEm6UQtrPQryC6GLlZz/2oAjtTS43RhffifF6FgtDt/2py2trdCGGCYFffUXKJjwVmqMtJy0Sf69LyMotdzeOiusZsK19o8s94K5zFJgPYrbUsKh10d8DwbrjnM2DPvbNfi2VKL8ITR+WnnlOn2wQAAAIAmWLN/bfnBAwvh22gRf6nYfjnqK2k7fm06L3CUdBPuxhQuGPuN/LasVF18hqCtSPhFcXDw77JrxIEmxT79HRaSAZjcKhEH3CgttqgM0wYjYLo/oT9w5DEv8abNa4/EzZxcPbF8bWpXIS9zrin2GTJ7rVmxU4WFhbpOKLYKYqReSQAAAIBvOFJrOSUIVTTvPkFag27ei4YViix8v+zLC9g0ME/saDuo1PR5xDPUNBbmMmliPOoQB3bYWv9AHT//YQ7mVBHOOxNj1jqXCe7eQmR86lYUk9VFcKh5wYaCzZdxC5YgXsMRF9c7XzYiP63W6LqQ3XwO5h1E4WMlHiDH9m6zBRF8uA==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key140000644000000000000000000000307013230126417017052 0ustar 00000000000000AAAAAQAAAAEArkXtVgHOxrjMBfgDk1xnTdvg11xMCf15UfxrDK7DE6jfOZcMUYv/ul7Wjz8NfyKkAp1BPxrgfk6+nkF3ziPn9UBLVp5O4b3PPB+wPvETgC1PhV65tRNLWnyAha3K5vovoUF+w3Y74XGwxit2Dt4jwSrZK5gIhMZB9aj6wmva1KAzgaIv4bdUiFCUyCUG1AGaU1ooav6ycbubpZLeGNz2AMKu6uVuAvfPefwUzzvcfNhP67v5UMqQMEsiGaeqBjrvosPBmA5WDNZK/neVhbYQdle5V4V+/eYBCYirfeQX/IjY84TE5ucsP5Q+DDHAxKXMNvh52KOsnX1Zhg6q2muDuwAAAAMBAAEAAAEABWsEIW/l81SsdyUKS2sMhSWoXFmwvYDFZFCiLV9DjllqMzqodeKR3UP0jLiLnV/A1Jn5/NHDl/mvwHDNnjmMjRnmHbfHQQprJnXfv100W4BNIBrdUC1c4t/LCRzpmXu+vlcwbzg+TViBA/A29+hdGTTRUqMj5KjbRR1vSlsbDxAswVDgL+7iuI3qStTBusyyTYQHLRTh0kpncfdAjuMFZPuG1Dk6NLzwt4hQHRkzA/E6IoSwAfD2Ser3kyjUrFxDCrRBSSCpRg7Rt7xA7GU+h20Jq8UJrkW1JRkBFqDCYQGEgphQnBw786SD5ydAVOFelwdQNumJ9gkygHtSV3UeeQAAAIDs9a7NHlUV//rL11ooFsbr9JAYzftGOOGF1mpzlrb4CQ+AGMf9lcw0uFfcF/DMZRa7E0arTVgsra17QQM1I4e3AzjQhAR8nZU5tkliBLPdbqRCSZIHvsAflkKH/2M2w5hGWDNoRvVuRoYYgcECM9IXa/FaXpbdx4C8hoqnfTznaQAAAIC8RsRk/GrEyng7DrCKPIQbdy9+my8our1YiuiF4aDGHkhYoPslrCmZkPNb6FFkwlm6EXXN1xknBxNRhJkrbCm3Rt0NLKvhQoNffRSMwWFSS0oJlG1IuChHPxzna2y2iGw0XAPgX0HVG1w6kKPyQHPH10pP4l2c8hx1lg8/w4YxgwAAAIDHNWRXHQD7FdCKPemVelCRXXEm6UQtrPQryC6GLlZz/2oAjtTS43RhffifF6FgtDt/2py2trdCGGCYFffUXKJjwVmqMtJy0Sf69LyMotdzeOiusZsK19o8s94K5zFJgPYrbUsKh10d8DwbrjnM2DPvbNfi2VKL8ITR+WnnlOn2wQAAAIAmWLN/bfnBAwvh22gRf6nYfjnqK2k7fm06L3CUdBPuxhQuGPuN/LasVF18hqCtSPhFcXDw77JrxIEmxT79HRaSAZjcKhEH3CgttqgM0wYjYLo/oT9w5DEv8abNa4/EzZxcPbF8bWpXIS9zrin2GTJ7rVmxU4WFhbpOKLYKYqReSQAAAIBvOFJrOSUIVTTvPkFag27ei4YViix8v+zLC9g0ME/saDuo1PR5xDPUNBbmMmliPOoQB3bYWv9AHT//YQ7mVBHOOxNj1jqXCe7eQmR86lYUk9VFcKh5wYaCzZdxC5YgXsMRF9c7XzYiP63W6LqQ3XwO5h1E4WMlHiDH9m6zBRF8uA==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key150000644000000000000000000000307013230126417017053 0ustar 00000000000000AAAAAQAAAAEArkXtVgHOxrjMBfgDk1xnTdvg11xMCf15UfxrDK7DE6jfOZcMUYv/ul7Wjz8NfyKkAp1BPxrgfk6+nkF3ziPn9UBLVp5O4b3PPB+wPvETgC1PhV65tRNLWnyAha3K5vovoUF+w3Y74XGwxit2Dt4jwSrZK5gIhMZB9aj6wmva1KAzgaIv4bdUiFCUyCUG1AGaU1ooav6ycbubpZLeGNz2AMKu6uVuAvfPefwUzzvcfNhP67v5UMqQMEsiGaeqBjrvosPBmA5WDNZK/neVhbYQdle5V4V+/eYBCYirfeQX/IjY84TE5ucsP5Q+DDHAxKXMNvh52KOsnX1Zhg6q2muDuwAAAAMBAAEAAAEABWsEIW/l81SsdyUKS2sMhSWoXFmwvYDFZFCiLV9DjllqMzqodeKR3UP0jLiLnV/A1Jn5/NHDl/mvwHDNnjmMjRnmHbfHQQprJnXfv100W4BNIBrdUC1c4t/LCRzpmXu+vlcwbzg+TViBA/A29+hdGTTRUqMj5KjbRR1vSlsbDxAswVDgL+7iuI3qStTBusyyTYQHLRTh0kpncfdAjuMFZPuG1Dk6NLzwt4hQHRkzA/E6IoSwAfD2Ser3kyjUrFxDCrRBSSCpRg7Rt7xA7GU+h20Jq8UJrkW1JRkBFqDCYQGEgphQnBw786SD5ydAVOFelwdQNumJ9gkygHtSV3UeeQAAAIDs9a7NHlUV//rL11ooFsbr9JAYzftGOOGF1mpzlrb4CQ+AGMf9lcw0uFfcF/DMZRa7E0arTVgsra17QQM1I4e3AzjQhAR8nZU5tkliBLPdbqRCSZIHvsAflkKH/2M2w5hGWDNoRvVuRoYYgcECM9IXa/FaXpbdx4C8hoqnfTznaQAAAIC8RsRk/GrEyng7DrCKPIQbdy9+my8our1YiuiF4aDGHkhYoPslrCmZkPNb6FFkwlm6EXXN1xknBxNRhJkrbCm3Rt0NLKvhQoNffRSMwWFSS0oJlG1IuChHPxzna2y2iGw0XAPgX0HVG1w6kKPyQHPH10pP4l2c8hx1lg8/w4YxgwAAAIDHNWRXHQD7FdCKPemVelCRXXEm6UQtrPQryC6GLlZz/2oAjtTS43RhffifF6FgtDt/2py2trdCGGCYFffUXKJjwVmqMtJy0Sf69LyMotdzeOiusZsK19o8s94K5zFJgPYrbUsKh10d8DwbrjnM2DPvbNfi2VKL8ITR+WnnlOn2wQAAAIAmWLN/bfnBAwvh22gRf6nYfjnqK2k7fm06L3CUdBPuxhQuGPuN/LasVF18hqCtSPhFcXDw77JrxIEmxT79HRaSAZjcKhEH3CgttqgM0wYjYLo/oT9w5DEv8abNa4/EzZxcPbF8bWpXIS9zrin2GTJ7rVmxU4WFhbpOKLYKYqReSQAAAIBvOFJrOSUIVTTvPkFag27ei4YViix8v+zLC9g0ME/saDuo1PR5xDPUNBbmMmliPOoQB3bYWv9AHT//YQ7mVBHOOxNj1jqXCe7eQmR86lYUk9VFcKh5wYaCzZdxC5YgXsMRF9c7XzYiP63W6LqQ3XwO5h1E4WMlHiDH9m6zBRF8uA==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key160000644000000000000000000000307013230126417017054 0ustar 00000000000000AAAAAQAAAAEArkXtVgHOxrjMBfgDk1xnTdvg11xMCf15UfxrDK7DE6jfOZcMUYv/ul7Wjz8NfyKkAp1BPxrgfk6+nkF3ziPn9UBLVp5O4b3PPB+wPvETgC1PhV65tRNLWnyAha3K5vovoUF+w3Y74XGwxit2Dt4jwSrZK5gIhMZB9aj6wmva1KAzgaIv4bdUiFCUyCUG1AGaU1ooav6ycbubpZLeGNz2AMKu6uVuAvfPefwUzzvcfNhP67v5UMqQMEsiGaeqBjrvosPBmA5WDNZK/neVhbYQdle5V4V+/eYBCYirfeQX/IjY84TE5ucsP5Q+DDHAxKXMNvh52KOsnX1Zhg6q2muDuwAAAAMBAAEAAAEABWsEIW/l81SsdyUKS2sMhSWoXFmwvYDFZFCiLV9DjllqMzqodeKR3UP0jLiLnV/A1Jn5/NHDl/mvwHDNnjmMjRnmHbfHQQprJnXfv100W4BNIBrdUC1c4t/LCRzpmXu+vlcwbzg+TViBA/A29+hdGTTRUqMj5KjbRR1vSlsbDxAswVDgL+7iuI3qStTBusyyTYQHLRTh0kpncfdAjuMFZPuG1Dk6NLzwt4hQHRkzA/E6IoSwAfD2Ser3kyjUrFxDCrRBSSCpRg7Rt7xA7GU+h20Jq8UJrkW1JRkBFqDCYQGEgphQnBw786SD5ydAVOFelwdQNumJ9gkygHtSV3UeeQAAAIDs9a7NHlUV//rL11ooFsbr9JAYzftGOOGF1mpzlrb4CQ+AGMf9lcw0uFfcF/DMZRa7E0arTVgsra17QQM1I4e3AzjQhAR8nZU5tkliBLPdbqRCSZIHvsAflkKH/2M2w5hGWDNoRvVuRoYYgcECM9IXa/FaXpbdx4C8hoqnfTznaQAAAIC8RsRk/GrEyng7DrCKPIQbdy9+my8our1YiuiF4aDGHkhYoPslrCmZkPNb6FFkwlm6EXXN1xknBxNRhJkrbCm3Rt0NLKvhQoNffRSMwWFSS0oJlG1IuChHPxzna2y2iGw0XAPgX0HVG1w6kKPyQHPH10pP4l2c8hx1lg8/w4YxgwAAAIDHNWRXHQD7FdCKPemVelCRXXEm6UQtrPQryC6GLlZz/2oAjtTS43RhffifF6FgtDt/2py2trdCGGCYFffUXKJjwVmqMtJy0Sf69LyMotdzeOiusZsK19o8s94K5zFJgPYrbUsKh10d8DwbrjnM2DPvbNfi2VKL8ITR+WnnlOn2wQAAAIAmWLN/bfnBAwvh22gRf6nYfjnqK2k7fm06L3CUdBPuxhQuGPuN/LasVF18hqCtSPhFcXDw77JrxIEmxT79HRaSAZjcKhEH3CgttqgM0wYjYLo/oT9w5DEv8abNa4/EzZxcPbF8bWpXIS9zrin2GTJ7rVmxU4WFhbpOKLYKYqReSQAAAIBvOFJrOSUIVTTvPkFag27ei4YViix8v+zLC9g0ME/saDuo1PR5xDPUNBbmMmliPOoQB3bYWv9AHT//YQ7mVBHOOxNj1jqXCe7eQmR86lYUk9VFcKh5wYaCzZdxC5YgXsMRF9c7XzYiP63W6LqQ3XwO5h1E4WMlHiDH9m6zBRF8uA==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key170000644000000000000000000000307013230126417017055 0ustar 00000000000000AAAAAQAAAAEArkXtVgHOxrjMBfgDk1xnTdvg11xMCf15UfxrDK7DE6jfOZcMUYv/ul7Wjz8NfyKkAp1BPxrgfk6+nkF3ziPn9UBLVp5O4b3PPB+wPvETgC1PhV65tRNLWnyAha3K5vovoUF+w3Y74XGwxit2Dt4jwSrZK5gIhMZB9aj6wmva1KAzgaIv4bdUiFCUyCUG1AGaU1ooav6ycbubpZLeGNz2AMKu6uVuAvfPefwUzzvcfNhP67v5UMqQMEsiGaeqBjrvosPBmA5WDNZK/neVhbYQdle5V4V+/eYBCYirfeQX/IjY84TE5ucsP5Q+DDHAxKXMNvh52KOsnX1Zhg6q2muDuwAAAAMBAAEAAAEABWsEIW/l81SsdyUKS2sMhSWoXFmwvYDFZFCiLV9DjllqMzqodeKR3UP0jLiLnV/A1Jn5/NHDl/mvwHDNnjmMjRnmHbfHQQprJnXfv100W4BNIBrdUC1c4t/LCRzpmXu+vlcwbzg+TViBA/A29+hdGTTRUqMj5KjbRR1vSlsbDxAswVDgL+7iuI3qStTBusyyTYQHLRTh0kpncfdAjuMFZPuG1Dk6NLzwt4hQHRkzA/E6IoSwAfD2Ser3kyjUrFxDCrRBSSCpRg7Rt7xA7GU+h20Jq8UJrkW1JRkBFqDCYQGEgphQnBw786SD5ydAVOFelwdQNumJ9gkygHtSV3UeeQAAAIDs9a7NHlUV//rL11ooFsbr9JAYzftGOOGF1mpzlrb4CQ+AGMf9lcw0uFfcF/DMZRa7E0arTVgsra17QQM1I4e3AzjQhAR8nZU5tkliBLPdbqRCSZIHvsAflkKH/2M2w5hGWDNoRvVuRoYYgcECM9IXa/FaXpbdx4C8hoqnfTznaQAAAIC8RsRk/GrEyng7DrCKPIQbdy9+my8our1YiuiF4aDGHkhYoPslrCmZkPNb6FFkwlm6EXXN1xknBxNRhJkrbCm3Rt0NLKvhQoNffRSMwWFSS0oJlG1IuChHPxzna2y2iGw0XAPgX0HVG1w6kKPyQHPH10pP4l2c8hx1lg8/w4YxgwAAAIDHNWRXHQD7FdCKPemVelCRXXEm6UQtrPQryC6GLlZz/2oAjtTS43RhffifF6FgtDt/2py2trdCGGCYFffUXKJjwVmqMtJy0Sf69LyMotdzeOiusZsK19o8s94K5zFJgPYrbUsKh10d8DwbrjnM2DPvbNfi2VKL8ITR+WnnlOn2wQAAAIAmWLN/bfnBAwvh22gRf6nYfjnqK2k7fm06L3CUdBPuxhQuGPuN/LasVF18hqCtSPhFcXDw77JrxIEmxT79HRaSAZjcKhEH3CgttqgM0wYjYLo/oT9w5DEv8abNa4/EzZxcPbF8bWpXIS9zrin2GTJ7rVmxU4WFhbpOKLYKYqReSQAAAIBvOFJrOSUIVTTvPkFag27ei4YViix8v+zLC9g0ME/saDuo1PR5xDPUNBbmMmliPOoQB3bYWv9AHT//YQ7mVBHOOxNj1jqXCe7eQmR86lYUk9VFcKh5wYaCzZdxC5YgXsMRF9c7XzYiP63W6LqQ3XwO5h1E4WMlHiDH9m6zBRF8uA==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key20000644000000000000000000000147013230126417016771 0ustar 00000000000000AAAAAQAAAACAqLOyhK+OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx+CwgtaTpef87Wdc9GaFEncsDLxkp0LGxjD1M8jMcvYq6DPEC/JYQumEu3i9v5fAEH1VvbZi9cTg+rmEXLUUjvc5LdOq/5OuHmtme7PUJHYW1PW6ENTP0ibeiNOfFvsAAAADAQABAAAAgFMznP23n8hGamVccxasqFxV/Y9t2Jj9rxGVF+9PUuj9jiWN+T/uGA+g5KspaTzYOxUqVT1KxNGBK4ufpa8Of1X+cwTfQVcJJvMxHxXE1lpzLEgxFu49PS0K81Sa2b98v7eK2IT4TVvrBHJNxzabMd7zfQz1OenPzdPeZTcp6tXRAAAAQNMnN+cmf/4TQbLVwNFQqBtYb7MTK+0vjVJihkqcufMK84vkSFmNQToXLvuALCGs8cEcUgwvJqRx3K0hLqx8o50AAABAzIhT0dVNpjD6wAT0cfKBx7iYLYIkpJDtvrM9Pj1cyTxHZXA9HdeRZC8fEWoN2FK+JBmyr3K/6aAw6GCwKItddwAAAEAOEr8XGOnO9VmbocOIL+gEapCHTu/OjyzMIOTydB+wozo4SK7JyTBfvsvS12gZln1GcazGQx5AN5aNs3h45pXBAAAAQJUpew+Vovpn0AcH1gnf1PwFyJ2vwu9tbqVb7HceozNzTZJR55CC7NqGbv7xPEWeGmMThrfjVMiZ9fESyoXXFYMAAABAT0VsUCSTvcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2h90qjKHS9PvY4Q==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key30000644000000000000000000000147013230126417016772 0ustar 00000000000000AAAAAQAAAACAqLOyhK+OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx+CwgtaTpef87Wdc9GaFEncsDLxkp0LGxjD1M8jMcvYq6DPEC/JYQumEu3i9v5fAEH1VvbZi9cTg+rmEXLUUjvc5LdOq/5OuHmtme7PUJHYW1PW6ENTP0ibeiNOfFvsAAAADAQABAAAAgFMznP23n8hGamVccxasqFxV/Y9t2Jj9rxGVF+9PUuj9jiWN+T/uGA+g5KspaTzYOxUqVT1KxNGBK4ufpa8Of1X+cwTfQVcJJvMxHxXE1lpzLEgxFu49PS0K81Sa2b98v7eK2IT4TVvrBHJNxzabMd7zfQz1OenPzdPeZTcp6tXRAAAAQNMnN+cmf/4TQbLVwNFQqBtYb7MTK+0vjVJihkqcufMK84vkSFmNQToXLvuALCGs8cEcUgwvJqRx3K0hLqx8o50AAABAzIhT0dVNpjD6wAT0cfKBx7iYLYIkpJDtvrM9Pj1cyTxHZXA9HdeRZC8fEWoN2FK+JBmyr3K/6aAw6GCwKItddwAAAEAOEr8XGOnO9VmbocOIL+gEapCHTu/OjyzMIOTydB+wozo4SK7JyTBfvsvS12gZln1GcazGQx5AN5aNs3h45pXBAAAAQJUpew+Vovpn0AcH1gnf1PwFyJ2vwu9tbqVb7HceozNzTZJR55CC7NqGbv7xPEWeGmMThrfjVMiZ9fESyoXXFYMAAABAT0VsUCSTvcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2h90qjKHS9PvY4Q==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key40000644000000000000000000000147013230126417016773 0ustar 00000000000000AAAAAQAAAACAqLOyhK+OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx+CwgtaTpef87Wdc9GaFEncsDLxkp0LGxjD1M8jMcvYq6DPEC/JYQumEu3i9v5fAEH1VvbZi9cTg+rmEXLUUjvc5LdOq/5OuHmtme7PUJHYW1PW6ENTP0ibeiNOfFvsAAAADAQABAAAAgFMznP23n8hGamVccxasqFxV/Y9t2Jj9rxGVF+9PUuj9jiWN+T/uGA+g5KspaTzYOxUqVT1KxNGBK4ufpa8Of1X+cwTfQVcJJvMxHxXE1lpzLEgxFu49PS0K81Sa2b98v7eK2IT4TVvrBHJNxzabMd7zfQz1OenPzdPeZTcp6tXRAAAAQNMnN+cmf/4TQbLVwNFQqBtYb7MTK+0vjVJihkqcufMK84vkSFmNQToXLvuALCGs8cEcUgwvJqRx3K0hLqx8o50AAABAzIhT0dVNpjD6wAT0cfKBx7iYLYIkpJDtvrM9Pj1cyTxHZXA9HdeRZC8fEWoN2FK+JBmyr3K/6aAw6GCwKItddwAAAEAOEr8XGOnO9VmbocOIL+gEapCHTu/OjyzMIOTydB+wozo4SK7JyTBfvsvS12gZln1GcazGQx5AN5aNs3h45pXBAAAAQJUpew+Vovpn0AcH1gnf1PwFyJ2vwu9tbqVb7HceozNzTZJR55CC7NqGbv7xPEWeGmMThrfjVMiZ9fESyoXXFYMAAABAT0VsUCSTvcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2h90qjKHS9PvY4Q==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key50000644000000000000000000000147013230126417016774 0ustar 00000000000000AAAAAQAAAACAqLOyhK+OtQs4cDSoYPFGxJGfMYdjzWxVmMiuSBGh4KvEx+CwgtaTpef87Wdc9GaFEncsDLxkp0LGxjD1M8jMcvYq6DPEC/JYQumEu3i9v5fAEH1VvbZi9cTg+rmEXLUUjvc5LdOq/5OuHmtme7PUJHYW1PW6ENTP0ibeiNOfFvsAAAADAQABAAAAgFMznP23n8hGamVccxasqFxV/Y9t2Jj9rxGVF+9PUuj9jiWN+T/uGA+g5KspaTzYOxUqVT1KxNGBK4ufpa8Of1X+cwTfQVcJJvMxHxXE1lpzLEgxFu49PS0K81Sa2b98v7eK2IT4TVvrBHJNxzabMd7zfQz1OenPzdPeZTcp6tXRAAAAQNMnN+cmf/4TQbLVwNFQqBtYb7MTK+0vjVJihkqcufMK84vkSFmNQToXLvuALCGs8cEcUgwvJqRx3K0hLqx8o50AAABAzIhT0dVNpjD6wAT0cfKBx7iYLYIkpJDtvrM9Pj1cyTxHZXA9HdeRZC8fEWoN2FK+JBmyr3K/6aAw6GCwKItddwAAAEAOEr8XGOnO9VmbocOIL+gEapCHTu/OjyzMIOTydB+wozo4SK7JyTBfvsvS12gZln1GcazGQx5AN5aNs3h45pXBAAAAQJUpew+Vovpn0AcH1gnf1PwFyJ2vwu9tbqVb7HceozNzTZJR55CC7NqGbv7xPEWeGmMThrfjVMiZ9fESyoXXFYMAAABAT0VsUCSTvcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2h90qjKHS9PvY4Q==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key60000644000000000000000000000227013230126417016774 0ustar 00000000000000AAAAAQAAAADAzyzUHjTKOnKOpcuK/2TDbSe971Nk4zb9aNMSPFoZaowocBPoU9UVbVjRUZVFIPtPbXsXq7aBd2WQnFdhGWWdkCsZBu2KKxDBVcJNEkUo2rnurjeb6sZuSkEXhty4/QBi68Aw3hIZoEwqjBt90xMeTWtsruLjGl7UGsFQmy7x7iqxg2S+VoypQcJezIT/nWQ7XsGqrhAqINc/R5t4D9bakQdSEtnqwDoGdNiZ66LkMfTES2Fba6IjK9SzO67XPWJdAAAAAwEAAQAAAMAZjBQeI3FakrzPahGaW8ETiUaNKBH1SNcn4XtKsOuYbW8hHvtTtx98y+qH7mnHXuYVAIxTMt61K/OQq9+/431yBTaBWbJjjB3jJuIdIiUfD7WEizvxUAXSp0Mw8K/pFu5izME0TR2DpwnmBnYnOED383dCSl4KTadfAbMf92gZz5y/3SFSQ8ORfAPvOBmTEuVns7967Tq0V/Nx74oUI/RbaMbiguwRG7ooM7mH/Wn62DvBuMYTxeHqFsEe0SXqfsEAAABg/I1sBL7E65qBksp5AMvlNuLotRnezzOyRZeYxpCd9PF2230jGQ/HK4hlpxiviV8bzZFFKYAnQjtgXnCkfPWDkKjD6I/IxI6LMuPaIQ374+iB6lZ0tqNIwh6T+eVepl79AAAAYNIA1F54iqzqYGpAHQRg+H3VwQJ+EtwaDXWG6JOdnPeJtA9RrARClh3n0hzCHgXIMVXB8qqRkzh8/flWy0jRU7onBAb5u7pTfUmH2eL5lC16FMv//qdP7N2pKNI+JZ9e4QAAAGDbFoAveaLw1F81jWn9M+RLgfroKGIuk6VCU+mX0BsHQ3WdoOgStKpObIvqsjKNVDGVWkGKZ/8mqMXIB6XaNU4F7zHMjPdY9GNzKVCwPiZXJvuU451qVyomJEqwjbdXUq0AAABgoKMXz+ffFCP4em3uhFH04rSmflSX8ptPHk6DC5+t2UARZwJvVZblo5yXgX4PXxbifhnsmQLgHX6m+5qjx2Cv7h44G2neasnAdYWgatnEugC/dcitL6iYpHnoCuKU/tKhAAAAYAsh8zXDUzQutEw6okRFeAwtZVuUAXTK44x8ik5kk8C6n9MDdIJnsIO5p6bLYeQts2K4yYlttwZOAq1a5hWH2hW0ZJyQWUkJ/rN9vLZUvrcmjsgB5ai0qjkRvr2IVC8Fvg==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key70000644000000000000000000000227013230126417016775 0ustar 00000000000000AAAAAQAAAADAzyzUHjTKOnKOpcuK/2TDbSe971Nk4zb9aNMSPFoZaowocBPoU9UVbVjRUZVFIPtPbXsXq7aBd2WQnFdhGWWdkCsZBu2KKxDBVcJNEkUo2rnurjeb6sZuSkEXhty4/QBi68Aw3hIZoEwqjBt90xMeTWtsruLjGl7UGsFQmy7x7iqxg2S+VoypQcJezIT/nWQ7XsGqrhAqINc/R5t4D9bakQdSEtnqwDoGdNiZ66LkMfTES2Fba6IjK9SzO67XPWJdAAAAAwEAAQAAAMAZjBQeI3FakrzPahGaW8ETiUaNKBH1SNcn4XtKsOuYbW8hHvtTtx98y+qH7mnHXuYVAIxTMt61K/OQq9+/431yBTaBWbJjjB3jJuIdIiUfD7WEizvxUAXSp0Mw8K/pFu5izME0TR2DpwnmBnYnOED383dCSl4KTadfAbMf92gZz5y/3SFSQ8ORfAPvOBmTEuVns7967Tq0V/Nx74oUI/RbaMbiguwRG7ooM7mH/Wn62DvBuMYTxeHqFsEe0SXqfsEAAABg/I1sBL7E65qBksp5AMvlNuLotRnezzOyRZeYxpCd9PF2230jGQ/HK4hlpxiviV8bzZFFKYAnQjtgXnCkfPWDkKjD6I/IxI6LMuPaIQ374+iB6lZ0tqNIwh6T+eVepl79AAAAYNIA1F54iqzqYGpAHQRg+H3VwQJ+EtwaDXWG6JOdnPeJtA9RrARClh3n0hzCHgXIMVXB8qqRkzh8/flWy0jRU7onBAb5u7pTfUmH2eL5lC16FMv//qdP7N2pKNI+JZ9e4QAAAGDbFoAveaLw1F81jWn9M+RLgfroKGIuk6VCU+mX0BsHQ3WdoOgStKpObIvqsjKNVDGVWkGKZ/8mqMXIB6XaNU4F7zHMjPdY9GNzKVCwPiZXJvuU451qVyomJEqwjbdXUq0AAABgoKMXz+ffFCP4em3uhFH04rSmflSX8ptPHk6DC5+t2UARZwJvVZblo5yXgX4PXxbifhnsmQLgHX6m+5qjx2Cv7h44G2neasnAdYWgatnEugC/dcitL6iYpHnoCuKU/tKhAAAAYAsh8zXDUzQutEw6okRFeAwtZVuUAXTK44x8ik5kk8C6n9MDdIJnsIO5p6bLYeQts2K4yYlttwZOAq1a5hWH2hW0ZJyQWUkJ/rN9vLZUvrcmjsgB5ai0qjkRvr2IVC8Fvg==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key80000644000000000000000000000227013230126417016776 0ustar 00000000000000AAAAAQAAAADAzyzUHjTKOnKOpcuK/2TDbSe971Nk4zb9aNMSPFoZaowocBPoU9UVbVjRUZVFIPtPbXsXq7aBd2WQnFdhGWWdkCsZBu2KKxDBVcJNEkUo2rnurjeb6sZuSkEXhty4/QBi68Aw3hIZoEwqjBt90xMeTWtsruLjGl7UGsFQmy7x7iqxg2S+VoypQcJezIT/nWQ7XsGqrhAqINc/R5t4D9bakQdSEtnqwDoGdNiZ66LkMfTES2Fba6IjK9SzO67XPWJdAAAAAwEAAQAAAMAZjBQeI3FakrzPahGaW8ETiUaNKBH1SNcn4XtKsOuYbW8hHvtTtx98y+qH7mnHXuYVAIxTMt61K/OQq9+/431yBTaBWbJjjB3jJuIdIiUfD7WEizvxUAXSp0Mw8K/pFu5izME0TR2DpwnmBnYnOED383dCSl4KTadfAbMf92gZz5y/3SFSQ8ORfAPvOBmTEuVns7967Tq0V/Nx74oUI/RbaMbiguwRG7ooM7mH/Wn62DvBuMYTxeHqFsEe0SXqfsEAAABg/I1sBL7E65qBksp5AMvlNuLotRnezzOyRZeYxpCd9PF2230jGQ/HK4hlpxiviV8bzZFFKYAnQjtgXnCkfPWDkKjD6I/IxI6LMuPaIQ374+iB6lZ0tqNIwh6T+eVepl79AAAAYNIA1F54iqzqYGpAHQRg+H3VwQJ+EtwaDXWG6JOdnPeJtA9RrARClh3n0hzCHgXIMVXB8qqRkzh8/flWy0jRU7onBAb5u7pTfUmH2eL5lC16FMv//qdP7N2pKNI+JZ9e4QAAAGDbFoAveaLw1F81jWn9M+RLgfroKGIuk6VCU+mX0BsHQ3WdoOgStKpObIvqsjKNVDGVWkGKZ/8mqMXIB6XaNU4F7zHMjPdY9GNzKVCwPiZXJvuU451qVyomJEqwjbdXUq0AAABgoKMXz+ffFCP4em3uhFH04rSmflSX8ptPHk6DC5+t2UARZwJvVZblo5yXgX4PXxbifhnsmQLgHX6m+5qjx2Cv7h44G2neasnAdYWgatnEugC/dcitL6iYpHnoCuKU/tKhAAAAYAsh8zXDUzQutEw6okRFeAwtZVuUAXTK44x8ik5kk8C6n9MDdIJnsIO5p6bLYeQts2K4yYlttwZOAq1a5hWH2hW0ZJyQWUkJ/rN9vLZUvrcmjsgB5ai0qjkRvr2IVC8Fvg==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/key90000644000000000000000000000227013230126417016777 0ustar 00000000000000AAAAAQAAAADAzyzUHjTKOnKOpcuK/2TDbSe971Nk4zb9aNMSPFoZaowocBPoU9UVbVjRUZVFIPtPbXsXq7aBd2WQnFdhGWWdkCsZBu2KKxDBVcJNEkUo2rnurjeb6sZuSkEXhty4/QBi68Aw3hIZoEwqjBt90xMeTWtsruLjGl7UGsFQmy7x7iqxg2S+VoypQcJezIT/nWQ7XsGqrhAqINc/R5t4D9bakQdSEtnqwDoGdNiZ66LkMfTES2Fba6IjK9SzO67XPWJdAAAAAwEAAQAAAMAZjBQeI3FakrzPahGaW8ETiUaNKBH1SNcn4XtKsOuYbW8hHvtTtx98y+qH7mnHXuYVAIxTMt61K/OQq9+/431yBTaBWbJjjB3jJuIdIiUfD7WEizvxUAXSp0Mw8K/pFu5izME0TR2DpwnmBnYnOED383dCSl4KTadfAbMf92gZz5y/3SFSQ8ORfAPvOBmTEuVns7967Tq0V/Nx74oUI/RbaMbiguwRG7ooM7mH/Wn62DvBuMYTxeHqFsEe0SXqfsEAAABg/I1sBL7E65qBksp5AMvlNuLotRnezzOyRZeYxpCd9PF2230jGQ/HK4hlpxiviV8bzZFFKYAnQjtgXnCkfPWDkKjD6I/IxI6LMuPaIQ374+iB6lZ0tqNIwh6T+eVepl79AAAAYNIA1F54iqzqYGpAHQRg+H3VwQJ+EtwaDXWG6JOdnPeJtA9RrARClh3n0hzCHgXIMVXB8qqRkzh8/flWy0jRU7onBAb5u7pTfUmH2eL5lC16FMv//qdP7N2pKNI+JZ9e4QAAAGDbFoAveaLw1F81jWn9M+RLgfroKGIuk6VCU+mX0BsHQ3WdoOgStKpObIvqsjKNVDGVWkGKZ/8mqMXIB6XaNU4F7zHMjPdY9GNzKVCwPiZXJvuU451qVyomJEqwjbdXUq0AAABgoKMXz+ffFCP4em3uhFH04rSmflSX8ptPHk6DC5+t2UARZwJvVZblo5yXgX4PXxbifhnsmQLgHX6m+5qjx2Cv7h44G2neasnAdYWgatnEugC/dcitL6iYpHnoCuKU/tKhAAAAYAsh8zXDUzQutEw6okRFeAwtZVuUAXTK44x8ik5kk8C6n9MDdIJnsIO5p6bLYeQts2K4yYlttwZOAq1a5hWH2hW0ZJyQWUkJ/rN9vLZUvrcmjsgB5ai0qjkRvr2IVC8Fvg==nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash00000644000000000000000000000000513230126417017767 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash10000644000000000000000000000000513230126417017770 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash100000644000000000000000000000000513230126417020050 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash110000644000000000000000000000000513230126417020051 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash120000644000000000000000000000000513230126417020052 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash130000644000000000000000000000000513230126417020053 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash140000644000000000000000000000000513230126417020054 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash150000644000000000000000000000000513230126417020055 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash160000644000000000000000000000000513230126417020056 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash170000644000000000000000000000000513230126417020057 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash20000644000000000000000000000000513230126417017771 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash30000644000000000000000000000000513230126417017772 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash40000644000000000000000000000000513230126417017773 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash50000644000000000000000000000000513230126417017774 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash60000644000000000000000000000000513230126417017775 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash70000644000000000000000000000000513230126417017776 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash80000644000000000000000000000000513230126417017777 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/maskhash90000644000000000000000000000000513230126417020000 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/numtests0000644000000000000000000000000313230126417017770 0ustar 0000000000000018 nss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext00000644000000000000000000000003413230126417020202 0ustar 00000000000000f(N=;LڞS# yJ4nss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext10000644000000000000000000000003413230126417020203 0ustar 00000000000000u @GGe#)ɺEonss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext100000644000000000000000000000006513230126417020267 0ustar 00000000000000S)1~tێL̢_<tnz:c79絕nUO{37nss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext110000644000000000000000000000001313230126417020261 0ustar 00000000000000 dnss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext120000644000000000000000000000003413230126417020265 0ustar 00000000000000k*lunhpSkNnss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext130000644000000000000000000000002013230126417020261 0ustar 00000000000000;XEu7>Wnss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext140000644000000000000000000000003213230126417020265 0ustar 00000000000000Q ,o4SN%c>EKA$nss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext150000644000000000000000000000004413230126417020271 0ustar 00000000000000 ߚ,_gkދSJ&I@Enss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext160000644000000000000000000000002713230126417020273 0ustar 00000000000000l}KF_óߔ~r2nss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext170000644000000000000000000000005513230126417020275 0ustar 00000000000000: F S}"ocN |9i"׸,nss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext20000644000000000000000000000006713230126417020212 0ustar 00000000000000J.dEB3mSKtm$EYB>-OFinQnss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext30000644000000000000000000000003213230126417020203 0ustar 00000000000000RPَ*O!S~1o4jznss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext40000644000000000000000000000002413230126417020205 0ustar 00000000000000tF+Ilnss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext50000644000000000000000000000000713230126417020207 0ustar 00000000000000&RPBqnss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext60000644000000000000000000000007513230126417020215 0ustar 000000000000005UY,;RЕYTF lYbTͼ!.ɶ/9nss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext70000644000000000000000000000004713230126417020215 0ustar 00000000000000`P:-ᗉ@Lttm>Ԃ́ FYnss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext80000644000000000000000000000002113230126417020206 0ustar 000000000000002d)ߛ KO$nss-3.35/nss/cmd/bltest/tests/rsa_oaep/plaintext90000644000000000000000000000007613230126417020221 0ustar 00000000000000E_ r:.VbHM )֬;>f(L֞J ғZygrnss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed00000644000000000000000000000003513230126417017113 0ustar 00000000000000GLd26iEGnWl3ajPpa61I4d2gpe8= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed10000644000000000000000000000003513230126417017114 0ustar 00000000000000DMdCzkqbfzL5UbyyUe/ZJf5P418= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed100000644000000000000000000000003513230126417017174 0ustar 00000000000000/LxCFALp7KvGCCr6QLpfJlIshA4= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed110000644000000000000000000000003513230126417017175 0ustar 00000000000000I6reDh4Iu5uaeNIwKlL5whsuG6I= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed120000644000000000000000000000003513230126417017176 0ustar 00000000000000R+GrcRn+5WyV7l6q2G9A0KpjvTM= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed130000644000000000000000000000003513230126417017177 0ustar 00000000000000bRf1tMH/rDUdGVv3sJ0J8JpAec8= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed140000644000000000000000000000003513230126417017200 0ustar 00000000000000OFOHUU3szHx0DdjN+druSaHL/VQ= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed150000644000000000000000000000003513230126417017201 0ustar 00000000000000XKymoPdkFhqWhPhdkrbg7zfKi2U= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed160000644000000000000000000000003513230126417017202 0ustar 00000000000000lbyp44WYlLPdhp+n7NW7xkAb8+Q= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed170000644000000000000000000000003513230126417017203 0ustar 00000000000000n0fd9C6X7qhWqb28cU6zrCL26zI= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed20000644000000000000000000000003513230126417017115 0ustar 00000000000000JRTfRpV1WmeyiOr0kFw27sZv0v0= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed30000644000000000000000000000003513230126417017116 0ustar 00000000000000xENaPhoYpotoIENikKN877hds/s= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed40000644000000000000000000000003513230126417017117 0ustar 00000000000000sxjELfO+D4P+qCP1p7R+1eQlo7U= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed50000644000000000000000000000003513230126417017120 0ustar 000000000000005OwJgsIzbzpnf2o1YXTrDOiHq8I= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed60000644000000000000000000000003513230126417017121 0ustar 00000000000000jsll8TSj7Jkx6SocoNyBadXqcFw= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed70000644000000000000000000000003513230126417017122 0ustar 000000000000007LG4sl+lDNqwjlYEKGf0r1gm0Ww= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed80000644000000000000000000000003513230126417017123 0ustar 000000000000006JuwMsbOYiy9tTvJRmAU6nf3d8A= nss-3.35/nss/cmd/bltest/tests/rsa_oaep/seed90000644000000000000000000000003513230126417017124 0ustar 00000000000000YG87mcC5zNdx6qKeoOTIhPMYnMw= nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext00000644000000000000000000000025713230126417020241 0ustar 00000000000000kHQwj7WY6XAbIpQ4jlL5cfqsK2ClFFrxhd9Sh7XtKIflfOf9RNyGNOQHyODkNgvCJvPsIn+dnlRj jo0x9QUSFd9uu5wvlXmqd1mKOPkUtbnBvYPE4vnzgqDQqjVC/+5lmEpgG8aeso3rJ9yhLILC1MP2 bNUA8f8rmU2KTjDLszw= nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext10000644000000000000000000000025713230126417020242 0ustar 00000000000000Pvf0boMb+SsyJ0FCpYX/zvvcp7Mq6Q0Q+w8McpmE8E7ymp3weAd1zkNzm5eDg5DbClUF5j3pJwKN nSmyGcosRReDJVilXWlKbSW52rZgA8TMzZB4Ahk75RcNJhR9N7k1kCQb5RwlBV9H72J1LPviFBj6 /pjCLE1NR3JP21Zp6EM= nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext100000644000000000000000000000040413230126417020314 0ustar 00000000000000ghAt+MuR5xeZGaBNJtM11k+8L4csRIM5QyQd6EVIECdM3z219C1CPbFSr3E19wFCDjm0lKZ8v9Gf kRnaIzoj2lxkObW6DSvDc+7jUHABN41KQHOFa3/iq6C17pOyf0r+x9TRIJIcg/YGdlsCwZ5Naho7 lfpMQilRvk9SExB37xcXlynN3721aVDbrO7+eMsWZAoJnqVtJDie7xD4/ssxuj6jsifAqGaYu4nj 6TY5Bb8id3sqOqUhtltM73bYO95M nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext110000644000000000000000000000040413230126417020315 0ustar 00000000000000p/2w0lkWXKLIjQC78QKKhn0zdpnQYRk7F6lkjhTMu6rerKrN7IFedXEpTruKEXryBfoHi0ewcSwZ njrQUTXFBMJLgXBRFXQIAkh5kv/VEdSvxrhUSR6z8N1SMTlUL/FcMQHuhVQ1F8ajx5QXxn4t2ap0 HpopsG3LWTwjNrNnCuOvusfD524hVHPoZuM4yiRN4AtiYk1rlCaCLOrp+MxGCJX0ElAHP9RcWh57 QlwgSkI6aZFZ9pA+cQs3p7sryASf nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext120000644000000000000000000000053513230126417020323 0ustar 00000000000000gsKxYAk7iqPA91IrGfhzVAZsd4R6vyqfzlQtDoTpIMWvtJ/9/azhZWDulKE2lgEUjrrXoOFRzxYz F5Glcn0F8h505+uBFEAgaTXXRHZaFeefAVy2bFMsh6agWWHIv610GppmVwIolDk+ciNzl5bAKndF XQ9VWw7AHd8lm2IH/Q/VdhTO8aVXO6r/TsAAaZUWWbhfJDAKJRYMqFItxuZyflfQGdfmNim4/l6J 4lzBW+s6ZHV3VZKZKAubKPebBAkAC+JbvZZAi6O0PMSGGE3RyOYlU/oa9AQPYGY95/XknAQ4jiV/ HOicldq0ijFdm2axt2KCM4dv8jhSMNBw0H4WZg== nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext130000644000000000000000000000053513230126417020324 0ustar 00000000000000FK412d0GupL387iXl4rtfNS/X/C1haQL1GzhtCzScDBTu5BE1k6BPY+W2y3XAH0QEY9vj4SWCXrX Xh/2kjQbKJKtVaYzocVefwoK1ZoOIDpbgniuxU3YYi4oMdhxdPjK/0PubEZEU0XYSlllm/uS7NTI GGaGlfNHBvZoKKiZWWN/K/PjJRwkvbpNS3ZJ2gAiIYsRnITnmmUn7FuKX4YcFZlS4j7AXh5xc0b6 7+ixaGglvSsmL7JTEGbA3gms3i5CMWkHKLXYXhFaL2uSt5wlq8m9k5n/i8+CWlLqH1bqdt0m9Duq +hi/qSpQTL01aZ4m0dzFoohzhfPGMjLwbzJEww== nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext140000644000000000000000000000053513230126417020325 0ustar 00000000000000bj5Ne2sV0vtGATuJAKpbuzk5zywJVxeYcEICbuYsdMVM/9XX1X77v5UKD1xXT6CdP8HJ9ROwW0/1 Ddjfft+iAQKFTDXlkhgBGacM5bCFGCqgLZ6iqpDR3wPy2q6IW6L10Fr9rJdHbwa5O1vJShqAqpEW xNYV8zOwmIkrJf+s4mb121paO8wQqCTtVarTW3J4NPuMB9oo/PQWpdmyIk8fi0QrNvkeRW/eotfP 4zZyaN4DB6THTpJBWe0zOT1eBlVTHHcye4mCG97fiAFhx4zUGWtUGfesw/E+Xr8WG258ZyRxbKM7 hcLiVkAZKsKFllHVC95+uXblHOyCi5i2VjuGuw== nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext150000644000000000000000000000053513230126417020326 0ustar 00000000000000NAR/+WxNwNyQstT/WaGjYaR1SyVdLuCvfYv4fJvJ593u3jOTTGPKHA49JiyxRe+TKh8sCpl6pqNP jq7nR32CzPCQlaa4rK041O7J+36retAtodEdjlTBgl5Vv1jCojI0uQK+Ek+ekDio9o+kXaty9m4J Rb8di6zJBExvBwmMn87FijqrEAyAUXgVXwMKEkxFDlrL2kfQ5PELgKI/gD53TQI7ABXCC5+bvnyR KWM41ey0ccr7AyAHtnpgvl9pUEqfAauzy0Z7Jg4rzoYL6Nlb+SwMjhSW7R5ShZOkq7bfRi3eiglo 3/5GgxFoV6Iy9ev2yFviOHRa0POPdnpf2/SG+w== nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext160000644000000000000000000000053513230126417020327 0ustar 00000000000000fgk16hj01sHRfOgusrODbFWzhFic4Z3+dDNjrJlI0fNGt7/d/pLv14rbIfrvyJreQrEPN0AD/hIu Z0KaHLjL0fjZAUVkxE0SARb0mQ8abjh3TBlL0bghMoawd7BJnS57P0NKsSKJxVZoTe7XgTGTS7Pd ZTcjb3xvPcsJ1Ha+B3IeN+HO7Zsve0Boh71TFXMF4ci0+E1zO8Hhhv4GzFm27bj0vX/+/fT3upz7 nVcGibWhpBCadGppCJPbN5klWgy5IV0tHNSQWQ6VLoyHhqoAESZSUkcMBB37w+7Hw8v3HCSGnRFc DLSpVvVtUwuAq1iaz+/GkHUd3zbo04P4PO3SzA== nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext170000644000000000000000000000053513230126417020330 0ustar 00000000000000bTtbh/Z+plevIfdUQZd9IYD5GyxfaS3oKVVpamhnMNm5d42XB1jMsmBxwiCf+9YSW+LpbqgbZ8ub kwgjn9oX97K2Ts2glra5NWQKWhy0KpFVscnvemM6AsWfDW7lm4UsQ7NQKec8lA/wQQ6PEU7tRrvQ +uFl5CviUopAHDso/YGO8yMtyp9NKg9RZuxZxCOW1sEdvBIVpW+hcWnblXU0PvNPneMqSc3DF0ki 8inCPhjkXfk1MRnsQxnO3OehfGQIjB9vUr4pY0EAs5GdOPPR7ZTmiR5mpzuPuEn1h031lFnimMe7 zi7ueCoZWqZv4tBzKyXllfV9PgYbH8PkBjv5jw== nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext20000644000000000000000000000025713230126417020243 0ustar 00000000000000ZmAm+6cb0+fPExV8wsUajkqmhK+XePkYSfNDNdFBwAFUxBl2IfliSmdbWrwi7n1bqv+q4cm6yizD c7PzPnjmFDw5WpGqf6ymZOtzOv0U2IJyWdmadVD6ylAe8rBOM8I6pR9LnoKC79tyjMCrCUBakWB8 Y2mWG8gnDS1POfzmErE= nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext30000644000000000000000000000025713230126417020244 0ustar 00000000000000Rgl5OyPp0JNi3CG7R9oLTzp2ImSaR9RkAZua6v5TNZwXjJHNWLpry3i+A0anvGN/S4c9S6s47mYf GZY0xUehrYRC4D2gFbE25UP3qwfAwT5CJbjejM4l1PbrhAD4H34YM7fubjNNNwlkynn9uHK011Ij te6wgQFZH7Uy0VWm3oc= nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext40000644000000000000000000000025713230126417020245 0ustar 00000000000000HSqtIhyk0x3fE1CSOQGTmOPRSzLcNNxa9K6uo8CVr3NHnPCkXlYpY1pToBg3dhWxbLmxOz4J1nHr ceOHuFRcWWDaWmR3bnaOgrLJNYO/EEw/2yNRK3tOifYz3QBjpTDbRSSwHD84TAkxDjFaedzT1oQC Kn8xyGWmZOMWl4t1n60= nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext50000644000000000000000000000025713230126417020246 0ustar 00000000000000KjT2El4fawv5cehPvUHGMr6PLCrOfei2km4x/5Ppr5h/vAblHpvhT1GY+R8/lTvWfaYKnfWXZMPc D+COHL7wt1+GjRCtP7p0n+9Z+22sRqDW5QQ2kzFYb1jkYo85qieJglQ7wO61N9xhlYAZs5T7Jz8h WFigoBrE1lC5VcZ/TFg= nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext60000644000000000000000000000040413230126417020241 0ustar 00000000000000WGEHImw84BOnyPBNGmopWbtLjiBbpDontQ8SQRG8Ne9YmwOfWTIYfLaW19mjLAw4MApc3aSDS2LS 6yQK8z950T378JW/WZ4NloaUjBlkdHtn6JyaulzYUBYjb1ZsxYAssT6tUbx8pr7zuU3L27HVcEaX cd8OALGooGd3Ry0jFiee2uhkdGaNTh7/+V8d5hxgINoyrpK78WUg/vPPTYj2ESHyS72f6RtZyvEj WyqT/4H8QDrd9OveqEk0qc2vjhqe nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext70000644000000000000000000000040413230126417020242 0ustar 00000000000000gLbWQyVSCfCkVnY4l6ye0lnUWbScKIfliC7LRDTP1m3X4WmTdTgeUc1/VU8sJxcEs5nUK0viVAoO ymGVH1Umf3woeMEihC2tsosBvV+MAl9+IoQYpnPAPWvAxzbQopVGvWf3htnWkszqd41x2YwgY7en EJIYek01rxCBEdg+g+rkbEaqNCd+BgRFiZA3iPHV587iX7SF6SlJEYgU1vLD7jYUiQFvMn+1vFF+ tQRwv/oa+l9M6aoM5bjuGb9VAblY nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext80000644000000000000000000000040413230126417020243 0ustar 00000000000000SEQI84mM1fU0g/gIGe+/JwjDTSeosqb66LMi+SQCN/mBgXrKGEbxCE2qbXwHlfblvxr1nDjhhYQ3 zh9+xBm5jIc2rfbdmgCxgG0r060Kc3deBfUt/vOlmrSwgUPw3wXNGtnQS+zsptqkohKYA+IAy8d3 h8r0wdBmOmxZh7YFlSAZeCyvLsFCbWj7lO0dS+gWp+0IG3fmqzMLP/wHOCD+zeNyf8vile5hoFCj Q2WGN8P9ZZz7Y3Nt4y2fkNPC9j7K nss-3.35/nss/cmd/bltest/tests/rsa_pss/ciphertext90000644000000000000000000000040413230126417020244 0ustar 00000000000000hOvrSBvlmEW0ZGi6+0ccARLgKyNdhLXZEcvRkm7lB0rgQkSVyyDoIwi467ZfQZoD+0DnK3iYHYiq 0UMFNoUXLJeynIt78K5ztbImPEA9oO0vgP90UK94KOuLhvACi9KosXak0ijMzqGDlPI4sJ/3WMwA vAQwEVI1V0LygrVOZjqRnnCdjaJK3lUAp7mqUCJuDKUpI+bC2GDsUP9ID6V0d+grBWX0N595x3LV wtqAr5+/Ml7Ob8ILAJYWFL7omhg+ nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash00000644000000000000000000000000513230126417016774 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash10000644000000000000000000000000513230126417016775 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash100000644000000000000000000000000513230126417017055 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash110000644000000000000000000000000513230126417017056 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash120000644000000000000000000000000513230126417017057 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash130000644000000000000000000000000513230126417017060 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash140000644000000000000000000000000513230126417017061 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash150000644000000000000000000000000513230126417017062 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash160000644000000000000000000000000513230126417017063 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash170000644000000000000000000000000513230126417017064 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash20000644000000000000000000000000513230126417016776 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash30000644000000000000000000000000513230126417016777 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash40000644000000000000000000000000513230126417017000 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash50000644000000000000000000000000513230126417017001 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash60000644000000000000000000000000513230126417017002 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash70000644000000000000000000000000513230126417017003 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash80000644000000000000000000000000513230126417017004 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/hash90000644000000000000000000000000513230126417017005 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/key00000644000000000000000000000147013230126417016650 0ustar 00000000000000AAAAAQAAAACApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcAAAADAQABAAAAgDOlBCqQsn1PVFHKm7vQtEdxoQGviENArvmIXypLvpLolKckrDxWjI+XhTrQfAJmyMajygkp8ejxEjGIRCn8TZrlX+6JahDOcHw+1+c05Ecno5V0UBpTJoMQnCq6yrooPDG0vS9Tw+4341LO40+eUDvYDAYirXnG3O6INUfGo7MlAAAAQOfolCcgqHdRcnOjVgU+oqG8DJSqctVcboYpay38lnlIwKcsvMyn6ss1cG4Jod9VoVNb2bPMNBYLO23NPtqOZEMAAABAtp3KHPfU1+yB51uQ/MqHSrzeEj/ScAGAqpBHm25I3o1n7ST58Z2FuidYdPVCzSDccj5pYzZKH5QlRSsmmmeZ/QAAAEAo+hOThlW+H4oVnLrKWnLqGQwwCJ4ZzSdKVW82xPbhn1VLNMB3eQQnu92N0+3iRIMo84XYGzDo5Dsv/6Anhhl5AAAAQBqLOPOY+nEgSYmNf7ee4Kd2aHkSmc36Ce/A5Qessh7XQwHvW/1IvkVerrbhZ4JVgnWAqOTo4UFR0VEKgqPy5ykAAABAJxVqukEm0kqB86Uoy/sn9WiG+ECp9uhuF6RLlP6TGVhLjiL93h5aLjvYqluo2FhBlOshkKz4MrhH8To9JKefTQ==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key10000644000000000000000000000147013230126417016651 0ustar 00000000000000AAAAAQAAAACApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcAAAADAQABAAAAgDOlBCqQsn1PVFHKm7vQtEdxoQGviENArvmIXypLvpLolKckrDxWjI+XhTrQfAJmyMajygkp8ejxEjGIRCn8TZrlX+6JahDOcHw+1+c05Ecno5V0UBpTJoMQnCq6yrooPDG0vS9Tw+4341LO40+eUDvYDAYirXnG3O6INUfGo7MlAAAAQOfolCcgqHdRcnOjVgU+oqG8DJSqctVcboYpay38lnlIwKcsvMyn6ss1cG4Jod9VoVNb2bPMNBYLO23NPtqOZEMAAABAtp3KHPfU1+yB51uQ/MqHSrzeEj/ScAGAqpBHm25I3o1n7ST58Z2FuidYdPVCzSDccj5pYzZKH5QlRSsmmmeZ/QAAAEAo+hOThlW+H4oVnLrKWnLqGQwwCJ4ZzSdKVW82xPbhn1VLNMB3eQQnu92N0+3iRIMo84XYGzDo5Dsv/6Anhhl5AAAAQBqLOPOY+nEgSYmNf7ee4Kd2aHkSmc36Ce/A5Qessh7XQwHvW/1IvkVerrbhZ4JVgnWAqOTo4UFR0VEKgqPy5ykAAABAJxVqukEm0kqB86Uoy/sn9WiG+ECp9uhuF6RLlP6TGVhLjiL93h5aLjvYqluo2FhBlOshkKz4MrhH8To9JKefTQ==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key100000644000000000000000000000227013230126417016730 0ustar 00000000000000AAAAAQAAAADA5r1pKslmRXkEA/3Q9b64ub+S7RAAf8NlBGQZ3QbAXFtbL0js+YnkziaRCZecu0C0oK0k0iSD0e4xWtTMsVNCaDUmkcUk9t2ObCnSJM8kaXOuyGxb9rFAGoUNG5rRu4y87Eewbw+Mf0XT/I8xkpnFQz3bwrMFO0fe0uzUpMrv1hSDPci7Yi8xftB2uAV/6N4/hEgK1eg+SmGQSk8kj7OXAnNX4dMORjE5gVxv1P1axbgXKkUjDstjGKBPFFXYTlqLAAAAAwEAAQAAAMBqf9hPuF+tBzs0QG23T41hpqvBIZapYd15Vl6dpuUYe84tmAJQ9zWVdTWScNkVkLsOQnxxRgtV1RQQsZG88wn+oTGpLI5wJzj6cZ8eAEH1LkDpHyKfTZah5vFy4VWWtFEKba7CYQXyvrxTMWuHvfITEWZgcOjf7mnVLHGpdsqueccraNKFgNxobZ9RKdIl+Cs9YVUTqIKz25FBa0jOCIiCE+N+65r4ANgcqzKM5CBomQPADHtf0xt1UDptQZaE1ikAAABg+OuX6Y3xJmTu/bdhWWpp3c0Odtrs5u1L9aG1CsCG95KKTS+HJqd+UVt02kGYjyILHMh6ofyBDOmagvLRzoIe3O15TGlB9Cx6GguMTSjHXsYLZSJ59hVKdirtFl1H3uNnAAAAYO1NcdCm4kuTwuX2tLvgX1+wr6BC0gT+M3jTZcLyiLao2tfv5F0VPu9Aysx7gf+TQALRCJlLlKXkcozZyWM3WuSZZb2lXL8O/tjWVTtAJ/LYYgim5rSJwXYSgJLWKeSdPQAAAGArtovd+wxPVshVi/+viS2AQwN4Qef6gc+mGjjF45uQHI7nESKl2iInvWze60gUUsEq09YdXk93agq1Vlkb7+Plnlp/3bg0Xh8vNbn0zuV8MkFMCGrsmT6TU+SA2e7GKJ8AAABgT/iXcJ+tB5dGSUV45w/YVGEw7qtWJ8SbCA8F7krZ8+S3y6nWpd/xE6QcNAkzaDPxkIFtimvELpvsVrdWfQ88nGltthmyRdkB3YVtt8gJLnfpoczNVu5NukLF/bYa7CZpAAAAYHe50RN7UEBKmCcpMW76/H3+ZtNOWhgmANXzCgqFEgUcVg0IHU0KGDXsPSWmD05NaqlIsr89u1sSTLvDSJJVo6lINy9peElnRflD4dtPGDgs6qUF38ZXV7s/hXpY3OUhVg==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key110000644000000000000000000000227013230126417016731 0ustar 00000000000000AAAAAQAAAADA5r1pKslmRXkEA/3Q9b64ub+S7RAAf8NlBGQZ3QbAXFtbL0js+YnkziaRCZecu0C0oK0k0iSD0e4xWtTMsVNCaDUmkcUk9t2ObCnSJM8kaXOuyGxb9rFAGoUNG5rRu4y87Eewbw+Mf0XT/I8xkpnFQz3bwrMFO0fe0uzUpMrv1hSDPci7Yi8xftB2uAV/6N4/hEgK1eg+SmGQSk8kj7OXAnNX4dMORjE5gVxv1P1axbgXKkUjDstjGKBPFFXYTlqLAAAAAwEAAQAAAMBqf9hPuF+tBzs0QG23T41hpqvBIZapYd15Vl6dpuUYe84tmAJQ9zWVdTWScNkVkLsOQnxxRgtV1RQQsZG88wn+oTGpLI5wJzj6cZ8eAEH1LkDpHyKfTZah5vFy4VWWtFEKba7CYQXyvrxTMWuHvfITEWZgcOjf7mnVLHGpdsqueccraNKFgNxobZ9RKdIl+Cs9YVUTqIKz25FBa0jOCIiCE+N+65r4ANgcqzKM5CBomQPADHtf0xt1UDptQZaE1ikAAABg+OuX6Y3xJmTu/bdhWWpp3c0Odtrs5u1L9aG1CsCG95KKTS+HJqd+UVt02kGYjyILHMh6ofyBDOmagvLRzoIe3O15TGlB9Cx6GguMTSjHXsYLZSJ59hVKdirtFl1H3uNnAAAAYO1NcdCm4kuTwuX2tLvgX1+wr6BC0gT+M3jTZcLyiLao2tfv5F0VPu9Aysx7gf+TQALRCJlLlKXkcozZyWM3WuSZZb2lXL8O/tjWVTtAJ/LYYgim5rSJwXYSgJLWKeSdPQAAAGArtovd+wxPVshVi/+viS2AQwN4Qef6gc+mGjjF45uQHI7nESKl2iInvWze60gUUsEq09YdXk93agq1Vlkb7+Plnlp/3bg0Xh8vNbn0zuV8MkFMCGrsmT6TU+SA2e7GKJ8AAABgT/iXcJ+tB5dGSUV45w/YVGEw7qtWJ8SbCA8F7krZ8+S3y6nWpd/xE6QcNAkzaDPxkIFtimvELpvsVrdWfQ88nGltthmyRdkB3YVtt8gJLnfpoczNVu5NukLF/bYa7CZpAAAAYHe50RN7UEBKmCcpMW76/H3+ZtNOWhgmANXzCgqFEgUcVg0IHU0KGDXsPSWmD05NaqlIsr89u1sSTLvDSJJVo6lINy9peElnRflD4dtPGDgs6qUF38ZXV7s/hXpY3OUhVg==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key120000644000000000000000000000307013230126417016731 0ustar 00000000000000AAAAAQAAAAEApd2GesTLAvkLlFfUjBSncO+ZHFbDnA7GX9Ea+ok3zqV7m+esc7RcABdhW4LWIuMYdTtgJ8D9FXvhL4CQ/uKnrc0O73WfiLpJl8ekLVjJqhLLma4AH+UhwTu1QxRFqNWuT15MfpSKwifTYEBx8g5XfpBfvrFd+vBtHeWuYlPWOmohILMaXaXavJVQYA4g8n03OeJieSX+o8xQnyHf8E5u6kVJxUDWgJ/5MH7t6R//WHM9g4WiN9bTcFoz45GQCZIHDfet8TV89+NwDONmfeg/F7jfF3jbOB3OCctK0FilEQAac4GY7ifPVaE7dUU5kGWC7IsXS9WNXR89dnxhNyGuBQAAAAMBAAEAAAEALS/1Z7P+dOBhkbf97W3hEikMZwaSQw1ZaRhAR9ojTJaT3u0Wc+1ClTnJadNywE1rR+D1uM7ghD5cIoNdvTsFoJl5hK5gWLEbxJB8v2fthPqa4lLfsNDNSeYY4139/lm8o93WbDPOu8d61EGqaV4T4yS1GPAcYPWoXJlK0XnyprX76TQCsRdnvgG/BzRE1rod0rylvQdNSl+uNTGtEwPYSzDYlzGMu7oE4DwuZt5tkfgvluodS7VKWq4QLVlGV/XJeJVTUSspbeop2AIxljV+PjpulY8548I0QDjqYEsx7cbw9/9ucYGlfJKCaiaPhnaOlvh4Vi/HHYXWnkSGEvcEjwAAAIDP1QKD/u65f28I1zy8ezg2+Cu81JlHn15vdv38uLOMT3Hcnoi9am92Nxr9ZdKvGGKzKvs0qV9xuLEyBD/+vjqVK691kkSBSMA/nGmx1o5M5c8yyGuvRv7TAcoatAMGmzL0VrkfcYmKsIHNjEJS71JxkVyXlLjylYUdp1EPmctz6wAAAIDMTpDSobOgZdOy0fWo/OMbVER1Zk6rVh0pcbmft774ROjsHzYLjCrINZaSlx6mo49yP8whH128sXeg/axRZKHU/3+7ToKZhjU8uYNlmhSM3UIMfTG6OCLqkKMr5GwDDowX4foK03hZ4GsKpvo7IW2cvmwOIjOXacCmFZE+XacZzwAAAIAcLR/DL2vEAE/YXf3g+7+aTDj5x8TkHeoaqII0ogHNkvO32lJlg6mK2FuzYPuYO3EeI0SdVh0XeNelFUhry/R7Rsnp4aOh93AA776wmor+R+W4V82pnLFtf/+bcS471gypbZx5c9YW1Gk0qcBQKBwAQ5nO/x233aeHZqipucsIcwAAAIDLOzwEyqWMYL59my3rs+OWQ/T1c5e+CCNqHp6vqnBlNuccOs/gHMZR8jyeBYWP7hO7aor8R99O3JpLowvOy3PQFXhSMn7niQFcLo3ue58FoPMayU62FzFkdAxclRR81fO1riy0qDeH8B2Ksx8nwtDuot2KEauQarogfEPG7hJTMQAAAIAS9rLPE3SnNvrQVhYFD5arS2HRF3x/nVJaKfPRgOd2Z+mdmavwUl0HWGYPN1JlWw8luN+EMdmo/3fBbBKgpRIqnwv3z9WiZqNcFZ+ZEgi5Axb/RE8+C2vQ6TuKeiRI6Vfj3abPzyJmsQYBOsRoCNOziHs7ADRLqslTC0znCPwytg==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key130000644000000000000000000000307013230126417016732 0ustar 00000000000000AAAAAQAAAAEApd2GesTLAvkLlFfUjBSncO+ZHFbDnA7GX9Ea+ok3zqV7m+esc7RcABdhW4LWIuMYdTtgJ8D9FXvhL4CQ/uKnrc0O73WfiLpJl8ekLVjJqhLLma4AH+UhwTu1QxRFqNWuT15MfpSKwifTYEBx8g5XfpBfvrFd+vBtHeWuYlPWOmohILMaXaXavJVQYA4g8n03OeJieSX+o8xQnyHf8E5u6kVJxUDWgJ/5MH7t6R//WHM9g4WiN9bTcFoz45GQCZIHDfet8TV89+NwDONmfeg/F7jfF3jbOB3OCctK0FilEQAac4GY7ifPVaE7dUU5kGWC7IsXS9WNXR89dnxhNyGuBQAAAAMBAAEAAAEALS/1Z7P+dOBhkbf97W3hEikMZwaSQw1ZaRhAR9ojTJaT3u0Wc+1ClTnJadNywE1rR+D1uM7ghD5cIoNdvTsFoJl5hK5gWLEbxJB8v2fthPqa4lLfsNDNSeYY4139/lm8o93WbDPOu8d61EGqaV4T4yS1GPAcYPWoXJlK0XnyprX76TQCsRdnvgG/BzRE1rod0rylvQdNSl+uNTGtEwPYSzDYlzGMu7oE4DwuZt5tkfgvluodS7VKWq4QLVlGV/XJeJVTUSspbeop2AIxljV+PjpulY8548I0QDjqYEsx7cbw9/9ucYGlfJKCaiaPhnaOlvh4Vi/HHYXWnkSGEvcEjwAAAIDP1QKD/u65f28I1zy8ezg2+Cu81JlHn15vdv38uLOMT3Hcnoi9am92Nxr9ZdKvGGKzKvs0qV9xuLEyBD/+vjqVK691kkSBSMA/nGmx1o5M5c8yyGuvRv7TAcoatAMGmzL0VrkfcYmKsIHNjEJS71JxkVyXlLjylYUdp1EPmctz6wAAAIDMTpDSobOgZdOy0fWo/OMbVER1Zk6rVh0pcbmft774ROjsHzYLjCrINZaSlx6mo49yP8whH128sXeg/axRZKHU/3+7ToKZhjU8uYNlmhSM3UIMfTG6OCLqkKMr5GwDDowX4foK03hZ4GsKpvo7IW2cvmwOIjOXacCmFZE+XacZzwAAAIAcLR/DL2vEAE/YXf3g+7+aTDj5x8TkHeoaqII0ogHNkvO32lJlg6mK2FuzYPuYO3EeI0SdVh0XeNelFUhry/R7Rsnp4aOh93AA776wmor+R+W4V82pnLFtf/+bcS471gypbZx5c9YW1Gk0qcBQKBwAQ5nO/x233aeHZqipucsIcwAAAIDLOzwEyqWMYL59my3rs+OWQ/T1c5e+CCNqHp6vqnBlNuccOs/gHMZR8jyeBYWP7hO7aor8R99O3JpLowvOy3PQFXhSMn7niQFcLo3ue58FoPMayU62FzFkdAxclRR81fO1riy0qDeH8B2Ksx8nwtDuot2KEauQarogfEPG7hJTMQAAAIAS9rLPE3SnNvrQVhYFD5arS2HRF3x/nVJaKfPRgOd2Z+mdmavwUl0HWGYPN1JlWw8luN+EMdmo/3fBbBKgpRIqnwv3z9WiZqNcFZ+ZEgi5Axb/RE8+C2vQ6TuKeiRI6Vfj3abPzyJmsQYBOsRoCNOziHs7ADRLqslTC0znCPwytg==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key140000644000000000000000000000307013230126417016733 0ustar 00000000000000AAAAAQAAAAEApd2GesTLAvkLlFfUjBSncO+ZHFbDnA7GX9Ea+ok3zqV7m+esc7RcABdhW4LWIuMYdTtgJ8D9FXvhL4CQ/uKnrc0O73WfiLpJl8ekLVjJqhLLma4AH+UhwTu1QxRFqNWuT15MfpSKwifTYEBx8g5XfpBfvrFd+vBtHeWuYlPWOmohILMaXaXavJVQYA4g8n03OeJieSX+o8xQnyHf8E5u6kVJxUDWgJ/5MH7t6R//WHM9g4WiN9bTcFoz45GQCZIHDfet8TV89+NwDONmfeg/F7jfF3jbOB3OCctK0FilEQAac4GY7ifPVaE7dUU5kGWC7IsXS9WNXR89dnxhNyGuBQAAAAMBAAEAAAEALS/1Z7P+dOBhkbf97W3hEikMZwaSQw1ZaRhAR9ojTJaT3u0Wc+1ClTnJadNywE1rR+D1uM7ghD5cIoNdvTsFoJl5hK5gWLEbxJB8v2fthPqa4lLfsNDNSeYY4139/lm8o93WbDPOu8d61EGqaV4T4yS1GPAcYPWoXJlK0XnyprX76TQCsRdnvgG/BzRE1rod0rylvQdNSl+uNTGtEwPYSzDYlzGMu7oE4DwuZt5tkfgvluodS7VKWq4QLVlGV/XJeJVTUSspbeop2AIxljV+PjpulY8548I0QDjqYEsx7cbw9/9ucYGlfJKCaiaPhnaOlvh4Vi/HHYXWnkSGEvcEjwAAAIDP1QKD/u65f28I1zy8ezg2+Cu81JlHn15vdv38uLOMT3Hcnoi9am92Nxr9ZdKvGGKzKvs0qV9xuLEyBD/+vjqVK691kkSBSMA/nGmx1o5M5c8yyGuvRv7TAcoatAMGmzL0VrkfcYmKsIHNjEJS71JxkVyXlLjylYUdp1EPmctz6wAAAIDMTpDSobOgZdOy0fWo/OMbVER1Zk6rVh0pcbmft774ROjsHzYLjCrINZaSlx6mo49yP8whH128sXeg/axRZKHU/3+7ToKZhjU8uYNlmhSM3UIMfTG6OCLqkKMr5GwDDowX4foK03hZ4GsKpvo7IW2cvmwOIjOXacCmFZE+XacZzwAAAIAcLR/DL2vEAE/YXf3g+7+aTDj5x8TkHeoaqII0ogHNkvO32lJlg6mK2FuzYPuYO3EeI0SdVh0XeNelFUhry/R7Rsnp4aOh93AA776wmor+R+W4V82pnLFtf/+bcS471gypbZx5c9YW1Gk0qcBQKBwAQ5nO/x233aeHZqipucsIcwAAAIDLOzwEyqWMYL59my3rs+OWQ/T1c5e+CCNqHp6vqnBlNuccOs/gHMZR8jyeBYWP7hO7aor8R99O3JpLowvOy3PQFXhSMn7niQFcLo3ue58FoPMayU62FzFkdAxclRR81fO1riy0qDeH8B2Ksx8nwtDuot2KEauQarogfEPG7hJTMQAAAIAS9rLPE3SnNvrQVhYFD5arS2HRF3x/nVJaKfPRgOd2Z+mdmavwUl0HWGYPN1JlWw8luN+EMdmo/3fBbBKgpRIqnwv3z9WiZqNcFZ+ZEgi5Axb/RE8+C2vQ6TuKeiRI6Vfj3abPzyJmsQYBOsRoCNOziHs7ADRLqslTC0znCPwytg==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key150000644000000000000000000000307013230126417016734 0ustar 00000000000000AAAAAQAAAAEApd2GesTLAvkLlFfUjBSncO+ZHFbDnA7GX9Ea+ok3zqV7m+esc7RcABdhW4LWIuMYdTtgJ8D9FXvhL4CQ/uKnrc0O73WfiLpJl8ekLVjJqhLLma4AH+UhwTu1QxRFqNWuT15MfpSKwifTYEBx8g5XfpBfvrFd+vBtHeWuYlPWOmohILMaXaXavJVQYA4g8n03OeJieSX+o8xQnyHf8E5u6kVJxUDWgJ/5MH7t6R//WHM9g4WiN9bTcFoz45GQCZIHDfet8TV89+NwDONmfeg/F7jfF3jbOB3OCctK0FilEQAac4GY7ifPVaE7dUU5kGWC7IsXS9WNXR89dnxhNyGuBQAAAAMBAAEAAAEALS/1Z7P+dOBhkbf97W3hEikMZwaSQw1ZaRhAR9ojTJaT3u0Wc+1ClTnJadNywE1rR+D1uM7ghD5cIoNdvTsFoJl5hK5gWLEbxJB8v2fthPqa4lLfsNDNSeYY4139/lm8o93WbDPOu8d61EGqaV4T4yS1GPAcYPWoXJlK0XnyprX76TQCsRdnvgG/BzRE1rod0rylvQdNSl+uNTGtEwPYSzDYlzGMu7oE4DwuZt5tkfgvluodS7VKWq4QLVlGV/XJeJVTUSspbeop2AIxljV+PjpulY8548I0QDjqYEsx7cbw9/9ucYGlfJKCaiaPhnaOlvh4Vi/HHYXWnkSGEvcEjwAAAIDP1QKD/u65f28I1zy8ezg2+Cu81JlHn15vdv38uLOMT3Hcnoi9am92Nxr9ZdKvGGKzKvs0qV9xuLEyBD/+vjqVK691kkSBSMA/nGmx1o5M5c8yyGuvRv7TAcoatAMGmzL0VrkfcYmKsIHNjEJS71JxkVyXlLjylYUdp1EPmctz6wAAAIDMTpDSobOgZdOy0fWo/OMbVER1Zk6rVh0pcbmft774ROjsHzYLjCrINZaSlx6mo49yP8whH128sXeg/axRZKHU/3+7ToKZhjU8uYNlmhSM3UIMfTG6OCLqkKMr5GwDDowX4foK03hZ4GsKpvo7IW2cvmwOIjOXacCmFZE+XacZzwAAAIAcLR/DL2vEAE/YXf3g+7+aTDj5x8TkHeoaqII0ogHNkvO32lJlg6mK2FuzYPuYO3EeI0SdVh0XeNelFUhry/R7Rsnp4aOh93AA776wmor+R+W4V82pnLFtf/+bcS471gypbZx5c9YW1Gk0qcBQKBwAQ5nO/x233aeHZqipucsIcwAAAIDLOzwEyqWMYL59my3rs+OWQ/T1c5e+CCNqHp6vqnBlNuccOs/gHMZR8jyeBYWP7hO7aor8R99O3JpLowvOy3PQFXhSMn7niQFcLo3ue58FoPMayU62FzFkdAxclRR81fO1riy0qDeH8B2Ksx8nwtDuot2KEauQarogfEPG7hJTMQAAAIAS9rLPE3SnNvrQVhYFD5arS2HRF3x/nVJaKfPRgOd2Z+mdmavwUl0HWGYPN1JlWw8luN+EMdmo/3fBbBKgpRIqnwv3z9WiZqNcFZ+ZEgi5Axb/RE8+C2vQ6TuKeiRI6Vfj3abPzyJmsQYBOsRoCNOziHs7ADRLqslTC0znCPwytg==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key160000644000000000000000000000307013230126417016735 0ustar 00000000000000AAAAAQAAAAEApd2GesTLAvkLlFfUjBSncO+ZHFbDnA7GX9Ea+ok3zqV7m+esc7RcABdhW4LWIuMYdTtgJ8D9FXvhL4CQ/uKnrc0O73WfiLpJl8ekLVjJqhLLma4AH+UhwTu1QxRFqNWuT15MfpSKwifTYEBx8g5XfpBfvrFd+vBtHeWuYlPWOmohILMaXaXavJVQYA4g8n03OeJieSX+o8xQnyHf8E5u6kVJxUDWgJ/5MH7t6R//WHM9g4WiN9bTcFoz45GQCZIHDfet8TV89+NwDONmfeg/F7jfF3jbOB3OCctK0FilEQAac4GY7ifPVaE7dUU5kGWC7IsXS9WNXR89dnxhNyGuBQAAAAMBAAEAAAEALS/1Z7P+dOBhkbf97W3hEikMZwaSQw1ZaRhAR9ojTJaT3u0Wc+1ClTnJadNywE1rR+D1uM7ghD5cIoNdvTsFoJl5hK5gWLEbxJB8v2fthPqa4lLfsNDNSeYY4139/lm8o93WbDPOu8d61EGqaV4T4yS1GPAcYPWoXJlK0XnyprX76TQCsRdnvgG/BzRE1rod0rylvQdNSl+uNTGtEwPYSzDYlzGMu7oE4DwuZt5tkfgvluodS7VKWq4QLVlGV/XJeJVTUSspbeop2AIxljV+PjpulY8548I0QDjqYEsx7cbw9/9ucYGlfJKCaiaPhnaOlvh4Vi/HHYXWnkSGEvcEjwAAAIDP1QKD/u65f28I1zy8ezg2+Cu81JlHn15vdv38uLOMT3Hcnoi9am92Nxr9ZdKvGGKzKvs0qV9xuLEyBD/+vjqVK691kkSBSMA/nGmx1o5M5c8yyGuvRv7TAcoatAMGmzL0VrkfcYmKsIHNjEJS71JxkVyXlLjylYUdp1EPmctz6wAAAIDMTpDSobOgZdOy0fWo/OMbVER1Zk6rVh0pcbmft774ROjsHzYLjCrINZaSlx6mo49yP8whH128sXeg/axRZKHU/3+7ToKZhjU8uYNlmhSM3UIMfTG6OCLqkKMr5GwDDowX4foK03hZ4GsKpvo7IW2cvmwOIjOXacCmFZE+XacZzwAAAIAcLR/DL2vEAE/YXf3g+7+aTDj5x8TkHeoaqII0ogHNkvO32lJlg6mK2FuzYPuYO3EeI0SdVh0XeNelFUhry/R7Rsnp4aOh93AA776wmor+R+W4V82pnLFtf/+bcS471gypbZx5c9YW1Gk0qcBQKBwAQ5nO/x233aeHZqipucsIcwAAAIDLOzwEyqWMYL59my3rs+OWQ/T1c5e+CCNqHp6vqnBlNuccOs/gHMZR8jyeBYWP7hO7aor8R99O3JpLowvOy3PQFXhSMn7niQFcLo3ue58FoPMayU62FzFkdAxclRR81fO1riy0qDeH8B2Ksx8nwtDuot2KEauQarogfEPG7hJTMQAAAIAS9rLPE3SnNvrQVhYFD5arS2HRF3x/nVJaKfPRgOd2Z+mdmavwUl0HWGYPN1JlWw8luN+EMdmo/3fBbBKgpRIqnwv3z9WiZqNcFZ+ZEgi5Axb/RE8+C2vQ6TuKeiRI6Vfj3abPzyJmsQYBOsRoCNOziHs7ADRLqslTC0znCPwytg==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key170000644000000000000000000000307013230126417016736 0ustar 00000000000000AAAAAQAAAAEApd2GesTLAvkLlFfUjBSncO+ZHFbDnA7GX9Ea+ok3zqV7m+esc7RcABdhW4LWIuMYdTtgJ8D9FXvhL4CQ/uKnrc0O73WfiLpJl8ekLVjJqhLLma4AH+UhwTu1QxRFqNWuT15MfpSKwifTYEBx8g5XfpBfvrFd+vBtHeWuYlPWOmohILMaXaXavJVQYA4g8n03OeJieSX+o8xQnyHf8E5u6kVJxUDWgJ/5MH7t6R//WHM9g4WiN9bTcFoz45GQCZIHDfet8TV89+NwDONmfeg/F7jfF3jbOB3OCctK0FilEQAac4GY7ifPVaE7dUU5kGWC7IsXS9WNXR89dnxhNyGuBQAAAAMBAAEAAAEALS/1Z7P+dOBhkbf97W3hEikMZwaSQw1ZaRhAR9ojTJaT3u0Wc+1ClTnJadNywE1rR+D1uM7ghD5cIoNdvTsFoJl5hK5gWLEbxJB8v2fthPqa4lLfsNDNSeYY4139/lm8o93WbDPOu8d61EGqaV4T4yS1GPAcYPWoXJlK0XnyprX76TQCsRdnvgG/BzRE1rod0rylvQdNSl+uNTGtEwPYSzDYlzGMu7oE4DwuZt5tkfgvluodS7VKWq4QLVlGV/XJeJVTUSspbeop2AIxljV+PjpulY8548I0QDjqYEsx7cbw9/9ucYGlfJKCaiaPhnaOlvh4Vi/HHYXWnkSGEvcEjwAAAIDP1QKD/u65f28I1zy8ezg2+Cu81JlHn15vdv38uLOMT3Hcnoi9am92Nxr9ZdKvGGKzKvs0qV9xuLEyBD/+vjqVK691kkSBSMA/nGmx1o5M5c8yyGuvRv7TAcoatAMGmzL0VrkfcYmKsIHNjEJS71JxkVyXlLjylYUdp1EPmctz6wAAAIDMTpDSobOgZdOy0fWo/OMbVER1Zk6rVh0pcbmft774ROjsHzYLjCrINZaSlx6mo49yP8whH128sXeg/axRZKHU/3+7ToKZhjU8uYNlmhSM3UIMfTG6OCLqkKMr5GwDDowX4foK03hZ4GsKpvo7IW2cvmwOIjOXacCmFZE+XacZzwAAAIAcLR/DL2vEAE/YXf3g+7+aTDj5x8TkHeoaqII0ogHNkvO32lJlg6mK2FuzYPuYO3EeI0SdVh0XeNelFUhry/R7Rsnp4aOh93AA776wmor+R+W4V82pnLFtf/+bcS471gypbZx5c9YW1Gk0qcBQKBwAQ5nO/x233aeHZqipucsIcwAAAIDLOzwEyqWMYL59my3rs+OWQ/T1c5e+CCNqHp6vqnBlNuccOs/gHMZR8jyeBYWP7hO7aor8R99O3JpLowvOy3PQFXhSMn7niQFcLo3ue58FoPMayU62FzFkdAxclRR81fO1riy0qDeH8B2Ksx8nwtDuot2KEauQarogfEPG7hJTMQAAAIAS9rLPE3SnNvrQVhYFD5arS2HRF3x/nVJaKfPRgOd2Z+mdmavwUl0HWGYPN1JlWw8luN+EMdmo/3fBbBKgpRIqnwv3z9WiZqNcFZ+ZEgi5Axb/RE8+C2vQ6TuKeiRI6Vfj3abPzyJmsQYBOsRoCNOziHs7ADRLqslTC0znCPwytg==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key20000644000000000000000000000147013230126417016652 0ustar 00000000000000AAAAAQAAAACApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcAAAADAQABAAAAgDOlBCqQsn1PVFHKm7vQtEdxoQGviENArvmIXypLvpLolKckrDxWjI+XhTrQfAJmyMajygkp8ejxEjGIRCn8TZrlX+6JahDOcHw+1+c05Ecno5V0UBpTJoMQnCq6yrooPDG0vS9Tw+4341LO40+eUDvYDAYirXnG3O6INUfGo7MlAAAAQOfolCcgqHdRcnOjVgU+oqG8DJSqctVcboYpay38lnlIwKcsvMyn6ss1cG4Jod9VoVNb2bPMNBYLO23NPtqOZEMAAABAtp3KHPfU1+yB51uQ/MqHSrzeEj/ScAGAqpBHm25I3o1n7ST58Z2FuidYdPVCzSDccj5pYzZKH5QlRSsmmmeZ/QAAAEAo+hOThlW+H4oVnLrKWnLqGQwwCJ4ZzSdKVW82xPbhn1VLNMB3eQQnu92N0+3iRIMo84XYGzDo5Dsv/6Anhhl5AAAAQBqLOPOY+nEgSYmNf7ee4Kd2aHkSmc36Ce/A5Qessh7XQwHvW/1IvkVerrbhZ4JVgnWAqOTo4UFR0VEKgqPy5ykAAABAJxVqukEm0kqB86Uoy/sn9WiG+ECp9uhuF6RLlP6TGVhLjiL93h5aLjvYqluo2FhBlOshkKz4MrhH8To9JKefTQ==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key30000644000000000000000000000147013230126417016653 0ustar 00000000000000AAAAAQAAAACApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcAAAADAQABAAAAgDOlBCqQsn1PVFHKm7vQtEdxoQGviENArvmIXypLvpLolKckrDxWjI+XhTrQfAJmyMajygkp8ejxEjGIRCn8TZrlX+6JahDOcHw+1+c05Ecno5V0UBpTJoMQnCq6yrooPDG0vS9Tw+4341LO40+eUDvYDAYirXnG3O6INUfGo7MlAAAAQOfolCcgqHdRcnOjVgU+oqG8DJSqctVcboYpay38lnlIwKcsvMyn6ss1cG4Jod9VoVNb2bPMNBYLO23NPtqOZEMAAABAtp3KHPfU1+yB51uQ/MqHSrzeEj/ScAGAqpBHm25I3o1n7ST58Z2FuidYdPVCzSDccj5pYzZKH5QlRSsmmmeZ/QAAAEAo+hOThlW+H4oVnLrKWnLqGQwwCJ4ZzSdKVW82xPbhn1VLNMB3eQQnu92N0+3iRIMo84XYGzDo5Dsv/6Anhhl5AAAAQBqLOPOY+nEgSYmNf7ee4Kd2aHkSmc36Ce/A5Qessh7XQwHvW/1IvkVerrbhZ4JVgnWAqOTo4UFR0VEKgqPy5ykAAABAJxVqukEm0kqB86Uoy/sn9WiG+ECp9uhuF6RLlP6TGVhLjiL93h5aLjvYqluo2FhBlOshkKz4MrhH8To9JKefTQ==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key40000644000000000000000000000147013230126417016654 0ustar 00000000000000AAAAAQAAAACApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcAAAADAQABAAAAgDOlBCqQsn1PVFHKm7vQtEdxoQGviENArvmIXypLvpLolKckrDxWjI+XhTrQfAJmyMajygkp8ejxEjGIRCn8TZrlX+6JahDOcHw+1+c05Ecno5V0UBpTJoMQnCq6yrooPDG0vS9Tw+4341LO40+eUDvYDAYirXnG3O6INUfGo7MlAAAAQOfolCcgqHdRcnOjVgU+oqG8DJSqctVcboYpay38lnlIwKcsvMyn6ss1cG4Jod9VoVNb2bPMNBYLO23NPtqOZEMAAABAtp3KHPfU1+yB51uQ/MqHSrzeEj/ScAGAqpBHm25I3o1n7ST58Z2FuidYdPVCzSDccj5pYzZKH5QlRSsmmmeZ/QAAAEAo+hOThlW+H4oVnLrKWnLqGQwwCJ4ZzSdKVW82xPbhn1VLNMB3eQQnu92N0+3iRIMo84XYGzDo5Dsv/6Anhhl5AAAAQBqLOPOY+nEgSYmNf7ee4Kd2aHkSmc36Ce/A5Qessh7XQwHvW/1IvkVerrbhZ4JVgnWAqOTo4UFR0VEKgqPy5ykAAABAJxVqukEm0kqB86Uoy/sn9WiG+ECp9uhuF6RLlP6TGVhLjiL93h5aLjvYqluo2FhBlOshkKz4MrhH8To9JKefTQ==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key50000644000000000000000000000147013230126417016655 0ustar 00000000000000AAAAAQAAAACApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h962ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPCcKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcAAAADAQABAAAAgDOlBCqQsn1PVFHKm7vQtEdxoQGviENArvmIXypLvpLolKckrDxWjI+XhTrQfAJmyMajygkp8ejxEjGIRCn8TZrlX+6JahDOcHw+1+c05Ecno5V0UBpTJoMQnCq6yrooPDG0vS9Tw+4341LO40+eUDvYDAYirXnG3O6INUfGo7MlAAAAQOfolCcgqHdRcnOjVgU+oqG8DJSqctVcboYpay38lnlIwKcsvMyn6ss1cG4Jod9VoVNb2bPMNBYLO23NPtqOZEMAAABAtp3KHPfU1+yB51uQ/MqHSrzeEj/ScAGAqpBHm25I3o1n7ST58Z2FuidYdPVCzSDccj5pYzZKH5QlRSsmmmeZ/QAAAEAo+hOThlW+H4oVnLrKWnLqGQwwCJ4ZzSdKVW82xPbhn1VLNMB3eQQnu92N0+3iRIMo84XYGzDo5Dsv/6Anhhl5AAAAQBqLOPOY+nEgSYmNf7ee4Kd2aHkSmc36Ce/A5Qessh7XQwHvW/1IvkVerrbhZ4JVgnWAqOTo4UFR0VEKgqPy5ykAAABAJxVqukEm0kqB86Uoy/sn9WiG+ECp9uhuF6RLlP6TGVhLjiL93h5aLjvYqluo2FhBlOshkKz4MrhH8To9JKefTQ==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key60000644000000000000000000000227013230126417016655 0ustar 00000000000000AAAAAQAAAADA5r1pKslmRXkEA/3Q9b64ub+S7RAAf8NlBGQZ3QbAXFtbL0js+YnkziaRCZecu0C0oK0k0iSD0e4xWtTMsVNCaDUmkcUk9t2ObCnSJM8kaXOuyGxb9rFAGoUNG5rRu4y87Eewbw+Mf0XT/I8xkpnFQz3bwrMFO0fe0uzUpMrv1hSDPci7Yi8xftB2uAV/6N4/hEgK1eg+SmGQSk8kj7OXAnNX4dMORjE5gVxv1P1axbgXKkUjDstjGKBPFFXYTlqLAAAAAwEAAQAAAMBqf9hPuF+tBzs0QG23T41hpqvBIZapYd15Vl6dpuUYe84tmAJQ9zWVdTWScNkVkLsOQnxxRgtV1RQQsZG88wn+oTGpLI5wJzj6cZ8eAEH1LkDpHyKfTZah5vFy4VWWtFEKba7CYQXyvrxTMWuHvfITEWZgcOjf7mnVLHGpdsqueccraNKFgNxobZ9RKdIl+Cs9YVUTqIKz25FBa0jOCIiCE+N+65r4ANgcqzKM5CBomQPADHtf0xt1UDptQZaE1ikAAABg+OuX6Y3xJmTu/bdhWWpp3c0Odtrs5u1L9aG1CsCG95KKTS+HJqd+UVt02kGYjyILHMh6ofyBDOmagvLRzoIe3O15TGlB9Cx6GguMTSjHXsYLZSJ59hVKdirtFl1H3uNnAAAAYO1NcdCm4kuTwuX2tLvgX1+wr6BC0gT+M3jTZcLyiLao2tfv5F0VPu9Aysx7gf+TQALRCJlLlKXkcozZyWM3WuSZZb2lXL8O/tjWVTtAJ/LYYgim5rSJwXYSgJLWKeSdPQAAAGArtovd+wxPVshVi/+viS2AQwN4Qef6gc+mGjjF45uQHI7nESKl2iInvWze60gUUsEq09YdXk93agq1Vlkb7+Plnlp/3bg0Xh8vNbn0zuV8MkFMCGrsmT6TU+SA2e7GKJ8AAABgT/iXcJ+tB5dGSUV45w/YVGEw7qtWJ8SbCA8F7krZ8+S3y6nWpd/xE6QcNAkzaDPxkIFtimvELpvsVrdWfQ88nGltthmyRdkB3YVtt8gJLnfpoczNVu5NukLF/bYa7CZpAAAAYHe50RN7UEBKmCcpMW76/H3+ZtNOWhgmANXzCgqFEgUcVg0IHU0KGDXsPSWmD05NaqlIsr89u1sSTLvDSJJVo6lINy9peElnRflD4dtPGDgs6qUF38ZXV7s/hXpY3OUhVg==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key70000644000000000000000000000227013230126417016656 0ustar 00000000000000AAAAAQAAAADA5r1pKslmRXkEA/3Q9b64ub+S7RAAf8NlBGQZ3QbAXFtbL0js+YnkziaRCZecu0C0oK0k0iSD0e4xWtTMsVNCaDUmkcUk9t2ObCnSJM8kaXOuyGxb9rFAGoUNG5rRu4y87Eewbw+Mf0XT/I8xkpnFQz3bwrMFO0fe0uzUpMrv1hSDPci7Yi8xftB2uAV/6N4/hEgK1eg+SmGQSk8kj7OXAnNX4dMORjE5gVxv1P1axbgXKkUjDstjGKBPFFXYTlqLAAAAAwEAAQAAAMBqf9hPuF+tBzs0QG23T41hpqvBIZapYd15Vl6dpuUYe84tmAJQ9zWVdTWScNkVkLsOQnxxRgtV1RQQsZG88wn+oTGpLI5wJzj6cZ8eAEH1LkDpHyKfTZah5vFy4VWWtFEKba7CYQXyvrxTMWuHvfITEWZgcOjf7mnVLHGpdsqueccraNKFgNxobZ9RKdIl+Cs9YVUTqIKz25FBa0jOCIiCE+N+65r4ANgcqzKM5CBomQPADHtf0xt1UDptQZaE1ikAAABg+OuX6Y3xJmTu/bdhWWpp3c0Odtrs5u1L9aG1CsCG95KKTS+HJqd+UVt02kGYjyILHMh6ofyBDOmagvLRzoIe3O15TGlB9Cx6GguMTSjHXsYLZSJ59hVKdirtFl1H3uNnAAAAYO1NcdCm4kuTwuX2tLvgX1+wr6BC0gT+M3jTZcLyiLao2tfv5F0VPu9Aysx7gf+TQALRCJlLlKXkcozZyWM3WuSZZb2lXL8O/tjWVTtAJ/LYYgim5rSJwXYSgJLWKeSdPQAAAGArtovd+wxPVshVi/+viS2AQwN4Qef6gc+mGjjF45uQHI7nESKl2iInvWze60gUUsEq09YdXk93agq1Vlkb7+Plnlp/3bg0Xh8vNbn0zuV8MkFMCGrsmT6TU+SA2e7GKJ8AAABgT/iXcJ+tB5dGSUV45w/YVGEw7qtWJ8SbCA8F7krZ8+S3y6nWpd/xE6QcNAkzaDPxkIFtimvELpvsVrdWfQ88nGltthmyRdkB3YVtt8gJLnfpoczNVu5NukLF/bYa7CZpAAAAYHe50RN7UEBKmCcpMW76/H3+ZtNOWhgmANXzCgqFEgUcVg0IHU0KGDXsPSWmD05NaqlIsr89u1sSTLvDSJJVo6lINy9peElnRflD4dtPGDgs6qUF38ZXV7s/hXpY3OUhVg==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key80000644000000000000000000000227013230126417016657 0ustar 00000000000000AAAAAQAAAADA5r1pKslmRXkEA/3Q9b64ub+S7RAAf8NlBGQZ3QbAXFtbL0js+YnkziaRCZecu0C0oK0k0iSD0e4xWtTMsVNCaDUmkcUk9t2ObCnSJM8kaXOuyGxb9rFAGoUNG5rRu4y87Eewbw+Mf0XT/I8xkpnFQz3bwrMFO0fe0uzUpMrv1hSDPci7Yi8xftB2uAV/6N4/hEgK1eg+SmGQSk8kj7OXAnNX4dMORjE5gVxv1P1axbgXKkUjDstjGKBPFFXYTlqLAAAAAwEAAQAAAMBqf9hPuF+tBzs0QG23T41hpqvBIZapYd15Vl6dpuUYe84tmAJQ9zWVdTWScNkVkLsOQnxxRgtV1RQQsZG88wn+oTGpLI5wJzj6cZ8eAEH1LkDpHyKfTZah5vFy4VWWtFEKba7CYQXyvrxTMWuHvfITEWZgcOjf7mnVLHGpdsqueccraNKFgNxobZ9RKdIl+Cs9YVUTqIKz25FBa0jOCIiCE+N+65r4ANgcqzKM5CBomQPADHtf0xt1UDptQZaE1ikAAABg+OuX6Y3xJmTu/bdhWWpp3c0Odtrs5u1L9aG1CsCG95KKTS+HJqd+UVt02kGYjyILHMh6ofyBDOmagvLRzoIe3O15TGlB9Cx6GguMTSjHXsYLZSJ59hVKdirtFl1H3uNnAAAAYO1NcdCm4kuTwuX2tLvgX1+wr6BC0gT+M3jTZcLyiLao2tfv5F0VPu9Aysx7gf+TQALRCJlLlKXkcozZyWM3WuSZZb2lXL8O/tjWVTtAJ/LYYgim5rSJwXYSgJLWKeSdPQAAAGArtovd+wxPVshVi/+viS2AQwN4Qef6gc+mGjjF45uQHI7nESKl2iInvWze60gUUsEq09YdXk93agq1Vlkb7+Plnlp/3bg0Xh8vNbn0zuV8MkFMCGrsmT6TU+SA2e7GKJ8AAABgT/iXcJ+tB5dGSUV45w/YVGEw7qtWJ8SbCA8F7krZ8+S3y6nWpd/xE6QcNAkzaDPxkIFtimvELpvsVrdWfQ88nGltthmyRdkB3YVtt8gJLnfpoczNVu5NukLF/bYa7CZpAAAAYHe50RN7UEBKmCcpMW76/H3+ZtNOWhgmANXzCgqFEgUcVg0IHU0KGDXsPSWmD05NaqlIsr89u1sSTLvDSJJVo6lINy9peElnRflD4dtPGDgs6qUF38ZXV7s/hXpY3OUhVg==nss-3.35/nss/cmd/bltest/tests/rsa_pss/key90000644000000000000000000000227013230126417016660 0ustar 00000000000000AAAAAQAAAADA5r1pKslmRXkEA/3Q9b64ub+S7RAAf8NlBGQZ3QbAXFtbL0js+YnkziaRCZecu0C0oK0k0iSD0e4xWtTMsVNCaDUmkcUk9t2ObCnSJM8kaXOuyGxb9rFAGoUNG5rRu4y87Eewbw+Mf0XT/I8xkpnFQz3bwrMFO0fe0uzUpMrv1hSDPci7Yi8xftB2uAV/6N4/hEgK1eg+SmGQSk8kj7OXAnNX4dMORjE5gVxv1P1axbgXKkUjDstjGKBPFFXYTlqLAAAAAwEAAQAAAMBqf9hPuF+tBzs0QG23T41hpqvBIZapYd15Vl6dpuUYe84tmAJQ9zWVdTWScNkVkLsOQnxxRgtV1RQQsZG88wn+oTGpLI5wJzj6cZ8eAEH1LkDpHyKfTZah5vFy4VWWtFEKba7CYQXyvrxTMWuHvfITEWZgcOjf7mnVLHGpdsqueccraNKFgNxobZ9RKdIl+Cs9YVUTqIKz25FBa0jOCIiCE+N+65r4ANgcqzKM5CBomQPADHtf0xt1UDptQZaE1ikAAABg+OuX6Y3xJmTu/bdhWWpp3c0Odtrs5u1L9aG1CsCG95KKTS+HJqd+UVt02kGYjyILHMh6ofyBDOmagvLRzoIe3O15TGlB9Cx6GguMTSjHXsYLZSJ59hVKdirtFl1H3uNnAAAAYO1NcdCm4kuTwuX2tLvgX1+wr6BC0gT+M3jTZcLyiLao2tfv5F0VPu9Aysx7gf+TQALRCJlLlKXkcozZyWM3WuSZZb2lXL8O/tjWVTtAJ/LYYgim5rSJwXYSgJLWKeSdPQAAAGArtovd+wxPVshVi/+viS2AQwN4Qef6gc+mGjjF45uQHI7nESKl2iInvWze60gUUsEq09YdXk93agq1Vlkb7+Plnlp/3bg0Xh8vNbn0zuV8MkFMCGrsmT6TU+SA2e7GKJ8AAABgT/iXcJ+tB5dGSUV45w/YVGEw7qtWJ8SbCA8F7krZ8+S3y6nWpd/xE6QcNAkzaDPxkIFtimvELpvsVrdWfQ88nGltthmyRdkB3YVtt8gJLnfpoczNVu5NukLF/bYa7CZpAAAAYHe50RN7UEBKmCcpMW76/H3+ZtNOWhgmANXzCgqFEgUcVg0IHU0KGDXsPSWmD05NaqlIsr89u1sSTLvDSJJVo6lINy9peElnRflD4dtPGDgs6qUF38ZXV7s/hXpY3OUhVg==nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash00000644000000000000000000000000513230126417017650 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash10000644000000000000000000000000513230126417017651 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash100000644000000000000000000000000513230126417017731 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash110000644000000000000000000000000513230126417017732 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash120000644000000000000000000000000513230126417017733 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash130000644000000000000000000000000513230126417017734 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash140000644000000000000000000000000513230126417017735 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash150000644000000000000000000000000513230126417017736 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash160000644000000000000000000000000513230126417017737 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash170000644000000000000000000000000513230126417017740 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash20000644000000000000000000000000513230126417017652 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash30000644000000000000000000000000513230126417017653 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash40000644000000000000000000000000513230126417017654 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash50000644000000000000000000000000513230126417017655 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash60000644000000000000000000000000513230126417017656 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash70000644000000000000000000000000513230126417017657 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash80000644000000000000000000000000513230126417017660 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/maskhash90000644000000000000000000000000513230126417017661 0ustar 00000000000000sha1 nss-3.35/nss/cmd/bltest/tests/rsa_pss/numtests0000644000000000000000000000000313230126417017651 0ustar 0000000000000018 nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext00000644000000000000000000000003513230126417020064 0ustar 00000000000000zYtlOMuOjeVmtovQZ1advx7icY4= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext10000644000000000000000000000003513230126417020065 0ustar 0000000000000041vvwXodFguc41+9jrFufuSR0/0= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext100000644000000000000000000000003513230126417020145 0ustar 00000000000000altL5M02zJff3pmV77+PCXpKmRo= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext110000644000000000000000000000003513230126417020146 0ustar 00000000000000ud/R33akYcUeZXbGyO0Kkj0cUOc= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext120000644000000000000000000000003513230126417020147 0ustar 00000000000000lZa7Ywz2qNTqRgBCK566ixNnXdQ= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext130000644000000000000000000000003513230126417020150 0ustar 00000000000000tQMxk5knf9bByPEDPL8EGZ6iFxY= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext140000644000000000000000000000003513230126417020151 0ustar 00000000000000UKrt6FNrLDByCLJ1pnri3xlsdig= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext150000644000000000000000000000003513230126417020152 0ustar 00000000000000qgtyuLNx3dEMiuR0QlzMz4hCopQ= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext160000644000000000000000000000003513230126417020153 0ustar 00000000000000+tOQLJdQYiorxnJiLEgnDMV9Pqg= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext170000644000000000000000000000003513230126417020154 0ustar 00000000000000EiGW3rXRIr2Mb8eB/2kk18aVqt4= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext20000644000000000000000000000003513230126417020066 0ustar 00000000000000BlLsZ7zuMPnSaZEiuRwZq9uon5E= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext30000644000000000000000000000003513230126417020067 0ustar 00000000000000OcIcTM7anBrfg5x0ThISpkN1dew= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext40000644000000000000000000000003513230126417020070 0ustar 00000000000000NtrpE7d70XyubnsJRT0kVEzrszw= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext50000644000000000000000000000003513230126417020071 0ustar 00000000000000Re7xkfT3nDH+XS7eflCYmU6SnS0= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext60000644000000000000000000000003513230126417020072 0ustar 00000000000000JxWkm4sAEs167oTBFkRubf4/rsA= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext70000644000000000000000000000003513230126417020073 0ustar 00000000000000LayVbVOWR0isNk0GWVgnxrTxQ80= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext80000644000000000000000000000003513230126417020074 0ustar 00000000000000KNmMRszK+9O8BOcvlnpUvT6hIpg= nss-3.35/nss/cmd/bltest/tests/rsa_pss/plaintext90000644000000000000000000000003513230126417020075 0ustar 00000000000000CGbS/1p58l72aM1vMbQt7kIeTA4= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed00000644000000000000000000000003513230126417016774 0ustar 000000000000003ulZx+BkETYUIP+AGF7Vfz5ndq8= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed10000644000000000000000000000003513230126417016775 0ustar 000000000000007yhp+kDDRssYPas9e//Jj9Vt9C0= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed100000644000000000000000000000003513230126417017055 0ustar 000000000000001okleobv+mghLF4MYZ7KKV+5G2c= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed110000644000000000000000000000003513230126417017056 0ustar 00000000000000wl8Tv2fQgWcaBIGh8YINYTu6InY= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed120000644000000000000000000000003513230126417017057 0ustar 00000000000000BOIV7m/5NLnacNdzDIc0q/zs3ok= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed130000644000000000000000000000003513230126417017060 0ustar 00000000000000iyvdS0D69UXHeN35vBpJy1f5txs= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed140000644000000000000000000000003513230126417017061 0ustar 00000000000000Tpb8GzmPkrRGcQEMDcPv1uIMLXM= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed150000644000000000000000000000003513230126417017062 0ustar 00000000000000x81pjYS2USjYg146ix6w4By1Qew= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed160000644000000000000000000000003513230126417017063 0ustar 0000000000000076i/+WISsvSj83GhDVdBUmVfXfs= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed170000644000000000000000000000003513230126417017064 0ustar 00000000000000rYsVI3A2RiJLZgtVCIWRfKLR3yg= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed20000644000000000000000000000003513230126417016776 0ustar 00000000000000cQucR0fYANTeh/Eq/c5t8YEHzHc= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed30000644000000000000000000000003513230126417016777 0ustar 00000000000000BW8AmF3hTY71zqnoL4wnvvcgM14= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed40000644000000000000000000000003513230126417017000 0ustar 00000000000000gOcP+GoI3j7GCXKzm0+/3Opnro4= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed50000644000000000000000000000003513230126417017001 0ustar 00000000000000qKtp3YAfAHTCofxgZJg2xhbZloE= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed60000644000000000000000000000003513230126417017002 0ustar 00000000000000wKQlMT3411ZL0kNNMRUj1SV+7YA= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed70000644000000000000000000000003513230126417017003 0ustar 00000000000000swfEO0hQqNrC8V8y43g574xcDpE= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed80000644000000000000000000000003513230126417017004 0ustar 00000000000000misAfoCXi7sZLDVOt9qa7fx02/U= nss-3.35/nss/cmd/bltest/tests/rsa_pss/seed90000644000000000000000000000003513230126417017005 0ustar 00000000000000cPOCvd9NXS3YizvHtzCL5jK4QEU= nss-3.35/nss/cmd/bltest/tests/seed_cbc/ciphertext00000644000000000000000000000003113230126417020304 0ustar 00000000000000JVdzim3if1YIcpGABasoCQ== nss-3.35/nss/cmd/bltest/tests/seed_cbc/iv00000644000000000000000000000002113230126417016542 0ustar 000000000000001234567890123456 nss-3.35/nss/cmd/bltest/tests/seed_cbc/key00000644000000000000000000000002113230126417016714 0ustar 00000000000000fedcba9876543210 nss-3.35/nss/cmd/bltest/tests/seed_cbc/numtests0000644000000000000000000000000213230126417017725 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/seed_cbc/plaintext00000644000000000000000000000002113230126417020134 0ustar 000000000000000123456789abcdef nss-3.35/nss/cmd/bltest/tests/seed_ecb/ciphertext00000644000000000000000000000003113230126417020306 0ustar 00000000000000GX8KY3uUhAQnL6XbQhXjEw== nss-3.35/nss/cmd/bltest/tests/seed_ecb/iv00000644000000000000000000000002113230126417016544 0ustar 000000000000001234567890123456 nss-3.35/nss/cmd/bltest/tests/seed_ecb/key00000644000000000000000000000002113230126417016716 0ustar 00000000000000fedcba9876543210 nss-3.35/nss/cmd/bltest/tests/seed_ecb/numtests0000644000000000000000000000000213230126417017727 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/seed_ecb/plaintext00000644000000000000000000000002113230126417020136 0ustar 000000000000000123456789abcdef nss-3.35/nss/cmd/bltest/tests/sha1/ciphertext00000644000000000000000000000003513230126417017415 0ustar 00000000000000cDSMAygXMPIJZC5bntZ4ZhecQ9g= nss-3.35/nss/cmd/bltest/tests/sha1/numtests0000644000000000000000000000000213230126417017032 0ustar 000000000000001 nss-3.35/nss/cmd/bltest/tests/sha1/plaintext00000644000000000000000000000004113230126417017243 0ustar 00000000000000A cage went in search of a bird. nss-3.35/nss/cmd/bltest/tests/sha224/ciphertext00000644000000000000000000000005213230126417017563 0ustar 00000000000000Iwl9IjQF2CKGQqR3vaJVsyqtvOS9oLP342ydpw== nss-3.35/nss/cmd/bltest/tests/sha224/ciphertext10000644000000000000000000000005213230126417017564 0ustar 00000000000000dTiLFlEndsxdul2h/YkBULDGRVy09YsZUlIlJQ== nss-3.35/nss/cmd/bltest/tests/sha224/numtests0000644000000000000000000000000213230126417017201 0ustar 000000000000002 nss-3.35/nss/cmd/bltest/tests/sha224/plaintext00000644000000000000000000000000413230126417017411 0ustar 00000000000000abc nss-3.35/nss/cmd/bltest/tests/sha224/plaintext10000644000000000000000000000007113230126417017416 0ustar 00000000000000abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq nss-3.35/nss/cmd/bltest/tests/sha256/ciphertext00000644000000000000000000000005513230126417017573 0ustar 00000000000000ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0= nss-3.35/nss/cmd/bltest/tests/sha256/ciphertext10000644000000000000000000000005513230126417017574 0ustar 00000000000000JI1qYdIGOLjlwCaTDD5gOaM85Flk/yFn9uzt1BnbBsE= nss-3.35/nss/cmd/bltest/tests/sha256/numtests0000644000000000000000000000000213230126417017206 0ustar 000000000000002 nss-3.35/nss/cmd/bltest/tests/sha256/plaintext00000644000000000000000000000000413230126417017416 0ustar 00000000000000abc nss-3.35/nss/cmd/bltest/tests/sha256/plaintext10000644000000000000000000000007113230126417017423 0ustar 00000000000000abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq nss-3.35/nss/cmd/bltest/tests/sha384/ciphertext00000644000000000000000000000010113230126417017565 0ustar 00000000000000ywB1P0WjXou1oD1pmsZQBycsMqsO3tFjGotgWkP/W+2AhgcroefMI1i67KE0yCWn nss-3.35/nss/cmd/bltest/tests/sha384/ciphertext10000644000000000000000000000010113230126417017566 0ustar 00000000000000CTMMM/cRR+g9GS/Hgs0bR1MRGxc7OwXSL6CAhuOw9xL8x8caVX4tuWbD6fqRdGA5 nss-3.35/nss/cmd/bltest/tests/sha384/numtests0000644000000000000000000000000213230126417017210 0ustar 000000000000002 nss-3.35/nss/cmd/bltest/tests/sha384/plaintext00000644000000000000000000000000413230126417017420 0ustar 00000000000000abc nss-3.35/nss/cmd/bltest/tests/sha384/plaintext10000644000000000000000000000016113230126417017425 0ustar 00000000000000abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu nss-3.35/nss/cmd/bltest/tests/sha512/ciphertext00000644000000000000000000000013213230126417017562 0ustar 000000000000003a81oZNherrMQXNJriBBMRLm+k6JqX6iCp7u5ktV05ohkpkqJ0/BqDa6PCOj/uu9 RU1EI2Q86A4qmslPpUyknw== nss-3.35/nss/cmd/bltest/tests/sha512/ciphertext10000644000000000000000000000013213230126417017563 0ustar 00000000000000jpWbddrjE9qM9PcoFPwUP493ecbrn3+hcpmurbaIkBhQHSieSQD35DMbmd7EtUM6 x9Mp7rbdJlReluVbh0vpCQ== nss-3.35/nss/cmd/bltest/tests/sha512/numtests0000644000000000000000000000000213230126417017201 0ustar 000000000000002 nss-3.35/nss/cmd/bltest/tests/sha512/plaintext00000644000000000000000000000000413230126417017411 0ustar 00000000000000abc nss-3.35/nss/cmd/bltest/tests/sha512/plaintext10000644000000000000000000000016113230126417017416 0ustar 00000000000000abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu nss-3.35/nss/cmd/btoa/Makefile0000644000000000000000000000353713230126417014337 0ustar 00000000000000#! gmake # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. ####################################################################### # (1) Include initial platform-independent assignments (MANDATORY). # ####################################################################### include manifest.mn ####################################################################### # (2) Include "global" configuration information. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/config.mk ####################################################################### # (3) Include "component" configuration information. (OPTIONAL) # ####################################################################### ####################################################################### # (4) Include "local" platform-dependent assignments (OPTIONAL). # ####################################################################### include ../platlibs.mk ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/rules.mk ####################################################################### # (6) Execute "component" rules. (OPTIONAL) # ####################################################################### ####################################################################### # (7) Execute "local" rules. (OPTIONAL). # ####################################################################### include ../platrules.mk nss-3.35/nss/cmd/btoa/btoa.c0000644000000000000000000001263713230126417013771 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "plgetopt.h" #include "secutil.h" #include "nssb64.h" #include #if defined(XP_WIN) || (defined(__sun) && !defined(SVR4)) #if !defined(WIN32) extern int fread(char *, size_t, size_t, FILE *); extern int fwrite(char *, size_t, size_t, FILE *); extern int fprintf(FILE *, char *, ...); #endif #endif #if defined(WIN32) #include "fcntl.h" #include "io.h" #endif static PRInt32 output_ascii(void *arg, const char *obuf, PRInt32 size) { FILE *outFile = arg; int nb; nb = fwrite(obuf, 1, size, outFile); if (nb != size) { PORT_SetError(SEC_ERROR_IO); return -1; } return nb; } static SECStatus encode_file(FILE *outFile, FILE *inFile) { NSSBase64Encoder *cx; int nb; SECStatus status = SECFailure; unsigned char ibuf[4096]; cx = NSSBase64Encoder_Create(output_ascii, outFile); if (!cx) { return -1; } for (;;) { if (feof(inFile)) break; nb = fread(ibuf, 1, sizeof(ibuf), inFile); if (nb != sizeof(ibuf)) { if (nb == 0) { if (ferror(inFile)) { PORT_SetError(SEC_ERROR_IO); goto loser; } /* eof */ break; } } status = NSSBase64Encoder_Update(cx, ibuf, nb); if (status != SECSuccess) goto loser; } status = NSSBase64Encoder_Destroy(cx, PR_FALSE); if (status != SECSuccess) return status; /* * Add a trailing CRLF. Note this must be done *after* the call * to Destroy above (because only then are we sure all data has * been written out). */ fwrite("\r\n", 1, 2, outFile); return SECSuccess; loser: (void)NSSBase64Encoder_Destroy(cx, PR_TRUE); return status; } static void Usage(char *progName) { fprintf(stderr, "Usage: %s [-i input] [-o output]\n", progName); fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n", "-i input"); fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n", "-o output"); fprintf(stderr, "%-20s Wrap output in BEGIN/END lines and the given suffix\n", "-w suffix"); fprintf(stderr, "%-20s (use \"c\" as a shortcut for suffix CERTIFICATE)\n", ""); exit(-1); } int main(int argc, char **argv) { char *progName; SECStatus rv; FILE *inFile, *outFile; PLOptState *optstate; PLOptStatus status; char *suffix = NULL; inFile = 0; outFile = 0; progName = strrchr(argv[0], '/'); if (!progName) progName = strrchr(argv[0], '\\'); progName = progName ? progName + 1 : argv[0]; /* Parse command line arguments */ optstate = PL_CreateOptState(argc, argv, "i:o:w:"); while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { switch (optstate->option) { default: Usage(progName); break; case 'i': inFile = fopen(optstate->value, "rb"); if (!inFile) { fprintf(stderr, "%s: unable to open \"%s\" for reading\n", progName, optstate->value); return -1; } break; case 'o': outFile = fopen(optstate->value, "wb"); if (!outFile) { fprintf(stderr, "%s: unable to open \"%s\" for writing\n", progName, optstate->value); return -1; } break; case 'w': if (!strcmp(optstate->value, "c")) suffix = strdup("CERTIFICATE"); else suffix = strdup(optstate->value); break; } } if (status == PL_OPT_BAD) Usage(progName); if (!inFile) { #if defined(WIN32) /* If we're going to read binary data from stdin, we must put stdin ** into O_BINARY mode or else incoming \r\n's will become \n's. */ int smrv = _setmode(_fileno(stdin), _O_BINARY); if (smrv == -1) { fprintf(stderr, "%s: Cannot change stdin to binary mode. Use -i option instead.\n", progName); return smrv; } #endif inFile = stdin; } if (!outFile) { #if defined(WIN32) /* We're going to write binary data to stdout. We must put stdout ** into O_BINARY mode or else outgoing \r\n's will become \r\r\n's. */ int smrv = _setmode(_fileno(stdout), _O_BINARY); if (smrv == -1) { fprintf(stderr, "%s: Cannot change stdout to binary mode. Use -o option instead.\n", progName); return smrv; } #endif outFile = stdout; } if (suffix) { fprintf(outFile, "-----BEGIN %s-----\n", suffix); } rv = encode_file(outFile, inFile); if (rv != SECSuccess) { fprintf(stderr, "%s: lossage: error=%d errno=%d\n", progName, PORT_GetError(), errno); return -1; } if (suffix) { fprintf(outFile, "-----END %s-----\n", suffix); } return 0; } nss-3.35/nss/cmd/btoa/btoa.gyp0000644000000000000000000000120713230126417014335 0ustar 00000000000000# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. { 'includes': [ '../../coreconf/config.gypi', '../../cmd/platlibs.gypi' ], 'targets': [ { 'target_name': 'btoa', 'type': 'executable', 'sources': [ 'btoa.c' ], 'dependencies': [ '<(DEPTH)/exports.gyp:dbm_exports', '<(DEPTH)/exports.gyp:nss_exports' ] } ], 'target_defaults': { 'defines': [ 'NSPR20' ] }, 'variables': { 'module': 'nss' } }nss-3.35/nss/cmd/btoa/manifest.mn0000644000000000000000000000103413230126417015027 0ustar 00000000000000# # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. CORE_DEPTH = ../.. # MODULE public and private header directories are implicitly REQUIRED. MODULE = nss # This next line is used by .mk files # and gets translated into $LINCS in manifest.mnw # MODULE is implicitly REQUIRED, doesn't need to be listed below. REQUIRES = seccmd dbm DEFINES = -DNSPR20 CSRCS = btoa.c PROGRAM = btoa nss-3.35/nss/cmd/certcgi/HOWTO.txt0000644000000000000000000001316513230126417015031 0ustar 00000000000000 How to setup your very own Cert-O-Matic Root CA server This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. How to setup your very own Cert-O-Matic Root CA server The program certcgi is part of a small test CA that is used inside Netscape by the NSS development team. That CA is affectionately known as "Cert-O-Matic" or "Cert-O-Matic II". It presently runs on a server named interzone.mcom.com inside Netscape's firewall. If you wish to setup your own Cert-O-Matic, here are directions. Disclaimer: This program does not follow good practices for root CAs. It should be used only for playing/testing and never for production use. Remember, you've been warned! Cert-O-Matic consists of some html files, shell scripts, one executable program that uses NSS and NSPR, the usual set of NSS .db files, and a file in which to remember the serial number of the last cert issued. The html files and the source to the executable program are in this directory. Sample shell scripts are shown below. The shell scripts and executable program run as CGI "scripts". The entire thing runs on an ordinary http web server. It would also run on an https web server. The shell scripts and html files must be customized for the server on which they run. The package assumes you have a "document root" directory $DOCROOT, and a "cgi-bin" directory $CGIBIN. In this example, the document root is assumed to be located in /var/www/htdocs, and the cgi-bin directory in /var/www/cgi-bin. The server is assumed to run all cgi scripts as the user "nobody". The names of the cgi scripts run directly by the server all end in .cgi because some servers like it that way. Instructions: - Create directory $DOCROOT/certomatic - Copy the following files from nss/cmd/certcgi to $DOCROOT/certomatic ca.html index.html main.html nscp_ext_form.html stnd_ext_form.html - Edit the html files, substituting the name of your own server for the server named in those files. - In some web page (e.g. your server's home page), provide an html link to $DOCROOT/certomatic/index.html. This is where users start to get their own certs from certomatic. - give these files and directories appropriate permissions. - Create directories $CGIBIN/certomatic and $CGIBIN/certomatic/bin make sure that $CGIBIN/certomatic is writable by "nobody" - Create a new set of NSS db files there with the following command: certutil -N -d $CGIBIN/certomatic - when certutil prompts you for the password, enter the word foo because that is compiled into the certcgi program. - Create the new Root CA cert with this command certutil -S -x -d $CGIBIN/certomatic -n "Cert-O-Matic II" \ -s "CN=Cert-O-Matic II, O=Cert-O-Matic II" -t TCu,cu,cu -k rsa \ -g 1024 -m 10001 -v 60 (adjust the -g, -m and -v parameters to taste. -s and -x must be as shown.) - dump out the new root CA cert in base64 encoding: certutil -d $CGIBIN/certomatic -L -n "Cert-O-Matic II" -a > \ $CGIBIN/certomatic/root.cacert - In $CGIBIN/certomatic/bin add two shell scripts - one to download the root CA cert on demand, and one to run the certcgi program. download.cgi, the script to install the root CA cert into a browser on demand, is this: #!/bin/sh echo "Content-type: application/x-x509-ca-cert" echo cat $CGIBIN/certomatic/root.cacert You'll have to put the real path into that cat command because CGIBIN won't be defined when this script is run by the server. certcgi.cgi, the script to run the certcgi program is similar to this: #!/bin/sh cd $CGIBIN/certomatic/bin LD_LIBRARY_PATH=$PLATFORM/lib export LD_LIBRARY_PATH $PLATFORM/bin/certcgi $* 2>&1 Where $PLATFORM/lib is where the NSPR nad NSS DSOs are located, and $PLATFORM/bin is where certcgi is located. PLATFORM is not defined when the server runs this script, so you'll have to substitute the right value in your script. certcgi requires that the working directory be one level below the NSS DBs, that is, the DBs are accessed in the directory "..". You'll want to provide an html link somewhere to the script that downloads the root.cacert file. You'll probably want to put that next to the link that loads the index.html page. On interzone, this is done with the following html: Cert-O-Matic II Root CA server

Download and trust Root CA certificate The index.html file in this directory invokes the certcgi.cgi script with the form post method, so if you change the name of the certcgi.cgi script, you'll also have to change the index.html file in $DOCROOT/certomatic The 4 files used by the certcgi program (the 3 NSS DBs, and the serial number file) are not required to live in $CGIBIN/certomatic, but they are required to live in $CWD/.. when certcgi starts. Known bugs: 1. Because multiple of these CAs exist simultaneously, it would be best if they didn't all have to be called "Cert-O-Matic II", but that string is presently hard coded into certcgi.c. 2. the html files in this directory contain numerous extraneous

tags which appear to use the post method and have action URLS that are never actually used. burp.cgi and echoform.cgi are never actually used. This should be cleaned up. 3. The html files use tags which are supported only in Netscape Navigator and Netscape Communication 4.x browsers. The html files do not work as intended with Netscape 6.x, Mozilla or Microsoft IE browsers. The html files should be fixed to work with all those named browsers. nss-3.35/nss/cmd/certcgi/Makefile0000644000000000000000000000354013230126417015024 0ustar 00000000000000#! gmake # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. ####################################################################### # (1) Include initial platform-independent assignments (MANDATORY). # ####################################################################### include manifest.mn ####################################################################### # (2) Include "global" configuration information. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/config.mk ####################################################################### # (3) Include "component" configuration information. (OPTIONAL) # ####################################################################### ####################################################################### # (4) Include "local" platform-dependent assignments (OPTIONAL). # ####################################################################### include ../platlibs.mk ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/rules.mk ####################################################################### # (6) Execute "component" rules. (OPTIONAL) # ####################################################################### ####################################################################### # (7) Execute "local" rules. (OPTIONAL). # ####################################################################### include ../platrules.mk nss-3.35/nss/cmd/certcgi/ca.html0000644000000000000000000000206413230126417014635 0ustar 00000000000000 Use the Cert-O-matic certificate to issue the cert

Use a CA long automatically generated chain ending with the Cert-O-Matic Cert (18 maximum)

Use a CA long user input chain ending in the Cert-O-Matic Cert.

nss-3.35/nss/cmd/certcgi/ca_form.html0000644000000000000000000004437713230126417015675 0ustar 00000000000000
Common Name:

Mail:

RFC 1274 e-mail
Organization:

Organizational Unit:

RFC 1274 UID:

Locality:

State or Province:

Country:

Serial Number:

Auto Generate

Use this value:

X.509 version:

Version 1

Version 3

 Key Type:

RSA

DSA
DN:

Netscape Certificate Type:

Activate extension:

Critical: 		SSL Client

SSL Server

S/MIME

Object Signing

Reserved for future use (bit 4)

SSL CA

S/MIME CA

Object Signing CA

Netscape Base URL:

Activate extension:

Critical:
Netscape Revocation URL:

Activate extension:

Critical:
Netscape CA Revocation URL:

Activate extension:

Critical:
Netscape Certificate Renewal URL:

Activate extension:

Critical:
Netscape CA Policy URL:

Activate extension:

Critical:
Netscape SSL Server Name:

Activate extension:

Critical:
Netscape Comment:

Activate extension:

Critical:

Key Usage:

Activate extension:

Critical: 		Digital Signature

Non Repudiation

Key Encipherment

Data Encipherment

Key Agreement

Key Certificate Signing

CRL Signing

Extended Key Usage:

Activate extension:

Critical: 		Server Auth

Client Auth

Code Signing

Email Protection

Timestamp

OCSP Responder

Step-up

Microsoft Trust List Signing

Basic Constraints:

Activate extension:

Critical: 		CA:

True

False

Include Path length:

Authority Key Identifier:

Activate extension: 		Key Identider

Issuer Name and Serial number

Subject Key Identifier:

Activate extension: 		Key Identifier:

This is an:

ascii text value

hex value

Private Key Usage Period:

Activate extension:

Critical: 		Use:

Not Before

Not After

Both

Not to be used to sign before:

Set to time of certificate issue

Use This value

(YYYY/MM/DD HH:MM:SS): / / : :

Not to be used to sign after:

(YYYY/MM/DD HH:MM:SS): / / : :

Subject Alternative Name:

Activate extension:

Critical:
General Names:
Name Type:
Other Name, OID: RFC 822 Name
DNS Name X400 Address
Directory Name EDI Party Name
Uniform Resource Locator IP Address
Registered ID Netscape Certificate Nickname
Name: Binary Encoded:

Issuer Alternative Name:

Activate extension:

Critical: 		Use the Subject Alternative Name from the Issuers Certificate

Use this Name:
General Names:
Name Type:
Other Name, OID: RFC 822 Name
DNS Name X400 Address
Directory Name EDI Party Name
Uniform Resource Locator IP Address
Registered ID
Name: Binary Encoded:

Name Constraints:

Activate extension:

Name Constraints:
Name Type:
Other Name, OID: RFC 822 Name
DNS Name X400 Address
Directory Name EDI Party Name
Uniform Resource Locator IP Address
Registered ID
Name: Binary Encoded:

Constraint type:

permited

excluded

Minimum:

Maximum:

nss-3.35/nss/cmd/certcgi/certcgi.c0000644000000000000000000021623013230126417015152 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* Cert-O-Matic CGI */ #include "nspr.h" #include "prtypes.h" #include "prtime.h" #include "prlong.h" #include "pk11func.h" #include "cert.h" #include "cryptohi.h" #include "secoid.h" #include "secder.h" #include "genname.h" #include "xconst.h" #include "secutil.h" #include "pk11pqg.h" #include "certxutl.h" #include "nss.h" /* #define TEST 1 */ /* #define FILEOUT 1 */ /* #define OFFLINE 1 */ #define START_FIELDS 100 #define PREFIX_LEN 6 #define SERIAL_FILE "../serial" #define DB_DIRECTORY ".." static char *progName; typedef struct PairStr Pair; struct PairStr { char *name; char *data; }; char prefix[PREFIX_LEN]; const SEC_ASN1Template CERTIA5TypeTemplate[] = { { SEC_ASN1_IA5_STRING } }; SECKEYPrivateKey *privkeys[9] = { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }; #ifdef notdef const SEC_ASN1Template CERT_GeneralNameTemplate[] = { { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate } }; #endif static void error_out(char *error_string) { printf("Content-type: text/plain\n\n"); printf("%s", error_string); fflush(stderr); fflush(stdout); exit(1); } static void error_allocate(void) { error_out("ERROR: Unable to allocate memory"); } static char * make_copy_string(char *read_pos, int length, char sentinal_value) /* copys string from to a new string it creates and returns a pointer to the new string */ { int remaining = length; char *write_pos; char *new; new = write_pos = (char *)PORT_Alloc(length); if (new == NULL) { error_allocate(); } while (*read_pos != sentinal_value) { if (remaining == 1) { remaining += length; length = length * 2; new = PORT_Realloc(new, length); if (new == NULL) { error_allocate(); } write_pos = new + length - remaining; } *write_pos = *read_pos; ++write_pos; ++read_pos; remaining = remaining - 1; } *write_pos = '\0'; return new; } static SECStatus clean_input(Pair *data) /* converts the non-alphanumeric characters in a form post from hex codes back to characters */ { int length; int hi_digit; int low_digit; char character; char *begin_pos; char *read_pos; char *write_pos; PRBool name = PR_TRUE; begin_pos = data->name; while (begin_pos != NULL) { length = strlen(begin_pos); read_pos = write_pos = begin_pos; while ((read_pos - begin_pos) < length) { if (*read_pos == '+') { *read_pos = ' '; } if (*read_pos == '%') { hi_digit = *(read_pos + 1); low_digit = *(read_pos + 2); read_pos += 3; if (isdigit(hi_digit)) { hi_digit = hi_digit - '0'; } else { hi_digit = toupper(hi_digit); if (isxdigit(hi_digit)) { hi_digit = (hi_digit - 'A') + 10; } else { error_out("ERROR: Form data incorrectly formated"); } } if (isdigit(low_digit)) { low_digit = low_digit - '0'; } else { low_digit = toupper(low_digit); if ((low_digit >= 'A') && (low_digit <= 'F')) { low_digit = (low_digit - 'A') + 10; } else { error_out("ERROR: Form data incorrectly formated"); } } character = (hi_digit << 4) | low_digit; if (character != 10) { *write_pos = character; ++write_pos; } } else { *write_pos = *read_pos; ++write_pos; ++read_pos; } } *write_pos = '\0'; if (name == PR_TRUE) { begin_pos = data->data; name = PR_FALSE; } else { data++; begin_pos = data->name; name = PR_TRUE; } } return SECSuccess; } static char * make_name(char *new_data) /* gets the next field name in the input string and returns a pointer to a string containing a copy of it */ { int length = 20; char *name; name = make_copy_string(new_data, length, '='); return name; } static char * make_data(char *new_data) /* gets the data for the next field in the input string and returns a pointer to a string containing it */ { int length = 100; char *data; char *read_pos; read_pos = new_data; while (*(read_pos - 1) != '=') { ++read_pos; } data = make_copy_string(read_pos, length, '&'); return data; } static Pair make_pair(char *new_data) /* makes a pair name/data pair from the input string */ { Pair temp; temp.name = make_name(new_data); temp.data = make_data(new_data); return temp; } static Pair * make_datastruct(char *data, int len) /* parses the input from the form post into a data structure of field name/data pairs */ { Pair *datastruct; Pair *current; char *curr_pos; int fields = START_FIELDS; int remaining = START_FIELDS; curr_pos = data; datastruct = current = (Pair *)PORT_Alloc(fields * sizeof(Pair)); if (datastruct == NULL) { error_allocate(); } while (curr_pos - data < len) { if (remaining == 1) { remaining += fields; fields = fields * 2; datastruct = (Pair *)PORT_Realloc(datastruct, fields * sizeof(Pair)); if (datastruct == NULL) { error_allocate(); } current = datastruct + (fields - remaining); } *current = make_pair(curr_pos); while (*curr_pos != '&') { ++curr_pos; } ++curr_pos; ++current; remaining = remaining - 1; } current->name = NULL; return datastruct; } static char * return_name(Pair *data_struct, int n) /* returns a pointer to the name of the nth (starting from 0) item in the data structure */ { char *name; if ((data_struct + n)->name != NULL) { name = (data_struct + n)->name; return name; } else { return NULL; } } static char * return_data(Pair *data_struct, int n) /* returns a pointer to the data of the nth (starting from 0) itme in the data structure */ { char *data; data = (data_struct + n)->data; return data; } static char * add_prefix(char *field_name) { extern char prefix[PREFIX_LEN]; int i = 0; char *rv; char *write; rv = write = PORT_Alloc(PORT_Strlen(prefix) + PORT_Strlen(field_name) + 1); for (i = 0; i < PORT_Strlen(prefix); i++) { *write = prefix[i]; write++; } *write = '\0'; rv = PORT_Strcat(rv, field_name); return rv; } static char * find_field(Pair *data, char *field_name, PRBool add_pre) /* returns a pointer to the data of the first pair thats name matches the string it is passed */ { int i = 0; char *retrieved; int found = 0; if (add_pre) { field_name = add_prefix(field_name); } while (return_name(data, i) != NULL) { if (PORT_Strcmp(return_name(data, i), field_name) == 0) { retrieved = return_data(data, i); found = 1; break; } i++; } if (!found) { retrieved = NULL; } return retrieved; } static PRBool find_field_bool(Pair *data, char *fieldname, PRBool add_pre) { char *rv; rv = find_field(data, fieldname, add_pre); if ((rv != NULL) && (PORT_Strcmp(rv, "true")) == 0) { return PR_TRUE; } else { return PR_FALSE; } } static CERTCertificateRequest * makeCertReq(Pair *form_data, int which_priv_key) /* makes and encodes a certrequest */ { PK11SlotInfo *slot; CERTCertificateRequest *certReq = NULL; CERTSubjectPublicKeyInfo *spki; SECKEYPrivateKey *privkey = NULL; SECKEYPublicKey *pubkey = NULL; CERTName *name; char *key; extern SECKEYPrivateKey *privkeys[9]; int keySizeInBits; char *challenge = "foo"; SECStatus rv = SECSuccess; PQGParams *pqgParams = NULL; PQGVerify *pqgVfy = NULL; name = CERT_AsciiToName(find_field(form_data, "subject", PR_TRUE)); if (name == NULL) { error_out("ERROR: Unable to create Subject Name"); } key = find_field(form_data, "key", PR_TRUE); if (key == NULL) { switch (*find_field(form_data, "keysize", PR_TRUE)) { case '0': keySizeInBits = 2048; break; case '1': keySizeInBits = 1024; break; case '2': keySizeInBits = 512; break; default: error_out("ERROR: Unsupported Key length selected"); } if (find_field_bool(form_data, "keyType-dsa", PR_TRUE)) { rv = PK11_PQG_ParamGen(keySizeInBits, &pqgParams, &pqgVfy); if (rv != SECSuccess) { error_out("ERROR: Unable to generate PQG parameters"); } slot = PK11_GetBestSlot(CKM_DSA_KEY_PAIR_GEN, NULL); privkey = PK11_GenerateKeyPair(slot, CKM_DSA_KEY_PAIR_GEN, pqgParams, &pubkey, PR_FALSE, PR_TRUE, NULL); } else { privkey = SECKEY_CreateRSAPrivateKey(keySizeInBits, &pubkey, NULL); } privkeys[which_priv_key] = privkey; spki = SECKEY_CreateSubjectPublicKeyInfo(pubkey); } else { spki = SECKEY_ConvertAndDecodePublicKeyAndChallenge(key, challenge, NULL); if (spki == NULL) { error_out("ERROR: Unable to decode Public Key and Challenge String"); } } certReq = CERT_CreateCertificateRequest(name, spki, NULL); if (certReq == NULL) { error_out("ERROR: Unable to create Certificate Request"); } if (pubkey != NULL) { SECKEY_DestroyPublicKey(pubkey); } if (spki != NULL) { SECKEY_DestroySubjectPublicKeyInfo(spki); } if (pqgParams != NULL) { PK11_PQG_DestroyParams(pqgParams); } if (pqgVfy != NULL) { PK11_PQG_DestroyVerify(pqgVfy); } return certReq; } static CERTCertificate * MakeV1Cert(CERTCertDBHandle *handle, CERTCertificateRequest *req, char *issuerNameStr, PRBool selfsign, int serialNumber, int warpmonths, Pair *data) { CERTCertificate *issuerCert = NULL; CERTValidity *validity; CERTCertificate *cert = NULL; PRExplodedTime printableTime; PRTime now, after; if (!selfsign) { issuerCert = CERT_FindCertByNameString(handle, issuerNameStr); if (!issuerCert) { error_out("ERROR: Could not find issuer's certificate"); return NULL; } } if (find_field_bool(data, "manValidity", PR_TRUE)) { (void)DER_AsciiToTime(&now, find_field(data, "notBefore", PR_TRUE)); } else { now = PR_Now(); } PR_ExplodeTime(now, PR_GMTParameters, &printableTime); if (warpmonths) { printableTime.tm_month += warpmonths; now = PR_ImplodeTime(&printableTime); PR_ExplodeTime(now, PR_GMTParameters, &printableTime); } if (find_field_bool(data, "manValidity", PR_TRUE)) { (void)DER_AsciiToTime(&after, find_field(data, "notAfter", PR_TRUE)); PR_ExplodeTime(after, PR_GMTParameters, &printableTime); } else { printableTime.tm_month += 3; after = PR_ImplodeTime(&printableTime); } /* note that the time is now in micro-second unit */ validity = CERT_CreateValidity(now, after); if (selfsign) { cert = CERT_CreateCertificate(serialNumber, &(req->subject), validity, req); } else { cert = CERT_CreateCertificate(serialNumber, &(issuerCert->subject), validity, req); } CERT_DestroyValidity(validity); if (issuerCert) { CERT_DestroyCertificate(issuerCert); } return (cert); } static int get_serial_number(Pair *data) { int serial = 0; int error; char *filename = SERIAL_FILE; char *SN; FILE *serialFile; if (find_field_bool(data, "serial-auto", PR_TRUE)) { serialFile = fopen(filename, "r"); if (serialFile != NULL) { size_t nread = fread(&serial, sizeof(int), 1, serialFile); if (ferror(serialFile) != 0 || nread != 1) { error_out("Error: Unable to read serial number file"); } if (serial == -1) { serial = 21; } fclose(serialFile); ++serial; serialFile = fopen(filename, "w"); if (serialFile == NULL) { error_out("ERROR: Unable to open serial number file for writing"); } fwrite(&serial, sizeof(int), 1, serialFile); if (ferror(serialFile) != 0) { error_out("Error: Unable to write to serial number file"); } } else { fclose(serialFile); serialFile = fopen(filename, "w"); if (serialFile == NULL) { error_out("ERROR: Unable to open serial number file"); } serial = 21; fwrite(&serial, sizeof(int), 1, serialFile); if (ferror(serialFile) != 0) { error_out("Error: Unable to write to serial number file"); } error = ferror(serialFile); if (error != 0) { error_out("ERROR: Unable to write to serial file"); } } fclose(serialFile); } else { SN = find_field(data, "serial_value", PR_TRUE); while (*SN != '\0') { serial = serial * 16; if ((*SN >= 'A') && (*SN <= 'F')) { serial += *SN - 'A' + 10; } else { if ((*SN >= 'a') && (*SN <= 'f')) { serial += *SN - 'a' + 10; } else { serial += *SN - '0'; } } ++SN; } } return serial; } typedef SECStatus (*EXTEN_VALUE_ENCODER)(PLArenaPool *extHandle, void *value, SECItem *encodedValue); static SECStatus EncodeAndAddExtensionValue( PLArenaPool *arena, void *extHandle, void *value, PRBool criticality, int extenType, EXTEN_VALUE_ENCODER EncodeValueFn) { SECItem encodedValue; SECStatus rv; encodedValue.data = NULL; encodedValue.len = 0; rv = (*EncodeValueFn)(arena, value, &encodedValue); if (rv != SECSuccess) { error_out("ERROR: Unable to encode extension value"); } rv = CERT_AddExtension(extHandle, extenType, &encodedValue, criticality, PR_TRUE); return (rv); } static SECStatus AddKeyUsage(void *extHandle, Pair *data) { SECItem bitStringValue; unsigned char keyUsage = 0x0; if (find_field_bool(data, "keyUsage-digitalSignature", PR_TRUE)) { keyUsage |= (0x80 >> 0); } if (find_field_bool(data, "keyUsage-nonRepudiation", PR_TRUE)) { keyUsage |= (0x80 >> 1); } if (find_field_bool(data, "keyUsage-keyEncipherment", PR_TRUE)) { keyUsage |= (0x80 >> 2); } if (find_field_bool(data, "keyUsage-dataEncipherment", PR_TRUE)) { keyUsage |= (0x80 >> 3); } if (find_field_bool(data, "keyUsage-keyAgreement", PR_TRUE)) { keyUsage |= (0x80 >> 4); } if (find_field_bool(data, "keyUsage-keyCertSign", PR_TRUE)) { keyUsage |= (0x80 >> 5); } if (find_field_bool(data, "keyUsage-cRLSign", PR_TRUE)) { keyUsage |= (0x80 >> 6); } bitStringValue.data = &keyUsage; bitStringValue.len = 1; return (CERT_EncodeAndAddBitStrExtension(extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue, (find_field_bool(data, "keyUsage-crit", PR_TRUE)))); } static CERTOidSequence * CreateOidSequence(void) { CERTOidSequence *rv = (CERTOidSequence *)NULL; PLArenaPool *arena = (PLArenaPool *)NULL; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if ((PLArenaPool *)NULL == arena) { goto loser; } rv = (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence)); if ((CERTOidSequence *)NULL == rv) { goto loser; } rv->oids = (SECItem **)PORT_ArenaZAlloc(arena, sizeof(SECItem *)); if ((SECItem **)NULL == rv->oids) { goto loser; } rv->arena = arena; return rv; loser: if ((PLArenaPool *)NULL != arena) { PORT_FreeArena(arena, PR_FALSE); } return (CERTOidSequence *)NULL; } static SECStatus AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag) { SECItem **oids; PRUint32 count = 0; SECOidData *od; od = SECOID_FindOIDByTag(oidTag); if ((SECOidData *)NULL == od) { return SECFailure; } for (oids = os->oids; (SECItem *)NULL != *oids; oids++) { count++; } /* ArenaZRealloc */ { PRUint32 i; oids = (SECItem **)PORT_ArenaZAlloc(os->arena, sizeof(SECItem *) * (count + 2)); if ((SECItem **)NULL == oids) { return SECFailure; } for (i = 0; i < count; i++) { oids[i] = os->oids[i]; } /* ArenaZFree(os->oids); */ } os->oids = oids; os->oids[count] = &od->oid; return SECSuccess; } static SECItem * EncodeOidSequence(CERTOidSequence *os) { SECItem *rv; extern const SEC_ASN1Template CERT_OidSeqTemplate[]; rv = (SECItem *)PORT_ArenaZAlloc(os->arena, sizeof(SECItem)); if ((SECItem *)NULL == rv) { goto loser; } if (!SEC_ASN1EncodeItem(os->arena, rv, os, CERT_OidSeqTemplate)) { goto loser; } return rv; loser: return (SECItem *)NULL; } static SECStatus AddExtKeyUsage(void *extHandle, Pair *data) { SECStatus rv; CERTOidSequence *os; SECItem *value; PRBool crit; os = CreateOidSequence(); if ((CERTOidSequence *)NULL == os) { return SECFailure; } if (find_field_bool(data, "extKeyUsage-serverAuth", PR_TRUE)) { rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH); if (SECSuccess != rv) goto loser; } if (find_field_bool(data, "extKeyUsage-msTrustListSign", PR_TRUE)) { rv = AddOidToSequence(os, SEC_OID_MS_EXT_KEY_USAGE_CTL_SIGNING); if (SECSuccess != rv) goto loser; } if (find_field_bool(data, "extKeyUsage-clientAuth", PR_TRUE)) { rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH); if (SECSuccess != rv) goto loser; } if (find_field_bool(data, "extKeyUsage-codeSign", PR_TRUE)) { rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CODE_SIGN); if (SECSuccess != rv) goto loser; } if (find_field_bool(data, "extKeyUsage-emailProtect", PR_TRUE)) { rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT); if (SECSuccess != rv) goto loser; } if (find_field_bool(data, "extKeyUsage-timeStamp", PR_TRUE)) { rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_TIME_STAMP); if (SECSuccess != rv) goto loser; } if (find_field_bool(data, "extKeyUsage-ocspResponder", PR_TRUE)) { rv = AddOidToSequence(os, SEC_OID_OCSP_RESPONDER); if (SECSuccess != rv) goto loser; } if (find_field_bool(data, "extKeyUsage-NS-govtApproved", PR_TRUE)) { rv = AddOidToSequence(os, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED); if (SECSuccess != rv) goto loser; } value = EncodeOidSequence(os); crit = find_field_bool(data, "extKeyUsage-crit", PR_TRUE); rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, value, crit, PR_TRUE); /*FALLTHROUGH*/ loser: CERT_DestroyOidSequence(os); return rv; } static SECStatus AddSubKeyID(void *extHandle, Pair *data, CERTCertificate *subjectCert) { SECItem encodedValue; SECStatus rv; char *read; char *write; char *first; char character; int high_digit = 0, low_digit = 0; int len; PRBool odd = PR_FALSE; encodedValue.data = NULL; encodedValue.len = 0; first = read = write = find_field(data, "subjectKeyIdentifier-text", PR_TRUE); len = PORT_Strlen(first); odd = ((len % 2) != 0) ? PR_TRUE : PR_FALSE; if (find_field_bool(data, "subjectKeyIdentifier-radio-hex", PR_TRUE)) { if (odd) { error_out("ERROR: Improperly formated subject key identifier, hex values must be expressed as an octet string"); } while (*read != '\0') { if (!isxdigit(*read)) { error_out("ERROR: Improperly formated subject key identifier"); } *read = toupper(*read); if ((*read >= 'A') && (*read <= 'F')) { high_digit = *read - 'A' + 10; } else { high_digit = *read - '0'; } ++read; if (!isxdigit(*read)) { error_out("ERROR: Improperly formated subject key identifier"); } *read = toupper(*read); if ((*read >= 'A') && (*read <= 'F')) { low_digit = *(read) - 'A' + 10; } else { low_digit = *(read) - '0'; } character = (high_digit << 4) | low_digit; *write = character; ++write; ++read; } *write = '\0'; len = write - first; } subjectCert->subjectKeyID.data = (unsigned char *)find_field(data, "subjectKeyIdentifier-text", PR_TRUE); subjectCert->subjectKeyID.len = len; rv = CERT_EncodeSubjectKeyID(NULL, &subjectCert->subjectKeyID, &encodedValue); if (rv) { return (rv); } return (CERT_AddExtension(extHandle, SEC_OID_X509_SUBJECT_KEY_ID, &encodedValue, PR_FALSE, PR_TRUE)); } static SECStatus AddAuthKeyID(void *extHandle, Pair *data, char *issuerNameStr, CERTCertDBHandle *handle) { CERTAuthKeyID *authKeyID = NULL; PLArenaPool *arena = NULL; SECStatus rv = SECSuccess; CERTCertificate *issuerCert = NULL; CERTGeneralName *genNames; CERTName *directoryName = NULL; issuerCert = CERT_FindCertByNameString(handle, issuerNameStr); arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { error_allocate(); } authKeyID = PORT_ArenaZAlloc(arena, sizeof(CERTAuthKeyID)); if (authKeyID == NULL) { error_allocate(); } if (find_field_bool(data, "authorityKeyIdentifier-radio-keyIdentifier", PR_TRUE)) { authKeyID->keyID.data = PORT_ArenaAlloc(arena, PORT_Strlen((char *)issuerCert->subjectKeyID.data)); if (authKeyID->keyID.data == NULL) { error_allocate(); } PORT_Memcpy(authKeyID->keyID.data, issuerCert->subjectKeyID.data, authKeyID->keyID.len = PORT_Strlen((char *)issuerCert->subjectKeyID.data)); } else { PORT_Assert(arena); genNames = (CERTGeneralName *)PORT_ArenaZAlloc(arena, (sizeof(CERTGeneralName))); if (genNames == NULL) { error_allocate(); } genNames->l.next = genNames->l.prev = &(genNames->l); genNames->type = certDirectoryName; directoryName = CERT_AsciiToName(issuerCert->subjectName); if (!directoryName) { error_out("ERROR: Unable to create Directory Name"); } rv = CERT_CopyName(arena, &genNames->name.directoryName, directoryName); CERT_DestroyName(directoryName); if (rv != SECSuccess) { error_out("ERROR: Unable to copy Directory Name"); } authKeyID->authCertIssuer = genNames; if (authKeyID->authCertIssuer == NULL && SECFailure == PORT_GetError()) { error_out("ERROR: Unable to get Issuer General Name for Authority Key ID Extension"); } authKeyID->authCertSerialNumber = issuerCert->serialNumber; } rv = EncodeAndAddExtensionValue(arena, extHandle, authKeyID, PR_FALSE, SEC_OID_X509_AUTH_KEY_ID, (EXTEN_VALUE_ENCODER) CERT_EncodeAuthKeyID); if (arena) { PORT_FreeArena(arena, PR_FALSE); } return (rv); } static SECStatus AddPrivKeyUsagePeriod(void *extHandle, Pair *data, CERTCertificate *cert) { char *notBeforeStr; char *notAfterStr; PLArenaPool *arena = NULL; SECStatus rv = SECSuccess; CERTPrivKeyUsagePeriod *pkup; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { error_allocate(); } pkup = PORT_ArenaZNew(arena, CERTPrivKeyUsagePeriod); if (pkup == NULL) { error_allocate(); } notBeforeStr = (char *)PORT_Alloc(16); if (notBeforeStr == NULL) { error_allocate(); } notAfterStr = (char *)PORT_Alloc(16); if (notAfterStr == NULL) { error_allocate(); } *notBeforeStr = '\0'; *notAfterStr = '\0'; pkup->arena = arena; pkup->notBefore.len = 0; pkup->notBefore.data = NULL; pkup->notAfter.len = 0; pkup->notAfter.data = NULL; if (find_field_bool(data, "privKeyUsagePeriod-radio-notBefore", PR_TRUE) || find_field_bool(data, "privKeyUsagePeriod-radio-both", PR_TRUE)) { pkup->notBefore.len = 15; pkup->notBefore.data = (unsigned char *)notBeforeStr; if (find_field_bool(data, "privKeyUsagePeriod-notBefore-radio-manual", PR_TRUE)) { PORT_Strcat(notBeforeStr, find_field(data, "privKeyUsagePeriod-notBefore-year", PR_TRUE)); PORT_Strcat(notBeforeStr, find_field(data, "privKeyUsagePeriod-notBefore-month", PR_TRUE)); PORT_Strcat(notBeforeStr, find_field(data, "privKeyUsagePeriod-notBefore-day", PR_TRUE)); PORT_Strcat(notBeforeStr, find_field(data, "privKeyUsagePeriod-notBefore-hour", PR_TRUE)); PORT_Strcat(notBeforeStr, find_field(data, "privKeyUsagePeriod-notBefore-minute", PR_TRUE)); PORT_Strcat(notBeforeStr, find_field(data, "privKeyUsagePeriod-notBefore-second", PR_TRUE)); if ((*(notBeforeStr + 14) != '\0') || (!isdigit(*(notBeforeStr + 13))) || (*(notBeforeStr + 12) >= '5' && *(notBeforeStr + 12) <= '0') || (!isdigit(*(notBeforeStr + 11))) || (*(notBeforeStr + 10) >= '5' && *(notBeforeStr + 10) <= '0') || (!isdigit(*(notBeforeStr + 9))) || (*(notBeforeStr + 8) >= '2' && *(notBeforeStr + 8) <= '0') || (!isdigit(*(notBeforeStr + 7))) || (*(notBeforeStr + 6) >= '3' && *(notBeforeStr + 6) <= '0') || (!isdigit(*(notBeforeStr + 5))) || (*(notBeforeStr + 4) >= '1' && *(notBeforeStr + 4) <= '0') || (!isdigit(*(notBeforeStr + 3))) || (!isdigit(*(notBeforeStr + 2))) || (!isdigit(*(notBeforeStr + 1))) || (!isdigit(*(notBeforeStr + 0))) || (*(notBeforeStr + 8) == '2' && *(notBeforeStr + 9) >= '4') || (*(notBeforeStr + 6) == '3' && *(notBeforeStr + 7) >= '1') || (*(notBeforeStr + 4) == '1' && *(notBeforeStr + 5) >= '2')) { error_out("ERROR: Improperly formated private key usage period"); } *(notBeforeStr + 14) = 'Z'; *(notBeforeStr + 15) = '\0'; } else { if ((*(cert->validity.notBefore.data) > '5') || ((*(cert->validity.notBefore.data) == '5') && (*(cert->validity.notBefore.data + 1) != '0'))) { PORT_Strcat(notBeforeStr, "19"); } else { PORT_Strcat(notBeforeStr, "20"); } PORT_Strcat(notBeforeStr, (char *)cert->validity.notBefore.data); } } if (find_field_bool(data, "privKeyUsagePeriod-radio-notAfter", PR_TRUE) || find_field_bool(data, "privKeyUsagePeriod-radio-both", PR_TRUE)) { pkup->notAfter.len = 15; pkup->notAfter.data = (unsigned char *)notAfterStr; PORT_Strcat(notAfterStr, find_field(data, "privKeyUsagePeriod-notAfter-year", PR_TRUE)); PORT_Strcat(notAfterStr, find_field(data, "privKeyUsagePeriod-notAfter-month", PR_TRUE)); PORT_Strcat(notAfterStr, find_field(data, "privKeyUsagePeriod-notAfter-day", PR_TRUE)); PORT_Strcat(notAfterStr, find_field(data, "privKeyUsagePeriod-notAfter-hour", PR_TRUE)); PORT_Strcat(notAfterStr, find_field(data, "privKeyUsagePeriod-notAfter-minute", PR_TRUE)); PORT_Strcat(notAfterStr, find_field(data, "privKeyUsagePeriod-notAfter-second", PR_TRUE)); if ((*(notAfterStr + 14) != '\0') || (!isdigit(*(notAfterStr + 13))) || (*(notAfterStr + 12) >= '5' && *(notAfterStr + 12) <= '0') || (!isdigit(*(notAfterStr + 11))) || (*(notAfterStr + 10) >= '5' && *(notAfterStr + 10) <= '0') || (!isdigit(*(notAfterStr + 9))) || (*(notAfterStr + 8) >= '2' && *(notAfterStr + 8) <= '0') || (!isdigit(*(notAfterStr + 7))) || (*(notAfterStr + 6) >= '3' && *(notAfterStr + 6) <= '0') || (!isdigit(*(notAfterStr + 5))) || (*(notAfterStr + 4) >= '1' && *(notAfterStr + 4) <= '0') || (!isdigit(*(notAfterStr + 3))) || (!isdigit(*(notAfterStr + 2))) || (!isdigit(*(notAfterStr + 1))) || (!isdigit(*(notAfterStr + 0))) || (*(notAfterStr + 8) == '2' && *(notAfterStr + 9) >= '4') || (*(notAfterStr + 6) == '3' && *(notAfterStr + 7) >= '1') || (*(notAfterStr + 4) == '1' && *(notAfterStr + 5) >= '2')) { error_out("ERROR: Improperly formated private key usage period"); } *(notAfterStr + 14) = 'Z'; *(notAfterStr + 15) = '\0'; } PORT_Assert(arena); rv = EncodeAndAddExtensionValue(arena, extHandle, pkup, find_field_bool(data, "privKeyUsagePeriod-crit", PR_TRUE), SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD, (EXTEN_VALUE_ENCODER) CERT_EncodePrivateKeyUsagePeriod); PORT_FreeArena(arena, PR_FALSE); PORT_Free(notBeforeStr); PORT_Free(notAfterStr); return (rv); } static SECStatus AddBasicConstraint(void *extHandle, Pair *data) { CERTBasicConstraints basicConstraint; SECItem encodedValue; SECStatus rv; encodedValue.data = NULL; encodedValue.len = 0; basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT; basicConstraint.isCA = (find_field_bool(data, "basicConstraints-cA-radio-CA", PR_TRUE)); if (find_field_bool(data, "basicConstraints-pathLengthConstraint", PR_TRUE)) { basicConstraint.pathLenConstraint = atoi(find_field(data, "basicConstraints-pathLengthConstraint-text", PR_TRUE)); } rv = CERT_EncodeBasicConstraintValue(NULL, &basicConstraint, &encodedValue); if (rv) return (rv); rv = CERT_AddExtension(extHandle, SEC_OID_X509_BASIC_CONSTRAINTS, &encodedValue, (find_field_bool(data, "basicConstraints-crit", PR_TRUE)), PR_TRUE); PORT_Free(encodedValue.data); return (rv); } static SECStatus AddNscpCertType(void *extHandle, Pair *data) { SECItem bitStringValue; unsigned char CertType = 0x0; if (find_field_bool(data, "netscape-cert-type-ssl-client", PR_TRUE)) { CertType |= (0x80 >> 0); } if (find_field_bool(data, "netscape-cert-type-ssl-server", PR_TRUE)) { CertType |= (0x80 >> 1); } if (find_field_bool(data, "netscape-cert-type-smime", PR_TRUE)) { CertType |= (0x80 >> 2); } if (find_field_bool(data, "netscape-cert-type-object-signing", PR_TRUE)) { CertType |= (0x80 >> 3); } if (find_field_bool(data, "netscape-cert-type-reserved", PR_TRUE)) { CertType |= (0x80 >> 4); } if (find_field_bool(data, "netscape-cert-type-ssl-ca", PR_TRUE)) { CertType |= (0x80 >> 5); } if (find_field_bool(data, "netscape-cert-type-smime-ca", PR_TRUE)) { CertType |= (0x80 >> 6); } if (find_field_bool(data, "netscape-cert-type-object-signing-ca", PR_TRUE)) { CertType |= (0x80 >> 7); } bitStringValue.data = &CertType; bitStringValue.len = 1; return (CERT_EncodeAndAddBitStrExtension(extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue, (find_field_bool(data, "netscape-cert-type-crit", PR_TRUE)))); } static SECStatus add_IA5StringExtension(void *extHandle, char *string, PRBool crit, int idtag) { SECItem encodedValue; SECStatus rv; encodedValue.data = NULL; encodedValue.len = 0; rv = CERT_EncodeIA5TypeExtension(NULL, string, &encodedValue); if (rv) { return (rv); } return (CERT_AddExtension(extHandle, idtag, &encodedValue, crit, PR_TRUE)); } static SECItem * string_to_oid(char *string) { int i; int length = 20; int remaining; int first_value; int second_value; int value; int oidLength; unsigned char *oidString; unsigned char *write; unsigned char *read; unsigned char *temp; SECItem *oid; remaining = length; i = 0; while (*string == ' ') { string++; } while (isdigit(*(string + i))) { i++; } if (*(string + i) == '.') { *(string + i) = '\0'; } else { error_out("ERROR: Improperly formated OID"); } first_value = atoi(string); if (first_value < 0 || first_value > 2) { error_out("ERROR: Improperly formated OID"); } string += i + 1; i = 0; while (isdigit(*(string + i))) { i++; } if (*(string + i) == '.') { *(string + i) = '\0'; } else { error_out("ERROR: Improperly formated OID"); } second_value = atoi(string); if (second_value < 0 || second_value > 39) { error_out("ERROR: Improperly formated OID"); } oidString = PORT_ZAlloc(2); *oidString = (first_value * 40) + second_value; *(oidString + 1) = '\0'; oidLength = 1; string += i + 1; i = 0; temp = write = PORT_ZAlloc(length); while (*string != '\0') { value = 0; while (isdigit(*(string + i))) { i++; } if (*(string + i) == '\0') { value = atoi(string); string += i; } else { if (*(string + i) == '.') { *(string + i) = '\0'; value = atoi(string); string += i + 1; } else { *(string + i) = '\0'; i++; value = atoi(string); while (*(string + i) == ' ') i++; if (*(string + i) != '\0') { error_out("ERROR: Improperly formated OID"); } } } i = 0; while (value != 0) { if (remaining < 1) { remaining += length; length = length * 2; temp = PORT_Realloc(temp, length); write = temp + length - remaining; } *write = (value & 0x7f) | (0x80); write++; remaining--; value = value >> 7; } *temp = *temp & (0x7f); oidLength += write - temp; oidString = PORT_Realloc(oidString, (oidLength + 1)); read = write - 1; write = oidLength + oidString - 1; for (i = 0; i < (length - remaining); i++) { *write = *read; write--; read++; } write = temp; remaining = length; } *(oidString + oidLength) = '\0'; oid = (SECItem *)PORT_ZAlloc(sizeof(SECItem)); oid->data = oidString; oid->len = oidLength; PORT_Free(temp); return oid; } static SECItem * string_to_ipaddress(char *string) { int i = 0; int value; int j = 0; SECItem *ipaddress; while (*string == ' ') { string++; } ipaddress = (SECItem *)PORT_ZAlloc(sizeof(SECItem)); ipaddress->data = PORT_ZAlloc(9); while (*string != '\0' && j < 8) { while (isdigit(*(string + i))) { i++; } if (*(string + i) == '.') { *(string + i) = '\0'; value = atoi(string); string = string + i + 1; i = 0; } else { if (*(string + i) == '\0') { value = atoi(string); string = string + i; i = 0; } else { *(string + i) = '\0'; while (*(string + i) == ' ') { i++; } if (*(string + i) == '\0') { value = atoi(string); string = string + i; i = 0; } else { error_out("ERROR: Improperly formated IP Address"); } } } if (value >= 0 && value < 256) { *(ipaddress->data + j) = value; } else { error_out("ERROR: Improperly formated IP Address"); } j++; } *(ipaddress->data + j) = '\0'; if (j != 4 && j != 8) { error_out("ERROR: Improperly formated IP Address"); } ipaddress->len = j; return ipaddress; } static int chr_to_hex(char c) { if (isdigit(c)) { return c - '0'; } if (isxdigit(c)) { return toupper(c) - 'A' + 10; } return -1; } static SECItem * string_to_binary(char *string) { SECItem *rv; rv = (SECItem *)PORT_ZAlloc(sizeof(SECItem)); if (rv == NULL) { error_allocate(); } rv->data = (unsigned char *)PORT_ZAlloc((PORT_Strlen(string)) / 3 + 2); rv->len = 0; while (*string && !isxdigit(*string)) { string++; } while (*string) { int high, low; high = chr_to_hex(*string++); low = chr_to_hex(*string++); if (high < 0 || low < 0) { error_out("ERROR: Improperly formated binary encoding"); } rv->data[(rv->len)++] = high << 4 | low; if (*string != ':') { break; } ++string; } while (*string == ' ') { ++string; } if (*string) { error_out("ERROR: Junk after binary encoding"); } return rv; } static SECStatus MakeGeneralName(char *name, CERTGeneralName *genName, PLArenaPool *arena) { SECItem *oid; SECOidData *oidData; SECItem *ipaddress; SECItem *temp = NULL; int i; int nameType; PRBool binary = PR_FALSE; SECStatus rv = SECSuccess; PRBool nickname = PR_FALSE; PORT_Assert(genName); PORT_Assert(arena); nameType = *(name + PORT_Strlen(name) - 1) - '0'; if (nameType == 0 && *(name + PORT_Strlen(name) - 2) == '1') { nickname = PR_TRUE; nameType = certOtherName; } if (nameType < 1 || nameType > 9) { error_out("ERROR: Unknown General Name Type"); } *(name + PORT_Strlen(name) - 4) = '\0'; genName->type = nameType; switch (genName->type) { case certURI: case certRFC822Name: case certDNSName: { genName->name.other.data = (unsigned char *)name; genName->name.other.len = PORT_Strlen(name); break; } case certIPAddress: { ipaddress = string_to_ipaddress(name); genName->name.other.data = ipaddress->data; genName->name.other.len = ipaddress->len; break; } case certRegisterID: { oid = string_to_oid(name); genName->name.other.data = oid->data; genName->name.other.len = oid->len; break; } case certEDIPartyName: case certX400Address: { genName->name.other.data = PORT_ArenaAlloc(arena, PORT_Strlen(name) + 2); if (genName->name.other.data == NULL) { error_allocate(); } PORT_Memcpy(genName->name.other.data + 2, name, PORT_Strlen(name)); /* This may not be accurate for all cases. For now, use this tag type */ genName->name.other.data[0] = (char)(((genName->type - 1) & 0x1f) | 0x80); genName->name.other.data[1] = (char)PORT_Strlen(name); genName->name.other.len = PORT_Strlen(name) + 2; break; } case certOtherName: { i = 0; if (!nickname) { while (!isdigit(*(name + PORT_Strlen(name) - i))) { i++; } if (*(name + PORT_Strlen(name) - i) == '1') { binary = PR_TRUE; } else { binary = PR_FALSE; } while (*(name + PORT_Strlen(name) - i) != '-') { i++; } *(name + PORT_Strlen(name) - i - 1) = '\0'; i = 0; while (*(name + i) != '-') { i++; } *(name + i - 1) = '\0'; oid = string_to_oid(name + i + 2); } else { oidData = SECOID_FindOIDByTag(SEC_OID_NETSCAPE_NICKNAME); oid = &oidData->oid; while (*(name + PORT_Strlen(name) - i) != '-') { i++; } *(name + PORT_Strlen(name) - i) = '\0'; } genName->name.OthName.oid.data = oid->data; genName->name.OthName.oid.len = oid->len; if (binary) { temp = string_to_binary(name); genName->name.OthName.name.data = temp->data; genName->name.OthName.name.len = temp->len; } else { temp = (SECItem *)PORT_ZAlloc(sizeof(SECItem)); if (temp == NULL) { error_allocate(); } temp->data = (unsigned char *)name; temp->len = PORT_Strlen(name); SEC_ASN1EncodeItem(arena, &(genName->name.OthName.name), temp, CERTIA5TypeTemplate); } PORT_Free(temp); break; } case certDirectoryName: { CERTName *directoryName = NULL; directoryName = CERT_AsciiToName(name); if (!directoryName) { error_out("ERROR: Improperly formated alternative name"); break; } rv = CERT_CopyName(arena, &genName->name.directoryName, directoryName); CERT_DestroyName(directoryName); break; } } genName->l.next = &(genName->l); genName->l.prev = &(genName->l); return rv; } static CERTGeneralName * MakeAltName(Pair *data, char *which, PLArenaPool *arena) { CERTGeneralName *SubAltName; CERTGeneralName *current; CERTGeneralName *newname; char *name = NULL; SECStatus rv = SECSuccess; int len; len = PORT_Strlen(which); name = find_field(data, which, PR_TRUE); SubAltName = current = (CERTGeneralName *)PORT_ZAlloc(sizeof(CERTGeneralName)); if (current == NULL) { error_allocate(); } while (name != NULL) { rv = MakeGeneralName(name, current, arena); if (rv != SECSuccess) { break; } if (*(which + len - 1) < '9') { *(which + len - 1) = *(which + len - 1) + 1; } else { if (isdigit(*(which + len - 2))) { *(which + len - 2) = *(which + len - 2) + 1; *(which + len - 1) = '0'; } else { *(which + len - 1) = '1'; *(which + len) = '0'; *(which + len + 1) = '\0'; len++; } } len = PORT_Strlen(which); name = find_field(data, which, PR_TRUE); if (name != NULL) { newname = (CERTGeneralName *)PORT_ZAlloc(sizeof(CERTGeneralName)); if (newname == NULL) { error_allocate(); } current->l.next = &(newname->l); newname->l.prev = &(current->l); current = newname; newname = NULL; } else { current->l.next = &(SubAltName->l); SubAltName->l.prev = &(current->l); } } if (rv == SECFailure) { return NULL; } return SubAltName; } static CERTNameConstraints * MakeNameConstraints(Pair *data, PLArenaPool *arena) { CERTNameConstraints *NameConstraints; CERTNameConstraint *current = NULL; CERTNameConstraint *last_permited = NULL; CERTNameConstraint *last_excluded = NULL; char *constraint = NULL; char *which; SECStatus rv = SECSuccess; int len; int i; long max; long min; PRBool permited; NameConstraints = (CERTNameConstraints *)PORT_ZAlloc(sizeof(CERTNameConstraints)); which = make_copy_string("NameConstraintSelect0", 25, '\0'); len = PORT_Strlen(which); constraint = find_field(data, which, PR_TRUE); NameConstraints->permited = NameConstraints->excluded = NULL; while (constraint != NULL) { current = (CERTNameConstraint *)PORT_ZAlloc(sizeof(CERTNameConstraint)); if (current == NULL) { error_allocate(); } i = 0; while (*(constraint + PORT_Strlen(constraint) - i) != '-') { i++; } *(constraint + PORT_Strlen(constraint) - i - 1) = '\0'; max = (long)atoi(constraint + PORT_Strlen(constraint) + 3); if (max > 0) { (void)SEC_ASN1EncodeInteger(arena, ¤t->max, max); } i = 0; while (*(constraint + PORT_Strlen(constraint) - i) != '-') { i++; } *(constraint + PORT_Strlen(constraint) - i - 1) = '\0'; min = (long)atoi(constraint + PORT_Strlen(constraint) + 3); (void)SEC_ASN1EncodeInteger(arena, ¤t->min, min); while (*(constraint + PORT_Strlen(constraint) - i) != '-') { i++; } *(constraint + PORT_Strlen(constraint) - i - 1) = '\0'; if (*(constraint + PORT_Strlen(constraint) + 3) == 'p') { permited = PR_TRUE; } else { permited = PR_FALSE; } rv = MakeGeneralName(constraint, &(current->name), arena); if (rv != SECSuccess) { break; } if (*(which + len - 1) < '9') { *(which + len - 1) = *(which + len - 1) + 1; } else { if (isdigit(*(which + len - 2))) { *(which + len - 2) = *(which + len - 2) + 1; *(which + len - 1) = '0'; } else { *(which + len - 1) = '1'; *(which + len) = '0'; *(which + len + 1) = '\0'; len++; } } len = PORT_Strlen(which); if (permited) { if (NameConstraints->permited == NULL) { NameConstraints->permited = last_permited = current; } last_permited->l.next = &(current->l); current->l.prev = &(last_permited->l); last_permited = current; } else { if (NameConstraints->excluded == NULL) { NameConstraints->excluded = last_excluded = current; } last_excluded->l.next = &(current->l); current->l.prev = &(last_excluded->l); last_excluded = current; } constraint = find_field(data, which, PR_TRUE); if (constraint != NULL) { current = (CERTNameConstraint *)PORT_ZAlloc(sizeof(CERTNameConstraint)); if (current == NULL) { error_allocate(); } } } if (NameConstraints->permited != NULL) { last_permited->l.next = &(NameConstraints->permited->l); NameConstraints->permited->l.prev = &(last_permited->l); } if (NameConstraints->excluded != NULL) { last_excluded->l.next = &(NameConstraints->excluded->l); NameConstraints->excluded->l.prev = &(last_excluded->l); } if (which != NULL) { PORT_Free(which); } if (rv == SECFailure) { return NULL; } return NameConstraints; } static SECStatus AddAltName(void *extHandle, Pair *data, char *issuerNameStr, CERTCertDBHandle *handle, int type) { PRBool autoIssuer = PR_FALSE; PLArenaPool *arena = NULL; CERTGeneralName *genName = NULL; char *which = NULL; char *name = NULL; SECStatus rv = SECSuccess; SECItem *issuersAltName = NULL; CERTCertificate *issuerCert = NULL; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { error_allocate(); } if (type == 0) { which = make_copy_string("SubAltNameSelect0", 20, '\0'); genName = MakeAltName(data, which, arena); } else { if (autoIssuer) { autoIssuer = find_field_bool(data, "IssuerAltNameSourceRadio-auto", PR_TRUE); issuerCert = CERT_FindCertByNameString(handle, issuerNameStr); rv = cert_FindExtension((*issuerCert).extensions, SEC_OID_X509_SUBJECT_ALT_NAME, issuersAltName); if (issuersAltName == NULL) { name = PORT_Alloc(PORT_Strlen((*issuerCert).subjectName) + 4); PORT_Strcpy(name, (*issuerCert).subjectName); PORT_Strcat(name, " - 5"); } } else { which = make_copy_string("IssuerAltNameSelect0", 20, '\0'); genName = MakeAltName(data, which, arena); } } if (type == 0) { EncodeAndAddExtensionValue(arena, extHandle, genName, find_field_bool(data, "SubAltName-crit", PR_TRUE), SEC_OID_X509_SUBJECT_ALT_NAME, (EXTEN_VALUE_ENCODER) CERT_EncodeAltNameExtension); } else { if (autoIssuer && (name == NULL)) { rv = CERT_AddExtension(extHandle, SEC_OID_X509_ISSUER_ALT_NAME, issuersAltName, find_field_bool(data, "IssuerAltName-crit", PR_TRUE), PR_TRUE); } else { EncodeAndAddExtensionValue(arena, extHandle, genName, find_field_bool(data, "IssuerAltName-crit", PR_TRUE), SEC_OID_X509_ISSUER_ALT_NAME, (EXTEN_VALUE_ENCODER) CERT_EncodeAltNameExtension); } } if (which != NULL) { PORT_Free(which); } if (issuerCert != NULL) { CERT_DestroyCertificate(issuerCert); } return rv; } static SECStatus AddNameConstraints(void *extHandle, Pair *data) { PLArenaPool *arena = NULL; CERTNameConstraints *constraints = NULL; SECStatus rv = SECSuccess; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { error_allocate(); } constraints = MakeNameConstraints(data, arena); if (constraints != NULL) { EncodeAndAddExtensionValue(arena, extHandle, constraints, PR_TRUE, SEC_OID_X509_NAME_CONSTRAINTS, (EXTEN_VALUE_ENCODER) CERT_EncodeNameConstraintsExtension); } if (arena != NULL) { PORT_ArenaRelease(arena, NULL); } return rv; } static SECStatus add_extensions(CERTCertificate *subjectCert, Pair *data, char *issuerNameStr, CERTCertDBHandle *handle) { void *extHandle; SECStatus rv = SECSuccess; extHandle = CERT_StartCertExtensions(subjectCert); if (extHandle == NULL) { error_out("ERROR: Unable to get certificates extension handle"); } if (find_field_bool(data, "keyUsage", PR_TRUE)) { rv = AddKeyUsage(extHandle, data); if (rv != SECSuccess) { error_out("ERROR: Unable to add Key Usage extension"); } } if (find_field_bool(data, "extKeyUsage", PR_TRUE)) { rv = AddExtKeyUsage(extHandle, data); if (SECSuccess != rv) { error_out("ERROR: Unable to add Extended Key Usage extension"); } } if (find_field_bool(data, "basicConstraints", PR_TRUE)) { rv = AddBasicConstraint(extHandle, data); if (rv != SECSuccess) { error_out("ERROR: Unable to add Basic Constraint extension"); } } if (find_field_bool(data, "subjectKeyIdentifier", PR_TRUE)) { rv = AddSubKeyID(extHandle, data, subjectCert); if (rv != SECSuccess) { error_out("ERROR: Unable to add Subject Key Identifier Extension"); } } if (find_field_bool(data, "authorityKeyIdentifier", PR_TRUE)) { rv = AddAuthKeyID(extHandle, data, issuerNameStr, handle); if (rv != SECSuccess) { error_out("ERROR: Unable to add Authority Key Identifier extension"); } } if (find_field_bool(data, "privKeyUsagePeriod", PR_TRUE)) { rv = AddPrivKeyUsagePeriod(extHandle, data, subjectCert); if (rv != SECSuccess) { error_out("ERROR: Unable to add Private Key Usage Period extension"); } } if (find_field_bool(data, "SubAltName", PR_TRUE)) { rv = AddAltName(extHandle, data, NULL, NULL, 0); if (rv != SECSuccess) { error_out("ERROR: Unable to add Subject Alternative Name extension"); } } if (find_field_bool(data, "IssuerAltName", PR_TRUE)) { rv = AddAltName(extHandle, data, issuerNameStr, handle, 1); if (rv != SECSuccess) { error_out("ERROR: Unable to add Issuer Alternative Name Extension"); } } if (find_field_bool(data, "NameConstraints", PR_TRUE)) { rv = AddNameConstraints(extHandle, data); if (rv != SECSuccess) { error_out("ERROR: Unable to add Name Constraints Extension"); } } if (find_field_bool(data, "netscape-cert-type", PR_TRUE)) { rv = AddNscpCertType(extHandle, data); if (rv != SECSuccess) { error_out("ERROR: Unable to add Netscape Certificate Type Extension"); } } if (find_field_bool(data, "netscape-base-url", PR_TRUE)) { rv = add_IA5StringExtension(extHandle, find_field(data, "netscape-base-url-text", PR_TRUE), find_field_bool(data, "netscape-base-url-crit", PR_TRUE), SEC_OID_NS_CERT_EXT_BASE_URL); if (rv != SECSuccess) { error_out("ERROR: Unable to add Netscape Base URL Extension"); } } if (find_field_bool(data, "netscape-revocation-url", PR_TRUE)) { rv = add_IA5StringExtension(extHandle, find_field(data, "netscape-revocation-url-text", PR_TRUE), find_field_bool(data, "netscape-revocation-url-crit", PR_TRUE), SEC_OID_NS_CERT_EXT_REVOCATION_URL); if (rv != SECSuccess) { error_out("ERROR: Unable to add Netscape Revocation URL Extension"); } } if (find_field_bool(data, "netscape-ca-revocation-url", PR_TRUE)) { rv = add_IA5StringExtension(extHandle, find_field(data, "netscape-ca-revocation-url-text", PR_TRUE), find_field_bool(data, "netscape-ca-revocation-url-crit", PR_TRUE), SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL); if (rv != SECSuccess) { error_out("ERROR: Unable to add Netscape CA Revocation URL Extension"); } } if (find_field_bool(data, "netscape-cert-renewal-url", PR_TRUE)) { rv = add_IA5StringExtension(extHandle, find_field(data, "netscape-cert-renewal-url-text", PR_TRUE), find_field_bool(data, "netscape-cert-renewal-url-crit", PR_TRUE), SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL); if (rv != SECSuccess) { error_out("ERROR: Unable to add Netscape Certificate Renewal URL Extension"); } } if (find_field_bool(data, "netscape-ca-policy-url", PR_TRUE)) { rv = add_IA5StringExtension(extHandle, find_field(data, "netscape-ca-policy-url-text", PR_TRUE), find_field_bool(data, "netscape-ca-policy-url-crit", PR_TRUE), SEC_OID_NS_CERT_EXT_CA_POLICY_URL); if (rv != SECSuccess) { error_out("ERROR: Unable to add Netscape CA Policy URL Extension"); } } if (find_field_bool(data, "netscape-ssl-server-name", PR_TRUE)) { rv = add_IA5StringExtension(extHandle, find_field(data, "netscape-ssl-server-name-text", PR_TRUE), find_field_bool(data, "netscape-ssl-server-name-crit", PR_TRUE), SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME); if (rv != SECSuccess) { error_out("ERROR: Unable to add Netscape SSL Server Name Extension"); } } if (find_field_bool(data, "netscape-comment", PR_TRUE)) { rv = add_IA5StringExtension(extHandle, find_field(data, "netscape-comment-text", PR_TRUE), find_field_bool(data, "netscape-comment-crit", PR_TRUE), SEC_OID_NS_CERT_EXT_COMMENT); if (rv != SECSuccess) { error_out("ERROR: Unable to add Netscape Comment Extension"); } } CERT_FinishExtensions(extHandle); return (rv); } char * return_dbpasswd(PK11SlotInfo *slot, PRBool retry, void *data) { char *rv; /* don't clobber our poor smart card */ if (retry == PR_TRUE) { return NULL; } rv = PORT_Alloc(4); PORT_Strcpy(rv, "foo"); return rv; } SECKEYPrivateKey * FindPrivateKeyFromNameStr(char *name, CERTCertDBHandle *certHandle) { SECKEYPrivateKey *key; CERTCertificate *cert; CERTCertificate *p11Cert; /* We don't presently have a PK11 function to find a cert by ** subject name. ** We do have a function to find a cert in the internal slot's ** cert db by subject name, but it doesn't setup the slot info. ** So, this HACK works, but should be replaced as soon as we ** have a function to search for certs accross slots by subject name. */ cert = CERT_FindCertByNameString(certHandle, name); if (cert == NULL || cert->nickname == NULL) { error_out("ERROR: Unable to retrieve issuers certificate"); } p11Cert = PK11_FindCertFromNickname(cert->nickname, NULL); if (p11Cert == NULL) { error_out("ERROR: Unable to retrieve issuers certificate"); } key = PK11_FindKeyByAnyCert(p11Cert, NULL); return key; } static SECItem * SignCert(CERTCertificate *cert, char *issuerNameStr, Pair *data, CERTCertDBHandle *handle, int which_key) { SECItem der; SECKEYPrivateKey *caPrivateKey = NULL; SECStatus rv; PLArenaPool *arena; SECOidTag algID; if (which_key == 0) { caPrivateKey = FindPrivateKeyFromNameStr(issuerNameStr, handle); } else { caPrivateKey = privkeys[which_key - 1]; } if (caPrivateKey == NULL) { error_out("ERROR: unable to retrieve issuers key"); } arena = cert->arena; algID = SEC_GetSignatureAlgorithmOidTag(caPrivateKey->keyType, SEC_OID_UNKNOWN); if (algID == SEC_OID_UNKNOWN) { error_out("ERROR: Unknown key type for issuer."); goto done; } rv = SECOID_SetAlgorithmID(arena, &cert->signature, algID, 0); if (rv != SECSuccess) { error_out("ERROR: Could not set signature algorithm id."); } if (find_field_bool(data, "ver-1", PR_TRUE)) { *(cert->version.data) = 0; cert->version.len = 1; } else { *(cert->version.data) = 2; cert->version.len = 1; } der.data = NULL; der.len = 0; (void)SEC_ASN1EncodeItem(arena, &der, cert, CERT_CertificateTemplate); if (der.data == NULL) { error_out("ERROR: Could not encode certificate.\n"); } rv = SEC_DerSignData(arena, &(cert->derCert), der.data, der.len, caPrivateKey, algID); if (rv != SECSuccess) { error_out("ERROR: Could not sign encoded certificate data.\n"); } done: SECKEY_DestroyPrivateKey(caPrivateKey); return &(cert->derCert); } int main(int argc, char **argv) { int length = 500; int remaining = 500; int n; int i; int serial; int chainLen; int which_key; char *pos; #ifdef OFFLINE char *form_output = "key=MIIBPTCBpzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA7" "SLqjWBL9Wl11Vlg%0AaMqZCvcQOL%2FnvSqYPPRP0XZy9SoAeyWzQnBOiCm2t8H5mK7r2" "jnKdAQOmfhjaJil%0A3hNVu3SekHOXF6Ze7bkWa6%2FSGVcY%2FojkydxFSgY43nd1iyd" "zPQDp8WWLL%2BpVpt%2B%2B%0ATRhFtVXbF0fQI03j9h3BoTgP2lkCAwEAARYDZm9vMA0" "GCSqGSIb3DQEBBAUAA4GB%0AAJ8UfRKJ0GtG%2B%2BufCC6tAfTzKrq3CTBHnom55EyXc" "sAsv6WbDqI%2F0rLAPkn2Xo1r%0AnNhtMxIuj441blMt%2Fa3AGLOy5zmC7Qawt8IytvQ" "ikQ1XTpTBCXevytrmLjCmlURr%0ANJryTM48WaMQHiMiJpbXCqVJC1d%2FpEWBtqvALzZ" "aOOIy&subject=CN%3D%22test%22%26serial-auto%3Dtrue%26serial_value%3D%" "26ver-1%3Dtrue%26ver-3%3Dfalse%26caChoiceradio-SignWithDefaultkey%3Dt" "rue%26caChoiceradio-SignWithRandomChain%3Dfalse%26autoCAs%3D%26caChoi" "ceradio-SignWithSpecifiedChain%3Dfalse%26manCAs%3D%26%24"; #else char *form_output; #endif char *issuerNameStr; char *certName; char *DBdir = DB_DIRECTORY; char *prefixs[10] = { "CA#1-", "CA#2-", "CA#3-", "CA#4-", "CA#5-", "CA#6-", "CA#7-", "CA#8-", "CA#9-", "" }; Pair *form_data; CERTCertificate *cert; CERTCertDBHandle *handle; CERTCertificateRequest *certReq = NULL; int warpmonths = 0; SECItem *certDER; #ifdef FILEOUT FILE *outfile; #endif SECStatus status = SECSuccess; extern char prefix[PREFIX_LEN]; SEC_PKCS7ContentInfo *certChain; SECItem *encodedCertChain; PRBool UChain = PR_FALSE; progName = strrchr(argv[0], '/'); progName = progName ? progName + 1 : argv[0]; #ifdef TEST sleep(20); #endif SECU_ConfigDirectory(DBdir); PK11_SetPasswordFunc(return_dbpasswd); status = NSS_InitReadWrite(DBdir); if (status != SECSuccess) { SECU_PrintPRandOSError(progName); return -1; } handle = CERT_GetDefaultCertDB(); prefix[0] = '\0'; #if !defined(OFFLINE) form_output = (char *)PORT_Alloc(length); if (form_output == NULL) { error_allocate(); } pos = form_output; while (feof(stdin) == 0) { if (remaining <= 1) { remaining += length; length = length * 2; form_output = PORT_Realloc(form_output, (length)); if (form_output == NULL) { error_allocate(); } pos = form_output + length - remaining; } n = fread(pos, 1, (size_t)(remaining - 1), stdin); pos += n; remaining -= n; } *pos = '&'; pos++; length = pos - form_output; #else length = PORT_Strlen(form_output); #endif #ifdef FILEOUT printf("Content-type: text/plain\n\n"); fwrite(form_output, 1, (size_t)length, stdout); printf("\n"); #endif #ifdef FILEOUT fwrite(form_output, 1, (size_t)length, stdout); printf("\n"); fflush(stdout); #endif form_data = make_datastruct(form_output, length); status = clean_input(form_data); #if !defined(OFFLINE) PORT_Free(form_output); #endif #ifdef FILEOUT i = 0; while (return_name(form_data, i) != NULL) { printf("%s", return_name(form_data, i)); printf("=\n"); printf("%s", return_data(form_data, i)); printf("\n"); i++; } printf("I got that done, woo hoo\n"); fflush(stdout); #endif issuerNameStr = PORT_Alloc(200); if (find_field_bool(form_data, "caChoiceradio-SignWithSpecifiedChain", PR_FALSE)) { UChain = PR_TRUE; chainLen = atoi(find_field(form_data, "manCAs", PR_FALSE)); PORT_Strcpy(prefix, prefixs[0]); issuerNameStr = PORT_Strcpy(issuerNameStr, "CN=Cert-O-Matic II, O=Cert-O-Matic II"); if (chainLen == 0) { UChain = PR_FALSE; } } else { if (find_field_bool(form_data, "caChoiceradio-SignWithRandomChain", PR_FALSE)) { PORT_Strcpy(prefix, prefixs[9]); chainLen = atoi(find_field(form_data, "autoCAs", PR_FALSE)); if (chainLen < 1 || chainLen > 18) { issuerNameStr = PORT_Strcpy(issuerNameStr, "CN=CA18, O=Cert-O-Matic II"); } issuerNameStr = PORT_Strcpy(issuerNameStr, "CN=CA"); issuerNameStr = PORT_Strcat(issuerNameStr, find_field(form_data, "autoCAs", PR_FALSE)); issuerNameStr = PORT_Strcat(issuerNameStr, ", O=Cert-O-Matic II"); } else { issuerNameStr = PORT_Strcpy(issuerNameStr, "CN=Cert-O-Matic II, O=Cert-O-Matic II"); } chainLen = 0; } i = -1; which_key = 0; do { extern SECStatus cert_GetKeyID(CERTCertificate * cert); i++; if (i != 0 && UChain) { PORT_Strcpy(prefix, prefixs[i]); } /* find_field(form_data,"subject", PR_TRUE); */ certReq = makeCertReq(form_data, which_key); #ifdef OFFLINE serial = 900; #else serial = get_serial_number(form_data); #endif cert = MakeV1Cert(handle, certReq, issuerNameStr, PR_FALSE, serial, warpmonths, form_data); if (certReq != NULL) { CERT_DestroyCertificateRequest(certReq); } if (find_field_bool(form_data, "ver-3", PR_TRUE)) { status = add_extensions(cert, form_data, issuerNameStr, handle); if (status != SECSuccess) { error_out("ERROR: Unable to add extensions"); } } status = cert_GetKeyID(cert); if (status == SECFailure) { error_out("ERROR: Unable to get Key ID."); } certDER = SignCert(cert, issuerNameStr, form_data, handle, which_key); CERT_NewTempCertificate(handle, certDER, NULL, PR_FALSE, PR_TRUE); issuerNameStr = find_field(form_data, "subject", PR_TRUE); /* SECITEM_FreeItem(certDER, PR_TRUE); */ CERT_DestroyCertificate(cert); if (i == (chainLen - 1)) { i = 8; } ++which_key; } while (i < 9 && UChain); #ifdef FILEOUT outfile = fopen("../certout", "wb"); #endif certName = find_field(form_data, "subject", PR_FALSE); cert = CERT_FindCertByNameString(handle, certName); certChain = SEC_PKCS7CreateCertsOnly(cert, PR_TRUE, handle); if (certChain == NULL) { error_out("ERROR: No certificates in cert chain"); } encodedCertChain = SEC_PKCS7EncodeItem(NULL, NULL, certChain, NULL, NULL, NULL); if (encodedCertChain) { #if !defined(FILEOUT) printf("Content-type: application/x-x509-user-cert\r\n"); printf("Content-length: %d\r\n\r\n", encodedCertChain->len); fwrite(encodedCertChain->data, 1, encodedCertChain->len, stdout); #else fwrite(encodedCertChain->data, 1, encodedCertChain->len, outfile); #endif } else { error_out("Error: Unable to DER encode certificate"); } #ifdef FILEOUT printf("\nI got here!\n"); fflush(outfile); fclose(outfile); #endif fflush(stdout); if (NSS_Shutdown() != SECSuccess) { exit(1); } return 0; } nss-3.35/nss/cmd/certcgi/certcgi.gyp0000644000000000000000000000136613230126417015531 0ustar 00000000000000# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. { 'includes': [ '../../coreconf/config.gypi', '../../cmd/platlibs.gypi' ], 'targets': [ { 'target_name': 'certcgi', 'type': 'executable', 'sources': [ 'certcgi.c' ], 'dependencies': [ '<(DEPTH)/exports.gyp:dbm_exports', '<(DEPTH)/exports.gyp:nss_exports', '<(DEPTH)/lib/sqlite/sqlite.gyp:sqlite3' ] } ], 'target_defaults': { 'defines': [ 'NSPR20', 'NSS_USE_STATIC_LIBS' ] }, 'variables': { 'module': 'nss', 'use_static_libs': 1 } }nss-3.35/nss/cmd/certcgi/index.html0000644000000000000000000005677213230126417015400 0ustar 00000000000000 Cert-O-Matic nss-3.35/nss/cmd/certcgi/main.html0000644000000000000000000000675213230126417015206 0ustar 00000000000000 Main Layer for CertOMatic
Common Name:

Organization:

MAIL= E= Organizational Unit:

UID=

Locality:

State or Province:

Country:

Serial Number:
Auto Generate
Use this hex value: 

X.509 version:
Version 1
Version 3
Key Type:
RSA
DSA

Intermediate CA Key Sizes:
Validity:
Generate Automatically
Use these values:
Not Before: 
Not After:   
         YYMMDDhhmm[ss]{Z|+hhmm|-hhmm}
DN:

nss-3.35/nss/cmd/certcgi/manifest.mn0000644000000000000000000000076513230126417015534 0ustar 00000000000000# # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. CORE_DEPTH = ../.. # MODULE public and private header directories are implicitly REQUIREd. MODULE = nss # This next line is used by .mk files # and gets translated into $LINCS in manifest.mnw REQUIRES = seccmd dbm DEFINES = -DNSPR20 CSRCS = certcgi.c PROGRAM = certcgi USE_STATIC_LIBS = 1 nss-3.35/nss/cmd/certcgi/nscp_ext_form.html0000644000000000000000000000661613230126417017127 0ustar 00000000000000
Netscape Certificate Type:

Activate extension:

Critical: 		SSL Client

SSL Server

S/MIME

Object Signing

Reserved for future use (bit 4)

SSL CA

S/MIME CA

Object Signing CA

Netscape Base URL:

Activate extension:

Critical:
Netscape Revocation URL:

Activate extension:

Critical:
Netscape CA Revocation URL:

Activate extension:

Critical:
Netscape Certificate Renewal URL:

Activate extension:

Critical:
Netscape CA Policy URL:

Activate extension:

Critical:
Netscape SSL Server Name:

Activate extension:

Critical:
Netscape Comment:

Activate extension:

Critical:
nss-3.35/nss/cmd/certcgi/stnd_ext_form.html0000644000000000000000000003112213230126417017122 0ustar 00000000000000
Key Usage:

Activate extension:

Critical: 		Digital Signature

Non Repudiation

Key Encipherment

Data Encipherment

Key Agreement

Key Certificate Signing

CRL Signing

Extended Key Usage:

Activate extension:

Critical: 		Server Auth

Client Auth

Code Signing

Email Protection

Timestamp

OCSP Responder

Step-up

Microsoft Trust List Signing

Basic Constraints:

Activate extension:

Critical: 		CA:

True

False

Include Path length:

Authority Key Identifier:

Activate extension: 		Key Identider

Issuer Name and Serial number

Subject Key Identifier:

Activate extension: 		Key Identifier:

This is an:

ascii text value

hex value

Private Key Usage Period:

Activate extension:

Critical: 		Use:

Not Before

Not After

Both

Not to be used to sign before:

Set to time of certificate issue

Use This value

(YYYY/MM/DD HH:MM:SS): / / : :

Not to be used to sign after:

(YYYY/MM/DD HH:MM:SS): / / : :

Subject Alternative Name:

Activate extension:

Critical:
General Names:
Name Type:
Other Name, OID: RFC 822 Name
DNS Name X400 Address
Directory Name EDI Party Name
Uniform Resource Locator IP Address
Registered ID Netscape Certificate Nickname
Name: Binary Encoded:

Issuer Alternative Name:

Activate extension:

Critical: 		Use the Subject Alternative Name from the Issuers Certificate

Use this Name:
General Names:
Name Type:
Other Name, OID: RFC 822 Name
DNS Name X400 Address
Directory Name EDI Party Name
Uniform Resource Locator IP Address
Registered ID
Name: Binary Encoded:

Name Constraints:

Activate extension:

Name Constraints:
Name Type:
Other Name, OID: RFC 822 Name
DNS Name X400 Address
Directory Name EDI Party Name
Uniform Resource Locator IP Address
Registered ID
Name: Binary Encoded:

Constraint type:

permited

excluded

Minimum:

Maximum:

nss-3.35/nss/cmd/certutil/Makefile0000644000000000000000000000354113230126417015240 0ustar 00000000000000#! gmake # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. ####################################################################### # (1) Include initial platform-independent assignments (MANDATORY). # ####################################################################### include manifest.mn ####################################################################### # (2) Include "global" configuration information. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/config.mk ####################################################################### # (3) Include "component" configuration information. (OPTIONAL) # ####################################################################### ####################################################################### # (4) Include "local" platform-dependent assignments (OPTIONAL). # ####################################################################### include ../platlibs.mk ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/rules.mk ####################################################################### # (6) Execute "component" rules. (OPTIONAL) # ####################################################################### ####################################################################### # (7) Execute "local" rules. (OPTIONAL). # ####################################################################### include ../platrules.mk nss-3.35/nss/cmd/certutil/certext.c0000644000000000000000000021344513230126417015430 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* ** certext.c ** ** part of certutil for managing certificates extensions ** */ #include #include #include #if defined(WIN32) #include "fcntl.h" #include "io.h" #endif #include "secutil.h" #if defined(XP_UNIX) #include #endif #include "cert.h" #include "xconst.h" #include "prprf.h" #include "certutil.h" #include "genname.h" #include "prnetdb.h" #define GEN_BREAK(e) \ rv = e; \ break; static char * Gets_s(char *buff, size_t size) { char *str; if (buff == NULL || size < 1) { PORT_Assert(0); return NULL; } if ((str = fgets(buff, size, stdin)) != NULL) { int len = PORT_Strlen(str); /* * fgets() automatically converts native text file * line endings to '\n'. As defensive programming * (just in case fgets has a bug or we put stdin in * binary mode by mistake), we handle three native * text file line endings here: * '\n' Unix (including Linux and Mac OS X) * '\r''\n' DOS/Windows & OS/2 * '\r' Mac OS Classic * len can not be less then 1, since in case with * empty string it has at least '\n' in the buffer */ if (buff[len - 1] == '\n' || buff[len - 1] == '\r') { buff[len - 1] = '\0'; if (len > 1 && buff[len - 2] == '\r') buff[len - 2] = '\0'; } } else { buff[0] = '\0'; } return str; } static SECStatus PrintChoicesAndGetAnswer(char *str, char *rBuff, int rSize) { fputs(str, stdout); fputs(" > ", stdout); fflush(stdout); if (Gets_s(rBuff, rSize) == NULL) { PORT_SetError(SEC_ERROR_INPUT_LEN); return SECFailure; } return SECSuccess; } static CERTGeneralName * GetGeneralName(PLArenaPool *arena, CERTGeneralName *useExistingName, PRBool onlyOne) { CERTGeneralName *namesList = NULL; CERTGeneralName *current; CERTGeneralName *tail = NULL; SECStatus rv = SECSuccess; int intValue; char buffer[512]; void *mark; PORT_Assert(arena); mark = PORT_ArenaMark(arena); do { if (PrintChoicesAndGetAnswer( "\nSelect one of the following general name type: \n" "\t2 - rfc822Name\n" "\t3 - dnsName\n" "\t5 - directoryName\n" "\t7 - uniformResourceidentifier\n" "\t8 - ipAddress\n" "\t9 - registerID\n" "\tAny other number to finish\n" "\t\tChoice:", buffer, sizeof(buffer)) == SECFailure) { GEN_BREAK(SECFailure); } intValue = PORT_Atoi(buffer); /* * Should use ZAlloc instead of Alloc to avoid problem with garbage * initialized pointers in CERT_CopyName */ switch (intValue) { case certRFC822Name: case certDNSName: case certDirectoryName: case certURI: case certIPAddress: case certRegisterID: break; default: intValue = 0; /* force a break for anything else */ } if (intValue == 0) break; if (namesList == NULL) { if (useExistingName) { namesList = current = tail = useExistingName; } else { namesList = current = tail = PORT_ArenaZNew(arena, CERTGeneralName); } } else { current = PORT_ArenaZNew(arena, CERTGeneralName); } if (current == NULL) { GEN_BREAK(SECFailure); } current->type = intValue; puts("\nEnter data:"); fflush(stdout); if (Gets_s(buffer, sizeof(buffer)) == NULL) { PORT_SetError(SEC_ERROR_INPUT_LEN); GEN_BREAK(SECFailure); } switch (current->type) { case certURI: case certDNSName: case certRFC822Name: current->name.other.data = PORT_ArenaAlloc(arena, strlen(buffer)); if (current->name.other.data == NULL) { GEN_BREAK(SECFailure); } PORT_Memcpy(current->name.other.data, buffer, current->name.other.len = strlen(buffer)); break; case certEDIPartyName: case certIPAddress: case certOtherName: case certRegisterID: case certX400Address: { current->name.other.data = PORT_ArenaAlloc(arena, strlen(buffer) + 2); if (current->name.other.data == NULL) { GEN_BREAK(SECFailure); } PORT_Memcpy(current->name.other.data + 2, buffer, strlen(buffer)); /* This may not be accurate for all cases. For now, * use this tag type */ current->name.other.data[0] = (char)(((current->type - 1) & 0x1f) | 0x80); current->name.other.data[1] = (char)strlen(buffer); current->name.other.len = strlen(buffer) + 2; break; } case certDirectoryName: { CERTName *directoryName = NULL; directoryName = CERT_AsciiToName(buffer); if (!directoryName) { fprintf(stderr, "certutil: improperly formatted name: " "\"%s\"\n", buffer); break; } rv = CERT_CopyName(arena, ¤t->name.directoryName, directoryName); CERT_DestroyName(directoryName); break; } } if (rv != SECSuccess) break; current->l.next = &(namesList->l); current->l.prev = &(tail->l); tail->l.next = &(current->l); tail = current; } while (!onlyOne); if (rv != SECSuccess) { PORT_ArenaRelease(arena, mark); namesList = NULL; } return (namesList); } static CERTGeneralName * CreateGeneralName(PLArenaPool *arena) { return GetGeneralName(arena, NULL, PR_FALSE); } static SECStatus GetString(PLArenaPool *arena, char *prompt, SECItem *value) { char buffer[251]; char *buffPrt; buffer[0] = '\0'; value->data = NULL; value->len = 0; puts(prompt); buffPrt = Gets_s(buffer, sizeof(buffer)); /* returned NULL here treated the same way as empty string */ if (buffPrt && strlen(buffer) > 0) { value->data = PORT_ArenaAlloc(arena, strlen(buffer)); if (value->data == NULL) { PORT_SetError(SEC_ERROR_NO_MEMORY); return (SECFailure); } PORT_Memcpy(value->data, buffer, value->len = strlen(buffer)); } return (SECSuccess); } static PRBool GetYesNo(char *prompt) { char buf[3]; char *buffPrt; buf[0] = 'n'; puts(prompt); buffPrt = Gets_s(buf, sizeof(buf)); return (buffPrt && (buf[0] == 'y' || buf[0] == 'Y')) ? PR_TRUE : PR_FALSE; } /* Parses comma separated values out of the string pointed by nextPos. * Parsed value is compared to an array of possible values(valueArray). * If match is found, a value index is returned, otherwise returns SECFailue. * nextPos is set to the token after found comma separator or to NULL. * NULL in nextPos should be used as indication of the last parsed token. * A special value "critical" can be parsed out from the supplied sting.*/ static SECStatus parseNextCmdInput(const char *const *valueArray, int *value, char **nextPos, PRBool *critical) { char *thisPos; int keyLen = 0; int arrIndex = 0; if (!valueArray || !value || !nextPos || !critical) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } thisPos = *nextPos; while (1) { if ((*nextPos = strchr(thisPos, ',')) == NULL) { keyLen = strlen(thisPos); } else { keyLen = *nextPos - thisPos; *nextPos += 1; } /* if critical keyword is found, go for another loop, * but check, if it is the last keyword of * the string.*/ if (!strncmp("critical", thisPos, keyLen)) { *critical = PR_TRUE; if (*nextPos == NULL) { return SECSuccess; } thisPos = *nextPos; continue; } break; } for (arrIndex = 0; valueArray[arrIndex]; arrIndex++) { if (!strncmp(valueArray[arrIndex], thisPos, keyLen)) { *value = arrIndex; return SECSuccess; } } PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } static const char *const keyUsageKeyWordArray[] = { "digitalSignature", "nonRepudiation", "keyEncipherment", "dataEncipherment", "keyAgreement", "certSigning", "crlSigning", NULL }; static SECStatus AddKeyUsage(void *extHandle, const char *userSuppliedValue) { SECItem bitStringValue; unsigned char keyUsage = 0x0; char buffer[5]; int value; char *nextPos = (char *)userSuppliedValue; PRBool isCriticalExt = PR_FALSE; if (!userSuppliedValue) { while (1) { if (PrintChoicesAndGetAnswer( "\t\t0 - Digital Signature\n" "\t\t1 - Non-repudiation\n" "\t\t2 - Key encipherment\n" "\t\t3 - Data encipherment\n" "\t\t4 - Key agreement\n" "\t\t5 - Cert signing key\n" "\t\t6 - CRL signing key\n" "\t\tOther to finish\n", buffer, sizeof(buffer)) == SECFailure) { return SECFailure; } value = PORT_Atoi(buffer); if (value < 0 || value > 6) break; if (value == 0) { /* Checking that zero value of variable 'value' * corresponds to '0' input made by user */ char *chPtr = strchr(buffer, '0'); if (chPtr == NULL) { continue; } } keyUsage |= (0x80 >> value); } isCriticalExt = GetYesNo("Is this a critical extension [y/N]?"); } else { while (1) { if (parseNextCmdInput(keyUsageKeyWordArray, &value, &nextPos, &isCriticalExt) == SECFailure) { return SECFailure; } keyUsage |= (0x80 >> value); if (!nextPos) break; } } bitStringValue.data = &keyUsage; bitStringValue.len = 1; return (CERT_EncodeAndAddBitStrExtension(extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue, isCriticalExt)); } static CERTOidSequence * CreateOidSequence(void) { CERTOidSequence *rv = (CERTOidSequence *)NULL; PLArenaPool *arena = (PLArenaPool *)NULL; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if ((PLArenaPool *)NULL == arena) { goto loser; } rv = (CERTOidSequence *)PORT_ArenaZNew(arena, CERTOidSequence); if ((CERTOidSequence *)NULL == rv) { goto loser; } rv->oids = (SECItem **)PORT_ArenaZNew(arena, SECItem *); if ((SECItem **)NULL == rv->oids) { goto loser; } rv->arena = arena; return rv; loser: if ((PLArenaPool *)NULL != arena) { PORT_FreeArena(arena, PR_FALSE); } return (CERTOidSequence *)NULL; } static void DestroyOidSequence(CERTOidSequence *os) { if (os->arena) { PORT_FreeArena(os->arena, PR_FALSE); } } static SECStatus AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag) { SECItem **oids; PRUint32 count = 0; SECOidData *od; od = SECOID_FindOIDByTag(oidTag); if ((SECOidData *)NULL == od) { return SECFailure; } for (oids = os->oids; (SECItem *)NULL != *oids; oids++) { if (*oids == &od->oid) { /* We already have this oid */ return SECSuccess; } count++; } /* ArenaZRealloc */ { PRUint32 i; oids = (SECItem **)PORT_ArenaZNewArray(os->arena, SECItem *, count + 2); if ((SECItem **)NULL == oids) { return SECFailure; } for (i = 0; i < count; i++) { oids[i] = os->oids[i]; } /* ArenaZFree(os->oids); */ } os->oids = oids; os->oids[count] = &od->oid; return SECSuccess; } SEC_ASN1_MKSUB(SEC_ObjectIDTemplate) const SEC_ASN1Template CERT_OidSeqTemplate[] = { { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, offsetof(CERTOidSequence, oids), SEC_ASN1_SUB(SEC_ObjectIDTemplate) } }; static SECItem * EncodeOidSequence(CERTOidSequence *os) { SECItem *rv; rv = (SECItem *)PORT_ArenaZNew(os->arena, SECItem); if ((SECItem *)NULL == rv) { goto loser; } if (!SEC_ASN1EncodeItem(os->arena, rv, os, CERT_OidSeqTemplate)) { goto loser; } return rv; loser: return (SECItem *)NULL; } static const char *const extKeyUsageKeyWordArray[] = { "serverAuth", "clientAuth", "codeSigning", "emailProtection", "timeStamp", "ocspResponder", "stepUp", "msTrustListSigning", NULL }; static SECStatus AddExtKeyUsage(void *extHandle, const char *userSuppliedValue) { char buffer[5]; int value; CERTOidSequence *os; SECStatus rv; SECItem *item; PRBool isCriticalExt = PR_FALSE; char *nextPos = (char *)userSuppliedValue; os = CreateOidSequence(); if ((CERTOidSequence *)NULL == os) { return SECFailure; } while (1) { if (!userSuppliedValue) { if (PrintChoicesAndGetAnswer( "\t\t0 - Server Auth\n" "\t\t1 - Client Auth\n" "\t\t2 - Code Signing\n" "\t\t3 - Email Protection\n" "\t\t4 - Timestamp\n" "\t\t5 - OCSP Responder\n" "\t\t6 - Step-up\n" "\t\t7 - Microsoft Trust List Signing\n" "\t\tOther to finish\n", buffer, sizeof(buffer)) == SECFailure) { GEN_BREAK(SECFailure); } value = PORT_Atoi(buffer); if (value == 0) { /* Checking that zero value of variable 'value' * corresponds to '0' input made by user */ char *chPtr = strchr(buffer, '0'); if (chPtr == NULL) { continue; } } } else { if (parseNextCmdInput(extKeyUsageKeyWordArray, &value, &nextPos, &isCriticalExt) == SECFailure) { return SECFailure; } } switch (value) { case 0: rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH); break; case 1: rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH); break; case 2: rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CODE_SIGN); break; case 3: rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT); break; case 4: rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_TIME_STAMP); break; case 5: rv = AddOidToSequence(os, SEC_OID_OCSP_RESPONDER); break; case 6: rv = AddOidToSequence(os, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED); break; case 7: rv = AddOidToSequence(os, SEC_OID_MS_EXT_KEY_USAGE_CTL_SIGNING); break; default: goto endloop; } if (userSuppliedValue && !nextPos) break; if (SECSuccess != rv) goto loser; } endloop: item = EncodeOidSequence(os); if (!userSuppliedValue) { isCriticalExt = GetYesNo("Is this a critical extension [y/N]?"); } rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, item, isCriticalExt, PR_TRUE); /*FALLTHROUGH*/ loser: DestroyOidSequence(os); return rv; } static const char *const nsCertTypeKeyWordArray[] = { "sslClient", "sslServer", "smime", "objectSigning", "Not!Used", "sslCA", "smimeCA", "objectSigningCA", NULL }; static SECStatus AddNscpCertType(void *extHandle, const char *userSuppliedValue) { SECItem bitStringValue; unsigned char keyUsage = 0x0; char buffer[5]; int value; char *nextPos = (char *)userSuppliedValue; PRBool isCriticalExt = PR_FALSE; if (!userSuppliedValue) { while (1) { if (PrintChoicesAndGetAnswer( "\t\t0 - SSL Client\n" "\t\t1 - SSL Server\n" "\t\t2 - S/MIME\n" "\t\t3 - Object Signing\n" "\t\t4 - Reserved for future use\n" "\t\t5 - SSL CA\n" "\t\t6 - S/MIME CA\n" "\t\t7 - Object Signing CA\n" "\t\tOther to finish\n", buffer, sizeof(buffer)) == SECFailure) { return SECFailure; } value = PORT_Atoi(buffer); if (value < 0 || value > 7) break; if (value == 0) { /* Checking that zero value of variable 'value' * corresponds to '0' input made by user */ char *chPtr = strchr(buffer, '0'); if (chPtr == NULL) { continue; } } keyUsage |= (0x80 >> value); } isCriticalExt = GetYesNo("Is this a critical extension [y/N]?"); } else { while (1) { if (parseNextCmdInput(nsCertTypeKeyWordArray, &value, &nextPos, &isCriticalExt) == SECFailure) { return SECFailure; } keyUsage |= (0x80 >> value); if (!nextPos) break; } } bitStringValue.data = &keyUsage; bitStringValue.len = 1; return (CERT_EncodeAndAddBitStrExtension(extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue, isCriticalExt)); } SECStatus GetOidFromString(PLArenaPool *arena, SECItem *to, const char *from, size_t fromLen) { SECStatus rv; SECOidTag tag; SECOidData *coid; /* try dotted form first */ rv = SEC_StringToOID(arena, to, from, fromLen); if (rv == SECSuccess) { return rv; } /* Check to see if it matches a name in our oid table. * SECOID_FindOIDByTag returns NULL if tag is out of bounds. */ tag = SEC_OID_UNKNOWN; coid = SECOID_FindOIDByTag(tag); for (; coid; coid = SECOID_FindOIDByTag(++tag)) { if (PORT_Strncasecmp(from, coid->desc, fromLen) == 0) { break; } } if (coid == NULL) { /* none found */ return SECFailure; } return SECITEM_CopyItem(arena, to, &coid->oid); } static SECStatus AddSubjectAltNames(PLArenaPool *arena, CERTGeneralName **existingListp, const char *constNames, CERTGeneralNameType type) { CERTGeneralName *nameList = NULL; CERTGeneralName *current = NULL; PRCList *prev = NULL; char *cp, *nextName = NULL; SECStatus rv = SECSuccess; PRBool readTypeFromName = (PRBool)(type == 0); char *names = NULL; if (constNames) names = PORT_Strdup(constNames); if (names == NULL) { return SECFailure; } /* * walk down the comma separated list of names. NOTE: there is * no sanity checks to see if the email address look like * email addresses. * * Each name may optionally be prefixed with a type: string. * If it isn't, the type from the previous name will be used. * If there wasn't a previous name yet, the type given * as a parameter to this function will be used. * If the type value is zero (undefined), we'll fail. */ for (cp = names; cp; cp = nextName) { int len; char *oidString; char *nextComma; CERTName *name; PRStatus status; unsigned char *data; PRNetAddr addr; nextName = NULL; if (*cp == ',') { cp++; } nextComma = PORT_Strchr(cp, ','); if (nextComma) { *nextComma = 0; nextName = nextComma + 1; } if ((*cp) == 0) { continue; } if (readTypeFromName) { char *save = cp; /* Because we already replaced nextComma with end-of-string, * a found colon belongs to the current name */ cp = PORT_Strchr(cp, ':'); if (cp) { *cp = 0; cp++; type = CERT_GetGeneralNameTypeFromString(save); if (*cp == 0) { continue; } } else { if (type == 0) { /* no type known yet */ rv = SECFailure; break; } cp = save; } } current = PORT_ArenaZNew(arena, CERTGeneralName); if (!current) { rv = SECFailure; break; } current->type = type; switch (type) { /* string types */ case certRFC822Name: case certDNSName: case certURI: current->name.other.data = (unsigned char *)PORT_ArenaStrdup(arena, cp); current->name.other.len = PORT_Strlen(cp); break; /* unformated data types */ case certX400Address: case certEDIPartyName: /* turn a string into a data and len */ rv = SECFailure; /* punt on these for now */ fprintf(stderr, "EDI Party Name and X.400 Address not supported\n"); break; case certDirectoryName: /* certDirectoryName */ name = CERT_AsciiToName(cp); if (name == NULL) { rv = SECFailure; fprintf(stderr, "Invalid Directory Name (\"%s\")\n", cp); break; } rv = CERT_CopyName(arena, ¤t->name.directoryName, name); CERT_DestroyName(name); break; /* types that require more processing */ case certIPAddress: /* convert the string to an ip address */ status = PR_StringToNetAddr(cp, &addr); if (status != PR_SUCCESS) { rv = SECFailure; fprintf(stderr, "Invalid IP Address (\"%s\")\n", cp); break; } if (PR_NetAddrFamily(&addr) == PR_AF_INET) { len = sizeof(addr.inet.ip); data = (unsigned char *)&addr.inet.ip; } else if (PR_NetAddrFamily(&addr) == PR_AF_INET6) { len = sizeof(addr.ipv6.ip); data = (unsigned char *)&addr.ipv6.ip; } else { fprintf(stderr, "Invalid IP Family\n"); rv = SECFailure; break; } current->name.other.data = PORT_ArenaAlloc(arena, len); if (current->name.other.data == NULL) { rv = SECFailure; break; } current->name.other.len = len; PORT_Memcpy(current->name.other.data, data, len); break; case certRegisterID: rv = GetOidFromString(arena, ¤t->name.other, cp, strlen(cp)); break; case certOtherName: oidString = cp; cp = PORT_Strchr(cp, ';'); if (cp == NULL) { rv = SECFailure; fprintf(stderr, "missing name in other name\n"); break; } *cp++ = 0; current->name.OthName.name.data = (unsigned char *)PORT_ArenaStrdup(arena, cp); if (current->name.OthName.name.data == NULL) { rv = SECFailure; break; } current->name.OthName.name.len = PORT_Strlen(cp); rv = GetOidFromString(arena, ¤t->name.OthName.oid, oidString, strlen(oidString)); break; default: rv = SECFailure; fprintf(stderr, "Missing or invalid Subject Alternate Name type\n"); break; } if (rv == SECFailure) { break; } if (prev) { current->l.prev = prev; prev->next = &(current->l); } else { nameList = current; } prev = &(current->l); } PORT_Free(names); /* at this point nameList points to the head of a doubly linked, * but not yet circular, list and current points to its tail. */ if (rv == SECSuccess && nameList) { if (*existingListp != NULL) { PRCList *existingprev; /* add nameList to the end of the existing list */ existingprev = (*existingListp)->l.prev; (*existingListp)->l.prev = &(current->l); nameList->l.prev = existingprev; existingprev->next = &(nameList->l); current->l.next = &((*existingListp)->l); } else { /* make nameList circular and set it as the new existingList */ nameList->l.prev = prev; current->l.next = &(nameList->l); *existingListp = nameList; } } return rv; } static SECStatus AddEmailSubjectAlt(PLArenaPool *arena, CERTGeneralName **existingListp, const char *emailAddrs) { return AddSubjectAltNames(arena, existingListp, emailAddrs, certRFC822Name); } static SECStatus AddDNSSubjectAlt(PLArenaPool *arena, CERTGeneralName **existingListp, const char *dnsNames) { return AddSubjectAltNames(arena, existingListp, dnsNames, certDNSName); } static SECStatus AddGeneralSubjectAlt(PLArenaPool *arena, CERTGeneralName **existingListp, const char *altNames) { return AddSubjectAltNames(arena, existingListp, altNames, 0); } static SECStatus AddBasicConstraint(PLArenaPool *arena, void *extHandle) { CERTBasicConstraints basicConstraint; SECStatus rv; char buffer[10]; PRBool yesNoAns; do { basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT; basicConstraint.isCA = GetYesNo("Is this a CA certificate [y/N]?"); buffer[0] = '\0'; if (PrintChoicesAndGetAnswer("Enter the path length constraint, " "enter to skip [<0 for unlimited path]:", buffer, sizeof(buffer)) == SECFailure) { GEN_BREAK(SECFailure); } if (PORT_Strlen(buffer) > 0) basicConstraint.pathLenConstraint = PORT_Atoi(buffer); yesNoAns = GetYesNo("Is this a critical extension [y/N]?"); rv = SECU_EncodeAndAddExtensionValue(arena, extHandle, &basicConstraint, yesNoAns, SEC_OID_X509_BASIC_CONSTRAINTS, (EXTEN_EXT_VALUE_ENCODER)CERT_EncodeBasicConstraintValue); } while (0); return (rv); } static SECStatus AddNameConstraints(void *extHandle) { PLArenaPool *arena = NULL; CERTNameConstraints *constraints = NULL; CERTNameConstraint *current = NULL; CERTNameConstraint *last_permited = NULL; CERTNameConstraint *last_excluded = NULL; SECStatus rv = SECSuccess; char buffer[512]; int intValue = 0; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena) { constraints = PORT_ArenaZNew(arena, CERTNameConstraints); } if (!arena || !constraints) { SECU_PrintError(progName, "out of memory"); PORT_FreeArena(arena, PR_FALSE); return SECFailure; } constraints->permited = constraints->excluded = NULL; do { current = PORT_ArenaZNew(arena, CERTNameConstraint); if (!current) { GEN_BREAK(SECFailure); } if (!GetGeneralName(arena, ¤t->name, PR_TRUE)) { GEN_BREAK(SECFailure); } if (PrintChoicesAndGetAnswer("Type of Name Constraint?\n" "\t1 - permitted\n\t2 - excluded\n\tAny" "other number to finish\n\tChoice", buffer, sizeof(buffer)) != SECSuccess) { GEN_BREAK(SECFailure); } intValue = PORT_Atoi(buffer); switch (intValue) { case 1: if (constraints->permited == NULL) { constraints->permited = last_permited = current; } last_permited->l.next = &(current->l); current->l.prev = &(last_permited->l); last_permited = current; break; case 2: if (constraints->excluded == NULL) { constraints->excluded = last_excluded = current; } last_excluded->l.next = &(current->l); current->l.prev = &(last_excluded->l); last_excluded = current; break; } PR_snprintf(buffer, sizeof(buffer), "Add another entry to the" " Name Constraint Extension [y/N]"); if (GetYesNo(buffer) == 0) { break; } } while (1); if (rv == SECSuccess) { int oidIdent = SEC_OID_X509_NAME_CONSTRAINTS; PRBool yesNoAns = GetYesNo("Is this a critical extension [y/N]?"); if (constraints->permited != NULL) { last_permited->l.next = &(constraints->permited->l); constraints->permited->l.prev = &(last_permited->l); } if (constraints->excluded != NULL) { last_excluded->l.next = &(constraints->excluded->l); constraints->excluded->l.prev = &(last_excluded->l); } rv = SECU_EncodeAndAddExtensionValue(arena, extHandle, constraints, yesNoAns, oidIdent, (EXTEN_EXT_VALUE_ENCODER)CERT_EncodeNameConstraintsExtension); } if (arena) PORT_FreeArena(arena, PR_FALSE); return (rv); } static SECStatus AddAuthKeyID(void *extHandle) { CERTAuthKeyID *authKeyID = NULL; PLArenaPool *arena = NULL; SECStatus rv = SECSuccess; PRBool yesNoAns; do { arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { SECU_PrintError(progName, "out of memory"); GEN_BREAK(SECFailure); } if (GetYesNo("Enter value for the authKeyID extension [y/N]?") == 0) break; authKeyID = PORT_ArenaZNew(arena, CERTAuthKeyID); if (authKeyID == NULL) { GEN_BREAK(SECFailure); } rv = GetString(arena, "Enter value for the key identifier fields," "enter to omit:", &authKeyID->keyID); if (rv != SECSuccess) break; SECU_SECItemHexStringToBinary(&authKeyID->keyID); authKeyID->authCertIssuer = CreateGeneralName(arena); if (authKeyID->authCertIssuer == NULL && SECFailure == PORT_GetError()) break; rv = GetString(arena, "Enter value for the authCertSerial field, " "enter to omit:", &authKeyID->authCertSerialNumber); yesNoAns = GetYesNo("Is this a critical extension [y/N]?"); rv = SECU_EncodeAndAddExtensionValue(arena, extHandle, authKeyID, yesNoAns, SEC_OID_X509_AUTH_KEY_ID, (EXTEN_EXT_VALUE_ENCODER)CERT_EncodeAuthKeyID); if (rv) break; } while (0); if (arena) PORT_FreeArena(arena, PR_FALSE); return (rv); } static SECStatus AddSubjKeyID(void *extHandle) { SECItem keyID; PLArenaPool *arena = NULL; SECStatus rv = SECSuccess; PRBool yesNoAns; do { arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { SECU_PrintError(progName, "out of memory"); GEN_BREAK(SECFailure); } printf("Adding Subject Key ID extension.\n"); rv = GetString(arena, "Enter value for the key identifier fields," "enter to omit:", &keyID); if (rv != SECSuccess) break; SECU_SECItemHexStringToBinary(&keyID); yesNoAns = GetYesNo("Is this a critical extension [y/N]?"); rv = SECU_EncodeAndAddExtensionValue(arena, extHandle, &keyID, yesNoAns, SEC_OID_X509_SUBJECT_KEY_ID, (EXTEN_EXT_VALUE_ENCODER)CERT_EncodeSubjectKeyID); if (rv) break; } while (0); if (arena) PORT_FreeArena(arena, PR_FALSE); return (rv); } static SECStatus AddCrlDistPoint(void *extHandle) { PLArenaPool *arena = NULL; CERTCrlDistributionPoints *crlDistPoints = NULL; CRLDistributionPoint *current; SECStatus rv = SECSuccess; int count = 0, intValue; char buffer[512]; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) return (SECFailure); do { current = NULL; current = PORT_ArenaZNew(arena, CRLDistributionPoint); if (current == NULL) { GEN_BREAK(SECFailure); } /* Get the distributionPointName fields - this field is optional */ if (PrintChoicesAndGetAnswer( "Enter the type of the distribution point name:\n" "\t1 - Full Name\n\t2 - Relative Name\n\tAny other " "number to finish\n\t\tChoice: ", buffer, sizeof(buffer)) == SECFailure) { GEN_BREAK(SECFailure); } intValue = PORT_Atoi(buffer); switch (intValue) { case generalName: current->distPointType = intValue; current->distPoint.fullName = CreateGeneralName(arena); rv = PORT_GetError(); break; case relativeDistinguishedName: { CERTName *name; current->distPointType = intValue; puts("Enter the relative name: "); fflush(stdout); if (Gets_s(buffer, sizeof(buffer)) == NULL) { GEN_BREAK(SECFailure); } /* For simplicity, use CERT_AsciiToName to converse from a string to NAME, but we only interest in the first RDN */ name = CERT_AsciiToName(buffer); if (!name) { GEN_BREAK(SECFailure); } rv = CERT_CopyRDN(arena, ¤t->distPoint.relativeName, name->rdns[0]); CERT_DestroyName(name); break; } } if (rv != SECSuccess) break; /* Get the reason flags */ if (PrintChoicesAndGetAnswer( "\nSelect one of the following for the reason flags\n" "\t0 - unused\n\t1 - keyCompromise\n" "\t2 - caCompromise\n\t3 - affiliationChanged\n" "\t4 - superseded\n\t5 - cessationOfOperation\n" "\t6 - certificateHold\n" "\tAny other number to finish\t\tChoice: ", buffer, sizeof(buffer)) == SECFailure) { GEN_BREAK(SECFailure); } intValue = PORT_Atoi(buffer); if (intValue == 0) { /* Checking that zero value of variable 'value' * corresponds to '0' input made by user */ char *chPtr = strchr(buffer, '0'); if (chPtr == NULL) { intValue = -1; } } if (intValue >= 0 && intValue < 8) { current->reasons.data = PORT_ArenaAlloc(arena, sizeof(char)); if (current->reasons.data == NULL) { GEN_BREAK(SECFailure); } *current->reasons.data = (char)(0x80 >> intValue); current->reasons.len = 1; } puts("Enter value for the CRL Issuer name:\n"); current->crlIssuer = CreateGeneralName(arena); if (current->crlIssuer == NULL && (rv = PORT_GetError()) == SECFailure) break; if (crlDistPoints == NULL) { crlDistPoints = PORT_ArenaZNew(arena, CERTCrlDistributionPoints); if (crlDistPoints == NULL) { GEN_BREAK(SECFailure); } } if (crlDistPoints->distPoints) { crlDistPoints->distPoints = PORT_ArenaGrow(arena, crlDistPoints->distPoints, sizeof(*crlDistPoints->distPoints) * count, sizeof(*crlDistPoints->distPoints) * (count + 1)); } else { crlDistPoints->distPoints = PORT_ArenaZAlloc(arena, sizeof(*crlDistPoints->distPoints) * (count + 1)); } if (crlDistPoints->distPoints == NULL) { GEN_BREAK(SECFailure); } crlDistPoints->distPoints[count] = current; ++count; if (GetYesNo("Enter another value for the CRLDistributionPoint " "extension [y/N]?") == 0) { /* Add null to the end to mark end of data */ crlDistPoints->distPoints = PORT_ArenaGrow(arena, crlDistPoints->distPoints, sizeof(*crlDistPoints->distPoints) * count, sizeof(*crlDistPoints->distPoints) * (count + 1)); crlDistPoints->distPoints[count] = NULL; break; } } while (1); if (rv == SECSuccess) { PRBool yesNoAns = GetYesNo("Is this a critical extension [y/N]?"); rv = SECU_EncodeAndAddExtensionValue(arena, extHandle, crlDistPoints, yesNoAns, SEC_OID_X509_CRL_DIST_POINTS, (EXTEN_EXT_VALUE_ENCODER)CERT_EncodeCRLDistributionPoints); } if (arena) PORT_FreeArena(arena, PR_FALSE); return (rv); } static SECStatus AddPolicyConstraints(void *extHandle) { CERTCertificatePolicyConstraints *policyConstr; PLArenaPool *arena = NULL; SECStatus rv = SECSuccess; SECItem *item, *dummy; char buffer[512]; int value; PRBool yesNoAns; PRBool skipExt = PR_TRUE; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { SECU_PrintError(progName, "out of memory"); return SECFailure; } policyConstr = PORT_ArenaZNew(arena, CERTCertificatePolicyConstraints); if (policyConstr == NULL) { SECU_PrintError(progName, "out of memory"); goto loser; } if (PrintChoicesAndGetAnswer("for requireExplicitPolicy enter the number " "of certs in path\nbefore explicit policy is required\n" "(press Enter to omit)", buffer, sizeof(buffer)) == SECFailure) { goto loser; } if (PORT_Strlen(buffer)) { value = PORT_Atoi(buffer); if (value < 0) { goto loser; } item = &policyConstr->explicitPolicySkipCerts; dummy = SEC_ASN1EncodeInteger(arena, item, value); if (!dummy) { goto loser; } skipExt = PR_FALSE; } if (PrintChoicesAndGetAnswer("for inihibitPolicyMapping enter " "the number of certs in path\n" "after which policy mapping is not allowed\n" "(press Enter to omit)", buffer, sizeof(buffer)) == SECFailure) { goto loser; } if (PORT_Strlen(buffer)) { value = PORT_Atoi(buffer); if (value < 0) { goto loser; } item = &policyConstr->inhibitMappingSkipCerts; dummy = SEC_ASN1EncodeInteger(arena, item, value); if (!dummy) { goto loser; } skipExt = PR_FALSE; } if (!skipExt) { yesNoAns = GetYesNo("Is this a critical extension [y/N]?"); rv = SECU_EncodeAndAddExtensionValue(arena, extHandle, policyConstr, yesNoAns, SEC_OID_X509_POLICY_CONSTRAINTS, (EXTEN_EXT_VALUE_ENCODER)CERT_EncodePolicyConstraintsExtension); } else { fprintf(stdout, "Policy Constraint extensions must contain " "at least one policy field\n"); rv = SECFailure; } loser: if (arena) { PORT_FreeArena(arena, PR_FALSE); } return (rv); } static SECStatus AddInhibitAnyPolicy(void *extHandle) { CERTCertificateInhibitAny certInhibitAny; PLArenaPool *arena = NULL; SECStatus rv = SECSuccess; SECItem *item, *dummy; char buffer[10]; int value; PRBool yesNoAns; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { SECU_PrintError(progName, "out of memory"); return SECFailure; } if (PrintChoicesAndGetAnswer("Enter the number of certs in the path " "permitted to use anyPolicy.\n" "(press Enter for 0)", buffer, sizeof(buffer)) == SECFailure) { goto loser; } item = &certInhibitAny.inhibitAnySkipCerts; value = PORT_Atoi(buffer); if (value < 0) { goto loser; } dummy = SEC_ASN1EncodeInteger(arena, item, value); if (!dummy) { goto loser; } yesNoAns = GetYesNo("Is this a critical extension [y/N]?"); rv = SECU_EncodeAndAddExtensionValue(arena, extHandle, &certInhibitAny, yesNoAns, SEC_OID_X509_INHIBIT_ANY_POLICY, (EXTEN_EXT_VALUE_ENCODER)CERT_EncodeInhibitAnyExtension); loser: if (arena) { PORT_FreeArena(arena, PR_FALSE); } return (rv); } static SECStatus AddPolicyMappings(void *extHandle) { CERTPolicyMap **policyMapArr = NULL; CERTPolicyMap *current; PLArenaPool *arena = NULL; SECStatus rv = SECSuccess; int count = 0; char buffer[512]; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { SECU_PrintError(progName, "out of memory"); return SECFailure; } do { if (PrintChoicesAndGetAnswer("Enter an Object Identifier (dotted " "decimal format) for Issuer Domain Policy", buffer, sizeof(buffer)) == SECFailure) { GEN_BREAK(SECFailure); } current = PORT_ArenaZNew(arena, CERTPolicyMap); if (current == NULL) { GEN_BREAK(SECFailure); } rv = SEC_StringToOID(arena, ¤t->issuerDomainPolicy, buffer, 0); if (rv == SECFailure) { GEN_BREAK(SECFailure); } if (PrintChoicesAndGetAnswer("Enter an Object Identifier for " "Subject Domain Policy", buffer, sizeof(buffer)) == SECFailure) { GEN_BREAK(SECFailure); } rv = SEC_StringToOID(arena, ¤t->subjectDomainPolicy, buffer, 0); if (rv == SECFailure) { GEN_BREAK(SECFailure); } if (policyMapArr == NULL) { policyMapArr = PORT_ArenaZNew(arena, CERTPolicyMap *); if (policyMapArr == NULL) { GEN_BREAK(SECFailure); } } policyMapArr = PORT_ArenaGrow(arena, policyMapArr, sizeof(current) * count, sizeof(current) * (count + 1)); if (policyMapArr == NULL) { GEN_BREAK(SECFailure); } policyMapArr[count] = current; ++count; if (!GetYesNo("Enter another Policy Mapping [y/N]")) { /* Add null to the end to mark end of data */ policyMapArr = PORT_ArenaGrow(arena, policyMapArr, sizeof(current) * count, sizeof(current) * (count + 1)); if (policyMapArr == NULL) { GEN_BREAK(SECFailure); } policyMapArr[count] = NULL; break; } } while (1); if (rv == SECSuccess) { CERTCertificatePolicyMappings mappings; PRBool yesNoAns = GetYesNo("Is this a critical extension [y/N]?"); mappings.arena = arena; mappings.policyMaps = policyMapArr; rv = SECU_EncodeAndAddExtensionValue(arena, extHandle, &mappings, yesNoAns, SEC_OID_X509_POLICY_MAPPINGS, (EXTEN_EXT_VALUE_ENCODER)CERT_EncodePolicyMappingExtension); } if (arena) PORT_FreeArena(arena, PR_FALSE); return (rv); } enum PoliciQualifierEnum { cpsPointer = 1, userNotice = 2 }; static CERTPolicyQualifier ** RequestPolicyQualifiers(PLArenaPool *arena, SECItem *policyID) { CERTPolicyQualifier **policyQualifArr = NULL; CERTPolicyQualifier *current; SECStatus rv = SECSuccess; int count = 0; char buffer[512]; void *mark; SECOidData *oid = NULL; int intValue = 0; int inCount = 0; PORT_Assert(arena); mark = PORT_ArenaMark(arena); do { current = PORT_ArenaZNew(arena, CERTPolicyQualifier); if (current == NULL) { GEN_BREAK(SECFailure); } /* Get the accessMethod fields */ SECU_PrintObjectID(stdout, policyID, "Choose the type of qualifier for policy", 0); if (PrintChoicesAndGetAnswer( "\t1 - CPS Pointer qualifier\n" "\t2 - User notice qualifier\n" "\tAny other number to finish\n" "\t\tChoice: ", buffer, sizeof(buffer)) == SECFailure) { GEN_BREAK(SECFailure); } intValue = PORT_Atoi(buffer); switch (intValue) { case cpsPointer: { SECItem input; oid = SECOID_FindOIDByTag(SEC_OID_PKIX_CPS_POINTER_QUALIFIER); if (PrintChoicesAndGetAnswer("Enter CPS pointer URI: ", buffer, sizeof(buffer)) == SECFailure) { GEN_BREAK(SECFailure); } input.len = PORT_Strlen(buffer); input.data = (void *)PORT_ArenaStrdup(arena, buffer); if (input.data == NULL || SEC_ASN1EncodeItem(arena, ¤t->qualifierValue, &input, SEC_ASN1_GET(SEC_IA5StringTemplate)) == NULL) { GEN_BREAK(SECFailure); } break; } case userNotice: { SECItem **noticeNumArr; CERTUserNotice *notice = PORT_ArenaZNew(arena, CERTUserNotice); if (!notice) { GEN_BREAK(SECFailure); } oid = SECOID_FindOIDByTag(SEC_OID_PKIX_USER_NOTICE_QUALIFIER); if (GetYesNo("\t add a User Notice reference? [y/N]")) { if (PrintChoicesAndGetAnswer("Enter user organization string: ", buffer, sizeof(buffer)) == SECFailure) { GEN_BREAK(SECFailure); } notice->noticeReference.organization.type = siAsciiString; notice->noticeReference.organization.len = PORT_Strlen(buffer); notice->noticeReference.organization.data = (void *)PORT_ArenaStrdup(arena, buffer); noticeNumArr = PORT_ArenaZNewArray(arena, SECItem *, 2); if (!noticeNumArr) { GEN_BREAK(SECFailure); } do { SECItem *noticeNum; noticeNum = PORT_ArenaZNew(arena, SECItem); if (PrintChoicesAndGetAnswer( "Enter User Notice reference number " "(or -1 to quit): ", buffer, sizeof(buffer)) == SECFailure) { GEN_BREAK(SECFailure); } intValue = PORT_Atoi(buffer); if (noticeNum == NULL) { if (intValue < 0) { fprintf(stdout, "a noticeReference must have at " "least one reference number\n"); GEN_BREAK(SECFailure); } } else { if (intValue >= 0) { noticeNumArr = PORT_ArenaGrow(arena, noticeNumArr, sizeof(current) * inCount, sizeof(current) * (inCount + 1)); if (noticeNumArr == NULL) { GEN_BREAK(SECFailure); } } else { break; } } if (!SEC_ASN1EncodeInteger(arena, noticeNum, intValue)) { GEN_BREAK(SECFailure); } noticeNumArr[inCount++] = noticeNum; noticeNumArr[inCount] = NULL; } while (1); if (rv == SECFailure) { GEN_BREAK(SECFailure); } notice->noticeReference.noticeNumbers = noticeNumArr; rv = CERT_EncodeNoticeReference(arena, ¬ice->noticeReference, ¬ice->derNoticeReference); if (rv == SECFailure) { GEN_BREAK(SECFailure); } } if (GetYesNo("\t EnterUser Notice explicit text? [y/N]")) { /* Getting only 200 bytes - RFC limitation */ if (PrintChoicesAndGetAnswer( "\t", buffer, 200) == SECFailure) { GEN_BREAK(SECFailure); } notice->displayText.type = siAsciiString; notice->displayText.len = PORT_Strlen(buffer); notice->displayText.data = (void *)PORT_ArenaStrdup(arena, buffer); if (notice->displayText.data == NULL) { GEN_BREAK(SECFailure); } } rv = CERT_EncodeUserNotice(arena, notice, ¤t->qualifierValue); if (rv == SECFailure) { GEN_BREAK(SECFailure); } break; } } if (rv == SECFailure || oid == NULL || SECITEM_CopyItem(arena, ¤t->qualifierID, &oid->oid) == SECFailure) { GEN_BREAK(SECFailure); } if (!policyQualifArr) { policyQualifArr = PORT_ArenaZNew(arena, CERTPolicyQualifier *); } else { policyQualifArr = PORT_ArenaGrow(arena, policyQualifArr, sizeof(current) * count, sizeof(current) * (count + 1)); } if (policyQualifArr == NULL) { GEN_BREAK(SECFailure); } policyQualifArr[count] = current; ++count; if (!GetYesNo("Enter another policy qualifier [y/N]")) { /* Add null to the end to mark end of data */ policyQualifArr = PORT_ArenaGrow(arena, policyQualifArr, sizeof(current) * count, sizeof(current) * (count + 1)); if (policyQualifArr == NULL) { GEN_BREAK(SECFailure); } policyQualifArr[count] = NULL; break; } } while (1); if (rv != SECSuccess) { PORT_ArenaRelease(arena, mark); policyQualifArr = NULL; } return (policyQualifArr); } static SECStatus AddCertPolicies(void *extHandle) { CERTPolicyInfo **certPoliciesArr = NULL; CERTPolicyInfo *current; PLArenaPool *arena = NULL; SECStatus rv = SECSuccess; int count = 0; char buffer[512]; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { SECU_PrintError(progName, "out of memory"); return SECFailure; } do { current = PORT_ArenaZNew(arena, CERTPolicyInfo); if (current == NULL) { GEN_BREAK(SECFailure); } if (PrintChoicesAndGetAnswer("Enter a CertPolicy Object Identifier " "(dotted decimal format)\n" "or \"any\" for AnyPolicy:", buffer, sizeof(buffer)) == SECFailure) { GEN_BREAK(SECFailure); } if (strncmp(buffer, "any", 3) == 0) { /* use string version of X509_CERTIFICATE_POLICIES.anyPolicy */ strcpy(buffer, "OID.2.5.29.32.0"); } rv = SEC_StringToOID(arena, ¤t->policyID, buffer, 0); if (rv == SECFailure) { GEN_BREAK(SECFailure); } current->policyQualifiers = RequestPolicyQualifiers(arena, ¤t->policyID); if (!certPoliciesArr) { certPoliciesArr = PORT_ArenaZNew(arena, CERTPolicyInfo *); } else { certPoliciesArr = PORT_ArenaGrow(arena, certPoliciesArr, sizeof(current) * count, sizeof(current) * (count + 1)); } if (certPoliciesArr == NULL) { GEN_BREAK(SECFailure); } certPoliciesArr[count] = current; ++count; if (!GetYesNo("Enter another PolicyInformation field [y/N]?")) { /* Add null to the end to mark end of data */ certPoliciesArr = PORT_ArenaGrow(arena, certPoliciesArr, sizeof(current) * count, sizeof(current) * (count + 1)); if (certPoliciesArr == NULL) { GEN_BREAK(SECFailure); } certPoliciesArr[count] = NULL; break; } } while (1); if (rv == SECSuccess) { CERTCertificatePolicies policies; PRBool yesNoAns = GetYesNo("Is this a critical extension [y/N]?"); policies.arena = arena; policies.policyInfos = certPoliciesArr; rv = SECU_EncodeAndAddExtensionValue(arena, extHandle, &policies, yesNoAns, SEC_OID_X509_CERTIFICATE_POLICIES, (EXTEN_EXT_VALUE_ENCODER)CERT_EncodeCertPoliciesExtension); } if (arena) PORT_FreeArena(arena, PR_FALSE); return (rv); } enum AuthInfoAccessTypesEnum { caIssuers = 1, ocsp = 2 }; enum SubjInfoAccessTypesEnum { caRepository = 1, timeStamping = 2 }; /* Encode and add an AIA or SIA extension */ static SECStatus AddInfoAccess(void *extHandle, PRBool addSIAExt, PRBool isCACert) { CERTAuthInfoAccess **infoAccArr = NULL; CERTAuthInfoAccess *current; PLArenaPool *arena = NULL; SECStatus rv = SECSuccess; int count = 0; char buffer[512]; SECOidData *oid = NULL; int intValue = 0; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { SECU_PrintError(progName, "out of memory"); return SECFailure; } do { current = NULL; current = PORT_ArenaZNew(arena, CERTAuthInfoAccess); if (current == NULL) { GEN_BREAK(SECFailure); } /* Get the accessMethod fields */ if (addSIAExt) { if (isCACert) { puts("Adding \"CA Repository\" access method type for " "Subject Information Access extension:\n"); intValue = caRepository; } else { puts("Adding \"Time Stamping Services\" access method type for " "Subject Information Access extension:\n"); intValue = timeStamping; } } else { if (PrintChoicesAndGetAnswer("Enter access method type " "for Authority Information Access extension:\n" "\t1 - CA Issuers\n\t2 - OCSP\n\tAny" "other number to finish\n\tChoice", buffer, sizeof(buffer)) != SECSuccess) { GEN_BREAK(SECFailure); } intValue = PORT_Atoi(buffer); } if (addSIAExt) { switch (intValue) { case caRepository: oid = SECOID_FindOIDByTag(SEC_OID_PKIX_CA_REPOSITORY); break; case timeStamping: oid = SECOID_FindOIDByTag(SEC_OID_PKIX_TIMESTAMPING); break; } } else { switch (intValue) { case caIssuers: oid = SECOID_FindOIDByTag(SEC_OID_PKIX_CA_ISSUERS); break; case ocsp: oid = SECOID_FindOIDByTag(SEC_OID_PKIX_OCSP); break; } } if (oid == NULL || SECITEM_CopyItem(arena, ¤t->method, &oid->oid) == SECFailure) { GEN_BREAK(SECFailure); } current->location = CreateGeneralName(arena); if (!current->location) { GEN_BREAK(SECFailure); } if (infoAccArr == NULL) { infoAccArr = PORT_ArenaZNew(arena, CERTAuthInfoAccess *); } else { infoAccArr = PORT_ArenaGrow(arena, infoAccArr, sizeof(current) * count, sizeof(current) * (count + 1)); } if (infoAccArr == NULL) { GEN_BREAK(SECFailure); } infoAccArr[count] = current; ++count; PR_snprintf(buffer, sizeof(buffer), "Add another location to the %s" " Information Access extension [y/N]", (addSIAExt) ? "Subject" : "Authority"); if (GetYesNo(buffer) == 0) { /* Add null to the end to mark end of data */ infoAccArr = PORT_ArenaGrow(arena, infoAccArr, sizeof(current) * count, sizeof(current) * (count + 1)); if (infoAccArr == NULL) { GEN_BREAK(SECFailure); } infoAccArr[count] = NULL; break; } } while (1); if (rv == SECSuccess) { int oidIdent = SEC_OID_X509_AUTH_INFO_ACCESS; PRBool yesNoAns = GetYesNo("Is this a critical extension [y/N]?"); if (addSIAExt) { oidIdent = SEC_OID_X509_SUBJECT_INFO_ACCESS; } rv = SECU_EncodeAndAddExtensionValue(arena, extHandle, infoAccArr, yesNoAns, oidIdent, (EXTEN_EXT_VALUE_ENCODER)CERT_EncodeInfoAccessExtension); } if (arena) PORT_FreeArena(arena, PR_FALSE); return (rv); } /* Example of valid input: * 1.2.3.4:critical:/tmp/abc,5.6.7.8:not-critical:/tmp/xyz */ static SECStatus parseNextGenericExt(const char *nextExtension, const char **oid, int *oidLen, const char **crit, int *critLen, const char **filename, int *filenameLen, const char **next) { const char *nextColon; const char *nextComma; const char *iter = nextExtension; if (!iter || !*iter) return SECFailure; /* Require colons at earlier positions than nextComma (or end of string ) */ nextComma = strchr(iter, ','); *oid = iter; nextColon = strchr(iter, ':'); if (!nextColon || (nextComma && nextColon > nextComma)) return SECFailure; *oidLen = (nextColon - *oid); if (!*oidLen) return SECFailure; iter = nextColon; ++iter; *crit = iter; nextColon = strchr(iter, ':'); if (!nextColon || (nextComma && nextColon > nextComma)) return SECFailure; *critLen = (nextColon - *crit); if (!*critLen) return SECFailure; iter = nextColon; ++iter; *filename = iter; if (nextComma) { *filenameLen = (nextComma - *filename); iter = nextComma; ++iter; *next = iter; } else { *filenameLen = strlen(*filename); *next = NULL; } if (!*filenameLen) return SECFailure; return SECSuccess; } SECStatus AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames, certutilExtnList extList, const char *extGeneric) { PLArenaPool *arena; SECStatus rv = SECSuccess; char *errstring = NULL; const char *nextExtension = NULL; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { return SECFailure; } do { /* Add key usage extension */ if (extList[ext_keyUsage].activated) { rv = AddKeyUsage(extHandle, extList[ext_keyUsage].arg); if (rv) { errstring = "KeyUsage"; break; } } /* Add extended key usage extension */ if (extList[ext_extKeyUsage].activated) { rv = AddExtKeyUsage(extHandle, extList[ext_extKeyUsage].arg); if (rv) { errstring = "ExtendedKeyUsage"; break; } } /* Add basic constraint extension */ if (extList[ext_basicConstraint].activated) { rv = AddBasicConstraint(arena, extHandle); if (rv) { errstring = "BasicConstraint"; break; } } /* Add name constraints extension */ if (extList[ext_nameConstraints].activated) { rv = AddNameConstraints(extHandle); if (rv) { errstring = "NameConstraints"; break; } } if (extList[ext_authorityKeyID].activated) { rv = AddAuthKeyID(extHandle); if (rv) { errstring = "AuthorityKeyID"; break; } } if (extList[ext_subjectKeyID].activated) { rv = AddSubjKeyID(extHandle); if (rv) { errstring = "SubjectKeyID"; break; } } if (extList[ext_CRLDistPts].activated) { rv = AddCrlDistPoint(extHandle); if (rv) { errstring = "CRLDistPoints"; break; } } if (extList[ext_NSCertType].activated) { rv = AddNscpCertType(extHandle, extList[ext_NSCertType].arg); if (rv) { errstring = "NSCertType"; break; } } if (extList[ext_authInfoAcc].activated || extList[ext_subjInfoAcc].activated) { rv = AddInfoAccess(extHandle, extList[ext_subjInfoAcc].activated, extList[ext_basicConstraint].activated); if (rv) { errstring = "InformationAccess"; break; } } if (extList[ext_certPolicies].activated) { rv = AddCertPolicies(extHandle); if (rv) { errstring = "Policies"; break; } } if (extList[ext_policyMappings].activated) { rv = AddPolicyMappings(extHandle); if (rv) { errstring = "PolicyMappings"; break; } } if (extList[ext_policyConstr].activated) { rv = AddPolicyConstraints(extHandle); if (rv) { errstring = "PolicyConstraints"; break; } } if (extList[ext_inhibitAnyPolicy].activated) { rv = AddInhibitAnyPolicy(extHandle); if (rv) { errstring = "InhibitAnyPolicy"; break; } } if (emailAddrs || dnsNames || extList[ext_subjectAltName].activated) { CERTGeneralName *namelist = NULL; SECItem item = { 0, NULL, 0 }; rv = SECSuccess; if (emailAddrs) { rv |= AddEmailSubjectAlt(arena, &namelist, emailAddrs); } if (dnsNames) { rv |= AddDNSSubjectAlt(arena, &namelist, dnsNames); } if (extList[ext_subjectAltName].activated) { rv |= AddGeneralSubjectAlt(arena, &namelist, extList[ext_subjectAltName].arg); } if (rv == SECSuccess) { rv = CERT_EncodeAltNameExtension(arena, namelist, &item); if (rv == SECSuccess) { rv = CERT_AddExtension(extHandle, SEC_OID_X509_SUBJECT_ALT_NAME, &item, PR_FALSE, PR_TRUE); } } if (rv) { errstring = "SubjectAltName"; break; } } } while (0); PORT_FreeArena(arena, PR_FALSE); if (rv != SECSuccess) { SECU_PrintError(progName, "Problem creating %s extension", errstring); } nextExtension = extGeneric; while (nextExtension && *nextExtension) { SECItem oid_item, value; PRBool isCritical; const char *oid, *crit, *filename, *next; int oidLen, critLen, filenameLen; PRFileDesc *inFile = NULL; char *zeroTerminatedFilename = NULL; rv = parseNextGenericExt(nextExtension, &oid, &oidLen, &crit, &critLen, &filename, &filenameLen, &next); if (rv != SECSuccess) { SECU_PrintError(progName, "error parsing generic extension parameter %s", nextExtension); break; } oid_item.data = NULL; oid_item.len = 0; rv = GetOidFromString(NULL, &oid_item, oid, oidLen); if (rv != SECSuccess) { SECU_PrintError(progName, "malformed extension OID %s", nextExtension); break; } if (!strncmp("critical", crit, critLen)) { isCritical = PR_TRUE; } else if (!strncmp("not-critical", crit, critLen)) { isCritical = PR_FALSE; } else { rv = SECFailure; SECU_PrintError(progName, "expected 'critical' or 'not-critical'"); break; } zeroTerminatedFilename = PL_strndup(filename, filenameLen); if (!zeroTerminatedFilename) { rv = SECFailure; SECU_PrintError(progName, "out of memory"); break; } rv = SECFailure; inFile = PR_Open(zeroTerminatedFilename, PR_RDONLY, 0); if (inFile) { rv = SECU_ReadDERFromFile(&value, inFile, PR_FALSE, PR_FALSE); PR_Close(inFile); inFile = NULL; } if (rv != SECSuccess) { SECU_PrintError(progName, "unable to read file %s", zeroTerminatedFilename); } PL_strfree(zeroTerminatedFilename); if (rv != SECSuccess) { break; } rv = CERT_AddExtensionByOID(extHandle, &oid_item, &value, isCritical, PR_TRUE /*copyData*/); SECITEM_FreeItem(&value, PR_FALSE); SECITEM_FreeItem(&oid_item, PR_FALSE); if (rv != SECSuccess) { SECU_PrintError(progName, "failed to add extension %s", nextExtension); break; } nextExtension = next; } return rv; } nss-3.35/nss/cmd/certutil/certutil.c0000644000000000000000000042246313230126417015607 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* ** certutil.c ** ** utility for managing certificates and the cert database ** */ #include #include #include #if defined(WIN32) #include "fcntl.h" #include "io.h" #endif #include "secutil.h" #if defined(XP_UNIX) #include #endif #include "nspr.h" #include "prtypes.h" #include "prtime.h" #include "prlong.h" #include "pk11func.h" #include "secasn1.h" #include "cert.h" #include "cryptohi.h" #include "secoid.h" #include "certdb.h" #include "nss.h" #include "certutil.h" #define MIN_KEY_BITS 512 /* MAX_KEY_BITS should agree with MAX_RSA_MODULUS in freebl */ #define MAX_KEY_BITS 8192 #define DEFAULT_KEY_BITS 2048 #define GEN_BREAK(e) \ rv = e; \ break; char *progName; static CERTCertificateRequest * GetCertRequest(const SECItem *reqDER, void *pwarg) { CERTCertificateRequest *certReq = NULL; CERTSignedData signedData; PLArenaPool *arena = NULL; SECStatus rv; do { arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { GEN_BREAK(SECFailure); } certReq = (CERTCertificateRequest *)PORT_ArenaZAlloc(arena, sizeof(CERTCertificateRequest)); if (!certReq) { GEN_BREAK(SECFailure); } certReq->arena = arena; /* Since cert request is a signed data, must decode to get the inner data */ PORT_Memset(&signedData, 0, sizeof(signedData)); rv = SEC_ASN1DecodeItem(arena, &signedData, SEC_ASN1_GET(CERT_SignedDataTemplate), reqDER); if (rv) { break; } rv = SEC_ASN1DecodeItem(arena, certReq, SEC_ASN1_GET(CERT_CertificateRequestTemplate), &signedData.data); if (rv) { break; } rv = CERT_VerifySignedDataWithPublicKeyInfo(&signedData, &certReq->subjectPublicKeyInfo, pwarg); } while (0); if (rv) { SECU_PrintError(progName, "bad certificate request\n"); if (arena) { PORT_FreeArena(arena, PR_FALSE); } certReq = NULL; } return certReq; } static SECStatus AddCert(PK11SlotInfo *slot, CERTCertDBHandle *handle, char *name, char *trusts, const SECItem *certDER, PRBool emailcert, void *pwdata) { CERTCertTrust *trust = NULL; CERTCertificate *cert = NULL; SECStatus rv; do { /* Read in an ASCII cert and return a CERTCertificate */ cert = CERT_DecodeCertFromPackage((char *)certDER->data, certDER->len); if (!cert) { SECU_PrintError(progName, "could not decode certificate"); GEN_BREAK(SECFailure); } /* Create a cert trust */ trust = (CERTCertTrust *)PORT_ZAlloc(sizeof(CERTCertTrust)); if (!trust) { SECU_PrintError(progName, "unable to allocate cert trust"); GEN_BREAK(SECFailure); } rv = CERT_DecodeTrustString(trust, trusts); if (rv) { SECU_PrintError(progName, "unable to decode trust string"); GEN_BREAK(SECFailure); } rv = PK11_ImportCert(slot, cert, CK_INVALID_HANDLE, name, PR_FALSE); if (rv != SECSuccess) { /* sigh, PK11_Import Cert and CERT_ChangeCertTrust should have * been coded to take a password arg. */ if (PORT_GetError() == SEC_ERROR_TOKEN_NOT_LOGGED_IN) { rv = PK11_Authenticate(slot, PR_TRUE, pwdata); if (rv != SECSuccess) { SECU_PrintError(progName, "could not authenticate to token %s.", PK11_GetTokenName(slot)); GEN_BREAK(SECFailure); } rv = PK11_ImportCert(slot, cert, CK_INVALID_HANDLE, name, PR_FALSE); } if (rv != SECSuccess) { SECU_PrintError(progName, "could not add certificate to token or database"); GEN_BREAK(SECFailure); } } rv = CERT_ChangeCertTrust(handle, cert, trust); if (rv != SECSuccess) { if (PORT_GetError() == SEC_ERROR_TOKEN_NOT_LOGGED_IN) { rv = PK11_Authenticate(slot, PR_TRUE, pwdata); if (rv != SECSuccess) { SECU_PrintError(progName, "could not authenticate to token %s.", PK11_GetTokenName(slot)); GEN_BREAK(SECFailure); } rv = CERT_ChangeCertTrust(handle, cert, trust); } if (rv != SECSuccess) { SECU_PrintError(progName, "could not change trust on certificate"); GEN_BREAK(SECFailure); } } if (emailcert) { CERT_SaveSMimeProfile(cert, NULL, pwdata); } } while (0); CERT_DestroyCertificate(cert); PORT_Free(trust); return rv; } static SECStatus CertReq(SECKEYPrivateKey *privk, SECKEYPublicKey *pubk, KeyType keyType, SECOidTag hashAlgTag, CERTName *subject, const char *phone, int ascii, const char *emailAddrs, const char *dnsNames, certutilExtnList extnList, const char *extGeneric, PRBool pssCertificate, /*out*/ SECItem *result) { CERTSubjectPublicKeyInfo *spki; CERTCertificateRequest *cr; SECItem *encoding; SECOidTag signAlgTag; SECStatus rv; PLArenaPool *arena; void *extHandle; SECItem signedReq = { siBuffer, NULL, 0 }; SECAlgorithmID signAlg; SECItem *params = NULL; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { SECU_PrintError(progName, "out of memory"); return SECFailure; } /* Create info about public key */ spki = SECKEY_CreateSubjectPublicKeyInfo(pubk); if (!spki) { PORT_FreeArena(arena, PR_FALSE); SECU_PrintError(progName, "unable to create subject public key"); return SECFailure; } /* Change cert type to RSA-PSS, if desired. */ if (pssCertificate) { params = SEC_CreateSignatureAlgorithmParameters(arena, NULL, SEC_OID_PKCS1_RSA_PSS_SIGNATURE, hashAlgTag, NULL, privk); if (!params) { PORT_FreeArena(arena, PR_FALSE); SECKEY_DestroySubjectPublicKeyInfo(spki); SECU_PrintError(progName, "unable to create RSA-PSS parameters"); return SECFailure; } spki->algorithm.parameters.data = NULL; rv = SECOID_SetAlgorithmID(arena, &spki->algorithm, SEC_OID_PKCS1_RSA_PSS_SIGNATURE, hashAlgTag == SEC_OID_UNKNOWN ? NULL : params); if (rv != SECSuccess) { PORT_FreeArena(arena, PR_FALSE); SECKEY_DestroySubjectPublicKeyInfo(spki); SECU_PrintError(progName, "unable to set algorithm ID"); return SECFailure; } } /* Generate certificate request */ cr = CERT_CreateCertificateRequest(subject, spki, NULL); SECKEY_DestroySubjectPublicKeyInfo(spki); if (!cr) { PORT_FreeArena(arena, PR_FALSE); SECU_PrintError(progName, "unable to make certificate request"); return SECFailure; } extHandle = CERT_StartCertificateRequestAttributes(cr); if (extHandle == NULL) { PORT_FreeArena(arena, PR_FALSE); CERT_DestroyCertificateRequest(cr); return SECFailure; } if (AddExtensions(extHandle, emailAddrs, dnsNames, extnList, extGeneric) != SECSuccess) { PORT_FreeArena(arena, PR_FALSE); CERT_FinishExtensions(extHandle); CERT_DestroyCertificateRequest(cr); return SECFailure; } CERT_FinishExtensions(extHandle); CERT_FinishCertificateRequestAttributes(cr); /* Der encode the request */ encoding = SEC_ASN1EncodeItem(arena, NULL, cr, SEC_ASN1_GET(CERT_CertificateRequestTemplate)); CERT_DestroyCertificateRequest(cr); if (encoding == NULL) { PORT_FreeArena(arena, PR_FALSE); SECU_PrintError(progName, "der encoding of request failed"); return SECFailure; } PORT_Memset(&signAlg, 0, sizeof(signAlg)); if (pssCertificate) { rv = SECOID_SetAlgorithmID(arena, &signAlg, SEC_OID_PKCS1_RSA_PSS_SIGNATURE, params); if (rv != SECSuccess) { PORT_FreeArena(arena, PR_FALSE); SECU_PrintError(progName, "unable to set algorithm ID"); return SECFailure; } } else { signAlgTag = SEC_GetSignatureAlgorithmOidTag(keyType, hashAlgTag); if (signAlgTag == SEC_OID_UNKNOWN) { PORT_FreeArena(arena, PR_FALSE); SECU_PrintError(progName, "unknown Key or Hash type"); return SECFailure; } rv = SECOID_SetAlgorithmID(arena, &signAlg, signAlgTag, 0); if (rv != SECSuccess) { PORT_FreeArena(arena, PR_FALSE); SECU_PrintError(progName, "unable to set algorithm ID"); return SECFailure; } } /* Sign the request */ rv = SEC_DerSignDataWithAlgorithmID(arena, &signedReq, encoding->data, encoding->len, privk, &signAlg); if (rv) { PORT_FreeArena(arena, PR_FALSE); SECU_PrintError(progName, "signing of data failed"); return SECFailure; } /* Encode request in specified format */ if (ascii) { char *obuf; char *header, *name, *email, *org, *state, *country; obuf = BTOA_ConvertItemToAscii(&signedReq); if (!obuf) { goto oom; } name = CERT_GetCommonName(subject); if (!name) { name = PORT_Strdup("(not specified)"); } if (!phone) phone = "(not specified)"; email = CERT_GetCertEmailAddress(subject); if (!email) email = PORT_Strdup("(not specified)"); org = CERT_GetOrgName(subject); if (!org) org = PORT_Strdup("(not specified)"); state = CERT_GetStateName(subject); if (!state) state = PORT_Strdup("(not specified)"); country = CERT_GetCountryName(subject); if (!country) country = PORT_Strdup("(not specified)"); header = PR_smprintf( "\nCertificate request generated by Netscape certutil\n" "Phone: %s\n\n" "Common Name: %s\n" "Email: %s\n" "Organization: %s\n" "State: %s\n" "Country: %s\n\n" "%s\n", phone, name, email, org, state, country, NS_CERTREQ_HEADER); PORT_Free(name); PORT_Free(email); PORT_Free(org); PORT_Free(state); PORT_Free(country); if (header) { char *trailer = PR_smprintf("\n%s\n", NS_CERTREQ_TRAILER); if (trailer) { PRUint32 headerLen = PL_strlen(header); PRUint32 obufLen = PL_strlen(obuf); PRUint32 trailerLen = PL_strlen(trailer); SECITEM_AllocItem(NULL, result, headerLen + obufLen + trailerLen); if (result->data) { PORT_Memcpy(result->data, header, headerLen); PORT_Memcpy(result->data + headerLen, obuf, obufLen); PORT_Memcpy(result->data + headerLen + obufLen, trailer, trailerLen); } PR_smprintf_free(trailer); } PR_smprintf_free(header); } PORT_Free(obuf); } else { (void)SECITEM_CopyItem(NULL, result, &signedReq); } if (!result->data) { oom: SECU_PrintError(progName, "out of memory"); PORT_SetError(SEC_ERROR_NO_MEMORY); rv = SECFailure; } PORT_FreeArena(arena, PR_FALSE); return rv; } static SECStatus ChangeTrustAttributes(CERTCertDBHandle *handle, PK11SlotInfo *slot, char *name, char *trusts, void *pwdata) { SECStatus rv; CERTCertificate *cert; CERTCertTrust *trust; cert = CERT_FindCertByNicknameOrEmailAddrCX(handle, name, pwdata); if (!cert) { SECU_PrintError(progName, "could not find certificate named \"%s\"", name); return SECFailure; } trust = (CERTCertTrust *)PORT_ZAlloc(sizeof(CERTCertTrust)); if (!trust) { SECU_PrintError(progName, "unable to allocate cert trust"); return SECFailure; } /* This function only decodes these characters: pPwcTCu, */ rv = CERT_DecodeTrustString(trust, trusts); if (rv) { SECU_PrintError(progName, "unable to decode trust string"); return SECFailure; } /* CERT_ChangeCertTrust API does not have a way to pass in * a context, so NSS can't prompt for the password if it needs to. * check to see if the failure was token not logged in and * log in if need be. */ rv = CERT_ChangeCertTrust(handle, cert, trust); if (rv != SECSuccess) { if (PORT_GetError() == SEC_ERROR_TOKEN_NOT_LOGGED_IN) { rv = PK11_Authenticate(slot, PR_TRUE, pwdata); if (rv != SECSuccess) { SECU_PrintError(progName, "could not authenticate to token %s.", PK11_GetTokenName(slot)); return SECFailure; } rv = CERT_ChangeCertTrust(handle, cert, trust); } if (rv != SECSuccess) { SECU_PrintError(progName, "unable to modify trust attributes"); return SECFailure; } } CERT_DestroyCertificate(cert); PORT_Free(trust); return SECSuccess; } static SECStatus DumpChain(CERTCertDBHandle *handle, char *name, PRBool ascii) { CERTCertificate *the_cert; CERTCertificateList *chain; int i, j; the_cert = SECU_FindCertByNicknameOrFilename(handle, name, ascii, NULL); if (!the_cert) { SECU_PrintError(progName, "Could not find: %s\n", name); return SECFailure; } chain = CERT_CertChainFromCert(the_cert, 0, PR_TRUE); CERT_DestroyCertificate(the_cert); if (!chain) { SECU_PrintError(progName, "Could not obtain chain for: %s\n", name); return SECFailure; } for (i = chain->len - 1; i >= 0; i--) { CERTCertificate *c; c = CERT_FindCertByDERCert(handle, &chain->certs[i]); for (j = i; j < chain->len - 1; j++) { printf(" "); } if (c) { printf("\"%s\" [%s]\n\n", c->nickname, c->subjectName); CERT_DestroyCertificate(c); } else { printf("(null)\n\n"); } } CERT_DestroyCertificateList(chain); return SECSuccess; } static SECStatus outputCertOrExtension(CERTCertificate *the_cert, PRBool raw, PRBool ascii, SECItem *extensionOID, PRFileDesc *outfile) { SECItem data; PRInt32 numBytes; SECStatus rv = SECFailure; if (extensionOID) { int i; PRBool found = PR_FALSE; for (i = 0; the_cert->extensions[i] != NULL; i++) { CERTCertExtension *extension = the_cert->extensions[i]; if (SECITEM_CompareItem(&extension->id, extensionOID) == SECEqual) { found = PR_TRUE; numBytes = PR_Write(outfile, extension->value.data, extension->value.len); rv = SECSuccess; if (numBytes != (PRInt32)extension->value.len) { SECU_PrintSystemError(progName, "error writing extension"); rv = SECFailure; } break; } } if (!found) { SECU_PrintSystemError(progName, "extension not found"); rv = SECFailure; } } else { data.data = the_cert->derCert.data; data.len = the_cert->derCert.len; if (ascii) { PR_fprintf(outfile, "%s\n%s\n%s\n", NS_CERT_HEADER, BTOA_DataToAscii(data.data, data.len), NS_CERT_TRAILER); rv = SECSuccess; } else if (raw) { numBytes = PR_Write(outfile, data.data, data.len); rv = SECSuccess; if (numBytes != (PRInt32)data.len) { SECU_PrintSystemError(progName, "error writing raw cert"); rv = SECFailure; } } else { rv = SEC_PrintCertificateAndTrust(the_cert, "Certificate", NULL); if (rv != SECSuccess) { SECU_PrintError(progName, "problem printing certificate"); } } } return rv; } static SECStatus listCerts(CERTCertDBHandle *handle, char *name, char *email, PK11SlotInfo *slot, PRBool raw, PRBool ascii, SECItem *extensionOID, PRFileDesc *outfile, void *pwarg) { SECStatus rv = SECFailure; CERTCertList *certs; CERTCertListNode *node; /* List certs on a non-internal slot. */ if (!PK11_IsFriendly(slot) && PK11_NeedLogin(slot)) { SECStatus newrv = PK11_Authenticate(slot, PR_TRUE, pwarg); if (newrv != SECSuccess) { SECU_PrintError(progName, "could not authenticate to token %s.", PK11_GetTokenName(slot)); return SECFailure; } } if (name) { CERTCertificate *the_cert = SECU_FindCertByNicknameOrFilename(handle, name, ascii, NULL); if (!the_cert) { SECU_PrintError(progName, "Could not find cert: %s\n", name); return SECFailure; } /* Here, we have one cert with the desired nickname or email * address. Now, we will attempt to get a list of ALL certs * with the same subject name as the cert we have. That list * should contain, at a minimum, the one cert we have already found. * If the list of certs is empty (NULL), the libraries have failed. */ certs = CERT_CreateSubjectCertList(NULL, handle, &the_cert->derSubject, PR_Now(), PR_FALSE); CERT_DestroyCertificate(the_cert); if (!certs) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); SECU_PrintError(progName, "problem printing certificates"); return SECFailure; } for (node = CERT_LIST_HEAD(certs); !CERT_LIST_END(node, certs); node = CERT_LIST_NEXT(node)) { rv = outputCertOrExtension(node->cert, raw, ascii, extensionOID, outfile); if (rv != SECSuccess) { break; } } } else if (email) { certs = PK11_FindCertsFromEmailAddress(email, NULL); if (!certs) { SECU_PrintError(progName, "Could not find certificates for email address: %s\n", email); return SECFailure; } for (node = CERT_LIST_HEAD(certs); !CERT_LIST_END(node, certs); node = CERT_LIST_NEXT(node)) { rv = outputCertOrExtension(node->cert, raw, ascii, extensionOID, outfile); if (rv != SECSuccess) { break; } } } else { certs = PK11_ListCertsInSlot(slot); if (certs) { for (node = CERT_LIST_HEAD(certs); !CERT_LIST_END(node, certs); node = CERT_LIST_NEXT(node)) { SECU_PrintCertNickname(node, stdout); } rv = SECSuccess; } } if (certs) { CERT_DestroyCertList(certs); } if (rv) { SECU_PrintError(progName, "problem printing certificate nicknames"); return SECFailure; } return SECSuccess; /* not rv ?? */ } static SECStatus ListCerts(CERTCertDBHandle *handle, char *nickname, char *email, PK11SlotInfo *slot, PRBool raw, PRBool ascii, SECItem *extensionOID, PRFileDesc *outfile, secuPWData *pwdata) { SECStatus rv; if (slot && PK11_NeedUserInit(slot)) { printf("\nDatabase needs user init\n"); } if (!ascii && !raw && !nickname && !email) { PR_fprintf(outfile, "\n%-60s %-5s\n%-60s %-5s\n\n", "Certificate Nickname", "Trust Attributes", "", "SSL,S/MIME,JAR/XPI"); } if (slot == NULL) { CERTCertList *list; CERTCertListNode *node; list = PK11_ListCerts(PK11CertListAll, pwdata); for (node = CERT_LIST_HEAD(list); !CERT_LIST_END(node, list); node = CERT_LIST_NEXT(node)) { SECU_PrintCertNickname(node, stdout); } CERT_DestroyCertList(list); return SECSuccess; } rv = listCerts(handle, nickname, email, slot, raw, ascii, extensionOID, outfile, pwdata); return rv; } static SECStatus DeleteCert(CERTCertDBHandle *handle, char *name, void *pwdata) { SECStatus rv; CERTCertificate *cert; cert = CERT_FindCertByNicknameOrEmailAddrCX(handle, name, pwdata); if (!cert) { SECU_PrintError(progName, "could not find certificate named \"%s\"", name); return SECFailure; } rv = SEC_DeletePermCertificate(cert); CERT_DestroyCertificate(cert); if (rv) { SECU_PrintError(progName, "unable to delete certificate"); } return rv; } static SECStatus RenameCert(CERTCertDBHandle *handle, char *name, char *newName, void *pwdata) { SECStatus rv; CERTCertificate *cert; cert = CERT_FindCertByNicknameOrEmailAddrCX(handle, name, pwdata); if (!cert) { SECU_PrintError(progName, "could not find certificate named \"%s\"", name); return SECFailure; } rv = __PK11_SetCertificateNickname(cert, newName); CERT_DestroyCertificate(cert); if (rv) { SECU_PrintError(progName, "unable to rename certificate"); } return rv; } static SECStatus ValidateCert(CERTCertDBHandle *handle, char *name, char *date, char *certUsage, PRBool checkSig, PRBool logit, PRBool ascii, secuPWData *pwdata) { SECStatus rv; CERTCertificate *cert = NULL; PRTime timeBoundary; SECCertificateUsage usage; CERTVerifyLog reallog; CERTVerifyLog *log = NULL; if (!certUsage) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return (SECFailure); } switch (*certUsage) { case 'O': usage = certificateUsageStatusResponder; break; case 'L': usage = certificateUsageSSLCA; break; case 'A': usage = certificateUsageAnyCA; break; case 'Y': usage = certificateUsageVerifyCA; break; case 'C': usage = certificateUsageSSLClient; break; case 'V': usage = certificateUsageSSLServer; break; case 'S': usage = certificateUsageEmailSigner; break; case 'R': usage = certificateUsageEmailRecipient; break; case 'J': usage = certificateUsageObjectSigner; break; default: PORT_SetError(SEC_ERROR_INVALID_ARGS); return (SECFailure); } do { cert = SECU_FindCertByNicknameOrFilename(handle, name, ascii, NULL); if (!cert) { SECU_PrintError(progName, "could not find certificate named \"%s\"", name); GEN_BREAK(SECFailure) } if (date != NULL) { rv = DER_AsciiToTime(&timeBoundary, date); if (rv) { SECU_PrintError(progName, "invalid input date"); GEN_BREAK(SECFailure) } } else { timeBoundary = PR_Now(); } if (logit) { log = &reallog; log->count = 0; log->head = NULL; log->tail = NULL; log->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (log->arena == NULL) { SECU_PrintError(progName, "out of memory"); GEN_BREAK(SECFailure) } } rv = CERT_VerifyCertificate(handle, cert, checkSig, usage, timeBoundary, pwdata, log, &usage); if (log) { if (log->head == NULL) { fprintf(stdout, "%s: certificate is valid\n", progName); GEN_BREAK(SECSuccess) } else { char *name; CERTVerifyLogNode *node; node = log->head; while (node) { if (node->cert->nickname != NULL) { name = node->cert->nickname; } else { name = node->cert->subjectName; } fprintf(stderr, "%s : %s\n", name, SECU_Strerror(node->error)); CERT_DestroyCertificate(node->cert); node = node->next; } } } else { if (rv != SECSuccess) { PRErrorCode perr = PORT_GetError(); fprintf(stdout, "%s: certificate is invalid: %s\n", progName, SECU_Strerror(perr)); GEN_BREAK(SECFailure) } fprintf(stdout, "%s: certificate is valid\n", progName); GEN_BREAK(SECSuccess) } } while (0); if (cert) { CERT_DestroyCertificate(cert); } return (rv); } static PRBool ItemIsPrintableASCII(const SECItem *item) { unsigned char *src = item->data; unsigned int len = item->len; while (len-- > 0) { unsigned char uc = *src++; if (uc < 0x20 || uc > 0x7e) return PR_FALSE; } return PR_TRUE; } /* Caller ensures that dst is at least item->len*2+1 bytes long */ static void SECItemToHex(const SECItem *item, char *dst) { if (dst && item && item->data) { unsigned char *src = item->data; unsigned int len = item->len; for (; len > 0; --len, dst += 2) { sprintf(dst, "%02x", *src++); } *dst = '\0'; } } static const char *const keyTypeName[] = { "null", "rsa", "dsa", "fortezza", "dh", "kea", "ec" }; #define MAX_CKA_ID_BIN_LEN 20 #define MAX_CKA_ID_STR_LEN 40 /* print key number, key ID (in hex or ASCII), key label (nickname) */ static SECStatus PrintKey(PRFileDesc *out, const char *nickName, int count, SECKEYPrivateKey *key, void *pwarg) { SECItem *ckaID; char ckaIDbuf[MAX_CKA_ID_STR_LEN + 4]; pwarg = NULL; ckaID = PK11_GetLowLevelKeyIDForPrivateKey(key); if (!ckaID) { strcpy(ckaIDbuf, "(no CKA_ID)"); } else if (ItemIsPrintableASCII(ckaID)) { int len = PR_MIN(MAX_CKA_ID_STR_LEN, ckaID->len); ckaIDbuf[0] = '"'; memcpy(ckaIDbuf + 1, ckaID->data, len); ckaIDbuf[1 + len] = '"'; ckaIDbuf[2 + len] = '\0'; } else { /* print ckaid in hex */ SECItem idItem = *ckaID; if (idItem.len > MAX_CKA_ID_BIN_LEN) idItem.len = MAX_CKA_ID_BIN_LEN; SECItemToHex(&idItem, ckaIDbuf); } PR_fprintf(out, "<%2d> %-8.8s %-42.42s %s\n", count, keyTypeName[key->keyType], ckaIDbuf, nickName); SECITEM_ZfreeItem(ckaID, PR_TRUE); return SECSuccess; } /* returns SECSuccess if ANY keys are found, SECFailure otherwise. */ static SECStatus ListKeysInSlot(PK11SlotInfo *slot, const char *nickName, KeyType keyType, void *pwarg) { SECKEYPrivateKeyList *list; SECKEYPrivateKeyListNode *node; int count = 0; if (PK11_NeedLogin(slot)) { SECStatus rv = PK11_Authenticate(slot, PR_TRUE, pwarg); if (rv != SECSuccess) { SECU_PrintError(progName, "could not authenticate to token %s.", PK11_GetTokenName(slot)); return SECFailure; } } if (nickName && nickName[0]) list = PK11_ListPrivKeysInSlot(slot, (char *)nickName, pwarg); else list = PK11_ListPrivateKeysInSlot(slot); if (list == NULL) { SECU_PrintError(progName, "problem listing keys"); return SECFailure; } for (node = PRIVKEY_LIST_HEAD(list); !PRIVKEY_LIST_END(node, list); node = PRIVKEY_LIST_NEXT(node)) { char *keyName; static const char orphan[] = { "(orphan)" }; if (keyType != nullKey && keyType != node->key->keyType) continue; keyName = PK11_GetPrivateKeyNickname(node->key); if (!keyName || !keyName[0]) { /* Try extra hard to find nicknames for keys that lack them. */ CERTCertificate *cert; PORT_Free((void *)keyName); keyName = NULL; cert = PK11_GetCertFromPrivateKey(node->key); if (cert) { if (cert->nickname && cert->nickname[0]) { keyName = PORT_Strdup(cert->nickname); } else if (cert->emailAddr && cert->emailAddr[0]) { keyName = PORT_Strdup(cert->emailAddr); } CERT_DestroyCertificate(cert); } } if (nickName) { if (!keyName || PL_strcmp(keyName, nickName)) { /* PKCS#11 module returned unwanted keys */ PORT_Free((void *)keyName); continue; } } if (!keyName) keyName = (char *)orphan; PrintKey(PR_STDOUT, keyName, count, node->key, pwarg); if (keyName != (char *)orphan) PORT_Free((void *)keyName); count++; } SECKEY_DestroyPrivateKeyList(list); if (count == 0) { PR_fprintf(PR_STDOUT, "%s: no keys found\n", progName); return SECFailure; } return SECSuccess; } /* returns SECSuccess if ANY keys are found, SECFailure otherwise. */ static SECStatus ListKeys(PK11SlotInfo *slot, const char *nickName, int index, KeyType keyType, PRBool dopriv, secuPWData *pwdata) { SECStatus rv = SECFailure; static const char fmt[] = "%s: Checking token \"%.33s\" in slot \"%.65s\"\n"; if (slot == NULL) { PK11SlotList *list; PK11SlotListElement *le; list = PK11_GetAllTokens(CKM_INVALID_MECHANISM, PR_FALSE, PR_FALSE, pwdata); if (list) { for (le = list->head; le; le = le->next) { PR_fprintf(PR_STDOUT, fmt, progName, PK11_GetTokenName(le->slot), PK11_GetSlotName(le->slot)); rv &= ListKeysInSlot(le->slot, nickName, keyType, pwdata); } PK11_FreeSlotList(list); } } else { PR_fprintf(PR_STDOUT, fmt, progName, PK11_GetTokenName(slot), PK11_GetSlotName(slot)); rv = ListKeysInSlot(slot, nickName, keyType, pwdata); } return rv; } static SECStatus DeleteKey(char *nickname, secuPWData *pwdata) { SECStatus rv; CERTCertificate *cert; PK11SlotInfo *slot; slot = PK11_GetInternalKeySlot(); if (PK11_NeedLogin(slot)) { SECStatus rv = PK11_Authenticate(slot, PR_TRUE, pwdata); if (rv != SECSuccess) { SECU_PrintError(progName, "could not authenticate to token %s.", PK11_GetTokenName(slot)); return SECFailure; } } cert = PK11_FindCertFromNickname(nickname, pwdata); if (!cert) { PK11_FreeSlot(slot); return SECFailure; } rv = PK11_DeleteTokenCertAndKey(cert, pwdata); if (rv != SECSuccess) { SECU_PrintError("problem deleting private key \"%s\"\n", nickname); } CERT_DestroyCertificate(cert); PK11_FreeSlot(slot); return rv; } /* * L i s t M o d u l e s * * Print a list of the PKCS11 modules that are * available. This is useful for smartcard people to * make sure they have the drivers loaded. * */ static SECStatus ListModules(void) { PK11SlotList *list; PK11SlotListElement *le; /* get them all! */ list = PK11_GetAllTokens(CKM_INVALID_MECHANISM, PR_FALSE, PR_FALSE, NULL); if (list == NULL) return SECFailure; /* look at each slot*/ for (le = list->head; le; le = le->next) { char *token_uri = PK11_GetTokenURI(le->slot); printf("\n"); printf(" slot: %s\n", PK11_GetSlotName(le->slot)); printf(" token: %s\n", PK11_GetTokenName(le->slot)); printf(" uri: %s\n", token_uri); PORT_Free(token_uri); } PK11_FreeSlotList(list); return SECSuccess; } static void PrintBuildFlags() { #ifdef NSS_FIPS_DISABLED PR_fprintf(PR_STDOUT, "NSS_FIPS_DISABLED\n"); #endif #ifdef NSS_NO_INIT_SUPPORT PR_fprintf(PR_STDOUT, "NSS_NO_INIT_SUPPORT\n"); #endif exit(0); } static void PrintSyntax(char *progName) { #define FPS fprintf(stderr, FPS "Type %s -H for more detailed descriptions\n", progName); FPS "Usage: %s -N [-d certdir] [-P dbprefix] [-f pwfile] [--empty-password]\n", progName); FPS "Usage: %s -T [-d certdir] [-P dbprefix] [-h token-name]\n" "\t\t [-f pwfile] [-0 SSO-password]\n", progName); FPS "\t%s -A -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n", progName); FPS "\t%s -B -i batch-file\n", progName); FPS "\t%s -C [-c issuer-name | -x] -i cert-request-file -o cert-file\n" "\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n" "\t\t [-f pwfile] [-d certdir] [-P dbprefix] [-Z hashAlg]\n" "\t\t [-1 | --keyUsage [keyUsageKeyword,..]] [-2] [-3] [-4]\n" "\t\t [-5 | --nsCertType [nsCertTypeKeyword,...]]\n" "\t\t [-6 | --extKeyUsage [extKeyUsageKeyword,...]] [-7 emailAddrs]\n" "\t\t [-8 dns-names] [-a]\n", progName); FPS "\t%s -D -n cert-name [-d certdir] [-P dbprefix]\n", progName); FPS "\t%s --rename -n cert-name --new-n new-cert-name\n" "\t\t [-d certdir] [-P dbprefix]\n", progName); FPS "\t%s -E -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n", progName); FPS "\t%s -F -n nickname [-d certdir] [-P dbprefix]\n", progName); FPS "\t%s -G -n key-name [-h token-name] [-k rsa] [-g key-size] [-y exp]\n" "\t\t [-f pwfile] [-z noisefile] [-d certdir] [-P dbprefix]\n", progName); FPS "\t%s -G [-h token-name] -k dsa [-q pqgfile -g key-size] [-f pwfile]\n" "\t\t [-z noisefile] [-d certdir] [-P dbprefix]\n", progName); FPS "\t%s -G [-h token-name] -k ec -q curve [-f pwfile]\n" "\t\t [-z noisefile] [-d certdir] [-P dbprefix]\n", progName); FPS "\t%s -K [-n key-name] [-h token-name] [-k dsa|ec|rsa|all]\n", progName); FPS "\t\t [-f pwfile] [-X] [-d certdir] [-P dbprefix]\n"); FPS "\t%s --upgrade-merge --source-dir upgradeDir --upgrade-id uniqueID\n", progName); FPS "\t\t [--upgrade-token-name tokenName] [-d targetDBDir]\n"); FPS "\t\t [-P targetDBPrefix] [--source-prefix upgradeDBPrefix]\n"); FPS "\t\t [-f targetPWfile] [-@ upgradePWFile]\n"); FPS "\t%s --merge --source-dir sourceDBDir [-d targetDBdir]\n", progName); FPS "\t\t [-P targetDBPrefix] [--source-prefix sourceDBPrefix]\n"); FPS "\t\t [-f targetPWfile] [-@ sourcePWFile]\n"); FPS "\t%s -L [-n cert-name] [-h token-name] [--email email-address]\n", progName); FPS "\t\t [-X] [-r] [-a] [--dump-ext-val OID] [-d certdir] [-P dbprefix]\n"); FPS "\t%s --build-flags\n", progName); FPS "\t%s -M -n cert-name -t trustargs [-d certdir] [-P dbprefix]\n", progName); FPS "\t%s -O -n cert-name [-X] [-d certdir] [-a] [-P dbprefix]\n", progName); FPS "\t%s -R -s subj -o cert-request-file [-d certdir] [-P dbprefix] [-p phone] [-a]\n" "\t\t [-7 emailAddrs] [-k key-type-or-id] [-h token-name] [-f pwfile]\n" "\t\t [-g key-size] [-Z hashAlg]\n", progName); FPS "\t%s -V -n cert-name -u usage [-b time] [-e] [-a]\n" "\t\t[-X] [-d certdir] [-P dbprefix]\n", progName); FPS "Usage: %s -W [-d certdir] [-f pwfile] [-@newpwfile]\n", progName); FPS "\t%s -S -n cert-name -s subj [-c issuer-name | -x] -t trustargs\n" "\t\t [-k key-type-or-id] [-q key-params] [-h token-name] [-g key-size]\n" "\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n" "\t\t [-f pwfile] [-d certdir] [-P dbprefix] [-Z hashAlg]\n" "\t\t [-p phone] [-1] [-2] [-3] [-4] [-5] [-6] [-7 emailAddrs]\n" "\t\t [-8 DNS-names]\n" "\t\t [--extAIA] [--extSIA] [--extCP] [--extPM] [--extPC] [--extIA]\n" "\t\t [--extSKID] [--extNC] [--extSAN type:name[,type:name]...]\n" "\t\t [--extGeneric OID:critical-flag:filename[,OID:critical-flag:filename]...]\n", progName); FPS "\t%s -U [-X] [-d certdir] [-P dbprefix]\n", progName); exit(1); } enum usage_level { usage_all = 0, usage_selected = 1 }; static void luCommonDetailsAE(); static void luA(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "A")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Add a certificate to the database (create if needed)\n", "-A"); if (ul == usage_selected && !is_my_command) return; if (ul == usage_all) { FPS "%-20s\n", " All options under -E apply"); } else { luCommonDetailsAE(); } } static void luB(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "B")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Run a series of certutil commands from a batch file\n", "-B"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s Specify the batch file\n", " -i batch-file"); } static void luE(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "E")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Add an Email certificate to the database (create if needed)\n", "-E"); if (ul == usage_selected && !is_my_command) return; luCommonDetailsAE(); } static void luCommonDetailsAE() { FPS "%-20s Specify the nickname of the certificate to add\n", " -n cert-name"); FPS "%-20s Set the certificate trust attributes:\n", " -t trustargs"); FPS "%-25s trustargs is of the form x,y,z where x is for SSL, y is for S/MIME,\n", ""); FPS "%-25s and z is for code signing. Use ,, for no explicit trust.\n", ""); FPS "%-25s p \t prohibited (explicitly distrusted)\n", ""); FPS "%-25s P \t trusted peer\n", ""); FPS "%-25s c \t valid CA\n", ""); FPS "%-25s T \t trusted CA to issue client certs (implies c)\n", ""); FPS "%-25s C \t trusted CA to issue server certs (implies c)\n", ""); FPS "%-25s u \t user cert\n", ""); FPS "%-25s w \t send warning\n", ""); FPS "%-25s g \t make step-up cert\n", ""); FPS "%-20s Specify the password file\n", " -f pwfile"); FPS "%-20s Cert database directory (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "%-20s The input certificate is encoded in ASCII (RFC1113)\n", " -a"); FPS "%-20s Specify the certificate file (default is stdin)\n", " -i input"); FPS "\n"); } static void luC(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "C")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Create a new binary certificate from a BINARY cert request\n", "-C"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s The nickname of the issuer cert\n", " -c issuer-name"); FPS "%-20s The BINARY certificate request file\n", " -i cert-request "); FPS "%-20s Output binary cert to this file (default is stdout)\n", " -o output-cert"); FPS "%-20s Self sign\n", " -x"); FPS "%-20s Sign the certificate with RSA-PSS (the issuer key must be rsa)\n", " --pss-sign"); FPS "%-20s Cert serial number\n", " -m serial-number"); FPS "%-20s Time Warp\n", " -w warp-months"); FPS "%-20s Months valid (default is 3)\n", " -v months-valid"); FPS "%-20s Specify the password file\n", " -f pwfile"); FPS "%-20s Cert database directory (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "%-20s \n" "%-20s Specify the hash algorithm to use. Possible keywords:\n" "%-20s \"MD2\", \"MD4\", \"MD5\", \"SHA1\", \"SHA224\",\n" "%-20s \"SHA256\", \"SHA384\", \"SHA512\"\n", " -Z hashAlg", "", "", ""); FPS "%-20s \n" "%-20s Create key usage extension. Possible keywords:\n" "%-20s \"digitalSignature\", \"nonRepudiation\", \"keyEncipherment\",\n" "%-20s \"dataEncipherment\", \"keyAgreement\", \"certSigning\",\n" "%-20s \"crlSigning\", \"critical\"\n", " -1 | --keyUsage keyword,keyword,...", "", "", "", ""); FPS "%-20s Create basic constraint extension\n", " -2 "); FPS "%-20s Create authority key ID extension\n", " -3 "); FPS "%-20s Create crl distribution point extension\n", " -4 "); FPS "%-20s \n" "%-20s Create netscape cert type extension. Possible keywords:\n" "%-20s \"sslClient\", \"sslServer\", \"smime\", \"objectSigning\",\n" "%-20s \"sslCA\", \"smimeCA\", \"objectSigningCA\", \"critical\".\n", " -5 | --nsCertType keyword,keyword,... ", "", "", ""); FPS "%-20s \n" "%-20s Create extended key usage extension. Possible keywords:\n" "%-20s \"serverAuth\", \"clientAuth\",\"codeSigning\",\n" "%-20s \"emailProtection\", \"timeStamp\",\"ocspResponder\",\n" "%-20s \"stepUp\", \"msTrustListSign\", \"critical\"\n", " -6 | --extKeyUsage keyword,keyword,...", "", "", "", ""); FPS "%-20s Create an email subject alt name extension\n", " -7 emailAddrs"); FPS "%-20s Create an dns subject alt name extension\n", " -8 dnsNames"); FPS "%-20s The input certificate request is encoded in ASCII (RFC1113)\n", " -a"); FPS "\n"); } static void luG(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "G")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Generate a new key pair\n", "-G"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s Name of token in which to generate key (default is internal)\n", " -h token-name"); FPS "%-20s Type of key pair to generate (\"dsa\", \"ec\", \"rsa\" (default))\n", " -k key-type"); FPS "%-20s Key size in bits, (min %d, max %d, default %d) (not for ec)\n", " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS); FPS "%-20s Set the public exponent value (3, 17, 65537) (rsa only)\n", " -y exp"); FPS "%-20s Specify the password file\n", " -f password-file"); FPS "%-20s Specify the noise file to be used\n", " -z noisefile"); FPS "%-20s read PQG value from pqgfile (dsa only)\n", " -q pqgfile"); FPS "%-20s Elliptic curve name (ec only)\n", " -q curve-name"); FPS "%-20s One of nistp256, nistp384, nistp521, curve25519.\n", ""); FPS "%-20s If a custom token is present, the following curves are also supported:\n", ""); FPS "%-20s sect163k1, nistk163, sect163r1, sect163r2,\n", ""); FPS "%-20s nistb163, sect193r1, sect193r2, sect233k1, nistk233,\n", ""); FPS "%-20s sect233r1, nistb233, sect239k1, sect283k1, nistk283,\n", ""); FPS "%-20s sect283r1, nistb283, sect409k1, nistk409, sect409r1,\n", ""); FPS "%-20s nistb409, sect571k1, nistk571, sect571r1, nistb571,\n", ""); FPS "%-20s secp160k1, secp160r1, secp160r2, secp192k1, secp192r1,\n", ""); FPS "%-20s nistp192, secp224k1, secp224r1, nistp224, secp256k1,\n", ""); FPS "%-20s secp256r1, secp384r1, secp521r1,\n", ""); FPS "%-20s prime192v1, prime192v2, prime192v3, \n", ""); FPS "%-20s prime239v1, prime239v2, prime239v3, c2pnb163v1, \n", ""); FPS "%-20s c2pnb163v2, c2pnb163v3, c2pnb176v1, c2tnb191v1, \n", ""); FPS "%-20s c2tnb191v2, c2tnb191v3, \n", ""); FPS "%-20s c2pnb208w1, c2tnb239v1, c2tnb239v2, c2tnb239v3, \n", ""); FPS "%-20s c2pnb272w1, c2pnb304w1, \n", ""); FPS "%-20s c2tnb359w1, c2pnb368w1, c2tnb431r1, secp112r1, \n", ""); FPS "%-20s secp112r2, secp128r1, secp128r2, sect113r1, sect113r2\n", ""); FPS "%-20s sect131r1, sect131r2\n", ""); FPS "%-20s Key database directory (default is ~/.netscape)\n", " -d keydir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "%-20s\n" "%-20s PKCS #11 key Attributes.\n", " --keyAttrFlags attrflags", ""); FPS "%-20s Comma separated list of key attribute attribute flags,\n", ""); FPS "%-20s selected from the following list of choices:\n", ""); FPS "%-20s {token | session} {public | private} {sensitive | insensitive}\n", ""); FPS "%-20s {modifiable | unmodifiable} {extractable | unextractable}\n", ""); FPS "%-20s\n", " --keyOpFlagsOn opflags"); FPS "%-20s\n" "%-20s PKCS #11 key Operation Flags.\n", " --keyOpFlagsOff opflags", ""); FPS "%-20s Comma separated list of one or more of the following:\n", ""); FPS "%-20s encrypt, decrypt, sign, sign_recover, verify,\n", ""); FPS "%-20s verify_recover, wrap, unwrap, derive\n", ""); FPS "\n"); } static void luD(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "D")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Delete a certificate from the database\n", "-D"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s The nickname of the cert to delete\n", " -n cert-name"); FPS "%-20s Cert database directory (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "\n"); } static void luF(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "F")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Delete a key from the database\n", "-F"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s The nickname of the key to delete\n", " -n cert-name"); FPS "%-20s Cert database directory (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "\n"); } static void luU(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "U")); if (ul == usage_all || !command || is_my_command) FPS "%-15s List all modules\n", /*, or print out a single named module\n",*/ "-U"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s Module database directory (default is '~/.netscape')\n", " -d moddir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "%-20s force the database to open R/W\n", " -X"); FPS "\n"); } static void luK(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "K")); if (ul == usage_all || !command || is_my_command) FPS "%-15s List all private keys\n", "-K"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s Name of token to search (\"all\" for all tokens)\n", " -h token-name "); FPS "%-20s Key type (\"all\" (default), \"dsa\"," " \"ec\"," " \"rsa\")\n", " -k key-type"); FPS "%-20s The nickname of the key or associated certificate\n", " -n name"); FPS "%-20s Specify the password file\n", " -f password-file"); FPS "%-20s Key database directory (default is ~/.netscape)\n", " -d keydir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "%-20s force the database to open R/W\n", " -X"); FPS "\n"); } static void luL(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "L")); if (ul == usage_all || !command || is_my_command) FPS "%-15s List all certs, or print out a single named cert (or a subset)\n", "-L"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s Name of token to search (\"all\" for all tokens)\n", " -h token-name "); FPS "%-20s Pretty print named cert (list all if unspecified)\n", " -n cert-name"); FPS "%-20s \n" "%-20s Pretty print cert with email address (list all if unspecified)\n", " --email email-address", ""); FPS "%-20s Cert database directory (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "%-20s force the database to open R/W\n", " -X"); FPS "%-20s For single cert, print binary DER encoding\n", " -r"); FPS "%-20s For single cert, print ASCII encoding (RFC1113)\n", " -a"); FPS "%-20s \n" "%-20s For single cert, print binary DER encoding of extension OID\n", " --dump-ext-val OID", ""); FPS "\n"); } static void luM(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "M")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Modify trust attributes of certificate\n", "-M"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s The nickname of the cert to modify\n", " -n cert-name"); FPS "%-20s Set the certificate trust attributes (see -A above)\n", " -t trustargs"); FPS "%-20s Cert database directory (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "\n"); } static void luN(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "N")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Create a new certificate database\n", "-N"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s Cert database directory (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "%-20s Specify the password file\n", " -f password-file"); FPS "%-20s use empty password when creating a new database\n", " --empty-password"); FPS "\n"); } static void luT(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "T")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Reset the Key database or token\n", "-T"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s Cert database directory (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "%-20s Token to reset (default is internal)\n", " -h token-name"); FPS "%-20s Set token's Site Security Officer password\n", " -0 SSO-password"); FPS "\n"); } static void luO(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "O")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Print the chain of a certificate\n", "-O"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s The nickname of the cert to modify\n", " -n cert-name"); FPS "%-20s Cert database directory (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Input the certificate in ASCII (RFC1113); default is binary\n", " -a"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "%-20s force the database to open R/W\n", " -X"); FPS "\n"); } static void luR(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "R")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Generate a certificate request (stdout)\n", "-R"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s Specify the subject name (using RFC1485)\n", " -s subject"); FPS "%-20s Output the cert request to this file\n", " -o output-req"); FPS "%-20s Type of key pair to generate (\"dsa\", \"ec\", \"rsa\" (default))\n", " -k key-type-or-id"); FPS "%-20s or nickname of the cert key to use \n", ""); FPS "%-20s Name of token in which to generate key (default is internal)\n", " -h token-name"); FPS "%-20s Key size in bits, RSA keys only (min %d, max %d, default %d)\n", " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS); FPS "%-20s Create a certificate request restricted to RSA-PSS (rsa only)\n", " --pss"); FPS "%-20s Name of file containing PQG parameters (dsa only)\n", " -q pqgfile"); FPS "%-20s Elliptic curve name (ec only)\n", " -q curve-name"); FPS "%-20s See the \"-G\" option for a full list of supported names.\n", ""); FPS "%-20s Specify the password file\n", " -f pwfile"); FPS "%-20s Key database directory (default is ~/.netscape)\n", " -d keydir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n", " -p phone"); FPS "%-20s \n" "%-20s Specify the hash algorithm to use. Possible keywords:\n" "%-20s \"MD2\", \"MD4\", \"MD5\", \"SHA1\", \"SHA224\",\n" "%-20s \"SHA256\", \"SHA384\", \"SHA512\"\n", " -Z hashAlg", "", "", ""); FPS "%-20s Output the cert request in ASCII (RFC1113); default is binary\n", " -a"); FPS "%-20s \n", " See -S for available extension options"); FPS "%-20s \n", " See -G for available key flag options"); FPS "\n"); } static void luV(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "V")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Validate a certificate\n", "-V"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s The nickname of the cert to Validate\n", " -n cert-name"); FPS "%-20s validity time (\"YYMMDDHHMMSS[+HHMM|-HHMM|Z]\")\n", " -b time"); FPS "%-20s Check certificate signature \n", " -e "); FPS "%-20s Specify certificate usage:\n", " -u certusage"); FPS "%-25s C \t SSL Client\n", ""); FPS "%-25s V \t SSL Server\n", ""); FPS "%-25s L \t SSL CA\n", ""); FPS "%-25s A \t Any CA\n", ""); FPS "%-25s Y \t Verify CA\n", ""); FPS "%-25s S \t Email signer\n", ""); FPS "%-25s R \t Email Recipient\n", ""); FPS "%-25s O \t OCSP status responder\n", ""); FPS "%-25s J \t Object signer\n", ""); FPS "%-20s Cert database directory (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Input the certificate in ASCII (RFC1113); default is binary\n", " -a"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "%-20s force the database to open R/W\n", " -X"); FPS "\n"); } static void luW(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "W")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Change the key database password\n", "-W"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s cert and key database directory\n", " -d certdir"); FPS "%-20s Specify a file with the current password\n", " -f pwfile"); FPS "%-20s Specify a file with the new password in two lines\n", " -@ newpwfile"); FPS "\n"); } static void luRename(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "rename")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Change the database nickname of a certificate\n", "--rename"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s The old nickname of the cert to rename\n", " -n cert-name"); FPS "%-20s The new nickname of the cert to rename\n", " --new-n new-name"); FPS "%-20s Cert database directory (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "\n"); } static void luUpgradeMerge(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "upgrade-merge")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Upgrade an old database and merge it into a new one\n", "--upgrade-merge"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s Cert database directory to merge into (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Cert & Key database prefix of the target database\n", " -P dbprefix"); FPS "%-20s Specify the password file for the target database\n", " -f pwfile"); FPS "%-20s \n%-20s Cert database directory to upgrade from\n", " --source-dir certdir", ""); FPS "%-20s \n%-20s Cert & Key database prefix of the upgrade database\n", " --source-prefix dbprefix", ""); FPS "%-20s \n%-20s Unique identifier for the upgrade database\n", " --upgrade-id uniqueID", ""); FPS "%-20s \n%-20s Name of the token while it is in upgrade state\n", " --upgrade-token-name name", ""); FPS "%-20s Specify the password file for the upgrade database\n", " -@ pwfile"); FPS "\n"); } static void luMerge(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "merge")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Merge source database into the target database\n", "--merge"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s Cert database directory of target (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Cert & Key database prefix of the target database\n", " -P dbprefix"); FPS "%-20s Specify the password file for the target database\n", " -f pwfile"); FPS "%-20s \n%-20s Cert database directory of the source database\n", " --source-dir certdir", ""); FPS "%-20s \n%-20s Cert & Key database prefix of the source database\n", " --source-prefix dbprefix", ""); FPS "%-20s Specify the password file for the source database\n", " -@ pwfile"); FPS "\n"); } static void luS(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "S")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Make a certificate and add to database\n", "-S"); if (ul == usage_selected && !is_my_command) return; FPS "%-20s Specify the nickname of the cert\n", " -n key-name"); FPS "%-20s Specify the subject name (using RFC1485)\n", " -s subject"); FPS "%-20s The nickname of the issuer cert\n", " -c issuer-name"); FPS "%-20s Set the certificate trust attributes (see -A above)\n", " -t trustargs"); FPS "%-20s Type of key pair to generate (\"dsa\", \"ec\", \"rsa\" (default))\n", " -k key-type-or-id"); FPS "%-20s Name of token in which to generate key (default is internal)\n", " -h token-name"); FPS "%-20s Key size in bits, RSA keys only (min %d, max %d, default %d)\n", " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS); FPS "%-20s Create a certificate restricted to RSA-PSS (rsa only)\n", " --pss"); FPS "%-20s Name of file containing PQG parameters (dsa only)\n", " -q pqgfile"); FPS "%-20s Elliptic curve name (ec only)\n", " -q curve-name"); FPS "%-20s See the \"-G\" option for a full list of supported names.\n", ""); FPS "%-20s Self sign\n", " -x"); FPS "%-20s Sign the certificate with RSA-PSS (the issuer key must be rsa)\n", " --pss-sign"); FPS "%-20s Cert serial number\n", " -m serial-number"); FPS "%-20s Time Warp\n", " -w warp-months"); FPS "%-20s Months valid (default is 3)\n", " -v months-valid"); FPS "%-20s Specify the password file\n", " -f pwfile"); FPS "%-20s Cert database directory (default is ~/.netscape)\n", " -d certdir"); FPS "%-20s Cert & Key database prefix\n", " -P dbprefix"); FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n", " -p phone"); FPS "%-20s \n" "%-20s Specify the hash algorithm to use. Possible keywords:\n" "%-20s \"MD2\", \"MD4\", \"MD5\", \"SHA1\", \"SHA224\",\n" "%-20s \"SHA256\", \"SHA384\", \"SHA512\"\n", " -Z hashAlg", "", "", ""); FPS "%-20s Create key usage extension\n", " -1 "); FPS "%-20s Create basic constraint extension\n", " -2 "); FPS "%-20s Create authority key ID extension\n", " -3 "); FPS "%-20s Create crl distribution point extension\n", " -4 "); FPS "%-20s Create netscape cert type extension\n", " -5 "); FPS "%-20s Create extended key usage extension\n", " -6 "); FPS "%-20s Create an email subject alt name extension\n", " -7 emailAddrs "); FPS "%-20s Create a DNS subject alt name extension\n", " -8 DNS-names"); FPS "%-20s Create an Authority Information Access extension\n", " --extAIA "); FPS "%-20s Create a Subject Information Access extension\n", " --extSIA "); FPS "%-20s Create a Certificate Policies extension\n", " --extCP "); FPS "%-20s Create a Policy Mappings extension\n", " --extPM "); FPS "%-20s Create a Policy Constraints extension\n", " --extPC "); FPS "%-20s Create an Inhibit Any Policy extension\n", " --extIA "); FPS "%-20s Create a subject key ID extension\n", " --extSKID "); FPS "%-20s \n", " See -G for available key flag options"); FPS "%-20s Create a name constraints extension\n", " --extNC "); FPS "%-20s \n" "%-20s Create a Subject Alt Name extension with one or multiple names\n", " --extSAN type:name[,type:name]...", ""); FPS "%-20s - type: directory, dn, dns, edi, ediparty, email, ip, ipaddr,\n", ""); FPS "%-20s other, registerid, rfc822, uri, x400, x400addr\n", ""); FPS "%-20s \n" "%-20s Add one or multiple extensions that certutil cannot encode yet,\n" "%-20s by loading their encodings from external files.\n", " --extGeneric OID:critical-flag:filename[,OID:critical-flag:filename]...", "", ""); FPS "%-20s - OID (example): 1.2.3.4\n", ""); FPS "%-20s - critical-flag: critical or not-critical\n", ""); FPS "%-20s - filename: full path to a file containing an encoded extension\n", ""); FPS "\n"); } static void luBuildFlags(enum usage_level ul, const char *command) { int is_my_command = (command && 0 == strcmp(command, "build-flags")); if (ul == usage_all || !command || is_my_command) FPS "%-15s Print enabled build flags relevant for NSS test execution\n", "--build-flags"); if (ul == usage_selected && !is_my_command) return; FPS "\n"); } static void LongUsage(char *progName, enum usage_level ul, const char *command) { luA(ul, command); luB(ul, command); luE(ul, command); luC(ul, command); luG(ul, command); luD(ul, command); luRename(ul, command); luF(ul, command); luU(ul, command); luK(ul, command); luL(ul, command); luBuildFlags(ul, command); luM(ul, command); luN(ul, command); luT(ul, command); luO(ul, command); luR(ul, command); luV(ul, command); luW(ul, command); luUpgradeMerge(ul, command); luMerge(ul, command); luS(ul, command); #undef FPS } static void Usage(char *progName) { PR_fprintf(PR_STDERR, "%s - Utility to manipulate NSS certificate databases\n\n" "Usage: %s -d \n\n" "Valid commands:\n", progName, progName); LongUsage(progName, usage_selected, NULL); PR_fprintf(PR_STDERR, "\n" "%s -H : Print available options for the given command\n" "%s -H : Print complete help output of all commands and options\n" "%s --syntax : Print a short summary of all commands and options\n", progName, progName, progName); exit(1); } static CERTCertificate * MakeV1Cert(CERTCertDBHandle *handle, CERTCertificateRequest *req, char *issuerNickName, PRBool selfsign, unsigned int serialNumber, int warpmonths, int validityMonths) { CERTCertificate *issuerCert = NULL; CERTValidity *validity; CERTCertificate *cert = NULL; PRExplodedTime printableTime; PRTime now, after; if (!selfsign) { issuerCert = CERT_FindCertByNicknameOrEmailAddr(handle, issuerNickName); if (!issuerCert) { SECU_PrintError(progName, "could not find certificate named \"%s\"", issuerNickName); return NULL; } } now = PR_Now(); PR_ExplodeTime(now, PR_GMTParameters, &printableTime); if (warpmonths) { printableTime.tm_month += warpmonths; now = PR_ImplodeTime(&printableTime); PR_ExplodeTime(now, PR_GMTParameters, &printableTime); } printableTime.tm_month += validityMonths; after = PR_ImplodeTime(&printableTime); /* note that the time is now in micro-second unit */ validity = CERT_CreateValidity(now, after); if (validity) { cert = CERT_CreateCertificate(serialNumber, (selfsign ? &req->subject : &issuerCert->subject), validity, req); CERT_DestroyValidity(validity); } if (issuerCert) { CERT_DestroyCertificate(issuerCert); } return (cert); } static SECStatus SetSignatureAlgorithm(PLArenaPool *arena, SECAlgorithmID *signAlg, SECAlgorithmID *spkiAlg, SECOidTag hashAlgTag, SECKEYPrivateKey *privKey, PRBool pssSign) { SECStatus rv; if (pssSign || SECOID_GetAlgorithmTag(spkiAlg) == SEC_OID_PKCS1_RSA_PSS_SIGNATURE) { SECItem *srcParams; SECItem *params; if (SECOID_GetAlgorithmTag(spkiAlg) == SEC_OID_PKCS1_RSA_PSS_SIGNATURE) { srcParams = &spkiAlg->parameters; } else { /* If the issuer's public key is RSA, the parameter field * of the SPKI should be NULL, which can't be used as a * basis of RSA-PSS parameters. */ srcParams = NULL; } params = SEC_CreateSignatureAlgorithmParameters(arena, NULL, SEC_OID_PKCS1_RSA_PSS_SIGNATURE, hashAlgTag, srcParams, privKey); if (!params) { SECU_PrintError(progName, "Could not create RSA-PSS parameters"); return SECFailure; } rv = SECOID_SetAlgorithmID(arena, signAlg, SEC_OID_PKCS1_RSA_PSS_SIGNATURE, params); if (rv != SECSuccess) { SECU_PrintError(progName, "Could not set signature algorithm id."); return rv; } } else { KeyType keyType = SECKEY_GetPrivateKeyType(privKey); SECOidTag algID; algID = SEC_GetSignatureAlgorithmOidTag(keyType, hashAlgTag); if (algID == SEC_OID_UNKNOWN) { SECU_PrintError(progName, "Unknown key or hash type for issuer."); return SECFailure; } rv = SECOID_SetAlgorithmID(arena, signAlg, algID, 0); if (rv != SECSuccess) { SECU_PrintError(progName, "Could not set signature algorithm id."); return rv; } } return SECSuccess; } static SECStatus SignCert(CERTCertDBHandle *handle, CERTCertificate *cert, PRBool selfsign, SECOidTag hashAlgTag, SECKEYPrivateKey *privKey, char *issuerNickName, int certVersion, PRBool pssSign, void *pwarg) { SECItem der; SECKEYPrivateKey *caPrivateKey = NULL; SECStatus rv; PLArenaPool *arena; CERTCertificate *issuer; void *dummy; arena = cert->arena; if (selfsign) { issuer = cert; } else { issuer = PK11_FindCertFromNickname(issuerNickName, pwarg); if ((CERTCertificate *)NULL == issuer) { SECU_PrintError(progName, "unable to find issuer with nickname %s", issuerNickName); rv = SECFailure; goto done; } privKey = caPrivateKey = PK11_FindKeyByAnyCert(issuer, pwarg); if (caPrivateKey == NULL) { SECU_PrintError(progName, "unable to retrieve key %s", issuerNickName); rv = SECFailure; CERT_DestroyCertificate(issuer); goto done; } } if (pssSign && (SECKEY_GetPrivateKeyType(privKey) != rsaKey && SECKEY_GetPrivateKeyType(privKey) != rsaPssKey)) { SECU_PrintError(progName, "unable to create RSA-PSS signature with key %s", issuerNickName); rv = SECFailure; if (!selfsign) { CERT_DestroyCertificate(issuer); } goto done; } rv = SetSignatureAlgorithm(arena, &cert->signature, &issuer->subjectPublicKeyInfo.algorithm, hashAlgTag, privKey, pssSign); if (!selfsign) { CERT_DestroyCertificate(issuer); } if (rv != SECSuccess) { goto done; } switch (certVersion) { case (SEC_CERTIFICATE_VERSION_1): /* The initial version for x509 certificates is version one * and this default value must be an implicit DER encoding. */ cert->version.data = NULL; cert->version.len = 0; break; case (SEC_CERTIFICATE_VERSION_2): case (SEC_CERTIFICATE_VERSION_3): case 3: /* unspecified format (would be version 4 certificate). */ *(cert->version.data) = certVersion; cert->version.len = 1; break; default: PORT_SetError(SEC_ERROR_INVALID_ARGS); rv = SECFailure; goto done; } der.len = 0; der.data = NULL; dummy = SEC_ASN1EncodeItem(arena, &der, cert, SEC_ASN1_GET(CERT_CertificateTemplate)); if (!dummy) { fprintf(stderr, "Could not encode certificate.\n"); rv = SECFailure; goto done; } rv = SEC_DerSignDataWithAlgorithmID(arena, &cert->derCert, der.data, der.len, privKey, &cert->signature); if (rv != SECSuccess) { fprintf(stderr, "Could not sign encoded certificate data.\n"); /* result allocated out of the arena, it will be freed * when the arena is freed */ goto done; } done: if (caPrivateKey) { SECKEY_DestroyPrivateKey(caPrivateKey); } return rv; } static SECStatus CreateCert( CERTCertDBHandle *handle, PK11SlotInfo *slot, char *issuerNickName, const SECItem *certReqDER, SECKEYPrivateKey **selfsignprivkey, void *pwarg, SECOidTag hashAlgTag, unsigned int serialNumber, int warpmonths, int validityMonths, const char *emailAddrs, const char *dnsNames, PRBool ascii, PRBool selfsign, certutilExtnList extnList, const char *extGeneric, int certVersion, PRBool pssSign, SECItem *certDER) { void *extHandle = NULL; CERTCertificate *subjectCert = NULL; CERTCertificateRequest *certReq = NULL; SECStatus rv = SECSuccess; CERTCertExtension **CRexts; do { /* Create a certrequest object from the input cert request der */ certReq = GetCertRequest(certReqDER, pwarg); if (certReq == NULL) { GEN_BREAK(SECFailure) } subjectCert = MakeV1Cert(handle, certReq, issuerNickName, selfsign, serialNumber, warpmonths, validityMonths); if (subjectCert == NULL) { GEN_BREAK(SECFailure) } extHandle = CERT_StartCertExtensions(subjectCert); if (extHandle == NULL) { GEN_BREAK(SECFailure) } rv = AddExtensions(extHandle, emailAddrs, dnsNames, extnList, extGeneric); if (rv != SECSuccess) { GEN_BREAK(SECFailure) } if (certReq->attributes != NULL && certReq->attributes[0] != NULL && certReq->attributes[0]->attrType.data != NULL && certReq->attributes[0]->attrType.len > 0 && SECOID_FindOIDTag(&certReq->attributes[0]->attrType) == SEC_OID_PKCS9_EXTENSION_REQUEST) { rv = CERT_GetCertificateRequestExtensions(certReq, &CRexts); if (rv != SECSuccess) break; rv = CERT_MergeExtensions(extHandle, CRexts); if (rv != SECSuccess) break; } CERT_FinishExtensions(extHandle); extHandle = NULL; /* self-signing a cert request, find the private key */ if (selfsign && *selfsignprivkey == NULL) { *selfsignprivkey = PK11_FindKeyByDERCert(slot, subjectCert, pwarg); if (!*selfsignprivkey) { fprintf(stderr, "Failed to locate private key.\n"); rv = SECFailure; break; } } rv = SignCert(handle, subjectCert, selfsign, hashAlgTag, *selfsignprivkey, issuerNickName, certVersion, pssSign, pwarg); if (rv != SECSuccess) break; rv = SECFailure; if (ascii) { char *asciiDER = BTOA_DataToAscii(subjectCert->derCert.data, subjectCert->derCert.len); if (asciiDER) { char *wrapped = PR_smprintf("%s\n%s\n%s\n", NS_CERT_HEADER, asciiDER, NS_CERT_TRAILER); if (wrapped) { PRUint32 wrappedLen = PL_strlen(wrapped); if (SECITEM_AllocItem(NULL, certDER, wrappedLen)) { PORT_Memcpy(certDER->data, wrapped, wrappedLen); rv = SECSuccess; } PR_smprintf_free(wrapped); } PORT_Free(asciiDER); } } else { rv = SECITEM_CopyItem(NULL, certDER, &subjectCert->derCert); } } while (0); if (extHandle) { CERT_FinishExtensions(extHandle); } CERT_DestroyCertificateRequest(certReq); CERT_DestroyCertificate(subjectCert); if (rv != SECSuccess) { PRErrorCode perr = PR_GetError(); fprintf(stderr, "%s: unable to create cert (%s)\n", progName, SECU_Strerror(perr)); } return (rv); } /* * map a class to a user presentable string */ static const char *objClassArray[] = { "Data", "Certificate", "Public Key", "Private Key", "Secret Key", "Hardware Feature", "Domain Parameters", "Mechanism" }; static const char *objNSSClassArray[] = { "CKO_NSS", "Crl", "SMIME Record", "Trust", "Builtin Root List" }; const char * getObjectClass(CK_ULONG classType) { static char buf[sizeof(CK_ULONG) * 2 + 3]; if (classType <= CKO_MECHANISM) { return objClassArray[classType]; } if (classType >= CKO_NSS && classType <= CKO_NSS_BUILTIN_ROOT_LIST) { return objNSSClassArray[classType - CKO_NSS]; } sprintf(buf, "0x%lx", classType); return buf; } typedef struct { char *name; int nameSize; CK_ULONG value; } flagArray; #define NAME_SIZE(x) #x, sizeof(#x) - 1 flagArray opFlagsArray[] = { { NAME_SIZE(encrypt), CKF_ENCRYPT }, { NAME_SIZE(decrypt), CKF_DECRYPT }, { NAME_SIZE(sign), CKF_SIGN }, { NAME_SIZE(sign_recover), CKF_SIGN_RECOVER }, { NAME_SIZE(verify), CKF_VERIFY }, { NAME_SIZE(verify_recover), CKF_VERIFY_RECOVER }, { NAME_SIZE(wrap), CKF_WRAP }, { NAME_SIZE(unwrap), CKF_UNWRAP }, { NAME_SIZE(derive), CKF_DERIVE }, }; int opFlagsCount = sizeof(opFlagsArray) / sizeof(flagArray); flagArray attrFlagsArray[] = { { NAME_SIZE(token), PK11_ATTR_TOKEN }, { NAME_SIZE(session), PK11_ATTR_SESSION }, { NAME_SIZE(private), PK11_ATTR_PRIVATE }, { NAME_SIZE(public), PK11_ATTR_PUBLIC }, { NAME_SIZE(modifiable), PK11_ATTR_MODIFIABLE }, { NAME_SIZE(unmodifiable), PK11_ATTR_UNMODIFIABLE }, { NAME_SIZE(sensitive), PK11_ATTR_SENSITIVE }, { NAME_SIZE(insensitive), PK11_ATTR_INSENSITIVE }, { NAME_SIZE(extractable), PK11_ATTR_EXTRACTABLE }, { NAME_SIZE(unextractable), PK11_ATTR_UNEXTRACTABLE } }; int attrFlagsCount = sizeof(attrFlagsArray) / sizeof(flagArray); #define MAX_STRING 30 CK_ULONG GetFlags(char *flagsString, flagArray *flagArray, int count) { CK_ULONG flagsValue = strtol(flagsString, NULL, 0); int i; if ((flagsValue != 0) || (*flagsString == 0)) { return flagsValue; } while (*flagsString) { for (i = 0; i < count; i++) { if (strncmp(flagsString, flagArray[i].name, flagArray[i].nameSize) == 0) { flagsValue |= flagArray[i].value; flagsString += flagArray[i].nameSize; if (*flagsString != 0) { flagsString++; } break; } } if (i == count) { char name[MAX_STRING]; char *tok; strncpy(name, flagsString, MAX_STRING); name[MAX_STRING - 1] = 0; tok = strchr(name, ','); if (tok) { *tok = 0; } fprintf(stderr, "Unknown flag (%s)\n", name); tok = strchr(flagsString, ','); if (tok == NULL) { break; } flagsString = tok + 1; } } return flagsValue; } CK_FLAGS GetOpFlags(char *flags) { return GetFlags(flags, opFlagsArray, opFlagsCount); } PK11AttrFlags GetAttrFlags(char *flags) { return GetFlags(flags, attrFlagsArray, attrFlagsCount); } char * mkNickname(unsigned char *data, int len) { char *nick = PORT_Alloc(len + 1); if (!nick) { return nick; } PORT_Memcpy(nick, data, len); nick[len] = 0; return nick; } /* * dump a PK11_MergeTokens error log to the console */ void DumpMergeLog(const char *progname, PK11MergeLog *log) { PK11MergeLogNode *node; for (node = log->head; node; node = node->next) { SECItem attrItem; char *nickname = NULL; const char *objectClass = NULL; SECStatus rv; attrItem.data = NULL; rv = PK11_ReadRawAttribute(PK11_TypeGeneric, node->object, CKA_LABEL, &attrItem); if (rv == SECSuccess) { nickname = mkNickname(attrItem.data, attrItem.len); PORT_Free(attrItem.data); } attrItem.data = NULL; rv = PK11_ReadRawAttribute(PK11_TypeGeneric, node->object, CKA_CLASS, &attrItem); if (rv == SECSuccess) { if (attrItem.len == sizeof(CK_ULONG)) { objectClass = getObjectClass(*(CK_ULONG *)attrItem.data); } PORT_Free(attrItem.data); } fprintf(stderr, "%s: Could not merge object %s (type %s): %s\n", progName, nickname ? nickname : "unnamed", objectClass ? objectClass : "unknown", SECU_Strerror(node->error)); if (nickname) { PORT_Free(nickname); } } } /* Certutil commands */ enum { cmd_AddCert = 0, cmd_CreateNewCert, cmd_DeleteCert, cmd_AddEmailCert, cmd_DeleteKey, cmd_GenKeyPair, cmd_PrintHelp, cmd_PrintSyntax, cmd_ListKeys, cmd_ListCerts, cmd_ModifyCertTrust, cmd_NewDBs, cmd_DumpChain, cmd_CertReq, cmd_CreateAndAddCert, cmd_TokenReset, cmd_ListModules, cmd_CheckCertValidity, cmd_ChangePassword, cmd_Version, cmd_Batch, cmd_Merge, cmd_UpgradeMerge, /* test only */ cmd_Rename, cmd_BuildFlags, max_cmd }; /* Certutil options */ enum certutilOpts { opt_SSOPass = 0, opt_AddKeyUsageExt, opt_AddBasicConstraintExt, opt_AddAuthorityKeyIDExt, opt_AddCRLDistPtsExt, opt_AddNSCertTypeExt, opt_AddExtKeyUsageExt, opt_ExtendedEmailAddrs, opt_ExtendedDNSNames, opt_ASCIIForIO, opt_ValidityTime, opt_IssuerName, opt_CertDir, opt_VerifySig, opt_PasswordFile, opt_KeySize, opt_TokenName, opt_InputFile, opt_Emailaddress, opt_KeyIndex, opt_KeyType, opt_DetailedInfo, opt_SerialNumber, opt_Nickname, opt_OutputFile, opt_PhoneNumber, opt_DBPrefix, opt_PQGFile, opt_BinaryDER, opt_Subject, opt_Trust, opt_Usage, opt_Validity, opt_OffsetMonths, opt_SelfSign, opt_RW, opt_Exponent, opt_NoiseFile, opt_Hash, opt_NewPasswordFile, opt_AddAuthInfoAccExt, opt_AddSubjInfoAccExt, opt_AddCertPoliciesExt, opt_AddPolicyMapExt, opt_AddPolicyConstrExt, opt_AddInhibAnyExt, opt_AddNameConstraintsExt, opt_AddSubjectKeyIDExt, opt_AddCmdKeyUsageExt, opt_AddCmdNSCertTypeExt, opt_AddCmdExtKeyUsageExt, opt_SourceDir, opt_SourcePrefix, opt_UpgradeID, opt_UpgradeTokenName, opt_KeyOpFlagsOn, opt_KeyOpFlagsOff, opt_KeyAttrFlags, opt_EmptyPassword, opt_CertVersion, opt_AddSubjectAltNameExt, opt_DumpExtensionValue, opt_GenericExtensions, opt_NewNickname, opt_Pss, opt_PssSign, opt_Help }; static const secuCommandFlag commands_init[] = { { /* cmd_AddCert */ 'A', PR_FALSE, 0, PR_FALSE }, { /* cmd_CreateNewCert */ 'C', PR_FALSE, 0, PR_FALSE }, { /* cmd_DeleteCert */ 'D', PR_FALSE, 0, PR_FALSE }, { /* cmd_AddEmailCert */ 'E', PR_FALSE, 0, PR_FALSE }, { /* cmd_DeleteKey */ 'F', PR_FALSE, 0, PR_FALSE }, { /* cmd_GenKeyPair */ 'G', PR_FALSE, 0, PR_FALSE }, { /* cmd_PrintHelp */ 'H', PR_FALSE, 0, PR_FALSE, "help" }, { /* cmd_PrintSyntax */ 0, PR_FALSE, 0, PR_FALSE, "syntax" }, { /* cmd_ListKeys */ 'K', PR_FALSE, 0, PR_FALSE }, { /* cmd_ListCerts */ 'L', PR_FALSE, 0, PR_FALSE }, { /* cmd_ModifyCertTrust */ 'M', PR_FALSE, 0, PR_FALSE }, { /* cmd_NewDBs */ 'N', PR_FALSE, 0, PR_FALSE }, { /* cmd_DumpChain */ 'O', PR_FALSE, 0, PR_FALSE }, { /* cmd_CertReq */ 'R', PR_FALSE, 0, PR_FALSE }, { /* cmd_CreateAndAddCert */ 'S', PR_FALSE, 0, PR_FALSE }, { /* cmd_TokenReset */ 'T', PR_FALSE, 0, PR_FALSE }, { /* cmd_ListModules */ 'U', PR_FALSE, 0, PR_FALSE }, { /* cmd_CheckCertValidity */ 'V', PR_FALSE, 0, PR_FALSE }, { /* cmd_ChangePassword */ 'W', PR_FALSE, 0, PR_FALSE }, { /* cmd_Version */ 'Y', PR_FALSE, 0, PR_FALSE }, { /* cmd_Batch */ 'B', PR_FALSE, 0, PR_FALSE }, { /* cmd_Merge */ 0, PR_FALSE, 0, PR_FALSE, "merge" }, { /* cmd_UpgradeMerge */ 0, PR_FALSE, 0, PR_FALSE, "upgrade-merge" }, { /* cmd_Rename */ 0, PR_FALSE, 0, PR_FALSE, "rename" }, { /* cmd_BuildFlags */ 0, PR_FALSE, 0, PR_FALSE, "build-flags" } }; #define NUM_COMMANDS ((sizeof commands_init) / (sizeof commands_init[0])) static const secuCommandFlag options_init[] = { { /* opt_SSOPass */ '0', PR_TRUE, 0, PR_FALSE }, { /* opt_AddKeyUsageExt */ '1', PR_FALSE, 0, PR_FALSE }, { /* opt_AddBasicConstraintExt*/ '2', PR_FALSE, 0, PR_FALSE }, { /* opt_AddAuthorityKeyIDExt*/ '3', PR_FALSE, 0, PR_FALSE }, { /* opt_AddCRLDistPtsExt */ '4', PR_FALSE, 0, PR_FALSE }, { /* opt_AddNSCertTypeExt */ '5', PR_FALSE, 0, PR_FALSE }, { /* opt_AddExtKeyUsageExt */ '6', PR_FALSE, 0, PR_FALSE }, { /* opt_ExtendedEmailAddrs */ '7', PR_TRUE, 0, PR_FALSE }, { /* opt_ExtendedDNSNames */ '8', PR_TRUE, 0, PR_FALSE }, { /* opt_ASCIIForIO */ 'a', PR_FALSE, 0, PR_FALSE }, { /* opt_ValidityTime */ 'b', PR_TRUE, 0, PR_FALSE }, { /* opt_IssuerName */ 'c', PR_TRUE, 0, PR_FALSE }, { /* opt_CertDir */ 'd', PR_TRUE, 0, PR_FALSE }, { /* opt_VerifySig */ 'e', PR_FALSE, 0, PR_FALSE }, { /* opt_PasswordFile */ 'f', PR_TRUE, 0, PR_FALSE }, { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE }, { /* opt_TokenName */ 'h', PR_TRUE, 0, PR_FALSE }, { /* opt_InputFile */ 'i', PR_TRUE, 0, PR_FALSE }, { /* opt_Emailaddress */ 0, PR_TRUE, 0, PR_FALSE, "email" }, { /* opt_KeyIndex */ 'j', PR_TRUE, 0, PR_FALSE }, { /* opt_KeyType */ 'k', PR_TRUE, 0, PR_FALSE }, { /* opt_DetailedInfo */ 'l', PR_FALSE, 0, PR_FALSE }, { /* opt_SerialNumber */ 'm', PR_TRUE, 0, PR_FALSE }, { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE }, { /* opt_OutputFile */ 'o', PR_TRUE, 0, PR_FALSE }, { /* opt_PhoneNumber */ 'p', PR_TRUE, 0, PR_FALSE }, { /* opt_DBPrefix */ 'P', PR_TRUE, 0, PR_FALSE }, { /* opt_PQGFile */ 'q', PR_TRUE, 0, PR_FALSE }, { /* opt_BinaryDER */ 'r', PR_FALSE, 0, PR_FALSE }, { /* opt_Subject */ 's', PR_TRUE, 0, PR_FALSE }, { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE }, { /* opt_Usage */ 'u', PR_TRUE, 0, PR_FALSE }, { /* opt_Validity */ 'v', PR_TRUE, 0, PR_FALSE }, { /* opt_OffsetMonths */ 'w', PR_TRUE, 0, PR_FALSE }, { /* opt_SelfSign */ 'x', PR_FALSE, 0, PR_FALSE }, { /* opt_RW */ 'X', PR_FALSE, 0, PR_FALSE }, { /* opt_Exponent */ 'y', PR_TRUE, 0, PR_FALSE }, { /* opt_NoiseFile */ 'z', PR_TRUE, 0, PR_FALSE }, { /* opt_Hash */ 'Z', PR_TRUE, 0, PR_FALSE }, { /* opt_NewPasswordFile */ '@', PR_TRUE, 0, PR_FALSE }, { /* opt_AddAuthInfoAccExt */ 0, PR_FALSE, 0, PR_FALSE, "extAIA" }, { /* opt_AddSubjInfoAccExt */ 0, PR_FALSE, 0, PR_FALSE, "extSIA" }, { /* opt_AddCertPoliciesExt */ 0, PR_FALSE, 0, PR_FALSE, "extCP" }, { /* opt_AddPolicyMapExt */ 0, PR_FALSE, 0, PR_FALSE, "extPM" }, { /* opt_AddPolicyConstrExt */ 0, PR_FALSE, 0, PR_FALSE, "extPC" }, { /* opt_AddInhibAnyExt */ 0, PR_FALSE, 0, PR_FALSE, "extIA" }, { /* opt_AddNameConstraintsExt*/ 0, PR_FALSE, 0, PR_FALSE, "extNC" }, { /* opt_AddSubjectKeyIDExt */ 0, PR_FALSE, 0, PR_FALSE, "extSKID" }, { /* opt_AddCmdKeyUsageExt */ 0, PR_TRUE, 0, PR_FALSE, "keyUsage" }, { /* opt_AddCmdNSCertTypeExt */ 0, PR_TRUE, 0, PR_FALSE, "nsCertType" }, { /* opt_AddCmdExtKeyUsageExt*/ 0, PR_TRUE, 0, PR_FALSE, "extKeyUsage" }, { /* opt_SourceDir */ 0, PR_TRUE, 0, PR_FALSE, "source-dir" }, { /* opt_SourcePrefix */ 0, PR_TRUE, 0, PR_FALSE, "source-prefix" }, { /* opt_UpgradeID */ 0, PR_TRUE, 0, PR_FALSE, "upgrade-id" }, { /* opt_UpgradeTokenName */ 0, PR_TRUE, 0, PR_FALSE, "upgrade-token-name" }, { /* opt_KeyOpFlagsOn */ 0, PR_TRUE, 0, PR_FALSE, "keyOpFlagsOn" }, { /* opt_KeyOpFlagsOff */ 0, PR_TRUE, 0, PR_FALSE, "keyOpFlagsOff" }, { /* opt_KeyAttrFlags */ 0, PR_TRUE, 0, PR_FALSE, "keyAttrFlags" }, { /* opt_EmptyPassword */ 0, PR_FALSE, 0, PR_FALSE, "empty-password" }, { /* opt_CertVersion */ 0, PR_TRUE, 0, PR_FALSE, "certVersion" }, { /* opt_AddSubjectAltExt */ 0, PR_TRUE, 0, PR_FALSE, "extSAN" }, { /* opt_DumpExtensionValue */ 0, PR_TRUE, 0, PR_FALSE, "dump-ext-val" }, { /* opt_GenericExtensions */ 0, PR_TRUE, 0, PR_FALSE, "extGeneric" }, { /* opt_NewNickname */ 0, PR_TRUE, 0, PR_FALSE, "new-n" }, { /* opt_Pss */ 0, PR_FALSE, 0, PR_FALSE, "pss" }, { /* opt_PssSign */ 0, PR_FALSE, 0, PR_FALSE, "pss-sign" }, }; #define NUM_OPTIONS ((sizeof options_init) / (sizeof options_init[0])) static secuCommandFlag certutil_commands[NUM_COMMANDS]; static secuCommandFlag certutil_options[NUM_OPTIONS]; static const secuCommand certutil = { NUM_COMMANDS, NUM_OPTIONS, certutil_commands, certutil_options }; static certutilExtnList certutil_extns; static int certutil_main(int argc, char **argv, PRBool initialize) { CERTCertDBHandle *certHandle; PK11SlotInfo *slot = NULL; CERTName *subject = 0; PRFileDesc *inFile = PR_STDIN; PRFileDesc *outFile = PR_STDOUT; SECItem certReqDER = { siBuffer, NULL, 0 }; SECItem certDER = { siBuffer, NULL, 0 }; const char *slotname = "internal"; const char *certPrefix = ""; char *sourceDir = ""; const char *srcCertPrefix = ""; char *upgradeID = ""; char *upgradeTokenName = ""; KeyType keytype = rsaKey; char *name = NULL; char *newName = NULL; char *email = NULL; char *keysource = NULL; SECOidTag hashAlgTag = SEC_OID_UNKNOWN; int keysize = DEFAULT_KEY_BITS; int publicExponent = 0x010001; int certVersion = SEC_CERTIFICATE_VERSION_3; unsigned int serialNumber = 0; int warpmonths = 0; int validityMonths = 3; int commandsEntered = 0; char commandToRun = '\0'; secuPWData pwdata = { PW_NONE, 0 }; secuPWData pwdata2 = { PW_NONE, 0 }; PRBool readOnly = PR_FALSE; PRBool initialized = PR_FALSE; CK_FLAGS keyOpFlagsOn = 0; CK_FLAGS keyOpFlagsOff = 0; PK11AttrFlags keyAttrFlags = PK11_ATTR_TOKEN | PK11_ATTR_SENSITIVE | PK11_ATTR_PRIVATE; SECKEYPrivateKey *privkey = NULL; SECKEYPublicKey *pubkey = NULL; int i; SECStatus rv; progName = PORT_Strrchr(argv[0], '/'); progName = progName ? progName + 1 : argv[0]; memcpy(certutil_commands, commands_init, sizeof commands_init); memcpy(certutil_options, options_init, sizeof options_init); rv = SECU_ParseCommandLine(argc, argv, progName, &certutil); if (rv != SECSuccess) Usage(progName); if (certutil.commands[cmd_PrintSyntax].activated) { PrintSyntax(progName); } if (certutil.commands[cmd_PrintHelp].activated) { int i; char buf[2]; const char *command = NULL; for (i = 0; i < max_cmd; i++) { if (i == cmd_PrintHelp) continue; if (certutil.commands[i].activated) { if (certutil.commands[i].flag) { buf[0] = certutil.commands[i].flag; buf[1] = 0; command = buf; } else { command = certutil.commands[i].longform; } break; } } LongUsage(progName, (command ? usage_selected : usage_all), command); exit(1); } if (certutil.commands[cmd_BuildFlags].activated) { PrintBuildFlags(); } if (certutil.options[opt_PasswordFile].arg) { pwdata.source = PW_FROMFILE; pwdata.data = certutil.options[opt_PasswordFile].arg; } if (certutil.options[opt_NewPasswordFile].arg) { pwdata2.source = PW_FROMFILE; pwdata2.data = certutil.options[opt_NewPasswordFile].arg; } if (certutil.options[opt_CertDir].activated) SECU_ConfigDirectory(certutil.options[opt_CertDir].arg); if (certutil.options[opt_SourceDir].activated) sourceDir = certutil.options[opt_SourceDir].arg; if (certutil.options[opt_UpgradeID].activated) upgradeID = certutil.options[opt_UpgradeID].arg; if (certutil.options[opt_UpgradeTokenName].activated) upgradeTokenName = certutil.options[opt_UpgradeTokenName].arg; if (certutil.options[opt_KeySize].activated) { keysize = PORT_Atoi(certutil.options[opt_KeySize].arg); if ((keysize < MIN_KEY_BITS) || (keysize > MAX_KEY_BITS)) { PR_fprintf(PR_STDERR, "%s -g: Keysize must be between %d and %d.\n", progName, MIN_KEY_BITS, MAX_KEY_BITS); return 255; } if (keytype == ecKey) { PR_fprintf(PR_STDERR, "%s -g: Not for ec keys.\n", progName); return 255; } } /* -h specify token name */ if (certutil.options[opt_TokenName].activated) { if (PL_strcmp(certutil.options[opt_TokenName].arg, "all") == 0) slotname = NULL; else slotname = certutil.options[opt_TokenName].arg; } /* -Z hash type */ if (certutil.options[opt_Hash].activated) { char *arg = certutil.options[opt_Hash].arg; hashAlgTag = SECU_StringToSignatureAlgTag(arg); if (hashAlgTag == SEC_OID_UNKNOWN) { PR_fprintf(PR_STDERR, "%s -Z: %s is not a recognized type.\n", progName, arg); return 255; } } /* -k key type */ if (certutil.options[opt_KeyType].activated) { char *arg = certutil.options[opt_KeyType].arg; if (PL_strcmp(arg, "rsa") == 0) { keytype = rsaKey; } else if (PL_strcmp(arg, "dsa") == 0) { keytype = dsaKey; } else if (PL_strcmp(arg, "ec") == 0) { keytype = ecKey; } else if (PL_strcmp(arg, "all") == 0) { keytype = nullKey; } else { /* use an existing private/public key pair */ keysource = arg; } } else if (certutil.commands[cmd_ListKeys].activated) { keytype = nullKey; } if (certutil.options[opt_KeyOpFlagsOn].activated) { keyOpFlagsOn = GetOpFlags(certutil.options[opt_KeyOpFlagsOn].arg); } if (certutil.options[opt_KeyOpFlagsOff].activated) { keyOpFlagsOff = GetOpFlags(certutil.options[opt_KeyOpFlagsOff].arg); keyOpFlagsOn &= ~keyOpFlagsOff; /* make off override on */ } if (certutil.options[opt_KeyAttrFlags].activated) { keyAttrFlags = GetAttrFlags(certutil.options[opt_KeyAttrFlags].arg); } /* -m serial number */ if (certutil.options[opt_SerialNumber].activated) { int sn = PORT_Atoi(certutil.options[opt_SerialNumber].arg); if (sn < 0) { PR_fprintf(PR_STDERR, "%s -m: %s is not a valid serial number.\n", progName, certutil.options[opt_SerialNumber].arg); return 255; } serialNumber = sn; } /* -P certdb name prefix */ if (certutil.options[opt_DBPrefix].activated) { if (certutil.options[opt_DBPrefix].arg) { certPrefix = certutil.options[opt_DBPrefix].arg; } else { Usage(progName); } } /* --source-prefix certdb name prefix */ if (certutil.options[opt_SourcePrefix].activated) { if (certutil.options[opt_SourcePrefix].arg) { srcCertPrefix = certutil.options[opt_SourcePrefix].arg; } else { Usage(progName); } } /* -q PQG file or curve name */ if (certutil.options[opt_PQGFile].activated) { if ((keytype != dsaKey) && (keytype != ecKey)) { PR_fprintf(PR_STDERR, "%s -q: specifies a PQG file for DSA keys" " (-k dsa) or a named curve for EC keys (-k ec)\n)", progName); return 255; } } /* -s subject name */ if (certutil.options[opt_Subject].activated) { subject = CERT_AsciiToName(certutil.options[opt_Subject].arg); if (!subject) { PR_fprintf(PR_STDERR, "%s -s: improperly formatted name: \"%s\"\n", progName, certutil.options[opt_Subject].arg); return 255; } } /* -v validity period */ if (certutil.options[opt_Validity].activated) { validityMonths = PORT_Atoi(certutil.options[opt_Validity].arg); if (validityMonths < 0) { PR_fprintf(PR_STDERR, "%s -v: incorrect validity period: \"%s\"\n", progName, certutil.options[opt_Validity].arg); return 255; } } /* -w warp months */ if (certutil.options[opt_OffsetMonths].activated) warpmonths = PORT_Atoi(certutil.options[opt_OffsetMonths].arg); /* -y public exponent (for RSA) */ if (certutil.options[opt_Exponent].activated) { publicExponent = PORT_Atoi(certutil.options[opt_Exponent].arg); if ((publicExponent != 3) && (publicExponent != 17) && (publicExponent != 65537)) { PR_fprintf(PR_STDERR, "%s -y: incorrect public exponent %d.", progName, publicExponent); PR_fprintf(PR_STDERR, "Must be 3, 17, or 65537.\n"); return 255; } } /* --certVersion */ if (certutil.options[opt_CertVersion].activated) { certVersion = PORT_Atoi(certutil.options[opt_CertVersion].arg); if (certVersion < 1 || certVersion > 4) { PR_fprintf(PR_STDERR, "%s -certVersion: incorrect certificate version %d.", progName, certVersion); PR_fprintf(PR_STDERR, "Must be 1, 2, 3 or 4.\n"); return 255; } certVersion = certVersion - 1; } /* Check number of commands entered. */ commandsEntered = 0; for (i = 0; i < certutil.numCommands; i++) { if (certutil.commands[i].activated) { commandToRun = certutil.commands[i].flag; commandsEntered++; } if (commandsEntered > 1) break; } if (commandsEntered > 1) { PR_fprintf(PR_STDERR, "%s: only one command at a time!\n", progName); PR_fprintf(PR_STDERR, "You entered: "); for (i = 0; i < certutil.numCommands; i++) { if (certutil.commands[i].activated) PR_fprintf(PR_STDERR, " -%c", certutil.commands[i].flag); } PR_fprintf(PR_STDERR, "\n"); return 255; } if (commandsEntered == 0) { Usage(progName); } if (certutil.commands[cmd_ListCerts].activated || certutil.commands[cmd_PrintHelp].activated || certutil.commands[cmd_ListKeys].activated || certutil.commands[cmd_ListModules].activated || certutil.commands[cmd_CheckCertValidity].activated || certutil.commands[cmd_Version].activated) { readOnly = !certutil.options[opt_RW].activated; } /* -A, -D, -F, -M, -S, -V, and all require -n */ if ((certutil.commands[cmd_AddCert].activated || certutil.commands[cmd_DeleteCert].activated || certutil.commands[cmd_DeleteKey].activated || certutil.commands[cmd_DumpChain].activated || certutil.commands[cmd_ModifyCertTrust].activated || certutil.commands[cmd_CreateAndAddCert].activated || certutil.commands[cmd_CheckCertValidity].activated) && !certutil.options[opt_Nickname].activated) { PR_fprintf(PR_STDERR, "%s -%c: nickname is required for this command (-n).\n", progName, commandToRun); return 255; } /* -A, -E, -M, -S require trust */ if ((certutil.commands[cmd_AddCert].activated || certutil.commands[cmd_AddEmailCert].activated || certutil.commands[cmd_ModifyCertTrust].activated || certutil.commands[cmd_CreateAndAddCert].activated) && !certutil.options[opt_Trust].activated) { PR_fprintf(PR_STDERR, "%s -%c: trust is required for this command (-t).\n", progName, commandToRun); return 255; } /* if -L is given raw, ascii or dump mode, it must be for only one cert. */ if (certutil.commands[cmd_ListCerts].activated && (certutil.options[opt_ASCIIForIO].activated || certutil.options[opt_DumpExtensionValue].activated || certutil.options[opt_BinaryDER].activated) && !certutil.options[opt_Nickname].activated) { PR_fprintf(PR_STDERR, "%s: nickname is required to dump cert in raw or ascii mode.\n", progName); return 255; } /* -L can only be in (raw || ascii). */ if (certutil.commands[cmd_ListCerts].activated && certutil.options[opt_ASCIIForIO].activated && certutil.options[opt_BinaryDER].activated) { PR_fprintf(PR_STDERR, "%s: cannot specify both -r and -a when dumping cert.\n", progName); return 255; } /* If making a cert request, need a subject. */ if ((certutil.commands[cmd_CertReq].activated || certutil.commands[cmd_CreateAndAddCert].activated) && !(certutil.options[opt_Subject].activated || keysource)) { PR_fprintf(PR_STDERR, "%s -%c: subject is required to create a cert request.\n", progName, commandToRun); return 255; } /* If making a cert, need a serial number. */ if ((certutil.commands[cmd_CreateNewCert].activated || certutil.commands[cmd_CreateAndAddCert].activated) && !certutil.options[opt_SerialNumber].activated) { /* Make a default serial number from the current time. */ PRTime now = PR_Now(); LL_USHR(now, now, 19); LL_L2UI(serialNumber, now); } /* Validation needs the usage to validate for. */ if (certutil.commands[cmd_CheckCertValidity].activated && !certutil.options[opt_Usage].activated) { PR_fprintf(PR_STDERR, "%s -V: specify a usage to validate the cert for (-u).\n", progName); return 255; } /* Rename needs an old and a new nickname */ if (certutil.commands[cmd_Rename].activated && !(certutil.options[opt_Nickname].activated && certutil.options[opt_NewNickname].activated)) { PR_fprintf(PR_STDERR, "%s --rename: specify an old nickname (-n) and\n" " a new nickname (--new-n).\n", progName); return 255; } /* Upgrade/Merge needs a source database and a upgrade id. */ if (certutil.commands[cmd_UpgradeMerge].activated && !(certutil.options[opt_SourceDir].activated && certutil.options[opt_UpgradeID].activated)) { PR_fprintf(PR_STDERR, "%s --upgrade-merge: specify an upgrade database directory " "(--source-dir) and\n" " an upgrade ID (--upgrade-id).\n", progName); return 255; } /* Merge needs a source database */ if (certutil.commands[cmd_Merge].activated && !certutil.options[opt_SourceDir].activated) { PR_fprintf(PR_STDERR, "%s --merge: specify an source database directory " "(--source-dir)\n", progName); return 255; } /* To make a cert, need either a issuer or to self-sign it. */ if (certutil.commands[cmd_CreateAndAddCert].activated && !(certutil.options[opt_IssuerName].activated || certutil.options[opt_SelfSign].activated)) { PR_fprintf(PR_STDERR, "%s -S: must specify issuer (-c) or self-sign (-x).\n", progName); return 255; } /* Using slotname == NULL for listing keys and certs on all slots, * but only that. */ if (!(certutil.commands[cmd_ListKeys].activated || certutil.commands[cmd_DumpChain].activated || certutil.commands[cmd_ListCerts].activated) && slotname == NULL) { PR_fprintf(PR_STDERR, "%s -%c: cannot use \"-h all\" for this command.\n", progName, commandToRun); return 255; } /* Using keytype == nullKey for list all key types, but only that. */ if (!certutil.commands[cmd_ListKeys].activated && keytype == nullKey) { PR_fprintf(PR_STDERR, "%s -%c: cannot use \"-k all\" for this command.\n", progName, commandToRun); return 255; } /* Open the input file. */ if (certutil.options[opt_InputFile].activated) { inFile = PR_Open(certutil.options[opt_InputFile].arg, PR_RDONLY, 0); if (!inFile) { PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for reading (%ld, %ld).\n", progName, certutil.options[opt_InputFile].arg, PR_GetError(), PR_GetOSError()); return 255; } } /* Open the output file. */ if (certutil.options[opt_OutputFile].activated) { outFile = PR_Open(certutil.options[opt_OutputFile].arg, PR_CREATE_FILE | PR_RDWR | PR_TRUNCATE, 00660); if (!outFile) { PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for writing (%ld, %ld).\n", progName, certutil.options[opt_OutputFile].arg, PR_GetError(), PR_GetOSError()); return 255; } } name = SECU_GetOptionArg(&certutil, opt_Nickname); newName = SECU_GetOptionArg(&certutil, opt_NewNickname); email = SECU_GetOptionArg(&certutil, opt_Emailaddress); PK11_SetPasswordFunc(SECU_GetModulePassword); if (PR_TRUE == initialize) { /* Initialize NSPR and NSS. */ PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); if (!certutil.commands[cmd_UpgradeMerge].activated) { rv = NSS_Initialize(SECU_ConfigDirectory(NULL), certPrefix, certPrefix, "secmod.db", readOnly ? NSS_INIT_READONLY : 0); } else { rv = NSS_InitWithMerge(SECU_ConfigDirectory(NULL), certPrefix, certPrefix, "secmod.db", sourceDir, srcCertPrefix, srcCertPrefix, upgradeID, upgradeTokenName, readOnly ? NSS_INIT_READONLY : 0); } if (rv != SECSuccess) { SECU_PrintPRandOSError(progName); rv = SECFailure; goto shutdown; } initialized = PR_TRUE; SECU_RegisterDynamicOids(); } certHandle = CERT_GetDefaultCertDB(); if (certutil.commands[cmd_Version].activated) { printf("Certificate database content version: command not implemented.\n"); } if (PL_strcmp(slotname, "internal") == 0) slot = PK11_GetInternalKeySlot(); else if (slotname != NULL) slot = PK11_FindSlotByName(slotname); if (!slot && (certutil.commands[cmd_NewDBs].activated || certutil.commands[cmd_ModifyCertTrust].activated || certutil.commands[cmd_ChangePassword].activated || certutil.commands[cmd_TokenReset].activated || certutil.commands[cmd_CreateAndAddCert].activated || certutil.commands[cmd_AddCert].activated || certutil.commands[cmd_Merge].activated || certutil.commands[cmd_UpgradeMerge].activated || certutil.commands[cmd_AddEmailCert].activated)) { SECU_PrintError(progName, "could not find the slot %s", slotname); rv = SECFailure; goto shutdown; } /* If creating new database, initialize the password. */ if (certutil.commands[cmd_NewDBs].activated) { if (certutil.options[opt_EmptyPassword].activated && (PK11_NeedUserInit(slot))) { rv = PK11_InitPin(slot, (char *)NULL, ""); } else { rv = SECU_ChangePW2(slot, 0, 0, certutil.options[opt_PasswordFile].arg, certutil.options[opt_NewPasswordFile].arg); } if (rv != SECSuccess) { SECU_PrintError(progName, "Could not set password for the slot"); goto shutdown; } } /* if we are going to modify the cert database, * make sure it's initialized */ if (certutil.commands[cmd_ModifyCertTrust].activated || certutil.commands[cmd_CreateAndAddCert].activated || certutil.commands[cmd_AddCert].activated || certutil.commands[cmd_AddEmailCert].activated) { if (PK11_NeedLogin(slot) && PK11_NeedUserInit(slot)) { char *password = NULL; /* fetch the password from the command line or the file * if no password is supplied, initialize the password to NULL */ if (pwdata.source == PW_FROMFILE) { password = SECU_FilePasswd(slot, PR_FALSE, pwdata.data); } else if (pwdata.source == PW_PLAINTEXT) { password = PL_strdup(pwdata.data); } rv = PK11_InitPin(slot, (char *)NULL, password ? password : ""); if (password) { PORT_Memset(password, 0, PL_strlen(password)); PORT_Free(password); } if (rv != SECSuccess) { SECU_PrintError(progName, "Could not set password for the slot"); goto shutdown; } } } /* walk through the upgrade merge if necessary. * This option is more to test what some applications will want to do * to do an automatic upgrade. The --merge command is more useful for * the general case where 2 database need to be merged together. */ if (certutil.commands[cmd_UpgradeMerge].activated) { if (*upgradeTokenName == 0) { upgradeTokenName = upgradeID; } if (!PK11_IsInternal(slot)) { fprintf(stderr, "Only internal DB's can be upgraded\n"); rv = SECSuccess; goto shutdown; } if (!PK11_IsRemovable(slot)) { printf("database already upgraded.\n"); rv = SECSuccess; goto shutdown; } if (!PK11_NeedLogin(slot)) { printf("upgrade complete!\n"); rv = SECSuccess; goto shutdown; } /* authenticate to the old DB if necessary */ if (PORT_Strcmp(PK11_GetTokenName(slot), upgradeTokenName) == 0) { /* if we need a password, supply it. This will be the password * for the old database */ rv = PK11_Authenticate(slot, PR_FALSE, &pwdata2); if (rv != SECSuccess) { SECU_PrintError(progName, "Could not get password for %s", upgradeTokenName); goto shutdown; } /* * if we succeeded above, but still aren't logged in, that means * we just supplied the password for the old database. We may * need the password for the new database. NSS will automatically * change the token names at this point */ if (PK11_IsLoggedIn(slot, &pwdata)) { printf("upgrade complete!\n"); rv = SECSuccess; goto shutdown; } } /* call PK11_IsPresent to update our cached token information */ if (!PK11_IsPresent(slot)) { /* this shouldn't happen. We call isPresent to force a token * info update */ fprintf(stderr, "upgrade/merge internal error\n"); rv = SECFailure; goto shutdown; } /* the token is now set to the state of the source database, * if we need a password for it, PK11_Authenticate will * automatically prompt us */ rv = PK11_Authenticate(slot, PR_FALSE, &pwdata); if (rv == SECSuccess) { printf("upgrade complete!\n"); } else { SECU_PrintError(progName, "Could not get password for %s", PK11_GetTokenName(slot)); } goto shutdown; } /* * merge 2 databases. */ if (certutil.commands[cmd_Merge].activated) { PK11SlotInfo *sourceSlot = NULL; PK11MergeLog *log; char *modspec = PR_smprintf( "configDir='%s' certPrefix='%s' tokenDescription='%s'", sourceDir, srcCertPrefix, *upgradeTokenName ? upgradeTokenName : "Source Database"); if (!modspec) { rv = SECFailure; goto shutdown; } sourceSlot = SECMOD_OpenUserDB(modspec); PR_smprintf_free(modspec); if (!sourceSlot) { SECU_PrintError(progName, "couldn't open source database"); rv = SECFailure; goto shutdown; } rv = PK11_Authenticate(slot, PR_FALSE, &pwdata); if (rv != SECSuccess) { SECU_PrintError(progName, "Couldn't get password for %s", PK11_GetTokenName(slot)); goto merge_fail; } rv = PK11_Authenticate(sourceSlot, PR_FALSE, &pwdata2); if (rv != SECSuccess) { SECU_PrintError(progName, "Couldn't get password for %s", PK11_GetTokenName(sourceSlot)); goto merge_fail; } log = PK11_CreateMergeLog(); if (!log) { rv = SECFailure; SECU_PrintError(progName, "couldn't create error log"); goto merge_fail; } rv = PK11_MergeTokens(slot, sourceSlot, log, &pwdata, &pwdata2); if (rv != SECSuccess) { DumpMergeLog(progName, log); } PK11_DestroyMergeLog(log); merge_fail: SECMOD_CloseUserDB(sourceSlot); PK11_FreeSlot(sourceSlot); goto shutdown; } /* The following 8 options are mutually exclusive with all others. */ /* List certs (-L) */ if (certutil.commands[cmd_ListCerts].activated) { if (certutil.options[opt_DumpExtensionValue].activated) { const char *oid_str; SECItem oid_item; SECStatus srv; oid_item.data = NULL; oid_item.len = 0; oid_str = certutil.options[opt_DumpExtensionValue].arg; srv = GetOidFromString(NULL, &oid_item, oid_str, strlen(oid_str)); if (srv != SECSuccess) { SECU_PrintError(progName, "malformed extension OID %s", oid_str); goto shutdown; } rv = ListCerts(certHandle, name, email, slot, PR_TRUE /*binary*/, PR_FALSE /*ascii*/, &oid_item, outFile, &pwdata); SECITEM_FreeItem(&oid_item, PR_FALSE); } else { rv = ListCerts(certHandle, name, email, slot, certutil.options[opt_BinaryDER].activated, certutil.options[opt_ASCIIForIO].activated, NULL, outFile, &pwdata); } goto shutdown; } if (certutil.commands[cmd_DumpChain].activated) { rv = DumpChain(certHandle, name, certutil.options[opt_ASCIIForIO].activated); goto shutdown; } /* XXX needs work */ /* List keys (-K) */ if (certutil.commands[cmd_ListKeys].activated) { rv = ListKeys(slot, name, 0 /*keyindex*/, keytype, PR_FALSE /*dopriv*/, &pwdata); goto shutdown; } /* List modules (-U) */ if (certutil.commands[cmd_ListModules].activated) { rv = ListModules(); goto shutdown; } /* Delete cert (-D) */ if (certutil.commands[cmd_DeleteCert].activated) { rv = DeleteCert(certHandle, name, &pwdata); goto shutdown; } /* Rename cert (--rename) */ if (certutil.commands[cmd_Rename].activated) { rv = RenameCert(certHandle, name, newName, &pwdata); goto shutdown; } /* Delete key (-F) */ if (certutil.commands[cmd_DeleteKey].activated) { rv = DeleteKey(name, &pwdata); goto shutdown; } /* Modify trust attribute for cert (-M) */ if (certutil.commands[cmd_ModifyCertTrust].activated) { rv = ChangeTrustAttributes(certHandle, slot, name, certutil.options[opt_Trust].arg, &pwdata); goto shutdown; } /* Change key db password (-W) (future - change pw to slot?) */ if (certutil.commands[cmd_ChangePassword].activated) { rv = SECU_ChangePW2(slot, 0, 0, certutil.options[opt_PasswordFile].arg, certutil.options[opt_NewPasswordFile].arg); if (rv != SECSuccess) { SECU_PrintError(progName, "Could not set password for the slot"); goto shutdown; } } /* Reset the a token */ if (certutil.commands[cmd_TokenReset].activated) { char *sso_pass = ""; if (certutil.options[opt_SSOPass].activated) { sso_pass = certutil.options[opt_SSOPass].arg; } rv = PK11_ResetToken(slot, sso_pass); goto shutdown; } /* Check cert validity against current time (-V) */ if (certutil.commands[cmd_CheckCertValidity].activated) { /* XXX temporary hack for fips - must log in to get priv key */ if (certutil.options[opt_VerifySig].activated) { if (slot && PK11_NeedLogin(slot)) { SECStatus newrv = PK11_Authenticate(slot, PR_TRUE, &pwdata); if (newrv != SECSuccess) { SECU_PrintError(progName, "could not authenticate to token %s.", PK11_GetTokenName(slot)); goto shutdown; } } } rv = ValidateCert(certHandle, name, certutil.options[opt_ValidityTime].arg, certutil.options[opt_Usage].arg, certutil.options[opt_VerifySig].activated, certutil.options[opt_DetailedInfo].activated, certutil.options[opt_ASCIIForIO].activated, &pwdata); if (rv != SECSuccess && PR_GetError() == SEC_ERROR_INVALID_ARGS) SECU_PrintError(progName, "validation failed"); goto shutdown; } /* * Key generation */ /* These commands may require keygen. */ if (certutil.commands[cmd_CertReq].activated || certutil.commands[cmd_CreateAndAddCert].activated || certutil.commands[cmd_GenKeyPair].activated) { if (keysource) { CERTCertificate *keycert; keycert = CERT_FindCertByNicknameOrEmailAddr(certHandle, keysource); if (!keycert) { keycert = PK11_FindCertFromNickname(keysource, NULL); if (!keycert) { SECU_PrintError(progName, "%s is neither a key-type nor a nickname", keysource); return SECFailure; } } privkey = PK11_FindKeyByDERCert(slot, keycert, &pwdata); if (privkey) pubkey = CERT_ExtractPublicKey(keycert); if (!pubkey) { SECU_PrintError(progName, "Could not get keys from cert %s", keysource); rv = SECFailure; CERT_DestroyCertificate(keycert); goto shutdown; } keytype = privkey->keyType; /* On CertReq for renewal if no subject has been * specified obtain it from the certificate. */ if (certutil.commands[cmd_CertReq].activated && !subject) { subject = CERT_AsciiToName(keycert->subjectName); if (!subject) { SECU_PrintError(progName, "Could not get subject from certificate %s", keysource); CERT_DestroyCertificate(keycert); rv = SECFailure; goto shutdown; } } CERT_DestroyCertificate(keycert); } else { privkey = CERTUTIL_GeneratePrivateKey(keytype, slot, keysize, publicExponent, certutil.options[opt_NoiseFile].arg, &pubkey, certutil.options[opt_PQGFile].arg, keyAttrFlags, keyOpFlagsOn, keyOpFlagsOff, &pwdata); if (privkey == NULL) { SECU_PrintError(progName, "unable to generate key(s)\n"); rv = SECFailure; goto shutdown; } } privkey->wincx = &pwdata; PORT_Assert(pubkey != NULL); /* If all that was needed was keygen, exit. */ if (certutil.commands[cmd_GenKeyPair].activated) { rv = SECSuccess; goto shutdown; } } if (certutil.options[opt_Pss].activated) { if (!certutil.commands[cmd_CertReq].activated && !certutil.commands[cmd_CreateAndAddCert].activated) { PR_fprintf(PR_STDERR, "%s -%c: --pss only works with -R or -S.\n", progName, commandToRun); return 255; } if (keytype != rsaKey) { PR_fprintf(PR_STDERR, "%s -%c: --pss only works with RSA keys.\n", progName, commandToRun); return 255; } } /* --pss-sign is to sign a certificate with RSA-PSS, even if the * issuer's key is an RSA key. If the key is an RSA-PSS key, the * generated signature is always RSA-PSS. */ if (certutil.options[opt_PssSign].activated) { if (!certutil.commands[cmd_CreateNewCert].activated && !certutil.commands[cmd_CreateAndAddCert].activated) { PR_fprintf(PR_STDERR, "%s -%c: --pss-sign only works with -C or -S.\n", progName, commandToRun); return 255; } if (keytype != rsaKey) { PR_fprintf(PR_STDERR, "%s -%c: --pss-sign only works with RSA keys.\n", progName, commandToRun); return 255; } } /* If we need a list of extensions convert the flags into list format */ if (certutil.commands[cmd_CertReq].activated || certutil.commands[cmd_CreateAndAddCert].activated || certutil.commands[cmd_CreateNewCert].activated) { certutil_extns[ext_keyUsage].activated = certutil.options[opt_AddCmdKeyUsageExt].activated; if (!certutil_extns[ext_keyUsage].activated) { certutil_extns[ext_keyUsage].activated = certutil.options[opt_AddKeyUsageExt].activated; } else { certutil_extns[ext_keyUsage].arg = certutil.options[opt_AddCmdKeyUsageExt].arg; } certutil_extns[ext_basicConstraint].activated = certutil.options[opt_AddBasicConstraintExt].activated; certutil_extns[ext_nameConstraints].activated = certutil.options[opt_AddNameConstraintsExt].activated; certutil_extns[ext_authorityKeyID].activated = certutil.options[opt_AddAuthorityKeyIDExt].activated; certutil_extns[ext_subjectKeyID].activated = certutil.options[opt_AddSubjectKeyIDExt].activated; certutil_extns[ext_CRLDistPts].activated = certutil.options[opt_AddCRLDistPtsExt].activated; certutil_extns[ext_NSCertType].activated = certutil.options[opt_AddCmdNSCertTypeExt].activated; if (!certutil_extns[ext_NSCertType].activated) { certutil_extns[ext_NSCertType].activated = certutil.options[opt_AddNSCertTypeExt].activated; } else { certutil_extns[ext_NSCertType].arg = certutil.options[opt_AddCmdNSCertTypeExt].arg; } certutil_extns[ext_extKeyUsage].activated = certutil.options[opt_AddCmdExtKeyUsageExt].activated; if (!certutil_extns[ext_extKeyUsage].activated) { certutil_extns[ext_extKeyUsage].activated = certutil.options[opt_AddExtKeyUsageExt].activated; } else { certutil_extns[ext_extKeyUsage].arg = certutil.options[opt_AddCmdExtKeyUsageExt].arg; } certutil_extns[ext_subjectAltName].activated = certutil.options[opt_AddSubjectAltNameExt].activated; if (certutil_extns[ext_subjectAltName].activated) { certutil_extns[ext_subjectAltName].arg = certutil.options[opt_AddSubjectAltNameExt].arg; } certutil_extns[ext_authInfoAcc].activated = certutil.options[opt_AddAuthInfoAccExt].activated; certutil_extns[ext_subjInfoAcc].activated = certutil.options[opt_AddSubjInfoAccExt].activated; certutil_extns[ext_certPolicies].activated = certutil.options[opt_AddCertPoliciesExt].activated; certutil_extns[ext_policyMappings].activated = certutil.options[opt_AddPolicyMapExt].activated; certutil_extns[ext_policyConstr].activated = certutil.options[opt_AddPolicyConstrExt].activated; certutil_extns[ext_inhibitAnyPolicy].activated = certutil.options[opt_AddInhibAnyExt].activated; } /* -A -C or -E Read inFile */ if (certutil.commands[cmd_CreateNewCert].activated || certutil.commands[cmd_AddCert].activated || certutil.commands[cmd_AddEmailCert].activated) { PRBool isCreate = certutil.commands[cmd_CreateNewCert].activated; rv = SECU_ReadDERFromFile(isCreate ? &certReqDER : &certDER, inFile, certutil.options[opt_ASCIIForIO].activated, PR_TRUE); if (rv) goto shutdown; } /* * Certificate request */ /* Make a cert request (-R). */ if (certutil.commands[cmd_CertReq].activated) { rv = CertReq(privkey, pubkey, keytype, hashAlgTag, subject, certutil.options[opt_PhoneNumber].arg, certutil.options[opt_ASCIIForIO].activated, certutil.options[opt_ExtendedEmailAddrs].arg, certutil.options[opt_ExtendedDNSNames].arg, certutil_extns, (certutil.options[opt_GenericExtensions].activated ? certutil.options[opt_GenericExtensions].arg : NULL), certutil.options[opt_Pss].activated, &certReqDER); if (rv) goto shutdown; privkey->wincx = &pwdata; } /* * Certificate creation */ /* If making and adding a cert, create a cert request file first without * any extensions, then load it with the command line extensions * and output the cert to another file. */ if (certutil.commands[cmd_CreateAndAddCert].activated) { static certutilExtnList nullextnlist = { { PR_FALSE, NULL } }; rv = CertReq(privkey, pubkey, keytype, hashAlgTag, subject, certutil.options[opt_PhoneNumber].arg, PR_FALSE, /* do not BASE64-encode regardless of -a option */ NULL, NULL, nullextnlist, (certutil.options[opt_GenericExtensions].activated ? certutil.options[opt_GenericExtensions].arg : NULL), certutil.options[opt_Pss].activated, &certReqDER); if (rv) goto shutdown; privkey->wincx = &pwdata; } /* Create a certificate (-C or -S). */ if (certutil.commands[cmd_CreateAndAddCert].activated || certutil.commands[cmd_CreateNewCert].activated) { rv = CreateCert(certHandle, slot, certutil.options[opt_IssuerName].arg, &certReqDER, &privkey, &pwdata, hashAlgTag, serialNumber, warpmonths, validityMonths, certutil.options[opt_ExtendedEmailAddrs].arg, certutil.options[opt_ExtendedDNSNames].arg, certutil.options[opt_ASCIIForIO].activated && certutil.commands[cmd_CreateNewCert].activated, certutil.options[opt_SelfSign].activated, certutil_extns, (certutil.options[opt_GenericExtensions].activated ? certutil.options[opt_GenericExtensions].arg : NULL), certVersion, certutil.options[opt_PssSign].activated, &certDER); if (rv) goto shutdown; } /* * Adding a cert to the database (or slot) */ /* -A -E or -S Add the cert to the DB */ if (certutil.commands[cmd_CreateAndAddCert].activated || certutil.commands[cmd_AddCert].activated || certutil.commands[cmd_AddEmailCert].activated) { if (strstr(certutil.options[opt_Trust].arg, "u")) { fprintf(stderr, "Notice: Trust flag u is set automatically if the " "private key is present.\n"); } rv = AddCert(slot, certHandle, name, certutil.options[opt_Trust].arg, &certDER, certutil.commands[cmd_AddEmailCert].activated, &pwdata); if (rv) goto shutdown; } if (certutil.commands[cmd_CertReq].activated || certutil.commands[cmd_CreateNewCert].activated) { SECItem *item = certutil.commands[cmd_CertReq].activated ? &certReqDER : &certDER; PRInt32 written = PR_Write(outFile, item->data, item->len); if (written < 0 || (PRUint32)written != item->len) { rv = SECFailure; } } shutdown: if (slot) { PK11_FreeSlot(slot); } if (privkey) { SECKEY_DestroyPrivateKey(privkey); } if (pubkey) { SECKEY_DestroyPublicKey(pubkey); } if (subject) { CERT_DestroyName(subject); } if (name) { PL_strfree(name); } if (newName) { PL_strfree(newName); } if (inFile && inFile != PR_STDIN) { PR_Close(inFile); } if (outFile && outFile != PR_STDOUT) { PR_Close(outFile); } SECITEM_FreeItem(&certReqDER, PR_FALSE); SECITEM_FreeItem(&certDER, PR_FALSE); if (pwdata.data && pwdata.source == PW_PLAINTEXT) { /* Allocated by a PL_strdup call in SECU_GetModulePassword. */ PL_strfree(pwdata.data); } if (email) { PL_strfree(email); } /* Open the batch command file. * * - If -B option is specified, the contents in the * command file will be interpreted as subsequent certutil * commands to be executed in the current certutil process * context after the current certutil command has been executed. * - Each line in the command file consists of the command * line arguments for certutil. * - The -d option will be ignored if specified in the * command file. * - Quoting with double quote characters ("...") is supported * to allow white space in a command line argument. The * double quote character cannot be escaped and quoting cannot * be nested in this version. * - each line in the batch file is limited to 512 characters */ if ((SECSuccess == rv) && certutil.commands[cmd_Batch].activated) { FILE *batchFile = NULL; char *nextcommand = NULL; PRInt32 cmd_len = 0, buf_size = 0; static const int increment = 512; if (!certutil.options[opt_InputFile].activated || !certutil.options[opt_InputFile].arg) { PR_fprintf(PR_STDERR, "%s: no batch input file specified.\n", progName); return 255; } batchFile = fopen(certutil.options[opt_InputFile].arg, "r"); if (!batchFile) { PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for reading (%ld, %ld).\n", progName, certutil.options[opt_InputFile].arg, PR_GetError(), PR_GetOSError()); return 255; } /* read and execute command-lines in a loop */ while (SECSuccess == rv) { PRBool invalid = PR_FALSE; int newargc = 2; char *space = NULL; char *nextarg = NULL; char **newargv = NULL; char *crlf; if (cmd_len + increment > buf_size) { char *new_buf; buf_size += increment; new_buf = PORT_Realloc(nextcommand, buf_size); if (!new_buf) { PR_fprintf(PR_STDERR, "%s: PORT_Realloc(%ld) failed\n", progName, buf_size); break; } nextcommand = new_buf; nextcommand[cmd_len] = '\0'; } if (!fgets(nextcommand + cmd_len, buf_size - cmd_len, batchFile)) { break; } crlf = PORT_Strrchr(nextcommand, '\n'); if (crlf) { *crlf = '\0'; } cmd_len = strlen(nextcommand); if (cmd_len && nextcommand[cmd_len - 1] == '\\') { nextcommand[--cmd_len] = '\0'; continue; } /* we now need to split the command into argc / argv format */ newargv = PORT_Alloc(sizeof(char *) * (newargc + 1)); newargv[0] = progName; newargv[1] = nextcommand; nextarg = nextcommand; while ((space = PORT_Strpbrk(nextarg, " \f\n\r\t\v"))) { while (isspace(*space)) { *space = '\0'; space++; } if (*space == '\0') { break; } else if (*space != '\"') { nextarg = space; } else { char *closingquote = strchr(space + 1, '\"'); if (closingquote) { *closingquote = '\0'; space++; nextarg = closingquote + 1; } else { invalid = PR_TRUE; nextarg = space; } } newargc++; newargv = PORT_Realloc(newargv, sizeof(char *) * (newargc + 1)); newargv[newargc - 1] = space; } newargv[newargc] = NULL; /* invoke next command */ if (PR_TRUE == invalid) { PR_fprintf(PR_STDERR, "Missing closing quote in batch command :\n%s\nNot executed.\n", nextcommand); rv = SECFailure; } else { if (0 != certutil_main(newargc, newargv, PR_FALSE)) rv = SECFailure; } PORT_Free(newargv); cmd_len = 0; nextcommand[0] = '\0'; } PORT_Free(nextcommand); fclose(batchFile); } if ((initialized == PR_TRUE) && NSS_Shutdown() != SECSuccess) { exit(1); } if (rv == SECSuccess) { return 0; } else { return 255; } } int main(int argc, char **argv) { int rv = certutil_main(argc, argv, PR_TRUE); PL_ArenaFinish(); PR_Cleanup(); return rv; } nss-3.35/nss/cmd/certutil/certutil.gyp0000644000000000000000000000127213230126417016153 0ustar 00000000000000# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. { 'includes': [ '../../coreconf/config.gypi', '../../cmd/platlibs.gypi' ], 'targets': [ { 'target_name': 'certutil', 'type': 'executable', 'sources': [ 'certext.c', 'certutil.c', 'keystuff.c' ], 'dependencies': [ '<(DEPTH)/exports.gyp:dbm_exports', '<(DEPTH)/exports.gyp:nss_exports' ] } ], 'target_defaults': { 'defines': [ 'NSPR20' ] }, 'variables': { 'module': 'nss' } }nss-3.35/nss/cmd/certutil/certutil.h0000644000000000000000000000315713230126417015607 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifndef _CERTUTIL_H #define _CERTUTIL_H extern SECKEYPrivateKey * CERTUTIL_GeneratePrivateKey(KeyType keytype, PK11SlotInfo *slot, int rsasize, int publicExponent, char *noise, SECKEYPublicKey **pubkeyp, char *pqgFile, PK11AttrFlags attrFlags, CK_FLAGS opFlagsOn, CK_FLAGS opFlagsOff, secuPWData *pwdata); extern char *progName; enum certutilExtns { ext_keyUsage = 0, ext_basicConstraint, ext_authorityKeyID, ext_CRLDistPts, ext_NSCertType, ext_extKeyUsage, ext_authInfoAcc, ext_subjInfoAcc, ext_certPolicies, ext_policyMappings, ext_policyConstr, ext_inhibitAnyPolicy, ext_subjectKeyID, ext_nameConstraints, ext_subjectAltName, ext_End }; typedef struct ExtensionEntryStr { PRBool activated; const char *arg; } ExtensionEntry; typedef ExtensionEntry certutilExtnList[ext_End]; extern SECStatus AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames, certutilExtnList extList, const char *extGeneric); extern SECStatus GetOidFromString(PLArenaPool *arena, SECItem *to, const char *from, size_t fromLen); #endif /* _CERTUTIL_H */ nss-3.35/nss/cmd/certutil/keystuff.c0000644000000000000000000004712613230126417015613 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include #include #include "secutil.h" #if defined(XP_UNIX) #include #include #include #endif #if defined(XP_WIN) || defined(XP_PC) #include #include #endif #include "nspr.h" #include "prtypes.h" #include "prtime.h" #include "prlong.h" #include "pk11func.h" #define NUM_KEYSTROKES 120 #define RAND_BUF_SIZE 60 #define ERROR_BREAK \ rv = SECFailure; \ break; const SEC_ASN1Template SECKEY_PQGParamsTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) }, { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams, prime) }, { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams, subPrime) }, { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams, base) }, { 0 } }; /* returns 0 for success, -1 for failure (EOF encountered) */ static int UpdateRNG(void) { char randbuf[RAND_BUF_SIZE]; int fd; int c; int rv = 0; size_t count; #ifdef XP_UNIX cc_t orig_cc_min; cc_t orig_cc_time; tcflag_t orig_lflag; struct termios tio; #endif char meter[] = { "\r| |" }; #define FPS fprintf(stderr, FPS "\n"); FPS "A random seed must be generated that will be used in the\n"); FPS "creation of your key. One of the easiest ways to create a\n"); FPS "random seed is to use the timing of keystrokes on a keyboard.\n"); FPS "\n"); FPS "To begin, type keys on the keyboard until this progress meter\n"); FPS "is full. DO NOT USE THE AUTOREPEAT FUNCTION ON YOUR KEYBOARD!\n"); FPS "\n"); FPS "\n"); FPS "Continue typing until the progress meter is full:\n\n"); FPS "%s", meter); FPS "\r|"); /* turn off echo on stdin & return on 1 char instead of NL */ fd = fileno(stdin); #if defined(XP_UNIX) tcgetattr(fd, &tio); orig_lflag = tio.c_lflag; orig_cc_min = tio.c_cc[VMIN]; orig_cc_time = tio.c_cc[VTIME]; tio.c_lflag &= ~ECHO; tio.c_lflag &= ~ICANON; tio.c_cc[VMIN] = 1; tio.c_cc[VTIME] = 0; tcsetattr(fd, TCSAFLUSH, &tio); #endif /* Get random noise from keyboard strokes */ count = 0; while (count < sizeof randbuf) { #if defined(XP_UNIX) c = getc(stdin); #else c = getch(); #endif if (c == EOF) { rv = -1; break; } randbuf[count] = c; if (count == 0 || c != randbuf[count - 1]) { count++; FPS "*"); } } PK11_RandomUpdate(randbuf, sizeof randbuf); memset(randbuf, 0, sizeof randbuf); FPS "\n\n"); FPS "Finished. Press enter to continue: "); while ((c = getc(stdin)) != '\n' && c != EOF) ; if (c == EOF) rv = -1; FPS "\n"); #undef FPS #if defined(XP_UNIX) /* set back termio the way it was */ tio.c_lflag = orig_lflag; tio.c_cc[VMIN] = orig_cc_min; tio.c_cc[VTIME] = orig_cc_time; tcsetattr(fd, TCSAFLUSH, &tio); #endif return rv; } static const unsigned char P[] = { 0, 0xc6, 0x2a, 0x47, 0x73, 0xea, 0x78, 0xfa, 0x65, 0x47, 0x69, 0x39, 0x10, 0x08, 0x55, 0x6a, 0xdd, 0xbf, 0x77, 0xe1, 0x9a, 0x69, 0x73, 0xba, 0x66, 0x37, 0x08, 0x93, 0x9e, 0xdb, 0x5d, 0x01, 0x08, 0xb8, 0x3a, 0x73, 0xe9, 0x85, 0x5f, 0xa7, 0x2b, 0x63, 0x7f, 0xd0, 0xc6, 0x4c, 0xdc, 0xfc, 0x8b, 0xa6, 0x03, 0xc9, 0x9c, 0x80, 0x5e, 0xec, 0xc6, 0x21, 0x23, 0xf7, 0x8e, 0xa4, 0x7b, 0x77, 0x83, 0x02, 0x44, 0xf8, 0x05, 0xd7, 0x36, 0x52, 0x13, 0x57, 0x78, 0x97, 0xf3, 0x7b, 0xcf, 0x1f, 0xc9, 0x2a, 0xa4, 0x71, 0x9d, 0xa8, 0xd8, 0x5d, 0xc5, 0x3b, 0x64, 0x3a, 0x72, 0x60, 0x62, 0xb0, 0xb8, 0xf3, 0xb1, 0xe7, 0xb9, 0x76, 0xdf, 0x74, 0xbe, 0x87, 0x6a, 0xd2, 0xf1, 0xa9, 0x44, 0x8b, 0x63, 0x76, 0x4f, 0x5d, 0x21, 0x63, 0xb5, 0x4f, 0x3c, 0x7b, 0x61, 0xb2, 0xf3, 0xea, 0xc5, 0xd8, 0xef, 0x30, 0x50, 0x59, 0x33, 0x61, 0xc0, 0xf3, 0x6e, 0x21, 0xcf, 0x15, 0x35, 0x4a, 0x87, 0x2b, 0xc3, 0xf6, 0x5a, 0x1f, 0x24, 0x22, 0xc5, 0xeb, 0x47, 0x34, 0x4a, 0x1b, 0xb5, 0x2e, 0x71, 0x52, 0x8f, 0x2d, 0x7d, 0xa9, 0x96, 0x8a, 0x7c, 0x61, 0xdb, 0xc0, 0xdc, 0xf1, 0xca, 0x28, 0x69, 0x1c, 0x97, 0xad, 0xea, 0x0d, 0x9e, 0x02, 0xe6, 0xe5, 0x7d, 0xad, 0xe0, 0x42, 0x91, 0x4d, 0xfa, 0xe2, 0x81, 0x16, 0x2b, 0xc2, 0x96, 0x3b, 0x32, 0x8c, 0x20, 0x69, 0x8b, 0x5b, 0x17, 0x3c, 0xf9, 0x13, 0x6c, 0x98, 0x27, 0x1c, 0xca, 0xcf, 0x33, 0xaa, 0x93, 0x21, 0xaf, 0x17, 0x6e, 0x5e, 0x00, 0x37, 0xd9, 0x34, 0x8a, 0x47, 0xd2, 0x1c, 0x67, 0x32, 0x60, 0xb6, 0xc7, 0xb0, 0xfd, 0x32, 0x90, 0x93, 0x32, 0xaa, 0x11, 0xba, 0x23, 0x19, 0x39, 0x6a, 0x42, 0x7c, 0x1f, 0xb7, 0x28, 0xdb, 0x64, 0xad, 0xd9 }; static const unsigned char Q[] = { 0, 0xe6, 0xa3, 0xc9, 0xc6, 0x51, 0x92, 0x8b, 0xb3, 0x98, 0x8f, 0x97, 0xb8, 0x31, 0x0d, 0x4a, 0x03, 0x1e, 0xba, 0x4e, 0xe6, 0xc8, 0x90, 0x98, 0x1d, 0x3a, 0x95, 0xf4, 0xf1 }; static const unsigned char G[] = { 0x70, 0x32, 0x58, 0x5d, 0xb3, 0xbf, 0xc3, 0x62, 0x63, 0x0b, 0xf8, 0xa5, 0xe1, 0xed, 0xeb, 0x79, 0xac, 0x18, 0x41, 0x64, 0xb3, 0xda, 0x4c, 0xa7, 0x92, 0x63, 0xb1, 0x33, 0x7c, 0xcb, 0x43, 0xdc, 0x1f, 0x38, 0x63, 0x5e, 0x0e, 0x6d, 0x45, 0xd1, 0xc9, 0x67, 0xf3, 0xcf, 0x3d, 0x2d, 0x16, 0x4e, 0x92, 0x16, 0x06, 0x59, 0x29, 0x89, 0x6f, 0x54, 0xff, 0xc5, 0x71, 0xc8, 0x3a, 0x95, 0x84, 0xb6, 0x7e, 0x7b, 0x1e, 0x8b, 0x47, 0x9d, 0x7a, 0x3a, 0x36, 0x9b, 0x70, 0x2f, 0xd1, 0xbd, 0xef, 0xe8, 0x3a, 0x41, 0xd4, 0xf3, 0x1f, 0x81, 0xc7, 0x1f, 0x96, 0x7c, 0x30, 0xab, 0xf4, 0x7a, 0xac, 0x93, 0xed, 0x6f, 0x67, 0xb0, 0xc9, 0x5b, 0xf3, 0x83, 0x9d, 0xa0, 0xd7, 0xb9, 0x01, 0xed, 0x28, 0xae, 0x1c, 0x6e, 0x2e, 0x48, 0xac, 0x9f, 0x7d, 0xf3, 0x00, 0x48, 0xee, 0x0e, 0xfb, 0x7e, 0x5e, 0xcb, 0xf5, 0x39, 0xd8, 0x92, 0x90, 0x61, 0x2d, 0x1e, 0x3c, 0xd3, 0x55, 0x0d, 0x34, 0xd1, 0x81, 0xc4, 0x89, 0xea, 0x94, 0x2b, 0x56, 0x33, 0x73, 0x58, 0x48, 0xbf, 0x23, 0x72, 0x19, 0x5f, 0x19, 0xac, 0xff, 0x09, 0xc8, 0xcd, 0xab, 0x71, 0xef, 0x9e, 0x20, 0xfd, 0xe3, 0xb8, 0x27, 0x9e, 0x65, 0xb1, 0x85, 0xcd, 0x88, 0xfe, 0xd4, 0xd7, 0x64, 0x4d, 0xe1, 0xe8, 0xa6, 0xe5, 0x96, 0xc8, 0x5d, 0x9c, 0xc6, 0x70, 0x6b, 0xba, 0x77, 0x4e, 0x90, 0x4a, 0xb0, 0x96, 0xc5, 0xa0, 0x9e, 0x2c, 0x01, 0x03, 0xbe, 0xbd, 0x71, 0xba, 0x0a, 0x6f, 0x9f, 0xe5, 0xdb, 0x04, 0x08, 0xf2, 0x9e, 0x0f, 0x1b, 0xac, 0xcd, 0xbb, 0x65, 0x12, 0xcf, 0x77, 0xc9, 0x7d, 0xbe, 0x94, 0x4b, 0x9c, 0x5b, 0xde, 0x0d, 0xfa, 0x57, 0xdd, 0x77, 0x32, 0xf0, 0x5b, 0x34, 0xfd, 0x19, 0x95, 0x33, 0x60, 0x87, 0xe2, 0xa2, 0xf4 }; /* P, Q, G have been generated using the NSS makepqg utility: * makepqg -l 2048 -g 224 -r * (see also: bug 1170322) * * h: 1 (0x1) * SEED: * d2:0b:c5:63:1b:af:dc:36:b7:7c:b9:3e:36:01:a0:8f: * 0e:be:d0:38:e4:78:d5:3c:7c:9e:a9:9a:d2:0b:c5:63: * 1b:af:dc:36:b7:7c:b9:3e:36:01:a0:8f:0e:be:d0:38: * e4:78:d5:3c:7c:9e:c7:70:d2:0b:c5:63:1b:af:dc:36: * b7:7c:b9:3e:36:01:a0:8f:0e:be:d0:38:e4:78:d5:3c: * 7c:9e:aa:3e * g: 672 * counter: 0 */ static const SECKEYPQGParams default_pqg_params = { NULL, { 0, (unsigned char *)P, sizeof(P) }, { 0, (unsigned char *)Q, sizeof(Q) }, { 0, (unsigned char *)G, sizeof(G) } }; static SECKEYPQGParams * decode_pqg_params(const char *str) { char *buf; unsigned int len; PLArenaPool *arena; SECKEYPQGParams *params; SECStatus status; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) return NULL; params = PORT_ArenaZAlloc(arena, sizeof(SECKEYPQGParams)); if (params == NULL) goto loser; params->arena = arena; buf = (char *)ATOB_AsciiToData(str, &len); if ((buf == NULL) || (len == 0)) goto loser; status = SEC_ASN1Decode(arena, params, SECKEY_PQGParamsTemplate, buf, len); if (status != SECSuccess) goto loser; return params; loser: if (arena != NULL) PORT_FreeArena(arena, PR_FALSE); return NULL; } void CERTUTIL_DestroyParamsPQG(SECKEYPQGParams *params) { if (params->arena) { PORT_FreeArena(params->arena, PR_FALSE); } } static int pqg_prime_bits(const SECKEYPQGParams *params) { int primeBits = 0; if (params != NULL) { int i; for (i = 0; params->prime.data[i] == 0; i++) { /* empty */; } primeBits = (params->prime.len - i) * 8; } return primeBits; } static char * getPQGString(const char *filename) { unsigned char *buf = NULL; PRFileDesc *src; PRInt32 numBytes; PRStatus prStatus; PRFileInfo info; src = PR_Open(filename, PR_RDONLY, 0); if (!src) { fprintf(stderr, "Failed to open PQG file %s\n", filename); return NULL; } prStatus = PR_GetOpenFileInfo(src, &info); if (prStatus == PR_SUCCESS) { buf = (unsigned char *)PORT_Alloc(info.size + 1); } if (!buf) { PR_Close(src); fprintf(stderr, "Failed to read PQG file %s\n", filename); return NULL; } numBytes = PR_Read(src, buf, info.size); PR_Close(src); if (numBytes != info.size) { PORT_Free(buf); fprintf(stderr, "Failed to read PQG file %s\n", filename); PORT_SetError(SEC_ERROR_IO); return NULL; } if (buf[numBytes - 1] == '\n') numBytes--; if (buf[numBytes - 1] == '\r') numBytes--; buf[numBytes] = 0; return (char *)buf; } static SECKEYPQGParams * getpqgfromfile(int keyBits, const char *pqgFile) { char *end, *str, *pqgString; SECKEYPQGParams *params = NULL; str = pqgString = getPQGString(pqgFile); if (!str) return NULL; do { end = PORT_Strchr(str, ','); if (end) *end = '\0'; params = decode_pqg_params(str); if (params) { int primeBits = pqg_prime_bits(params); if (keyBits == primeBits) break; CERTUTIL_DestroyParamsPQG(params); params = NULL; } if (end) str = end + 1; } while (end); PORT_Free(pqgString); return params; } static SECStatus CERTUTIL_FileForRNG(const char *noise) { char buf[2048]; PRFileDesc *fd; PRInt32 count; fd = PR_Open(noise, PR_RDONLY, 0); if (!fd) { fprintf(stderr, "failed to open noise file."); return SECFailure; } do { count = PR_Read(fd, buf, sizeof(buf)); if (count > 0) { PK11_RandomUpdate(buf, count); } } while (count > 0); PR_Close(fd); return SECSuccess; } typedef struct curveNameTagPairStr { char *curveName; SECOidTag curveOidTag; } CurveNameTagPair; static CurveNameTagPair nameTagPair[] = { { "sect163k1", SEC_OID_SECG_EC_SECT163K1 }, { "nistk163", SEC_OID_SECG_EC_SECT163K1 }, { "sect163r1", SEC_OID_SECG_EC_SECT163R1 }, { "sect163r2", SEC_OID_SECG_EC_SECT163R2 }, { "nistb163", SEC_OID_SECG_EC_SECT163R2 }, { "sect193r1", SEC_OID_SECG_EC_SECT193R1 }, { "sect193r2", SEC_OID_SECG_EC_SECT193R2 }, { "sect233k1", SEC_OID_SECG_EC_SECT233K1 }, { "nistk233", SEC_OID_SECG_EC_SECT233K1 }, { "sect233r1", SEC_OID_SECG_EC_SECT233R1 }, { "nistb233", SEC_OID_SECG_EC_SECT233R1 }, { "sect239k1", SEC_OID_SECG_EC_SECT239K1 }, { "sect283k1", SEC_OID_SECG_EC_SECT283K1 }, { "nistk283", SEC_OID_SECG_EC_SECT283K1 }, { "sect283r1", SEC_OID_SECG_EC_SECT283R1 }, { "nistb283", SEC_OID_SECG_EC_SECT283R1 }, { "sect409k1", SEC_OID_SECG_EC_SECT409K1 }, { "nistk409", SEC_OID_SECG_EC_SECT409K1 }, { "sect409r1", SEC_OID_SECG_EC_SECT409R1 }, { "nistb409", SEC_OID_SECG_EC_SECT409R1 }, { "sect571k1", SEC_OID_SECG_EC_SECT571K1 }, { "nistk571", SEC_OID_SECG_EC_SECT571K1 }, { "sect571r1", SEC_OID_SECG_EC_SECT571R1 }, { "nistb571", SEC_OID_SECG_EC_SECT571R1 }, { "secp160k1", SEC_OID_SECG_EC_SECP160K1 }, { "secp160r1", SEC_OID_SECG_EC_SECP160R1 }, { "secp160r2", SEC_OID_SECG_EC_SECP160R2 }, { "secp192k1", SEC_OID_SECG_EC_SECP192K1 }, { "secp192r1", SEC_OID_SECG_EC_SECP192R1 }, { "nistp192", SEC_OID_SECG_EC_SECP192R1 }, { "secp224k1", SEC_OID_SECG_EC_SECP224K1 }, { "secp224r1", SEC_OID_SECG_EC_SECP224R1 }, { "nistp224", SEC_OID_SECG_EC_SECP224R1 }, { "secp256k1", SEC_OID_SECG_EC_SECP256K1 }, { "secp256r1", SEC_OID_SECG_EC_SECP256R1 }, { "nistp256", SEC_OID_SECG_EC_SECP256R1 }, { "secp384r1", SEC_OID_SECG_EC_SECP384R1 }, { "nistp384", SEC_OID_SECG_EC_SECP384R1 }, { "secp521r1", SEC_OID_SECG_EC_SECP521R1 }, { "nistp521", SEC_OID_SECG_EC_SECP521R1 }, { "prime192v1", SEC_OID_ANSIX962_EC_PRIME192V1 }, { "prime192v2", SEC_OID_ANSIX962_EC_PRIME192V2 }, { "prime192v3", SEC_OID_ANSIX962_EC_PRIME192V3 }, { "prime239v1", SEC_OID_ANSIX962_EC_PRIME239V1 }, { "prime239v2", SEC_OID_ANSIX962_EC_PRIME239V2 }, { "prime239v3", SEC_OID_ANSIX962_EC_PRIME239V3 }, { "c2pnb163v1", SEC_OID_ANSIX962_EC_C2PNB163V1 }, { "c2pnb163v2", SEC_OID_ANSIX962_EC_C2PNB163V2 }, { "c2pnb163v3", SEC_OID_ANSIX962_EC_C2PNB163V3 }, { "c2pnb176v1", SEC_OID_ANSIX962_EC_C2PNB176V1 }, { "c2tnb191v1", SEC_OID_ANSIX962_EC_C2TNB191V1 }, { "c2tnb191v2", SEC_OID_ANSIX962_EC_C2TNB191V2 }, { "c2tnb191v3", SEC_OID_ANSIX962_EC_C2TNB191V3 }, { "c2onb191v4", SEC_OID_ANSIX962_EC_C2ONB191V4 }, { "c2onb191v5", SEC_OID_ANSIX962_EC_C2ONB191V5 }, { "c2pnb208w1", SEC_OID_ANSIX962_EC_C2PNB208W1 }, { "c2tnb239v1", SEC_OID_ANSIX962_EC_C2TNB239V1 }, { "c2tnb239v2", SEC_OID_ANSIX962_EC_C2TNB239V2 }, { "c2tnb239v3", SEC_OID_ANSIX962_EC_C2TNB239V3 }, { "c2onb239v4", SEC_OID_ANSIX962_EC_C2ONB239V4 }, { "c2onb239v5", SEC_OID_ANSIX962_EC_C2ONB239V5 }, { "c2pnb272w1", SEC_OID_ANSIX962_EC_C2PNB272W1 }, { "c2pnb304w1", SEC_OID_ANSIX962_EC_C2PNB304W1 }, { "c2tnb359v1", SEC_OID_ANSIX962_EC_C2TNB359V1 }, { "c2pnb368w1", SEC_OID_ANSIX962_EC_C2PNB368W1 }, { "c2tnb431r1", SEC_OID_ANSIX962_EC_C2TNB431R1 }, { "secp112r1", SEC_OID_SECG_EC_SECP112R1 }, { "secp112r2", SEC_OID_SECG_EC_SECP112R2 }, { "secp128r1", SEC_OID_SECG_EC_SECP128R1 }, { "secp128r2", SEC_OID_SECG_EC_SECP128R2 }, { "sect113r1", SEC_OID_SECG_EC_SECT113R1 }, { "sect113r2", SEC_OID_SECG_EC_SECT113R2 }, { "sect131r1", SEC_OID_SECG_EC_SECT131R1 }, { "sect131r2", SEC_OID_SECG_EC_SECT131R2 }, { "curve25519", SEC_OID_CURVE25519 }, }; static SECKEYECParams * getECParams(const char *curve) { SECKEYECParams *ecparams; SECOidData *oidData = NULL; SECOidTag curveOidTag = SEC_OID_UNKNOWN; /* default */ int i, numCurves; if (curve != NULL) { numCurves = sizeof(nameTagPair) / sizeof(CurveNameTagPair); for (i = 0; ((i < numCurves) && (curveOidTag == SEC_OID_UNKNOWN)); i++) { if (PL_strcmp(curve, nameTagPair[i].curveName) == 0) curveOidTag = nameTagPair[i].curveOidTag; } } /* Return NULL if curve name is not recognized */ if ((curveOidTag == SEC_OID_UNKNOWN) || (oidData = SECOID_FindOIDByTag(curveOidTag)) == NULL) { fprintf(stderr, "Unrecognized elliptic curve %s\n", curve); return NULL; } ecparams = SECITEM_AllocItem(NULL, NULL, (2 + oidData->oid.len)); /* * ecparams->data needs to contain the ASN encoding of an object ID (OID) * representing the named curve. The actual OID is in * oidData->oid.data so we simply prepend 0x06 and OID length */ ecparams->data[0] = SEC_ASN1_OBJECT_ID; ecparams->data[1] = oidData->oid.len; memcpy(ecparams->data + 2, oidData->oid.data, oidData->oid.len); return ecparams; } SECKEYPrivateKey * CERTUTIL_GeneratePrivateKey(KeyType keytype, PK11SlotInfo *slot, int size, int publicExponent, const char *noise, SECKEYPublicKey **pubkeyp, const char *pqgFile, PK11AttrFlags attrFlags, CK_FLAGS opFlagsOn, CK_FLAGS opFlagsOff, secuPWData *pwdata) { CK_MECHANISM_TYPE mechanism; PK11RSAGenParams rsaparams; SECKEYPQGParams *dsaparams = NULL; void *params; SECKEYPrivateKey *privKey = NULL; if (slot == NULL) return NULL; if (PK11_Authenticate(slot, PR_TRUE, pwdata) != SECSuccess) return NULL; /* * Do some random-number initialization. */ if (noise) { SECStatus rv = CERTUTIL_FileForRNG(noise); if (rv != SECSuccess) { PORT_SetError(PR_END_OF_FILE_ERROR); /* XXX */ return NULL; } } else { int rv = UpdateRNG(); if (rv) { PORT_SetError(PR_END_OF_FILE_ERROR); return NULL; } } switch (keytype) { case rsaKey: rsaparams.keySizeInBits = size; rsaparams.pe = publicExponent; mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; params = &rsaparams; break; case dsaKey: mechanism = CKM_DSA_KEY_PAIR_GEN; if (pqgFile) { dsaparams = getpqgfromfile(size, pqgFile); if (dsaparams == NULL) return NULL; params = dsaparams; } else { /* cast away const, and don't set dsaparams */ params = (void *)&default_pqg_params; } break; case ecKey: mechanism = CKM_EC_KEY_PAIR_GEN; /* For EC keys, PQGFile determines EC parameters */ if ((params = (void *)getECParams(pqgFile)) == NULL) return NULL; break; default: return NULL; } fprintf(stderr, "\n\n"); fprintf(stderr, "Generating key. This may take a few moments...\n\n"); privKey = PK11_GenerateKeyPairWithOpFlags(slot, mechanism, params, pubkeyp, attrFlags, opFlagsOn, opFlagsOn | opFlagsOff, pwdata /*wincx*/); /* free up the params */ switch (keytype) { case dsaKey: if (dsaparams) CERTUTIL_DestroyParamsPQG(dsaparams); break; case ecKey: SECITEM_FreeItem((SECItem *)params, PR_TRUE); break; default: /* nothing to free */ break; } return privKey; } nss-3.35/nss/cmd/certutil/manifest.mn0000644000000000000000000000110113230126417015730 0ustar 00000000000000# # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. CORE_DEPTH = ../.. DEFINES += -DNSPR20 # MODULE public and private header directories are implicitly REQUIRED. MODULE = nss CSRCS = \ certext.c \ certutil.c \ keystuff.c \ $(NULL) # The MODULE is always implicitly required. # Listing it here in REQUIRES makes it appear twice in the cc command line. REQUIRES = dbm seccmd PROGRAM = certutil #USE_STATIC_LIBS = 1 nss-3.35/nss/cmd/chktest/Makefile0000644000000000000000000000353613230126417015056 0ustar 00000000000000#! gmake # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. ####################################################################### # (1) Include initial platform-independent assignments (MANDATORY). # ####################################################################### include manifest.mn ####################################################################### # (2) Include "global" configuration information. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/config.mk ####################################################################### # (3) Include "component" configuration information. (OPTIONAL) # ####################################################################### ####################################################################### # (4) Include "local" platform-dependent assignments (OPTIONAL). # ####################################################################### include ../platlibs.mk ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/rules.mk ####################################################################### # (6) Execute "component" rules. (OPTIONAL) # ####################################################################### ####################################################################### # (7) Execute "local" rules. (OPTIONAL). # ####################################################################### include ../platrules.mk nss-3.35/nss/cmd/chktest/chktest.c0000644000000000000000000000210413230126417015215 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include #include #include "blapi.h" #include "secutil.h" static int Usage() { fprintf(stderr, "Usage: chktest \n"); fprintf(stderr, " Will test for valid chk file.\n"); fprintf(stderr, " Will print SUCCESS or FAILURE.\n"); exit(1); } int main(int argc, char **argv) { SECStatus rv = SECFailure; PRBool good_result = PR_FALSE; if (argc != 2) return Usage(); rv = RNG_RNGInit(); if (rv != SECSuccess) { SECU_PrintPRandOSError(""); return -1; } rv = BL_Init(); if (rv != SECSuccess) { SECU_PrintPRandOSError(""); return -1; } RNG_SystemInfoForRNG(); good_result = BLAPI_SHVerifyFile(argv[1]); printf("%s\n", (good_result ? "SUCCESS" : "FAILURE")); return (good_result) ? SECSuccess : SECFailure; } nss-3.35/nss/cmd/chktest/chktest.gyp0000644000000000000000000000134613230126417015601 0ustar 00000000000000# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. { 'includes': [ '../../coreconf/config.gypi', '../../cmd/platlibs.gypi' ], 'targets': [ { 'target_name': 'chktest', 'type': 'executable', 'sources': [ 'chktest.c' ], 'dependencies': [ '<(DEPTH)/exports.gyp:dbm_exports', '<(DEPTH)/exports.gyp:nss_exports', '<(DEPTH)/lib/sqlite/sqlite.gyp:sqlite3' ] } ], 'target_defaults': { 'defines': [ 'NSS_USE_STATIC_LIBS' ] }, 'variables': { 'module': 'nss', 'use_static_libs': 1 } }nss-3.35/nss/cmd/chktest/manifest.mn0000644000000000000000000000072013230126417015550 0ustar 00000000000000# # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. CORE_DEPTH = ../.. MODULE = nss #REQUIRES = seccmd dbm softoken REQUIRES = seccmd dbm #INCLUDES += -I$(CORE_DEPTH)/nss/lib/softoken PROGRAM = chktest USE_STATIC_LIBS = 1 EXPORTS = \ $(NULL) PRIVATE_EXPORTS = \ $(NULL) CSRCS = \ chktest.c \ $(NULL) nss-3.35/nss/cmd/crlutil/Makefile0000644000000000000000000000406413230126417015064 0ustar 00000000000000#! gmake # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. ####################################################################### # (1) Include initial platform-independent assignments (MANDATORY). # ####################################################################### include manifest.mn ####################################################################### # (2) Include "global" configuration information. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/config.mk ####################################################################### # (3) Include "component" configuration information. (OPTIONAL) # ####################################################################### ####################################################################### # (4) Include "local" platform-dependent assignments (OPTIONAL). # ####################################################################### include ../platlibs.mk ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### include $(CORE_DEPTH)/coreconf/rules.mk ####################################################################### # (6) Execute "component" rules. (OPTIONAL) # ####################################################################### ####################################################################### # (7) Execute "local" rules. (OPTIONAL). # ####################################################################### # # crlgen_lex can be generated on linux by flex or solaris by lex # crlgen_lex: ${LEX} -t crlgen_lex_orig.l > crlgen_lex_fix.c sed -f crlgen_lex_fix.sed < crlgen_lex_fix.c > crlgen_lex.c rm -f crlgen_lex_fix.c include ../platrules.mk nss-3.35/nss/cmd/crlutil/crlgen.c0000644000000000000000000013541513230126417015047 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* ** crlgen.c ** ** utility for managing certificates revocation lists generation ** */ #include #include #include "nspr.h" #include "plgetopt.h" #include "nss.h" #include "secutil.h" #include "cert.h" #include "certi.h" #include "certdb.h" #include "pk11func.h" #include "crlgen.h" /* Destroys extHandle and data. data was create on heap. * extHandle creaded by CERT_StartCRLEntryExtensions. entry * was allocated on arena.*/ static void destroyEntryData(CRLGENEntryData *data) { if (!data) return; PORT_Assert(data->entry); if (data->extHandle) CERT_FinishExtensions(data->extHandle); PORT_Free(data); } /* Prints error messages along with line number */ void crlgen_PrintError(int line, char *msg, ...) { va_list args; va_start(args, msg); fprintf(stderr, "crlgen: (line: %d) ", line); vfprintf(stderr, msg, args); va_end(args); } /* Finds CRLGENEntryData in hashtable according PRUint64 value * - certId : cert serial number*/ static CRLGENEntryData * crlgen_FindEntry(CRLGENGeneratorData *crlGenData, SECItem *certId) { if (!crlGenData->entryDataHashTable || !certId) return NULL; return (CRLGENEntryData *) PL_HashTableLookup(crlGenData->entryDataHashTable, certId); } /* Removes CRLGENEntryData from hashtable according to certId * - certId : cert serial number*/ static SECStatus crlgen_RmEntry(CRLGENGeneratorData *crlGenData, SECItem *certId) { CRLGENEntryData *data = NULL; SECStatus rv = SECSuccess; if (!crlGenData->entryDataHashTable) { return SECSuccess; } data = crlgen_FindEntry(crlGenData, certId); if (!data) { return SECSuccess; } if (!PL_HashTableRemove(crlGenData->entryDataHashTable, certId)) { rv = SECFailure; } destroyEntryData(data); return rv; } /* Stores CRLGENEntryData in hashtable according to certId * - certId : cert serial number*/ static CRLGENEntryData * crlgen_PlaceAnEntry(CRLGENGeneratorData *crlGenData, CERTCrlEntry *entry, SECItem *certId) { CRLGENEntryData *newData = NULL; PORT_Assert(crlGenData && crlGenData->entryDataHashTable && entry); if (!crlGenData || !crlGenData->entryDataHashTable || !entry) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return NULL; } newData = PORT_ZNew(CRLGENEntryData); if (!newData) { return NULL; } newData->entry = entry; newData->certId = certId; if (!PL_HashTableAdd(crlGenData->entryDataHashTable, newData->certId, newData)) { crlgen_PrintError(crlGenData->parsedLineNum, "Can not add entryData structure\n"); return NULL; } return newData; } /* Use this structure to keep pointer when commiting entries extensions */ struct commitData { int pos; CERTCrlEntry **entries; }; /* HT PL_HashTableEnumerateEntries callback. Sorts hashtable entries of the * table he. Returns value through arg parameter*/ static PRIntn PR_CALLBACK crlgen_CommitEntryData(PLHashEntry *he, PRIntn i, void *arg) { CRLGENEntryData *data = NULL; PORT_Assert(he); if (!he) { return HT_ENUMERATE_NEXT; } data = (CRLGENEntryData *)he->value; PORT_Assert(data); PORT_Assert(arg); if (data) { struct commitData *dt = (struct commitData *)arg; dt->entries[dt->pos++] = data->entry; destroyEntryData(data); } return HT_ENUMERATE_NEXT; } /* Copy char * datainto allocated in arena SECItem */ static SECStatus crlgen_SetString(PLArenaPool *arena, const char *dataIn, SECItem *value) { SECItem item; PORT_Assert(arena && dataIn); if (!arena || !dataIn) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } item.data = (void *)dataIn; item.len = PORT_Strlen(dataIn); return SECITEM_CopyItem(arena, value, &item); } /* Creates CERTGeneralName from parsed data for the Authority Key Extension */ static CERTGeneralName * crlgen_GetGeneralName(PLArenaPool *arena, CRLGENGeneratorData *crlGenData, const char *data) { CERTGeneralName *namesList = NULL; CERTGeneralName *current; CERTGeneralName *tail = NULL; SECStatus rv = SECSuccess; const char *nextChunk = NULL; const char *currData = NULL; int intValue; char buffer[512]; void *mark; if (!data) return NULL; PORT_Assert(arena); if (!arena) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return NULL; } mark = PORT_ArenaMark(arena); nextChunk = data; currData = data; do { int nameLen = 0; char name[128]; const char *sepPrt = NULL; nextChunk = PORT_Strchr(currData, '|'); if (!nextChunk) nextChunk = data + strlen(data); sepPrt = PORT_Strchr(currData, ':'); if (sepPrt == NULL || sepPrt >= nextChunk) { *buffer = '\0'; sepPrt = nextChunk; } else { PORT_Memcpy(buffer, sepPrt + 1, (nextChunk - sepPrt - 1)); buffer[nextChunk - sepPrt - 1] = '\0'; } nameLen = PR_MIN(sepPrt - currData, sizeof(name) - 1); PORT_Memcpy(name, currData, nameLen); name[nameLen] = '\0'; currData = nextChunk + 1; if (!PORT_Strcmp(name, "otherName")) intValue = certOtherName; else if (!PORT_Strcmp(name, "rfc822Name")) intValue = certRFC822Name; else if (!PORT_Strcmp(name, "dnsName")) intValue = certDNSName; else if (!PORT_Strcmp(name, "x400Address")) intValue = certX400Address; else if (!PORT_Strcmp(name, "directoryName")) intValue = certDirectoryName; else if (!PORT_Strcmp(name, "ediPartyName")) intValue = certEDIPartyName; else if (!PORT_Strcmp(name, "URI")) intValue = certURI; else if (!PORT_Strcmp(name, "ipAddress")) intValue = certIPAddress; else if (!PORT_Strcmp(name, "registerID")) intValue = certRegisterID; else intValue = -1; if (intValue >= certOtherName && intValue <= certRegisterID) { if (namesList == NULL) { namesList = current = tail = PORT_ArenaZNew(arena, CERTGeneralName); } else { current = PORT_ArenaZNew(arena, CERTGeneralName); } if (current == NULL) { rv = SECFailure; break; } } else { PORT_SetError(SEC_ERROR_INVALID_ARGS); break; } current->type = intValue; switch (current->type) { case certURI: case certDNSName: case certRFC822Name: current->name.other.data = PORT_ArenaAlloc(arena, strlen(buffer)); if (current->name.other.data == NULL) { rv = SECFailure; break; } PORT_Memcpy(current->name.other.data, buffer, current->name.other.len = strlen(buffer)); break; case certEDIPartyName: case certIPAddress: case certOtherName: case certRegisterID: case certX400Address: { current->name.other.data = PORT_ArenaAlloc(arena, strlen(buffer) + 2); if (current->name.other.data == NULL) { rv = SECFailure; break; } PORT_Memcpy(current->name.other.data + 2, buffer, strlen(buffer)); /* This may not be accurate for all cases.For now, use this tag type */ current->name.other.data[0] = (char)(((current->type - 1) & 0x1f) | 0x80); current->name.other.data[1] = (char)strlen(buffer); current->name.other.len = strlen(buffer) + 2; break; } case certDirectoryName: { CERTName *directoryName = NULL; directoryName = CERT_AsciiToName(buffer); if (!directoryName) { rv = SECFailure; break; } rv = CERT_CopyName(arena, ¤t->name.directoryName, directoryName); CERT_DestroyName(directoryName); break; } } if (rv != SECSuccess) break; current->l.next = &(namesList->l); current->l.prev = &(tail->l); tail->l.next = &(current->l); tail = current; } while (nextChunk != data + strlen(data)); if (rv != SECSuccess) { PORT_ArenaRelease(arena, mark); namesList = NULL; } return (namesList); } /* Creates CERTGeneralName from parsed data for the Authority Key Extension */ static CERTGeneralName * crlgen_DistinguishedName(PLArenaPool *arena, CRLGENGeneratorData *crlGenData, const char *data) { CERTName *directoryName = NULL; CERTGeneralName *current; SECStatus rv = SECFailure; void *mark; if (!data) return NULL; PORT_Assert(arena); if (!arena) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return NULL; } mark = PORT_ArenaMark(arena); current = PORT_ArenaZNew(arena, CERTGeneralName); if (current == NULL) { goto loser; } current->type = certDirectoryName; current->l.next = ¤t->l; current->l.prev = ¤t->l; directoryName = CERT_AsciiToName((char *)data); if (!directoryName) { goto loser; } rv = CERT_CopyName(arena, ¤t->name.directoryName, directoryName); CERT_DestroyName(directoryName); loser: if (rv != SECSuccess) { PORT_SetError(rv); PORT_ArenaRelease(arena, mark); current = NULL; } return (current); } /* Adding Authority Key ID extension to extension handle. */ static SECStatus crlgen_AddAuthKeyID(CRLGENGeneratorData *crlGenData, const char **dataArr) { void *extHandle = NULL; CERTAuthKeyID *authKeyID = NULL; PLArenaPool *arena = NULL; SECStatus rv = SECSuccess; PORT_Assert(dataArr && crlGenData); if (!crlGenData || !dataArr) { return SECFailure; } extHandle = crlGenData->crlExtHandle; if (!dataArr[0] || !dataArr[1] || !dataArr[2]) { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "insufficient number of parameters.\n"); return SECFailure; } arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { return SECFailure; } authKeyID = PORT_ArenaZNew(arena, CERTAuthKeyID); if (authKeyID == NULL) { rv = SECFailure; goto loser; } if (dataArr[3] == NULL) { rv = crlgen_SetString(arena, dataArr[2], &authKeyID->keyID); if (rv != SECSuccess) goto loser; } else { rv = crlgen_SetString(arena, dataArr[3], &authKeyID->authCertSerialNumber); if (rv != SECSuccess) goto loser; authKeyID->authCertIssuer = crlgen_DistinguishedName(arena, crlGenData, dataArr[2]); if (authKeyID->authCertIssuer == NULL && SECFailure == PORT_GetError()) { crlgen_PrintError(crlGenData->parsedLineNum, "syntax error.\n"); rv = SECFailure; goto loser; } } rv = SECU_EncodeAndAddExtensionValue(arena, extHandle, authKeyID, (*dataArr[1] == '1') ? PR_TRUE : PR_FALSE, SEC_OID_X509_AUTH_KEY_ID, (EXTEN_EXT_VALUE_ENCODER)CERT_EncodeAuthKeyID); loser: if (arena) PORT_FreeArena(arena, PR_FALSE); return rv; } /* Creates and add Subject Alternative Names extension */ static SECStatus crlgen_AddIssuerAltNames(CRLGENGeneratorData *crlGenData, const char **dataArr) { CERTGeneralName *nameList = NULL; PLArenaPool *arena = NULL; void *extHandle = NULL; SECStatus rv = SECSuccess; PORT_Assert(dataArr && crlGenData); if (!crlGenData || !dataArr) { return SECFailure; } if (!dataArr || !dataArr[0] || !dataArr[1] || !dataArr[2]) { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "insufficient number of arguments.\n"); return SECFailure; } PORT_Assert(dataArr && crlGenData); if (!crlGenData || !dataArr) { return SECFailure; } extHandle = crlGenData->crlExtHandle; if (!dataArr[0] || !dataArr[1] || !dataArr[2]) { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "insufficient number of parameters.\n"); return SECFailure; } arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) { return SECFailure; } nameList = crlgen_GetGeneralName(arena, crlGenData, dataArr[2]); if (nameList == NULL) { crlgen_PrintError(crlGenData->parsedLineNum, "syntax error.\n"); rv = SECFailure; goto loser; } rv = SECU_EncodeAndAddExtensionValue(arena, extHandle, nameList, (*dataArr[1] == '1') ? PR_TRUE : PR_FALSE, SEC_OID_X509_ISSUER_ALT_NAME, (EXTEN_EXT_VALUE_ENCODER)CERT_EncodeAltNameExtension); loser: if (arena) PORT_FreeArena(arena, PR_FALSE); return rv; } /* Creates and adds CRLNumber extension to extension handle. * Since, this is CRL extension, extension handle is the one * related to CRL extensions */ static SECStatus crlgen_AddCrlNumber(CRLGENGeneratorData *crlGenData, const char **dataArr) { PLArenaPool *arena = NULL; SECItem encodedItem; void *dummy; SECStatus rv = SECFailure; int code = 0; PORT_Assert(dataArr && crlGenData); if (!crlGenData || !dataArr) { goto loser; } if (!dataArr[0] || !dataArr[1] || !dataArr[2]) { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "insufficient number of arguments.\n"); goto loser; } arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { goto loser; } code = atoi(dataArr[2]); if (code == 0 && *dataArr[2] != '0') { PORT_SetError(SEC_ERROR_INVALID_ARGS); goto loser; } dummy = SEC_ASN1EncodeInteger(arena, &encodedItem, code); if (!dummy) { rv = SECFailure; goto loser; } rv = CERT_AddExtension(crlGenData->crlExtHandle, SEC_OID_X509_CRL_NUMBER, &encodedItem, (*dataArr[1] == '1') ? PR_TRUE : PR_FALSE, PR_TRUE); loser: if (arena) PORT_FreeArena(arena, PR_FALSE); return rv; } /* Creates Cert Revocation Reason code extension. Encodes it and * returns as SECItem structure */ static SECItem * crlgen_CreateReasonCode(PLArenaPool *arena, const char **dataArr, int *extCode) { SECItem *encodedItem; void *dummy; void *mark = NULL; int code = 0; PORT_Assert(arena && dataArr); if (!arena || !dataArr) { goto loser; } mark = PORT_ArenaMark(arena); encodedItem = PORT_ArenaZNew(arena, SECItem); if (encodedItem == NULL) { goto loser; } if (dataArr[2] == NULL) { PORT_SetError(SEC_ERROR_INVALID_ARGS); goto loser; } code = atoi(dataArr[2]); /* aACompromise(10) is the last possible of the values * for the Reason Core Extension */ if ((code == 0 && *dataArr[2] != '0') || code > 10) { PORT_SetError(SEC_ERROR_INVALID_ARGS); goto loser; } dummy = SEC_ASN1EncodeInteger(arena, encodedItem, code); if (!dummy) { goto loser; } *extCode = SEC_OID_X509_REASON_CODE; return encodedItem; loser: if (mark) { PORT_ArenaRelease(arena, mark); } return NULL; } /* Creates Cert Invalidity Date extension. Encodes it and * returns as SECItem structure */ static SECItem * crlgen_CreateInvalidityDate(PLArenaPool *arena, const char **dataArr, int *extCode) { SECItem *encodedItem; int length = 0; void *mark = NULL; PORT_Assert(arena && dataArr); if (!arena || !dataArr) { goto loser; } mark = PORT_ArenaMark(arena); encodedItem = PORT_ArenaZNew(arena, SECItem); if (encodedItem == NULL) { goto loser; } length = PORT_Strlen(dataArr[2]); encodedItem->type = siGeneralizedTime; encodedItem->data = PORT_ArenaAlloc(arena, length); if (!encodedItem->data) { goto loser; } PORT_Memcpy(encodedItem->data, dataArr[2], (encodedItem->len = length) * sizeof(char)); *extCode = SEC_OID_X509_INVALID_DATE; return encodedItem; loser: if (mark) { PORT_ArenaRelease(arena, mark); } return NULL; } /* Creates(by calling extCreator function) and adds extension to a set * of already added certs. Uses values of rangeFrom and rangeTo from * CRLGENCrlGenCtl structure for identifying the inclusive set of certs */ static SECStatus crlgen_AddEntryExtension(CRLGENGeneratorData *crlGenData, const char **dataArr, char *extName, SECItem *(*extCreator)(PLArenaPool *arena, const char **dataArr, int *extCode)) { PRUint64 i = 0; SECStatus rv = SECFailure; int extCode = 0; PRUint64 lastRange; SECItem *ext = NULL; PLArenaPool *arena = NULL; PORT_Assert(crlGenData && dataArr); if (!crlGenData || !dataArr) { goto loser; } if (!dataArr[0] || !dataArr[1]) { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "insufficient number of arguments.\n"); } lastRange = crlGenData->rangeTo - crlGenData->rangeFrom + 1; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { goto loser; } ext = extCreator(arena, dataArr, &extCode); if (ext == NULL) { crlgen_PrintError(crlGenData->parsedLineNum, "got error while creating extension: %s\n", extName); goto loser; } for (i = 0; i < lastRange; i++) { CRLGENEntryData *extData = NULL; void *extHandle = NULL; SECItem *certIdItem = SEC_ASN1EncodeInteger(arena, NULL, crlGenData->rangeFrom + i); if (!certIdItem) { rv = SECFailure; goto loser; } extData = crlgen_FindEntry(crlGenData, certIdItem); if (!extData) { crlgen_PrintError(crlGenData->parsedLineNum, "can not add extension: crl entry " "(serial number: %d) is not in the list yet.\n", crlGenData->rangeFrom + i); continue; } extHandle = extData->extHandle; if (extHandle == NULL) { extHandle = extData->extHandle = CERT_StartCRLEntryExtensions(&crlGenData->signCrl->crl, (CERTCrlEntry *)extData->entry); } rv = CERT_AddExtension(extHandle, extCode, ext, (*dataArr[1] == '1') ? PR_TRUE : PR_FALSE, PR_TRUE); if (rv == SECFailure) { goto loser; } } loser: if (arena) PORT_FreeArena(arena, PR_FALSE); return rv; } /* Commits all added entries and their's extensions into CRL. */ SECStatus CRLGEN_CommitExtensionsAndEntries(CRLGENGeneratorData *crlGenData) { int size = 0; CERTCrl *crl; PLArenaPool *arena; SECStatus rv = SECSuccess; void *mark; PORT_Assert(crlGenData && crlGenData->signCrl && crlGenData->signCrl->arena); if (!crlGenData || !crlGenData->signCrl || !crlGenData->signCrl->arena) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } arena = crlGenData->signCrl->arena; crl = &crlGenData->signCrl->crl; mark = PORT_ArenaMark(arena); if (crlGenData->crlExtHandle) CERT_FinishExtensions(crlGenData->crlExtHandle); size = crlGenData->entryDataHashTable->nentries; crl->entries = NULL; if (size) { crl->entries = PORT_ArenaZNewArray(arena, CERTCrlEntry *, size + 1); if (!crl->entries) { rv = SECFailure; } else { struct commitData dt; dt.entries = crl->entries; dt.pos = 0; PL_HashTableEnumerateEntries(crlGenData->entryDataHashTable, &crlgen_CommitEntryData, &dt); /* Last should be NULL */ crl->entries[size] = NULL; } } if (rv != SECSuccess) PORT_ArenaRelease(arena, mark); return rv; } /* Initializes extHandle with data from extensions array */ static SECStatus crlgen_InitExtensionHandle(void *extHandle, CERTCertExtension **extensions) { CERTCertExtension *extension = NULL; if (!extensions) return SECSuccess; PORT_Assert(extHandle != NULL); if (!extHandle) { return SECFailure; } extension = *extensions; while (extension) { SECOidTag oidTag = SECOID_FindOIDTag(&extension->id); /* shell we skip unknown extensions? */ CERT_AddExtension(extHandle, oidTag, &extension->value, (extension->critical.len != 0) ? PR_TRUE : PR_FALSE, PR_FALSE); extension = *(++extensions); } return SECSuccess; } /* Used for initialization of extension handles for crl and certs * extensions from existing CRL data then modifying existing CRL.*/ SECStatus CRLGEN_ExtHandleInit(CRLGENGeneratorData *crlGenData) { CERTCrl *crl = NULL; PRUint64 maxSN = 0; PORT_Assert(crlGenData && crlGenData->signCrl && crlGenData->entryDataHashTable); if (!crlGenData || !crlGenData->signCrl || !crlGenData->entryDataHashTable) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } crl = &crlGenData->signCrl->crl; crlGenData->crlExtHandle = CERT_StartCRLExtensions(crl); crlgen_InitExtensionHandle(crlGenData->crlExtHandle, crl->extensions); crl->extensions = NULL; if (crl->entries) { CERTCrlEntry **entry = crl->entries; while (*entry) { PRUint64 sn = DER_GetInteger(&(*entry)->serialNumber); CRLGENEntryData *extData = crlgen_PlaceAnEntry(crlGenData, *entry, &(*entry)->serialNumber); if ((*entry)->extensions) { extData->extHandle = CERT_StartCRLEntryExtensions(&crlGenData->signCrl->crl, (CERTCrlEntry *)extData->entry); if (crlgen_InitExtensionHandle(extData->extHandle, (*entry)->extensions) == SECFailure) return SECFailure; } (*entry)->extensions = NULL; entry++; maxSN = PR_MAX(maxSN, sn); } } crlGenData->rangeFrom = crlGenData->rangeTo = maxSN + 1; return SECSuccess; } /***************************************************************************** * Parser trigger functions start here */ /* Sets new internal range value for add/rm certs.*/ static SECStatus crlgen_SetNewRangeField(CRLGENGeneratorData *crlGenData, char *value) { long rangeFrom = 0, rangeTo = 0; char *dashPos = NULL; PORT_Assert(crlGenData); if (!crlGenData) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } if (value == NULL) { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "insufficient number of arguments.\n"); return SECFailure; } if ((dashPos = strchr(value, '-')) != NULL) { char *rangeToS, *rangeFromS = value; *dashPos = '\0'; rangeFrom = atoi(rangeFromS); *dashPos = '-'; rangeToS = (char *)(dashPos + 1); rangeTo = atol(rangeToS); } else { rangeFrom = atol(value); rangeTo = rangeFrom; } if (rangeFrom < 1 || rangeTo < rangeFrom) { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "bad cert id range: %s.\n", value); return SECFailure; } crlGenData->rangeFrom = rangeFrom; crlGenData->rangeTo = rangeTo; return SECSuccess; } /* Changes issuer subject field in CRL. By default this data is taken from * issuer cert subject field.Not yet implemented */ static SECStatus crlgen_SetIssuerField(CRLGENGeneratorData *crlGenData, char *value) { crlgen_PrintError(crlGenData->parsedLineNum, "Can not change CRL issuer field.\n"); return SECFailure; } /* Encode and sets CRL thisUpdate and nextUpdate time fields*/ static SECStatus crlgen_SetTimeField(CRLGENGeneratorData *crlGenData, char *value, PRBool setThisUpdate) { CERTSignedCrl *signCrl; PLArenaPool *arena; CERTCrl *crl; int length = 0; SECItem *timeDest = NULL; PORT_Assert(crlGenData && crlGenData->signCrl && crlGenData->signCrl->arena); if (!crlGenData || !crlGenData->signCrl || !crlGenData->signCrl->arena) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } signCrl = crlGenData->signCrl; arena = signCrl->arena; crl = &signCrl->crl; if (value == NULL) { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "insufficient number of arguments.\n"); return SECFailure; } length = PORT_Strlen(value); if (setThisUpdate == PR_TRUE) { timeDest = &crl->lastUpdate; } else { timeDest = &crl->nextUpdate; } timeDest->type = siGeneralizedTime; timeDest->data = PORT_ArenaAlloc(arena, length); if (!timeDest->data) { return SECFailure; } PORT_Memcpy(timeDest->data, value, length); timeDest->len = length; return SECSuccess; } /* Adds new extension into CRL or added cert handles */ static SECStatus crlgen_AddExtension(CRLGENGeneratorData *crlGenData, const char **extData) { PORT_Assert(crlGenData && crlGenData->crlExtHandle); if (!crlGenData || !crlGenData->crlExtHandle) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } if (extData == NULL || *extData == NULL) { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "insufficient number of arguments.\n"); return SECFailure; } if (!PORT_Strcmp(*extData, "authKeyId")) return crlgen_AddAuthKeyID(crlGenData, extData); else if (!PORT_Strcmp(*extData, "issuerAltNames")) return crlgen_AddIssuerAltNames(crlGenData, extData); else if (!PORT_Strcmp(*extData, "crlNumber")) return crlgen_AddCrlNumber(crlGenData, extData); else if (!PORT_Strcmp(*extData, "reasonCode")) return crlgen_AddEntryExtension(crlGenData, extData, "reasonCode", crlgen_CreateReasonCode); else if (!PORT_Strcmp(*extData, "invalidityDate")) return crlgen_AddEntryExtension(crlGenData, extData, "invalidityDate", crlgen_CreateInvalidityDate); else { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "insufficient number of arguments.\n"); return SECFailure; } } /* Created CRLGENEntryData for cert with serial number certId and * adds it to entryDataHashTable. certId can be a single cert serial * number or an inclusive rage of certs */ static SECStatus crlgen_AddCert(CRLGENGeneratorData *crlGenData, char *certId, char *revocationDate) { CERTSignedCrl *signCrl; SECItem *certIdItem; PLArenaPool *arena; PRUint64 rangeFrom = 0, rangeTo = 0, i = 0; int timeValLength = -1; SECStatus rv = SECFailure; void *mark; PORT_Assert(crlGenData && crlGenData->signCrl && crlGenData->signCrl->arena); if (!crlGenData || !crlGenData->signCrl || !crlGenData->signCrl->arena) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } signCrl = crlGenData->signCrl; arena = signCrl->arena; if (!certId || !revocationDate) { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "insufficient number of arguments.\n"); return SECFailure; } timeValLength = strlen(revocationDate); if (crlgen_SetNewRangeField(crlGenData, certId) == SECFailure && certId) { return SECFailure; } rangeFrom = crlGenData->rangeFrom; rangeTo = crlGenData->rangeTo; for (i = 0; i < rangeTo - rangeFrom + 1; i++) { CERTCrlEntry *entry; mark = PORT_ArenaMark(arena); entry = PORT_ArenaZNew(arena, CERTCrlEntry); if (entry == NULL) { goto loser; } certIdItem = SEC_ASN1EncodeInteger(arena, &entry->serialNumber, rangeFrom + i); if (!certIdItem) { goto loser; } if (crlgen_FindEntry(crlGenData, certIdItem)) { crlgen_PrintError(crlGenData->parsedLineNum, "entry already exists. Use \"range\" " "and \"rmcert\" before adding a new one with the " "same serial number %ld\n", rangeFrom + i); goto loser; } entry->serialNumber.type = siBuffer; entry->revocationDate.type = siGeneralizedTime; entry->revocationDate.data = PORT_ArenaAlloc(arena, timeValLength); if (entry->revocationDate.data == NULL) { goto loser; } PORT_Memcpy(entry->revocationDate.data, revocationDate, timeValLength * sizeof(char)); entry->revocationDate.len = timeValLength; entry->extensions = NULL; if (!crlgen_PlaceAnEntry(crlGenData, entry, certIdItem)) { goto loser; } mark = NULL; } rv = SECSuccess; loser: if (mark) { PORT_ArenaRelease(arena, mark); } return rv; } /* Removes certs from entryDataHashTable which have certId serial number. * certId can have value of a range of certs */ static SECStatus crlgen_RmCert(CRLGENGeneratorData *crlGenData, char *certId) { PRUint64 i = 0; PORT_Assert(crlGenData && certId); if (!crlGenData || !certId) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } if (crlgen_SetNewRangeField(crlGenData, certId) == SECFailure && certId) { return SECFailure; } for (i = 0; i < crlGenData->rangeTo - crlGenData->rangeFrom + 1; i++) { SECItem *certIdItem = SEC_ASN1EncodeInteger(NULL, NULL, crlGenData->rangeFrom + i); if (certIdItem) { CRLGENEntryData *extData = crlgen_FindEntry(crlGenData, certIdItem); if (!extData) { printf("Cert with id %s is not in the list\n", certId); } else { crlgen_RmEntry(crlGenData, certIdItem); } SECITEM_FreeItem(certIdItem, PR_TRUE); } } return SECSuccess; } /************************************************************************* * Lex Parser Helper functions are used to store parsed information * in context related structures. Context(or state) is identified base on * a type of a instruction parser currently is going through. New context * is identified by first token in a line. It can be addcert context, * addext context, etc. */ /* Updates CRL field depending on current context */ static SECStatus crlgen_updateCrlFn_field(CRLGENGeneratorData *crlGenData, void *str) { CRLGENCrlField *fieldStr = (CRLGENCrlField *)str; PORT_Assert(crlGenData); if (!crlGenData) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } switch (crlGenData->contextId) { case CRLGEN_ISSUER_CONTEXT: crlgen_SetIssuerField(crlGenData, fieldStr->value); break; case CRLGEN_UPDATE_CONTEXT: return crlgen_SetTimeField(crlGenData, fieldStr->value, PR_TRUE); break; case CRLGEN_NEXT_UPDATE_CONTEXT: return crlgen_SetTimeField(crlGenData, fieldStr->value, PR_FALSE); break; case CRLGEN_CHANGE_RANGE_CONTEXT: return crlgen_SetNewRangeField(crlGenData, fieldStr->value); break; default: crlgen_PrintError(crlGenData->parsedLineNum, "syntax error (unknow token type: %d)\n", crlGenData->contextId); PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } return SECSuccess; } /* Sets parsed data for CRL field update into temporary structure */ static SECStatus crlgen_setNextDataFn_field(CRLGENGeneratorData *crlGenData, void *str, void *data, unsigned short dtype) { CRLGENCrlField *fieldStr = (CRLGENCrlField *)str; PORT_Assert(crlGenData); if (!crlGenData) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } switch (crlGenData->contextId) { case CRLGEN_CHANGE_RANGE_CONTEXT: if (dtype != CRLGEN_TYPE_DIGIT && dtype != CRLGEN_TYPE_DIGIT_RANGE) { crlgen_PrintError(crlGenData->parsedLineNum, "range value should have " "numeric or numeric range values.\n"); return SECFailure; } break; case CRLGEN_NEXT_UPDATE_CONTEXT: case CRLGEN_UPDATE_CONTEXT: if (dtype != CRLGEN_TYPE_ZDATE) { crlgen_PrintError(crlGenData->parsedLineNum, "bad formated date. Should be " "YYYYMMDDHHMMSSZ.\n"); return SECFailure; } break; default: PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "syntax error (unknow token type: %d).\n", crlGenData->contextId, data); return SECFailure; } fieldStr->value = PORT_Strdup(data); if (!fieldStr->value) { return SECFailure; } return SECSuccess; } /* Triggers cert entries update depending on current context */ static SECStatus crlgen_updateCrlFn_cert(CRLGENGeneratorData *crlGenData, void *str) { CRLGENCertEntry *certStr = (CRLGENCertEntry *)str; PORT_Assert(crlGenData); if (!crlGenData) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } switch (crlGenData->contextId) { case CRLGEN_ADD_CERT_CONTEXT: return crlgen_AddCert(crlGenData, certStr->certId, certStr->revocationTime); case CRLGEN_RM_CERT_CONTEXT: return crlgen_RmCert(crlGenData, certStr->certId); default: PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "syntax error (unknow token type: %d).\n", crlGenData->contextId); return SECFailure; } } /* Sets parsed data for CRL entries update into temporary structure */ static SECStatus crlgen_setNextDataFn_cert(CRLGENGeneratorData *crlGenData, void *str, void *data, unsigned short dtype) { CRLGENCertEntry *certStr = (CRLGENCertEntry *)str; PORT_Assert(crlGenData); if (!crlGenData) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } switch (dtype) { case CRLGEN_TYPE_DIGIT: case CRLGEN_TYPE_DIGIT_RANGE: certStr->certId = PORT_Strdup(data); if (!certStr->certId) { return SECFailure; } break; case CRLGEN_TYPE_DATE: case CRLGEN_TYPE_ZDATE: certStr->revocationTime = PORT_Strdup(data); if (!certStr->revocationTime) { return SECFailure; } break; default: PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "syntax error (unknow token type: %d).\n", crlGenData->contextId); return SECFailure; } return SECSuccess; } /* Triggers cert entries/crl extension update */ static SECStatus crlgen_updateCrlFn_extension(CRLGENGeneratorData *crlGenData, void *str) { CRLGENExtensionEntry *extStr = (CRLGENExtensionEntry *)str; return crlgen_AddExtension(crlGenData, (const char **)extStr->extData); } /* Defines maximum number of fields extension may have */ #define MAX_EXT_DATA_LENGTH 10 /* Sets parsed extension data for CRL entries/CRL extensions update * into temporary structure */ static SECStatus crlgen_setNextDataFn_extension(CRLGENGeneratorData *crlGenData, void *str, void *data, unsigned short dtype) { CRLGENExtensionEntry *extStr = (CRLGENExtensionEntry *)str; PORT_Assert(crlGenData); if (!crlGenData) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } if (extStr->extData == NULL) { extStr->extData = PORT_ZNewArray(char *, MAX_EXT_DATA_LENGTH); if (!extStr->extData) { return SECFailure; } } if (extStr->nextUpdatedData >= MAX_EXT_DATA_LENGTH) { PORT_SetError(SEC_ERROR_INVALID_ARGS); crlgen_PrintError(crlGenData->parsedLineNum, "number of fields in extension " "exceeded maximum allowed data length: %d.\n", MAX_EXT_DATA_LENGTH); return SECFailure; } extStr->extData[extStr->nextUpdatedData] = PORT_Strdup(data); if (!extStr->extData[extStr->nextUpdatedData]) { return SECFailure; } extStr->nextUpdatedData += 1; return SECSuccess; } /**************************************************************************************** * Top level functions are triggered directly by parser. */ /* * crl generation script parser recreates a temporary data staructure * for each line it is going through. This function cleans temp structure. */ void crlgen_destroyTempData(CRLGENGeneratorData *crlGenData) { if (crlGenData->contextId != CRLGEN_UNKNOWN_CONTEXT) { switch (crlGenData->contextId) { case CRLGEN_ISSUER_CONTEXT: case CRLGEN_UPDATE_CONTEXT: case CRLGEN_NEXT_UPDATE_CONTEXT: case CRLGEN_CHANGE_RANGE_CONTEXT: if (crlGenData->crlField->value) PORT_Free(crlGenData->crlField->value); PORT_Free(crlGenData->crlField); break; case CRLGEN_ADD_CERT_CONTEXT: case CRLGEN_RM_CERT_CONTEXT: if (crlGenData->certEntry->certId) PORT_Free(crlGenData->certEntry->certId); if (crlGenData->certEntry->revocationTime) PORT_Free(crlGenData->certEntry->revocationTime); PORT_Free(crlGenData->certEntry); break; case CRLGEN_ADD_EXTENSION_CONTEXT: if (crlGenData->extensionEntry->extData) { int i = 0; for (; i < crlGenData->extensionEntry->nextUpdatedData; i++) PORT_Free(*(crlGenData->extensionEntry->extData + i)); PORT_Free(crlGenData->extensionEntry->extData); } PORT_Free(crlGenData->extensionEntry); break; } crlGenData->contextId = CRLGEN_UNKNOWN_CONTEXT; } } SECStatus crlgen_updateCrl(CRLGENGeneratorData *crlGenData) { SECStatus rv = SECSuccess; PORT_Assert(crlGenData); if (!crlGenData) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } switch (crlGenData->contextId) { case CRLGEN_ISSUER_CONTEXT: case CRLGEN_UPDATE_CONTEXT: case CRLGEN_NEXT_UPDATE_CONTEXT: case CRLGEN_CHANGE_RANGE_CONTEXT: rv = crlGenData->crlField->updateCrlFn(crlGenData, crlGenData->crlField); break; case CRLGEN_RM_CERT_CONTEXT: case CRLGEN_ADD_CERT_CONTEXT: rv = crlGenData->certEntry->updateCrlFn(crlGenData, crlGenData->certEntry); break; case CRLGEN_ADD_EXTENSION_CONTEXT: rv = crlGenData->extensionEntry->updateCrlFn(crlGenData, crlGenData->extensionEntry); break; case CRLGEN_UNKNOWN_CONTEXT: break; default: crlgen_PrintError(crlGenData->parsedLineNum, "unknown lang context type code: %d.\n", crlGenData->contextId); PORT_Assert(0); return SECFailure; } /* Clrean structures after crl update */ crlgen_destroyTempData(crlGenData); crlGenData->parsedLineNum += 1; return rv; } SECStatus crlgen_setNextData(CRLGENGeneratorData *crlGenData, void *data, unsigned short dtype) { SECStatus rv = SECSuccess; PORT_Assert(crlGenData); if (!crlGenData) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } switch (crlGenData->contextId) { case CRLGEN_ISSUER_CONTEXT: case CRLGEN_UPDATE_CONTEXT: case CRLGEN_NEXT_UPDATE_CONTEXT: case CRLGEN_CHANGE_RANGE_CONTEXT: rv = crlGenData->crlField->setNextDataFn(crlGenData, crlGenData->crlField, data, dtype); break; case CRLGEN_ADD_CERT_CONTEXT: case CRLGEN_RM_CERT_CONTEXT: rv = crlGenData->certEntry->setNextDataFn(crlGenData, crlGenData->certEntry, data, dtype); break; case CRLGEN_ADD_EXTENSION_CONTEXT: rv = crlGenData->extensionEntry->setNextDataFn(crlGenData, crlGenData->extensionEntry, data, dtype); break; case CRLGEN_UNKNOWN_CONTEXT: break; default: crlgen_PrintError(crlGenData->parsedLineNum, "unknown context type: %d.\n", crlGenData->contextId); PORT_Assert(0); return SECFailure; } return rv; } SECStatus crlgen_createNewLangStruct(CRLGENGeneratorData *crlGenData, unsigned structType) { PORT_Assert(crlGenData && crlGenData->contextId == CRLGEN_UNKNOWN_CONTEXT); if (!crlGenData || crlGenData->contextId != CRLGEN_UNKNOWN_CONTEXT) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } switch (structType) { case CRLGEN_ISSUER_CONTEXT: case CRLGEN_UPDATE_CONTEXT: case CRLGEN_NEXT_UPDATE_CONTEXT: case CRLGEN_CHANGE_RANGE_CONTEXT: crlGenData->crlField = PORT_New(CRLGENCrlField); if (!crlGenData->crlField) { return SECFailure; } crlGenData->contextId = structType; crlGenData->crlField->value = NULL; crlGenData->crlField->updateCrlFn = &crlgen_updateCrlFn_field; crlGenData->crlField->setNextDataFn = &crlgen_setNextDataFn_field; break; case CRLGEN_RM_CERT_CONTEXT: case CRLGEN_ADD_CERT_CONTEXT: crlGenData->certEntry = PORT_New(CRLGENCertEntry); if (!crlGenData->certEntry) { return SECFailure; } crlGenData->contextId = structType; crlGenData->certEntry->certId = 0; crlGenData->certEntry->revocationTime = NULL; crlGenData->certEntry->updateCrlFn = &crlgen_updateCrlFn_cert; crlGenData->certEntry->setNextDataFn = &crlgen_setNextDataFn_cert; break; case CRLGEN_ADD_EXTENSION_CONTEXT: crlGenData->extensionEntry = PORT_New(CRLGENExtensionEntry); if (!crlGenData->extensionEntry) { return SECFailure; } crlGenData->contextId = structType; crlGenData->extensionEntry->extData = NULL; crlGenData->extensionEntry->nextUpdatedData = 0; crlGenData->extensionEntry->updateCrlFn = &crlgen_updateCrlFn_extension; crlGenData->extensionEntry->setNextDataFn = &crlgen_setNextDataFn_extension; break; case CRLGEN_UNKNOWN_CONTEXT: break; default: crlgen_PrintError(crlGenData->parsedLineNum, "unknown context type: %d.\n", structType); PORT_Assert(0); return SECFailure; } return SECSuccess; } /* Parser initialization function */ CRLGENGeneratorData * CRLGEN_InitCrlGeneration(CERTSignedCrl *signCrl, PRFileDesc *src) { CRLGENGeneratorData *crlGenData = NULL; PORT_Assert(signCrl && src); if (!signCrl || !src) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return NULL; } crlGenData = PORT_ZNew(CRLGENGeneratorData); if (!crlGenData) { return NULL; } crlGenData->entryDataHashTable = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare, PL_CompareValues, NULL, NULL); if (!crlGenData->entryDataHashTable) { PORT_Free(crlGenData); return NULL; } crlGenData->src = src; crlGenData->parsedLineNum = 1; crlGenData->contextId = CRLGEN_UNKNOWN_CONTEXT; crlGenData->signCrl = signCrl; crlGenData->rangeFrom = 0; crlGenData->rangeTo = 0; crlGenData->crlExtHandle = NULL; PORT_SetError(0); return crlGenData; } void CRLGEN_FinalizeCrlGeneration(CRLGENGeneratorData *crlGenData) { if (!crlGenData) return; if (crlGenData->src) PR_Close(crlGenData->src); PL_HashTableDestroy(crlGenData->entryDataHashTable); PORT_Free(crlGenData); } nss-3.35/nss/cmd/crlutil/crlgen.h0000644000000000000000000001606113230126417015047 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifndef _CRLGEN_H_ #define _CRLGEN_H_ #include "prio.h" #include "prprf.h" #include "plhash.h" #include "seccomon.h" #include "certt.h" #include "secoidt.h" #define CRLGEN_UNKNOWN_CONTEXT 0 #define CRLGEN_ISSUER_CONTEXT 1 #define CRLGEN_UPDATE_CONTEXT 2 #define CRLGEN_NEXT_UPDATE_CONTEXT 3 #define CRLGEN_ADD_EXTENSION_CONTEXT 4 #define CRLGEN_ADD_CERT_CONTEXT 6 #define CRLGEN_CHANGE_RANGE_CONTEXT 7 #define CRLGEN_RM_CERT_CONTEXT 8 #define CRLGEN_TYPE_DATE 0 #define CRLGEN_TYPE_ZDATE 1 #define CRLGEN_TYPE_DIGIT 2 #define CRLGEN_TYPE_DIGIT_RANGE 3 #define CRLGEN_TYPE_OID 4 #define CRLGEN_TYPE_STRING 5 #define CRLGEN_TYPE_ID 6 typedef struct CRLGENGeneratorDataStr CRLGENGeneratorData; typedef struct CRLGENEntryDataStr CRLGENEntryData; typedef struct CRLGENExtensionEntryStr CRLGENExtensionEntry; typedef struct CRLGENCertEntrySrt CRLGENCertEntry; typedef struct CRLGENCrlFieldStr CRLGENCrlField; typedef struct CRLGENEntriesSortedDataStr CRLGENEntriesSortedData; /* Exported functions */ /* Used for initialization of extension handles for crl and certs * extensions from existing CRL data then modifying existing CRL.*/ extern SECStatus CRLGEN_ExtHandleInit(CRLGENGeneratorData *crlGenData); /* Commits all added entries and their's extensions into CRL. */ extern SECStatus CRLGEN_CommitExtensionsAndEntries(CRLGENGeneratorData *crlGenData); /* Lunches the crl generation script parse */ extern SECStatus CRLGEN_StartCrlGen(CRLGENGeneratorData *crlGenData); /* Closes crl generation script file and frees crlGenData */ extern void CRLGEN_FinalizeCrlGeneration(CRLGENGeneratorData *crlGenData); /* Parser initialization function. Creates CRLGENGeneratorData structure * for the current thread */ extern CRLGENGeneratorData *CRLGEN_InitCrlGeneration(CERTSignedCrl *newCrl, PRFileDesc *src); /* This lock is defined in crlgen_lex.c(derived from crlgen_lex.l). * It controls access to invocation of yylex, allows to parse one * script at a time */ extern void CRLGEN_InitCrlGenParserLock(); extern void CRLGEN_DestroyCrlGenParserLock(); /* The following function types are used to define functions for each of * CRLGENExtensionEntryStr, CRLGENCertEntrySrt, CRLGENCrlFieldStr to * provide functionality needed for these structures*/ typedef SECStatus updateCrlFn_t(CRLGENGeneratorData *crlGenData, void *str); typedef SECStatus setNextDataFn_t(CRLGENGeneratorData *crlGenData, void *str, void *data, unsigned short dtype); typedef SECStatus createNewLangStructFn_t(CRLGENGeneratorData *crlGenData, void *str, unsigned i); /* Sets reports failure to parser if anything goes wrong */ extern void crlgen_setFailure(CRLGENGeneratorData *str, char *); /* Collects data in to one of the current data structure that corresponds * to the correct context type. This function gets called after each token * is found for a particular line */ extern SECStatus crlgen_setNextData(CRLGENGeneratorData *str, void *data, unsigned short dtype); /* initiates crl update with collected data. This function is called at the * end of each line */ extern SECStatus crlgen_updateCrl(CRLGENGeneratorData *str); /* Creates new context structure depending on token that was parsed * at the beginning of a line */ extern SECStatus crlgen_createNewLangStruct(CRLGENGeneratorData *str, unsigned structType); /* CRLGENExtensionEntry is used to store addext request data for either * CRL extensions or CRL entry extensions. The differentiation between * is based on order and type of extension been added. * - extData : all data in request staring from name of the extension are * in saved here. * - nextUpdatedData: counter of elements added to extData */ struct CRLGENExtensionEntryStr { char **extData; int nextUpdatedData; updateCrlFn_t *updateCrlFn; setNextDataFn_t *setNextDataFn; }; /* CRLGENCeryestEntry is used to store addcert request data * - certId : certificate id or range of certificate with dash as a delimiter * All certs from range will be inclusively added to crl * - revocationTime: revocation time of cert(s) */ struct CRLGENCertEntrySrt { char *certId; char *revocationTime; updateCrlFn_t *updateCrlFn; setNextDataFn_t *setNextDataFn; }; /* CRLGENCrlField is used to store crl fields record like update time, next * update time, etc. * - value: value of the parsed field data*/ struct CRLGENCrlFieldStr { char *value; updateCrlFn_t *updateCrlFn; setNextDataFn_t *setNextDataFn; }; /* Can not create entries extension until completely done with parsing. * Therefore need to keep joined data * - certId : serial number of certificate * - extHandle: head pointer to a list of extensions that belong to * entry * - entry : CERTCrlEntry structure pointer*/ struct CRLGENEntryDataStr { SECItem *certId; void *extHandle; CERTCrlEntry *entry; }; /* Crl generator/parser main structure. Keeps info regarding current state of * parser(context, status), parser helper functions pointers, parsed data and * generated data. * - contextId : current parsing context. Context in this parser environment * defines what type of crl operations parser is going through * in the current line of crl generation script. * setting or new cert or an extension addition, etc. * - createNewLangStructFn: pointer to top level function which creates * data structures according contextId * - setNextDataFn : pointer to top level function which sets new parsed data * in temporary structure * - updateCrlFn : pointer to top level function which triggers actual * crl update functions with gathered data * - union : data union create according to contextId * - rangeFrom, rangeTo : holds last range in which certs was added * - newCrl : pointer to CERTSignedCrl newly created crl * - crlExtHandle : pointer to crl extension handle * - entryDataHashTable: hash of CRLGENEntryData. * key: cert serial number * data: CRLGENEntryData pointer * - parserStatus : current status of parser. Triggers parser to abort when * set to SECFailure * - src : PRFileDesc structure pointer of crl generator config file * - parsedLineNum : currently parsing line. Keeping it to report errors */ struct CRLGENGeneratorDataStr { unsigned short contextId; CRLGENCrlField *crlField; CRLGENCertEntry *certEntry; CRLGENExtensionEntry *extensionEntry; PRUint64 rangeFrom; PRUint64 rangeTo; CERTSignedCrl *signCrl; void *crlExtHandle; PLHashTable *entryDataHashTable; PRFileDesc *src; int parsedLineNum; }; #endif /* _CRLGEN_H_ */ nss-3.35/nss/cmd/crlutil/crlgen_lex.c0000644000000000000000000015045413230126417015717 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* A lexical scanner generated by flex */ #define FLEX_SCANNER #define YY_FLEX_MAJOR_VERSION 2 #define YY_FLEX_MINOR_VERSION 5 #include #ifdef _WIN32 #include #else #include #endif /* cfront 1.2 defines "c_plusplus" instead of "__cplusplus" */ #ifdef c_plusplus #ifndef __cplusplus #define __cplusplus #endif #endif #ifdef __cplusplus #include /* Use prototypes in function declarations. */ #define YY_USE_PROTOS /* The "const" storage-class-modifier is valid. */ #define YY_USE_CONST #else /* ! __cplusplus */ #if __STDC__ #define YY_USE_PROTOS #define YY_USE_CONST #endif /* __STDC__ */ #endif /* ! __cplusplus */ #ifdef __TURBOC__ #pragma warn - rch #pragma warn - use #include #include #define YY_USE_CONST #define YY_USE_PROTOS #endif #ifdef YY_USE_CONST #define yyconst const #else #define yyconst #endif #ifdef YY_USE_PROTOS #define YY_PROTO(proto) proto #else #define YY_PROTO(proto) () #endif /* Returned upon end-of-file. */ #define YY_NULL 0 /* Promotes a possibly negative, possibly signed char to an unsigned * integer for use as an array index. If the signed char is negative, * we want to instead treat it as an 8-bit unsigned char, hence the * double cast. */ #define YY_SC_TO_UI(c) ((unsigned int)(unsigned char)c) /* Enter a start condition. This macro really ought to take a parameter, * but we do it the disgusting crufty way forced on us by the ()-less * definition of BEGIN. */ #define BEGIN yy_start = 1 + 2 * /* Translate the current start state into a value that can be later handed * to BEGIN to return to the state. The YYSTATE alias is for lex * compatibility. */ #define YY_START ((yy_start - 1) / 2) #define YYSTATE YY_START /* Action number for EOF rule of a given start state. */ #define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1) /* Special action meaning "start processing a new file". */ #define YY_NEW_FILE yyrestart(yyin) #define YY_END_OF_BUFFER_CHAR 0 /* Size of default input buffer. */ #define YY_BUF_SIZE 16384 typedef struct yy_buffer_state *YY_BUFFER_STATE; extern int yyleng; extern FILE *yyin, *yyout; #define EOB_ACT_CONTINUE_SCAN 0 #define EOB_ACT_END_OF_FILE 1 #define EOB_ACT_LAST_MATCH 2 /* The funky do-while in the following #define is used to turn the definition * int a single C statement (which needs a semi-colon terminator). This * avoids problems with code like: * * if ( condition_holds ) * yyless( 5 ); * else * do_something_else(); * * Prior to using the do-while the compiler would get upset at the * "else" because it interpreted the "if" statement as being all * done when it reached the ';' after the yyless() call. */ /* Return all but the first 'n' matched characters back to the input stream. */ #define yyless(n) \ do { \ /* Undo effects of setting up yytext. */ \ *yy_cp = yy_hold_char; \ YY_RESTORE_YY_MORE_OFFSET \ yy_c_buf_p = yy_cp = yy_bp + n - YY_MORE_ADJ; \ YY_DO_BEFORE_ACTION; /* set up yytext again */ \ } while (0) #define unput(c) yyunput(c, yytext_ptr) /* The following is because we cannot portably get our hands on size_t * (without autoconf's help, which isn't available because we want * flex-generated scanners to compile on their own). */ typedef unsigned int yy_size_t; struct yy_buffer_state { FILE *yy_input_file; char *yy_ch_buf; /* input buffer */ char *yy_buf_pos; /* current position in input buffer */ /* Size of input buffer in bytes, not including room for EOB * characters. */ yy_size_t yy_buf_size; /* Number of characters read into yy_ch_buf, not including EOB * characters. */ int yy_n_chars; /* Whether we "own" the buffer - i.e., we know we created it, * and can realloc() it to grow it, and should free() it to * delete it. */ int yy_is_our_buffer; /* Whether this is an "interactive" input source; if so, and * if we're using stdio for input, then we want to use getc() * instead of fread(), to make sure we stop fetching input after * each newline. */ int yy_is_interactive; /* Whether we're considered to be at the beginning of a line. * If so, '^' rules will be active on the next match, otherwise * not. */ int yy_at_bol; /* Whether to try to fill the input buffer when we reach the * end of it. */ int yy_fill_buffer; int yy_buffer_status; #define YY_BUFFER_NEW 0 #define YY_BUFFER_NORMAL 1 /* When an EOF's been seen but there's still some text to process * then we mark the buffer as YY_EOF_PENDING, to indicate that we * shouldn't try reading from the input source any more. We might * still have a bunch of tokens to match, though, because of * possible backing-up. * * When we actually see the EOF, we change the status to "new" * (via yyrestart()), so that the user can continue scanning by * just pointing yyin at a new input file. */ #define YY_BUFFER_EOF_PENDING 2 }; static YY_BUFFER_STATE yy_current_buffer = 0; /* We provide macros for accessing buffer states in case in the * future we want to put the buffer states in a more general * "scanner state". */ #define YY_CURRENT_BUFFER yy_current_buffer /* yy_hold_char holds the character lost when yytext is formed. */ static char yy_hold_char; static int yy_n_chars; /* number of characters read into yy_ch_buf */ int yyleng; /* Points to current character in buffer. */ static char *yy_c_buf_p = (char *)0; static int yy_init = 1; /* whether we need to initialize */ static int yy_start = 0; /* start state number */ /* Flag which is used to allow yywrap()'s to do buffer switches * instead of setting up a fresh yyin. A bit of a hack ... */ static int yy_did_buffer_switch_on_eof; void yyrestart YY_PROTO((FILE * input_file)); void yy_switch_to_buffer YY_PROTO((YY_BUFFER_STATE new_buffer)); void yy_load_buffer_state YY_PROTO((void)); YY_BUFFER_STATE yy_create_buffer YY_PROTO((FILE * file, int size)); void yy_delete_buffer YY_PROTO((YY_BUFFER_STATE b)); void yy_init_buffer YY_PROTO((YY_BUFFER_STATE b, FILE *file)); void yy_flush_buffer YY_PROTO((YY_BUFFER_STATE b)); #define YY_FLUSH_BUFFER yy_flush_buffer(yy_current_buffer) YY_BUFFER_STATE yy_scan_buffer YY_PROTO((char *base, yy_size_t size)); YY_BUFFER_STATE yy_scan_string YY_PROTO((yyconst char *yy_str)); YY_BUFFER_STATE yy_scan_bytes YY_PROTO((yyconst char *bytes, int len)); static void *yy_flex_alloc YY_PROTO((yy_size_t)); static void *yy_flex_realloc YY_PROTO((void *, yy_size_t)); static void yy_flex_free YY_PROTO((void *)); #define yy_new_buffer yy_create_buffer #define yy_set_interactive(is_interactive) \ { \ if (!yy_current_buffer) \ yy_current_buffer = yy_create_buffer(yyin, YY_BUF_SIZE); \ yy_current_buffer->yy_is_interactive = is_interactive; \ } #define yy_set_bol(at_bol) \ { \ if (!yy_current_buffer) \ yy_current_buffer = yy_create_buffer(yyin, YY_BUF_SIZE); \ yy_current_buffer->yy_at_bol = at_bol; \ } #define YY_AT_BOL() (yy_current_buffer->yy_at_bol) typedef unsigned char YY_CHAR; FILE *yyin = (FILE *)0, *yyout = (FILE *)0; typedef int yy_state_type; extern char *yytext; #define yytext_ptr yytext static yy_state_type yy_get_previous_state YY_PROTO((void)); static yy_state_type yy_try_NUL_trans YY_PROTO((yy_state_type current_state)); static int yy_get_next_buffer YY_PROTO((void)); static void yy_fatal_error YY_PROTO((yyconst char msg[])); /* Done after the current pattern has been matched and before the * corresponding action - sets up yytext. */ #define YY_DO_BEFORE_ACTION \ yytext_ptr = yy_bp; \ yytext_ptr -= yy_more_len; \ yyleng = (int)(yy_cp - yytext_ptr); \ yy_hold_char = *yy_cp; \ *yy_cp = '\0'; \ yy_c_buf_p = yy_cp; #define YY_NUM_RULES 17 #define YY_END_OF_BUFFER 18 /* clang-format off */ static yyconst short int yy_accept[67] = { 0, 0, 0, 18, 16, 14, 15, 16, 11, 12, 2, 10, 9, 9, 9, 9, 9, 13, 14, 15, 11, 12, 0, 12, 2, 9, 9, 9, 9, 9, 13, 3, 4, 2, 9, 9, 9, 9, 2, 9, 9, 9, 9, 2, 2, 9, 9, 8, 9, 2, 5, 9, 6, 2, 9, 2, 9, 2, 9, 2, 7, 2, 2, 2, 2, 1, 0 } ; static yyconst int yy_ec[256] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 2, 3, 1, 1, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 2, 1, 5, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 7, 8, 1, 9, 9, 10, 11, 12, 12, 12, 13, 13, 13, 14, 1, 1, 15, 1, 1, 1, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 17, 1, 1, 1, 1, 1, 1, 18, 16, 16, 19, 20, 16, 21, 16, 22, 16, 16, 16, 16, 23, 16, 24, 16, 25, 26, 27, 28, 16, 16, 29, 16, 16, 1, 14, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 } ; static yyconst int yy_meta[30] = { 0, 1, 1, 2, 1, 3, 1, 1, 4, 5, 5, 5, 5, 5, 4, 1, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4 } ; static yyconst short int yy_base[72] = { 0, 0, 149, 154, 205, 138, 205, 103, 0, 0, 23, 205, 29, 30, 31, 32, 33, 0, 99, 205, 0, 0, 0, 50, 55, 34, 61, 41, 63, 64, 0, 0, 0, 79, 65, 68, 86, 66, 99, 105, 88, 106, 90, 118, 76, 107, 110, 89, 125, 43, 91, 127, 128, 138, 144, 113, 129, 154, 160, 160, 130, 172, 166, 177, 144, 0, 205, 190, 192, 194, 199, 76 } ; static yyconst short int yy_def[72] = { 0, 66, 1, 66, 66, 66, 66, 66, 67, 68, 68, 66, 69, 69, 69, 69, 69, 70, 66, 66, 67, 68, 71, 68, 10, 69, 69, 69, 69, 69, 70, 71, 23, 10, 69, 69, 69, 69, 10, 69, 69, 69, 69, 10, 38, 69, 69, 69, 69, 38, 69, 69, 69, 38, 69, 38, 69, 38, 69, 38, 69, 38, 38, 38, 38, 68, 0, 66, 66, 66, 66, 66 } ; static yyconst short int yy_nxt[235] = { 0, 4, 5, 6, 7, 8, 4, 4, 9, 10, 10, 10, 10, 10, 9, 11, 12, 12, 12, 12, 12, 12, 13, 14, 12, 15, 12, 12, 16, 12, 22, 23, 24, 24, 24, 24, 24, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 28, 27, 53, 53, 53, 21, 26, 29, 32, 32, 32, 32, 32, 32, 33, 33, 33, 33, 33, 21, 35, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 31, 21, 37, 42, 44, 36, 34, 38, 38, 38, 38, 38, 39, 21, 40, 21, 21, 21, 21, 21, 18, 21, 21, 21, 21, 19, 41, 43, 44, 44, 44, 44, 21, 21, 21, 46, 48, 21, 21, 21, 21, 57, 57, 21, 45, 47, 49, 49, 49, 49, 49, 50, 21, 51, 21, 21, 21, 21, 21, 18, 21, 21, 21, 21, 52, 54, 55, 55, 55, 55, 55, 21, 44, 66, 17, 58, 66, 21, 66, 66, 65, 56, 59, 59, 59, 59, 59, 21, 61, 61, 61, 61, 66, 21, 63, 63, 63, 63, 66, 60, 62, 62, 62, 62, 62, 64, 64, 64, 64, 64, 20, 20, 66, 20, 20, 21, 21, 25, 25, 30, 66, 30, 30, 30, 3, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66 } ; static yyconst short int yy_chk[235] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 10, 10, 10, 10, 10, 10, 10, 12, 13, 14, 15, 16, 25, 12, 13, 14, 15, 16, 25, 27, 15, 14, 49, 49, 49, 27, 13, 16, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 26, 27, 28, 29, 34, 37, 26, 35, 28, 29, 34, 37, 71, 35, 29, 37, 44, 28, 26, 33, 33, 33, 33, 33, 34, 36, 35, 40, 47, 42, 50, 36, 18, 40, 47, 42, 50, 7, 36, 38, 38, 38, 38, 38, 39, 41, 45, 40, 42, 46, 39, 41, 45, 55, 55, 46, 39, 41, 43, 43, 43, 43, 43, 45, 48, 46, 51, 52, 56, 60, 48, 5, 51, 52, 56, 60, 48, 51, 53, 53, 53, 53, 53, 54, 64, 3, 2, 56, 0, 54, 0, 0, 64, 54, 57, 57, 57, 57, 57, 58, 59, 59, 59, 59, 0, 58, 62, 62, 62, 62, 0, 58, 61, 61, 61, 61, 61, 63, 63, 63, 63, 63, 67, 67, 0, 67, 67, 68, 68, 69, 69, 70, 0, 70, 70, 70, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66 } ; /* clang-format on */ static yy_state_type yy_last_accepting_state; static char *yy_last_accepting_cpos; /* The intent behind this definition is that it'll catch * any uses of REJECT which flex missed. */ #define REJECT reject_used_but_not_detected static int yy_more_flag = 0; static int yy_more_len = 0; #define yymore() (yy_more_flag = 1) #define YY_MORE_ADJ yy_more_len #define YY_RESTORE_YY_MORE_OFFSET char *yytext; #line 1 "crlgen_lex_orig.l" #define INITIAL 0 #line 2 "crlgen_lex_orig.l" #include "crlgen.h" static SECStatus parserStatus = SECSuccess; static CRLGENGeneratorData *parserData; static PRFileDesc *src; #define YY_INPUT(buf, result, max_size) \ if (parserStatus != SECFailure) { \ if (((result = PR_Read(src, buf, max_size)) == 0) && \ ferror(yyin)) \ return SECFailure; \ } else { \ return SECFailure; \ } /* Macros after this point can all be overridden by user definitions in * section 1. */ #ifndef YY_SKIP_YYWRAP #ifdef __cplusplus extern "C" int yywrap YY_PROTO((void)); #else extern int yywrap YY_PROTO((void)); #endif #endif #ifndef YY_NO_UNPUT static void yyunput YY_PROTO((int c, char *buf_ptr)); #endif #ifndef yytext_ptr static void yy_flex_strncpy YY_PROTO((char *, yyconst char *, int)); #endif #ifdef YY_NEED_STRLEN static int yy_flex_strlen YY_PROTO((yyconst char *)); #endif #ifndef YY_NO_INPUT #ifdef __cplusplus static int yyinput YY_PROTO((void)); #else static int input YY_PROTO((void)); #endif #endif #if YY_STACK_USED static int yy_start_stack_ptr = 0; static int yy_start_stack_depth = 0; static int *yy_start_stack = 0; #ifndef YY_NO_PUSH_STATE static void yy_push_state YY_PROTO((int new_state)); #endif #ifndef YY_NO_POP_STATE static void yy_pop_state YY_PROTO((void)); #endif #ifndef YY_NO_TOP_STATE static int yy_top_state YY_PROTO((void)); #endif #else #define YY_NO_PUSH_STATE 1 #define YY_NO_POP_STATE 1 #define YY_NO_TOP_STATE 1 #endif #ifdef YY_MALLOC_DECL YY_MALLOC_DECL #else #if __STDC__ #ifndef __cplusplus #include #endif #else /* Just try to get by without declaring the routines. This will fail * miserably on non-ANSI systems for which sizeof(size_t) != sizeof(int) * or sizeof(void*) != sizeof(int). */ #endif #endif /* Amount of stuff to slurp up with each read. */ #ifndef YY_READ_BUF_SIZE #define YY_READ_BUF_SIZE 8192 #endif /* Copy whatever the last rule matched to the standard output. */ #ifndef ECHO /* This used to be an fputs(), but since the string might contain NUL's, * we now use fwrite(). */ #define ECHO (void)fwrite(yytext, yyleng, 1, yyout) #endif /* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, * is returned in "result". */ #ifndef YY_INPUT #define YY_INPUT(buf, result, max_size) \ if (yy_current_buffer->yy_is_interactive) { \ int c = '*', n; \ for (n = 0; n < max_size && \ (c = getc(yyin)) != EOF && c != '\n'; \ ++n) \ buf[n] = (char)c; \ if (c == '\n') \ buf[n++] = (char)c; \ if (c == EOF && ferror(yyin)) \ YY_FATAL_ERROR("input in flex scanner failed"); \ result = n; \ } else if (((result = fread(buf, 1, max_size, yyin)) == 0) && \ ferror(yyin)) \ YY_FATAL_ERROR("input in flex scanner failed"); #endif /* No semi-colon after return; correct usage is to write "yyterminate();" - * we don't want an extra ';' after the "return" because that will cause * some compilers to complain about unreachable statements. */ #ifndef yyterminate #define yyterminate() return YY_NULL #endif /* Number of entries by which start-condition stack grows. */ #ifndef YY_START_STACK_INCR #define YY_START_STACK_INCR 25 #endif /* Report a fatal error. */ #ifndef YY_FATAL_ERROR #define YY_FATAL_ERROR(msg) yy_fatal_error(msg) #endif /* Default declaration of generated scanner - a define so the user can * easily add parameters. */ #ifndef YY_DECL #define YY_DECL int yylex YY_PROTO((void)) #endif /* Code executed at the beginning of each rule, after yytext and yyleng * have been set up. */ #ifndef YY_USER_ACTION #define YY_USER_ACTION #endif /* Code executed at the end of each rule. */ #ifndef YY_BREAK #define YY_BREAK break; #endif #define YY_RULE_SETUP \ if (yyleng > 0) \ yy_current_buffer->yy_at_bol = \ (yytext[yyleng - 1] == '\n'); \ YY_USER_ACTION YY_DECL { register yy_state_type yy_current_state; register char *yy_cp = NULL, *yy_bp = NULL; register int yy_act; #line 28 "crlgen_lex_orig.l" if (yy_init) { yy_init = 0; #ifdef YY_USER_INIT YY_USER_INIT; #endif if (!yy_start) yy_start = 1; /* first start state */ if (!yyin) yyin = stdin; if (!yyout) yyout = stdout; if (!yy_current_buffer) yy_current_buffer = yy_create_buffer(yyin, YY_BUF_SIZE); yy_load_buffer_state(); } while (1) /* loops until end-of-file is reached */ { yy_more_len = 0; if (yy_more_flag) { yy_more_len = yy_c_buf_p - yytext_ptr; yy_more_flag = 0; } yy_cp = yy_c_buf_p; /* Support of yytext. */ *yy_cp = yy_hold_char; /* yy_bp points to the position in yy_ch_buf of the start of * the current run. */ yy_bp = yy_cp; yy_current_state = yy_start; yy_current_state += YY_AT_BOL(); yy_match: do { register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)]; if (yy_accept[yy_current_state]) { yy_last_accepting_state = yy_current_state; yy_last_accepting_cpos = yy_cp; } while (yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state) { yy_current_state = (int)yy_def[yy_current_state]; if (yy_current_state >= 67) yy_c = yy_meta[(unsigned int)yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int)yy_c]; ++yy_cp; } while (yy_base[yy_current_state] != 205); yy_find_action: yy_act = yy_accept[yy_current_state]; if (yy_act == 0) { /* have to back up */ yy_cp = yy_last_accepting_cpos; yy_current_state = yy_last_accepting_state; yy_act = yy_accept[yy_current_state]; } YY_DO_BEFORE_ACTION; do_action: /* This label is used only to access EOF actions. */ switch (yy_act) { /* beginning of action switch */ case 0: /* must back up */ /* undo the effects of YY_DO_BEFORE_ACTION */ *yy_cp = yy_hold_char; yy_cp = yy_last_accepting_cpos; yy_current_state = yy_last_accepting_state; goto yy_find_action; case 1: YY_RULE_SETUP #line 30 "crlgen_lex_orig.l" { parserStatus = crlgen_setNextData(parserData, yytext, CRLGEN_TYPE_ZDATE); if (parserStatus != SECSuccess) return parserStatus; } YY_BREAK case 2: YY_RULE_SETUP #line 36 "crlgen_lex_orig.l" { parserStatus = crlgen_setNextData(parserData, yytext, CRLGEN_TYPE_DIGIT); if (parserStatus != SECSuccess) return parserStatus; } YY_BREAK case 3: YY_RULE_SETUP #line 42 "crlgen_lex_orig.l" { parserStatus = crlgen_setNextData(parserData, yytext, CRLGEN_TYPE_DIGIT_RANGE); if (parserStatus != SECSuccess) return parserStatus; } YY_BREAK case 4: YY_RULE_SETUP #line 48 "crlgen_lex_orig.l" { parserStatus = crlgen_setNextData(parserData, yytext, CRLGEN_TYPE_OID); if (parserStatus != SECSuccess) return parserStatus; } YY_BREAK case 5: YY_RULE_SETUP #line 54 "crlgen_lex_orig.l" { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_ISSUER_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } YY_BREAK case 6: YY_RULE_SETUP #line 60 "crlgen_lex_orig.l" { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_UPDATE_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } YY_BREAK case 7: YY_RULE_SETUP #line 65 "crlgen_lex_orig.l" { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_NEXT_UPDATE_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } YY_BREAK case 8: YY_RULE_SETUP #line 71 "crlgen_lex_orig.l" { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_CHANGE_RANGE_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } YY_BREAK case 9: YY_RULE_SETUP #line 77 "crlgen_lex_orig.l" { if (strcmp(yytext, "addcert") == 0) { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_ADD_CERT_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } else if (strcmp(yytext, "rmcert") == 0) { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_RM_CERT_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } else if (strcmp(yytext, "addext") == 0) { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_ADD_EXTENSION_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } else { parserStatus = crlgen_setNextData(parserData, yytext, CRLGEN_TYPE_ID); if (parserStatus != SECSuccess) return parserStatus; } } YY_BREAK case 10: YY_RULE_SETUP #line 100 "crlgen_lex_orig.l" YY_BREAK case 11: YY_RULE_SETUP #line 102 "crlgen_lex_orig.l" { if (yytext[yyleng - 1] == '\\') { yymore(); } else { register int c; c = input(); if (c != '\"') { printf("Error: Line ending \" is missing: %c\n", c); unput(c); } else { parserStatus = crlgen_setNextData(parserData, yytext + 1, CRLGEN_TYPE_STRING); if (parserStatus != SECSuccess) return parserStatus; } } } YY_BREAK case 12: YY_RULE_SETUP #line 120 "crlgen_lex_orig.l" { parserStatus = crlgen_setNextData(parserData, yytext, CRLGEN_TYPE_STRING); if (parserStatus != SECSuccess) return parserStatus; } YY_BREAK case 13: YY_RULE_SETUP #line 128 "crlgen_lex_orig.l" /* eat up one-line comments */ {} YY_BREAK case 14: YY_RULE_SETUP #line 130 "crlgen_lex_orig.l" { } YY_BREAK case 15: YY_RULE_SETUP #line 132 "crlgen_lex_orig.l" { parserStatus = crlgen_updateCrl(parserData); if (parserStatus != SECSuccess) return parserStatus; } YY_BREAK case 16: YY_RULE_SETUP #line 138 "crlgen_lex_orig.l" { fprintf(stderr, "Syntax error at line %d: unknown token %s\n", parserData->parsedLineNum, yytext); return SECFailure; } YY_BREAK case 17: YY_RULE_SETUP #line 144 "crlgen_lex_orig.l" ECHO; YY_BREAK case YY_STATE_EOF(INITIAL): yyterminate(); case YY_END_OF_BUFFER: { /* Amount of text matched not including the EOB char. */ int yy_amount_of_matched_text = (int)(yy_cp - yytext_ptr) - 1; /* Undo the effects of YY_DO_BEFORE_ACTION. */ *yy_cp = yy_hold_char; YY_RESTORE_YY_MORE_OFFSET if (yy_current_buffer->yy_buffer_status == YY_BUFFER_NEW) { /* We're scanning a new file or input source. It's * possible that this happened because the user * just pointed yyin at a new source and called * yylex(). If so, then we have to assure * consistency between yy_current_buffer and our * globals. Here is the right place to do so, because * this is the first action (other than possibly a * back-up) that will match for the new input source. */ yy_n_chars = yy_current_buffer->yy_n_chars; yy_current_buffer->yy_input_file = yyin; yy_current_buffer->yy_buffer_status = YY_BUFFER_NORMAL; } /* Note that here we test for yy_c_buf_p "<=" to the position * of the first EOB in the buffer, since yy_c_buf_p will * already have been incremented past the NUL character * (since all states make transitions on EOB to the * end-of-buffer state). Contrast this with the test * in input(). */ if (yy_c_buf_p <= &yy_current_buffer->yy_ch_buf[yy_n_chars]) { /* This was really a NUL. */ yy_state_type yy_next_state; yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text; yy_current_state = yy_get_previous_state(); /* Okay, we're now positioned to make the NUL * transition. We couldn't have * yy_get_previous_state() go ahead and do it * for us because it doesn't know how to deal * with the possibility of jamming (and we don't * want to build jamming into it because then it * will run more slowly). */ yy_next_state = yy_try_NUL_trans(yy_current_state); yy_bp = yytext_ptr + YY_MORE_ADJ; if (yy_next_state) { /* Consume the NUL. */ yy_cp = ++yy_c_buf_p; yy_current_state = yy_next_state; goto yy_match; } else { yy_cp = yy_c_buf_p; goto yy_find_action; } } else switch (yy_get_next_buffer()) { case EOB_ACT_END_OF_FILE: { yy_did_buffer_switch_on_eof = 0; if (yywrap()) { /* Note: because we've taken care in * yy_get_next_buffer() to have set up * yytext, we can now set up * yy_c_buf_p so that if some total * hoser (like flex itself) wants to * call the scanner after we return the * YY_NULL, it'll still work - another * YY_NULL will get returned. */ yy_c_buf_p = yytext_ptr + YY_MORE_ADJ; yy_act = YY_STATE_EOF(YY_START); goto do_action; } else { if (!yy_did_buffer_switch_on_eof) YY_NEW_FILE; } break; } case EOB_ACT_CONTINUE_SCAN: yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text; yy_current_state = yy_get_previous_state(); yy_cp = yy_c_buf_p; yy_bp = yytext_ptr + YY_MORE_ADJ; goto yy_match; case EOB_ACT_LAST_MATCH: yy_c_buf_p = &yy_current_buffer->yy_ch_buf[yy_n_chars]; yy_current_state = yy_get_previous_state(); yy_cp = yy_c_buf_p; yy_bp = yytext_ptr + YY_MORE_ADJ; goto yy_find_action; } break; } default: YY_FATAL_ERROR( "fatal flex scanner internal error--no action found"); } /* end of action switch */ } /* end of scanning one token */ } /* end of yylex */ /* yy_get_next_buffer - try to read in a new buffer * * Returns a code representing an action: * EOB_ACT_LAST_MATCH - * EOB_ACT_CONTINUE_SCAN - continue scanning from current position * EOB_ACT_END_OF_FILE - end of file */ static int yy_get_next_buffer() { register char *dest = yy_current_buffer->yy_ch_buf; register char *source = yytext_ptr; register int number_to_move, i; int ret_val; if (yy_c_buf_p > &yy_current_buffer->yy_ch_buf[yy_n_chars + 1]) YY_FATAL_ERROR( "fatal flex scanner internal error--end of buffer missed"); if (yy_current_buffer->yy_fill_buffer == 0) { /* Don't try to fill the buffer, so this is an EOF. */ if (yy_c_buf_p - yytext_ptr - YY_MORE_ADJ == 1) { /* We matched a single character, the EOB, so * treat this as a final EOF. */ return EOB_ACT_END_OF_FILE; } else { /* We matched some text prior to the EOB, first * process it. */ return EOB_ACT_LAST_MATCH; } } /* Try to read more data. */ /* First move last chars to start of buffer. */ number_to_move = (int)(yy_c_buf_p - yytext_ptr) - 1; for (i = 0; i < number_to_move; ++i) *(dest++) = *(source++); if (yy_current_buffer->yy_buffer_status == YY_BUFFER_EOF_PENDING) /* don't do the read, it's not guaranteed to return an EOF, * just force an EOF */ yy_current_buffer->yy_n_chars = yy_n_chars = 0; else { int num_to_read = yy_current_buffer->yy_buf_size - number_to_move - 1; while (num_to_read <= 0) { /* Not enough room in the buffer - grow it. */ #ifdef YY_USES_REJECT YY_FATAL_ERROR( "input buffer overflow, can't enlarge buffer because scanner uses REJECT"); #else /* just a shorter name for the current buffer */ YY_BUFFER_STATE b = yy_current_buffer; int yy_c_buf_p_offset = (int)(yy_c_buf_p - b->yy_ch_buf); if (b->yy_is_our_buffer) { int new_size = b->yy_buf_size * 2; if (new_size <= 0) b->yy_buf_size += b->yy_buf_size / 8; else b->yy_buf_size *= 2; b->yy_ch_buf = (char *) /* Include room in for 2 EOB chars. */ yy_flex_realloc((void *)b->yy_ch_buf, b->yy_buf_size + 2); } else /* Can't grow it, we don't own it. */ b->yy_ch_buf = 0; if (!b->yy_ch_buf) YY_FATAL_ERROR( "fatal error - scanner input buffer overflow"); yy_c_buf_p = &b->yy_ch_buf[yy_c_buf_p_offset]; num_to_read = yy_current_buffer->yy_buf_size - number_to_move - 1; #endif } if (num_to_read > YY_READ_BUF_SIZE) num_to_read = YY_READ_BUF_SIZE; /* Read in more data. */ YY_INPUT((&yy_current_buffer->yy_ch_buf[number_to_move]), yy_n_chars, num_to_read); yy_current_buffer->yy_n_chars = yy_n_chars; } if (yy_n_chars == 0) { if (number_to_move == YY_MORE_ADJ) { ret_val = EOB_ACT_END_OF_FILE; yyrestart(yyin); } else { ret_val = EOB_ACT_LAST_MATCH; yy_current_buffer->yy_buffer_status = YY_BUFFER_EOF_PENDING; } } else ret_val = EOB_ACT_CONTINUE_SCAN; yy_n_chars += number_to_move; yy_current_buffer->yy_ch_buf[yy_n_chars] = YY_END_OF_BUFFER_CHAR; yy_current_buffer->yy_ch_buf[yy_n_chars + 1] = YY_END_OF_BUFFER_CHAR; yytext_ptr = &yy_current_buffer->yy_ch_buf[0]; return ret_val; } /* yy_get_previous_state - get the state just before the EOB char was reached */ static yy_state_type yy_get_previous_state() { register yy_state_type yy_current_state; register char *yy_cp; yy_current_state = yy_start; yy_current_state += YY_AT_BOL(); for (yy_cp = yytext_ptr + YY_MORE_ADJ; yy_cp < yy_c_buf_p; ++yy_cp) { register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1); if (yy_accept[yy_current_state]) { yy_last_accepting_state = yy_current_state; yy_last_accepting_cpos = yy_cp; } while (yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state) { yy_current_state = (int)yy_def[yy_current_state]; if (yy_current_state >= 67) yy_c = yy_meta[(unsigned int)yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int)yy_c]; } return yy_current_state; } /* yy_try_NUL_trans - try to make a transition on the NUL character * * synopsis * next_state = yy_try_NUL_trans( current_state ); */ #ifdef YY_USE_PROTOS static yy_state_type yy_try_NUL_trans(yy_state_type yy_current_state) #else static yy_state_type yy_try_NUL_trans(yy_current_state) yy_state_type yy_current_state; #endif { register int yy_is_jam; register char *yy_cp = yy_c_buf_p; register YY_CHAR yy_c = 1; if (yy_accept[yy_current_state]) { yy_last_accepting_state = yy_current_state; yy_last_accepting_cpos = yy_cp; } while (yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state) { yy_current_state = (int)yy_def[yy_current_state]; if (yy_current_state >= 67) yy_c = yy_meta[(unsigned int)yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int)yy_c]; yy_is_jam = (yy_current_state == 66); return yy_is_jam ? 0 : yy_current_state; } #ifndef YY_NO_UNPUT #ifdef YY_USE_PROTOS static void yyunput(int c, register char *yy_bp) #else static void yyunput(c, yy_bp) int c; register char *yy_bp; #endif { register char *yy_cp = yy_c_buf_p; /* undo effects of setting up yytext */ *yy_cp = yy_hold_char; if (yy_cp < yy_current_buffer->yy_ch_buf + 2) { /* need to shift things up to make room */ /* +2 for EOB chars. */ register int number_to_move = yy_n_chars + 2; register char *dest = &yy_current_buffer->yy_ch_buf[yy_current_buffer->yy_buf_size + 2]; register char *source = &yy_current_buffer->yy_ch_buf[number_to_move]; while (source > yy_current_buffer->yy_ch_buf) *--dest = *--source; yy_cp += (int)(dest - source); yy_bp += (int)(dest - source); yy_current_buffer->yy_n_chars = yy_n_chars = yy_current_buffer->yy_buf_size; if (yy_cp < yy_current_buffer->yy_ch_buf + 2) YY_FATAL_ERROR("flex scanner push-back overflow"); } *--yy_cp = (char)c; yytext_ptr = yy_bp; yy_hold_char = *yy_cp; yy_c_buf_p = yy_cp; } #endif /* ifndef YY_NO_UNPUT */ #ifndef YY_NO_INPUT #ifdef __cplusplus static int yyinput() #else static int input() #endif { int c; *yy_c_buf_p = yy_hold_char; if (*yy_c_buf_p == YY_END_OF_BUFFER_CHAR) { /* yy_c_buf_p now points to the character we want to return. * If this occurs *before* the EOB characters, then it's a * valid NUL; if not, then we've hit the end of the buffer. */ if (yy_c_buf_p < &yy_current_buffer->yy_ch_buf[yy_n_chars]) /* This was really a NUL. */ *yy_c_buf_p = '\0'; else { /* need more input */ int offset = yy_c_buf_p - yytext_ptr; ++yy_c_buf_p; switch (yy_get_next_buffer()) { case EOB_ACT_LAST_MATCH: /* This happens because yy_g_n_b() * sees that we've accumulated a * token and flags that we need to * try matching the token before * proceeding. But for input(), * there's no matching to consider. * So convert the EOB_ACT_LAST_MATCH * to EOB_ACT_END_OF_FILE. */ /* Reset buffer status. */ yyrestart(yyin); /* fall through */ case EOB_ACT_END_OF_FILE: { if (yywrap()) return EOF; if (!yy_did_buffer_switch_on_eof) YY_NEW_FILE; #ifdef __cplusplus return yyinput(); #else return input(); #endif } case EOB_ACT_CONTINUE_SCAN: yy_c_buf_p = yytext_ptr + offset; break; } } } c = *(unsigned char *)yy_c_buf_p; /* cast for 8-bit char's */ *yy_c_buf_p = '\0'; /* preserve yytext */ yy_hold_char = *++yy_c_buf_p; yy_current_buffer->yy_at_bol = (c == '\n'); return c; } #endif /* YY_NO_INPUT */ #ifdef YY_USE_PROTOS void yyrestart(FILE *input_file) #else void yyrestart(input_file) FILE *input_file; #endif { if (!yy_current_buffer) yy_current_buffer = yy_create_buffer(yyin, YY_BUF_SIZE); yy_init_buffer(yy_current_buffer, input_file); yy_load_buffer_state(); } #ifdef YY_USE_PROTOS void yy_switch_to_buffer(YY_BUFFER_STATE new_buffer) #else void yy_switch_to_buffer(new_buffer) YY_BUFFER_STATE new_buffer; #endif { if (yy_current_buffer == new_buffer) return; if (yy_current_buffer) { /* Flush out information for old buffer. */ *yy_c_buf_p = yy_hold_char; yy_current_buffer->yy_buf_pos = yy_c_buf_p; yy_current_buffer->yy_n_chars = yy_n_chars; } yy_current_buffer = new_buffer; yy_load_buffer_state(); /* We don't actually know whether we did this switch during * EOF (yywrap()) processing, but the only time this flag * is looked at is after yywrap() is called, so it's safe * to go ahead and always set it. */ yy_did_buffer_switch_on_eof = 1; } #ifdef YY_USE_PROTOS void yy_load_buffer_state(void) #else void yy_load_buffer_state() #endif { yy_n_chars = yy_current_buffer->yy_n_chars; yytext_ptr = yy_c_buf_p = yy_current_buffer->yy_buf_pos; yyin = yy_current_buffer->yy_input_file; yy_hold_char = *yy_c_buf_p; } #ifdef YY_USE_PROTOS YY_BUFFER_STATE yy_create_buffer(FILE *file, int size) #else YY_BUFFER_STATE yy_create_buffer(file, size) FILE *file; int size; #endif { YY_BUFFER_STATE b; b = (YY_BUFFER_STATE)yy_flex_alloc(sizeof(struct yy_buffer_state)); if (!b) YY_FATAL_ERROR("out of dynamic memory in yy_create_buffer()"); b->yy_buf_size = size; /* yy_ch_buf has to be 2 characters longer than the size given because * we need to put in 2 end-of-buffer characters. */ b->yy_ch_buf = (char *)yy_flex_alloc(b->yy_buf_size + 2); if (!b->yy_ch_buf) YY_FATAL_ERROR("out of dynamic memory in yy_create_buffer()"); b->yy_is_our_buffer = 1; yy_init_buffer(b, file); return b; } #ifdef YY_USE_PROTOS void yy_delete_buffer(YY_BUFFER_STATE b) #else void yy_delete_buffer(b) YY_BUFFER_STATE b; #endif { if (!b) return; if (b == yy_current_buffer) yy_current_buffer = (YY_BUFFER_STATE)0; if (b->yy_is_our_buffer) yy_flex_free((void *)b->yy_ch_buf); yy_flex_free((void *)b); } #ifdef YY_USE_PROTOS void yy_init_buffer(YY_BUFFER_STATE b, FILE *file) #else void yy_init_buffer(b, file) YY_BUFFER_STATE b; FILE *file; #endif { yy_flush_buffer(b); b->yy_input_file = file; b->yy_fill_buffer = 1; #if YY_ALWAYS_INTERACTIVE b->yy_is_interactive = 1; #else #if YY_NEVER_INTERACTIVE b->yy_is_interactive = 0; #else b->yy_is_interactive = file ? (isatty(fileno(file)) > 0) : 0; #endif #endif } #ifdef YY_USE_PROTOS void yy_flush_buffer(YY_BUFFER_STATE b) #else void yy_flush_buffer(b) YY_BUFFER_STATE b; #endif { if (!b) return; b->yy_n_chars = 0; /* We always need two end-of-buffer characters. The first causes * a transition to the end-of-buffer state. The second causes * a jam in that state. */ b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR; b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR; b->yy_buf_pos = &b->yy_ch_buf[0]; b->yy_at_bol = 1; b->yy_buffer_status = YY_BUFFER_NEW; if (b == yy_current_buffer) yy_load_buffer_state(); } #ifndef YY_NO_SCAN_BUFFER #ifdef YY_USE_PROTOS YY_BUFFER_STATE yy_scan_buffer(char *base, yy_size_t size) #else YY_BUFFER_STATE yy_scan_buffer(base, size) char *base; yy_size_t size; #endif { YY_BUFFER_STATE b; if (size < 2 || base[size - 2] != YY_END_OF_BUFFER_CHAR || base[size - 1] != YY_END_OF_BUFFER_CHAR) /* They forgot to leave room for the EOB's. */ return 0; b = (YY_BUFFER_STATE)yy_flex_alloc(sizeof(struct yy_buffer_state)); if (!b) YY_FATAL_ERROR("out of dynamic memory in yy_scan_buffer()"); b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */ b->yy_buf_pos = b->yy_ch_buf = base; b->yy_is_our_buffer = 0; b->yy_input_file = 0; b->yy_n_chars = b->yy_buf_size; b->yy_is_interactive = 0; b->yy_at_bol = 1; b->yy_fill_buffer = 0; b->yy_buffer_status = YY_BUFFER_NEW; yy_switch_to_buffer(b); return b; } #endif #ifndef YY_NO_SCAN_STRING #ifdef YY_USE_PROTOS YY_BUFFER_STATE yy_scan_string(yyconst char *yy_str) #else YY_BUFFER_STATE yy_scan_string(yy_str) yyconst char *yy_str; #endif { int len; for (len = 0; yy_str[len]; ++len) ; return yy_scan_bytes(yy_str, len); } #endif #ifndef YY_NO_SCAN_BYTES #ifdef YY_USE_PROTOS YY_BUFFER_STATE yy_scan_bytes(yyconst char *bytes, int len) #else YY_BUFFER_STATE yy_scan_bytes(bytes, len) yyconst char *bytes; int len; #endif { YY_BUFFER_STATE b; char *buf; yy_size_t n; int i; /* Get memory for full buffer, including space for trailing EOB's. */ n = len + 2; buf = (char *)yy_flex_alloc(n); if (!buf) YY_FATAL_ERROR("out of dynamic memory in yy_scan_bytes()"); for (i = 0; i < len; ++i) buf[i] = bytes[i]; buf[len] = buf[len + 1] = YY_END_OF_BUFFER_CHAR; b = yy_scan_buffer(buf, n); if (!b) YY_FATAL_ERROR("bad buffer in yy_scan_bytes()"); /* It's okay to grow etc. this buffer, and we should throw it * away when we're done. */ b->yy_is_our_buffer = 1; return b; } #endif #ifndef YY_NO_PUSH_STATE #ifdef YY_USE_PROTOS static void yy_push_state(int new_state) #else static void yy_push_state(new_state) int new_state; #endif { if (yy_start_stack_ptr >= yy_start_stack_depth) { yy_size_t new_size; yy_start_stack_depth += YY_START_STACK_INCR; new_size = yy_start_stack_depth * sizeof(int); if (!yy_start_stack) yy_start_stack = (int *)yy_flex_alloc(new_size); else yy_start_stack = (int *)yy_flex_realloc( (void *)yy_start_stack, new_size); if (!yy_start_stack) YY_FATAL_ERROR( "out of memory expanding start-condition stack"); } yy_start_stack[yy_start_stack_ptr++] = YY_START; BEGIN(new_state); } #endif #ifndef YY_NO_POP_STATE static void yy_pop_state() { if (--yy_start_stack_ptr < 0) YY_FATAL_ERROR("start-condition stack underflow"); BEGIN(yy_start_stack[yy_start_stack_ptr]); } #endif #ifndef YY_NO_TOP_STATE static int yy_top_state() { return yy_start_stack[yy_start_stack_ptr - 1]; } #endif #ifndef YY_EXIT_FAILURE #define YY_EXIT_FAILURE 2 #endif #ifdef YY_USE_PROTOS static void yy_fatal_error(yyconst char msg[]) #else static void yy_fatal_error(msg) char msg[]; #endif { (void)fprintf(stderr, "%s\n", msg); exit(YY_EXIT_FAILURE); } /* Redefine yyless() so it works in section 3 code. */ #undef yyless #define yyless(n) \ do { \ /* Undo effects of setting up yytext. */ \ yytext[yyleng] = yy_hold_char; \ yy_c_buf_p = yytext + n; \ yy_hold_char = *yy_c_buf_p; \ *yy_c_buf_p = '\0'; \ yyleng = n; \ } while (0) /* Internal utility routines. */ #ifndef yytext_ptr #ifdef YY_USE_PROTOS static void yy_flex_strncpy(char *s1, yyconst char *s2, int n) #else static void yy_flex_strncpy(s1, s2, n) char *s1; yyconst char *s2; int n; #endif { register int i; for (i = 0; i < n; ++i) s1[i] = s2[i]; } #endif #ifdef YY_NEED_STRLEN #ifdef YY_USE_PROTOS static int yy_flex_strlen(yyconst char *s) #else static int yy_flex_strlen(s) yyconst char *s; #endif { register int n; for (n = 0; s[n]; ++n) ; return n; } #endif #ifdef YY_USE_PROTOS static void * yy_flex_alloc(yy_size_t size) #else static void *yy_flex_alloc(size) yy_size_t size; #endif { return (void *)malloc(size); } #ifdef YY_USE_PROTOS static void * yy_flex_realloc(void *ptr, yy_size_t size) #else static void *yy_flex_realloc(ptr, size) void *ptr; yy_size_t size; #endif { /* The cast to (char *) in the following accommodates both * implementations that use char* generic pointers, and those * that use void* generic pointers. It works with the latter * because both ANSI C and C++ allow castless assignment from * any pointer type to void*, and deal with argument conversions * as though doing an assignment. */ return (void *)realloc((char *)ptr, size); } #ifdef YY_USE_PROTOS static void yy_flex_free(void *ptr) #else static void yy_flex_free(ptr) void *ptr; #endif { free(ptr); } #if YY_MAIN int main() { yylex(); return 0; } #endif #line 144 "crlgen_lex_orig.l" #include "prlock.h" static PRLock *parserInvocationLock; void CRLGEN_InitCrlGenParserLock() { parserInvocationLock = PR_NewLock(); } void CRLGEN_DestroyCrlGenParserLock() { PR_DestroyLock(parserInvocationLock); } SECStatus CRLGEN_StartCrlGen(CRLGENGeneratorData *parserCtlData) { SECStatus rv; PR_Lock(parserInvocationLock); parserStatus = SECSuccess; parserData = parserCtlData; src = parserCtlData->src; rv = yylex(); PR_Unlock(parserInvocationLock); return rv; } int yywrap() { return 1; } nss-3.35/nss/cmd/crlutil/crlgen_lex_fix.sed0000644000000000000000000000012613230126417017104 0ustar 00000000000000// { i #ifdef _WIN32 i #include i #else a #endif } nss-3.35/nss/cmd/crlutil/crlgen_lex_orig.l0000644000000000000000000001051013230126417016734 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ %{ #include "crlgen.h" static SECStatus parserStatus = SECSuccess; static CRLGENGeneratorData *parserData; static PRFileDesc *src; #define YY_INPUT(buf,result,max_size) \ if ( parserStatus != SECFailure) { \ if (((result = PR_Read(src, buf, max_size)) == 0) && \ ferror( yyin )) \ return SECFailure; \ } else { return SECFailure; } %} %a 5000 DIGIT [0-9]+ DIGIT_RANGE [0-9]+-[0-9]+ ID [a-zA-Z][a-zA-Z0-9]* OID [0-9]+\.[\.0-9]+ DATE [0-9]{4}[01][0-9][0-3][0-9][0-2][0-9][0-6][0-9][0-6][0-9] ZDATE [0-9]{4}[01][0-9][0-3][0-9][0-2][0-9][0-6][0-9][0-6][0-9]Z N_SP_STRING [a-zA-Z0-9\:\|\.]+ %% {ZDATE} { parserStatus = crlgen_setNextData(parserData, yytext, CRLGEN_TYPE_ZDATE); if (parserStatus != SECSuccess) return parserStatus; } {DIGIT} { parserStatus = crlgen_setNextData(parserData, yytext, CRLGEN_TYPE_DIGIT); if (parserStatus != SECSuccess) return parserStatus; } {DIGIT_RANGE} { parserStatus = crlgen_setNextData(parserData, yytext, CRLGEN_TYPE_DIGIT_RANGE); if (parserStatus != SECSuccess) return parserStatus; } {OID} { parserStatus = crlgen_setNextData(parserData, yytext, CRLGEN_TYPE_OID); if (parserStatus != SECSuccess) return parserStatus; } issuer { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_ISSUER_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } update { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_UPDATE_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } nextupdate { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_NEXT_UPDATE_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } range { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_CHANGE_RANGE_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } {ID} { if (strcmp(yytext, "addcert") == 0) { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_ADD_CERT_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } else if (strcmp(yytext, "rmcert") == 0) { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_RM_CERT_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } else if (strcmp(yytext, "addext") == 0) { parserStatus = crlgen_createNewLangStruct(parserData, CRLGEN_ADD_EXTENSION_CONTEXT); if (parserStatus != SECSuccess) return parserStatus; } else { parserStatus = crlgen_setNextData(parserData, yytext, CRLGEN_TYPE_ID); if (parserStatus != SECSuccess) return parserStatus; } } "=" \"[^\"]* { if (yytext[yyleng-1] == '\\') { yymore(); } else { register int c; c = input(); if (c != '\"') { printf( "Error: Line ending \" is missing: %c\n", c); unput(c); } else { parserStatus = crlgen_setNextData(parserData, yytext + 1, CRLGEN_TYPE_STRING); if (parserStatus != SECSuccess) return parserStatus; } } } {N_SP_STRING} { parserStatus = crlgen_setNextData(parserData, yytext, CRLGEN_TYPE_STRING); if (parserStatus != SECSuccess) return parserStatus; } ^#[^\n]* /* eat up one-line comments */ {} [ \t]+ {} (\n|\r\n) { parserStatus = crlgen_updateCrl(parserData); if (parserStatus != SECSuccess) return parserStatus; } . { fprintf(stderr, "Syntax error at line %d: unknown token %s\n", parserData->parsedLineNum, yytext); return SECFailure; } %% #include "prlock.h" static PRLock *parserInvocationLock; void CRLGEN_InitCrlGenParserLock() { parserInvocationLock = PR_NewLock(); } void CRLGEN_DestroyCrlGenParserLock() { PR_DestroyLock(parserInvocationLock); } SECStatus CRLGEN_StartCrlGen(CRLGENGeneratorData *parserCtlData) { SECStatus rv; PR_Lock(parserInvocationLock); parserStatus = SECSuccess; parserData = parserCtlData; src = parserCtlData->src; rv = yylex(); PR_Unlock(parserInvocationLock); return rv; } int yywrap() {return 1;} nss-3.35/nss/cmd/crlutil/crlutil.c0000644000000000000000000010552413230126417015251 0ustar 00000000000000/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* ** certutil.c ** ** utility for managing certificates and the cert database ** */ /* test only */ #include "nspr.h" #include "plgetopt.h" #include "secutil.h" #include "cert.h" #include "certi.h" #include "certdb.h" #include "nss.h" #include "pk11func.h" #include "crlgen.h" #define SEC_CERT_DB_EXISTS 0 #define SEC_CREATE_CERT_DB 1 static char *progName; static CERTSignedCrl * FindCRL(CERTCertDBHandle *certHandle, char *name, int type) { CERTSignedCrl *crl = NULL; CERTCertificate *cert = NULL; SECItem derName; derName.data = NULL; derName.len = 0; cert = CERT_FindCertByNicknameOrEmailAddr(certHandle, name); if (!cert) { CERTName *certName = NULL; PLArenaPool *arena = NULL; SECStatus rv = SECSuccess; certName = CERT_AsciiToName(name); if (certName) { arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena) { SECItem *nameItem = SEC_ASN1EncodeItem(arena, NULL, (void *)certName, SEC_ASN1_GET(CERT_NameTemplate)); if (nameItem) { rv = SECITEM_CopyItem(NULL, &derName, nameItem); } PORT_FreeArena(arena, PR_FALSE); } CERT_DestroyName(certName); } if (rv != SECSuccess) { SECU_PrintError(progName, "SECITEM_CopyItem failed, out of memory"); return ((CERTSignedCrl *)NULL); } if (!derName.len || !derName.data) { SECU_PrintError(progName, "could not find certificate named '%s'", name); return ((CERTSignedCrl *)NULL); } } else { SECStatus rv = SECITEM_CopyItem(NULL, &derName, &cert->derSubject); CERT_DestroyCertificate(cert); if (rv != SECSuccess) { return ((CERTSignedCrl *)NULL); } } crl = SEC_FindCrlByName(certHandle, &derName, type); if (crl == NULL) SECU_PrintError(progName, "could not find %s's CRL", name); if (derName.data) { SECITEM_FreeItem(&derName, PR_FALSE); } return (crl); } static SECStatus DisplayCRL(CERTCertDBHandle *certHandle, char *nickName, int crlType) { CERTSignedCrl *crl = NULL; crl = FindCRL(certHandle, nickName, crlType); if (crl) { SECU_PrintCRLInfo(stdout, &crl->crl, "CRL Info:\n", 0); SEC_DestroyCrl(crl); return SECSuccess; } return SECFailure; } static void ListCRLNames(CERTCertDBHandle *certHandle, int crlType, PRBool deletecrls) { CERTCrlHeadNode *crlList = NULL; CERTCrlNode *crlNode = NULL; CERTName *name = NULL; PLArenaPool *arena = NULL; SECStatus rv; do { arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE); if (arena == NULL) { fprintf(stderr, "%s: fail to allocate memory\n", progName); break; } name = PORT_ArenaZAlloc(arena, sizeof(*name)); if (name == NULL) { fprintf(stderr, "%s: fail to allocate memory\n", progName); break; } name->arena = arena; rv = SEC_LookupCrls(certHandle, &crlList, crlType); if (rv != SECSuccess) { fprintf(stderr, "%s: fail to look up CRLs (%s)\n", progName, SECU_Strerror(PORT_GetError())); break; } /* just in case */ if (!crlList) break; crlNode = crlList->first; fprintf(stdout, "\n"); fprintf(stdout, "\n%-40s %-5s\n\n", "CRL names", "CRL Type"); while (crlNode) { char *asciiname = NULL; CERTCertificate *cert = NULL; if (crlNode->crl && crlNode->crl->crl.derName.data != NULL) { cert = CERT_FindCertByName(certHandle, &crlNode->crl->crl.derName); if (!cert) { SECU_PrintError(progName, "could not find signing " "certificate in database"); } } if (cert) { char *certName = NULL; if (cert->nickname && PORT_Strlen(cert->nickname) > 0) { certName = cert->nickname; } else if (cert->emailAddr && PORT_Strlen(cert->emailAddr) > 0) { certName = cert->emailAddr; } if (certName) { asciiname = PORT_Strdup(certName); } CERT_DestroyCertificate(cert); } if (!asciiname) { name = &crlNode->crl->crl.name; if (!name) { SECU_PrintError(progName, "fail to get the CRL " "issuer name"); continue; } asciiname = CERT_NameToAscii(name); } fprintf(stdout, "%-40s %-5s\n", asciiname, "CRL"); if (asciiname) { PORT_Free(asciiname); } if (PR_TRUE == deletecrls) { CERTSignedCrl *acrl = NULL; SECItem *issuer = &crlNode->crl->crl.derName; acrl = SEC_FindCrlByName(certHandle, issuer, crlType); if (acrl) { SEC_DeletePermCRL(acrl); SEC_DestroyCrl(acrl); } } crlNode = crlNode->next; } } while (0); if (crlList) PORT_FreeArena(crlList->arena, PR_FALSE); PORT_FreeArena(arena, PR_FALSE); } static SECStatus ListCRL(CERTCertDBHandle *certHandle, char *nickName, int crlType) { if (nickName == NULL) { ListCRLNames(certHandle, crlType, PR_FALSE); return SECSuccess; } return DisplayCRL(certHandle, nickName, crlType); } static SECStatus DeleteCRL(CERTCertDBHandle *certHandle, char *name, int type) { CERTSignedCrl *crl = NULL; SECStatus rv = SECFailure; crl = FindCRL(certHandle, name, type); if (!crl) { SECU_PrintError(progName, "could not find the issuer %s's CRL", name); return SECFailure; } rv = SEC_DeletePermCRL(crl); SEC_DestroyCrl(crl); if (rv != SECSuccess) { SECU_PrintError(progName, "fail to delete the issuer %s's CRL " "from the perm database (reason: %s)", name, SECU_Strerror(PORT_GetError())); return SECFailure; } return (rv); } SECStatus ImportCRL(CERTCertDBHandle *certHandle, char *url, int type, PRFileDesc *inFile, PRInt32 importOptions, PRInt32 decodeOptions, secuPWData *pwdata) { CERTSignedCrl *crl = NULL; SECItem crlDER; PK11SlotInfo *slot = NULL; int rv; #if defined(DEBUG_jp96085) PRIntervalTime starttime, endtime, elapsed; PRUint32 mins, secs, msecs; #endif crlDER.data = NULL; /* Read in the entire file specified with the -f argument */ rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE, PR_FALSE); if (rv != SECSuccess) { SECU_PrintError(progName, "unable to read input file"); return (SECFailure); } decodeOptions |= CRL_DECODE_DONT_COPY_DER; slot = PK11_GetInternalKeySlot(); if (PK11_NeedLogin(slot)) { rv = PK11_Authenticate(slot, PR_TRUE, pwdata); if (rv != SECSuccess) goto loser; } #if defined(DEBUG_jp96085) starttime = PR_IntervalNow(); #endif crl = PK11_ImportCRL(slot, &crlDER, url, type, NULL, importOptions, NULL, decodeOptions); #if defined(DEBUG_jp96085) endtime = PR_IntervalNow(); elapsed = endtime - starttime; mins = PR_IntervalToSeconds(elapsed) / 60; secs = PR_IntervalToSeconds(elapsed) % 60; msecs = PR_IntervalToMilliseconds(elapsed) % 1000; printf("Elapsed : %2d:%2d.%3d\n", mins, secs, msecs); #endif if (!crl) { const char *errString; rv = SECFailure; errString = SECU_Strerror(PORT_GetError()); if (errString && PORT_Strlen(errString) == 0) SECU_PrintError(progName, "CRL is not imported (error: input CRL is not up to date.)"); else SECU_PrintError(progName, "unable to import CRL"); } else { SEC_DestroyCrl(crl); } loser: if (slot) { PK11_FreeSlot(slot); } SECITEM_FreeItem(&crlDER, PR_FALSE); return (rv); } SECStatus DumpCRL(PRFileDesc *inFile) { int rv; PLArenaPool *arena = NULL; CERTSignedCrl *newCrl = NULL; SECItem crlDER; crlDER.data = NULL; /* Read in the entire file specified with the -f argument */ rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE, PR_FALSE); if (rv != SECSuccess) { SECU_PrintError(progName, "unable to read input file"); return (SECFailure); } rv = SEC_ERROR_NO_MEMORY; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) return rv; newCrl = CERT_DecodeDERCrlWithFlags(arena, &crlDER, SEC_CRL_TYPE, CRL_DECODE_DEFAULT_OPTIONS); if (!newCrl) return SECFailure; SECU_PrintCRLInfo(stdout, &newCrl->crl, "CRL file contents", 0); PORT_FreeArena(arena, PR_FALSE); return rv; } static CERTCertificate * FindSigningCert(CERTCertDBHandle *certHandle, CERTSignedCrl *signCrl, char *certNickName) { CERTCertificate *cert = NULL, *certTemp = NULL; SECStatus rv = SECFailure; CERTAuthKeyID *authorityKeyID = NULL; SECItem *subject = NULL; PORT_Assert(certHandle != NULL); if (!certHandle || (!signCrl && !certNickName)) { SECU_PrintError(progName, "invalid args for function " "FindSigningCert \n"); return NULL; } if (signCrl) { #if 0 authorityKeyID = SECU_FindCRLAuthKeyIDExten(tmpArena, scrl); #endif subject = &signCrl->crl.derName; } else { certTemp = CERT_FindCertByNickname(certHandle, certNickName); if (!certTemp) { SECU_PrintError(progName, "could not find certificate \"%s\" " "in database", certNickName); goto loser; } subject = &certTemp->derSubject; } cert = SECU_FindCrlIssuer(certHandle, subject, authorityKeyID, PR_Now()); if (!cert) { SECU_PrintError(progName, "could not find signing certificate " "in database"); goto loser; } else { rv = SECSuccess; } loser: if (certTemp) CERT_DestroyCertificate(certTemp); if (cert && rv != SECSuccess) CERT_DestroyCertificate(cert); return cert; } static CERTSignedCrl * CreateModifiedCRLCopy(PLArenaPool *arena, CERTCertDBHandle *certHandle, CERTCertificate **cert, char *certNickName, PRFileDesc *inFile, PRInt32 decodeOptions, PRInt32 importOptions, secuPWData *pwdata) { SECItem crlDER = { 0, NULL, 0 }; CERTSignedCrl *signCrl = NULL; CERTSignedCrl *modCrl = NULL; PLArenaPool *modArena = NULL; SECStatus rv = SECSuccess; if (!arena || !certHandle || !certNickName) { PORT_SetError(SEC_ERROR_INVALID_ARGS); SECU_PrintError(progName, "CreateModifiedCRLCopy: invalid args\n"); return NULL; } modArena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE); if (!modArena) { SECU_PrintError(progName, "fail to allocate memory\n"); return NULL; } if (inFile != NULL) { rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE, PR_FALSE); if (rv != SECSuccess) { SECU_PrintError(progName, "unable to read input file"); PORT_FreeArena(modArena, PR_FALSE); goto loser; } decodeOptions |= CRL_DECODE_DONT_COPY_DER; modCrl = CERT_DecodeDERCrlWithFlags(modArena, &crlDER, SEC_CRL_TYPE, decodeOptions); if (!modCrl) { SECU_PrintError(progName, "fail to decode CRL"); goto loser; } if (0 == (importOptions & CRL_IMPORT_BYPASS_CHECKS)) { /* If caCert is a v2 certificate, make sure that it * can be used for crl signing purpose */ *cert = FindSigningCert(certHandle, modCrl, NULL); if (!*cert) { goto loser; } rv = CERT_VerifySignedData(&modCrl->signatureWrap, *cert, PR_Now(), pwdata); if (rv != SECSuccess) { SECU_PrintError(progName, "fail to verify signed data\n"); goto loser; } } } else { modCrl = FindCRL(certHandle, certNickName, SEC_CRL_TYPE); if (!modCrl) { SECU_PrintError(progName, "fail to find crl %s in database\n", certNickName); goto loser; } } signCrl = PORT_ArenaZNew(arena, CERTSignedCrl); if (signCrl == NULL) { SECU_PrintError(progName, "fail to allocate memory\n"); goto loser; } rv = SECU_CopyCRL(arena, &signCrl->crl, &modCrl->crl); if (rv != SECSuccess) { SECU_PrintError(progName, "unable to dublicate crl for " "modification."); goto loser; } /* Make sure the update time is current. It can be modified later * by "update