1
Index: nss/mozilla/security/nss/lib/ckfw/builtins/certdata.c
2
===================================================================
3
--- nss.orig/mozilla/security/nss/lib/ckfw/builtins/certdata.c 2013-01-04 10:45:04.000000000 +0100
4
+++ nss/mozilla/security/nss/lib/ckfw/builtins/certdata.c 2013-01-04 10:55:44.103730849 +0100
6
static const CK_ATTRIBUTE_TYPE nss_builtins_types_351 [] = {
7
CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
9
+static const CK_ATTRIBUTE_TYPE nss_builtins_types_352 [] = {
10
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
12
+static const CK_ATTRIBUTE_TYPE nss_builtins_types_353 [] = {
13
+ CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING, CKA_TRUST_STEP_UP_APPROVED
16
static const NSSItem nss_builtins_items_0 [] = {
17
{ (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
18
@@ -24092,6 +24098,56 @@
19
{ (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
20
{ (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
22
+static const NSSItem nss_builtins_items_352 [] = {
23
+ { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
24
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
25
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
26
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
27
+ { (void *)"TURKTRUST Mis-issued Intermediate CA 1", (PRUint32)39 },
28
+ { (void *)"\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303"
29
+"\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157"
30
+"\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151"
31
+"\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145"
32
+"\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061"
33
+"\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124"
34
+"\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164"
35
+"\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151"
36
+"\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151"
37
+"\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050"
38
+"\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065"
40
+ { (void *)"\002\002\010\047"
42
+ { (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
43
+ { (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
44
+ { (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
45
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
47
+static const NSSItem nss_builtins_items_353 [] = {
48
+ { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
49
+ { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
50
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
51
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
52
+ { (void *)"TURKTRUST Mis-issued Intermediate CA 2", (PRUint32)39 },
53
+ { (void *)"\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303"
54
+"\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157"
55
+"\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151"
56
+"\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145"
57
+"\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061"
58
+"\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124"
59
+"\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164"
60
+"\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151"
61
+"\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151"
62
+"\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050"
63
+"\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065"
65
+ { (void *)"\002\002\010\144"
67
+ { (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
68
+ { (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
69
+ { (void *)&ckt_netscape_untrusted, (PRUint32)sizeof(CK_TRUST) },
70
+ { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }
73
builtinsInternalObject
74
nss_builtins_data[] = {
75
@@ -24448,11 +24504,13 @@
76
{ 11, nss_builtins_types_348, nss_builtins_items_348, {NULL} },
77
{ 13, nss_builtins_types_349, nss_builtins_items_349, {NULL} },
78
{ 11, nss_builtins_types_350, nss_builtins_items_350, {NULL} },
79
- { 13, nss_builtins_types_351, nss_builtins_items_351, {NULL} }
80
+ { 13, nss_builtins_types_351, nss_builtins_items_351, {NULL} },
81
+ { 11, nss_builtins_types_352, nss_builtins_items_352, {NULL} },
82
+ { 11, nss_builtins_types_353, nss_builtins_items_353, {NULL} }
86
- nss_builtins_nObjects = 351+1;
87
+ nss_builtins_nObjects = 353+1;
89
- nss_builtins_nObjects = 351;
90
+ nss_builtins_nObjects = 353;
92
Index: nss/mozilla/security/nss/lib/ckfw/builtins/certdata.txt
93
===================================================================
94
--- nss.orig/mozilla/security/nss/lib/ckfw/builtins/certdata.txt 2013-01-04 10:45:04.000000000 +0100
95
+++ nss/mozilla/security/nss/lib/ckfw/builtins/certdata.txt 2013-01-04 10:55:40.447819677 +0100
96
@@ -24815,3 +24815,70 @@
97
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_UNTRUSTED
98
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
100
+# Explicitly Distrust "TURKTRUST Mis-issued Intermediate CA 1", Bug 825022
101
+# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,C=TR,CN=T..RKTRUST Elektronik Sunucu Sertifikas.. Hizmetleri
102
+# Serial Number: 2087 (0x827)
103
+# Subject: CN=*.EGO.GOV.TR,OU=EGO BILGI ISLEM,O=EGO,L=ANKARA,ST=ANKARA,C=TR
104
+# Not Valid Before: Mon Aug 08 07:07:51 2011
105
+# Not Valid After : Tue Jul 06 07:07:51 2021
106
+# Fingerprint (MD5): F8:F5:25:FF:0C:31:CF:85:E1:0C:86:17:C1:CE:1F:8E
107
+# Fingerprint (SHA1): C6:9F:28:C8:25:13:9E:65:A6:46:C4:34:AC:A5:A1:D2:00:29:5D:B1
108
+CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
109
+CKA_TOKEN CK_BBOOL CK_TRUE
110
+CKA_PRIVATE CK_BBOOL CK_FALSE
111
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
112
+CKA_LABEL UTF8 "TURKTRUST Mis-issued Intermediate CA 1"
113
+CKA_ISSUER MULTILINE_OCTAL
114
+\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303
115
+\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
116
+\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151
117
+\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145
118
+\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061
119
+\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124
120
+\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164
121
+\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151
122
+\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151
123
+\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050
124
+\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065
126
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
129
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_UNTRUSTED
130
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_UNTRUSTED
131
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_UNTRUSTED
132
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
134
+# Explicitly Distrust "TURKTRUST Mis-issued Intermediate CA 2", Bug 825022
135
+# Issuer: O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A...,C=TR,CN=T..RKTRUST Elektronik Sunucu Sertifikas.. Hizmetleri
136
+# Serial Number: 2148 (0x864)
137
+# Subject: E=ileti@kktcmerkezbankasi.org,CN=e-islem.kktcmerkezbankasi.org,O=KKTC Merkez Bankasi,L=Lefkosa,ST=Lefkosa,C=TR
138
+# Not Valid Before: Mon Aug 08 07:07:51 2011
139
+# Not Valid After : Thu Aug 05 07:07:51 2021
140
+# Fingerprint (MD5): BF:C3:EC:AD:0F:42:4F:B4:B5:38:DB:35:BF:AD:84:A2
141
+# Fingerprint (SHA1): F9:2B:E5:26:6C:C0:5D:B2:DC:0D:C3:F2:DC:74:E0:2D:EF:D9:49:CB
142
+CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
143
+CKA_TOKEN CK_BBOOL CK_TRUE
144
+CKA_PRIVATE CK_BBOOL CK_FALSE
145
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
146
+CKA_LABEL UTF8 "TURKTRUST Mis-issued Intermediate CA 2"
147
+CKA_ISSUER MULTILINE_OCTAL
148
+\060\201\254\061\075\060\073\006\003\125\004\003\014\064\124\303
149
+\234\122\113\124\122\125\123\124\040\105\154\145\153\164\162\157
150
+\156\151\153\040\123\165\156\165\143\165\040\123\145\162\164\151
151
+\146\151\153\141\163\304\261\040\110\151\172\155\145\164\154\145
152
+\162\151\061\013\060\011\006\003\125\004\006\023\002\124\122\061
153
+\136\060\134\006\003\125\004\012\014\125\124\303\234\122\113\124
154
+\122\125\123\124\040\102\151\154\147\151\040\304\260\154\145\164
155
+\151\305\237\151\155\040\166\145\040\102\151\154\151\305\237\151
156
+\155\040\107\303\274\166\145\156\154\151\304\237\151\040\110\151
157
+\172\155\145\164\154\145\162\151\040\101\056\305\236\056\040\050
158
+\143\051\040\113\141\163\304\261\155\040\040\062\060\060\065
160
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
163
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_UNTRUSTED
164
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_UNTRUSTED
165
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_UNTRUSTED
166
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE