Index

Found 264 pages:

# Page Tags and summary
1 Network Security Services JSS, NSS, NeedsMigration
Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.
2 An overview of NSS Internals
Editorial review completed.
3 Building NSS Guide, NSS, Security
This page has detailed information on how to build NSS. Because NSS is a cross-platform library that builds on many different platforms and has many options, it may be complex to build. Please read these instructions carefully before attempting to build.
4 CERT_FindCertByDERCert NSS
No summary!
5 CERT_FindCertByIssuerAndSN NSS
No summary!
6 Certificate functions NSS
The public functions listed here are used to interact with certificate databases.
7 Cryptography functions NSS
The public functions listed here perform cryptographic operations based on the PKCS #11 interface.
8 Deprecated SSL functions NSS
The following SSL functions have been replaced with newer versions. The deprecated functions are not supported by the new SSL shared libraries. Applications that want to use the SSL shared libraries must convert to calling the new replacement functions listed below.
9 FIPS Mode - an explanation NSS
NSS, and all the programs that use NSS, such as Firefox and Thunderbird, have a "FIPS Mode".  This page attempts to provide an informal explanation of what it is, who would use it, and why.
10 Function_Name NSS
No summary!
11 Getting Started With NSS
Network Security Services (NSS) is a base library for cryptographic algorithms and secure network protocols used by Mozilla software.

Would you like to get involved and help us to improve the core security of Mozilla Firefox and other applications that make use of NSS? We are looking forward to your contributions!

We have a large list of tasks waiting for attention, and we are happy to assist you in identifying areas that match your interest or skills. You can find us on irc.mozilla.org in channel #nss or you could ask your questions on the mozilla.dev.tech.crypto newsgroup.
12 HTTP delegation Advanced, Guide, NSS
Up to version 3.11, NSS connects directly over HTTP to an OCSP responder to make the request and fetch the response. It does so in a blocking fashion, and also directly to the responder, ignoring any proxy the application may wish to use. This causes OCSP requests to fail if the network environment requires the use of a proxy.
13 HTTP delegation Advanced, Guide, NSS
Up to version 3.11, NSS connects directly over HTTP to an OCSP responder to make the request and fetch the response. It does so in a blocking fashion, and also directly to the responder, ignoring any proxy the application may wish to use. This causes OCSP requests to fail if the network environment requires the use of a proxy.
14 Index
Found 264 pages:
15 Introduction to Network Security Services Introduction, Mozilla, NSS
Network Security Services (NSS) is a set of libraries designed to support cross-platform development of communications applications that support SSL, S/MIME, and other Internet security standards. For a general overview of NSS and the standards it supports, see Overview of NSS.
16 JSS Guide, JSS, NSS, NeedsMigration
Network Security Services for Java (JSS) is a Java interface to NSS. JSS supports most of the security standards and encryption technologies supported by NSS. JSS also provides a pure Java interface for ASN.1 types and BER/DER encoding.
17 4.3 Release Notes JSS, NSS
Network Security Services for Java (JSS) 4.3 is a minor release with the following new features:
18 4.3.1 Release Notes JSS, NSPR, NSS
Network Security Services for Java (JSS) 4.3.1 is a minor release with the following new features:
19 Build instructions for JSS 4.3.x JSS
Newsgroup: mozilla.dev.tech.crypto
20 JSS FAQ JSS
Newsgroup: mozilla.dev.tech.crypto
21 JSS Provider Notes Crypto, JSS, Security
Newsgroup: mozilla.dev.tech.crypto
22 Mozilla-JSS JCA Provider notes
Newsgroup: mozilla.dev.tech.crypto
23 Using JSS JSS
Newsgroup: mozilla.dev.tech.crypto
24 NSS 3.12.4 release notes
<center></center>
25 NSS 3.12.6 release notes
No summary!
26 NSS 3.12.9 release notes NSS
<center> 2010-09-23</center> <center> Newsgroup: mozilla.dev.tech.crypto</center></center>
27 NSS 3.14 release notes
The NSS team has released Network Security Services (NSS) 3.14, which is a minor release with the following new features:
28 NSS 3.14.1 release notes
Network Security Services (NSS) 3.14.1 is a patch release for NSS 3.14. The bug fixes in NSS 3.14.1 are described in the "Bugs Fixed" section below.
29 NSS 3.14.2 release notes
Network Security Services (NSS) 3.14.2 is a patch release for NSS 3.14. The bug fixes in NSS 3.14.2 are described in the "Bugs Fixed" section below. NSS 3.14.2 should be used with NSPR 4.9.5 or newer.
30 NSS 3.14.3 release notes
Network Security Services (NSS) 3.14.3 is a patch release for NSS 3.14. The bug fixes in NSS 3.14.3 are described in the "Bugs Fixed" section below.
31 NSS 3.14.4 release notes
Network Security Services (NSS) 3.14.4 is a patch release for NSS 3.14. The bug fixes in NSS 3.14.4 are described in the "Bugs Fixed" section below.
32 NSS 3.14.5 release notes
Network Security Services (NSS) 3.14.5 is a patch release for NSS 3.14. The bug fixes in NSS 3.14.5 are described in the "Bugs Fixed" section below.
33 NSS 3.15 release notes
The NSS team has released Network Security Services (NSS) 3.15, which is a minor release.
34 NSS 3.15.1 release notes
Network Security Services (NSS) 3.15.1 is a patch release for NSS 3.15. The bug fixes in NSS 3.15.1 are described in the "Bugs Fixed" section below.
35 NSS 3.15.2 release notes
Network Security Services (NSS) 3.15.2 is a patch release for NSS 3.15. The bug fixes in NSS 3.15.2 are described in the "Bugs Fixed" section below.
36 NSS 3.15.3 release notes
Network Security Services (NSS) 3.15.3 is a patch release for NSS 3.15. The bug fixes in NSS 3.15.3 are described in the "Bugs Fixed" section below.
37 NSS 3.15.3.1 release notes
Network Security Services (NSS) 3.15.3.1 is a patch release for NSS 3.15. The bug fixes in NSS 3.15.3.1 are described in the "Bugs Fixed" section below.
38 NSS 3.15.4 release notes
Network Security Services (NSS) 3.15.4 is a patch release for NSS 3.15. The bug fixes in NSS 3.15.4 are described in the "Bugs Fixed" section below.
39 NSS 3.15.5 release notes
Network Security Services (NSS) 3.15.5 is a patch release for NSS 3.15. The bug fixes in NSS 3.15.5 are described in the "Bugs Fixed" section below.
40 NSS 3.16 release notes
The NSS team has released Network Security Services (NSS) 3.16, which is a minor release.
41 NSS 3.16.1 release notes
Network Security Services (NSS) 3.16.1 is a patch release for NSS 3.16. The bug fixes in NSS 3.16.1 are described in the "Bugs Fixed" section below.
42 NSS 3.16.2 release notes
Network Security Services (NSS) 3.16.2 is a patch release for NSS 3.16. The bug fixes in NSS 3.16.2 are described in the "Bugs Fixed" section below.
43 NSS 3.16.2.1 release notes Reference, Référence, Security
Network Security Services (NSS) 3.16.2.1 is a patch release for NSS 3.16, based on the NSS 3.16.2 release. The bug fixes in NSS 3.16.2.1 are described in the "Bugs Fixed" section below.
44 NSS 3.16.2.2 release notes Reference, Référence, Security
Network Security Services (NSS) 3.16.2.2 is a patch release for NSS 3.16. The bug fixes in NSS 3.16.2.2 are described in the "Bugs Fixed" section below.
45 NSS 3.16.2.3 release notes Reference, Référence, Security
Network Security Services (NSS) 3.16.2.3 is a patch release for NSS 3.16. The bug fixes in NSS 3.16.2.3 are described in the "Bugs Fixed" section below.
46 NSS 3.16.3 release notes
Network Security Services (NSS) 3.16.3 is a patch release for NSS 3.16. The bug fixes in NSS 3.16.3 are described in the "Bugs Fixed" section below.
47 NSS 3.16.4 release notes
Network Security Services (NSS) 3.16.4 is a patch release for NSS 3.16. The bug fixes in NSS 3.16.4 are described in the "Bugs Fixed" section below.
48 NSS 3.16.5 release notes Reference, Référence, Security
Network Security Services (NSS) 3.16.5 is a patch release for NSS 3.16. The bug fixes in NSS 3.16.5 are described in the "Bugs Fixed" section below.
49 NSS 3.16.6 release notes Reference, Référence, Security
Network Security Services (NSS) 3.16.6 is a patch release for NSS 3.16. The bug fixes in NSS 3.16.6 are described in the "Bugs Fixed" section below.
50 NSS 3.17 release notes
The NSS team has released Network Security Services (NSS) 3.17, which is a minor release.
51 NSS 3.17.1 release notes Reference, Référence, Security
Network Security Services (NSS) 3.17.1 is a patch release for NSS 3.17. The bug fixes in NSS 3.17.1 are described in the "Bugs Fixed" section below.
52 NSS 3.17.2 release notes
Network Security Services (NSS) 3.17.2 is a patch release for NSS 3.17. The bug fixes in NSS 3.17.2 are described in the "Bugs Fixed" section below.
53 NSS 3.17.3 release notes Guide, NSS, Security
Network Security Services (NSS) 3.17.3 is a patch release for NSS 3.17. The bug fixes in NSS 3.17.3 are described in the "Bugs Fixed" section below.
54 NSS 3.17.4 release notes Guide, NSS, Security
Network Security Services (NSS) 3.17.4 is a patch release for NSS 3.17. The bug fixes in NSS 3.17.4 are described in the "Bugs Fixed" section below.
55 NSS 3.18 release notes Guide, NSS, NeedsContent, Security
The NSS team has released Network Security Services (NSS) 3.18, which is a minor release.
56 NSS 3.18.1 release notes Networking, Security
Network Security Services (NSS) 3.18.1 is a patch release for NSS 3.18. The bug fixes in NSS 3.18.1 are described in the "Bugs Fixed" section below.
57 NSS 3.19 release notes
The NSS team has released Network Security Services (NSS) 3.19, which is a minor security release.
58 NSS 3.19.1 release notes
Network Security Services (NSS) 3.19.1 is a security release for NSS 3.19. The bug fixes in NSS 3.19.1 are described in the "Bugs Fixed" section below.
59 NSS 3.19.2 release notes
Network Security Services (NSS) 3.19.2 is a patch release for NSS 3.19 that addresses compatibility issues in NSS 3.19.1.
60 NSS 3.19.2.1 release notes
Network Security Services (NSS) 3.19.2.1 is a patch release for NSS 3.19.2. The bug fixes in NSS 3.19.2.1 are described in the "Security Advisories" section below.
61 NSS 3.19.2.2 release notes
Network Security Services (NSS) 3.19.2.2 is a security patch release for NSS 3.19.2. The bug fixes in NSS 3.19.2.2 are described in the "Security Fixes" section below.
62 NSS 3.19.2.3 release notes
Network Security Services (NSS) 3.19.2.3 is a security patch release for NSS 3.19.2. The bug fixes in NSS 3.19.2.3 are described in the "Security Fixes" section below.
63 NSS 3.19.2.4 release notes NSS
Network Security Services (NSS) 3.19.2.4 is a security patch release for NSS 3.19.2. The bug fixed in NSS 3.19.2.4 have been described in the "Security Fixes" section below.
64 NSS 3.19.3 release notes
Network Security Services (NSS) 3.19.3 is a patch release for NSS 3.19. The bug fixes in NSS 3.19.3 are described in the "Bugs Fixed" section below.
65 NSS 3.19.4 release notes
Network Security Services (NSS) 3.19.4 is a patch release for NSS 3.19. The bug fixes in NSS 3.19.4 are described in the "Security Advisories" section below.
66 NSS 3.20 release notes
Editorial review completed.
67 NSS 3.20.1 release notes
Network Security Services (NSS) 3.20.1 is a patch release for NSS 3.20. The bug fixes in NSS 3.20.1 are described in the "Security Advisories" section below.
68 NSS 3.20.2 release notes
Network Security Services (NSS) 3.20.2 is a security patch release for NSS 3.20. The bug fixes in NSS 3.20.2 are described in the "Security Fixes" section below.
69 NSS 3.21 release notes
2016-01-07, this page has been updated to include additional information about the release. The sections "Security Fixes" and "Acknowledgements" have been added.
70 NSS 3.21.1 release notes
Network Security Services (NSS) 3.21.1 is a security patch release for NSS 3.21. The bug fixes in NSS 3.21.1 are described in the "Security Fixes" section below.
71 NSS 3.22 release notes
The NSS team has released Network Security Services (NSS) 3.22, which is a minor release.
72 NSS 3.22.1 release notes
Network Security Services (NSS) 3.22.1 is a patch release for NSS 3.22. The bug fixes in NSS 3.22.1 are described in the "Notable Changes" section below.
73 NSS 3.22.2 release notes
Network Security Services (NSS) 3.22.2 is a security patch release for NSS 3.22. The bug fixes in NSS 3.22.2 are described in the "Security Fixes" section below.
74 NSS 3.22.3 release notes
Network Security Services (NSS) 3.22.3 is a patch release for NSS 3.22. The bug fixes in NSS 3.22.3 are described in the "Bugs fixed" section below.
75 NSS 3.23 release notes Networking, Security
The NSS team has released Network Security Services (NSS) 3.23, which is a minor release.
76 NSS 3.24 release notes NSS, Release Notes
The Network Security Services (NSS) team has released NSS 3.24, which is a minor release.
77 NSS 3.25 release notes NSS, Release Notes
The Network Security Services (NSS) team has released NSS 3.25, which is a minor release.
78 NSS 3.26 release notes NSS, Release Notes
The Network Security Services (NSS) team has released NSS 3.26, which is a minor release.
79 NSS API Guidelines
Newsgroup: mozilla.dev.tech.crypto
80 NSS CERTVerify Log NSS
All the NSS verify functions except, the *VerifyNow() functions, take a parameter called 'CERTVerifyLog'. If you supply the log parameter, NSS will continue chain validation after each error . The log tells you what the problem was with the chain and what certificate in the chain failed.
81 NSS Certificate Download Specification NSS
This document describes the data formats used by NSS 3.x for installing certificates. This document is currently being revised and has not yet been reviewed for accuracy.
82 NSS Code Coverage NSS
No summary!
83 NSS Developer Tutorial NSS, Tutorial
No summary!
84 NSS FAQ NSS, NeedsUpdate
NSS is set of libraries, APIs, utilities, and documentation designed to support cross-platform development of security-enabled client and server applications. It provides a complete open-source implementation of the crypto libraries used by Mozilla and other companies in the Firefox browser, AOL Instant Messenger (AIM), server products from Red Hat, and other products.
85 NSS Key Log Format
Key logs can be written by NSS so that external programs can decrypt TLS connections. Wireshark 1.6.0 and above can use these log files to decrypt packets. You can tell Wireshark where to find the key file via Edit→Preferences→Protocols→SSL→(Pre)-Master-Secret log filename.
86 NSS Memory allocation NSS
NSS makes extensive use of NSPR's PLArenaPools for memory allocation.
87 NSS PKCS11 Functions NSS
This chapter describes the core PKCS #11 functions that an application needs for communicating with cryptographic modules. In particular, these functions are used for obtaining certificates, keys, and passwords. This was converted from "Chapter 7: PKCS #11 Functions".
88 NSS Releases Landing, NSS, Security
The current Stable release of NSS is 3.25, which was released on June 23, 2016. Instructions on how to obtain NSS 3.25 can be found in the Release Notes.
89 NSS Sample Code NSS
The collection of sample code here demonstrates how NSS can be used for cryptographic operations, certificate handling, SSL, etc. It also demonstrates some best practices in the application of cryptography.
90 NSS Sample Code Sample1
This is an example program that demonstrates how to do key generation and transport between cooperating servers.  This program shows the following:
91 NSS Sample Code Sample_1_Hashing Examples, NSS, Security
This is an example program that demonstrates how to compute the hash of a file and save it to another file.  This program illustrates the use of NSS message APIs.
92 NSS Sample Code Sample_2_Initialization of NSS Examples, NSS, Security
This example program demonstrates how to initialize the NSS Database.  This program illustrates password handling.
93 NSS Sample Code Sample_3_Basic Encryption and MACing Examples, NSS, Security
This example program demonstrates how to encrypt and MAC a file.
94 NSS Sample Code Utilities_1 Examples, NSS, Security
This is a library of utilities used by many of the samples.  This code shows the following:
95 NSS Sample Code sample2

/* Example code to illustrate DES enccryption/decryption using NSS.
 * The example skips the details of obtaining the Key & IV to use, and
 * just uses a hardcoded Key & IV.
 * Note: IV is only needed if Cipher Blocking Chaining (CBC) mode of encryption
 *       is used
 *
 * The recommended approach is to store and transport WRAPPED (encrypted)
 * DES Keys (IVs can be in the clear). However, it is a common (and dangerous)
 * practice to use raw DES Keys. This example shows the use of a RAW key.
 */


#include "nss.h"
#include "pk11pub.h"

/* example Key & IV */
unsigned char gKey[] = {0xe8, 0xa7, 0x7c, 0xe2, 0x05, 0x63, 0x6a, 0x31};
unsigned char gIV[] = {0xe4, 0xbb, 0x3b, 0xd3, 0xc3, 0x71, 0x2e, 0x58};

int main(int argc, char **argv)
{
  CK_MECHANISM_TYPE  cipherMech;
  PK11SlotInfo*      slot = NULL;
  PK11SymKey*        SymKey = NULL;
  SECItem*           SecParam = NULL;
  PK11Context*       EncContext = NULL;
  SECItem            keyItem, ivItem;
  SECStatus          rv, rv1, rv2;
  unsigned char      data[1024], buf1[1024], buf2[1024];
  int                i, result_len, tmp1_outlen, tmp2_outlen;

  /* Initialize NSS
   * If your application code has already initialized NSS, you can skip it
   * here.
   * This code uses the simplest of the Init functions, which does not
   * require a NSS database to exist
   */
  rv = NSS_NoDB_Init(".");
  if (rv != SECSuccess)
  {
    fprintf(stderr, "NSS initialization failed (err %d)\n",
            PR_GetError());
    goto out;
  }

  /* choose mechanism: CKM_DES_CBC_PAD, CKM_DES3_ECB, CKM_DES3_CBC..... 
   * Note that some mechanisms (*_PAD) imply the padding is handled for you
   * by NSS. If you choose something else, then data padding is the
   * application's responsibility
   */
  cipherMech = CKM_DES_CBC_PAD;
  slot = PK11_GetBestSlot(cipherMech, NULL);
  /* slot = PK11_GetInternalKeySlot(); is a simpler alternative but in
   * theory, it *may not* return the optimal slot for the operation. For
   * DES ops, Internal slot is typically the best slot
   */
  if (slot == NULL)
  {
    fprintf(stderr, "Unable to find security device (err %d)\n",
            PR_GetError());
    goto out;
  }

  /* NSS passes blobs around as SECItems. These contain a pointer to
   * data and a length. Turn the raw key into a SECItem. */
  keyItem.type = siBuffer;
  keyItem.data = gKey;
  keyItem.len = sizeof(gKey);

  /* Turn the raw key into a key object. We use PK11_OriginUnwrap
   * to indicate the key was unwrapped - which is what should be done
   * normally anyway - using raw keys isn't a good idea */
  SymKey = PK11_ImportSymKey(slot, cipherMech, PK11_OriginUnwrap, CKA_ENCRYPT,
                             &keyItem, NULL);
  if (SymKey == NULL)
  {
    fprintf(stderr, "Failure to import key into NSS (err %d)\n",
            PR_GetError());
    goto out;
  }

  /* set up the PKCS11 encryption paramters.
   * when not using CBC mode, ivItem.data and ivItem.len can be 0, or you
   * can simply pass NULL for the iv parameter in PK11_ParamFromIV func
   */
  ivItem.type = siBuffer;
  ivItem.data = gIV;
  ivItem.len = sizeof(gIV);
  SecParam = PK11_ParamFromIV(cipherMech, &ivItem);
  if (SecParam == NULL)
  {
    fprintf(stderr, "Failure to set up PKCS11 param (err %d)\n",
            PR_GetError());
    goto out;
  }

  /* sample data we'll encrypt and decrypt */
  strcpy(data, "Encrypt me!");
  fprintf(stderr, "Clear Data: %s\n", data);

  /* ========================= START SECTION ============================= */
  /* If using the the same key and iv over and over, stuff before this     */
  /* section and after this section needs to be done only ONCE             */

  /* ENCRYPT data into buf1. buf1 len must be atleast (data len + 8) */
  tmp1_outlen = tmp2_outlen = 0;
 
  /* Create cipher context */
  EncContext = PK11_CreateContextBySymKey(cipherMech, CKA_ENCRYPT,
                                          SymKey, SecParam);
  rv1 = PK11_CipherOp(EncContext, buf1, &tmp1_outlen, sizeof(buf1),
                      data, strlen(data)+1);
  rv2 = PK11_DigestFinal(EncContext, buf1+tmp1_outlen, &tmp2_outlen,
                         sizeof(buf1)-tmp1_outlen);
  PK11_DestroyContext(EncContext, PR_TRUE);
  result_len = tmp1_outlen + tmp2_outlen;
  if (rv1 != SECSuccess || rv2 != SECSuccess)
    goto out;

  fprintf(stderr, "Encrypted Data: ");
  for (i=0; i<result_len; i++)
    fprintf(stderr, "%02x ", buf1[i]);
  fprintf(stderr, "\n");


  /* DECRYPT buf1 into buf2. buf2 len must be atleast buf1 len */
  tmp1_outlen = tmp2_outlen = 0;
 
  /* Create cipher context */
  EncContext = PK11_CreateContextBySymKey(cipherMech, CKA_DECRYPT,
                                          SymKey, SecParam);
  rv1 = PK11_CipherOp(EncContext, buf2, &tmp1_outlen, sizeof(buf2),
                      buf1, result_len);
  rv2 = PK11_DigestFinal(EncContext, buf2+tmp1_outlen, &tmp2_outlen,
                         result_len-tmp1_outlen);
  PK11_DestroyContext(EncContext, PR_TRUE);
  result_len = tmp1_outlen + tmp2_outlen;
  if (rv1 != SECSuccess || rv2 != SECSuccess)
    goto out;
 
  fprintf(stderr, "Decrypted Data: %s\n", buf2);

  /* =========================== END SECTION ============================= */

 
out:
  if (SymKey)
    PK11_FreeSymKey(SymKey);
  if (SecParam)
    SECITEM_FreeItem(SecParam, PR_TRUE);

}
96 NSS Sample Code sample3

/*
 * Demonstration program for hashing and MACs
 */

#include <iostream.h>

#include "pk11pub.h"
#include "nss.h"

static void
printDigest(unsigned char *digest, unsigned int len)
{
  int i;

  cout << "length: " << len << endl;
  for(i = 0;i < len;i++) printf("%02x ", digest[i]);
  cout << endl;
}

/*
 * main
 */
int
main(int argc, const char *argv[])
{
  int status = 0;
  PK11SlotInfo *slot = 0;
  PK11SymKey *key = 0;
  PK11Context *context = 0;
  unsigned char data[80];
  unsigned char digest[20]; /*Is there a way to tell how large the output is?*/
  unsigned int len;
  SECStatus s;

  /* Initialize NSS
   * If your application code has already initialized NSS, you can skip it
   * here.
   * This code uses the simplest of the Init functions, which does not
   * require a NSS database to exist
   */
  NSS_NoDB_Init(".");

  /* Get a slot to use for the crypto operations */
  slot = PK11_GetInternalKeySlot();
  if (!slot)
  {
    cout << "GetInternalKeySlot failed" << endl;
    status = 1;
    goto done;
  }

  /*
   *  Part 1 - Simple hashing
   */
  cout << "Part 1 -- Simple hashing" << endl;

  /* Initialize data */
  memset(data, 0xbc, sizeof data);

  /* Create a context for hashing (digesting) */
  context = PK11_CreateDigestContext(SEC_OID_MD5);
  if (!context) { cout << "CreateDigestContext failed" << endl; goto done; }

  s = PK11_DigestBegin(context);
  if (s != SECSuccess) { cout << "DigestBegin failed" << endl; goto done; }

  s = PK11_DigestOp(context, data, sizeof data);
  if (s != SECSuccess) { cout << "DigestUpdate failed" << endl; goto done; }

  s = PK11_DigestFinal(context, digest, &len, sizeof digest);
  if (s != SECSuccess) { cout << "DigestFinal failed" << endl; goto done; }

  /* Print digest */
  printDigest(digest, len);

  PK11_DestroyContext(context, PR_TRUE);
  context = 0;

  /*
   *  Part 2 - Hashing with included secret key
   */
  cout << "Part 2 -- Hashing with included secret key" << endl;

  /* Initialize data */
  memset(data, 0xbc, sizeof data);

  /* Create a Key */
  key = PK11_KeyGen(slot, CKM_GENERIC_SECRET_KEY_GEN, 0, 128, 0);
  if (!key) { cout << "Create key failed" << endl; goto done; }

  cout << (void *)key << endl;

  /* Create parameters for crypto context */
  /* NOTE: params must be provided, but may be empty */
  SECItem noParams;
  noParams.type = siBuffer;
  noParams.data = 0;
  noParams.len = 0;

  /* Create context using the same slot as the key */
//  context = PK11_CreateDigestContext(SEC_OID_MD5);
  context = PK11_CreateContextBySymKey(CKM_MD5, CKA_DIGEST, key, &noParams);
  if (!context) { cout << "CreateDigestContext failed" << endl; goto done; }

  s = PK11_DigestBegin(context);
  if (s != SECSuccess) { cout << "DigestBegin failed" << endl; goto done; }

  s = PK11_DigestKey(context, key);
  if (s != SECSuccess) { cout << "DigestKey failed" << endl; goto done; }

  s = PK11_DigestOp(context, data, sizeof data);
  if (s != SECSuccess) { cout << "DigestUpdate failed" << endl; goto done; }

  s = PK11_DigestFinal(context, digest, &len, sizeof digest);
  if (s != SECSuccess) { cout << "DigestFinal failed" << endl; goto done; }

  /* Print digest */
  printDigest(digest, len);

  PK11_DestroyContext(context, PR_TRUE);
  context = 0;

  /*
   *  Part 3 - MAC (with secret key)
   */
  cout << "Part 3 -- MAC (with secret key)" << endl;

  /* Initialize data */
  memset(data, 0xbc, sizeof data);

  context = PK11_CreateContextBySymKey(CKM_MD5_HMAC, CKA_SIGN, key, &noParams);
  if (!context) { cout << "CreateContextBySymKey failed" << endl; goto done; }

  s = PK11_DigestBegin(context);
  if (s != SECSuccess) { cout << "DigestBegin failed" << endl; goto done; }

  s = PK11_DigestOp(context, data, sizeof data);
  if (s != SECSuccess) { cout << "DigestOp failed" << endl; goto done; }

  s = PK11_DigestFinal(context, digest, &len, sizeof digest);
  if (s != SECSuccess) { cout << "DigestFinal failed" << endl; goto done; }

  /* Print digest */
  printDigest(digest, len);

  PK11_DestroyContext(context, PR_TRUE);
  context = 0;

done:
  if (context) PK11_DestroyContext(context, PR_TRUE);  /* freeit ?? */
  if (key) PK11_FreeSymKey(key);
  if (slot) PK11_FreeSlot(slot);

  return status;
}

97 NSS Sample Code sample4

/* Example code to illustrate PKI crypto ops (encrypt with public key,
 * decrypt with private key)
 *
 * Code assumes that you have set up a NSS database with a certificate
 * and a private key. The db password should be "test" and the cert
 * nickname should be "TestCA"
 * Here is one way of doing it:
 *   # create CA cert db, if -f not provided, prompts for passwd
 *   $ certutil -N -d .
 *   # create CA cert, self-signed, generates key-pair, prompts for key
 *   # type, cert type etc
 *   # answers for prompts: 5,9,n,y,-1,n,5,6,7,9,n
 *   $ certutil -S -s "CN=Test CA, O=BOGUS Inc, L=Mtn View, ST=CA, C=US"  \
 *     -n TestCA -t CTu,CTu,CTu -v 60 -x -d . -1 -2 -5
 *
 * There are many ways to setup a public/private key to use - this
 * example shows one of them.
 *
 * This example does not do any padding. It simply encrypts/decrypts a block
 * of length equal to modulus length of the public/private key.
 */


#include "nss.h"
#include "pk11pub.h"


/* this callback is responsible for returning the password to the NSS
 * key database. for example purposes, this function hardcodes the password.
 * In a real app, this function should obtain the password using secure means
 * such as prompting an operator, or retrieving it over a secure communication
 * channel
 */
char *passwdcb(PK11SlotInfo *info, PRBool retry, void *arg);


int main(int argc, char **argv)
{
  SECStatus          rv;
  CERTCertificate   *cert = NULL;
  SECKEYPublicKey   *pubkey = NULL;
  SECKEYPrivateKey  *pvtkey = NULL;
  int                modulus_len, i, outlen;
  char              *buf1 = NULL;
  char              *buf2 = NULL;
 
  /* Initialize NSS */
  PK11_SetPasswordFunc(passwdcb);
  rv = NSS_Init(".");
  if (rv != SECSuccess)
  {
    fprintf(stderr, "NSS initialization failed (err %d)\n",
            PR_GetError());
    goto cleanup;
  }
 
  cert = PK11_FindCertFromNickname("TestCA", NULL);
  if (cert == NULL)
  {
    fprintf(stderr, "Couldn't find cert TestCA in NSS db (err %d)\n",
            PR_GetError());
    goto cleanup;
  }
 
  pubkey = CERT_ExtractPublicKey(cert);
  if (pubkey == NULL)
  {
    fprintf(stderr, "Couldn't extract public key from cert TestCA (err %d)\n",
            PR_GetError());
    goto cleanup;
  }

  modulus_len = SECKEY_PublicKeyStrength(pubkey);
  fprintf(stderr, "Public Key Modulus %d bytes\n", modulus_len);
  buf1 = (char *)malloc(modulus_len);
  buf2 = (char *)malloc(modulus_len);

  /* initialize buf1 */
  for (i=0;i<modulus_len;i++)
  {
    buf1[i]= (i %26) + 'A';
  }
  buf1[modulus_len-1] = '\0';
  fprintf(stderr, "Buffer being encrypted = \n%s\n", buf1);

  /* encrypt buf1, result will be in buf2 */
  rv = PK11_PubEncryptRaw(pubkey, buf2, buf1, modulus_len, NULL);
  if (rv != SECSuccess)
  {
    fprintf(stderr, "Encrypt with Public Key failed (err %d)\n",
            PR_GetError());
    goto cleanup;
  }
 
  pvtkey = PK11_FindKeyByAnyCert(cert, NULL);
  if (pvtkey == NULL)
  {
    fprintf(stderr, "Couldn't find private key for cert TestCA (err %d)\n",
            PR_GetError());
    goto cleanup;
  }

  /* clear buf1 */
  for (i=0;i<modulus_len;i++)
  {
    buf1[i]= '\0';
  }

  /* decrypt buf2, result will be in buf1 */
  rv = PK11_PubDecryptRaw(pvtkey, buf1, &outlen, modulus_len, buf2,
                          modulus_len);
  if (rv != SECSuccess)
  {
    fprintf(stderr, "Decrypt with Private Key failed (err %d)\n",
            PR_GetError());
    goto cleanup;
  }
 
  fprintf(stderr, "Result of decryption, outlen = %d\n", outlen);
  fprintf(stderr, "Result of decryption, buf = \n%s\n", buf1);

  exit(0);
 
cleanup:
  if (cert)
    CERT_DestroyCertificate(cert);
  if (pubkey)
    SECKEY_DestroyPublicKey(pubkey);
  if (pvtkey)
    SECKEY_DestroyPrivateKey(pvtkey);
  if (buf1)
    free(buf1);
  if (buf2)
    free(buf2);                          
  exit(1);
}

char *passwdcb(PK11SlotInfo *info, PRBool retry, void *arg)
{
  if (!retry)
    return PL_strdup("test");
  else
    return NULL;
}

98 NSS Sample Code sample5

/* Example code to illustrate PKI crypto ops (encrypt with public key,
 * decrypt with private key)
 *
 * No NSS db needed. The Public Key & Private Key to use are
 * sourced from a base64-encoded DER SubjectPublicKeyInfo structure,
 * and a base64-encoded DER PrivateKeyInfo structure.
 *
 * There is no attempt to link the public & private key together
 *
 * This example does not do any padding. It simply encrypts/decrypts a block
 * of length equal to modulus length of the public/private key.
 */


#include "nss.h"
#include "pk11pub.h"

#define BASE64_ENCODED_SUBJECTPUBLICKEYINFO "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL3F6TIc3JEYsugo+a2fPU3W+Epv/FeIX21DC86WYnpFtW4srFtz2oNUzyLUzDHZdb+k//8dcT3IAOzUUi3R2eMCAwEAAQ=="

#define BASE64_ENCODED_PRIVATEKEYINFO "MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAvcXpMhzckRiy6Cj5rZ89Tdb4Sm/8V4hfbUMLzpZiekW1biysW3Pag1TPItTMMdl1v6T//x1xPcgA7NRSLdHZ4wIDAQABAkEAjh8+4qncwcmGivnM6ytbpQT+k/jEOeXG2bQhjojvnXN3FazGCEFXvpuIBcJVfaIJS9YBCMOzzrAtO0+k2hWnOQIhAOC4NVbo8FQhZS4yXM1M86kMl47FA9ui//OUfbhlAdw1AiEA2DBmIXnsboKB+OHver69p0gNeWlvcJc9bjDVfdLVsLcCIQCPtV3vGYJv2vdwxqZQaHC+YB4gIGAqOqBCbmjD3lyFLQIgA+VTYdUNoqwtZWvE4gRf7IzK2V5CCNhg3gR5RGwxN58CIGCcafoRrUKsM66ISg0ITI04G9V/w+wMx91wjEEB+QBz"


int main(int argc, char **argv)
{
  SECStatus          rv;
  CERTCertificate   *cert = NULL;
  SECKEYPublicKey   *pubkey = NULL;
  CERTSubjectPublicKeyInfo *spki = NULL;
  SECKEYPrivateKey  *pvtkey = NULL;
  int                modulus_len, i, outlen;
  char              *buf1 = NULL;
  char              *buf2 = NULL;
  char              *pubkstr = BASE64_ENCODED_SUBJECTPUBLICKEYINFO;
  char              *pvtkstr = BASE64_ENCODED_PRIVATEKEYINFO;
  SECItem            der;
  SECItem            nickname;
  PK11SlotInfo      *slot = NULL;
 
  /* Initialize NSS
   * You need to explicitly authenticate to the internal token if you use
   * NSS_Init insteadf of NSS_NoDB_Init
   * Invoke this after getting the internal token handle
   *      PK11_Authenticate(slot, PR_FALSE, NULL);
   */
  rv = NSS_NoDB_Init(".");
  if (rv != SECSuccess)
  {
    fprintf(stderr, "NSS initialization failed (err %d)\n",
            PR_GetError());
    goto cleanup;
  }

  /* get internal slot */
  slot = PK11_GetInternalKeySlot();
  if (slot == NULL)
  {
    fprintf(stderr, "Couldn't find slot (err %d)\n", PR_GetError());
    goto cleanup;
  }
 
  rv = ATOB_ConvertAsciiToItem(&der, pubkstr);
  if (rv!= SECSuccess)
  {
    fprintf(stderr, "ATOB_ConvertAsciiToItem failed %d\n", PR_GetError());
    goto cleanup;
  }
  spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&der);
  SECITEM_FreeItem(&der, PR_FALSE);
  pubkey = SECKEY_ExtractPublicKey(spki);

  if (pubkey == NULL)
  {
    fprintf(stderr, "Couldn't extract public key (err %d)\n", PR_GetError());
    goto cleanup;
  }

  modulus_len = SECKEY_PublicKeyStrength(pubkey);
  fprintf(stderr, "Public Key Modulus %d bytes\n", modulus_len);
  buf1 = (char *)malloc(modulus_len);
  buf2 = (char *)malloc(modulus_len);

  /* initialize buf1 */
  for (i=0;i<modulus_len;i++)
  {
    buf1[i]= (i %26) + 'A';
  }
  buf1[modulus_len-1] = '\0';
  fprintf(stderr, "Buffer being encrypted = \n%s\n", buf1);

  /* encrypt buf1, result will be in buf2 */
  rv = PK11_PubEncryptRaw(pubkey, buf2, buf1, modulus_len, NULL);
  if (rv != SECSuccess)
  {
    fprintf(stderr, "Encrypt with Public Key failed (err %d)\n",
            PR_GetError());
    goto cleanup;
  }
 
  nickname.type = siBuffer;
  nickname.data = "pvtkeynickname";
  nickname.len = strlen("pvtkeynickname");
  rv = ATOB_ConvertAsciiToItem(&der, pvtkstr);
  if (rv!= SECSuccess)
  {
    fprintf(stderr, "ATOB_ConvertAsciiToItem failed %d\n", PR_GetError());
    goto cleanup;
  }

  /* KU_ALL includes a lot of different key usages, KU_DATA_ENCIPHERMENT
   * is enough for just RSA encryption.
   * publicValue arg (4th) can be NULL for RSA key - I think it is even
   * ignored
   */
  PK11_ImportDERPrivateKeyInfoAndReturnKey(slot, &der, NULL,
                                           NULL, PR_FALSE, PR_TRUE,
                                           KU_ALL, &pvtkey, NULL);
  SECITEM_FreeItem(&der, PR_FALSE);
     
  if (pvtkey == NULL)
  {
    fprintf(stderr, "Couldn't extract private key (err %d)\n", PR_GetError());
    goto cleanup;
  }

  /* clear buf1 */
  for (i=0;i<modulus_len;i++)
  {
    buf1[i]= '\0';
  }

  /* decrypt buf2, result will be in buf1 */
  rv = PK11_PubDecryptRaw(pvtkey, buf1, &outlen, modulus_len, buf2,
                          modulus_len);
  if (rv != SECSuccess)
  {
    fprintf(stderr, "Decrypt with Private Key failed (err %d)\n",
            PR_GetError());
    goto cleanup;
  }
 
  fprintf(stderr, "Result of decryption, outlen = %d\n", outlen);
  fprintf(stderr, "Result of decryption, buf = \n%s\n", buf1);

cleanup:
  if (cert)
    CERT_DestroyCertificate(cert);
  if (pubkey)
    SECKEY_DestroyPublicKey(pubkey);
  if (pvtkey)
    SECKEY_DestroyPrivateKey(pvtkey);
  if (spki)
    SECKEY_DestroySubjectPublicKeyInfo(spki);
  if (slot)
    PK11_FreeSlot(slot);
  if (buf1)
    free(buf1);
  if (buf2)
    free(buf2);                          
  exit(1);
}


99 NSS Sample Code sample6

/* Example code to illustrate generation of a secret symmetric key ring
 * that PERSISTS in the NSS database. The symmetric keys can then be used
 * without ever exposing them in the clear.
 *
 * To encrypt, you need the id of the key to use.
 * To decrypt, you need the ciphertext and the id of the key that was used
 * to encrypt
 *
 * Before running this example, create the NSS database
 *     certutil -N -d .
 * (enter "test" when prompted for password)
 */


#include "nss.h"
#include "pk11pub.h"

/* the key id can be any sequence of bytes. this example happens to use an
 * integer */
void genkey(int id);

/* this callback is responsible for returning the password to the NSS
 * key database. for example purposes, this function hardcodes the password.
 * In a real app, this function should obtain the password using secure means
 * such as prompting an operator, or retrieving it over a secure communication
 * channel
 */
char *passwdcb(PK11SlotInfo *info, PRBool retry, void *arg);


int main(int argc, char **argv)
{
  SECStatus rv;

  /* Initialize NSS */
  PK11_SetPasswordFunc(passwdcb);

  /* The NSS db must be initialized read-write since we'll be creating
   * keys in it. Once keys are generated, it can be opened without read-write
   * subsequently (NSS_Init).
   */
  rv = NSS_InitReadWrite(".");
  if (rv != SECSuccess)
  {
    fprintf(stderr, "NSS initialization failed (err %d)\n",
            PR_GetError());
    exit(1);
  }

  /* generate a key with id 1. should succeed on first run on a fresh db,
   * should fail on successive runs because key with that id already exists */
  genkey(1);

  /* generate a key with id 2. should succeed on first run on a fresh db,
   * should fail on successive runs because key with that id already exists */
  genkey(2);

  /* generate a key with id 1 - this will fail because key with that id
   * already exists */
  genkey(1);
}


void genkey(int id)
{
  PK11SlotInfo*  slot = NULL;
  PK11SymKey*    key = NULL;
  SECItem        keyiditem;
  int            keyid[1];
  CK_MECHANISM_TYPE cipherMech;
 
  /* using CKM_AES_CBC_PAD mechanism for example */
  cipherMech = CKM_AES_CBC_PAD;
 
   slot = PK11_GetInternalKeySlot();
  /* slot = PK11_GetBestSlot(cipherMech, NULL); didn't work.
   * Error code: token is read-only. ??
   */
  if (slot == NULL)
  {
    fprintf(stderr, "Unable to find security device (err %d)\n",
            PR_GetError());
    return;
  }

  keyid[0] = id;
  keyiditem.type = siBuffer;
  keyiditem.data = (void *)keyid;
  keyiditem.len = sizeof(keyid[0]);

  /* Note: keysize must be 0 for fixed key-length algorithms like DES.
   *       Since we're using AES in this example, we're specifying
   *       one of the valid keysizes (16, 24, 32)
   */
  key = PK11_TokenKeyGen(slot, cipherMech, 0, 32 /*keysize*/,
                         &keyiditem, PR_TRUE, 0);
  if (key == NULL)
  {
    fprintf(stderr, "PK11_TokenKeyGen failed (err %d)\n",
            PR_GetError());
    PK11_FreeSlot(slot);
    return;
  }

  fprintf(stderr, "key length of generated key is %d\n",
          PK11_GetKeyLength(key));
  fprintf(stderr, "mechanism of key is %d (asked for %d)\n",
          PK11_GetMechanism(key), cipherMech);

  PK11_FreeSymKey(key);


  key = PK11_FindFixedKey(slot, cipherMech, &keyiditem, 0);
  if (key == NULL)
  {
    fprintf(stderr, "PK11_FindFixedKey failed (err %d)\n",
            PR_GetError());
    PK11_FreeSlot(slot);
    return;
  }

  fprintf(stderr, "Found key!\n");
  fprintf(stderr, "key length of generated key is %d\n",
          PK11_GetKeyLength(key));
  fprintf(stderr, "mechanism of key is %d (asked for %d)\n",
          PK11_GetMechanism(key), cipherMech);

  PK11_FreeSymKey(key);

  PK11_FreeSlot(slot);
}

char *passwdcb(PK11SlotInfo *info, PRBool retry, void *arg)
{
  if (!retry)
    return PL_strdup("test");
  else
    return NULL;
}
100 sample1 Example, NSS
Technical review completed.
101 sample2
No summary!
102 NSS Tech Notes NSS
Newsgroup: mozilla.dev.tech.crypto
103 nss tech note1
The main non-streaming APIs for these two decoders have an identical prototype :
104 nss tech note2
The logger displays all activity between NSS and a specified PKCS #11 module. It works by inserting a special set of entry points between NSS and the module.
105 nss tech note3
No summary!
106 nss tech note4
No summary!
107 nss tech note5
Note: AES encryption, a fixed blocksize of 16 bytes is used. The Rijndael algorithm permits 3 blocksizes (16, 24, 32 bytes), but the AES standard requires the blocksize to be 16 bytes. The keysize can vary and these keysizes are permitted: 16, 24, 32 bytes.

You can also look at a sample program illustrating encryption
108 nss tech note6
The following applies to NSS 3.8 through 3.10 :
109 nss tech note7
This technical note explains how to use NSS to perform RSA signing and encryption. The industry standard for RSA signing and encryption is PKCS #1. NSS supports PKCS #1 v1.5. NSS doesn't yet support PKCS #1 v2.0 and v2.1, in particular OAEP, but OAEP support is on our to-do list. Your contribution is welcome.
110 nss tech note8
No summary!
111 NSS Tools NSS
Newsgroup: mozilla.dev.tech.crypto
112 NSS Tools certutil
The Certificate Database Tool is a command-line utility that can create and modify the Netscape Communicator cert8.db and key3.db database files. It can also list, generate, modify, or delete certificates within the cert8.db file and create or change the password, generate new public and private key pairs, display the contents of the key database, or delete key pairs within the key3.db file.
113 NSS Tools certutil-tasks
Newsgroup: mozilla.dev.tech.crypto
114 NSS Tools cmsutil
The cmsutil command-line utility uses the S/MIME Toolkit to perform basic operations, such as encryption and decryption, on Cryptographic Message Syntax (CMS) messages.
115 NSS Tools crlutil
Newsgroup: mozilla.dev.tech.crypto
116 NSS Tools dbck-tasks
Newsgroup: mozilla.dev.tech.crypto
117 NSS Tools modutil
The Security Module Database Tool is a command-line utility for managing PKCS #11 module information within secmod.db files or within hardware tokens. You can use the tool to add and delete PKCS #11 modules, change passwords, set defaults, list module contents, enable or disable slots, enable or disable FIPS 140-2 compliance, and assign default providers for cryptographic operations. This tool can also create key3.db, cert8.db, and secmod.db security database files.
118 NSS Tools modutil-tasks
Newsgroup: mozilla.dev.tech.crypto
119 NSS Tools pk12util
The PKCS #12 utility makes sharing of certificates among Enterprise server 3.x and any server (Netscape products or non-Netscape products) that supports PKCS#12 possible. The tool allows you to import certificates and keys from pkcs #12 files into NSS or export them and also list certificates and keys in such files.
120 NSS Tools pk12util-tasks
Newsgroup: mozilla.dev.tech.crypto
121 NSS Tools signver-tasks
No summary!
122 NSS Tools sslstrength
A simple command-line client which connects to an SSL-server, and reports back the encryption cipher and strength used.
123 NSS Tools ssltap
The SSL Debugging Tool is an SSL-aware command-line proxy. It watches TCP connections and displays the data going by. If a connection is SSL, the data display includes interpreted SSL records and handshaking.
124 NSS tools : cmsutil
Name

   cmsutil — Performs basic cryptograpic operations, such as encryption and
   decryption, on Cryptographic Message Syntax (CMS) messages.

Synopsis

   cmsutil [options] arguments

Description

   The cmsutil command-line uses the S/MIME Toolkit to perform basic
   operations, such as encryption and decryption, on Cryptographic Message
   Syntax (CMS) messages.

   To run cmsutil, type the command cmsutil option [arguments] where option
   and arguments are combinations of the options and arguments listed in the
   following section. Each command takes one option. Each option may take
   zero or more arguments. To see a usage string, issue the command without
   options.

Options and Arguments

   Options

   Options specify an action. Option arguments modify an action. The options
   and arguments for the cmsutil command are defined as follows:

   -D

           Decode a message.

   -C

           Encrypt a message.

   -E

           Envelope a message.

   -O

           Create a certificates-only message.

   -S

           Sign a message.

   Arguments

   Option arguments modify an action and are lowercase.

   -c content

           Use this detached content (decode only).

   -d dbdir

           Specify the key/certificate database directory (default is ".")

   -e envfile

           Specify a file containing an enveloped message for a set of
           recipients to which you would like to send an encrypted message.
           If this is the first encrypted message for that set of recipients,
           a new enveloped message will be created that you can then use for
           future messages (encrypt only).

   -G

           Include a signing time attribute (sign only).

   -h num

           Generate email headers with info about CMS message (decode only).

   -i infile

           Use infile as a source of data (default is stdin).

   -N nickname

           Specify nickname of certificate to sign with (sign only).

   -n

           Suppress output of contents (decode only).

   -o outfile

           Use outfile as a destination of data (default is stdout).

   -P

           Include an S/MIME capabilities attribute.

   -p password

           Use password as key database password.

   -r recipient1,recipient2, ...

           Specify list of recipients (email addresses) for an encrypted or
           enveloped message. For certificates-only message, list of
           certificates to send.

   -T

           Suppress content in CMS message (sign only).

   -u certusage

           Set type of cert usage (default is certUsageEmailSigner).

   -Y ekprefnick

           Specify an encryption key preference by nickname.

Usage

   Encrypt Example

 cmsutil -C [-i infile] [-o outfile] [-d dbdir] [-p password] -r "recipient1,recipient2, . . ." -e envfile


   Decode Example

 cmsutil -D [-i infile] [-o outfile] [-d dbdir] [-p password] [-c content] [-n] [-h num]


   Envelope Example

 cmsutil -E [-i infile] [-o outfile] [-d dbdir] [-p password] -r "recipient1,recipient2, ..."


   Certificate-only Example

 cmsutil -O [-i infile] [-o outfile] [-d dbdir] [-p password] -r "cert1,cert2, . . ."


   Sign Message Example

 cmsutil -S [-i infile] [-o outfile] [-d dbdir] [-p password] -N nickname[-TGP] [-Y ekprefnick]


See also

   certutil(1)

See Also

Additional Resources

   NSS is maintained in conjunction with PKI and security-related projects
   through Mozilla dn Fedora. The most closely-related project is Dogtag PKI,
   with a project wiki at [1]http://pki.fedoraproject.org/wiki/.

   For information specifically about NSS, the NSS project wiki is located at
   [2]http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates
   directly to NSS code changes and releases.

   Mailing lists: pki-devel@redhat.com and pki-users@redhat.com

   IRC: Freenode at #dogtag-pki

Authors

   The NSS tools were written and maintained by developers with Netscape and
   now with Red Hat.

   Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey
   <dlackey@redhat.com>.

Copyright

   (c) 2010, Red Hat, Inc. Licensed under the GNU Public License version 2.

References

   Visible links
   1. http://pki.fedoraproject.org/wiki/
   2. http://www.mozilla.org/projects/security/pki/nss/
125 NSS tools : crlutil
Name

   crlutil — List, generate, modify, or delete CRLs within the NSS security
   database file(s) and list, create, modify or delete certificates entries
   in a particular CRL.

Synopsis

   crlutil [options] arguments

Description

   The Certificate Revocation List (CRL) Management Tool, crlutil, is a
   command-line utility that can list, generate, modify, or delete CRLs
   within the NSS security database file(s) and list, create, modify or
   delete certificates entries in a particular CRL.

   The key and certificate management process generally begins with creating
   keys in the key database, then generating and managing certificates in the
   certificate database(see certutil tool) and continues with certificates
   expiration or revocation.

   This document discusses certificate revocation list management. For
   information on security module database management, see Using the Security
   Module Database Tool. For information on certificate and key database
   management, see Using the Certificate Database Tool.

   To run the Certificate Revocation List Management Tool, type the command

   crlutil option [arguments]

   where options and arguments are combinations of the options and arguments
   listed in the following section. Each command takes one option. Each
   option may take zero or more arguments. To see a usage string, issue the
   command without options, or with the -H option.

Options and Arguments

   Options

   Options specify an action. Option arguments modify an action. The options
   and arguments for the crlutil command are defined as follows:

   -G

           Create new Certificate Revocation List(CRL).

   -D

           Delete Certificate Revocation List from cert database.

   -I

           Import a CRL to the cert database

   -E

           Erase all CRLs of specified type from the cert database

   -L

           List existing CRL located in cert database file.

   -M

           Modify existing CRL which can be located in cert db or in
           arbitrary file. If located in file it should be encoded in ASN.1
           encode format.

   -G

   Arguments

   Option arguments modify an action and are lowercase.

   -B

           Bypass CA signature checks.

   -P dbprefix

           Specify the prefix used on the NSS security database files (for
           example, my_cert8.db and my_key3.db). This option is provided as a
           special case. Changing the names of the certificate and key
           databases is not recommended.

   -a

           Use ASCII format or allow the use of ASCII format for input and
           output. This formatting follows RFC #1113.

   -c crl-gen-file

           Specify script file that will be used to control crl
           generation/modification. See crl-cript-file format below. If
           options -M|-G is used and -c crl-script-file is not specified,
           crlutil will read script data from standard input.

   -d directory

           Specify the database directory containing the certificate and key
           database files. On Unix the Certificate Database Tool defaults to
           $HOME/.netscape (that is, ~/.netscape). On Windows NT the default
           is the current directory.

           The NSS database files must reside in the same directory.

   -i crl-import-file

           Specify the file which contains the CRL to import

   -f password-file

           Specify a file that will automatically supply the password to
           include in a certificate or to access a certificate database. This
           is a plain-text file containing one password. Be sure to prevent
           unauthorized access to this file.

   -l algorithm-name

           Specify a specific signature algorithm. List of possible
           algorithms: MD2 | MD4 | MD5 | SHA1 | SHA256 | SHA384 | SHA512

   -n nickname

           Specify the nickname of a certificate or key to list, create, add
           to a database, modify, or validate. Bracket the nickname string
           with quotation marks if it contains spaces.

   -o output-file

           Specify the output file name for new CRL. Bracket the output-file
           string with quotation marks if it contains spaces. If this
           argument is not used the output destination defaults to standard
           output.

   -t crl-type

           Specify type of CRL. possible types are: 0 - SEC_KRL_TYPE, 1 -
           SEC_CRL_TYPE. This option is obsolete

   -u url

           Specify the url.

CRL Generation script syntax

   CRL generation script file has the following syntax:

   * Line with comments should have # as a first symbol of a line

   * Set "this update" or "next update" CRL fields:

   update=YYYYMMDDhhmmssZ nextupdate=YYYYMMDDhhmmssZ

   Field "next update" is optional. Time should be in GeneralizedTime format
   (YYYYMMDDhhmmssZ). For example: 20050204153000Z

   * Add an extension to a CRL or a crl certificate entry:

   addext extension-name critical/non-critical [arg1[arg2 ...]]

   Where:

   extension-name: string value of a name of known extensions.
   critical/non-critical: is 1 when extension is critical and 0 otherwise.
   arg1, arg2: specific to extension type extension parameters

   addext uses the range that was set earlier by addcert and will install an
   extension to every cert entries within the range.

   * Add certificate entries(s) to CRL:

   addcert range date

   range: two integer values separated by dash: range of certificates that
   will be added by this command. dash is used as a delimiter. Only one cert
   will be added if there is no delimiter. date: revocation date of a cert.
   Date should be represented in GeneralizedTime format (YYYYMMDDhhmmssZ).

   * Remove certificate entry(s) from CRL

   rmcert range

   Where:

   range: two integer values separated by dash: range of certificates that
   will be added by this command. dash is used as a delimiter. Only one cert
   will be added if there is no delimiter.

   * Change range of certificate entry(s) in CRL

   range new-range

   Where:

   new-range: two integer values separated by dash: range of certificates
   that will be added by this command. dash is used as a delimiter. Only one
   cert will be added if there is no delimiter.

   Implemented Extensions

   The extensions defined for CRL provide methods for associating additional
   attributes with CRLs of theirs entries. For more information see RFC #3280

   * Add The Authority Key Identifier extension:

   The authority key identifier extension provides a means of identifying the
   public key corresponding to the private key used to sign a CRL.

   authKeyId critical [key-id | dn cert-serial]

   Where:

   authKeyIdent: identifies the name of an extension critical: value of 1 of
   0. Should be set to 1 if this extension is critical or 0 otherwise.
   key-id: key identifier represented in octet string. dn:: is a CA
   distinguished name cert-serial: authority certificate serial number.

   * Add Issuer Alternative Name extension:

   The issuer alternative names extension allows additional identities to be
   associated with the issuer of the CRL. Defined options include an rfc822
   name (electronic mail address), a DNS name, an IP address, and a URI.

   issuerAltNames non-critical name-list

   Where:

   subjAltNames: identifies the name of an extension should be set to 0 since
   this is non-critical extension name-list: comma separated list of names

   * Add CRL Number extension:

   The CRL number is a non-critical CRL extension which conveys a
   monotonically increasing sequence number for a given CRL scope and CRL
   issuer. This extension allows users to easily determine when a particular
   CRL supersedes another CRL

   crlNumber non-critical number

   Where:

   crlNumber: identifies the name of an extension critical: should be set to
   0 since this is non-critical extension number: value of long which
   identifies the sequential number of a CRL.

   * Add Revocation Reason Code extension:

   The reasonCode is a non-critical CRL entry extension that identifies the
   reason for the certificate revocation.

   reasonCode non-critical code

   Where:

   reasonCode: identifies the name of an extension non-critical: should be
   set to 0 since this is non-critical extension code: the following codes
   are available:

   unspecified (0), keyCompromise (1), cACompromise (2), affiliationChanged
   (3), superseded (4), cessationOfOperation (5), certificateHold (6),
   removeFromCRL (8), privilegeWithdrawn (9), aACompromise (10)

   * Add Invalidity Date extension:

   The invalidity date is a non-critical CRL entry extension that provides
   the date on which it is known or suspected that the private key was
   compromised or that the certificate otherwise became invalid.

   invalidityDate non-critical date

   Where:

   crlNumber: identifies the name of an extension non-critical: should be set
   to 0 since this is non-critical extension date: invalidity date of a cert.
   Date should be represented in GeneralizedTime format (YYYYMMDDhhmmssZ).

Usage

   The Certificate Revocation List Management Tool's capabilities are grouped
   as follows, using these combinations of options and arguments. Options and
   arguments in square brackets are optional, those without square brackets
   are required.

   See "Implemented extensions" for more information regarding extensions and
   their parameters.

   * Creating or modifying a CRL:

 crlutil -G|-M -c crl-gen-file -n nickname [-i crl] [-u url] [-d keydir] [-P dbprefix] [-l alg] [-a] [-B]


   * Listing all CRls or a named CRL:

         crlutil -L [-n crl-name] [-d krydir]


   * Deleting CRL from db:

         crlutil -D -n nickname [-d keydir] [-P dbprefix]


   * Erasing CRLs from db:

         crlutil -E [-d keydir] [-P dbprefix]


   * Deleting CRL from db:

           crlutil -D -n nickname [-d keydir] [-P dbprefix]


   * Erasing CRLs from db:

           crlutil -E [-d keydir] [-P dbprefix]


   * Import CRL from file:

           crlutil -I -i crl [-t crlType] [-u url] [-d keydir] [-P dbprefix] [-B]


See also

   certutil(1)

See Also

Additional Resources

   NSS is maintained in conjunction with PKI and security-related projects
   through Mozilla dn Fedora. The most closely-related project is Dogtag PKI,
   with a project wiki at [1]http://pki.fedoraproject.org/wiki/.

   For information specifically about NSS, the NSS project wiki is located at
   [2]http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates
   directly to NSS code changes and releases.

   Mailing lists: pki-devel@redhat.com and pki-users@redhat.com

   IRC: Freenode at #dogtag-pki

Authors

   The NSS tools were written and maintained by developers with Netscape and
   now with Red Hat.

   Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey
   <dlackey@redhat.com>.

Copyright

   (c) 2010, Red Hat, Inc. Licensed under the GNU Public License version 2.

References

   Visible links
   1. http://pki.fedoraproject.org/wiki/
   2. http://www.mozilla.org/projects/security/pki/nss/
126 NSS tools : modutil
Name

   modutil — Manage PKCS #11 module information within the security module
   database.

Synopsis

   modutil [options] arguments

Description

   The Security Module Database Tool, modutil, is a command-line utility for
   managing PKCS #11 module information both within secmod.db files and
   within hardware tokens. modutil can add and delete PKCS #11 modules,
   change passwords on security databases, set defaults, list module
   contents, enable or disable slots, enable or disable FIPS 140-2
   compliance, and assign default providers for cryptographic operations.
   This tool can also create certificate, key, and module security database
   files.

   The tasks associated with security module database management are part of
   a process that typically also involves managing key databases and
   certificate databases.

Options

   Running modutil always requires one (and only one) option to specify the
   type of module operation. Each option may take arguments, anywhere from
   none to multiple arguments.

   Options

   -add modulename

           Add the named PKCS #11 module to the database. Use this option
           with the -libfile, -ciphers, and -mechanisms arguments.

   -changepw tokenname

           Change the password on the named token. If the token has not been
           initialized, this option initializes the password. Use this option
           with the -pwfile and -newpwfile arguments. A password is
           equivalent to a personal identification number (PIN).

   -chkfips

           Verify whether the module is in the given FIPS mode. true means to
           verify that the module is in FIPS mode, while false means to
           verify that the module is not in FIPS mode.

   -create

           Create new certificate, key, and module databases. Use the -dbdir
           directory argument to specify a directory. If any of these
           databases already exist in a specified directory, modutil returns
           an error message.

   -default modulename

           Specify the security mechanisms for which the named module will be
           a default provider. The security mechanisms are specified with the
           -mechanisms argument.

   -delete modulename

           Delete the named module. The default NSS PKCS #11 module cannot be
           deleted.

   -disable modulename

           Disable all slots on the named module. Use the -slot argument to
           disable a specific slot.

   -enable modulename

           Enable all slots on the named module. Use the -slot argument to
           enable a specific slot.

   -fips [true | false]

           Enable (true) or disable (false) FIPS 140-2 compliance for the
           default NSS module.

   -force

           Disable modutil's interactive prompts so it can be run from a
           script. Use this option only after manually testing each planned
           operation to check for warnings and to ensure that bypassing the
           prompts will cause no security lapses or loss of database
           integrity.

   -jar JAR-file

           Add a new PKCS #11 module to the database using the named JAR
           file. Use this command with the -installdir and -tempdir
           arguments. The JAR file uses the NSS PKCS #11 JAR format to
           identify all the files to be installed, the module's name, the
           mechanism flags, and the cipher flags, as well as any files to be
           installed on the target machine, including the PKCS #11 module
           library file and other files such as documentation. This is
           covered in the JAR installation file section in the man page,
           which details the special script needed to perform an installation
           through a server or with modutil.

   -list [modulename]

           Display basic information about the contents of the secmod.db
           file. Specifying a modulename displays detailed information about
           a particular module and its slots and tokens.

   -rawadd

           Add the module spec string to the secmod.db database.

   -rawlist

           Display the module specs for a specified module or for all
           loadable modules.

   -undefault modulename

           Specify the security mechanisms for which the named module will
           not be a default provider. The security mechanisms are specified
           with the -mechanisms argument.

   Arguments

   MODULE

           Give the security module to access.

   MODULESPEC

           Give the security module spec to load into the security database.

   -ciphers cipher-enable-list

           Enable specific ciphers in a module that is being added to the
           database. The cipher-enable-list is a colon-delimited list of
           cipher names. Enclose this list in quotation marks if it contains
           spaces.

   -dbdir [sql:]directory

           Specify the database directory in which to access or create
           security module database files.

           modutil supports two types of databases: the legacy security
           databases (cert8.db, key3.db, and secmod.db) and new SQLite
           databases (cert9.db, key4.db, and pkcs11.txt). If the prefix sql:
           is not used, then the tool assumes that the given databases are in
           the old format.

   --dbprefix prefix

           Specify the prefix used on the database files, such as my_ for
           my_cert8.db. This option is provided as a special case. Changing
           the names of the certificate and key databases is not recommended.

   -installdir root-installation-directory

           Specify the root installation directory relative to which files
           will be installed by the -jar option. This directory should be one
           below which it is appropriate to store dynamic library files, such
           as a server's root directory.

   -libfile library-file

           Specify a path to a library file containing the implementation of
           the PKCS #11 interface module that is being added to the database.

   -mechanisms mechanism-list

           Specify the security mechanisms for which a particular module will
           be flagged as a default provider. The mechanism-list is a
           colon-delimited list of mechanism names. Enclose this list in
           quotation marks if it contains spaces.

           The module becomes a default provider for the listed mechanisms
           when those mechanisms are enabled. If more than one module claims
           to be a particular mechanism's default provider, that mechanism's
           default provider is undefined.

           modutil supports several mechanisms: RSA, DSA, RC2, RC4, RC5, AES,
           DES, DH, SHA1, SHA256, SHA512, SSL, TLS, MD5, MD2, RANDOM (for
           random number generation), and FRIENDLY (meaning certificates are
           publicly readable).

   -newpwfile new-password-file

           Specify a text file containing a token's new or replacement
           password so that a password can be entered automatically with the
           -changepw option.

   -nocertdb

           Do not open the certificate or key databases. This has several
           effects:

              o With the -create command, only a module security file is
                created; certificate and key databases are not created.

              o With the -jar command, signatures on the JAR file are not
                checked.

              o With the -changepw command, the password on the NSS internal
                module cannot be set or changed, since this password is
                stored in the key database.

   -pwfile old-password-file

           Specify a text file containing a token's existing password so that
           a password can be entered automatically when the -changepw option
           is used to change passwords.

   -secmod secmodname

           Give the name of the security module database (like secmod.db) to
           load.

   -slot slotname

           Specify a particular slot to be enabled or disabled with the
           -enable or -disable options.

   -string CONFIG_STRING

           Pass a configuration string for the module being added to the
           database.

   -tempdir temporary-directory

           Give a directory location where temporary files are created during
           the installation by the -jar option. If no temporary directory is
           specified, the current directory is used.

Usage and Examples

   Creating Database Files

   Before any operations can be performed, there must be a set of security
   databases available. modutil can be used to create these files. The only
   required argument is the database that where the databases will be
   located.

 modutil -create -dbdir [sql:]directory

   Adding a Cryptographic Module

   Adding a PKCS #11 module means submitting a supporting library file,
   enabling its ciphers, and setting default provider status for various
   security mechanisms. This can be done by supplying all of the information
   through modutil directly or by running a JAR file and install script. For
   the most basic case, simply upload the library:

 modutil -add modulename -libfile library-file [-ciphers cipher-enable-list] [-mechanisms mechanism-list]

   For example:

 modutil -dbdir sql:/home/my/sharednssdb -add "Example PKCS #11 Module" -libfile "/tmp/crypto.so" -mechanisms RSA:DSA:RC2:RANDOM

 Using database directory ...
 Module "Example PKCS #11 Module" added to database.

   Installing a Cryptographic Module from a JAR File

   PKCS #11 modules can also be loaded using a JAR file, which contains all
   of the required libraries and an installation script that describes how to
   install the module. The JAR install script is described in more detail in
   [1]the section called “JAR Installation File Format”.

   The JAR installation script defines the setup information for each
   platform that the module can be installed on. For example:

 Platforms {
    Linux:5.4.08:x86 {
       ModuleName { "Example PKCS #11 Module" }
       ModuleFile { crypto.so }
       DefaultMechanismFlags{0x0000}
       CipherEnableFlags{0x0000}
       Files {
          crypto.so {
             Path{ /tmp/crypto.so }
          }
          setup.sh {
             Executable
             Path{ /tmp/setup.sh }
          }
       }
    }
    Linux:6.0.0:x86 {
       EquivalentPlatform { Linux:5.4.08:x86 }
    }
 }

   Both the install script and the required libraries must be bundled in a
   JAR file, which is specified with the -jar argument.

 modutil -dbdir sql:/home/mt"jar-install-filey/sharednssdb -jar install.jar -installdir sql:/home/my/sharednssdb

 This installation JAR file was signed by:
 ----------------------------------------------

 **SUBJECT NAME**

 C=US, ST=California, L=Mountain View, CN=Cryptorific Inc., OU=Digital ID
 Class 3 - Netscape Object Signing, OU="www.verisign.com/repository/CPS
 Incorp. by Ref.,LIAB.LTD(c)9 6", OU=www.verisign.com/CPS Incorp.by Ref
 . LIABILITY LTD.(c)97 VeriSign, OU=VeriSign Object Signing CA - Class 3
 Organization, OU="VeriSign, Inc.", O=VeriSign Trust Network **ISSUER
 NAME**, OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97
 VeriSign, OU=VeriSign Object Signing CA - Class 3 Organization,
 OU="VeriSign, Inc.", O=VeriSign Trust Network
 ----------------------------------------------

 Do you wish to continue this installation? (y/n) y
 Using installer script "installer_script"
 Successfully parsed installation script
 Current platform is Linux:5.4.08:x86
 Using installation parameters for platform Linux:5.4.08:x86
 Installed file crypto.so to /tmp/crypto.so
 Installed file setup.sh to ./pk11inst.dir/setup.sh
 Executing "./pk11inst.dir/setup.sh"...
 "./pk11inst.dir/setup.sh" executed successfully
 Installed module "Example PKCS #11 Module" into module database

 Installation completed successfully

   Adding Module Spec

   Each module has information stored in the security database about its
   configuration and parameters. These can be added or edited using the
   -rawadd command. For the current settings or to see the format of the
   module spec in the database, use the -rawlist option.

 modutil -rawadd modulespec

   Deleting a Module

   A specific PKCS #11 module can be deleted from the secmod.db database:

 modutil -delete modulename -dbdir [sql:]directory

   Displaying Module Information

   The secmod.db database contains information about the PKCS #11 modules
   that are available to an application or server to use. The list of all
   modules, information about specific modules, and database configuration
   specs for modules can all be viewed.

   To simply get a list of modules in the database, use the -list command.

 modutil -list [modulename] -dbdir [sql:]directory

   Listing the modules shows the module name, their status, and other
   associated security databases for certificates and keys. For example:

 modutil -list -dbdir sql:/home/my/sharednssdb

 Listing of PKCS #11 Modules
 -----------------------------------------------------------
   1. NSS Internal PKCS #11 Module
          slots: 2 slots attached
         status: loaded

          slot: NSS Internal Cryptographic Services
         token: NSS Generic Crypto Services

          slot: NSS User Private Key and Certificate Services
         token: NSS Certificate DB
 -----------------------------------------------------------

   Passing a specific module name with the -list returns details information
   about the module itself, like supported cipher mechanisms, version
   numbers, serial numbers, and other information about the module and the
   token it is loaded on. For example:

  modutil -list "NSS Internal PKCS #11 Module" -dbdir sql:/home/my/sharednssdb

 -----------------------------------------------------------
 Name: NSS Internal PKCS #11 Module
 Library file: **Internal ONLY module**
 Manufacturer: Mozilla Foundation
 Description: NSS Internal Crypto Services
 PKCS #11 Version 2.20
 Library Version: 3.11
 Cipher Enable Flags: None
 Default Mechanism Flags: RSA:RC2:RC4:DES:DH:SHA1:MD5:MD2:SSL:TLS:AES

   Slot: NSS Internal Cryptographic Services
   Slot Mechanism Flags: RSA:RC2:RC4:DES:DH:SHA1:MD5:MD2:SSL:TLS:AES
   Manufacturer: Mozilla Foundation
   Type: Software
   Version Number: 3.11
   Firmware Version: 0.0
   Status: Enabled
   Token Name: NSS Generic Crypto Services
   Token Manufacturer: Mozilla Foundation
   Token Model: NSS 3
   Token Serial Number: 0000000000000000
   Token Version: 4.0
   Token Firmware Version: 0.0
   Access: Write Protected
   Login Type: Public (no login required)
   User Pin: NOT Initialized

   Slot: NSS User Private Key and Certificate Services
   Slot Mechanism Flags: None
   Manufacturer: Mozilla Foundation
   Type: Software
   Version Number: 3.11
   Firmware Version: 0.0
   Status: Enabled
   Token Name: NSS Certificate DB
   Token Manufacturer: Mozilla Foundation
   Token Model: NSS 3
   Token Serial Number: 0000000000000000
   Token Version: 8.3
   Token Firmware Version: 0.0
   Access: NOT Write Protected
   Login Type: Login required
   User Pin: Initialized

   A related command, -rawlist returns information about the database
   configuration for the modules. (This information can be edited by loading
   new specs using the -rawadd command.)

  modutil -rawlist -dbdir sql:/home/my/sharednssdb
  name="NSS Internal PKCS #11 Module" parameters="configdir=. certPrefix= keyPrefix= secmod=secmod.db flags=readOnly " NSS="trustOrder=75 cipherOrder=100 slotParams={0x00000001=[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM askpw=any timeout=30 ] }  Flags=internal,critical"

   Setting a Default Provider for Security Mechanisms

   Multiple security modules may provide support for the same security
   mechanisms. It is possible to set a specific security module as the
   default provider for a specific security mechanism (or, conversely, to
   prohibit a provider from supplying those mechanisms).

 modutil -default modulename -mechanisms mechanism-list

   To set a module as the default provider for mechanisms, use the -default
   command with a colon-separated list of mechanisms. The available
   mechanisms depend on the module; NSS supplies almost all common
   mechanisms. For example:

 modutil -default "NSS Internal PKCS #11 Module" -dbdir -mechanisms RSA:DSA:RC2

 Using database directory c:\databases...

 Successfully changed defaults.

   Clearing the default provider has the same format:

 modutil -undefault "NSS Internal PKCS #11 Module" -dbdir -mechanisms MD2:MD5

   Enabling and Disabling Modules and Slots

   Modules, and specific slots on modules, can be selectively enabled or
   disabled using modutil. Both commands have the same format:

 modutil -enable|-disable modulename [-slot slotname]

   For example:

 modutil -enable "NSS Internal PKCS #11 Module" -slot "NSS Internal Cryptographic Services                            " -dbdir .

 Slot "NSS Internal Cryptographic Services                            " enabled.

   Be sure that the appropriate amount of trailing whitespace is after the
   slot name. Some slot names have a significant amount of whitespace that
   must be included, or the operation will fail.

   Enabling and Verifying FIPS Compliance

   The NSS modules can have FIPS 140-2 compliance enabled or disabled using
   modutil with the -fips option. For example:

 modutil -fips true -dbdir sql:/home/my/sharednssdb/

 FIPS mode enabled.

   To verify that status of FIPS mode, run the -chkfips command with either a
   true or false flag (it doesn't matter which). The tool returns the current
   FIPS setting.

 modutil -chkfips false -dbdir sql:/home/my/sharednssdb/

 FIPS mode enabled.

   Changing the Password on a Token

   Initializing or changing a token's password:

 modutil -changepw tokenname [-pwfile old-password-file] [-newpwfile new-password-file]

 modutil -dbdir sql:/home/my/sharednssdb -changepw "NSS Certificate DB"

 Enter old password:
 Incorrect password, try again...
 Enter old password:
 Enter new password:
 Re-enter new password:
 Token "Communicator Certificate DB" password changed successfully.

JAR Installation File Format

   When a JAR file is run by a server, by modutil, or by any program that
   does not interpret JavaScript, a special information file must be included
   to install the libraries. There are several things to keep in mind with
   this file:

     o It must be declared in the JAR archive's manifest file.

     o The script can have any name.

     o The metainfo tag for this is Pkcs11_install_script. To declare
       meta-information in the manifest file, put it in a file that is passed
       to signtool.

   Sample Script

   For example, the PKCS #11 installer script could be in the file
   pk11install. If so, the metainfo file for signtool includes a line such as
   this:

 + Pkcs11_install_script: pk11install

   The script must define the platform and version number, the module name
   and file, and any optional information like supported ciphers and
   mechanisms. Multiple platforms can be defined in a single install file.

 ForwardCompatible { IRIX:6.2:mips SUNOS:5.5.1:sparc }
 Platforms {
    WINNT::x86 {
       ModuleName { "Example Module" }
       ModuleFile { win32/fort32.dll }
       DefaultMechanismFlags{0x0001}
       DefaultCipherFlags{0x0001}
       Files {
          win32/setup.exe {
             Executable
             RelativePath { %temp%/setup.exe }
          }
          win32/setup.hlp {
             RelativePath { %temp%/setup.hlp }
          }
          win32/setup.cab {
             RelativePath { %temp%/setup.cab }
          }
       }
    }
    WIN95::x86 {
       EquivalentPlatform {WINNT::x86}
    }
    SUNOS:5.5.1:sparc {
       ModuleName { "Example UNIX Module" }
       ModuleFile { unix/fort.so }
       DefaultMechanismFlags{0x0001}
       CipherEnableFlags{0x0001}
       Files {
          unix/fort.so {
             RelativePath{%root%/lib/fort.so}
             AbsolutePath{/usr/local/netscape/lib/fort.so}
             FilePermissions{555}
          }
          xplat/instr.html {
             RelativePath{%root%/docs/inst.html}
             AbsolutePath{/usr/local/netscape/docs/inst.html}
             FilePermissions{555}
          }
       }
    }
    IRIX:6.2:mips {
       EquivalentPlatform { SUNOS:5.5.1:sparc }
    }
 }

   Script Grammar

   The script is basic Java, allowing lists, key-value pairs, strings, and
   combinations of all of them.

 --> valuelist

 valuelist --> value valuelist
                <null>

 value ---> key_value_pair
             string

 key_value_pair --> key { valuelist }

 key --> string

 string --> simple_string
             "complex_string"

 simple_string --> [^ \t\n\""{""}"]+

 complex_string --> ([^\"\\\r\n]|(\\\")|(\\\\))+

   Quotes and backslashes must be escaped with a backslash. A complex string
   must not include newlines or carriage returns.Outside of complex strings,
   all white space (for example, spaces, tabs, and carriage returns) is
   considered equal and is used only to delimit tokens.

   Keys

   The Java install file uses keys to define the platform and module
   information.

   ForwardCompatible gives a list of platforms that are forward compatible.
   If the current platform cannot be found in the list of supported
   platforms, then the ForwardCompatible list is checked for any platforms
   that have the same OS and architecture in an earlier version. If one is
   found, its attributes are used for the current platform.

   Platforms (required) Gives a list of platforms. Each entry in the list is
   itself a key-value pair: the key is the name of the platform and the value
   list contains various attributes of the platform. The platform string is
   in the format system name:OS release:architecture. The installer obtains
   these values from NSPR. OS release is an empty string on non-Unix
   operating systems. NSPR supports these platforms:

     o AIX (rs6000)

     o BSDI (x86)

     o FREEBSD (x86)

     o HPUX (hppa1.1)

     o IRIX (mips)

     o LINUX (ppc, alpha, x86)

     o MacOS (PowerPC)

     o NCR (x86)

     o NEC (mips)

     o OS2 (x86)

     o OSF (alpha)

     o ReliantUNIX (mips)

     o SCO (x86)

     o SOLARIS (sparc)

     o SONY (mips)

     o SUNOS (sparc)

     o UnixWare (x86)

     o WIN16 (x86)

     o WIN95 (x86)

     o WINNT (x86)

   For example:

 IRIX:6.2:mips
 SUNOS:5.5.1:sparc
 Linux:2.0.32:x86
 WIN95::x86

   The module information is defined independently for each platform in the
   ModuleName, ModuleFile, and Files attributes. These attributes must be
   given unless an EquivalentPlatform attribute is specified.

   Per-Platform Keys

   Per-platform keys have meaning only within the value list of an entry in
   the Platforms list.

   ModuleName (required) gives the common name for the module. This name is
   used to reference the module by servers and by the modutil tool.

   ModuleFile (required) names the PKCS #11 module file for this platform.
   The name is given as the relative path of the file within the JAR archive.

   Files (required) lists the files that need to be installed for this
   module. Each entry in the file list is a key-value pair. The key is the
   path of the file in the JAR archive, and the value list contains
   attributes of the file. At least RelativePath or AbsolutePath must be
   specified for each file.

   DefaultMechanismFlags specifies mechanisms for which this module is the
   default provider; this is equivalent to the -mechanism option with the
   -add command. This key-value pair is a bitstring specified in hexadecimal
   (0x) format. It is constructed as a bitwise OR. If the
   DefaultMechanismFlags entry is omitted, the value defaults to 0x0.

 RSA:                   0x00000001
 DSA:                   0x00000002
 RC2:                   0x00000004
 RC4:                   0x00000008
 DES:                   0x00000010
 DH:                    0x00000020
 FORTEZZA:              0x00000040
 RC5:                   0x00000080
 SHA1:                  0x00000100
 MD5:                   0x00000200
 MD2:                   0x00000400
 RANDOM:                0x08000000
 FRIENDLY:              0x10000000
 OWN_PW_DEFAULTS:       0x20000000
 DISABLE:               0x40000000

   CipherEnableFlags specifies ciphers that this module provides that NSS
   does not provide (so that the module enables those ciphers for NSS). This
   is equivalent to the -cipher argument with the -add command. This key is a
   bitstring specified in hexadecimal (0x) format. It is constructed as a
   bitwise OR. If the CipherEnableFlags entry is omitted, the value defaults
   to 0x0.

   EquivalentPlatform specifies that the attributes of the named platform
   should also be used for the current platform. This makes it easier when
   more than one platform uses the same settings.

   Per-File Keys

   Some keys have meaning only within the value list of an entry in a Files
   list.

   Each file requires a path key the identifies where the file is. Either
   RelativePath or AbsolutePath must be specified. If both are specified, the
   relative path is tried first, and the absolute path is used only if no
   relative root directory is provided by the installer program.

   RelativePath specifies the destination directory of the file, relative to
   some directory decided at install time. Two variables can be used in the
   relative path: %root% and %temp%. %root% is replaced at run time with the
   directory relative to which files should be installed; for example, it may
   be the server's root directory. The %temp% directory is created at the
   beginning of the installation and destroyed at the end. The purpose of
   %temp% is to hold executable files (such as setup programs) or files that
   are used by these programs. Files destined for the temporary directory are
   guaranteed to be in place before any executable file is run; they are not
   deleted until all executable files have finished.

   AbsolutePath specifies the destination directory of the file as an
   absolute path.

   Executable specifies that the file is to be executed during the course of
   the installation. Typically, this string is used for a setup program
   provided by a module vendor, such as a self-extracting setup executable.
   More than one file can be specified as executable, in which case the files
   are run in the order in which they are specified in the script file.

   FilePermissions sets permissions on any referenced files in a string of
   octal digits, according to the standard Unix format. This string is a
   bitwise OR.

 user read:                0400
 user write:               0200
 user execute:             0100
 group read:               0040
 group write:              0020
 group execute:            0010
 other read:               0004
 other write:              0002
 other execute:       0001

   Some platforms may not understand these permissions. They are applied only
   insofar as they make sense for the current platform. If this attribute is
   omitted, a default of 777 is assumed.

NSS Database Types

   NSS originally used BerkeleyDB databases to store security information.
   The last versions of these legacy databases are:

     o cert8.db for certificates

     o key3.db for keys

     o secmod.db for PKCS #11 module information

   BerkeleyDB has performance limitations, though, which prevent it from
   being easily used by multiple applications simultaneously. NSS has some
   flexibility that allows applications to use their own, independent
   database engine while keeping a shared database and working around the
   access issues. Still, NSS requires more flexibility to provide a truly
   shared security database.

   In 2009, NSS introduced a new set of databases that are SQLite databases
   rather than BerkleyDB. These new databases provide more accessibility and
   performance:

     o cert9.db for certificates

     o key4.db for keys

     o pkcs11.txt, which is listing of all of the PKCS #11 modules contained
       in a new subdirectory in the security databases directory

   Because the SQLite databases are designed to be shared, these are the
   shared database type. The shared database type is preferred; the legacy
   format is included for backward compatibility.

   By default, the tools (certutil, pk12util, modutil) assume that the given
   security databases follow the more common legacy type. Using the SQLite
   databases must be manually specified by using the sql: prefix with the
   given security directory. For example:

 modutil -create -dbdir sql:/home/my/sharednssdb

   To set the shared database type as the default type for the tools, set the
   NSS_DEFAULT_DB_TYPE environment variable to sql:

 export NSS_DEFAULT_DB_TYPE="sql"

   This line can be set added to the ~/.bashrc file to make the change
   permanent.

   Most applications do not use the shared database by default, but they can
   be configured to use them. For example, this how-to article covers how to
   configure Firefox and Thunderbird to use the new shared NSS databases:

     o https://wiki.mozilla.org/NSS_Shared_DB_Howto

   For an engineering draft on the changes in the shared NSS databases, see
   the NSS project wiki:

     o https://wiki.mozilla.org/NSS_Shared_DB

See Also

   certutil (1)

   pk12util (1)

   signtool (1)

   The NSS wiki has information on the new database design and how to
   configure applications to use it.

     o https://wiki.mozilla.org/NSS_Shared_DB_Howto

     o https://wiki.mozilla.org/NSS_Shared_DB

Additional Resources

   For information about NSS and other tools related to NSS (like JSS), check
   out the NSS project wiki at
   [2]http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates
   directly to NSS code changes and releases.

   Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto

   IRC: Freenode at #dogtag-pki

Authors

   The NSS tools were written and maintained by developers with Netscape, Red
   Hat, and Sun.

   Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey
   <dlackey@redhat.com>.

Copyright

   (c) 2010, Red Hat, Inc. Licensed under the GNU Public License version 2.

References

   Visible links
   1. JAR Installation File Format
    file:///tmp/xmlto.6gGxS0/modutil.pro...r-install-file
   2. http://www.mozilla.org/projects/security/pki/nss/
127 NSS tools : pk12util
Name

   pk12util — Export and import keys and certificate to or from a PKCS #12
   file and the NSS database

Synopsis

   pk12util [-i p12File [-h tokenname] [-v] [common-options] ] [ -l p12File
   [-h tokenname] [-r] [common-options] ] [ -o p12File -n certname [-c
   keyCipher] [-C certCipher] [-m|--key_len keyLen] [-n|--cert_key_len
   certKeyLen] [common-options] ] [ common-options are: [-d [sql:]directory]
   [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w
   p12filePasswordFile|-W p12filePassword] ]

Description

   The PKCS #12 utility, pk12util, enables sharing certificates among any
   server that supports PKCS#12. The tool can import certificates and keys
   from PKCS#12 files into security databases, export certificates, and list
   certificates and keys.

Options and Arguments

   Options

   -i p12file

           Import keys and certificates from a PKCS#12 file into a security
           database.

   -l p12file

           List the keys and certificates in PKCS#12 file.

   -o p12file

           Export keys and certificates from the security database to a
           PKCS#12 file.

   Arguments

   -n certname

           Specify the nickname of the cert and private key to export.

   -d [sql:]directory

           Specify the database directory into which to import to or export
           from certificates and keys.

           pk12util supports two types of databases: the legacy security
           databases (cert8.db, key3.db, and secmod.db) and new SQLite
           databases (cert9.db, key4.db, and pkcs11.txt). If the prefix sql:
           is not used, then the tool assumes that the given databases are in
           the old format.

   -P prefix

           Specify the prefix used on the certificate and key databases. This
           option is provided as a special case. Changing the names of the
           certificate and key databases is not recommended.

   -h tokenname

           Specify the name of the token to import into or export from.

   -v

           Enable debug logging when importing.

   -k slotPasswordFile

           Specify the text file containing the slot's password.

   -K slotPassword

           Specify the slot's password.

   -w p12filePasswordFile

           Specify the text file containing the pkcs #12 file password.

   -W p12filePassword

           Specify the pkcs #12 file password.

   -c keyCipher

           Specify the key encryption algorithm.

   -C certCipher

           Specify the key cert (overall package) encryption algorithm.

   -m | --key-len keyLength

           Specify the desired length of the symmetric key to be used to
           encrypt the private key.

   -n | --cert-key-len certKeyLength

           Specify the desired length of the symmetric key to be used to
           encrypt the certificates and other meta-data.

   -r

           Dumps all of the data in raw (binary) form. This must be saved as
           a DER file. The default is to return information in a pretty-print
           ASCII format, which displays the information about the
           certificates and public keys in the p12 file.

Return Codes

     o 0 - No error

     o 1 - User Cancelled

     o 2 - Usage error

     o 6 - NLS init error

     o 8 - Certificate DB open error

     o 9 - Key DB open error

     o 10 - File initialization error

     o 11 - Unicode conversion error

     o 12 - Temporary file creation error

     o 13 - PKCS11 get slot error

     o 14 - PKCS12 decoder start error

     o 15 - error read from import file

     o 16 - pkcs12 decode error

     o 17 - pkcs12 decoder verify error

     o 18 - pkcs12 decoder validate bags error

     o 19 - pkcs12 decoder import bags error

     o 20 - key db conversion version 3 to version 2 error

     o 21 - cert db conversion version 7 to version 5 error

     o 22 - cert and key dbs patch error

     o 23 - get default cert db error

     o 24 - find cert by nickname error

     o 25 - create export context error

     o 26 - PKCS12 add password itegrity error

     o 27 - cert and key Safes creation error

     o 28 - PKCS12 add cert and key error

     o 29 - PKCS12 encode error

Examples

   Importing Keys and Certificates

   The most basic usage of pk12util for importing a certificate or key is the
   PKCS#12 input file (-i) and some way to specify the security database
   being accessed (either -d for a directory or -h for a token).

 pk12util -i p12File [-h tokenname] [-v] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]

   For example:

 # pk12util -i /tmp/cert-files/users.p12 -d sql:/home/my/sharednssdb

 Enter a password which will be used to encrypt your keys.
 The password should be at least 8 characters long,
 and should contain at least one non-alphabetic character.

 Enter new password:
 Re-enter password:
 Enter password for PKCS12 file:
 pk12util: PKCS12 IMPORT SUCCESSFUL

   Exporting Keys and Certificates

   Using the pk12util command to export certificates and keys requires both
   the name of the certificate to extract from the database (-n) and the
   PKCS#12-formatted output file to write to. There are optional parameters
   that can be used to encrypt the file to protect the certificate material.

 pk12util -o p12File -n certname [-c keyCipher] [-C certCipher] [-m|--key_len keyLen] [-n|--cert_key_len certKeyLen] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]

   For example:

 # pk12util -o certs.p12 -n Server-Cert -d sql:/home/my/sharednssdb
 Enter password for PKCS12 file:
 Re-enter password:

   Listing Keys and Certificates

   The information in a .p12 file are not human-readable. The certificates
   and keys in the file can be printed (listed) in a human-readable
   pretty-print format that shows information for every certificate and any
   public keys in the .p12 file.

 pk12util -l p12File [-h tokenname] [-r] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]

   For example, this prints the default ASCII output:

 # pk12util -l certs.p12

 Enter password for PKCS12 file:
 Key(shrouded):
     Friendly Name: Thawte Freemail Member's Thawte Consulting (Pty) Ltd. ID

     Encryption algorithm: PKCS #12 V2 PBE With SHA-1 And 3KEY Triple DES-CBC
         Parameters:
             Salt:
                 45:2e:6a:a0:03:4d:7b:a1:63:3c:15:ea:67:37:62:1f
             Iteration Count: 1 (0x1)
 Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number: 13 (0xd)
         Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
         Issuer: "E=personal-freemail@thawte.com,CN=Thawte Personal Freemail C
             A,OU=Certification Services Division,O=Thawte Consulting,L=Cape T
             own,ST=Western Cape,C=ZA"
 ....

   Alternatively, the -r prints the certificates and then exports them into
   separate DER binary files. This allows the certificates to be fed to
   another application that supports .p12 files. Each certificate is written
   to a sequentially-number file, beginning with file0001.der and continuing
   through file000N.der, incrementing the number for every certificate:

 # pk12util -l test.p12 -r
 Enter password for PKCS12 file:
 Key(shrouded):
     Friendly Name: Thawte Freemail Member's Thawte Consulting (Pty) Ltd. ID

     Encryption algorithm: PKCS #12 V2 PBE With SHA-1 And 3KEY Triple DES-CBC
         Parameters:
             Salt:
                 45:2e:6a:a0:03:4d:7b:a1:63:3c:15:ea:67:37:62:1f
             Iteration Count: 1 (0x1)
 Certificate    Friendly Name: Thawte Personal Freemail Issuing CA - Thawte Consulting

 Certificate    Friendly Name: Thawte Freemail Member's Thawte Consulting (Pty) Ltd. ID

Password Encryption

   PKCS#12 provides for not only the protection of the private keys but also
   the certificate and meta-data associated with the keys. Password-based
   encryption is used to protect private keys on export to a PKCS#12 file
   and, optionally, the entire package. If no algorithm is specified, the
   tool defaults to using PKCS12 V2 PBE with SHA1 and 3KEY Triple DES-cbc for
   private key encryption. PKCS12 V2 PBE with SHA1 and 40 Bit RC4 is the
   default for the overall package encryption when not in FIPS mode. When in
   FIPS mode, there is no package encryption.

   The private key is always protected with strong encryption by default.

   Several types of ciphers are supported.

   Symmetric CBC ciphers for PKCS#5 V2

           DES_CBC

              o RC2-CBC

              o RC5-CBCPad

              o DES-EDE3-CBC (the default for key encryption)

              o AES-128-CBC

              o AES-192-CBC

              o AES-256-CBC

              o CAMELLIA-128-CBC

              o CAMELLIA-192-CBC

              o CAMELLIA-256-CBC

   PKCS#12 PBE ciphers

           PKCS #12 PBE with Sha1 and 128 Bit RC4

              o PKCS #12 PBE with Sha1 and 40 Bit RC4

              o PKCS #12 PBE with Sha1 and Triple DES CBC

              o PKCS #12 PBE with Sha1 and 128 Bit RC2 CBC

              o PKCS #12 PBE with Sha1 and 40 Bit RC2 CBC

              o PKCS12 V2 PBE with SHA1 and 128 Bit RC4

              o PKCS12 V2 PBE with SHA1 and 40 Bit RC4 (the default for
                non-FIPS mode)

              o PKCS12 V2 PBE with SHA1 and 3KEY Triple DES-cbc

              o PKCS12 V2 PBE with SHA1 and 2KEY Triple DES-cbc

              o PKCS12 V2 PBE with SHA1 and 128 Bit RC2 CBC

              o PKCS12 V2 PBE with SHA1 and 40 Bit RC2 CBC

   PKCS#5 PBE ciphers

           PKCS #5 Password Based Encryption with MD2 and DES CBC

              o PKCS #5 Password Based Encryption with MD5 and DES CBC

              o PKCS #5 Password Based Encryption with SHA1 and DES CBC

   With PKCS#12, the crypto provider may be the soft token module or an
   external hardware module. If the cryptographic module does not support the
   requested algorithm, then the next best fit will be selected (usually the
   default). If no suitable replacement for the desired algorithm can be
   found, the tool returns the error no security module can perform the
   requested operation.

NSS Database Types

   NSS originally used BerkeleyDB databases to store security information.
   The last versions of these legacy databases are:

     o cert8.db for certificates

     o key3.db for keys

     o secmod.db for PKCS #11 module information

   BerkeleyDB has performance limitations, though, which prevent it from
   being easily used by multiple applications simultaneously. NSS has some
   flexibility that allows applications to use their own, independent
   database engine while keeping a shared database and working around the
   access issues. Still, NSS requires more flexibility to provide a truly
   shared security database.

   In 2009, NSS introduced a new set of databases that are SQLite databases
   rather than BerkleyDB. These new databases provide more accessibility and
   performance:

     o cert9.db for certificates

     o key4.db for keys

     o pkcs11.txt, which is listing of all of the PKCS #11 modules contained
       in a new subdirectory in the security databases directory

   Because the SQLite databases are designed to be shared, these are the
   shared database type. The shared database type is preferred; the legacy
   format is included for backward compatibility.

   By default, the tools (certutil, pk12util, modutil) assume that the given
   security databases follow the more common legacy type. Using the SQLite
   databases must be manually specified by using the sql: prefix with the
   given security directory. For example:

 # pk12util -i /tmp/cert-files/users.p12 -d sql:/home/my/sharednssdb

   To set the shared database type as the default type for the tools, set the
   NSS_DEFAULT_DB_TYPE environment variable to sql:

 export NSS_DEFAULT_DB_TYPE="sql"

   This line can be set added to the ~/.bashrc file to make the change
   permanent.

   Most applications do not use the shared database by default, but they can
   be configured to use them. For example, this how-to article covers how to
   configure Firefox and Thunderbird to use the new shared NSS databases:

     o https://wiki.mozilla.org/NSS_Shared_DB_Howto

   For an engineering draft on the changes in the shared NSS databases, see
   the NSS project wiki:

     o https://wiki.mozilla.org/NSS_Shared_DB

See Also

   certutil (1)

   modutil (1)

   The NSS wiki has information on the new database design and how to
   configure applications to use it.

     o https://wiki.mozilla.org/NSS_Shared_DB_Howto

     o https://wiki.mozilla.org/NSS_Shared_DB

Additional Resources

   For information about NSS and other tools related to NSS (like JSS), check
   out the NSS project wiki at
   [1]http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates
   directly to NSS code changes and releases.

   Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto

   IRC: Freenode at #dogtag-pki

Authors

   The NSS tools were written and maintained by developers with Netscape, Red
   Hat, and Sun.

   Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey
   <dlackey@redhat.com>.

Copyright

   (c) 2010, Red Hat, Inc. Licensed under the GNU Public License version 2.

References

   Visible links
   1. http://www.mozilla.org/projects/security/pki/nss/
128 NSS tools : signtool
Name

   signtool — Digitally sign objects and files.

Synopsis

   signtool [-k keyName] -h -H -l -L -M -v -w
   -G nickname -s size -b basename [[-c Compression
   Level] ] [[-d cert-dir] ] [[-i installer script] ] [[-m metafile] ] [[-x
   name] ] [[-f filename] ] [[-t|--token tokenname] ] [[-e extension] ] [[-o]
   ] [[-z] ] [[-X] ] [[--outfile] ] [[--verbose value] ] [[--norecurse] ]
   [[--leavearc] ] [[-j directory] ] [[-Z jarfile] ] [[-O] ] [[-p password] ]
   [directory-tree] [archive]

Description

   The Signing Tool, signtool, creates digital signatures and uses a Java
   Archive (JAR) file to associate the signatures with files in a directory.
   Electronic software distribution over any network involves potential
   security problems. To help address some of these problems, you can
   associate digital signatures with the files in a JAR archive. Digital
   signatures allow SSL-enabled clients to perform two important operations:

   * Confirm the identity of the individual, company, or other entity whose
   digital signature is associated with the files

   * Check whether the files have been tampered with since being signed

   If you have a signing certificate, you can use Netscape Signing Tool to
   digitally sign files and package them as a JAR file. An object-signing
   certificate is a special kind of certificate that allows you to associate
   your digital signature with one or more files.

   An individual file can potentially be signed with multiple digital
   signatures. For example, a commercial software developer might sign the
   files that constitute a software product to prove that the files are
   indeed from a particular company. A network administrator manager might
   sign the same files with an additional digital signature based on a
   company-generated certificate to indicate that the product is approved for
   use within the company.

   The significance of a digital signature is comparable to the significance
   of a handwritten signature. Once you have signed a file, it is difficult
   to claim later that you didn't sign it. In some situations, a digital
   signature may be considered as legally binding as a handwritten signature.
   Therefore, you should take great care to ensure that you can stand behind
   any file you sign and distribute.

   For example, if you are a software developer, you should test your code to
   make sure it is virus-free before signing it. Similarly, if you are a
   network administrator, you should make sure, before signing any code, that
   it comes from a reliable source and will run correctly with the software
   installed on the machines to which you are distributing it.

   Before you can use Netscape Signing Tool to sign files, you must have an
   object-signing certificate, which is a special certificate whose
   associated private key is used to create digital signatures. For testing
   purposes only, you can create an object-signing certificate with Netscape
   Signing Tool 1.3. When testing is finished and you are ready to
   disitribute your software, you should obtain an object-signing certificate
   from one of two kinds of sources:

   * An independent certificate authority (CA) that authenticates your
   identity and charges you a fee. You typically get a certificate from an
   independent CA if you want to sign software that will be distributed over
   the Internet.

   * CA server software running on your corporate intranet or extranet.
   Netscape Certificate Management System provides a complete management
   solution for creating, deploying, and managing certificates, including CAs
   that issue object-signing certificates.

   You must also have a certificate for the CA that issues your signing
   certificate before you can sign files. If the certificate authority's
   certificate isn't already installed in your copy of Communicator, you
   typically install it by clicking the appropriate link on the certificate
   authority's web site, for example on the page from which you initiated
   enrollment for your signing certificate. This is the case for some test
   certificates, as well as certificates issued by Netscape Certificate
   Management System: you must download the the CA certificate in addition to
   obtaining your own signing certificate. CA certificates for several
   certificate authorities are preinstalled in the Communicator certificate
   database.

   When you receive an object-signing certificate for your own use, it is
   automatically installed in your copy of the Communicator client software.
   Communicator supports the public-key cryptography standard known as PKCS
   #12, which governs key portability. You can, for example, move an
   object-signing certificate and its associated private key from one
   computer to another on a credit-card-sized device called a smart card.

Options

   -b basename

           Specifies the base filename for the .rsa and .sf files in the
           META-INF directory to conform with the JAR format. For example, -b
           signatures causes the files to be named signatures.rsa and
           signatures.sf. The default is signtool.

   -c#

           Specifies the compression level for the -J or -Z option. The
           symbol # represents a number from 0 to 9, where 0 means no
           compression and 9 means maximum compression. The higher the level
           of compression, the smaller the output but the longer the
           operation takes. If the -c# option is not used with either the -J
           or the -Z option, the default compression value used by both the
           -J and -Z options is 6.

   -d certdir

           Specifies your certificate database directory; that is, the
           directory in which you placed your key3.db and cert7.db files. To
           specify the current directory, use "-d." (including the period).
           The Unix version of signtool assumes ~/.netscape unless told
           otherwise. The NT version of signtool always requires the use of
           the -d option to specify where the database files are located.

   -e extension

           Tells signtool to sign only files with the given extension; for
           example, use -e".class" to sign only Java class files. Note that
           with Netscape Signing Tool version 1.1 and later this option can
           appear multiple times on one command line, making it possible to
           specify multiple file types or classes to include.

   -f commandfile

           Specifies a text file containing Netscape Signing Tool options and
           arguments in keyword=value format. All options and arguments can
           be expressed through this file. For more information about the
           syntax used with this file, see "Tips and Techniques".

   -i scriptname

           Specifies the name of an installer script for SmartUpdate. This
           script installs files from the JAR archive in the local system
           after SmartUpdate has validated the digital signature. For more
           details, see the description of -m that follows. The -i option
           provides a straightforward way to provide this information if you
           don't need to specify any metadata other than an installer script.

   -j directory

           Specifies a special JavaScript directory. This option causes the
           specified directory to be signed and tags its entries as inline
           JavaScript. This special type of entry does not have to appear in
           the JAR file itself. Instead, it is located in the HTML page
           containing the inline scripts. When you use signtool -v, these
           entries are displayed with the string NOT PRESENT.

   -k key ... directory

           Specifies the nickname (key) of the certificate you want to sign
           with and signs the files in the specified directory. The directory
           to sign is always specified as the last command-line argument.
           Thus, it is possible to write signtool -k MyCert -d . signdir You
           may have trouble if the nickname contains a single quotation mark.
           To avoid problems, escape the quotation mark using the escape
           conventions for your platform. It's also possible to use the -k
           option without signing any files or specifying a directory. For
           example, you can use it with the -l option to get detailed
           information about a particular signing certificate.

   -G nickname

           Generates a new private-public key pair and corresponding
           object-signing certificate with the given nickname. The newly
           generated keys and certificate are installed into the key and
           certificate databases in the directory specified by the -d option.
           With the NT version of Netscape Signing Tool, you must use the -d
           option with the -G option. With the Unix version of Netscape
           Signing Tool, omitting the -d option causes the tool to install
           the keys and certificate in the Communicator key and certificate
           databases. If you are installing the keys and certificate in the
           Communicator databases, you must exit Communicator before using
           this option; otherwise, you risk corrupting the databases. In all
           cases, the certificate is also output to a file named x509.cacert,
           which has the MIME-type application/x-x509-ca-cert. Unlike
           certificates normally used to sign finished code to be distributed
           over a network, a test certificate created with -G is not signed
           by a recognized certificate authority. Instead, it is self-signed.
           In addition, a single test signing certificate functions as both
           an object-signing certificate and a CA. When you are using it to
           sign objects, it behaves like an object-signing certificate. When
           it is imported into browser software such as Communicator, it
           behaves like an object-signing CA and cannot be used to sign
           objects. The -G option is available in Netscape Signing Tool 1.0
           and later versions only. By default, it produces only RSA
           certificates with 1024-byte keys in the internal token. However,
           you can use the -s option specify the required key size and the -t
           option to specify the token. For more information about the use of
           the -G option, see "Generating Test Object-Signing
           Certificates""Generating Test Object-Signing Certificates" on page
           1241.

   -l

           Lists signing certificates, including issuing CAs. If any of your
           certificates are expired or invalid, the list will so specify.
           This option can be used with the -k option to list detailed
           information about a particular signing certificate. The -l option
           is available in Netscape Signing Tool 1.0 and later versions only.

   -J

           Signs a directory of HTML files containing JavaScript and creates
           as many archive files as are specified in the HTML tags. Even if
           signtool creates more than one archive file, you need to supply
           the key database password only once. The -J option is available
           only in Netscape Signing Tool 1.0 and later versions. The -J
           option cannot be used at the same time as the -Z option. If the
           -c# option is not used with the -J option, the default compression
           value is 6. Note that versions 1.1 and later of Netscape Signing
           Tool correctly recognizes the CODEBASE attribute, allows paths to
           be expressed for the CLASS and SRC attributes instead of filenames
           only, processes LINK tags and parses HTML correctly, and offers
           clearer error messages.

   -L

           Lists the certificates in your database. An asterisk appears to
           the left of the nickname for any certificate that can be used to
           sign objects with signtool.

   --leavearc

           Retains the temporary .arc (archive) directories that the -J
           option creates. These directories are automatically erased by
           default. Retaining the temporary directories can be an aid to
           debugging.

   -m metafile

           Specifies the name of a metadata control file. Metadata is signed
           information attached either to the JAR archive itself or to files
           within the archive. This metadata can be any ASCII string, but is
           used mainly for specifying an installer script. The metadata file
           contains one entry per line, each with three fields: field #1:
           file specification, or + if you want to specify global metadata
           (that is, metadata about the JAR archive itself or all entries in
           the archive) field #2: the name of the data you are specifying;
           for example: Install-Script field #3: data corresponding to the
           name in field #2 For example, the -i option uses the equivalent of
           this line: + Install-Script: script.js This example associates a
           MIME type with a file: movie.qt MIME-Type: video/quicktime For
           information about the way installer script information appears in
           the manifest file for a JAR archive, see The JAR Format on
           Netscape DevEdge.

   -M

           Lists the PKCS #11 modules available to signtool, including smart
           cards. The -M option is available in Netscape Signing Tool 1.0 and
           later versions only. For information on using Netscape Signing
           Tool with smart cards, see "Using Netscape Signing Tool with Smart
           Cards". For information on using the -M option to verify
           FIPS-140-1 validated mode, see "Netscape Signing Tool and
           FIPS-140-1".

   --norecurse

           Blocks recursion into subdirectories when signing a directory's
           contents or when parsing HTML.

   -o

           Optimizes the archive for size. Use this only if you are signing
           very large archives containing hundreds of files. This option
           makes the manifest files (required by the JAR format) considerably
           smaller, but they contain slightly less information.

   --outfile outputfile

           Specifies a file to receive redirected output from Netscape
           Signing Tool.

   -p password

           Specifies a password for the private-key database. Note that the
           password entered on the command line is displayed as plain text.

   -s keysize

           Specifies the size of the key for generated certificate. Use the
           -M option to find out what tokens are available. The -s option can
           be used with the -G option only.

   -t token

           Specifies which available token should generate the key and
           receive the certificate. Use the -M option to find out what tokens
           are available. The -t option can be used with the -G option only.

   -v archive

           Displays the contents of an archive and verifies the cryptographic
           integrity of the digital signatures it contains and the files with
           which they are associated. This includes checking that the
           certificate for the issuer of the object-signing certificate is
           listed in the certificate database, that the CA's digital
           signature on the object-signing certificate is valid, that the
           relevant certificates have not expired, and so on.

   --verbosity value

           Sets the quantity of information Netscape Signing Tool generates
           in operation. A value of 0 (zero) is the default and gives full
           information. A value of -1 suppresses most messages, but not error
           messages.

   -w archive

           Displays the names of signers of any files in the archive.

   -x directory

           Excludes the specified directory from signing. Note that with
           Netscape Signing Tool version 1.1 and later this option can appear
           multiple times on one command line, making it possible to specify
           several particular directories to exclude.

   -z

           Tells signtool not to store the signing time in the digital
           signature. This option is useful if you want the expiration date
           of the signature checked against the current date and time rather
           than the time the files were signed.

   -Z jarfile

           Creates a JAR file with the specified name. You must specify this
           option if you want signtool to create the JAR file; it does not do
           so automatically. If you don't specify -Z, you must use an
           external ZIP tool to create the JAR file. The -Z option cannot be
           used at the same time as the -J option. If the -c# option is not
           used with the -Z option, the default compression value is 6.

The Command File Format

   Entries in a Netscape Signing Tool command file have this general format:
   keyword=value Everything before the = sign on a single line is a keyword,
   and everything from the = sign to the end of line is a value. The value
   may include = signs; only the first = sign on a line is interpreted. Blank
   lines are ignored, but white space on a line with keywords and values is
   assumed to be part of the keyword (if it comes before the equal sign) or
   part of the value (if it comes after the first equal sign). Keywords are
   case insensitive, values are generally case sensitive. Since the = sign
   and newline delimit the value, it should not be quoted.

   Subsection

   basename

           Same as -b option.

   compression

           Same as -c option.

   certdir

           Same as -d option.

   extension

           Same as -e option.

   generate

           Same as -G option.

   installscript

           Same as -i option.

   javascriptdir

           Same as -j option.

   htmldir

           Same as -J option.

   certname

           Nickname of certificate, as with -k and -l -k options.

   signdir

           The directory to be signed, as with -k option.

   list

           Same as -l option. Value is ignored, but = sign must be present.

   listall

           Same as -L option. Value is ignored, but = sign must be present.

   metafile

           Same as -m option.

   modules

           Same as -M option. Value is ignored, but = sign must be present.

   optimize

           Same as -o option. Value is ignored, but = sign must be present.

   password

           Same as -p option.

   keysize

           Same as -s option.

   token

           Same as -t option.

   verify

           Same as -v option.

   who

           Same as -w option.

   exclude

           Same as -x option.

   notime

           Same as -z option. value is ignored, but = sign must be present.

   jarfile

           Same as -Z option.

   outfile

           Name of a file to which output and error messages will be
           redirected. This option has no command-line equivalent.

Extended Examples

   The following example will do this and that

   Listing Available Signing Certificates

   You use the -L option to list the nicknames for all available certificates
   and check which ones are signing certificates.

 signtool -L

 using certificate directory: /u/jsmith/.netscape
 S Certificates
 - ------------
   BBN Certificate Services CA Root 1
   IBM World Registry CA
   VeriSign Class 1 CA - Individual Subscriber - VeriSign, Inc.
   GTE CyberTrust Root CA
   Uptime Group Plc. Class 4 CA
 * Verisign Object Signing Cert
   Integrion CA
   GTE CyberTrust Secure Server CA
   AT&T Directory Services
 * test object signing cert
   Uptime Group Plc. Class 1 CA
   VeriSign Class 1 Primary CA
 - ------------

 Certificates that can be used to sign objects have *'s to their left.

   Two signing certificates are displayed: Verisign Object Signing Cert and
   test object signing cert.

   You use the -l option to get a list of signing certificates only,
   including the signing CA for each.

 signtool -l

 using certificate directory: /u/jsmith/.netscape
 Object signing certificates
 ---------------------------------------

 Verisign Object Signing Cert
     Issued by: VeriSign, Inc. - Verisign, Inc.
     Expires: Tue May 19, 1998
 test object signing cert
     Issued by: test object signing cert (Signtool 1.0 Testing
 Certificate (960187691))
     Expires: Sun May 17, 1998
 ---------------------------------------

   For a list including CAs, use the -L option.

   Signing a File

   1. Create an empty directory.

 mkdir signdir

   2. Put some file into it.

 echo boo > signdir/test.f

   3. Specify the name of your object-signing certificate and sign the
   directory.

 signtool -k MySignCert -Z testjar.jar signdir

 using key "MySignCert"
 using certificate directory: /u/jsmith/.netscape
 Generating signdir/META-INF/manifest.mf file..
 --> test.f
 adding signdir/test.f to testjar.jar
 Generating signtool.sf file..
 Enter Password or Pin for "Communicator Certificate DB":

 adding signdir/META-INF/manifest.mf to testjar.jar
 adding signdir/META-INF/signtool.sf to testjar.jar
 adding signdir/META-INF/signtool.rsa to testjar.jar

 tree "signdir" signed successfully

   4. Test the archive you just created.

 signtool -v testjar.jar

 using certificate directory: /u/jsmith/.netscape
 archive "testjar.jar" has passed crypto verification.
            status   path
      ------------   -------------------
          verified   test.f

   Using Netscape Signing Tool with a ZIP Utility

   To use Netscape Signing Tool with a ZIP utility, you must have the utility
   in your path environment variable. You should use the zip.exe utility
   rather than pkzip.exe, which cannot handle long filenames. You can use a
   ZIP utility instead of the -Z option to package a signed archive into a
   JAR file after you have signed it:

 cd signdir

   zip -r ../myjar.jar *
   adding: META-INF/ (stored 0%)
   adding: META-INF/manifest.mf (deflated 15%)
   adding: META-INF/signtool.sf (deflated 28%)
   adding: META-INF/signtool.rsa (stored 0%)
   adding: text.txt (stored 0%)

   Generating the Keys and Certificate

   The signtool option -G generates a new public-private key pair and
   certificate. It takes the nickname of the new certificate as an argument.
   The newly generated keys and certificate are installed into the key and
   certificate databases in the directory specified by the -d option. With
   the NT version of Netscape Signing Tool, you must use the -d option with
   the -G option. With the Unix version of Netscape Signing Tool, omitting
   the -d option causes the tool to install the keys and certificate in the
   Communicator key and certificate databases. In all cases, the certificate
   is also output to a file named x509.cacert, which has the MIME-type
   application/x-x509-ca-cert.

   Certificates contain standard information about the entity they identify,
   such as the common name and organization name. Netscape Signing Tool
   prompts you for this information when you run the command with the -G
   option. However, all of the requested fields are optional for test
   certificates. If you do not enter a common name, the tool provides a
   default name. In the following example, the user input is in boldface:

 signtool -G MyTestCert

 using certificate directory: /u/someuser/.netscape
 Enter certificate information. All fields are optional. Acceptable
 characters are numbers, letters, spaces, and apostrophes.
 certificate common name: Test Object Signing Certificate
 organization: Netscape Communications Corp.
 organization unit: Server Products Division
 state or province: California
 country (must be exactly 2 characters): US
 username: someuser
 email address: someuser@netscape.com
 Enter Password or Pin for "Communicator Certificate DB": [Password will not echo]
 generated public/private key pair
 certificate request generated
 certificate has been signed
 certificate "MyTestCert" added to database
 Exported certificate to x509.raw and x509.cacert.

   The certificate information is read from standard input. Therefore, the
   information can be read from a file using the redirection operator (<) in
   some operating systems. To create a file for this purpose, enter each of
   the seven input fields, in order, on a separate line. Make sure there is a
   newline character at the end of the last line. Then run signtool with
   standard input redirected from your file as follows:

 signtool -G MyTestCert inputfile

   The prompts show up on the screen, but the responses will be automatically
   read from the file. The password will still be read from the console
   unless you use the -p option to give the password on the command line.

   Using the -M Option to List Smart Cards

   You can use the -M option to list the PKCS #11 modules, including smart
   cards, that are available to signtool:

 signtool -d "c:\netscape\users\jsmith" -M

 using certificate directory: c:\netscape\users\username
 Listing of PKCS11 modules
 -----------------------------------------------
         1. Netscape Internal PKCS #11 Module
                           (this module is internally loaded)
                           slots: 2 slots attached
                           status: loaded
           slot: Communicator Internal Cryptographic Services Version 4.0
          token: Communicator Generic Crypto Svcs
           slot: Communicator User Private Key and Certificate Services
          token: Communicator Certificate DB
         2. CryptOS
                           (this is an external module)
  DLL name: core32
          slots: 1 slots attached
         status: loaded
           slot: Litronic 210
          token:
         -----------------------------------------------

   Using Netscape Signing Tool and a Smart Card to Sign Files

   The signtool command normally takes an argument of the -k option to
   specify a signing certificate. To sign with a smart card, you supply only
   the fully qualified name of the certificate.

   To see fully qualified certificate names when you run Communicator, click
   the Security button in Navigator, then click Yours under Certificates in
   the left frame. Fully qualified names are of the format smart
   card:certificate, for example "MyCard:My Signing Cert". You use this name
   with the -k argument as follows:

 signtool -k "MyCard:My Signing Cert" directory

   Verifying FIPS Mode

   Use the -M option to verify that you are using the FIPS-140-1 module.

 signtool -d "c:\netscape\users\jsmith" -M

 using certificate directory: c:\netscape\users\jsmith
 Listing of PKCS11 modules
 -----------------------------------------------
   1. Netscape Internal PKCS #11 Module
           (this module is internally loaded)
           slots: 2 slots attached
           status: loaded
     slot: Communicator Internal Cryptographic Services Version 4.0
    token: Communicator Generic Crypto Svcs
     slot: Communicator User Private Key and Certificate Services
    token: Communicator Certificate DB
 -----------------------------------------------

   This Unix example shows that Netscape Signing Tool is using a FIPS-140-1
   module:

 signtool -d "c:\netscape\users\jsmith" -M
 using certificate directory: c:\netscape\users\jsmith
 Enter Password or Pin for "Communicator Certificate DB": [password will not echo]
 Listing of PKCS11 modules
 -----------------------------------------------
 1. Netscape Internal FIPS PKCS #11 Module
 (this module is internally loaded)
 slots: 1 slots attached
 status: loaded
 slot: Netscape Internal FIPS-140-1 Cryptographic Services
 token: Communicator Certificate DB
 -----------------------------------------------

See Also

   signver (1)

   The NSS wiki has information on the new database design and how to
   configure applications to use it.

     o https://wiki.mozilla.org/NSS_Shared_DB_Howto

     o https://wiki.mozilla.org/NSS_Shared_DB

Additional Resources

   For information about NSS and other tools related to NSS (like JSS), check
   out the NSS project wiki at
   [1]http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates
   directly to NSS code changes and releases.

   Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto

   IRC: Freenode at #dogtag-pki

Authors

   The NSS tools were written and maintained by developers with Netscape, Red
   Hat, and Sun.

   Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey
   <dlackey@redhat.com>.

Copyright

   (c) 2010, Red Hat, Inc. Licensed under the GNU Public License version 2.

References

   Visible links
   1. http://www.mozilla.org/projects/security/pki/nss/
129 NSS tools : signver
Name

   signver — Verify a detached PKCS#7 signature for a file.

Synopsis

   signtool -A | -V -d directory [-a] [-i input_file] [-o output_file] [-s
   signature_file] [-v]

Description

   The Signature Verification Tool, signver, is a simple command-line utility
   that unpacks a base-64-encoded PKCS#7 signed object and verifies the
   digital signature using standard cryptographic techniques. The Signature
   Verification Tool can also display the contents of the signed object.

Options

   -A

           Displays all of the information in the PKCS#7 signature.

   -V

           Verifies the digital signature.

   -d [sql:]directory

           Specify the database directory which contains the certificates and
           keys.

           signver supports two types of databases: the legacy security
           databases (cert8.db, key3.db, and secmod.db) and new SQLite
           databases (cert9.db, key4.db, and pkcs11.txt). If the prefix sql:
           is not used, then the tool assumes that the given databases are in
           the old format.

   -a

           Sets that the given signature file is in ASCII format.

   -i input_file

           Gives the input file for the object with signed data.

   -o output_file

           Gives the output file to which to write the results.

   -s signature_file

           Gives the input file for the digital signature.

   -v

           Enables verbose output.

Extended Examples

  Verifying a Signature

   The -V option verifies that the signature in a given signature file is
   valid when used to sign the given object (from the input file).

 signver -V -s signature_file -i signed_file -d sql:/home/my/sharednssdb

 signatureValid=yes

  Printing Signature Data

   The -A option prints all of the information contained in a signature file.
   Using the -o option prints the signature file information to the given
   output file rather than stdout.

 signver -A -s signature_file -o output_file

NSS Database Types

   NSS originally used BerkeleyDB databases to store security information.
   The last versions of these legacy databases are:

     o cert8.db for certificates

     o key3.db for keys

     o secmod.db for PKCS #11 module information

   BerkeleyDB has performance limitations, though, which prevent it from
   being easily used by multiple applications simultaneously. NSS has some
   flexibility that allows applications to use their own, independent
   database engine while keeping a shared database and working around the
   access issues. Still, NSS requires more flexibility to provide a truly
   shared security database.

   In 2009, NSS introduced a new set of databases that are SQLite databases
   rather than BerkleyDB. These new databases provide more accessibility and
   performance:

     o cert9.db for certificates

     o key4.db for keys

     o pkcs11.txt, which is listing of all of the PKCS #11 modules contained
       in a new subdirectory in the security databases directory

   Because the SQLite databases are designed to be shared, these are the
   shared database type. The shared database type is preferred; the legacy
   format is included for backward compatibility.

   By default, the tools (certutil, pk12util, modutil) assume that the given
   security databases follow the more common legacy type. Using the SQLite
   databases must be manually specified by using the sql: prefix with the
   given security directory. For example:

 # signver -A -s signature -d sql:/home/my/sharednssdb

   To set the shared database type as the default type for the tools, set the
   NSS_DEFAULT_DB_TYPE environment variable to sql:

 export NSS_DEFAULT_DB_TYPE="sql"

   This line can be set added to the ~/.bashrc file to make the change
   permanent.

   Most applications do not use the shared database by default, but they can
   be configured to use them. For example, this how-to article covers how to
   configure Firefox and Thunderbird to use the new shared NSS databases:

     o https://wiki.mozilla.org/NSS_Shared_DB_Howto

   For an engineering draft on the changes in the shared NSS databases, see
   the NSS project wiki:

     o https://wiki.mozilla.org/NSS_Shared_DB

See Also

   signtool (1)

   The NSS wiki has information on the new database design and how to
   configure applications to use it.

     o Setting up the shared NSS database

       https://wiki.mozilla.org/NSS_Shared_DB_Howto

     o Engineering and technical information about the shared NSS database

       https://wiki.mozilla.org/NSS_Shared_DB

Additional Resources

   For information about NSS and other tools related to NSS (like JSS), check
   out the NSS project wiki at
   [1]http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates
   directly to NSS code changes and releases.

   Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto

   IRC: Freenode at #dogtag-pki

Authors

   The NSS tools were written and maintained by developers with Netscape, Red
   Hat, and Sun.

   Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey
   <dlackey@redhat.com>.

Copyright

   (c) 2010, Red Hat, Inc. Licensed under the GNU Public License version 2.

References

   Visible links
   1. http://www.mozilla.org/projects/security/pki/nss/
130 NSS tools : ssltap
Name

   ssltap — Tap into SSL connections and display the data going by

Synopsis

   libssltap [-vhfsxl] [-p port] [hostname:port]

Description

   The SSL Debugging Tool ssltap is an SSL-aware command-line proxy. It
   watches TCP connections and displays the data going by. If a connection is
   SSL, the data display includes interpreted SSL records and handshaking

Options

   -v

           Print a version string for the tool.

   -h

           Turn on hex/ASCII printing. Instead of outputting raw data, the
           command interprets each record as a numbered line of hex values,
           followed by the same data as ASCII characters. The two parts are
           separated by a vertical bar. Nonprinting characters are replaced
           by dots.

   -f

           Turn on fancy printing. Output is printed in colored HTML. Data
           sent from the client to the server is in blue; the server's reply
           is in red. When used with looping mode, the different connections
           are separated with horizontal lines. You can use this option to
           upload the output into a browser.

   -s

           Turn on SSL parsing and decoding. The tool does not automatically
           detect SSL sessions. If you are intercepting an SSL connection,
           use this option so that the tool can detect and decode SSL
           structures.

           If the tool detects a certificate chain, it saves the DER-encoded
           certificates into files in the current directory. The files are
           named cert.0x, where x is the sequence number of the certificate.

           If the -s option is used with -h, two separate parts are printed
           for each record: the plain hex/ASCII output, and the parsed SSL
           output.

   -x

           Turn on hex/ASCII printing of undecoded data inside parsed SSL
           records. Used only with the -s option. This option uses the same
           output format as the -h option.

   -l prefix

           Turn on looping; that is, continue to accept connections rather
           than stopping after the first connection is complete.

   -p port

           Change the default rendezvous port (1924) to another port.

           The following are well-known port numbers:

           * HTTP 80

           * HTTPS 443

           * SMTP 25

           * FTP 21

           * IMAP 143

           * IMAPS 993 (IMAP over SSL)

           * NNTP 119

           * NNTPS 563 (NNTP over SSL)

Usage and Examples

   You can use the SSL Debugging Tool to intercept any connection
   information. Although you can run the tool at its most basic by issuing
   the ssltap command with no options other than hostname:port, the
   information you get in this way is not very useful. For example, assume
   your development machine is called intercept. The simplest way to use the
   debugging tool is to execute the following command from a command shell:

 $ ssltap www.netscape.com

   The program waits for an incoming connection on the default port 1924. In
   your browser window, enter the URL http://intercept:1924. The browser
   retrieves the requested page from the server at www.netscape.com, but the
   page is intercepted and passed on to the browser by the debugging tool on
   intercept. On its way to the browser, the data is printed to the command
   shell from which you issued the command. Data sent from the client to the
   server is surrounded by the following symbols: --> [ data ] Data sent from
   the server to the client is surrounded by the following symbols: "left
   arrow"-- [ data ] The raw data stream is sent to standard output and is
   not interpreted in any way. This can result in peculiar effects, such as
   sounds, flashes, and even crashes of the command shell window. To output a
   basic, printable interpretation of the data, use the -h option, or, if you
   are looking at an SSL connection, the -s option. You will notice that the
   page you retrieved looks incomplete in the browser. This is because, by
   default, the tool closes down after the first connection is complete, so
   the browser is not able to load images. To make the tool continue to
   accept connections, switch on looping mode with the -l option. The
   following examples show the output from commonly used combinations of
   options.

   Example 1

 $ ssltap.exe -sx -p 444 interzone.mcom.com:443 > sx.txt

   Output

 Connected to interzone.mcom.com:443
 -->; [
 alloclen = 66 bytes
    [ssl2]  ClientHelloV2 {
             version = {0x03, 0x00}
             cipher-specs-length = 39 (0x27)
             sid-length = 0 (0x00)
             challenge-length = 16 (0x10)
             cipher-suites = {

                 (0x010080) SSL2/RSA/RC4-128/MD5
                   (0x020080) SSL2/RSA/RC4-40/MD5
                   (0x030080) SSL2/RSA/RC2CBC128/MD5
                   (0x040080) SSL2/RSA/RC2CBC40/MD5
                   (0x060040) SSL2/RSA/DES64CBC/MD5
                   (0x0700c0) SSL2/RSA/3DES192EDE-CBC/MD5
                   (0x000004) SSL3/RSA/RC4-128/MD5
                   (0x00ffe0) SSL3/RSA-FIPS/3DES192EDE-CBC/SHA
                   (0x00000a) SSL3/RSA/3DES192EDE-CBC/SHA
                   (0x00ffe1) SSL3/RSA-FIPS/DES64CBC/SHA
                   (0x000009) SSL3/RSA/DES64CBC/SHA
                   (0x000003) SSL3/RSA/RC4-40/MD5
                   (0x000006) SSL3/RSA/RC2CBC40/MD5
                   }
             session-id = { }
             challenge = { 0xec5d 0x8edb 0x37c9 0xb5c9 0x7b70 0x8fe9 0xd1d3

 0x2592 }
 }
 ]
 <-- [
 SSLRecord {
    0: 16 03 00 03  e5                                   |.....
    type    = 22 (handshake)
    version = { 3,0 }
    length  = 997 (0x3e5)
    handshake {
    0: 02 00 00 46                                      |...F
       type = 2 (server_hello)
       length = 70 (0x000046)
             ServerHello {
             server_version = {3, 0}
             random = {...}
    0: 77 8c 6e 26  6c 0c ec c0  d9 58 4f 47  d3 2d 01 45  |
 wn&l.ì..XOG.-.E
    10: 5c 17 75 43  a7 4c 88 c7  88 64 3c 50  41 48 4f 7f  |

 \.uC§L.Ç.d<PAHO.
                   session ID = {
                   length = 32

                 contents = {..}
    0: 14 11 07 a8  2a 31 91 29  11 94 40 37  57 10 a7 32  | ...¨*1.)..@7W.§2
    10: 56 6f 52 62  fe 3d b3 65  b1 e4 13 0f  52 a3 c8 f6  | VoRbþ=³e±...R£È.
          }
                cipher_suite = (0x0003) SSL3/RSA/RC4-40/MD5
          }
    0: 0b 00 02 c5                                      |...Å
       type = 11 (certificate)
       length = 709 (0x0002c5)
             CertificateChain {
             chainlength = 706 (0x02c2)
                Certificate {
             size = 703 (0x02bf)
                data = { saved in file 'cert.001' }
             }
          }
    0: 0c 00 00 ca                                      |....
          type = 12 (server_key_exchange)
          length = 202 (0x0000ca)
    0: 0e 00 00 00                                      |....
          type = 14 (server_hello_done)
          length = 0 (0x000000)
    }
 }
 ]
 --> [
 SSLRecord {
    0: 16 03 00 00  44                                   |....D
    type    = 22 (handshake)
    version = { 3,0 }
    length  = 68 (0x44)
    handshake {
    0: 10 00 00 40                                      |...@
    type = 16 (client_key_exchange)
    length = 64 (0x000040)
          ClientKeyExchange {
             message = {...}
          }
    }
 }
 ]
 --> [
 SSLRecord {
    0: 14 03 00 00  01                                   |.....
    type    = 20 (change_cipher_spec)
    version = { 3,0 }
    length  = 1 (0x1)
    0: 01                                               |.
 }
 SSLRecord {
    0: 16 03 00 00  38                                   |....8
    type    = 22 (handshake)
    version = { 3,0 }
    length  = 56 (0x38)
                < encrypted >

 }
 ]
 <-- [
 SSLRecord {
    0: 14 03 00 00  01                                   |.....
    type    = 20 (change_cipher_spec)
    version = { 3,0 }
    length  = 1 (0x1)
    0: 01                                               |.
 }
 ]
 <-- [
 SSLRecord {
    0: 16 03 00 00  38                                   |....8
    type    = 22 (handshake)
    version = { 3,0 }
    length  = 56 (0x38)
                   < encrypted >

 }
 ]
 --> [
 SSLRecord {
    0: 17 03 00 01  1f                                   |.....
    type    = 23 (application_data)
    version = { 3,0 }
    length  = 287 (0x11f)
                < encrypted >
 }
 ]
 <-- [
 SSLRecord {
    0: 17 03 00 00  a0                                   |....
    type    = 23 (application_data)
    version = { 3,0 }
    length  = 160 (0xa0)
                < encrypted >

 }
 ]
 <-- [
 SSLRecord {
 0: 17 03 00 00  df                                   |....ß
    type    = 23 (application_data)
    version = { 3,0 }
    length  = 223 (0xdf)
                < encrypted >

 }
 SSLRecord {
    0: 15 03 00 00  12                                   |.....
    type    = 21 (alert)
    version = { 3,0 }
    length  = 18 (0x12)
                < encrypted >
 }
 ]
 Server socket closed.

   Example 2

   The -s option turns on SSL parsing. Because the -x option is not used in
   this example, undecoded values are output as raw data. The output is
   routed to a text file.

 $ ssltap -s  -p 444 interzone.mcom.com:443 > s.txt

   Output

 Connected to interzone.mcom.com:443
 --> [
 alloclen = 63 bytes
    [ssl2]  ClientHelloV2 {
             version = {0x03, 0x00}
             cipher-specs-length = 36 (0x24)
             sid-length = 0 (0x00)
             challenge-length = 16 (0x10)
             cipher-suites = {
                   (0x010080) SSL2/RSA/RC4-128/MD5
                   (0x020080) SSL2/RSA/RC4-40/MD5
                   (0x030080) SSL2/RSA/RC2CBC128/MD5
                   (0x060040) SSL2/RSA/DES64CBC/MD5
                   (0x0700c0) SSL2/RSA/3DES192EDE-CBC/MD5
                   (0x000004) SSL3/RSA/RC4-128/MD5
                   (0x00ffe0) SSL3/RSA-FIPS/3DES192EDE-CBC/SHA
                   (0x00000a) SSL3/RSA/3DES192EDE-CBC/SHA
                   (0x00ffe1) SSL3/RSA-FIPS/DES64CBC/SHA
                   (0x000009) SSL3/RSA/DES64CBC/SHA
                   (0x000003) SSL3/RSA/RC4-40/MD5
                   }
                session-id = { }
             challenge = { 0x713c 0x9338 0x30e1 0xf8d6 0xb934 0x7351 0x200c
 0x3fd0 }
 ]
 >-- [
 SSLRecord {
    type    = 22 (handshake)
    version = { 3,0 }
    length  = 997 (0x3e5)
    handshake {
          type = 2 (server_hello)
          length = 70 (0x000046)
             ServerHello {
             server_version = {3, 0}
             random = {...}
             session ID = {
                length = 32
                contents = {..}
                }
                cipher_suite = (0x0003) SSL3/RSA/RC4-40/MD5
             }
          type = 11 (certificate)
          length = 709 (0x0002c5)
             CertificateChain {
                chainlength = 706 (0x02c2)
                Certificate {
                   size = 703 (0x02bf)
                   data = { saved in file 'cert.001' }
                }
             }
          type = 12 (server_key_exchange)
          length = 202 (0x0000ca)
          type = 14 (server_hello_done)
          length = 0 (0x000000)
    }
 }
 ]
 --> [
 SSLRecord {
    type    = 22 (handshake)
    version = { 3,0 }
    length  = 68 (0x44)
    handshake {
          type = 16 (client_key_exchange)
          length = 64 (0x000040)
             ClientKeyExchange {
                message = {...}
             }
    }
 }
 ]
 --> [
 SSLRecord {
    type    = 20 (change_cipher_spec)
    version = { 3,0 }
    length  = 1 (0x1)
 }
 SSLRecord {
    type    = 22 (handshake)
    version = { 3,0 }
    length  = 56 (0x38)
                > encrypted >
 }
 ]
 >-- [
 SSLRecord {
    type    = 20 (change_cipher_spec)
    version = { 3,0 }
    length  = 1 (0x1)
 }
 ]
 >-- [
 SSLRecord {
    type    = 22 (handshake)
    version = { 3,0 }
    length  = 56 (0x38)
                > encrypted >
 }
 ]
 --> [
 SSLRecord {
    type    = 23 (application_data)
    version = { 3,0 }
    length  = 287 (0x11f)
                > encrypted >
 }
 ]
 [
 SSLRecord {
    type    = 23 (application_data)
    version = { 3,0 }
    length  = 160 (0xa0)
                > encrypted >
 }
 ]
 >-- [
 SSLRecord {
    type    = 23 (application_data)
    version = { 3,0 }
    length  = 223 (0xdf)
                > encrypted >
 }
 SSLRecord {
    type    = 21 (alert)
    version = { 3,0 }
    length  = 18 (0x12)
                > encrypted >
 }
 ]
 Server socket closed.

   Example 3

   In this example, the -h option turns hex/ASCII format. There is no SSL
   parsing or decoding. The output is routed to a text file.

 $ ssltap -h  -p 444 interzone.mcom.com:443 > h.txt

   Output

 Connected to interzone.mcom.com:443
 --> [
    0: 80 40 01 03  00 00 27 00  00 00 10 01  00 80 02 00  | .@....'.........
    10: 80 03 00 80  04 00 80 06  00 40 07 00  c0 00 00 04  | .........@......
    20: 00 ff e0 00  00 0a 00 ff  e1 00 00 09  00 00 03 00  | ........á.......
    30: 00 06 9b fe  5b 56 96 49  1f 9f ca dd  d5 ba b9 52  | ..þ[V.I.\xd9 ...º¹R
    40: 6f 2d                                            |o-
 ]
 <-- [
    0: 16 03 00 03  e5 02 00 00  46 03 00 7f  e5 0d 1b 1d  | ........F.......
    10: 68 7f 3a 79  60 d5 17 3c  1d 9c 96 b3  88 d2 69 3b  | h.:y`..<..³.Òi;
    20: 78 e2 4b 8b  a6 52 12 4b  46 e8 c2 20  14 11 89 05  | x.K.¦R.KFè. ...
    30: 4d 52 91 fd  93 e0 51 48  91 90 08 96  c1 b6 76 77  | MR.ý..QH.....¶vw
    40: 2a f4 00 08  a1 06 61 a2  64 1f 2e 9b  00 03 00 0b  | *ô..¡.a¢d......
    50: 00 02 c5 00  02 c2 00 02  bf 30 82 02  bb 30 82 02  | ..Å......0...0..
    60: 24 a0 03 02  01 02 02 02  01 36 30 0d  06 09 2a 86  | $ .......60...*.
    70: 48 86 f7 0d  01 01 04 05  00 30 77 31  0b 30 09 06  | H.÷......0w1.0..
    80: 03 55 04 06  13 02 55 53  31 2c 30 2a  06 03 55 04  | .U....US1,0*..U.
    90: 0a 13 23 4e  65 74 73 63  61 70 65 20  43 6f 6d 6d  | ..#Netscape Comm
    a0: 75 6e 69 63  61 74 69 6f  6e 73 20 43  6f 72 70 6f  | unications Corpo
    b0: 72 61 74 69  6f 6e 31 11  30 0f 06 03  55 04 0b 13  | ration1.0...U...
    c0: 08 48 61 72  64 63 6f 72  65 31 27 30  25 06 03 55  | .Hardcore1'0%..U
    d0: 04 03 13 1e  48 61 72 64  63 6f 72 65  20 43 65 72  | ....Hardcore Cer
    e0: 74 69 66 69  63 61 74 65  20 53 65 72  76 65 72 20  | tificate Server
    f0: 49 49 30 1e  17 0d 39 38  30 35 31 36  30 31 30 33  | II0...9805160103
 <additional data lines>
 ]
 <additional records in same format>
 Server socket closed.

   Example 4

   In this example, the -s option turns on SSL parsing, and the -h option
   turns on hex/ASCII format. Both formats are shown for each record. The
   output is routed to a text file.

 $ ssltap -hs -p 444 interzone.mcom.com:443 > hs.txt

   Output

 Connected to interzone.mcom.com:443
 --> [
    0: 80 3d 01 03  00 00 24 00  00 00 10 01  00 80 02 00  | .=....$.........
    10: 80 03 00 80  04 00 80 06  00 40 07 00  c0 00 00 04  | .........@......
    20: 00 ff e0 00  00 0a 00 ff  e1 00 00 09  00 00 03 03  | ........á.......
    30: 55 e6 e4 99  79 c7 d7 2c  86 78 96 5d  b5 cf e9     |U..yÇ\xb0 ,.x.]µÏé
 alloclen = 63 bytes
    [ssl2]  ClientHelloV2 {
             version = {0x03, 0x00}
             cipher-specs-length = 36 (0x24)
             sid-length = 0 (0x00)
             challenge-length = 16 (0x10)
             cipher-suites = {
                   (0x010080) SSL2/RSA/RC4-128/MD5
                   (0x020080) SSL2/RSA/RC4-40/MD5
                   (0x030080) SSL2/RSA/RC2CBC128/MD5
                   (0x040080) SSL2/RSA/RC2CBC40/MD5
                   (0x060040) SSL2/RSA/DES64CBC/MD5
                   (0x0700c0) SSL2/RSA/3DES192EDE-CBC/MD5
                   (0x000004) SSL3/RSA/RC4-128/MD5
                   (0x00ffe0) SSL3/RSA-FIPS/3DES192EDE-CBC/SHA
                   (0x00000a) SSL3/RSA/3DES192EDE-CBC/SHA
                   (0x00ffe1) SSL3/RSA-FIPS/DES64CBC/SHA
                   (0x000009) SSL3/RSA/DES64CBC/SHA
                   (0x000003) SSL3/RSA/RC4-40/MD5
                   }
             session-id = { }
             challenge = { 0x0355 0xe6e4 0x9979 0xc7d7 0x2c86 0x7896 0x5db

 0xcfe9 }
 }
 ]
 <additional records in same formats>
 Server socket closed.

Usage Tips

   When SSL restarts a previous session, it makes use of cached information
   to do a partial handshake. If you wish to capture a full SSL handshake,
   restart the browser to clear the session id cache.

   If you run the tool on a machine other than the SSL server to which you
   are trying to connect, the browser will complain that the host name you
   are trying to connect to is different from the certificate. If you are
   using the default BadCert callback, you can still connect through a
   dialog. If you are not using the default BadCert callback, the one you
   supply must allow for this possibility.

See Also

   The NSS Security Tools are also documented at
   [1]http://www.mozilla.org/projects/security/pki/nss/.

Additional Resources

   NSS is maintained in conjunction with PKI and security-related projects
   through Mozilla dn Fedora. The most closely-related project is Dogtag PKI,
   with a project wiki at [2]http://pki.fedoraproject.org/wiki/.

   For information specifically about NSS, the NSS project wiki is located at
   [3]http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates
   directly to NSS code changes and releases.

   Mailing lists: pki-devel@redhat.com and pki-users@redhat.com

   IRC: Freenode at #dogtag-pki

Authors

   The NSS tools were written and maintained by developers with Netscape and
   now with Red Hat and Sun.

   Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey
   <dlackey@redhat.com>.

Copyright

   (c) 2010, Red Hat, Inc. Licensed under the GNU Public License version 2.

References

   Visible links
   1. http://www.mozilla.org/projects/secu.../pki/nss/tools
   2. http://pki.fedoraproject.org/wiki/
   3. http://www.mozilla.org/projects/security/pki/nss/
131 NSS tools : vfychain
Name

   vfychain — vfychain [options] [revocation options] certfile [[options]
   certfile] ...

Synopsis

   vfychain

Description

   The verification Tool, vfychain, verifies certificate chains. modutil can
   add and delete PKCS #11 modules, change passwords on security databases,
   set defaults, list module contents, enable or disable slots, enable or
   disable FIPS 140-2 compliance, and assign default providers for
   cryptographic operations. This tool can also create certificate, key, and
   module security database files.

   The tasks associated with security module database management are part of
   a process that typically also involves managing key databases and
   certificate databases.

Options

   -a
           the following certfile is base64 encoded

   -b YYMMDDHHMMZ
           Validate date (default: now)

   -d directory
           database directory

   -f
           Enable cert fetching from AIA URL

   -o oid
           Set policy OID for cert validation(Format OID.1.2.3)

   -p

           Use PKIX Library to validate certificate by calling:

           * CERT_VerifyCertificate if specified once,

           * CERT_PKIXVerifyCert if specified twice and more.

   -r
           Following certfile is raw binary DER (default)

   -t
           Following cert is explicitly trusted (overrides db trust)

   -u usage

           0=SSL client, 1=SSL server, 2=SSL StepUp, 3=SSL CA, 4=Email
           signer, 5=Email recipient, 6=Object signer,
           9=ProtectedObjectSigner, 10=OCSP responder, 11=Any CA

   -v
           Verbose mode. Prints root cert subject(double the argument for
           whole root cert info)

   -w password
           Database password

   -W pwfile
           Password file

           Revocation options for PKIX API (invoked with -pp options) is a
           collection of the following flags: [-g type [-h flags] [-m type
           [-s flags]] ...] ...

           Where:

   -g test-type
           Sets status checking test type. Possible values are "leaf" or
           "chain"

   -g test type
           Sets status checking test type. Possible values are "leaf" or
           "chain".

   -h test flags
           Sets revocation flags for the test type it follows. Possible
           flags: "testLocalInfoFirst" and "requireFreshInfo".

   -m method type
           Sets method type for the test type it follows. Possible types are
           "crl" and "ocsp".

   -s method flags
           Sets revocation flags for the method it follows. Possible types
           are "doNotUse", "forbidFetching", "ignoreDefaultSrc",
           "requireInfo" and "failIfNoInfo".

Additional Resources

   For information about NSS and other tools related to NSS (like JSS), check
   out the NSS project wiki at
   [1]http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates
   directly to NSS code changes and releases.

   Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto

   IRC: Freenode at #dogtag-pki

Authors

   The NSS tools were written and maintained by developers with Netscape, Red
   Hat, and Sun.

   Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey
   <dlackey@redhat.com>.

Copyright

   (c) 2010, Red Hat, Inc. Licensed under the GNU Public License version 2.

References

   Visible links
   1. http://www.mozilla.org/projects/security/pki/nss/
132 NSS tools : vfyserv
Coming soon
133 certutil
Name

   certutil — Manage keys and certificate in the the NSS database.

Synopsis

   certutil [options] arguments

Description

   The Certificate Database Tool, certutil, is a command-line utility that
   can create and modify certificate and key database files. It can also
   list, generate, modify, or delete certificates within the database, create
   or change the password, generate new public and private key pairs, display
   the contents of the key database, or delete key pairs within the key
   database.

   The key and certificate management process generally begins with creating
   keys in the key database, then generating and managing certificates in the
   certificate database. This document discusses certificate and key database
   management. For information security module database management, see the
   modutil manpages.

Options and Arguments

   Running certutil always requires one (and only one) option to specify the
   type of certificate operation. Each option may take arguments, anywhere
   from none to multiple arguments. Run the command option and -H to see the
   arguments available for each command option.

   Options

   Options specify an action and are uppercase.

   -A

           Add an existing certificate to a certificate database. The
           certificate database should already exist; if one is not present,
           this option will initialize one by default.

   -B

           Run a series of commands from the specified batch file. This
           requires the -i argument.

   -C

           Create a new binary certificate file from a binary certificate
           request file. Use the -i argument to specify the certificate
           request file. If this argument is not used, certutil prompts for a
           filename.

   -D

           Delete a certificate from the certificate database.

   -E

           Add an email certificate to the certificate database.

   -F

           Delete a private key from a key database. Specify the key to
           delete with the -n argument. Specify the database from which to
           delete the key with the -d argument. Use the -k argument to
           specify explicitly whether to delete a DSA, RSA, or ECC key. If
           you don't use the -k argument, the option looks for an RSA key
           matching the specified nickname.

           When you delete keys, be sure to also remove any certificates
           associated with those keys from the certificate database, by using
           -D. Some smart cards (for example, the Litronic card) do not let
           you remove a public key you have generated. In such a case, only
           the private key is deleted from the key pair. You can display the
           public key with the command certutil -K -h tokenname.

   -G

           Generate a new public and private key pair within a key database.
           The key database should already exist; if one is not present, this
           option will initialize one by default. Some smart cards (for
           example, the Litronic card) can store only one key pair. If you
           create a new key pair for such a card, the previous pair is
           overwritten.

   -H

           Display a list of the options and arguments used by the
           Certificate Database Tool.

   -K

           List the key ID of keys in the key database. A key ID is the
           modulus of the RSA key or the publicValue of the DSA key. IDs are
           displayed in hexadecimal ("0x" is not shown).

   -L

           List all the certificates, or display information about a named
           certificate, in a certificate database. Use the -h tokenname
           argument to specify the certificate database on a particular
           hardware or software token.

   -M

           Modify a certificate's trust attributes using the values of the -t
           argument.

   -N

           Create new certificate and key databases.

   -O

           Print the certificate chain.

   -R

           Create a certificate request file that can be submitted to a
           Certificate Authority (CA) for processing into a finished
           certificate. Output defaults to standard out unless you use -o
           output-file argument. Use the -a argument to specify ASCII output.

   -S

           Create an individual certificate and add it to a certificate
           database.

   -T

           Reset the key database or token.

   -U

           List all available modules or print a single named module.

   -V

           Check the validity of a certificate and its attributes.

   -W

           Change the password to a key database.

   --merge

           Merge a source database into the target database. This is used to
           merge legacy NSS databases (cert8.db and key3.db) into the newer
           SQLite databases (cert9.db and key4.db).

   --upgrade-merge

           Upgrade an old database and merge it into a new database. This is
           used to migrate legacy NSS databases (cert8.db and key3.db) into
           the newer SQLite databases (cert9.db and key4.db).

   Arguments

   Option arguments modify an action and are lowercase.

   -a

           Use ASCII format or allow the use of ASCII format for input or
           output. This formatting follows RFC 1113. For certificate
           requests, ASCII output defaults to standard output unless
           redirected.

   -b validity-time

           Specify a time at which a certificate is required to be valid. Use
           when checking certificate validity with the -V option. The format
           of the validity-time argument is YYMMDDHHMMSS[+HHMM|-HHMM|Z],
           which allows offsets to be set relative to the validity end time.
           Specifying seconds (SS) is optional. When specifying an explicit
           time, use a Z at the end of the term, YYMMDDHHMMSSZ, to close it.
           When specifying an offset time, use YYMMDDHHMMSS+HHMM or
           YYMMDDHHMMSS-HHMM for adding or subtracting time, respectively.

           If this option is not used, the validity check defaults to the
           current system time.

   -c issuer

           Identify the certificate of the CA from which a new certificate
           will derive its authenticity. Use the exact nickname or alias of
           the CA certificate, or use the CA's email address. Bracket the
           issuer string with quotation marks if it contains spaces.

   -d [sql:]directory

           Specify the database directory containing the certificate and key
           database files.

           certutil supports two types of databases: the legacy security
           databases (cert8.db, key3.db, and secmod.db) and new SQLite
           databases (cert9.db, key4.db, and pkcs11.txt). If the prefix sql:
           is not used, then the tool assumes that the given databases are in
           the old format.

   -e

           Check a certificate's signature during the process of validating a
           certificate.

   -f password-file

           Specify a file that will automatically supply the password to
           include in a certificate or to access a certificate database. This
           is a plain-text file containing one password. Be sure to prevent
           unauthorized access to this file.

   -g keysize

           Set a key size to use when generating new public and private key
           pairs. The minimum is 512 bits and the maximum is 8192 bits. The
           default is 1024 bits. Any size between the minimum and maximum is
           allowed.

   -h tokenname

           Specify the name of a token to use or act on. Unless specified
           otherwise the default token is an internal slot (specifically,
           internal slot 2). This slot can also be explicitly named with the
           string "internal". An internal slots is a virtual slot maintained
           in software, rather than a hardware device. Internal slot 2 is
           used by key and certificate services. Internal slot 1 is used by
           cryptographic services.

   -i input_file

           Pass an input file to the command. Depending on the command
           option, an input file can be a specific certificate, a certificate
           request file, or a batch file of commands.

   -k rsa|dsa|ec|all

           Specify the type of a key. The valid options are RSA, DSA, ECC, or
           all. The default value is rsa. Specifying the type of key can
           avoid mistakes caused by duplicate nicknames.

   -k key-type-or-id

           Specify the type or specific ID of a key. Giving a key type
           generates a new key pair; giving the ID of an existing key reuses
           that key pair (which is required to renew certificates).

   -l

           Display detailed information when validating a certificate with
           the -V option.

   -m serial-number

           Assign a unique serial number to a certificate being created. This
           operation should be performed by a CA. The default serial number
           is 0 (zero). Serial numbers are limited to integers.

   -n nickname

           Specify the nickname of a certificate or key to list, create, add
           to a database, modify, or validate. Bracket the nickname string
           with quotation marks if it contains spaces.

   -o output-file

           Specify the output file name for new certificates or binary
           certificate requests. Bracket the output-file string with
           quotation marks if it contains spaces. If this argument is not
           used the output destination defaults to standard output.

   -P dbPrefix

           Specify the prefix used on the certificate and key database file.
           This option is provided as a special case. Changing the names of
           the certificate and key databases is not recommended.

   -p phone

           Specify a contact telephone number to include in new certificates
           or certificate requests. Bracket this string with quotation marks
           if it contains spaces.

   -q pqgfile

           Read an alternate PQG value from the specified file when
           generating DSA key pairs. If this argument is not used, certutil
           generates its own PQG value. PQG files are created with a separate
           DSA utility.

   -q curve-name

           Set the elliptic curve name to use when generating ECC key pairs.
           A complete list of ECC curves is given in the help (-H).

   -r

           Display a certificate's binary DER encoding when listing
           information about that certificate with the -L option.

   -s subject

           Identify a particular certificate owner for new certificates or
           certificate requests. Bracket this string with quotation marks if
           it contains spaces. The subject identification format follows RFC
           #1485.

   -t trustargs

           Specify the trust attributes to modify in an existing certificate
           or to apply to a certificate when creating it or adding it to a
           database. There are three available trust categories for each
           certificate, expressed in the order SSL, email, object signing for
           each trust setting. In each category position, use none, any, or
           all of the attribute codes:

              o p - Valid peer

              o P - Trusted peer (implies p)

              o c - Valid CA

              o T - Trusted CA to issue client certificates (implies c)

              o C - Trusted CA to issue server certificates (SSL only)
                (implies c)

              o u - Certificate can be used for authentication or signing

              o w - Send warning (use with other attributes to include a
                warning when the certificate is used in that context)

           The attribute codes for the categories are separated by commas,
           and the entire set of attributes enclosed by quotation marks. For
           example:

           -t "TCu,Cu,Tuw"

           Use the -L option to see a list of the current certificates and
           trust attributes in a certificate database.

   -u certusage

           Specify a usage context to apply when validating a certificate
           with the -V option.

           The contexts are the following:

              o C (as an SSL client)

              o V (as an SSL server)

              o S (as an email signer)

              o R (as an email recipient)

              o O (as an OCSP status responder)

              o J (as an object signer)

   -v valid-months

           Set the number of months a new certificate will be valid. The
           validity period begins at the current system time unless an offset
           is added or subtracted with the -w option. If this argument is not
           used, the default validity period is three months. When this
           argument is used, the default three-month period is automatically
           added to any value given in the valid-month argument. For example,
           using this option to set a value of 3 would cause 3 to be added to
           the three-month default, creating a validity period of six months.
           You can use negative values to reduce the default period. For
           example, setting a value of -2 would subtract 2 from the default
           and create a validity period of one month.

   -w offset-months

           Set an offset from the current system time, in months, for the
           beginning of a certificate's validity period. Use when creating
           the certificate or adding it to a database. Express the offset in
           integers, using a minus sign (-) to indicate a negative offset. If
           this argument is not used, the validity period begins at the
           current system time. The length of the validity period is set with
           the -v argument.

   -X

           Force the key and certificate database to open in read-write mode.
           This is used with the -U and -L command options.

   -x

           Use certutil to generate the signature for a certificate being
           created or added to a database, rather than obtaining a signature
           from a separate CA.

   -y exp

           Set an alternate exponent value to use in generating a new RSA
           public key for the database, instead of the default value of
           65537. The available alternate values are 3 and 17.

   -z noise-file

           Read a seed value from the specified file to generate a new
           private and public key pair. This argument makes it possible to
           use hardware-generated seed values or manually create a value from
           the keyboard. The minimum file size is 20 bytes.

   -0 SSO_password

           Set a site security officer password on a token.

   -1 | --keyUsage keyword,keyword

           Set a Netscape Certificate Type Extension in the certificate.
           There are several available keywords:

              o digital signature

              o nonRepudiation

              o keyEncipherment

              o dataEncipherment

              o keyAgreement

              o certSigning

              o crlSigning

              o critical

   -2

           Add a basic constraint extension to a certificate that is being
           created or added to a database. This extension supports the
           certificate chain verification process. certutil prompts for the
           certificate constraint extension to select.

           X.509 certificate extensions are described in RFC 5280.

   -3

           Add an authority key ID extension to a certificate that is being
           created or added to a database. This extension supports the
           identification of a particular certificate, from among multiple
           certificates associated with one subject name, as the correct
           issuer of a certificate. The Certificate Database Tool will prompt
           you to select the authority key ID extension.

           X.509 certificate extensions are described in RFC 5280.

   -4

           Add a CRL distribution point extension to a certificate that is
           being created or added to a database. This extension identifies
           the URL of a certificate's associated certificate revocation list
           (CRL). certutil prompts for the URL.

           X.509 certificate extensions are described in RFC 5280.

   -5 | --nsCertType keyword,keyword

           Add a Netscape certificate type extension to a certificate that is
           being created or added to the database. There are several
           available keywords:

              o sslClient

              o sslServer

              o smime

              o objectSigning

              o sslCA

              o smimeCA

              o objectSigningCA

              o critical

           X.509 certificate extensions are described in RFC 5280.

   -6 | --extKeyUsage keyword,keyword

           Add an extended key usage extension to a certificate that is being
           created or added to the database. Several keywords are available:

              o serverAuth

              o clientAuth

              o codeSigning

              o emailProtection

              o timeStamp

              o ocspResponder

              o stepUp

              o critical

           X.509 certificate extensions are described in RFC 5280.

   -7 emailAddrs

           Add a comma-separated list of email addresses to the subject
           alternative name extension of a certificate or certificate request
           that is being created or added to the database. Subject
           alternative name extensions are described in Section 4.2.1.7 of
           RFC 3280.

   -8 dns-names

           Add a comma-separated list of DNS names to the subject alternative
           name extension of a certificate or certificate request that is
           being created or added to the database. Subject alternative name
           extensions are described in Section 4.2.1.7 of RFC 3280.

   --extAIA

           Add the Authority Information Access extension to the certificate.
           X.509 certificate extensions are described in RFC 5280.

   --extSIA

           Add the Subject Information Access extension to the certificate.
           X.509 certificate extensions are described in RFC 5280.

   --extCP

           Add the Certificate Policies extension to the certificate. X.509
           certificate extensions are described in RFC 5280.

   --extPM

           Add the Policy Mappings extension to the certificate. X.509
           certificate extensions are described in RFC 5280.

   --extPC

           Add the Policy Constraints extension to the certificate. X.509
           certificate extensions are described in RFC 5280.

   --extIA

           Add the Inhibit Any Policy Access extension to the certificate.
           X.509 certificate extensions are described in RFC 5280.

   --extSKID

           Add the Subject Key ID extension to the certificate. X.509
           certificate extensions are described in RFC 5280.

   --source-dir certdir

           Identify the certificate database directory to upgrade.

   --source-prefix certdir

           Give the prefix of the certificate and key databases to upgrade.

   --upgrade-id uniqueID

           Give the unique ID of the database to upgrade.

   --upgrade-token-name name

           Set the name of the token to use while it is being upgraded.

   -@ pwfile

           Give the name of a password file to use for the database being
           upgraded.

Usage and Examples

   Most of the command options in the examples listed here have more
   arguments available. The arguments included in these examples are the most
   common ones or are used to illustrate a specific scenario. Use the -H
   option to show the complete list of arguments for each command option.

   Creating New Security Databases

   Certificates, keys, and security modules related to managing certificates
   are stored in three related databases:

     o cert8.db or cert9.db

     o key3.db or key4.db

     o secmod.db or pkcs11.txt

   These databases must be created before certificates or keys can be
   generated.

 certutil -N -d [sql:]directory

   Creating a Certificate Request

   A certificate request contains most or all of the information that is used
   to generate the final certificate. This request is submitted separately to
   a certificate authority and is then approved by some mechanism
   (automatically or by human review). Once the request is approved, then the
   certificate is generated.

 $ certutil -R -k key-type-or-id [-q pqgfile|curve-name] -g key-size -s subject [-h tokenname] -d [sql:]directory [-p phone] [-o output-file] [-a]

   The -R command options requires four arguments:

     o -k to specify either the key type to generate or, when renewing a
       certificate, the existing key pair to use

     o -g to set the keysize of the key to generate

     o -s to set the subject name of the certificate

     o -d to give the security database directory

   The new certificate request can be output in ASCII format (-a) or can be
   written to a specified file (-o).

   For example:

 $ certutil -R -k ec -q nistb409 -g 512 -s "CN=John Smith,O=Example Corp,L=Mountain View,ST=California,C=US" -d sql:/home/my/sharednssdb -p 650-555-0123 -a -o cert.cer

 Generating key.  This may take a few moments...


 Certificate request generated by Netscape
 Phone: 650-555-0123
 Common Name: John Smith
 Email: (not ed)
 Organization: Example Corp
 State: California
 Country: US

 -----BEGIN NEW CERTIFICATE REQUEST-----
 MIIBIDCBywIBADBmMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEW
 MBQGA1UEBxMNTW91bnRhaW4gVmlldzEVMBMGA1UEChMMRXhhbXBsZSBDb3JwMRMw
 EQYDVQQDEwpKb2huIFNtaXRoMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMVUpDOZ
 KmHnOx7reP8Cc0Lk+fFWEuYIDX9W5K/BioQOKvEjXyQZhit9aThzBVMoSf1Y1S8J
 CzdUbCg1+IbnXaECAwEAAaAAMA0GCSqGSIb3DQEBBQUAA0EAryqZvpYrUtQ486Ny
 qmtyQNjIi1F8c1Z+TL4uFYlMg8z6LG/J/u1E5t1QqB5e9Q4+BhRbrQjRR1JZx3tB
 1hP9Gg==
 -----END NEW CERTIFICATE REQUEST-----

   Creating a Certificate

   A valid certificate must be issued by a trusted CA. This can be done by
   specifying a CA certificate (-c) that is stored in the certificate
   database. If a CA key pair is not available, you can create a self-signed
   certificate using the -x argument with the -S command option.

 $ certutil -S -k rsa|dsa|ec -n certname -s subject [-c issuer |-x] -t trustargs -d [sql:]directory [-m serial-number] [-v valid-months] [-w offset-months] [-p phone] [-1] [-2] [-3] [-4] [-5 keyword] [-6 keyword] [-7 emailAddress] [-8 dns-names] [--extAIA] [--extSIA] [--extCP] [--extPM] [--extPC] [--extIA] [--extSKID]

   The series of numbers and --ext* options set certificate extensions that
   can be added to the certificate when it is generated by the CA.

   For example, this creates a self-signed certificate:

 $ certutil -S -s "CN=Example CA" -n my-ca-cert -x -t "C,C,C" -1 -2 -5 -m 3650

   From there, new certificates can reference the self-signed certificate:

 $ certutil -S -s "CN=My Server Cert" -n my-server-cert -c "my-ca-cert" -t "u,u,u" -1 -5 -6 -8 -m 730

   Generating a Certificate from a Certificate Request

   When a certificate request is created, a certificate can be generated by
   using the request and then referencing a certificate authority signing
   certificate (the issuer specified in the -c argument). The issuing
   certificate must be in the certificate database in the specified
   directory.

 certutil -C -c issuer -i cert-request-file -o output-file [-m serial-number] [-v valid-months] [-w offset-months] -d [sql:]directory [-1] [-2] [-3] [-4] [-5 keyword] [-6 keyword] [-7 emailAddress] [-8 dns-names]

   For example:

 $ certutil -C -c "my-ca-cert" -i /home/certs/cert.req -o cert.cer -m 010 -v 12 -w 1 -d sql:/home/my/sharednssdb -1 nonRepudiation,dataEncipherment -5 sslClient -6 clientAuth -7 jsmith@example.com

   Generating Key Pairs

   Key pairs are generated automatically with a certificate request or
   certificate, but they can also be generated independently using the -G
   command option.

 certutil -G -d [sql:]directory | -h tokenname -k key-type -g key-size [-y exponent-value] -q pqgfile|curve-name

   For example:

 $ certutil -G -h lunasa -k ec -g 256 -q sect193r2

   Listing Certificates

   The -L command option lists all of the certificates listed in the
   certificate database. The path to the directory (-d) is required.

 $ certutil -L -d sql:/home/my/sharednssdb

 Certificate Nickname                                         Trust Attributes
                                                              SSL,S/MIME,JAR/XPI

 CA Administrator of Instance pki-ca1's Example Domain ID     u,u,u
 TPS Administrator's Example Domain ID                        u,u,u
 Google Internet Authority                                    ,,
 Certificate Authority - Example Domain                       CT,C,C

   Using additional arguments with -L can return and print the information
   for a single, specific certificate. For example, the -n argument passes
   the certificate name, while the -a argument prints the certificate in
   ASCII format:

 $ certutil -L -d sql:/home/my/sharednssdb -a -n "Certificate Authority - Example Domain"

 -----BEGIN CERTIFICATE-----
 MIIDmTCCAoGgAwIBAgIBATANBgkqhkiG9w0BAQUFADA5MRcwFQYDVQQKEw5FeGFt
 cGxlIERvbWFpbjEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTEw
 MDQyOTIxNTY1OFoXDTEyMDQxODIxNTY1OFowOTEXMBUGA1UEChMORXhhbXBsZSBE
 b21haW4xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTCCASIwDQYJKoZI
 hvcNAQEBBQADggEPADCCAQoCggEBAO/bqUli2KwqXFKmMMG93KN1SANzNTXA/Vlf
 Tmrih3hQgjvR1ktIY9aG6cB7DSKWmtHp/+p4PUCMqL4ZrSGt901qxkePyZ2dYmM2
 RnelK+SEUIPiUtoZaDhNdiYsE/yuDE8vQWj0vHCVL0w72qFUcSQ/WZT7FCrnUIUI
 udeWnoPSUn70gLhcj/lvxl7K9BHyD4Sq5CzktwYtFWLiiwV+ZY/Fl6JgbGaQyQB2
 bP4iRMfloGqsxGuB1evWVDF1haGpFDSPgMnEPSLg3/3dXn+HDJbZ29EU8/xKzQEb
 3V0AHKbu80zGllLEt2Zx/WDIrgJEN9yMfgKFpcmL+BvIRsmh0VsCAwEAAaOBqzCB
 qDAfBgNVHSMEGDAWgBQATgxHQyRUfKIZtdp55bZlFr+tFzAPBgNVHRMBAf8EBTAD
 AQH/MA4GA1UdDwEB/wQEAwIBxjAdBgNVHQ4EFgQUAE4MR0MkVHyiGbXaeeW2ZRa/
 rRcwRQYIKwYBBQUHAQEEOTA3MDUGCCsGAQUFBzABhilodHRwOi8vbG9jYWxob3N0
 LmxvY2FsZG9tYWluOjkxODAvY2Evb2NzcDANBgkqhkiG9w0BAQUFAAOCAQEAi8Gk
 L3XO43u7/TDOeEsWPmq+jZsDZ3GZ85Ajt3KROLWeKVZZZa2E2Hnsvf2uXbk5amKe
 lRxdSeRH9g85pv4KY7Z8xZ71NrI3+K3uwmnqkc6t0hhYb1mw/gx8OAAoluQx3biX
 JBDxjI73Cf7XUopplHBjjiwyGIJUO8BEZJ5L+TF4P38MJz1snLtzZpEAX5bl0U76
 bfu/tZFWBbE8YAWYtkCtMcalBPj6jn2WD3M01kGozW4mmbvsj1cRB9HnsGsqyHCu
 U0ujlL1H/RWcjn607+CTeKH9jLMUqCIqPJNOa+kq/6F7NhNRRiuzASIbZc30BZ5a
 nI7q5n1USM3eWQlVXw==
 -----END CERTIFICATE-----

   Listing Keys

   Keys are the original material used to encrypt certificate data. The keys
   generated for certificates are stored separately, in the key database.

   To list all keys in the database, use the -K command option and the
   (required) -d argument to give the path to the directory.

 $ certutil -K -d sql:/home/my/sharednssdb
 certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services                  "
 < 0> rsa      455a6673bde9375c2887ec8bf8016b3f9f35861d   Thawte Freemail Member's Thawte Consulting (Pty) Ltd. ID
 < 1> rsa      40defeeb522ade11090eacebaaf1196a172127df   Example Domain Administrator Cert
 < 2> rsa      1d0b06f44f6c03842f7d4f4a1dc78b3bcd1b85a5   John Smith user cert

   There are ways to narrow the keys listed in the search results:

     o To return a specific key, use the -n name argument with the name of
       the key.

     o If there are multiple security devices loaded, then the -h tokenname
       argument can search a specific token or all tokens.

     o If there are multiple key types available, then the -k key-type
       argument can search a specific type of key, like RSA, DSA, or ECC.

   Listing Security Modules

   The devices that can be used to store certificates -- both internal
   databases and external devices like smart cards -- are recognized and used
   by loading security modules. The -U command option lists all of the
   security modules listed in the secmod.db database. The path to the
   directory (-d) is required.

 $ certutil -U -d sql:/home/my/sharednssdb

     slot: NSS User Private Key and Certificate Services
    token: NSS Certificate DB

     slot: NSS Internal Cryptographic Services
    token: NSS Generic Crypto Services

   Adding Certificates to the Database

   Existing certificates or certificate requests can be added manually to the
   certificate database, even if they were generated elsewhere. This uses the
   -A command option.

 certutil -A -n certname -t trustargs -d [sql:]directory [-a] [-i input-file]

   For example:

 $ certutil -A -n "CN=My SSL Certificate" -t "u,u,u" -d sql:/home/my/sharednssdb -i /home/example-certs/cert.cer

   A related command option, -E, is used specifically to add email
   certificates to the certificate database. The -E command has the same
   arguments as the -A command. The trust arguments for certificates have the
   format SSL,S/MIME,Code-signing, so the middle trust settings relate most
   to email certificates (though the others can be set). For example:

 $ certutil -E -n "CN=John Smith Email Cert" -t ",Pu," -d sql:/home/my/sharednssdb -i /home/example-certs/email.cer

   Deleting Certificates to the Database

   Certificates can be deleted from a database using the -D option. The only
   required options are to give the security database directory and to
   identify the certificate nickname.

 certutil -D -d [sql:]directory -n "nickname"

   For example:

 $ certutil -D -d sql:/home/my/sharednssdb -n "my-ssl-cert"

   Validating Certificates

   A certificate contains an expiration date in itself, and expired
   certificates are easily rejected. However, certificates can also be
   revoked before they hit their expiration date. Checking whether a
   certificate has been revoked requires validating the certificate.
   Validation can also be used to ensure that the certificate is only used
   for the purposes it was initially issued for. Validation is carried out by
   the -V command option.

 certutil -V -n certificate-name [-b time] [-e] [-u cert-usage] -d [sql:]directory

   For example, to validate an email certificate:

 $ certutil -V -n "John Smith's Email Cert" -e -u S,R -d sql:/home/my/sharednssdb

   Modifying Certificate Trust Settings

   The trust settings (which relate to the operations that a certificate is
   allowed to be used for) can be changed after a certificate is created or
   added to the database. This is especially useful for CA certificates, but
   it can be performed for any type of certificate.

 certutil -M -n certificate-name -t trust-args -d [sql:]directory

   For example:

 $ certutil -M -n "My CA Certificate" -d sql:/home/my/sharednssdb -t "CTu,CTu,CTu"

   Printing the Certificate Chain

   Certificates can be issued in chains because every certificate authority
   itself has a certificate; when a CA issues a certificate, it essentially
   stamps that certificate with its own fingerprint. The -O prints the full
   chain of a certificate, going from the initial CA (the root CA) through
   ever intermediary CA to the actual certificate. For example, for an email
   certificate with two CAs in the chain:

 $ certutil -d sql:/home/my/sharednssdb -O -n "jsmith@example.com"
 "Builtin Object Token:Thawte Personal Freemail CA" [E=personal-freemail@thawte.com,CN=Thawte Personal Freemail CA,OU=Certification Services Division,O=Thawte Consulting,L=Cape Town,ST=Western Cape,C=ZA]

   "Thawte Personal Freemail Issuing CA - Thawte Consulting" [CN=Thawte Personal Freemail Issuing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA]

     "(null)" [E=jsmith@example.com,CN=Thawte Freemail Member]

   Resetting a Token

   The device which stores certificates -- both external hardware devices and
   internal software databases -- can be blanked and reused. This operation
   is performed on the device which stores the data, not directly on the
   security databases, so the location must be referenced through the token
   name (-h) as well as any directory path. If there is no external token
   used, the default value is internal.

 certutil -T -d [sql:]directory -h token-name -0 security-officer-password

   Many networks have dedicated personnel who handle changes to security
   tokens (the security officer). This person must supply the password to
   access the specified token. For example:

 $ certutil -T -d sql:/home/my/sharednssdb -h nethsm -0 secret

   Upgrading or Merging the Security Databases

   Many networks or applications may be using older BerkeleyDB versions of
   the certificate database (cert8.db). Databases can be upgraded to the new
   SQLite version of the database (cert9.db) using the --upgrade-merge
   command option or existing databases can be merged with the new cert9.db
   databases using the ---merge command.

   The --upgrade-merge command must give information about the original
   database and then use the standard arguments (like -d) to give the
   information about the new databases. The command also requires information
   that the tool uses for the process to upgrade and write over the original
   database.

 certutil --upgrade-merge -d [sql:]directory [-P dbprefix] --source-dir directory --source-prefix dbprefix --upgrade-id id --upgrade-token-name name [-@ password-file]

   For example:

 $ certutil --upgrade-merge -d sql:/home/my/sharednssdb --source-dir /opt/my-app/alias/ --source-prefix serverapp- --upgrade-id 1 --upgrade-token-name internal

   The --merge command only requires information about the location of the
   original database; since it doesn't change the format of the database, it
   can write over information without performing interim step.

 certutil --merge -d [sql:]directory [-P dbprefix] --source-dir directory --source-prefix dbprefix [-@ password-file]

   For example:

 $ certutil --merge -d sql:/home/my/sharednssdb --source-dir /opt/my-app/alias/ --source-prefix serverapp-

   Running certutil Commands from a Batch File

   A series of commands can be run sequentially from a text file with the -B
   command option. The only argument for this specifies the input file.

 $ certutil -B -i /path/to/batch-file

NSS Database Types

   NSS originally used BerkeleyDB databases to store security information.
   The last versions of these legacy databases are:

     o cert8.db for certificates

     o key3.db for keys

     o secmod.db for PKCS #11 module information

   BerkeleyDB has performance limitations, though, which prevent it from
   being easily used by multiple applications simultaneously. NSS has some
   flexibility that allows applications to use their own, independent
   database engine while keeping a shared database and working around the
   access issues. Still, NSS requires more flexibility to provide a truly
   shared security database.

   In 2009, NSS introduced a new set of databases that are SQLite databases
   rather than BerkleyDB. These new databases provide more accessibility and
   performance:

     o cert9.db for certificates

     o key4.db for keys

     o pkcs11.txt, which is listing of all of the PKCS #11 modules contained
       in a new subdirectory in the security databases directory

   Because the SQLite databases are designed to be shared, these are the
   shared database type. The shared database type is preferred; the legacy
   format is included for backward compatibility.

   By default, the tools (certutil, pk12util, modutil) assume that the given
   security databases follow the more common legacy type. Using the SQLite
   databases must be manually specified by using the sql: prefix with the
   given security directory. For example:

 $ certutil -L -d sql:/home/my/sharednssdb

   To set the shared database type as the default type for the tools, set the
   NSS_DEFAULT_DB_TYPE environment variable to sql:

 export NSS_DEFAULT_DB_TYPE="sql"

   This line can be set added to the ~/.bashrc file to make the change
   permanent.

   Most applications do not use the shared database by default, but they can
   be configured to use them. For example, this how-to article covers how to
   configure Firefox and Thunderbird to use the new shared NSS databases:

     o https://wiki.mozilla.org/NSS_Shared_DB_Howto

   For an engineering draft on the changes in the shared NSS databases, see
   the NSS project wiki:

     o https://wiki.mozilla.org/NSS_Shared_DB

See Also

   pk12util (1)

   modutil (1)

   certutil has arguments or operations that use features defined in several
   IETF RFCs.

     o http://tools.ietf.org/html/rfc5280

     o http://tools.ietf.org/html/rfc1113

     o http://tools.ietf.org/html/rfc1485

   The NSS wiki has information on the new database design and how to
   configure applications to use it.

     o https://wiki.mozilla.org/NSS_Shared_DB_Howto

     o https://wiki.mozilla.org/NSS_Shared_DB

Additional Resources

   For information about NSS and other tools related to NSS (like JSS), check
   out the NSS project wiki at
   [1]http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates
   directly to NSS code changes and releases.

   Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto

   IRC: Freenode at #dogtag-pki

Authors

   The NSS tools were written and maintained by developers with Netscape, Red
   Hat, and Sun.

   Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey
   <dlackey@redhat.com>.

Copyright

   (c) 2010, Red Hat, Inc. Licensed under the GNU Public License version 2.

References

   Visible links
   1. http://www.mozilla.org/projects/security/pki/nss/
134 NSS Tools sslstrength
2) sslstrength hostname[:port] [ciphers=xyz] [debug] [verbose] [policy=export|domestic]
135 NSS reference NSS
No summary!
136 Building and installing NSS NSS
This chapter describes how to build and install NSS.
137 Build instructions NSS

Numerous optional features of NSS builds are controlled through make variables. Make variables may be set on the gmake command line, e.g.,
138 Installation guide NSS
No summary!
139 Migration to HG
The NSPR, NSS and related projects have stopped using Mozilla'a CVS server, but have migrated to
Mozilla's HG (Mercurial) server.

Each project now lives in its own separate space, they can be found at:
  https://hg.mozilla.org/projects/nspr/
  https://hg.mozilla.org/projects/nss/
  https://hg.mozilla.org/projects/jss/
  https://hg.mozilla.org/projects/python-nss/
140 Sample manual installation NSS
No summary!
141 FC_CancelFunction NSS
No summary!
142 FC_CloseAllSessions NSS
No summary!
143 FC_CloseSession NSS
No summary!
144 FC_CopyObject NSS
No summary!
145 FC_CreateObject NSS
No summary!
146 FC_Decrypt NSS
No summary!
147 FC_DecryptDigestUpdate NSS
No summary!
148 FC_DecryptFinal NSS
No summary!
149 FC_DecryptInit NSS
No summary!
150 FC_DecryptUpdate NSS
No summary!
151 FC_DecryptVerifyUpdate NSS
No summary!
152 FC_DeriveKey NSS
No summary!
153 FC_DestroyObject NSS
No summary!
154 FC_Digest NSS
No summary!
155 FC_DigestEncryptUpdate NSS
No summary!
156 FC_DigestFinal NSS
No summary!
157 FC_DigestInit NSS
No summary!
158 FC_DigestKey NSS
No summary!
159 FC_DigestUpdate NSS
No summary!
160 FC_Encrypt NSS
No summary!
161 FC_EncryptFinal NSS
No summary!
162 FC_EncryptInit NSS
No summary!
163 FC_EncryptUpdate NSS
No summary!
164 FC_Finalize NSS
No summary!
165 FC_FindObjects NSS
No summary!
166 FC_FindObjectsFinal NSS
No summary!
167 FC_FindObjectsInit NSS
No summary!
168 FC_GenerateKey NSS
No summary!
169 FC_GenerateKeyPair NSS
No summary!
170 FC_GenerateRandom NSS
No summary!
171 FC_GetAttributeValue NSS
No summary!
172 FC_GetFunctionList NSS
No summary!
173 FC_GetFunctionStatus NSS
No summary!
174 FC_GetInfo NSS
No summary!
175 FC_GetMechanismInfo NSS
No summary!
176 FC_GetMechanismList NSS
No summary!
177 FC_GetObjectSize NSS
No summary!
178 FC_GetOperationState NSS
No summary!
179 FC_GetSessionInfo NSS
No summary!
180 FC_GetSlotInfo NSS
No summary!
181 FC_GetSlotList NSS
No summary!
182 FC_GetTokenInfo NSS
No summary!
183 FC_InitPIN NSS
No summary!
184 FC_InitToken NSS
No summary!
185 FC_Initialize NSS
FC_Initialize - initialize the PKCS #11 library.
186 FC_Login NSS
No summary!
187 FC_Logout NSS
No summary!
188 FC_OpenSession NSS
No summary!
189 FC_SeedRandom NSS
No summary!
190 FC_SetAttributeValue NSS
No summary!
191 FC_SetOperationState NSS
No summary!
192 FC_SetPIN NSS
No summary!
193 FC_Sign NSS
No summary!
194 FC_SignEncryptUpdate NSS
No summary!
195 FC_SignFinal NSS
No summary!
196 FC_SignInit NSS
No summary!
197 FC_SignRecover NSS
No summary!
198 FC_SignRecoverInit NSS
No summary!
199 FC_SignUpdate NSS
No summary!
200 FC_UnwrapKey NSS
No summary!
201 FC_Verify NSS
No summary!
202 FC_VerifyFinal NSS
No summary!
203 FC_VerifyInit NSS
No summary!
204 FC_VerifyRecover NSS
No summary!
205 FC_VerifyRecoverInit NSS
No summary!
206 FC_VerifyUpdate NSS
No summary!
207 FC_WaitForSlotEvent NSS
No summary!
208 FC_WrapKey NSS
No summary!
209 NSC_InitToken NSS
No summary!
210 NSC_Login NSS
No summary!
211 NSPR functions
NSPR is a platform abstraction library that provides a cross-platform API to common OS services.  NSS uses NSPR internally as the porting layer.  However, a small number of NSPR functions are required for using the certificate verification and SSL functions in NSS.  These NSPR functions are listed in this section.
212 NSS Certificate Functions NSS
This chapter describes the functions and related types used to work with a certificate database such as the cert8.db database provided with NSS. This was converted from "Chapter 5: Certificate Functions".
213 NSS Key Functions NSS
This chapter describes two functions used to manipulate private keys and key databases such as the key3.db database provided with NSS. This was converted from "Chapter 6: Key Functions".
214 NSS Tools Man Pages - work in progress
certutil certutil
215 NSS cryptographic module NSS
No summary!
216 FIPS mode of operation NSS
No summary!
217 NSS environment variables NSS
These environment variables affect the RUN TIME behavior of NSS shared libraries. There is a separate set of environment variables that affect how NSS is built, documented below.
218 NSS functions NSS
This page lists all exported functions in NSS 3.11.7 It was ported from here.
219 NSS tools : certutil
Name

   certutil — Manage keys and certificate in both NSS databases and other NSS tokens

Synopsis

   certutil [options] [[arguments]]

Description

   The Certificate Database Tool, certutil, is a command-line utility
   that can create and modify certificate and key databases.
   It can specifically list, generate, modify, or delete certificates, create or
   change the password, generate new public and private key pairs,
   display the contents of the key database, or delete key pairs within  thekey database.

   Certificate issuance, part of the key and certificate management process, requires that
   keys and certificates be created in the key database. This document discusses certificate
   and key database management. For information on the  security module database management,
   see the modutil manpage.

Options and Arguments

   Running certutil always requires one and only one command option to
   specify the type of certificate operation. Each option may take arguments,
   anywhere from none to multiple arguments. The command option -H will list
   all the command options available and their relevant arguments.

   Command Options

   -A
          Add an existing certificate to a certificate database.
          The certificate database should already exist; if one is
          not present, this command option will initialize one by default.

   -B
          Run a series of commands from the specified batch file.
          This requires the -i argument.

   -C
          Create a new binary certificate file from a binary
          certificate request file. Use the -i argument to specify
          the certificate request file. If this argument is not
          used, certutil prompts for a filename.

   -D
          Delete a certificate from the certificate database.

   -E
          Add an email certificate to the certificate database.

   -F
          Delete a private key from a key database. Specify the
          key to delete with the -n argument. Specify the database
          from which to delete the key with the -d argument. Use
          the -k argument to specify explicitly whether to delete
          a DSA, RSA, or ECC key. If you don't use the -k
          argument, the option looks for an RSA key matching the
          specified nickname.

          When you delete keys, be sure to also remove any
          certificates associated with those keys from the
          certificate database, by using -D. Some smart cards (for
          example, the Litronic card) do not let you remove a
          public key you have generated. In such a case, only the
          private key is deleted from the key pair. You can
          display the public key with the command certutil -K -h
          tokenname.

   -G
          Generate a new public and private key pair within a key
          database. The key database should already exist; if one
          is not present, this option will initialize one by
          default. Some smart cards (for example, the Litronic
          card) can store only one key pair. If you create a new
          key pair for such a card, the previous pair is
          overwritten.

   -H
          Display a list of the options and arguments used by the
          Certificate Database Tool.

   -K
          List the key ID of keys in the key database. A key ID is
          the modulus of the RSA key or the publicValue of the DSA
          key. IDs are displayed in hexadecimal ("0x" is not
          shown).

   -L
          List all the certificates, or display information about
          a named certificate, in a certificate database. Use the
          -h tokenname argument to specify the certificate
          database on a particular hardware or software token.

   -M
          Modify a certificate's trust attributes using the values
          of the -t argument.

   -N
          Create new certificate and key databases.

   -O
          Print the certificate chain.

   -R
          Create a certificate request file that can be submitted
          to a Certificate Authority (CA) for processing into a
          finished certificate. Output defaults to standard out
          unless you use -o output-file argument. Use the -a
          argument to specify ASCII output.

   -S
          Create an individual certificate and add it to a
          certificate database.

   -T
          Reset the key database or token.

   -U
          List all available modules or print a single named
          module.

   -V
          Check the validity of a certificate and its attributes.

   -W
          Change the password to a key database.

   --merge
          Merge a source database into the target database. This
          is used to merge legacy NSS databases (cert8.db and
          key3.db) into the newer SQLite databases (cert9.db and
          key4.db).

   --upgrade-merge
          Upgrade an old database and merge it into a new
          database. This is used to migrate legacy NSS databases
          (cert8.db and key3.db) into the newer SQLite databases
          (cert9.db and key4.db).

   Arguments

   Option arguments modify an action and are lowercase.

   -a
          Use ASCII format or allow the use of ASCII format for
          input or output. This formatting follows RFC 1113. For
          certificate requests, ASCII output defaults to standard
          output unless redirected.

   -b validity-time
          Specify a time at which a certificate is required to be
          valid. Use when checking certificate validity with the
          -V option. The format of the validity-time argument is
          YYMMDDHHMMSS[+HHMM|-HHMM|Z], which allows offsets to be
          set relative to the validity end time. Specifying
          seconds (SS) is optional. When specifying an explicit
          time, use a Z at the end of the term, YYMMDDHHMMSSZ, to
          close it. When specifying an offset time, use
          YYMMDDHHMMSS+HHMM or YYMMDDHHMMSS-HHMM for adding or
          subtracting time, respectively.

          If this option is not used, the validity check defaults
          to the current system time.

   -c issuer
          Identify the certificate of the CA from which a new
          certificate will derive its authenticity. Use the exact
          nickname or alias of the CA certificate, or use the CA's
          email address. Bracket the issuer string with quotation
          marks if it contains spaces.

   -d [sql:]directory
          Specify the database directory containing the
          certificate and key database files.

          certutil supports two types of databases: the legacy
          security databases (cert8.db, key3.db, and secmod.db)
          and new SQLite databases (cert9.db, key4.db, and
          pkcs11.txt). If the prefix sql: is not used, then the
          tool assumes that the given databases are in the old
          format.

   -e
          Check a certificate's signature during the process of
          validating a certificate.

   -f password-file
          Specify a file that will automatically supply the
          password to include in a certificate or to access a
          certificate database. This is a plain-text file
          containing one password. Be sure to prevent unauthorized
          access to this file.

   -g keysize
          Set a key size to use when generating new public and
          private key pairs. The minimum is 512 bits and the
          maximum is 8192 bits. The default is 1024 bits. Any size
          between the minimum and maximum is allowed.

   -h tokenname
          Specify the name of a token to use or act on. Unless
          specified otherwise the default token is an internal
          slot (specifically, internal slot 2). This slot can also
          be explicitly named with the string "internal". An
          internal slots is a virtual slot maintained in software,
          rather than a hardware device. Internal slot 2 is used
          by key and certificate services. Internal slot 1 is used
          by cryptographic services.

   -i input_file
          Pass an input file to the command. Depending on the
          command option, an input file can be a specific
          certificate, a certificate request file, or a batch file
          of commands.

   -k rsa|dsa|ec|all
          Specify the type of a key. The valid options are RSA,
          DSA, ECC, or all. The default value is rsa. Specifying
          the type of key can avoid mistakes caused by duplicate
          nicknames.

   -k key-type-or-id
          Specify the type or specific ID of a key. Giving a key
          type generates a new key pair; giving the ID of an
          existing key reuses that key pair (which is required to
          renew certificates).

   -l
          Display detailed information when validating a
          certificate with the -V option.

   -m serial-number
          Assign a unique serial number to a certificate being
          created. This operation should be performed by a CA. The
          default serial number is 0 (zero). Serial numbers are
          limited to integers.

   -n nickname
          Specify the nickname of a certificate or key to list,
          create, add to a database, modify, or validate. Bracket
          the nickname string with quotation marks if it contains
          spaces.

   -o output-file
          Specify the output file name for new certificates or
          binary certificate requests. Bracket the output-file
          string with quotation marks if it contains spaces. If
          this argument is not used the output destination
          defaults to standard output.

   -P dbPrefix
          Specify the prefix used on the certificate and key
          database file. This option is provided as a special
          case. Changing the names of the certificate and key
          databases is not recommended.

   -p phone
          Specify a contact telephone number to include in new
          certificates or certificate requests. Bracket this
          string with quotation marks if it contains spaces.

   -q pqgfile
          Read an alternate PQG value from the specified file when
          generating DSA key pairs. If this argument is not used,
          certutil generates its own PQG value. PQG files are
          created with a separate DSA utility.

   -q curve-name
          Set the elliptic curve name to use when generating ECC
          key pairs. A complete list of ECC curves is given in the
          help (-H).

   -r
          Display a certificate's binary DER encoding when listing
          information about that certificate with the -L option.

   -s subject
          Identify a particular certificate owner for new
          certificates or certificate requests. Bracket this
          string with quotation marks if it contains spaces. The
          subject identification format follows RFC #1485.

   -t trustargs
          Specify the trust attributes to modify in an existing
          certificate or to apply to a certificate when creating
          it or adding it to a database. There are three available
          trust categories for each certificate, expressed in the
          order SSL, email, object signing for each trust setting.
          In each category position, use none, any, or all of the
          attribute codes:

          + p - Valid peer
          + P - Trusted peer (implies p)
          + c - Valid CA
          + T - Trusted CA to issue client certificates (implies
            c)
          + C - Trusted CA to issue server certificates (SSL only)
            (implies c)
          + u - Certificate can be used for authentication or
            signing
          + w - Send warning (use with other attributes to include
            a warning when the certificate is used in that
            context)

          The attribute codes for the categories are separated by
          commas, and the entire set of attributes enclosed by
          quotation marks. For example:

          -t "TCu,Cu,Tuw"

          Use the -L option to see a list of the current
          certificates and trust attributes in a certificate
          database.

   -u certusage
          Specify a usage context to apply when validating a
          certificate with the -V option.

          The contexts are the following:

          + C (as an SSL client)
          + V (as an SSL server)
          + S (as an email signer)
          + R (as an email recipient)
          + O (as an OCSP status responder)
          + J (as an object signer)

   -v valid-months
          Set the number of months a new certificate will be
          valid. The validity period begins at the current system
          time unless an offset is added or subtracted with the -w
          option. If this argument is not used, the default
          validity period is three months. When this argument is
          used, the default three-month period is automatically
          added to any value given in the valid-month argument.
          For example, using this option to set a value of 3 would
          cause 3 to be added to the three-month default, creating
          a validity period of six months. You can use negative
          values to reduce the default period. For example,
          setting a value of -2 would subtract 2 from the default
          and create a validity period of one month.

   -w offset-months
          Set an offset from the current system time, in months,
          for the beginning of a certificate's validity period.
          Use when creating the certificate or adding it to a
          database. Express the offset in integers, using a minus
          sign (-) to indicate a negative offset. If this argument
          is not used, the validity period begins at the current
          system time. The length of the validity period is set
          with the -v argument.

   -X
          Force the key and certificate database to open in
          read-write mode. This is used with the -U and -L command
          options.

   -x
          Use certutil to generate the signature for a certificate
          being created or added to a database, rather than
          obtaining a signature from a separate CA.

   -y exp
          Set an alternate exponent value to use in generating a
          new RSA public key for the database, instead of the
          default value of 65537. The available alternate values
          are 3 and 17.

   -z noise-file
          Read a seed value from the specified file to generate a
          new private and public key pair. This argument makes it
          possible to use hardware-generated seed values or
          manually create a value from the keyboard. The minimum
          file size is 20 bytes.

   -0 SSO_password
          Set a site security officer password on a token.

   -1 | --keyUsage keyword,keyword
          Set a Netscape Certificate Type Extension in the
          certificate. There are several available keywords:

          + digital signature
          + nonRepudiation
          + keyEncipherment
          + dataEncipherment
          + keyAgreement
          + certSigning
          + crlSigning
          + critical

   -2
          Add a basic constraint extension to a certificate that
          is being created or added to a database. This extension
          supports the certificate chain verification process.
          certutil prompts for the certificate constraint
          extension to select.

          X.509 certificate extensions are described in RFC 5280.

   -3
          Add an authority key ID extension to a certificate that
          is being created or added to a database. This extension
          supports the identification of a particular certificate,
          from among multiple certificates associated with one
          subject name, as the correct issuer of a certificate.
          The Certificate Database Tool will prompt you to select
          the authority key ID extension.

          X.509 certificate extensions are described in RFC 5280.

   -4
          Add a CRL distribution point extension to a certificate
          that is being created or added to a database. This
          extension identifies the URL of a certificate's
          associated certificate revocation list (CRL). certutil
          prompts for the URL.

          X.509 certificate extensions are described in RFC 5280.

   -5 | --nsCertType keyword,keyword
          Add a Netscape certificate type extension to a
          certificate that is being created or added to the
          database. There are several available keywords:

          + sslClient
          + sslServer
          + smime
          + objectSigning
          + sslCA
          + smimeCA
          + objectSigningCA
          + critical

          X.509 certificate extensions are described in RFC 5280.

   -6 | --extKeyUsage keyword,keyword
          Add an extended key usage extension to a certificate
          that is being created or added to the database. Several
          keywords are available:

          + serverAuth
          + clientAuth
          + codeSigning
          + emailProtection
          + timeStamp
          + ocspResponder
          + stepUp
          + critical

          X.509 certificate extensions are described in RFC 5280.

   -7 emailAddrs
          Add a comma-separated list of email addresses to the
          subject alternative name extension of a certificate or
          certificate request that is being created or added to
          the database. Subject alternative name extensions are
          described in Section 4.2.1.7 of RFC 3280.

   -8 dns-names
          Add a comma-separated list of DNS names to the subject
          alternative name extension of a certificate or
          certificate request that is being created or added to
          the database. Subject alternative name extensions are
          described in Section 4.2.1.7 of RFC 3280.

   --extAIA
          Add the Authority Information Access extension to the
          certificate. X.509 certificate extensions are described
          in RFC 5280.

   --extSIA
          Add the Subject Information Access extension to the
          certificate. X.509 certificate extensions are described
          in RFC 5280.

   --extCP
          Add the Certificate Policies extension to the
          certificate. X.509 certificate extensions are described
          in RFC 5280.

   --extPM
          Add the Policy Mappings extension to the certificate.
          X.509 certificate extensions are described in RFC 5280.

   --extPC
          Add the Policy Constraints extension to the certificate.
          X.509 certificate extensions are described in RFC 5280.

   --extIA
          Add the Inhibit Any Policy Access extension to the
          certificate. X.509 certificate extensions are described
          in RFC 5280.

   --extSKID
          Add the Subject Key ID extension to the certificate.
          X.509 certificate extensions are described in RFC 5280.

   --source-dir certdir
          Identify the certificate database directory to upgrade.

   --source-prefix certdir
          Give the prefix of the certificate and key databases to
          upgrade.

   --upgrade-id uniqueID
          Give the unique ID of the database to upgrade.

   --upgrade-token-name name
          Set the name of the token to use while it is being
          upgraded.

   -@ pwfile
          Give the name of a password file to use for the database
          being upgraded.

Usage and Examples

   Most of the command options in the examples listed here have
   more arguments available. The arguments included in these
   examples are the most common ones or are used to illustrate a
   specific scenario. Use the -H option to show the complete list
   of arguments for each command option.

   Creating New Security Databases

   Certificates, keys, and security modules related to managing
   certificates are stored in three related databases:
     * cert8.db or cert9.db
     * key3.db or key4.db
     * secmod.db or pkcs11.txt

   These databases must be created before certificates or keys can
   be generated.
certutil -N -d [sql:]directory

   Creating a Certificate Request

   A certificate request contains most or all of the information
   that is used to generate the final certificate. This request is
   submitted separately to a certificate authority and is then
   approved by some mechanism (automatically or by human review).
   Once the request is approved, then the certificate is
   generated.
$ certutil -R -k key-type-or-id [-q pqgfile|curve-name] -g key-size -s s
ubject [-h tokenname] -d [sql:]directory [-p phone] [-o output-file] [-a
]

   The -R command options requires four arguments:
     * -k to specify either the key type to generate or, when
       renewing a certificate, the existing key pair to use
     * -g to set the keysize of the key to generate
     * -s to set the subject name of the certificate
     * -d to give the security database directory

   The new certificate request can be output in ASCII format (-a)
   or can be written to a specified file (-o).

   For example:
$ certutil -R -k ec -q nistb409 -g 512 -s "CN=John Smith,O=Example Corp,
L=Mountain View,ST=California,C=US" -d sql:/home/my/sharednssdb -p 650-5
55-0123 -a -o cert.cer

Generating key.  This may take a few moments...


Certificate request generated by Netscape
Phone: 650-555-0123
Common Name: John Smith
Email: (not ed)
Organization: Example Corp
State: California
Country: US

-----BEGIN NEW CERTIFICATE REQUEST-----
MIIBIDCBywIBADBmMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEW
MBQGA1UEBxMNTW91bnRhaW4gVmlldzEVMBMGA1UEChMMRXhhbXBsZSBDb3JwMRMw
EQYDVQQDEwpKb2huIFNtaXRoMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMVUpDOZ
KmHnOx7reP8Cc0Lk+fFWEuYIDX9W5K/BioQOKvEjXyQZhit9aThzBVMoSf1Y1S8J
CzdUbCg1+IbnXaECAwEAAaAAMA0GCSqGSIb3DQEBBQUAA0EAryqZvpYrUtQ486Ny
qmtyQNjIi1F8c1Z+TL4uFYlMg8z6LG/J/u1E5t1QqB5e9Q4+BhRbrQjRR1JZx3tB
1hP9Gg==
-----END NEW CERTIFICATE REQUEST-----

   Creating a Certificate

   A valid certificate must be issued by a trusted CA. This can be
   done by specifying a CA certificate (-c) that is stored in the
   certificate database. If a CA key pair is not available, you
   can create a self-signed certificate using the -x argument with
   the -S command option.
$ certutil -S -k rsa|dsa|ec -n certname -s subject [-c issuer |-x] -t tr
ustargs -d [sql:]directory [-m serial-number] [-v valid-months] [-w offs
et-months] [-p phone] [-1] [-2] [-3] [-4] [-5 keyword] [-6 keyword] [-7
emailAddress] [-8 dns-names] [--extAIA] [--extSIA] [--extCP] [--extPM] [
--extPC] [--extIA] [--extSKID]

   The series of numbers and --ext* options set certificate
   extensions that can be added to the certificate when it is
   generated by the CA.

   For example, this creates a self-signed certificate:
$ certutil -S -s "CN=Example CA" -n my-ca-cert -x -t "C,C,C" -1 -2 -5 -m
 3650

   From there, new certificates can reference the self-signed
   certificate:
$ certutil -S -s "CN=My Server Cert" -n my-server-cert -c "my-ca-cert" -
t "u,u,u" -1 -5 -6 -8 -m 730

   Generating a Certificate from a Certificate Request

   When a certificate request is created, a certificate can be
   generated by using the request and then referencing a
   certificate authority signing certificate (the issuer specified
   in the -c argument). The issuing certificate must be in the
   certificate database in the specified directory.
certutil -C -c issuer -i cert-request-file -o output-file [-m serial-num
ber] [-v valid-months] [-w offset-months] -d [sql:]directory [-1] [-2] [
-3] [-4] [-5 keyword] [-6 keyword] [-7 emailAddress] [-8 dns-names]

   For example:
$ certutil -C -c "my-ca-cert" -i /home/certs/cert.req -o cert.cer -m 010
 -v 12 -w 1 -d sql:/home/my/sharednssdb -1 nonRepudiation,dataEncipherme
nt -5 sslClient -6 clientAuth -7 jsmith@example.com

   Generating Key Pairs

   Key pairs are generated automatically with a certificate
   request or certificate, but they can also be generated
   independently using the -G command option.
certutil -G -d [sql:]directory | -h tokenname -k key-type -g key-size [-
y exponent-value] -q pqgfile|curve-name

   For example:
$ certutil -G -h lunasa -k ec -g 256 -q sect193r2

   Listing Certificates

   The -L command option lists all of the certificates listed in
   the certificate database. The path to the directory (-d) is
   required.
$ certutil -L -d sql:/home/my/sharednssdb

Certificate Nickname                                         Trust Attri
butes
                                                             SSL,S/MIME,
JAR/XPI

CA Administrator of Instance pki-ca1's Example Domain ID     u,u,u
TPS Administrator's Example Domain ID                        u,u,u
Google Internet Authority                                    ,,
Certificate Authority - Example Domain                       CT,C,C

   Using additional arguments with -L can return and print the
   information for a single, specific certificate. For example,
   the -n argument passes the certificate name, while the -a
   argument prints the certificate in ASCII format:
$ certutil -L -d sql:/home/my/sharednssdb -a -n "Certificate Authority -
 Example Domain"

-----BEGIN CERTIFICATE-----
MIIDmTCCAoGgAwIBAgIBATANBgkqhkiG9w0BAQUFADA5MRcwFQYDVQQKEw5FeGFt
cGxlIERvbWFpbjEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTEw
MDQyOTIxNTY1OFoXDTEyMDQxODIxNTY1OFowOTEXMBUGA1UEChMORXhhbXBsZSBE
b21haW4xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAO/bqUli2KwqXFKmMMG93KN1SANzNTXA/Vlf
Tmrih3hQgjvR1ktIY9aG6cB7DSKWmtHp/+p4PUCMqL4ZrSGt901qxkePyZ2dYmM2
RnelK+SEUIPiUtoZaDhNdiYsE/yuDE8vQWj0vHCVL0w72qFUcSQ/WZT7FCrnUIUI
udeWnoPSUn70gLhcj/lvxl7K9BHyD4Sq5CzktwYtFWLiiwV+ZY/Fl6JgbGaQyQB2
bP4iRMfloGqsxGuB1evWVDF1haGpFDSPgMnEPSLg3/3dXn+HDJbZ29EU8/xKzQEb
3V0AHKbu80zGllLEt2Zx/WDIrgJEN9yMfgKFpcmL+BvIRsmh0VsCAwEAAaOBqzCB
qDAfBgNVHSMEGDAWgBQATgxHQyRUfKIZtdp55bZlFr+tFzAPBgNVHRMBAf8EBTAD
AQH/MA4GA1UdDwEB/wQEAwIBxjAdBgNVHQ4EFgQUAE4MR0MkVHyiGbXaeeW2ZRa/
rRcwRQYIKwYBBQUHAQEEOTA3MDUGCCsGAQUFBzABhilodHRwOi8vbG9jYWxob3N0
LmxvY2FsZG9tYWluOjkxODAvY2Evb2NzcDANBgkqhkiG9w0BAQUFAAOCAQEAi8Gk
L3XO43u7/TDOeEsWPmq+jZsDZ3GZ85Ajt3KROLWeKVZZZa2E2Hnsvf2uXbk5amKe
lRxdSeRH9g85pv4KY7Z8xZ71NrI3+K3uwmnqkc6t0hhYb1mw/gx8OAAoluQx3biX
JBDxjI73Cf7XUopplHBjjiwyGIJUO8BEZJ5L+TF4P38MJz1snLtzZpEAX5bl0U76
bfu/tZFWBbE8YAWYtkCtMcalBPj6jn2WD3M01kGozW4mmbvsj1cRB9HnsGsqyHCu
U0ujlL1H/RWcjn607+CTeKH9jLMUqCIqPJNOa+kq/6F7NhNRRiuzASIbZc30BZ5a
nI7q5n1USM3eWQlVXw==
-----END CERTIFICATE-----

   Listing Keys

   Keys are the original material used to encrypt certificate
   data. The keys generated for certificates are stored
   separately, in the key database.

   To list all keys in the database, use the -K command option and
   the (required) -d argument to give the path to the directory.
$ certutil -K -d sql:/home/my/sharednssdb
certutil: Checking token "NSS Certificate DB" in slot "NSS User Private
Key and Certificate Services                  "
< 0> rsa      455a6673bde9375c2887ec8bf8016b3f9f35861d   Thawte Freemail
 Member's Thawte Consulting (Pty) Ltd. ID
< 1> rsa      40defeeb522ade11090eacebaaf1196a172127df   Example Domain
Administrator Cert
< 2> rsa      1d0b06f44f6c03842f7d4f4a1dc78b3bcd1b85a5   John Smith user
 cert

   There are ways to narrow the keys listed in the search results:
     * To return a specific key, use the -n name argument with the
       name of the key.
     * If there are multiple security devices loaded, then the -h
       tokenname argument can search a specific token or all
       tokens.
     * If there are multiple key types available, then the -k
       key-type argument can search a specific type of key, like
       RSA, DSA, or ECC.

   Listing Security Modules

   The devices that can be used to store certificates -- both
   internal databases and external devices like smart cards -- are
   recognized and used by loading security modules. The -U command
   option lists all of the security modules listed in the
   secmod.db database. The path to the directory (-d) is required.
$ certutil -U -d sql:/home/my/sharednssdb

    slot: NSS User Private Key and Certificate Services

   token: NSS Certificate DB

    slot: NSS Internal Cryptographic Services

   token: NSS Generic Crypto Services

   Adding Certificates to the Database

   Existing certificates or certificate requests can be added
   manually to the certificate database, even if they were
   generated elsewhere. This uses the -A command option.
certutil -A -n certname -t trustargs -d [sql:]directory [-a] [-i input-f
ile]

   For example:
$ certutil -A -n "CN=My SSL Certificate" -t "u,u,u" -d sql:/home/my/shar
ednssdb -i /home/example-certs/cert.cer

   A related command option, -E, is used specifically to add email
   certificates to the certificate database. The -E command has
   the same arguments as the -A command. The trust arguments for
   certificates have the format SSL,S/MIME,Code-signing, so the
   middle trust settings relate most to email certificates (though
   the others can be set). For example:
$ certutil -E -n "CN=John Smith Email Cert" -t ",Pu," -d sql:/home/my/sh
arednssdb -i /home/example-certs/email.cer

   Deleting Certificates to the Database

   Certificates can be deleted from a database using the -D
   option. The only required options are to give the security
   database directory and to identify the certificate nickname.
certutil -D -d [sql:]directory -n "nickname"

   For example:
$ certutil -D -d sql:/home/my/sharednssdb -n "my-ssl-cert"

   Validating Certificates

   A certificate contains an expiration date in itself, and
   expired certificates are easily rejected. However, certificates
   can also be revoked before they hit their expiration date.
   Checking whether a certificate has been revoked requires
   validating the certificate. Validation can also be used to
   ensure that the certificate is only used for the purposes it
   was initially issued for. Validation is carried out by the -V
   command option.
certutil -V -n certificate-name [-b time] [-e] [-u cert-usage] -d [sql:]
directory

   For example, to validate an email certificate:
$ certutil -V -n "John Smith's Email Cert" -e -u S,R -d sql:/home/my/sha
rednssdb

   Modifying Certificate Trust Settings

   The trust settings (which relate to the operations that a
   certificate is allowed to be used for) can be changed after a
   certificate is created or added to the database. This is
   especially useful for CA certificates, but it can be performed
   for any type of certificate.
certutil -M -n certificate-name -t trust-args -d [sql:]directory

   For example:
$ certutil -M -n "My CA Certificate" -d sql:/home/my/sharednssdb -t "CTu
,CTu,CTu"

   Printing the Certificate Chain

   Certificates can be issued in chains because every certificate
   authority itself has a certificate; when a CA issues a
   certificate, it essentially stamps that certificate with its
   own fingerprint. The -O prints the full chain of a certificate,
   going from the initial CA (the root CA) through ever
   intermediary CA to the actual certificate. For example, for an
   email certificate with two CAs in the chain:
$ certutil -d sql:/home/my/sharednssdb -O -n "jsmith@example.com"
"Builtin Object Token:Thawte Personal Freemail CA" [E=personal-freemail@
thawte.com,CN=Thawte Personal Freemail CA,OU=Certification Services Divi
sion,O=Thawte Consulting,L=Cape Town,ST=Western Cape,C=ZA]

  "Thawte Personal Freemail Issuing CA - Thawte Consulting" [CN=Thawte P
ersonal Freemail Issuing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA]

    "(null)" [E=jsmith@example.com,CN=Thawte Freemail Member]

   Resetting a Token

   The device which stores certificates -- both external hardware
   devices and internal software databases -- can be blanked and
   reused. This operation is performed on the device which stores
   the data, not directly on the security databases, so the
   location must be referenced through the token name (-h) as well
   as any directory path. If there is no external token used, the
   default value is internal.
certutil -T -d [sql:]directory -h token-name -0 security-officer-passwor
d

   Many networks have dedicated personnel who handle changes to
   security tokens (the security officer). This person must supply
   the password to access the specified token. For example:
$ certutil -T -d sql:/home/my/sharednssdb -h nethsm -0 secret

   Upgrading or Merging the Security Databases

   Many networks or applications may be using older BerkeleyDB
   versions of the certificate database (cert8.db). Databases can
   be upgraded to the new SQLite version of the database
   (cert9.db) using the --upgrade-merge command option or existing
   databases can be merged with the new cert9.db databases using
   the ---merge command.

   The --upgrade-merge command must give information about the
   original database and then use the standard arguments (like -d)
   to give the information about the new databases. The command
   also requires information that the tool uses for the process to
   upgrade and write over the original database.
certutil --upgrade-merge -d [sql:]directory [-P dbprefix] --source-dir d
irectory --source-prefix dbprefix --upgrade-id id --upgrade-token-name n
ame [-@ password-file]

   For example:
$ certutil --upgrade-merge -d sql:/home/my/sharednssdb --source-dir /opt
/my-app/alias/ --source-prefix serverapp- --upgrade-id 1 --upgrade-token
-name internal

   The --merge command only requires information about the
   location of the original database; since it doesn't change the
   format of the database, it can write over information without
   performing interim step.
certutil --merge -d [sql:]directory [-P dbprefix] --source-dir directory
 --source-prefix dbprefix [-@ password-file]

   For example:
$ certutil --merge -d sql:/home/my/sharednssdb --source-dir /opt/my-app/
alias/ --source-prefix serverapp-

   Running certutil Commands from a Batch File

   A series of commands can be run sequentially from a text file
   with the -B command option. The only argument for this
   specifies the input file.
$ certutil -B -i /path/to/batch-file

NSS Database Types

   NSS originally used BerkeleyDB databases to store security
   information. The last versions of these legacy databases are:
     * cert8.db for certificates
     * key3.db for keys
     * secmod.db for PKCS #11 module information

   BerkeleyDB has performance limitations, though, which prevent
   it from being easily used by multiple applications
   simultaneously. NSS has some flexibility that allows
   applications to use their own, independent database engine
   while keeping a shared database and working around the access
   issues. Still, NSS requires more flexibility to provide a truly
   shared security database.

   In 2009, NSS introduced a new set of databases that are SQLite
   databases rather than BerkleyDB. These new databases provide
   more accessibility and performance:
     * cert9.db for certificates
     * key4.db for keys
     * pkcs11.txt, which is listing of all of the PKCS #11 modules
       contained in a new subdirectory in the security databases
       directory

   Because the SQLite databases are designed to be shared, these
   are the shared database type. The shared database type is
   preferred; the legacy format is included for backward
   compatibility.

   By default, the tools (certutil, pk12util, modutil) assume that
   the given security databases follow the more common legacy
   type. Using the SQLite databases must be manually specified by
   using the sql: prefix with the given security directory. For
   example:
$ certutil -L -d sql:/home/my/sharednssdb

   To set the shared database type as the default type for the
   tools, set the NSS_DEFAULT_DB_TYPE environment variable to sql:
export NSS_DEFAULT_DB_TYPE="sql"

   This line can be set added to the ~/.bashrc file to make the
   change permanent.

   Most applications do not use the shared database by default,
   but they can be configured to use them. For example, this
   how-to article covers how to configure Firefox and Thunderbird
   to use the new shared NSS databases:
     * https://wiki.mozilla.org/NSS_Shared_DB_Howto

   For an engineering draft on the changes in the shared NSS
   databases, see the NSS project wiki:
     * https://wiki.mozilla.org/NSS_Shared_DB

See Also

   pk12util (1)

   modutil (1)

   certutil has arguments or operations that use features defined
   in several IETF RFCs.
     * http://tools.ietf.org/html/rfc5280
     * http://tools.ietf.org/html/rfc1113
     * http://tools.ietf.org/html/rfc1485

   The NSS wiki has information on the new database design and how
   to configure applications to use it.
     * https://wiki.mozilla.org/NSS_Shared_DB_Howto
     * https://wiki.mozilla.org/NSS_Shared_DB

Additional Resources

   For information about NSS and other tools related to NSS (like
   JSS), check out the NSS project wiki at
   http://www.mozilla.org/projects/security/pki/nss/. The NSS site
   relates directly to NSS code changes and releases.

   Mailing lists:
   https://lists.mozilla.org/listinfo/dev-tech-crypto

   IRC: Freenode at #dogtag-pki

Authors

   The NSS tools were written and maintained by developers with
   Netscape, Red Hat, and Sun.

   Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey
   <dlackey@redhat.com>.

Copyright

   (c) 2010, Red Hat, Inc. Licensed under the GNU Public License
   version 2.
220 NSS tools : cmsutil
Name
221 NSS tools : crlutil
Name
222 NSS tools : modutil
Name
223 NSS tools : pk12util
Name
224 NSS tools : ssltab
Name
225 NSS tools : ssltap
Name
226 NSS tools : vfychain
Name
227 NSS tools : vfyserv
Name
228 NSS_Initialize
NSS_Initialize - initialize NSS.
229 troubleshoot.html
Newsgroup: mozilla.dev.tech.crypto
230 NSS release notes template
The NSS team has released Network Security Services (NSS) 3.XX, which is a minor release.
or
Network Security Services (NSS) 3.XX.y is a patch release for NSS 3.XX. The bug fixes in NSS 3.XX.y are described in the "Bugs Fixed" section below.
231 NSS sources building testing Build documentation, Guide, NSS, Security
Getting the source code of Network Security Services (NSS), how to build it, and how to run its test suite.
232 NSS troubleshooting NSS
On this page, let's collect information on how to troubleshoot NSS at runtime. Debugging tips, how to enable tracing of the various modules, etc.
233 NSS_3.11.10_release_notes.html
Newsgroup: <ahref="news: news.mozilla.org="" mozilla.dev.tech.crypto"="">mozilla.dev.tech.crypto</ahref="news:>
234 NSS_3.12.1_release_notes.html
Newsgroup: mozilla.dev.tech.crypto
235 NSS_3.12.2_release_notes.html
Newsgroup: mozilla.dev.tech.crypto
236 NSS_3.12.5_release_notes
This document was generated by genma teruaki on November 28, 2010 using texi2html 1.82.
237 NSS_3.12_release_notes.html
Newsgroup: mozilla.dev.tech.crypto
238 Notes on TLS - SSL 3.0 Intolerant Servers Gecko, NSS, Security
No summary!
239 Overview of NSS NSS
If you want add support for SSL, S/MIME, or other Internet security standards to your application, you can use Network Security Services (NSS) to implement all your security features. NSS provides a complete open-source implementation of the crypto libraries used by AOL, Red Hat, Google, and other companies in a variety of products, including the following:
240 PKCS #11 Netscape Trust Objects
PKCS #11 is a standard that defines ways to store certificates, keys and perform crypto operations. It does not specify a way to store trust objects.
241 PKCS 12 functions NSS
The public functions listed here perform PKCS #12 operations required by some of the NSS tools and other applications.
242 PKCS 7 functions NSS
The public functions listed here perform PKCS #7 operations required by mail and news applications and by some of the NSS tools.
243 PKCS11 NSS, Security
No summary!
244 PKCS #11 Module Specs NSS
No summary!
245 PKCS11 FAQ NSS, Security
No summary!
246 PKCS11 Module Installation NSS
PKCS11 modules are external modules which provide access to smart-card readers, biometric security devices, or external certificate stores. There are two methods for installing PKCS11 modules into Firefox. Users can use the preferences dialog to install or remove PKCS11 module. Extensions can programmatically manage PKCS11 modules using the nsIPKCS11 programming interface.
247 PKCS11 Implement
NOTE: This document was originally for the Netscape Security Library that came with Netscape Communicator 4.0. This note will be removed once the document is updated for the current version of NSS.
248 Python binding for NSS
python-nss is a Python binding for NSS (Network Security Services) and NSPR (Netscape Portable Runtime). NSS provides cryptography services supporting SSL, TLS, PKI, PKIX, X509, PKCS*, etc. NSS is an alternative to OpenSSL and used extensively by major software projects. NSS is FIPS-140 certified.
249 S/MIME functions NSS
The public functions listed here perform S/MIME operations using the S/MIME Toolkit.
250 SSL functions NSS
The public functions listed here are used to configure sockets for communication via the SSL and TLS protocols. In addition to the functions listed here, applications that support SSL use some of the Certificate functions, Crypto functions, and Utility functions described below on this page.
251 OLD SSL Reference NSS
Newsgroup: mozilla.dev.tech.crypto
Writer: Sean Cotter
Manager: Wan-Teh Chang
252 gtstd.html
No summary!
253 pkfnc.html
No summary!
254 sslcrt.html
No summary!
255 sslerr.html
256 sslfnc.html
No summary!
257 sslintro.html
No summary!
258 sslkey.html
No summary!
259 ssltyp.html
No summary!
260 TLS Cipher Suite Discovery NSS
No summary!
261 Utility functions NSS
The public functions listed here perform initialization tasks and other services.
262 modutil-tasks.html
No summary!
263 release notes.html
See https://developer.mozilla.org/docs/NSS/NSS_Releases for recent release notes. The links below are provided for historical information.
264 NSS_3.12.3_release_notes.html
Newsgroup: mozilla.dev.tech.crypto

Document Tags and Contributors

 Contributors to this page: fscholz
 Last updated by: fscholz,