Update NSS to 3.35-RTM

2 files changed, 82 insertions, 234 deletions

diff --git a/security/nss/doc/nroff/certutil.1 b/security/nss/doc/nroff/certutil.1
index b2a8bd2bb..80a02fc27 100644
--- a/security/nss/doc/nroff/certutil.1
+++ b/security/nss/doc/nroff/certutil.1
@@ -1,13 +1,13 @@
 '\" t
 .\"     Title: CERTUTIL
 .\"    Author: [see the "Authors" section]
-.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
-.\"      Date:  8 September 2016
+.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/>
+.\"      Date: 27 October 2017
 .\"    Manual: NSS Security Tools
 .\"    Source: nss-tools
 .\"  Language: English
 .\"
-.TH "CERTUTIL" "1" "8 September 2016" "nss-tools" "NSS Security Tools"
+.TH "CERTUTIL" "1" "27 October 2017" "nss-tools" "NSS Security Tools"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@@ -371,9 +371,9 @@ Read an alternate PQG value from the specified file when generating DSA key pair
 \fBcertutil\fR
 generates its own PQG value\&. PQG files are created with a separate DSA utility\&.
 .sp
-Elliptic curve name is one of the ones from nistp256, nistp384, nistp521, curve25519.
+Elliptic curve name is one of the ones from nistp256, nistp384, nistp521, curve25519\&.
 .sp
-If a token is available that supports more curves, the foolowing curves are supported as well: sect163k1, nistk163, sect163r1, sect163r2, nistb163,  sect193r1, sect193r2, sect233k1, nistk233, sect233r1, nistb233, sect239k1, sect283k1, nistk283, sect283r1, nistb283, sect409k1, nistk409, sect409r1, nistb409,  sect571k1, nistk571, sect571r1, nistb571, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, nistp192,  secp224k1, secp224r1, nistp224, secp256k1, secp256r1, secp384r1, secp521r1, prime192v1, prime192v2, prime192v3, prime239v1, prime239v2, prime239v3, c2pnb163v1, c2pnb163v2, c2pnb163v3, c2pnb176v1, c2tnb191v1, c2tnb191v2, c2tnb191v3, c2pnb208w1, c2tnb239v1, c2tnb239v2, c2tnb239v3, c2pnb272w1, c2pnb304w1, c2tnb359w1, c2pnb368w1, c2tnb431r1, secp112r1, secp112r2, secp128r1, secp128r2, sect113r1, sect113r2, sect131r1, sect131r2
+If a token is available that supports more curves, the foolowing curves are supported as well: sect163k1, nistk163, sect163r1, sect163r2, nistb163, sect193r1, sect193r2, sect233k1, nistk233, sect233r1, nistb233, sect239k1, sect283k1, nistk283, sect283r1, nistb283, sect409k1, nistk409, sect409r1, nistb409, sect571k1, nistk571, sect571r1, nistb571, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, nistp192, secp224k1, secp224r1, nistp224, secp256k1, secp256r1, secp384r1, secp521r1, prime192v1, prime192v2, prime192v3, prime239v1, prime239v2, prime239v3, c2pnb163v1, c2pnb163v2, c2pnb163v3, c2pnb176v1, c2tnb191v1, c2tnb191v2, c2tnb191v3, c2pnb208w1, c2tnb239v1, c2tnb239v2, c2tnb239v3, c2pnb272w1, c2pnb304w1, c2tnb359w1, c2pnb368w1, c2tnb431r1, secp112r1, secp112r2, secp128r1, secp128r2, sect113r1, sect113r2, sect131r1, sect131r2
 .RE
 .PP
 \-r
@@ -609,6 +609,24 @@ to generate the signature for a certificate being created or added to a database
 Set an alternate exponent value to use in generating a new RSA public key for the database, instead of the default value of 65537\&. The available alternate values are 3 and 17\&.
 .RE
 .PP
+\-\-pss
+.RS 4
+Restrict the generated certificate (with the
+\fB\-S\fR
+option) or certificate request (with the
+\fB\-R\fR
+option) to be used with the RSA\-PSS signature scheme\&. This only works when the private key of the certificate or certificate request is RSA\&.
+.RE
+.PP
+\-\-pss\-sign
+.RS 4
+Sign the generated certificate with the RSA\-PSS signature scheme (with the
+\fB\-C\fR
+or
+\fB\-S\fR
+option)\&. This only works when the private key of the signer\*(Aqs certificate is RSA\&. If the signer\*(Aqs certificate is restricted to RSA\-PSS, it is not necessary to specify this option\&.
+.RE
+.PP
 \-z noise\-file
 .RS 4
 Read a seed value from the specified file to generate a new private and public key pair\&. This argument makes it possible to use hardware\-generated seed values or manually create a value from the keyboard\&. The minimum file size is 20 bytes\&.
@@ -1512,7 +1530,8 @@ There are ways to narrow the keys listed in the search results:
 .IP \(bu 2.3
 .\}
 To return a specific key, use the
-\fB\-n\fR\fIname\fR
+\fB\-n\fR
+\fIname\fR
 argument with the name of the key\&.
 .RE
 .sp
@@ -1525,7 +1544,8 @@ argument with the name of the key\&.
 .IP \(bu 2.3
 .\}
 If there are multiple security devices loaded, then the
-\fB\-h\fR\fItokenname\fR
+\fB\-h\fR
+\fItokenname\fR
 argument can search a specific token or all tokens\&.
 .RE
 .sp
@@ -1538,7 +1558,8 @@ argument can search a specific token or all tokens\&.
 .IP \(bu 2.3
 .\}
 If there are multiple key types available, then the
-\fB\-k\fR\fIkey\-type\fR
+\fB\-k\fR
+\fIkey\-type\fR
 argument can search a specific type of key, like RSA, DSA, or ECC\&.
 .RE
 .PP
diff --git a/security/nss/doc/nroff/pk12util.1 b/security/nss/doc/nroff/pk12util.1
index c4fa972c0..e0a8da833 100644
--- a/security/nss/doc/nroff/pk12util.1
+++ b/security/nss/doc/nroff/pk12util.1
@@ -1,13 +1,13 @@
 '\" t
 .\"     Title: PK12UTIL
 .\"    Author: [see the "Authors" section]
-.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
-.\"      Date:  5 June 2014
+.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/>
+.\"      Date: 27 October 2017
 .\"    Manual: NSS Security Tools
 .\"    Source: nss-tools
 .\"  Language: English
 .\"
-.TH "PK12UTIL" "1" "5 June 2014" "nss-tools" "NSS Security Tools"
+.TH "PK12UTIL" "1" "27 October 2017" "nss-tools" "NSS Security Tools"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@@ -39,24 +39,24 @@ This documentation is still work in progress\&. Please contribute to the initial
 .SH "DESCRIPTION"
 .PP
 The PKCS #12 utility,
-\fBpk12util\fR, enables sharing certificates among any server that supports PKCS#12\&. The tool can import certificates and keys from PKCS#12 files into security databases, export certificates, and list certificates and keys\&.
+\fBpk12util\fR, enables sharing certificates among any server that supports PKCS #12\&. The tool can import certificates and keys from PKCS #12 files into security databases, export certificates, and list certificates and keys\&.
 .SH "OPTIONS AND ARGUMENTS"
 .PP
 \fBOptions\fR
 .PP
 \-i p12file
 .RS 4
-Import keys and certificates from a PKCS#12 file into a security database\&.
+Import keys and certificates from a PKCS #12 file into a security database\&.
 .RE
 .PP
 \-l p12file
 .RS 4
-List the keys and certificates in PKCS#12 file\&.
+List the keys and certificates in PKCS #12 file\&.
 .RE
 .PP
 \-o p12file
 .RS 4
-Export keys and certificates from the security database to a PKCS#12 file\&.
+Export keys and certificates from the security database to a PKCS #12 file\&.
 .RE
 .PP
 \fBArguments\fR
@@ -68,7 +68,7 @@ Specify the key encryption algorithm\&.
 .PP
 \-C certCipher
 .RS 4
-Specify the key cert (overall package) encryption algorithm\&.
+Specify the certiticate encryption algorithm\&.
 .RE
 .PP
 \-d [sql:]directory
@@ -432,7 +432,7 @@ Specify the pkcs #12 file password\&.
 .PP
 The most basic usage of
 \fBpk12util\fR
-for importing a certificate or key is the PKCS#12 input file (\fB\-i\fR) and some way to specify the security database being accessed (either
+for importing a certificate or key is the PKCS #12 input file (\fB\-i\fR) and some way to specify the security database being accessed (either
 \fB\-d\fR
 for a directory or
 \fB\-h\fR
@@ -467,7 +467,7 @@ pk12util: PKCS12 IMPORT SUCCESSFUL
 .PP
 Using the
 \fBpk12util\fR
-command to export certificates and keys requires both the name of the certificate to extract from the database (\fB\-n\fR) and the PKCS#12\-formatted output file to write to\&. There are optional parameters that can be used to encrypt the file to protect the certificate material\&.
+command to export certificates and keys requires both the name of the certificate to extract from the database (\fB\-n\fR) and the PKCS #12\-formatted output file to write to\&. There are optional parameters that can be used to encrypt the file to protect the certificate material\&.
 .PP
 pk12util \-o p12File \-n certname [\-c keyCipher] [\-C certCipher] [\-m|\-\-key_len keyLen] [\-n|\-\-cert_key_len certKeyLen] [\-d [sql:]directory] [\-P dbprefix] [\-k slotPasswordFile|\-K slotPassword] [\-w p12filePasswordFile|\-W p12filePassword]
 .PP
@@ -559,17 +559,17 @@ Certificate    Friendly Name: Thawte Freemail Member\*(Aqs Thawte Consulting (Pt
 .\}
 .SH "PASSWORD ENCRYPTION"
 .PP
-PKCS#12 provides for not only the protection of the private keys but also the certificate and meta\-data associated with the keys\&. Password\-based encryption is used to protect private keys on export to a PKCS#12 file and, optionally, the entire package\&. If no algorithm is specified, the tool defaults to using
-\fBPKCS12 V2 PBE with SHA1 and 3KEY Triple DES\-cbc\fR
-for private key encryption\&.
-\fBPKCS12 V2 PBE with SHA1 and 40 Bit RC4\fR
-is the default for the overall package encryption when not in FIPS mode\&. When in FIPS mode, there is no package encryption\&.
+PKCS #12 provides for not only the protection of the private keys but also the certificate and meta\-data associated with the keys\&. Password\-based encryption is used to protect private keys on export to a PKCS #12 file and, optionally, the associated certificates\&. If no algorithm is specified, the tool defaults to using PKCS #12 SHA\-1 and 3\-key triple DES for private key encryption\&. When not in FIPS mode, PKCS #12 SHA\-1 and 40\-bit RC4 is used for certificate encryption\&. When in FIPS mode, there is no certificate encryption\&. If certificate encryption is not wanted, specify
+\fB"NONE"\fR
+as the argument of the
+\fB\-C\fR
+option\&.
 .PP
 The private key is always protected with strong encryption by default\&.
 .PP
 Several types of ciphers are supported\&.
 .PP
-Symmetric CBC ciphers for PKCS#5 V2
+PKCS #5 password\-based encryption
 .RS 4
 .sp
 .RS 4
@@ -580,110 +580,13 @@ Symmetric CBC ciphers for PKCS#5 V2
 .sp -1
 .IP \(bu 2.3
 .\}
-DES\-CBC
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-RC2\-CBC
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-RC5\-CBCPad
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-DES\-EDE3\-CBC (the default for key encryption)
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-AES\-128\-CBC
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-AES\-192\-CBC
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-AES\-256\-CBC
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-CAMELLIA\-128\-CBC
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-CAMELLIA\-192\-CBC
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-CAMELLIA\-256\-CBC
+PBES2 with AES\-CBC\-Pad as underlying encryption scheme (\fB"AES\-128\-CBC"\fR,
+\fB"AES\-192\-CBC"\fR, and
+\fB"AES\-256\-CBC"\fR)
 .RE
 .RE
 .PP
-PKCS#12 PBE ciphers
+PKCS #12 password\-based encryption
 .RS 4
 .sp
 .RS 4
@@ -694,7 +597,9 @@ PKCS#12 PBE ciphers
 .sp -1
 .IP \(bu 2.3
 .\}
-PKCS #12 PBE with Sha1 and 128 Bit RC4
+SHA\-1 and 128\-bit RC4 (\fB"PKCS #12 V2 PBE With SHA\-1 And 128 Bit RC4"\fR
+or
+\fB"RC4"\fR)
 .RE
 .sp
 .RS 4
@@ -705,7 +610,7 @@ PKCS #12 PBE with Sha1 and 128 Bit RC4
 .sp -1
 .IP \(bu 2.3
 .\}
-PKCS #12 PBE with Sha1 and 40 Bit RC4
+SHA\-1 and 40\-bit RC4 (\fB"PKCS #12 V2 PBE With SHA\-1 And 40 Bit RC4"\fR) (used by default for certificate encryption in non\-FIPS mode)
 .RE
 .sp
 .RS 4
@@ -716,7 +621,9 @@ PKCS #12 PBE with Sha1 and 40 Bit RC4
 .sp -1
 .IP \(bu 2.3
 .\}
-PKCS #12 PBE with Sha1 and Triple DES CBC
+SHA\-1 and 3\-key triple\-DES (\fB"PKCS #12 V2 PBE With SHA\-1 And 3KEY Triple DES\-CBC"\fR
+or
+\fB"DES\-EDE3\-CBC"\fR)
 .RE
 .sp
 .RS 4
@@ -727,7 +634,9 @@ PKCS #12 PBE with Sha1 and Triple DES CBC
 .sp -1
 .IP \(bu 2.3
 .\}
-PKCS #12 PBE with Sha1 and 128 Bit RC2 CBC
+SHA\-1 and 128\-bit RC2 (\fB"PKCS #12 V2 PBE With SHA\-1 And 128 Bit RC2 CBC"\fR
+or
+\fB"RC2\-CBC"\fR)
 .RE
 .sp
 .RS 4
@@ -738,114 +647,11 @@ PKCS #12 PBE with Sha1 and 128 Bit RC2 CBC
 .sp -1
 .IP \(bu 2.3
 .\}
-PKCS #12 PBE with Sha1 and 40 Bit RC2 CBC
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-PKCS12 V2 PBE with SHA1 and 128 Bit RC4
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-PKCS12 V2 PBE with SHA1 and 40 Bit RC4 (the default for non\-FIPS mode)
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-PKCS12 V2 PBE with SHA1 and 3KEY Triple DES\-cbc
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-PKCS12 V2 PBE with SHA1 and 2KEY Triple DES\-cbc
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-PKCS12 V2 PBE with SHA1 and 128 Bit RC2 CBC
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-PKCS12 V2 PBE with SHA1 and 40 Bit RC2 CBC
+SHA\-1 and 40\-bit RC2 (\fB"PKCS #12 V2 PBE With SHA\-1 And 40 Bit RC2 CBC"\fR)
 .RE
 .RE
 .PP
-PKCS#5 PBE ciphers
-.RS 4
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-PKCS #5 Password Based Encryption with MD2 and DES CBC
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-PKCS #5 Password Based Encryption with MD5 and DES CBC
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-PKCS #5 Password Based Encryption with SHA1 and DES CBC
-.RE
-.RE
-.PP
-With PKCS#12, the crypto provider may be the soft token module or an external hardware module\&. If the cryptographic module does not support the requested algorithm, then the next best fit will be selected (usually the default)\&. If no suitable replacement for the desired algorithm can be found, the tool returns the error
+With PKCS #12, the crypto provider may be the soft token module or an external hardware module\&. If the cryptographic module does not support the requested algorithm, then the next best fit will be selected (usually the default)\&. If no suitable replacement for the desired algorithm can be found, the tool returns the error
 \fIno security module can perform the requested operation\fR\&.
 .SH "NSS DATABASE TYPES"
 .PP
@@ -987,6 +793,27 @@ For an engineering draft on the changes in the shared NSS databases, see the NSS
 .\}
 https://wiki\&.mozilla\&.org/NSS_Shared_DB
 .RE
+.SH "COMPATIBILITY NOTES"
+.PP
+The exporting behavior of
+\fBpk12util\fR
+has changed over time, while importing files exported with older versions of NSS is still supported\&.
+.PP
+Until the 3\&.30 release,
+\fBpk12util\fR
+used the UTF\-16 encoding for the PKCS #5 password\-based encryption schemes, while the recommendation is to encode passwords in UTF\-8 if the used encryption scheme is defined outside of the PKCS #12 standard\&.
+.PP
+Until the 3\&.31 release, even when
+\fB"AES\-128\-CBC"\fR
+or
+\fB"AES\-192\-CBC"\fR
+is given from the command line,
+\fBpk12util\fR
+always used 256\-bit AES as the underlying encryption scheme\&.
+.PP
+For historical reasons,
+\fBpk12util\fR
+accepts password\-based encryption schemes not listed in this document\&. However, those schemes are not officially supported and may have issues in interoperability with other tools\&.
 .SH "SEE ALSO"
 .PP
 certutil (1)