EV enablement for 6 roots. b=493709 r=kaie
authorEddy Nigg <eddy_nigg@startcom.org>
Fri, 22 May 2009 11:41:44 -0400
changeset 28724 0b821db9a67e
parent 28723 8b297d7065d8
child 28725 7509164476e8
push id7213
push userjnightingale@mozilla.com
push date2009-05-22 15:48 +0000
treeherdermozilla-central@7509164476e8 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskaie
bugs493709
milestone1.9.2a1pre
EV enablement for 6 roots. b=493709 r=kaie

WellsSecure, SECOM Trust, StartCom, SwissSign, Cybertrust, DigiNotar
security/manager/ssl/src/nsIdentityChecking.cpp
--- a/security/manager/ssl/src/nsIdentityChecking.cpp
+++ b/security/manager/ssl/src/nsIdentityChecking.cpp
@@ -77,16 +77,86 @@ struct nsMyTrustedEVInfo
   char *ev_root_sha1_fingerprint;
   char *issuer_base64;
   char *serial_base64;
   CERTCertificate *cert;
 };
 
 static struct nsMyTrustedEVInfo myTrustedEVInfos[] = {
   {
+    // CN=WellsSecure Public Root Certificate Authority,OU=Wells Fargo Bank NA,O=Wells Fargo WellsSecure,C=US
+    "2.16.840.1.114171.500.9",
+    "WellsSecure EV OID",
+    SEC_OID_UNKNOWN,
+    "E7:B4:F6:9D:61:EC:90:69:DB:7E:90:A7:40:1A:3C:F4:7D:4F:E8:EE",
+    "MIGFMQswCQYDVQQGEwJVUzEgMB4GA1UECgwXV2VsbHMgRmFyZ28gV2VsbHNTZWN1"
+    "cmUxHDAaBgNVBAsME1dlbGxzIEZhcmdvIEJhbmsgTkExNjA0BgNVBAMMLVdlbGxz"
+    "U2VjdXJlIFB1YmxpYyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eQ==",
+    "AQ==",
+    nsnull
+  },
+  {
+    // OU=Security Communication EV RootCA1,O="SECOM Trust Systems CO.,LTD.",C=JP
+    "1.2.392.200091.100.721.1",
+    "SECOM EV OID",
+    SEC_OID_UNKNOWN,
+    "FE:B8:C4:32:DC:F9:76:9A:CE:AE:3D:D8:90:8F:FD:28:86:65:64:7D",
+    "MGAxCzAJBgNVBAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENP"
+    "LixMVEQuMSowKAYDVQQLEyFTZWN1cml0eSBDb21tdW5pY2F0aW9uIEVWIFJvb3RD"
+    "QTE=",
+    "AA==",
+    nsnull
+  },
+  {
+    // CN=Cybertrust Global Root,O=Cybertrust, Inc
+    "1.3.6.1.4.1.6334.1.100.1",
+    "Cybertrust EV OID",
+    SEC_OID_UNKNOWN,
+    "5F:43:E5:B1:BF:F8:78:8C:AC:1C:C7:CA:4A:9A:C6:22:2B:CC:34:C6",
+    "MDsxGDAWBgNVBAoTD0N5YmVydHJ1c3QsIEluYzEfMB0GA1UEAxMWQ3liZXJ0cnVz"
+    "dCBHbG9iYWwgUm9vdA==",
+    "BAAAAAABD4WqLUg=",
+    nsnull
+  },
+  {
+    // E=info@diginotar.nl,CN=DigiNotar Root CA,O=DigiNotar,C=NL
+    "2.16.528.1.1001.1.1.1.12.6.1.1.1",
+    "DigiNotar EV OID",
+    SEC_OID_UNKNOWN,
+    "C0:60:ED:44:CB:D8:81:BD:0E:F8:6C:0B:A2:87:DD:CF:81:67:47:8C",
+    "MF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQKEwlEaWdpTm90YXIxGjAYBgNVBAMTEURp"
+    "Z2lOb3RhciBSb290IENBMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5u"
+    "bA==",
+    "DHbanJEMTiye/hXQWJM8TA==",
+    nsnull
+  },
+  {
+    // CN=SwissSign Gold CA - G2,O=SwissSign AG,C=CH
+    "2.16.756.1.89.1.2.1.1",
+    "SwissSign EV OID",
+    SEC_OID_UNKNOWN,
+    "D8:C5:38:8A:B7:30:1B:1B:6E:D4:7A:E6:45:25:3A:6F:9F:1A:27:61",
+    "MEUxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMT"
+    "FlN3aXNzU2lnbiBHb2xkIENBIC0gRzI=",
+    "ALtAHEP1Xk+w",
+    nsnull
+  },
+  {
+    // CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL
+    "1.3.6.1.4.1.23223.2",
+    "StartCom EV OID",
+    SEC_OID_UNKNOWN,
+    "3E:2B:F7:F2:03:1B:96:F3:8C:E6:C4:D8:A8:5D:3E:2D:58:47:6A:0F",
+    "MH0xCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYDVQQL"
+    "EyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMSkwJwYDVQQDEyBT"
+    "dGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eQ==",
+    "AQ==",
+    nsnull
+  },
+  {
     // CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU="(c) 2006 VeriSign, Inc. - For authorized use only",OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
     "2.16.840.1.113733.1.7.23.6",
     "VeriSign EV OID",
     SEC_OID_UNKNOWN,
     "4E:B6:D5:78:49:9B:1C:CF:5F:58:1E:AD:56:BE:3D:9B:67:44:A5:E5",
     "MIHKMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNV"
     "BAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA2IFZl"
     "cmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMT"