Bug 1501587 - land NSS aa7940a0d822 UPGRADE_NSS_RELEASE, r=me
authorJ.C. Jones <jc@mozilla.com>
Wed, 14 Nov 2018 19:00:17 +0000
changeset 502930 95b2486e8c545fcd43cea96e84556d0267e94104
parent 502929 e88e746154edd216d2e315ead34c4d0c6205429c
child 502931 8affbbef5298262c208006fd22aa6ed650a30d81
push id10290
push userffxbld-merge
push dateMon, 03 Dec 2018 16:23:23 +0000
treeherdermozilla-beta@700bed2445e6 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersme
bugs1501587
milestone65.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1501587 - land NSS aa7940a0d822 UPGRADE_NSS_RELEASE, r=me
security/nss/TAG-INFO
security/nss/automation/abi-check/expected-report-libnss3.so.txt
security/nss/automation/abi-check/expected-report-libnssutil3.so.txt
security/nss/automation/abi-check/expected-report-libsmime3.so.txt
security/nss/cmd/certutil/certutil.c
security/nss/cmd/dbck/dbrecover.c
security/nss/cmd/ocspclnt/ocspclnt.c
security/nss/cmd/p7verify/p7verify.c
security/nss/cmd/smimetools/cmsutil.c
security/nss/cmd/vfychain/vfychain.c
security/nss/coreconf/coreconf.dep
security/nss/lib/certdb/certdb.c
security/nss/lib/certdb/certi.h
security/nss/lib/certdb/certt.h
security/nss/lib/certhigh/certvfy.c
security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
security/nss/lib/ssl/ssl3con.c
security/nss/lib/util/secoid.c
security/nss/lib/util/secoidt.h
security/nss/tests/chains/chains.sh
security/nss/tests/chains/scenarios/ipsec.cfg
security/nss/tests/chains/scenarios/realcerts.cfg
security/nss/tests/chains/scenarios/scenarios
security/nss/tests/libpkix/certs/PayPalEE.cert
security/nss/tests/libpkix/certs/PayPalICA.cert
security/nss/tests/libpkix/vfychain_test.lst
--- a/security/nss/TAG-INFO
+++ b/security/nss/TAG-INFO
@@ -1,1 +1,1 @@
-3b79af0fa294
+aa7940a0d822
--- a/security/nss/automation/abi-check/expected-report-libnss3.so.txt
+++ b/security/nss/automation/abi-check/expected-report-libnss3.so.txt
@@ -0,0 +1,18 @@
+
+1 function with some indirect sub-type change:
+
+  [C]'function SECStatus CERT_AddOCSPAcceptableResponses(CERTOCSPRequest*, SECOidTag, ...)' at ocsp.c:2203:1 has some indirect sub-type changes:
+    parameter 2 of type 'typedef SECOidTag' has sub-type changes:
+      underlying type 'enum __anonymous_enum__' at secoidt.h:34:1 changed:
+        type size hasn't changed
+        4 enumerator insertions:
+          '__anonymous_enum__::SEC_OID_X509_ANY_EXT_KEY_USAGE' value '357'
+          '__anonymous_enum__::SEC_OID_EXT_KEY_USAGE_IPSEC_IKE' value '358'
+          '__anonymous_enum__::SEC_OID_IPSEC_IKE_END' value '359'
+          '__anonymous_enum__::SEC_OID_IPSEC_IKE_INTERMEDIATE' value '360'
+
+        1 enumerator change:
+          '__anonymous_enum__::SEC_OID_TOTAL' from value '357' to '361' at secoidt.h:34:1
+
+
+
--- a/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt
+++ b/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt
@@ -0,0 +1,18 @@
+
+1 function with some indirect sub-type change:
+
+  [C]'function SECStatus NSS_GetAlgorithmPolicy(SECOidTag, PRUint32*)' at secoid.c:2217:1 has some indirect sub-type changes:
+    parameter 1 of type 'typedef SECOidTag' has sub-type changes:
+      underlying type 'enum __anonymous_enum__' at secoidt.h:34:1 changed:
+        type size hasn't changed
+        4 enumerator insertions:
+          '__anonymous_enum__::SEC_OID_X509_ANY_EXT_KEY_USAGE' value '357'
+          '__anonymous_enum__::SEC_OID_EXT_KEY_USAGE_IPSEC_IKE' value '358'
+          '__anonymous_enum__::SEC_OID_IPSEC_IKE_END' value '359'
+          '__anonymous_enum__::SEC_OID_IPSEC_IKE_INTERMEDIATE' value '360'
+
+        1 enumerator change:
+          '__anonymous_enum__::SEC_OID_TOTAL' from value '357' to '361' at secoidt.h:34:1
+
+
+
--- a/security/nss/automation/abi-check/expected-report-libsmime3.so.txt
+++ b/security/nss/automation/abi-check/expected-report-libsmime3.so.txt
@@ -0,0 +1,48 @@
+
+1 function with some indirect sub-type change:
+
+  [C]'function PK11SymKey* NSS_CMSContentInfo_GetBulkKey(NSSCMSContentInfo*)' at cmscinfo.c:363:1 has some indirect sub-type changes:
+    parameter 1 of type 'NSSCMSContentInfo*' has sub-type changes:
+      in pointed to type 'typedef NSSCMSContentInfo' at cmst.h:54:1:
+        underlying type 'struct NSSCMSContentInfoStr' at cmst.h:126:1 changed:
+          type size hasn't changed
+          1 data member changes (2 filtered):
+           type of 'NSSCMSContent NSSCMSContentInfoStr::content' changed:
+             underlying type 'union NSSCMSContentUnion' at cmst.h:113:1 changed:
+               type size hasn't changed
+               1 data member changes (3 filtered):
+                type of 'NSSCMSEncryptedData* NSSCMSContentUnion::encryptedData' changed:
+                  in pointed to type 'typedef NSSCMSEncryptedData' at cmst.h:65:1:
+                    underlying type 'struct NSSCMSEncryptedDataStr' at cmst.h:463:1 changed:
+                      type size hasn't changed
+                      1 data member changes (1 filtered):
+                       type of 'NSSCMSAttribute** NSSCMSEncryptedDataStr::unprotectedAttr' changed:
+                         in pointed to type 'NSSCMSAttribute*':
+                           in pointed to type 'typedef NSSCMSAttribute' at cmst.h:69:1:
+                             underlying type 'struct NSSCMSAttributeStr' at cmst.h:482:1 changed:
+                               type size hasn't changed
+                               1 data member change:
+                                type of 'SECOidData* NSSCMSAttributeStr::typeTag' changed:
+                                  in pointed to type 'typedef SECOidData' at secoidt.h:16:1:
+                                    underlying type 'struct SECOidDataStr' at secoidt.h:513:1 changed:
+                                      type size hasn't changed
+                                      1 data member change:
+                                       type of 'SECOidTag SECOidDataStr::offset' changed:
+                                         underlying type 'enum __anonymous_enum__' at secoidt.h:34:1 changed:
+                                           type size hasn't changed
+                                           4 enumerator insertions:
+                                             '__anonymous_enum__::SEC_OID_X509_ANY_EXT_KEY_USAGE' value '357'
+                                             '__anonymous_enum__::SEC_OID_EXT_KEY_USAGE_IPSEC_IKE' value '358'
+                                             '__anonymous_enum__::SEC_OID_IPSEC_IKE_END' value '359'
+                                             '__anonymous_enum__::SEC_OID_IPSEC_IKE_INTERMEDIATE' value '360'
+
+                                           1 enumerator change:
+                                             '__anonymous_enum__::SEC_OID_TOTAL' from value '357' to '361' at secoidt.h:34:1
+
+
+
+
+
+
+
+
--- a/security/nss/cmd/certutil/certutil.c
+++ b/security/nss/cmd/certutil/certutil.c
@@ -736,16 +736,19 @@ ValidateCert(CERTCertDBHandle *handle, c
             usage = certificateUsageVerifyCA;
             break;
         case 'C':
             usage = certificateUsageSSLClient;
             break;
         case 'V':
             usage = certificateUsageSSLServer;
             break;
+        case 'I':
+            usage = certificateUsageIPsec;
+            break;
         case 'S':
             usage = certificateUsageEmailSigner;
             break;
         case 'R':
             usage = certificateUsageEmailRecipient;
             break;
         case 'J':
             usage = certificateUsageObjectSigner;
@@ -1701,16 +1704,17 @@ luV(enum usage_level ul, const char *com
         "   -n cert-name");
     FPS "%-20s validity time (\"YYMMDDHHMMSS[+HHMM|-HHMM|Z]\")\n",
         "   -b time");
     FPS "%-20s Check certificate signature \n",
         "   -e ");
     FPS "%-20s Specify certificate usage:\n", "   -u certusage");
     FPS "%-25s C \t SSL Client\n", "");
     FPS "%-25s V \t SSL Server\n", "");
+    FPS "%-25s I \t IPsec\n", "");
     FPS "%-25s L \t SSL CA\n", "");
     FPS "%-25s A \t Any CA\n", "");
     FPS "%-25s Y \t Verify CA\n", "");
     FPS "%-25s S \t Email signer\n", "");
     FPS "%-25s R \t Email Recipient\n", "");
     FPS "%-25s O \t OCSP status responder\n", "");
     FPS "%-25s J \t Object signer\n", "");
     FPS "%-20s Cert database directory (default is ~/.netscape)\n",
--- a/security/nss/cmd/dbck/dbrecover.c
+++ b/security/nss/cmd/dbck/dbrecover.c
@@ -283,17 +283,18 @@ addCertToDB(certDBEntryCert *certEntry, 
     userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
                (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
                (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
     if (userCert)
         goto createcert;
 
     /*  If user chooses so, ignore expired certificates.  */
     allowOverride = (PRBool)((oldCert->keyUsage == certUsageSSLServer) ||
-                             (oldCert->keyUsage == certUsageSSLServerWithStepUp));
+                             (oldCert->keyUsage == certUsageSSLServerWithStepUp) ||
+                             (oldCert->keyUsage == certUsageIPsec));
     validity = CERT_CheckCertValidTimes(oldCert, PR_Now(), allowOverride);
     /*  If cert expired and user wants to delete it, ignore it. */
     if ((validity != secCertTimeValid) &&
         userSaysDeleteCert(&oldCert, 1, dbInvalidCert, info, 0)) {
         info->dbErrors[dbInvalidCert]++;
         if (info->verbose) {
             PR_fprintf(info->out, "Deleting expired certificate:\n");
             dumpCertificate(oldCert, -1, info->out);
--- a/security/nss/cmd/ocspclnt/ocspclnt.c
+++ b/security/nss/cmd/ocspclnt/ocspclnt.c
@@ -129,16 +129,18 @@ long_usage(char *progname)
     PR_fprintf(pr_stderr,
                "  %-13s Type of certificate usage for verification:\n",
                "-u usage");
     PR_fprintf(pr_stderr,
                "%-17s c   SSL Client\n", "");
     PR_fprintf(pr_stderr,
                "%-17s s   SSL Server\n", "");
     PR_fprintf(pr_stderr,
+               "%-17s I   IPsec\n", "");
+    PR_fprintf(pr_stderr,
                "%-17s e   Email Recipient\n", "");
     PR_fprintf(pr_stderr,
                "%-17s E   Email Signer\n", "");
     PR_fprintf(pr_stderr,
                "%-17s S   Object Signer\n", "");
     PR_fprintf(pr_stderr,
                "%-17s C   CA\n", "");
     PR_fprintf(pr_stderr,
@@ -903,16 +905,19 @@ cert_usage_from_char(const char *cert_us
 
     switch (*cert_usage_str) {
         case 'c':
             *cert_usage = certUsageSSLClient;
             break;
         case 's':
             *cert_usage = certUsageSSLServer;
             break;
+        case 'I':
+            *cert_usage = certUsageIPsec;
+            break;
         case 'e':
             *cert_usage = certUsageEmailRecipient;
             break;
         case 'E':
             *cert_usage = certUsageEmailSigner;
             break;
         case 'S':
             *cert_usage = certUsageObjectSigner;
--- a/security/nss/cmd/p7verify/p7verify.c
+++ b/security/nss/cmd/p7verify/p7verify.c
@@ -112,16 +112,17 @@ Usage(char *progName)
     fprintf(stderr, "%-25s  4 - certUsageEmailSigner\n", " ");
     fprintf(stderr, "%-25s  5 - certUsageEmailRecipient\n", " ");
     fprintf(stderr, "%-25s  6 - certUsageObjectSigner\n", " ");
     fprintf(stderr, "%-25s  7 - certUsageUserCertImport\n", " ");
     fprintf(stderr, "%-25s  8 - certUsageVerifyCA\n", " ");
     fprintf(stderr, "%-25s  9 - certUsageProtectedObjectSigner\n", " ");
     fprintf(stderr, "%-25s 10 - certUsageStatusResponder\n", " ");
     fprintf(stderr, "%-25s 11 - certUsageAnyCA\n", " ");
+    fprintf(stderr, "%-25s 12 - certUsageIPsec\n", " ");
 
     exit(-1);
 }
 
 static int
 HashDecodeAndVerify(FILE *out, FILE *content, PRFileDesc *signature,
                     SECCertUsage usage, char *progName)
 {
--- a/security/nss/cmd/smimetools/cmsutil.c
+++ b/security/nss/cmd/smimetools/cmsutil.c
@@ -110,16 +110,17 @@ Usage(void)
     fprintf(stderr, "%-25s  4 - certUsageEmailSigner\n", " ");
     fprintf(stderr, "%-25s  5 - certUsageEmailRecipient\n", " ");
     fprintf(stderr, "%-25s  6 - certUsageObjectSigner\n", " ");
     fprintf(stderr, "%-25s  7 - certUsageUserCertImport\n", " ");
     fprintf(stderr, "%-25s  8 - certUsageVerifyCA\n", " ");
     fprintf(stderr, "%-25s  9 - certUsageProtectedObjectSigner\n", " ");
     fprintf(stderr, "%-25s 10 - certUsageStatusResponder\n", " ");
     fprintf(stderr, "%-25s 11 - certUsageAnyCA\n", " ");
+    fprintf(stderr, "%-25s 12 - certUsageIPsec\n", " ");
 
     exit(-1);
 }
 
 struct optionsStr {
     char *pwfile;
     char *password;
     SECCertUsage certUsage;
--- a/security/nss/cmd/vfychain/vfychain.c
+++ b/security/nss/cmd/vfychain/vfychain.c
@@ -59,17 +59,18 @@ Usage(const char *progName)
             "\t-o oid\t\t Set policy OID for cert validation(Format OID.1.2.3)\n"
             "\t-p \t\t Use PKIX Library to validate certificate by calling:\n"
             "\t\t\t   * CERT_VerifyCertificate if specified once,\n"
             "\t\t\t   * CERT_PKIXVerifyCert if specified twice and more.\n"
             "\t-r\t\t Following certfile is raw binary DER (default)\n"
             "\t-t\t\t Following cert is explicitly trusted (overrides db trust).\n"
             "\t-u usage \t 0=SSL client, 1=SSL server, 2=SSL StepUp, 3=SSL CA,\n"
             "\t\t\t 4=Email signer, 5=Email recipient, 6=Object signer,\n"
-            "\t\t\t 9=ProtectedObjectSigner, 10=OCSP responder, 11=Any CA\n"
+            "\t\t\t 9=ProtectedObjectSigner, 10=OCSP responder, 11=Any CA,\n"
+            "\t\t\t 12=IPsec\n"
             "\t-T\t\t Trust both explicit trust anchors (-t) and the database.\n"
             "\t\t\t (Default is to only trust certificates marked -t, if there are any,\n"
             "\t\t\t or to trust the database if there are certificates marked -t.)\n"
             "\t-v\t\t Verbose mode. Prints root cert subject(double the\n"
             "\t\t\t argument for whole root cert info)\n"
             "\t-w password\t Database password.\n"
             "\t-W pwfile\t Password file.\n\n"
             "\tRevocation options for PKIX API(invoked with -pp options) is a\n"
--- a/security/nss/coreconf/coreconf.dep
+++ b/security/nss/coreconf/coreconf.dep
@@ -5,8 +5,9 @@
 
 /*
  * A dummy header file that is a dependency for all the object files.
  * Used to force a full recompilation of NSS in Mozilla's Tinderbox
  * depend builds.  See comments in rules.mk.
  */
 
 #error "Do not include this header file."
+
--- a/security/nss/lib/certdb/certdb.c
+++ b/security/nss/lib/certdb/certdb.c
@@ -441,16 +441,84 @@ cert_GetCertType(CERTCertificate *cert)
     nsCertType = cert_ComputeCertType(cert);
 
     /* Assert that it is safe to cast &cert->nsCertType to "PRInt32 *" */
     PORT_Assert(sizeof(cert->nsCertType) == sizeof(PRInt32));
     PR_ATOMIC_SET((PRInt32 *)&cert->nsCertType, nsCertType);
     return SECSuccess;
 }
 
+PRBool
+cert_EKUAllowsIPsecIKE(CERTCertificate *cert, PRBool *isCritical)
+{
+    SECStatus rv;
+    SECItem encodedExtKeyUsage;
+    CERTOidSequence *extKeyUsage = NULL;
+    PRBool result = PR_FALSE;
+
+    rv = CERT_GetExtenCriticality(cert->extensions,
+                                  SEC_OID_X509_EXT_KEY_USAGE,
+                                  isCritical);
+    if (rv != SECSuccess) {
+        *isCritical = PR_FALSE;
+    }
+
+    encodedExtKeyUsage.data = NULL;
+    rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE,
+                                &encodedExtKeyUsage);
+    if (rv != SECSuccess) {
+        /* EKU not present, allowed. */
+        result = PR_TRUE;
+        goto done;
+    }
+
+    extKeyUsage = CERT_DecodeOidSequence(&encodedExtKeyUsage);
+    if (!extKeyUsage) {
+        /* failure */
+        goto done;
+    }
+
+    if (findOIDinOIDSeqByTagNum(extKeyUsage,
+                                SEC_OID_X509_ANY_EXT_KEY_USAGE) ==
+        SECSuccess) {
+        result = PR_TRUE;
+        goto done;
+    }
+
+    if (findOIDinOIDSeqByTagNum(extKeyUsage,
+                                SEC_OID_EXT_KEY_USAGE_IPSEC_IKE) ==
+        SECSuccess) {
+        result = PR_TRUE;
+        goto done;
+    }
+
+    if (findOIDinOIDSeqByTagNum(extKeyUsage,
+                                SEC_OID_IPSEC_IKE_END) ==
+        SECSuccess) {
+        result = PR_TRUE;
+        goto done;
+    }
+
+    if (findOIDinOIDSeqByTagNum(extKeyUsage,
+                                SEC_OID_IPSEC_IKE_INTERMEDIATE) ==
+        SECSuccess) {
+        result = PR_TRUE;
+        goto done;
+    }
+
+done:
+    if (encodedExtKeyUsage.data != NULL) {
+        PORT_Free(encodedExtKeyUsage.data);
+    }
+    if (extKeyUsage != NULL) {
+        CERT_DestroyOidSequence(extKeyUsage);
+    }
+    return result;
+}
+
 PRUint32
 cert_ComputeCertType(CERTCertificate *cert)
 {
     SECStatus rv;
     SECItem tmpitem;
     SECItem encodedExtKeyUsage;
     CERTOidSequence *extKeyUsage = NULL;
     PRBool basicConstraintPresent = PR_FALSE;
@@ -1078,16 +1146,20 @@ CERT_KeyUsageAndTypeForCertUsage(SECCert
             case certUsageSSLClient:
                 requiredKeyUsage = KU_KEY_CERT_SIGN;
                 requiredCertType = NS_CERT_TYPE_SSL_CA;
                 break;
             case certUsageSSLServer:
                 requiredKeyUsage = KU_KEY_CERT_SIGN;
                 requiredCertType = NS_CERT_TYPE_SSL_CA;
                 break;
+            case certUsageIPsec:
+                requiredKeyUsage = KU_KEY_CERT_SIGN;
+                requiredCertType = NS_CERT_TYPE_SSL_CA;
+                break;
             case certUsageSSLCA:
                 requiredKeyUsage = KU_KEY_CERT_SIGN;
                 requiredCertType = NS_CERT_TYPE_SSL_CA;
                 break;
             case certUsageEmailSigner:
                 requiredKeyUsage = KU_KEY_CERT_SIGN;
                 requiredCertType = NS_CERT_TYPE_EMAIL_CA;
                 break;
@@ -1120,16 +1192,21 @@ CERT_KeyUsageAndTypeForCertUsage(SECCert
                  */
                 requiredKeyUsage = KU_DIGITAL_SIGNATURE;
                 requiredCertType = NS_CERT_TYPE_SSL_CLIENT;
                 break;
             case certUsageSSLServer:
                 requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT;
                 requiredCertType = NS_CERT_TYPE_SSL_SERVER;
                 break;
+            case certUsageIPsec:
+                /* RFC 4945 Section 5.1.3.2 */
+                requiredKeyUsage = KU_DIGITAL_SIGNATURE_OR_NON_REPUDIATION;
+                requiredCertType = 0;
+                break;
             case certUsageSSLServerWithStepUp:
                 requiredKeyUsage =
                     KU_KEY_AGREEMENT_OR_ENCIPHERMENT | KU_NS_GOVT_APPROVED;
                 requiredCertType = NS_CERT_TYPE_SSL_SERVER;
                 break;
             case certUsageSSLCA:
                 requiredKeyUsage = KU_KEY_CERT_SIGN;
                 requiredCertType = NS_CERT_TYPE_SSL_CA;
--- a/security/nss/lib/certdb/certi.h
+++ b/security/nss/lib/certdb/certi.h
@@ -289,16 +289,19 @@ SECStatus cert_DestroyLocks(void);
 extern SECStatus cert_GetCertType(CERTCertificate* cert);
 
 /*
  * compute and return the value of nsCertType for cert, but do not
  * update the CERTCertificate.
  */
 extern PRUint32 cert_ComputeCertType(CERTCertificate* cert);
 
+extern PRBool cert_EKUAllowsIPsecIKE(CERTCertificate* cert,
+                                     PRBool* isCritical);
+
 void cert_AddToVerifyLog(CERTVerifyLog* log, CERTCertificate* cert,
                          long errorCode, unsigned int depth, void* arg);
 
 /* Insert a DER CRL into the CRL cache, and take ownership of it.
  *
  * cert_CacheCRLByGeneralName takes ownership of the memory in crl argument
  * completely.  crl must be freeable by SECITEM_FreeItem. It will be freed
  * immediately if it is rejected from the CRL cache, or later during cache
--- a/security/nss/lib/certdb/certt.h
+++ b/security/nss/lib/certdb/certt.h
@@ -442,17 +442,18 @@ typedef enum SECCertUsageEnum {
     certUsageSSLCA = 3,
     certUsageEmailSigner = 4,
     certUsageEmailRecipient = 5,
     certUsageObjectSigner = 6,
     certUsageUserCertImport = 7,
     certUsageVerifyCA = 8,
     certUsageProtectedObjectSigner = 9,
     certUsageStatusResponder = 10,
-    certUsageAnyCA = 11
+    certUsageAnyCA = 11,
+    certUsageIPsec = 12
 } SECCertUsage;
 
 typedef PRInt64 SECCertificateUsage;
 
 #define certificateUsageCheckAllUsages (0x0000)
 #define certificateUsageSSLClient (0x0001)
 #define certificateUsageSSLServer (0x0002)
 #define certificateUsageSSLServerWithStepUp (0x0004)
@@ -460,18 +461,19 @@ typedef PRInt64 SECCertificateUsage;
 #define certificateUsageEmailSigner (0x0010)
 #define certificateUsageEmailRecipient (0x0020)
 #define certificateUsageObjectSigner (0x0040)
 #define certificateUsageUserCertImport (0x0080)
 #define certificateUsageVerifyCA (0x0100)
 #define certificateUsageProtectedObjectSigner (0x0200)
 #define certificateUsageStatusResponder (0x0400)
 #define certificateUsageAnyCA (0x0800)
+#define certificateUsageIPsec (0x1000)
 
-#define certificateUsageHighest certificateUsageAnyCA
+#define certificateUsageHighest certificateUsageIPsec
 
 /*
  * Does the cert belong to the user, a peer, or a CA.
  */
 typedef enum CERTCertOwnerEnum {
     certOwnerUser = 0,
     certOwnerPeer = 1,
     certOwnerCA = 2
--- a/security/nss/lib/certhigh/certvfy.c
+++ b/security/nss/lib/certhigh/certvfy.c
@@ -284,16 +284,20 @@ CERT_TrustFlagsForCACertUsage(SECCertUsa
             requiredFlags = CERTDB_TRUSTED_CLIENT_CA;
             trustType = trustSSL;
             break;
         case certUsageSSLServer:
         case certUsageSSLCA:
             requiredFlags = CERTDB_TRUSTED_CA;
             trustType = trustSSL;
             break;
+        case certUsageIPsec:
+            requiredFlags = CERTDB_TRUSTED_CA;
+            trustType = trustSSL;
+            break;
         case certUsageSSLServerWithStepUp:
             requiredFlags = CERTDB_TRUSTED_CA | CERTDB_GOVT_APPROVED_CA;
             trustType = trustSSL;
             break;
         case certUsageEmailSigner:
         case certUsageEmailRecipient:
             requiredFlags = CERTDB_TRUSTED_CA;
             trustType = trustEmail;
@@ -574,16 +578,17 @@ cert_VerifyCertChainOld(CERTCertDBHandle
         EXIT_IF_NOT_LOGGING(log);
         requiredCAKeyUsage = 0;
         caCertType = 0;
     }
 
     switch (certUsage) {
         case certUsageSSLClient:
         case certUsageSSLServer:
+        case certUsageIPsec:
         case certUsageSSLCA:
         case certUsageSSLServerWithStepUp:
         case certUsageEmailSigner:
         case certUsageEmailRecipient:
         case certUsageObjectSigner:
         case certUsageVerifyCA:
         case certUsageAnyCA:
         case certUsageStatusResponder:
@@ -640,17 +645,18 @@ cert_VerifyCertChainOld(CERTCertDBHandle
          * certifcates (except leaf (EE) certs, root CAs, and self-issued
          * intermediate CAs) to be verified against the name constraints
          * extension of the issuer certificate.
          */
         if (subjectCertIsSelfIssued == PR_FALSE) {
             CERTGeneralName *subjectNameList;
             int subjectNameListLen;
             int i;
-            PRBool getSubjectCN = (!count && certUsage == certUsageSSLServer);
+            PRBool getSubjectCN = (!count &&
+                                   (certUsage == certUsageSSLServer || certUsage == certUsageIPsec));
             subjectNameList =
                 CERT_GetConstrainedCertificateNames(subjectCert, arena,
                                                     getSubjectCN);
             if (!subjectNameList)
                 goto loser;
             subjectNameListLen = CERT_GetNamesLength(subjectNameList);
             if (!subjectNameListLen)
                 goto loser;
@@ -981,16 +987,17 @@ CERT_VerifyCACertForUsage(CERTCertDBHand
         EXIT_IF_NOT_LOGGING(log);
         requiredCAKeyUsage = 0;
         caCertType = 0;
     }
 
     switch (certUsage) {
         case certUsageSSLClient:
         case certUsageSSLServer:
+        case certUsageIPsec:
         case certUsageSSLCA:
         case certUsageSSLServerWithStepUp:
         case certUsageEmailSigner:
         case certUsageEmailRecipient:
         case certUsageObjectSigner:
         case certUsageVerifyCA:
         case certUsageStatusResponder:
             if (CERT_TrustFlagsForCACertUsage(certUsage, &requiredFlags,
@@ -1166,16 +1173,17 @@ cert_CheckLeafTrust(CERTCertificate *cer
     *failedFlags = 0;
     *trusted = PR_FALSE;
 
     /* check trust flags to see if this cert is directly trusted */
     if (CERT_GetCertTrust(cert, &trust) == SECSuccess) {
         switch (certUsage) {
             case certUsageSSLClient:
             case certUsageSSLServer:
+            case certUsageIPsec:
                 flags = trust.sslFlags;
 
                 /* is the cert directly trusted or not trusted ? */
                 if (flags & CERTDB_TERMINAL_RECORD) { /* the trust record is
                             * authoritative */
                     if (flags & CERTDB_TRUSTED) {     /* trust this cert */
                         *trusted = PR_TRUE;
                         return SECSuccess;
@@ -1342,45 +1350,48 @@ CERT_VerifyCertificate(CERTCertDBHandle 
         /* we don't have a place to return status for all usages,
            so we can skip checks for usages that aren't required */
         checkAllUsages = PR_FALSE;
     }
     valid = SECSuccess; /* start off assuming cert is valid */
 
     /* make sure that the cert is valid at time t */
     allowOverride = (PRBool)((requiredUsages & certificateUsageSSLServer) ||
-                             (requiredUsages & certificateUsageSSLServerWithStepUp));
+                             (requiredUsages & certificateUsageSSLServerWithStepUp) ||
+                             (requiredUsages & certificateUsageIPsec));
     validity = CERT_CheckCertValidTimes(cert, t, allowOverride);
     if (validity != secCertTimeValid) {
         valid = SECFailure;
         LOG_ERROR_OR_EXIT(log, cert, 0, validity);
     }
 
     /* check key usage and netscape cert type */
     cert_GetCertType(cert);
     certType = cert->nsCertType;
 
     for (i = 1; i <= certificateUsageHighest &&
                 (SECSuccess == valid || returnedUsages || log);) {
+        PRBool typeAndEKUAllowed = PR_TRUE;
         PRBool requiredUsage = (i & requiredUsages) ? PR_TRUE : PR_FALSE;
         if (PR_FALSE == requiredUsage && PR_FALSE == checkAllUsages) {
             NEXT_USAGE();
         }
         if (returnedUsages) {
             *returnedUsages |= i; /* start off assuming this usage is valid */
         }
         switch (certUsage) {
             case certUsageSSLClient:
             case certUsageSSLServer:
             case certUsageSSLServerWithStepUp:
             case certUsageSSLCA:
             case certUsageEmailSigner:
             case certUsageEmailRecipient:
             case certUsageObjectSigner:
             case certUsageStatusResponder:
+            case certUsageIPsec:
                 rv = CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_FALSE,
                                                       &requiredKeyUsage,
                                                       &requiredCertType);
                 if (rv != SECSuccess) {
                     PORT_Assert(0);
                     /* EXIT_IF_NOT_LOGGING(log); XXX ??? */
                     requiredKeyUsage = 0;
                     requiredCertType = 0;
@@ -1403,17 +1414,29 @@ CERT_VerifyCertificate(CERTCertDBHandle 
         }
         if (CERT_CheckKeyUsage(cert, requiredKeyUsage) != SECSuccess) {
             if (PR_TRUE == requiredUsage) {
                 PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
             }
             LOG_ERROR(log, cert, 0, requiredKeyUsage);
             INVALID_USAGE();
         }
-        if (!(certType & requiredCertType)) {
+        if (certUsage != certUsageIPsec) {
+            if (!(certType & requiredCertType)) {
+                typeAndEKUAllowed = PR_FALSE;
+            }
+        } else {
+            PRBool isCritical;
+            PRBool allowed = cert_EKUAllowsIPsecIKE(cert, &isCritical);
+            /* If the extension isn't critical, we allow any EKU value. */
+            if (isCritical && !allowed) {
+                typeAndEKUAllowed = PR_FALSE;
+            }
+        }
+        if (!typeAndEKUAllowed) {
             if (PR_TRUE == requiredUsage) {
                 PORT_SetError(SEC_ERROR_INADEQUATE_CERT_TYPE);
             }
             LOG_ERROR(log, cert, 0, requiredCertType);
             INVALID_USAGE();
         }
 
         rv = cert_CheckLeafTrust(cert, certUsage, &flags, &trusted);
@@ -1503,29 +1526,31 @@ cert_VerifyCertWithFlags(CERTCertDBHandl
     if (rv != SECSuccess) {
         PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
         LOG_ERROR_OR_EXIT(log, cert, 0, 0);
     }
 #endif
 
     /* make sure that the cert is valid at time t */
     allowOverride = (PRBool)((certUsage == certUsageSSLServer) ||
-                             (certUsage == certUsageSSLServerWithStepUp));
+                             (certUsage == certUsageSSLServerWithStepUp) ||
+                             (certUsage == certUsageIPsec));
     validity = CERT_CheckCertValidTimes(cert, t, allowOverride);
     if (validity != secCertTimeValid) {
         LOG_ERROR_OR_EXIT(log, cert, 0, validity);
     }
 
     /* check key usage and netscape cert type */
     cert_GetCertType(cert);
     certType = cert->nsCertType;
     switch (certUsage) {
         case certUsageSSLClient:
         case certUsageSSLServer:
         case certUsageSSLServerWithStepUp:
+        case certUsageIPsec:
         case certUsageSSLCA:
         case certUsageEmailSigner:
         case certUsageEmailRecipient:
         case certUsageObjectSigner:
         case certUsageStatusResponder:
             rv = CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_FALSE,
                                                   &requiredKeyUsage,
                                                   &requiredCertType);
@@ -1628,16 +1653,17 @@ CERT_VerifyCertNow(CERTCertDBHandle *han
 }
 
 /* [ FROM pcertdb.c ] */
 /*
  * Supported usage values and types:
  *  certUsageSSLClient
  *  certUsageSSLServer
  *  certUsageSSLServerWithStepUp
+ *  certUsageIPsec
  *  certUsageEmailSigner
  *  certUsageEmailRecipient
  *  certUsageObjectSigner
  */
 
 CERTCertificate *
 CERT_FindMatchingCert(CERTCertDBHandle *handle, SECItem *derName,
                       CERTCertOwner owner, SECCertUsage usage,
--- a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
@@ -2909,17 +2909,18 @@ PKIX_PL_Cert_CheckValidity(
                         PKIX_DATEGETPRTIMEFAILED);
         } else {
                 timeToCheck = PR_Now();
         }
 
         requiredUsages = ((PKIX_PL_NssContext*)plContext)->certificateUsage;
         allowOverride =
             (PRBool)((requiredUsages & certificateUsageSSLServer) ||
-                     (requiredUsages & certificateUsageSSLServerWithStepUp));
+                     (requiredUsages & certificateUsageSSLServerWithStepUp) ||
+                     (requiredUsages & certificateUsageIPsec));
         val = CERT_CheckCertValidTimes(cert->nssCert, timeToCheck, allowOverride);
         if (val != secCertTimeValid){
                 PKIX_ERROR(PKIX_CERTCHECKCERTVALIDTIMESFAILED);
         }
 
 cleanup:
         PKIX_RETURN(CERT);
 }
@@ -2996,18 +2997,27 @@ PKIX_PL_Cert_VerifyCertAndKeyType(
         /* use this key usage and cert type for certUsageAnyCA and
          * certUsageVerifyCA. */
 	requiredKeyUsage = KU_KEY_CERT_SIGN;
 	requiredCertType = NS_CERT_TYPE_CA;
     }
     if (CERT_CheckKeyUsage(cert->nssCert, requiredKeyUsage) != SECSuccess) {
         PKIX_ERROR(PKIX_CERTCHECKKEYUSAGEFAILED);
     }
-    if (!(certType & requiredCertType)) {
-        PKIX_ERROR(PKIX_CERTCHECKCERTTYPEFAILED);
+    if (certUsage != certUsageIPsec) {
+        if (!(certType & requiredCertType)) {
+            PKIX_ERROR(PKIX_CERTCHECKCERTTYPEFAILED);
+        }
+    } else {
+        PRBool isCritical;
+        PRBool allowed = cert_EKUAllowsIPsecIKE(cert->nssCert, &isCritical);
+        /* If the extension isn't critical, we allow any EKU value. */
+        if (isCritical && !allowed) {
+            PKIX_ERROR(PKIX_CERTCHECKCERTTYPEFAILED);
+        }
     }
 cleanup:
     PKIX_DECREF(basicConstraints);
     PKIX_RETURN(CERT);
 }
 
 /*
  * FUNCTION: PKIX_PL_Cert_VerifyKeyUsage (see comments in pkix_pl_pki.h)
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -88,18 +88,18 @@ static ssl3CipherSuiteCfg cipherSuites[s
  { TLS_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE },
  { TLS_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE },
  { TLS_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE },
 
  { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
  { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,   SSL_ALLOWED, PR_TRUE, PR_FALSE},
  { TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
  { TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,   SSL_ALLOWED, PR_TRUE, PR_FALSE},
- { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
- { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,   SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,   SSL_ALLOWED, PR_TRUE, PR_FALSE},
    /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is out of order to work around
     * bug 946147.
     */
  { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,    SSL_ALLOWED, PR_TRUE, PR_FALSE},
  { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,    SSL_ALLOWED, PR_TRUE, PR_FALSE},
  { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,      SSL_ALLOWED, PR_TRUE, PR_FALSE},
  { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
  { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,   SSL_ALLOWED, PR_TRUE, PR_FALSE},
@@ -109,17 +109,17 @@ static ssl3CipherSuiteCfg cipherSuites[s
  { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,   SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,     SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,        SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_ECDHE_RSA_WITH_RC4_128_SHA,          SSL_ALLOWED, PR_FALSE, PR_FALSE},
 
  { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,     SSL_ALLOWED, PR_TRUE,  PR_FALSE},
  { TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,SSL_ALLOWED,PR_TRUE,  PR_FALSE},
  { TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,     SSL_ALLOWED, PR_FALSE, PR_FALSE},
- { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,     SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,     SSL_ALLOWED, PR_TRUE,  PR_FALSE},
  { TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,     SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_DHE_RSA_WITH_AES_128_CBC_SHA,        SSL_ALLOWED, PR_TRUE,  PR_FALSE},
  { TLS_DHE_DSS_WITH_AES_128_CBC_SHA,        SSL_ALLOWED, PR_TRUE,  PR_FALSE},
  { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,     SSL_ALLOWED, PR_TRUE,  PR_FALSE},
  { TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,     SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,   SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,   SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_DHE_RSA_WITH_AES_256_CBC_SHA,        SSL_ALLOWED, PR_TRUE,  PR_FALSE},
@@ -138,17 +138,17 @@ static ssl3CipherSuiteCfg cipherSuites[s
  { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,       SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,    SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,      SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_ECDH_ECDSA_WITH_RC4_128_SHA,         SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_ECDH_RSA_WITH_RC4_128_SHA,           SSL_ALLOWED, PR_FALSE, PR_FALSE},
 
  /* RSA */
  { TLS_RSA_WITH_AES_128_GCM_SHA256,         SSL_ALLOWED, PR_TRUE,  PR_FALSE},
- { TLS_RSA_WITH_AES_256_GCM_SHA384,         SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_RSA_WITH_AES_256_GCM_SHA384,         SSL_ALLOWED, PR_TRUE,  PR_FALSE},
  { TLS_RSA_WITH_AES_128_CBC_SHA,            SSL_ALLOWED, PR_TRUE,  PR_FALSE},
  { TLS_RSA_WITH_AES_128_CBC_SHA256,         SSL_ALLOWED, PR_TRUE,  PR_FALSE},
  { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,       SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_RSA_WITH_AES_256_CBC_SHA,            SSL_ALLOWED, PR_TRUE,  PR_FALSE},
  { TLS_RSA_WITH_AES_256_CBC_SHA256,         SSL_ALLOWED, PR_TRUE,  PR_FALSE},
  { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,       SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_RSA_WITH_SEED_CBC_SHA,               SSL_ALLOWED, PR_FALSE, PR_FALSE},
  { TLS_RSA_WITH_3DES_EDE_CBC_SHA,           SSL_ALLOWED, PR_TRUE,  PR_FALSE},
--- a/security/nss/lib/util/secoid.c
+++ b/security/nss/lib/util/secoid.c
@@ -117,17 +117,19 @@ const char __nss_util_version[] = "Versi
 /* for DH algorithm */
 /* { iso(1) member-body(2) us(840) x9-57(10046) number-type(2) } */
 /* need real OID person to look at this, copied the above line
  * and added 6 to second to last value (and changed '4' to '2' */
 #define ANSI_X942_ALGORITHM 0x2a, 0x86, 0x48, 0xce, 0x3e, 0x2
 
 #define VERISIGN 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x45
 
-#define PKIX 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07
+#define INTERNET_SECURITY_MECH 0x2b, 0x06, 0x01, 0x05, 0x05
+
+#define PKIX INTERNET_SECURITY_MECH, 0x07
 #define PKIX_CERT_EXTENSIONS PKIX, 1
 #define PKIX_POLICY_QUALIFIERS PKIX, 2
 #define PKIX_KEY_USAGE PKIX, 3
 #define PKIX_ACCESS_DESCRIPTION PKIX, 0x30
 #define PKIX_OCSP PKIX_ACCESS_DESCRIPTION, 1
 #define PKIX_CA_ISSUERS PKIX_ACCESS_DESCRIPTION, 2
 
 #define PKIX_ID_PKIP PKIX, 5
@@ -355,16 +357,17 @@ CONST_OID x509CertificatePolicies[] = { 
 CONST_OID x509PolicyMappings[] = { ID_CE_OID, 33 };
 CONST_OID x509AuthKeyID[] = { ID_CE_OID, 35 };
 CONST_OID x509PolicyConstraints[] = { ID_CE_OID, 36 };
 CONST_OID x509ExtKeyUsage[] = { ID_CE_OID, 37 };
 CONST_OID x509FreshestCRL[] = { ID_CE_OID, 46 };
 CONST_OID x509InhibitAnyPolicy[] = { ID_CE_OID, 54 };
 
 CONST_OID x509CertificatePoliciesAnyPolicy[] = { ID_CE_OID, 32, 0 };
+CONST_OID x509ExtKeyUsageAnyUsage[] = { ID_CE_OID, 37, 0 };
 
 CONST_OID x509AuthInfoAccess[] = { PKIX_CERT_EXTENSIONS, 1 };
 CONST_OID x509SubjectInfoAccess[] = { PKIX_CERT_EXTENSIONS, 11 };
 
 CONST_OID x509SIATimeStamping[] = { PKIX_ACCESS_DESCRIPTION, 0x03 };
 CONST_OID x509SIACaRepository[] = { PKIX_ACCESS_DESCRIPTION, 0x05 };
 
 /* pkcs 12 additions */
@@ -449,18 +452,23 @@ CONST_OID pkixRegInfoUTF8Pairs[] = { PKI
 CONST_OID pkixRegInfoCertReq[] = { PKIX_ID_REGINFO, 2 };
 
 CONST_OID pkixExtendedKeyUsageServerAuth[] = { PKIX_KEY_USAGE, 1 };
 CONST_OID pkixExtendedKeyUsageClientAuth[] = { PKIX_KEY_USAGE, 2 };
 CONST_OID pkixExtendedKeyUsageCodeSign[] = { PKIX_KEY_USAGE, 3 };
 CONST_OID pkixExtendedKeyUsageEMailProtect[] = { PKIX_KEY_USAGE, 4 };
 CONST_OID pkixExtendedKeyUsageTimeStamp[] = { PKIX_KEY_USAGE, 8 };
 CONST_OID pkixOCSPResponderExtendedKeyUsage[] = { PKIX_KEY_USAGE, 9 };
+/* 17 replaces 5 + 6 + 7 (declared obsolete in RFC 4945) */
+CONST_OID pkixExtendedKeyUsageIPsecIKE[] = { PKIX_KEY_USAGE, 17 };
 CONST_OID msExtendedKeyUsageTrustListSigning[] = { MS_CRYPTO_EKU, 1 };
 
+CONST_OID ipsecIKEEnd[] = { INTERNET_SECURITY_MECH, 0x08, 0x02, 0x01 };
+CONST_OID ipsecIKEIntermediate[] = { INTERNET_SECURITY_MECH, 0x08, 0x02, 0x02 };
+
 /* OIDs for Netscape defined algorithms */
 CONST_OID netscapeSMimeKEA[] = { NETSCAPE_ALGS, 0x01 };
 
 /* Fortezza algorithm OIDs */
 CONST_OID skipjackCBC[] = { MISSI, 0x04 };
 CONST_OID dhPublicKey[] = { ANSI_X942_ALGORITHM, 0x1 };
 
 CONST_OID idea_CBC[] = { ASCOM_IDEA_ALG, 2 };
@@ -1749,16 +1757,32 @@ const static SECOidData oids[SEC_OID_TOT
     ODE(SEC_OID_TLS_FFDHE_8192,
         "TLS FFDHE 8192-bit key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
     ODE(SEC_OID_TLS_DHE_CUSTOM,
         "TLS DHE custom group key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
     OD(curve25519, SEC_OID_CURVE25519,
        "Curve25519", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
     ODE(SEC_OID_TLS13_KEA_ANY,
         "TLS 1.3 fake key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+    OD(x509ExtKeyUsageAnyUsage, SEC_OID_X509_ANY_EXT_KEY_USAGE,
+       "Any Extended Key Usage",
+       CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+    OD(pkixExtendedKeyUsageIPsecIKE,
+       SEC_OID_EXT_KEY_USAGE_IPSEC_IKE,
+       "IPsec IKE Certificate",
+       CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+    OD(ipsecIKEEnd,
+       SEC_OID_IPSEC_IKE_END,
+       "IPsec IKE End",
+       CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+    OD(ipsecIKEIntermediate,
+       SEC_OID_IPSEC_IKE_INTERMEDIATE,
+       "IPsec IKE Intermediate",
+       CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
 };
 
 /* PRIVATE EXTENDED SECOID Table
  * This table is private. Its structure is opaque to the outside.
  * It is indexed by the same SECOidTag as the oids table above.
  * Every member of this struct must have accessor functions (set, get)
  * and those functions must operate by value, not by reference.
  * The addresses of the contents of this table must not be exposed
--- a/security/nss/lib/util/secoidt.h
+++ b/security/nss/lib/util/secoidt.h
@@ -489,16 +489,21 @@ typedef enum {
     SEC_OID_TLS_FFDHE_6144 = 352,
     SEC_OID_TLS_FFDHE_8192 = 353,
     SEC_OID_TLS_DHE_CUSTOM = 354,
 
     SEC_OID_CURVE25519 = 355,
 
     SEC_OID_TLS13_KEA_ANY = 356,
 
+    SEC_OID_X509_ANY_EXT_KEY_USAGE = 357,
+    SEC_OID_EXT_KEY_USAGE_IPSEC_IKE = 358,
+    SEC_OID_IPSEC_IKE_END = 359,
+    SEC_OID_IPSEC_IKE_INTERMEDIATE = 360,
+
     SEC_OID_TOTAL
 } SECOidTag;
 
 #define SEC_OID_SECG_EC_SECP192R1 SEC_OID_ANSIX962_EC_PRIME192V1
 #define SEC_OID_SECG_EC_SECP256R1 SEC_OID_ANSIX962_EC_PRIME256V1
 #define SEC_OID_PKCS12_KEY_USAGE SEC_OID_X509_KEY_USAGE
 
 /* fake OID for DSS sign/verify */
--- a/security/nss/tests/chains/chains.sh
+++ b/security/nss/tests/chains/chains.sh
@@ -347,16 +347,22 @@ create_cert_req()
     OPTIONS=
 
     if [ "${TYPE}" != "EE" ]; then
         CA_FLAG="-2"
         EXT_DATA="y
 -1
 y
 "
+    else
+        CA_FLAG="-2"
+        EXT_DATA="n
+-1
+y
+"
     fi
 
     process_crldp
 
     echo "${EXT_DATA}" > ${CU_DATA}
 
     TESTNAME="Creating ${TYPE} certifiate request ${REQ}"
     echo "${SCRIPTNAME}: ${TESTNAME}"
@@ -1253,16 +1259,22 @@ process_scenario()
 
     while read AIA_FILE
     do
 	rm ${AIA_FILE} 2> /dev/null
     done < ${AIA_FILES}
     rm ${AIA_FILES}
 }
 
+# process ipsec.cfg separately
+chains_ipsec()
+{
+    process_scenario "ipsec.cfg"
+}
+
 # process ocspd.cfg separately
 chains_ocspd()
 {
     process_scenario "ocspd.cfg"
 }
 
 # process ocsp.cfg separately
 chains_method()
@@ -1274,29 +1286,31 @@ chains_method()
 # local shell function to process all testing scenarios
 ########################################################################
 chains_main()
 {
     while read LINE 
     do
         [ `echo ${LINE} | cut -b 1` != "#" ] || continue
 
+	[ ${LINE} != 'ipsec.cfg' ] || continue
 	[ ${LINE} != 'ocspd.cfg' ] || continue
 	[ ${LINE} != 'method.cfg' ] || continue
 
 	process_scenario ${LINE}
     done < "${CHAINS_SCENARIOS}"
 }
 
 ################################ main ##################################
 
 chains_init
 VERIFY_CLASSIC_ENGINE_TOO=
 chains_ocspd
 VERIFY_CLASSIC_ENGINE_TOO=1
+chains_ipsec
 chains_run_httpserv get
 chains_method
 chains_stop_httpserv
 chains_run_httpserv post
 chains_method
 chains_stop_httpserv
 VERIFY_CLASSIC_ENGINE_TOO=
 chains_run_httpserv random
new file mode 100644
--- /dev/null
+++ b/security/nss/tests/chains/scenarios/ipsec.cfg
@@ -0,0 +1,61 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+scenario IPsec
+
+entity Root
+  type Root
+
+entity CA1
+  type Intermediate
+  issuer Root 
+
+entity NoKU
+  type EE
+  issuer CA1
+
+entity DigSig
+  type EE
+  issuer CA1
+    ku digitalSignature
+
+entity NonRep
+  type EE
+  issuer CA1
+    ku nonRepudiation
+
+entity DigSigNonRepAndExtra
+  type EE
+  issuer CA1
+    ku digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement
+
+entity NoMatch
+  type EE
+  issuer CA1
+    ku keyEncipherment,dataEncipherment,keyAgreement
+
+db All
+
+import Root::C,,
+import CA1:Root:
+
+verify NoKU:CA1
+  usage 12
+  result pass
+
+verify DigSig:CA1
+  usage 12
+  result pass
+
+verify NonRep:CA1
+  usage 12
+  result pass
+
+verify DigSigNonRepAndExtra:CA1
+  usage 12
+  result pass
+
+verify NoMatch:CA1
+  usage 12
+  result fail
--- a/security/nss/tests/chains/scenarios/realcerts.cfg
+++ b/security/nss/tests/chains/scenarios/realcerts.cfg
@@ -16,14 +16,14 @@ import BrAirWaysBadSig:x:
 
 verify TestUser50:x
   result pass
 
 verify TestUser51:x
   result pass
 
 verify PayPalEE:x
-  policy OID.2.16.840.1.114412.1.1 
+  policy OID.2.16.840.1.114412.2.1 
   result pass
 
 verify BrAirWaysBadSig:x
   result fail
 
--- a/security/nss/tests/chains/scenarios/scenarios
+++ b/security/nss/tests/chains/scenarios/scenarios
@@ -17,8 +17,9 @@ bridgewithhalfaia.cfg
 bridgewithpolicyextensionandmapping.cfg
 realcerts.cfg
 dsa.cfg
 revoc.cfg
 ocsp.cfg
 crldp.cfg
 trustanchors.cfg
 nameconstraints.cfg
+ipsec.cfg
index d71fbb5016b2ac180a61303d2aa2732910aa7a4b..aef4086762a88dd5d7df06a7f4e23ea2f502c83c
GIT binary patch
literal 2012
zc$|$@c~BEq9Nyh53j_#+1c?Z;3Zim^mjDqjlv9L45d_aEgk%lL#3Uqvh@h3Ac-5mE
ziWfo!IUMjpDg)LF#i}59VDUg1k7}hNS^-hC*&qt`pYF`g?DzY<-}Sxsz6DytKY$iH
zQ$Rsr1hIgZ+*uY|ADU!cy}@<tp_})B8D{L98JyW`2E!%>5J=*f0Aq|2jbaQWI*MZj
z7$l%FOasIsu|J_y<8x&K&S+pwnoSrM8jXf6)VTyY7h51-&hZ3X(nVpoe2It(_T}P%
zE7XKcNC@#5zEmvatHp8|9z`gV2_^3D3&vWTalC=IE?WOAwl?De9rWgK^$?`r<Jf^Q
zWMXquW`t6l%vTfm_ev38CSIw}#bE$CX5xauD6E|_1A!^}_Q^hn84-q203qdT_)3Cf
z0cd181BRgo;COO*Q$`L>rqcl<2Gw8J?=rbkCgyYKz??K1GK`}5GCV}CB8CwZ!B2_c
zOI=BR*c>LX93;rZKOh{BN>V7~N;StCSPgPRBWY9cQxtqDNgB|?<A-kqYyeTTusNi&
zQxPo;LrsPK4@Ymly=7j*t@yPWjGEg$joB9zE#gHKm#WPWGoo6v``C>4j3aBpqiu}h
z3bC29uS3^Gfj&o_0+|r8qT=|}(5KfXWi|O!Ej??SI=3Wl0CSz^VnK)dr>XMYYI-(C
zR&nvGE_Woc(tb|+j^gc=EqR*wUFXYB1V8e3JiX{_H}|`p53p0IkqH*|328r97PX!0
z4b9A86)&u9s{XO3i?*^Pj<vnq(#D|Ei@x?x$D{d;zaGsltw!_1tWP|vy#093@tJ2U
zgaZ1-MOG3_TDjka*U%@a0M4@oS#MP#ucH#Uk+ed$b+Nk&gzMt>+SpQWZ93&Tv7&yU
zygKZ3DnfxF_<)wu544mXV6P+5&H-hCQEQkpZ$uQg7F4`^6B0)yZj8Ix*Vk$e?8pT)
zbQH?0o%XbJGL*NLo6@9t1uu`KrU+_4dNJvzqv`uV`flwvd!e;V5UbR3Wy)}ysd@ww
z3`b@H-f+ki63K*At{{{nLKMT1)z^~pcnKj;tMq1?V7Y4esUQ!iojDADLQx80P%t>w
z1auT&Vn(_{ZD3$XfxmnqAc=I_qcR``o(0?jkjYL^s}<AS-33ai$B0Ynu1er@-H2p2
zmHq;{iMVXtn*T<5{-3B&vMi1U06#DVGmgs)hBF7G2n?LTq@m^zc$6)fRi#V&tzfwO
zM??Wb%s`ZG3d10M!%z$iqiJ9za2&z_&SZV=OfFC<M&tmIUsfTRK|}rXNw;cbu^~+&
zC22^Jz6#Qy9{Ky~=28PwaxMnRJ_5*_xEiDCm83NVK@n67%XF^<PJlE}QH}BTD%L{g
z`dY>>S49fy46i)&-Ixa_A88tCm(1>2KoCq!tMpHUAd~_HgCJxabfqoFIc}Ex@N4+P
zUAJp~8D`Oe5uU7z4|&R$MS<8BW8IQ$jy-P<?}L3^_k4}t^oo6jNq%|%_yv@zyVq3N
zz5hE9N`hjT*lzdR=Q?k^?Kl;1%%>qJxu$Lxed(F5oV@7Pjm`Hz7jDxR4gvuPu5fRx
zWvx5Ted=Y?<g>Fq?&{VVhc31IdSK`ACGWati4Z)o(T^V1_i^%z=hwwsr*=u69e$ki
zgqJm679(=)l)iceB}27s59;hUC7#I6aoAa&l{&|JK`!-B<TIP?JA}NgV_Vh@mJLYI
zmz@Iw$$8%>_D<cAu|G!9$PDRw*Tnt!0=kns)uXn<wz>aJ=o|#MEbUF5tXk~Fm7@ED
z(-<o!60cZ!-HG+ex38D>KEdO^`B70wSuA{!|6_wSdy;#YiFa=8lFRu_@1HskIyl)+
zml(E(hx*b#z8vVy+1l*p<Tw5G%x7gMXbabOHO+U<{cGQ@qS0BZ=Os_?J({Jwv%rSC
z&1l?~iYa-`3w%UEi}c?XoTi=5+py<QH)~a52&eOC?D!vYOWTpv^{XCNwt69L_}wkP
zXHfhc(&9?OqQMcTy3JkTWg8}U*uA;ns46o|+=Fhjb>q3THi)0xx|&hjoOC9u$~>Em
zTRoIU9xMxv$q8)PB;nUR3U?HxwiXR^RDF7PQgZh)mfP_*_i<O*d-dvB`2&^h_I9%S
fJy89v1D=SJgH2G>1Tc3ouh;w>e?2deed@};tXa?O
index 07e025defbc58b3190f341c520ba3d26fc4cd59e..dd14c1b21886d9e63559403e819aa2ac2b516b9b
GIT binary patch
literal 1210
zc$_n6V%cWU#5`{SGZP~dlK@ZUN|y~if>RYHCB{F>mTflRW#iOp^Jx3d%gD&h%3zRV
z$Zf#M#vIDRCd?EXY$$3V4B~JJ^SETDXF8`Al_+@TB^yc_h=YW=g$2sX%k@%#QprFm
zz2y8{Lu~_1kQB495?qHzW_pH#V{vh5QDR<ls)B2nLQsBwiGs7Eft)z6p|PQXk&&U1
z0T4uq^BP$oaSci-b&ZLE5yUmxa2>%Ojz$Wu6(y;8DXA$6VTn1JDTyVS`FRS#sYPX}
zMIdK2F)AU43nME7a}y&!15licsfm%1;d<~AmcSn~mx+0Jr>n1;?0LcREzgDx4DBD&
zHQHKx`jT($+2~;L=<?S$OIam$*xDVPDQ@&eqUYB~o@FVDt*6-qOg02{Xv=5JzO=Dl
zXv5}9&pYJh-&>T21jjd2+UrTJS|R7H&AWPg@=nw3wIX{Wz3&HlU0V2v=h1|w_N;ZU
zuBTj^5&GiqdZ~b%kUfH*{(60yyStw6%hi2-Vx2;vHx3k<y!&=X_sx-Z)wbRnicdE9
z@^s#@R1?4Z?fR6~8!U<ibMy26$Lx}P=z2OVT%%5g*D-w6_8scGH$M5L^<GiARBEm6
z>^9S$Iptf6*WQ?-`{Xmv+;<24lIp|{6wcGR_wlEIhNLkQGb01z;wDB<V2HRH2mwP_
zR+y3TKMRKe8<1jRWH8_ZiSdKPSb*uS%|I5!S7i}15MkrcW@BV!WoKrDvzQD_U~EQ4
z77YV60~HwGfU!*?qokz3N?$)exwrr&at*vehRU<J7&sX?EU;T((`E%#np~7)f}&I(
z7W<&22v3QwVW4#A?5GD+Z(s{DOo7GB0F-1{fJ_DhEdvdhJD3>7WI%=&15HOyWctnl
z!4MDfv52vV*j^4;dTqhlcb~lyxKb}GUitCk8oz-&NLrai!a%G+WTV~TOy(c^-5IaU
zP?O?ddY_!4eHbkpGJ{gt+-(;ov^{KNdV6%i2NRi+gS};E+PGGH@al59W`AO(@7fxU
zwa>N%>{uk_+rhq3Q}NF8TgPk^A3PTHELc+|%edr}pjG(l+Hft0lE0T_TO|VShr5?9
ztPNGrb2kqt>Zxy%zLeCj%N%v<@QH=zbb=N!B)=}+Rd~WvU3q#+>pTm-waFPayMh`c
zDi`bU+`pIm+VIn^1vNPzb*?<zTi#;Me9ma=iCK+OUX%Q+-Db7^YhLtoUeDq)ym6at
z&$CqYi-=Sk%{k7nEau48g`vGsVHr!53Rc-P7T%n@!qxiA({GCc?;fvCdXdjl@_NUu
dAN$*RD+4A@m@Q#FF;e}bsfO@swYsa{s{jRJsulnM
--- a/security/nss/tests/libpkix/vfychain_test.lst
+++ b/security/nss/tests/libpkix/vfychain_test.lst
@@ -1,4 +1,4 @@
 # Status | Leaf Cert | Policies | Others(undef)
 0 TestUser50 undef
 0 TestUser51 undef
-0 PayPalEE OID.2.16.840.1.114412.1.1
+0 PayPalEE OID.2.16.840.1.114412.2.1