NSS functions
sn mxr 3.2 and later cert_findcertbynickname mxr 3.2 and later cert_findcertbynicknameoremailaddr mxr 3.2 and later cert_findcertbysubjectkeyid mxr 3.7 and later cert_findcertextension mxr 3.4 and later cert_findcertissuer mxr 3.3 and later cert_findkeyusageextension mxr 3.4 and later cert_findsmimeprofile mxr 3.2 and later cert_findsubjectkeyidextension mxr 3.7 and later cert_findusercertbyusage mxr 3.4 and later cert_findusercertsbyusage mxr 3.4 and later cert_finishcertificaterequestattributes mxr 3.10 and later cert_finishextensions mxr 3.5 and later cert_formatname mxr 3.2 and later ...
...te mxr 3.12 and later cert_nicknamestringsfromcertlist mxr 3.4 and later cert_opencertdbfilename mxr 3.2 and later cert_ocspcachesettings mxr 3.11.7 and later cert_pkixverifycert mxr 3.12 and later cert_removecertlistnode mxr 3.6 and later cert_rfc1485_escapeandquote mxr 3.2 and later cert_savesmimeprofile mxr 3.2 and later cert_setsloptime mxr 3.2 and later cert_setocspfailuremode mxr 3.11.7 and later cert_setocsptimeout mxr 3.12 and later cert_setusepkixforvalidation mxr 3.12 and later cert_startcertextensions mxr 3.5 and later cert_startcertificaterequestattributes mxr 3.10 and later c...
... nssrwlock_havewritelock mxr 3.2 and later nssrwlock_lockread mxr 3.2 and later nssrwlock_lockwrite mxr 3.2 and later nssrwlock_new mxr 3.2 and later nssrwlock_unlockread mxr 3.2 and later nssrwlock_unlockwrite mxr 3.2 and later nsssmime_versioncheck mxr 3.2.1 and later port_alloc mxr 3.2 and later port_arenaalloc mxr 3.2 and later port_arenagrow mxr 3.2 and later port_arenamark mxr 3.2 and later port_arenarelease mxr 3.2 and later port_arenastrdup mxr ...
...And 2 more matches

Rosetta - Archive of obsolete content
|*| http://www.gnu.org/licenses/gpl-3.0.html |*| |*| syntax: |*| |*| rosetta.appendcompiler([ "text/x-csrc", "text/x-c" ], yourcompiler); |*| \*/ var rosetta = new (function () { function createscript (oscript, oxhr200) { var smimetype = oscript.getattribute("type").tolowercase(), obaton = document.createcomment(" the previous code has been automatically translated from \"" + smimetype + "\" to \"text/ecmascript\".
... "); if (!odicts.hasownproperty(smimetype)) { alert("rosetta.translatescript() \u2013 unknown mime-type \"" + smimetype + "\": script ignored."); return; } var ocompiled = document.createelement("script"); oscript.parentnode.insertbefore(obaton, oscript); oscript.parentnode.removechild(oscript); for (var aattrs = oscript.attributes, nattr = 0; nattr < aattrs.length; nattr++) { ocompiled.setattribute(aattrs[nattr].name, aattrs[nattr].value); } ocompiled.type = "text\/ecmascript"; if (oxhr200) { ocompiled.src = "data:text\/javascript," + encodeuricomponent(odicts[smimetype](oxhr200.responsetext)); } ocompiled.text = oxhr200 ?
... "" : odicts[smimetype](oscript.text); obaton.parentnode.insertbefore(ocompiled, obaton); } function reqerror (oerror) { throw new urierror("the script " + oerror.target.src + " is not accessible."); } function reqsuccess () { createscript(this.refscript, this); } function getsource (oscript) { var oreq = new xmlhttprequest(); oreq.onload = reqsuccess; oreq.onerror = reqerror; oreq.refscript = oscript; oreq.open("get", oscript.src, true); oreq.send(null); } function parsescript (oscript) { if (oscript.hasattribute("type") && !rignoremimes.test(oscript.getattribute("type").tolowercase())) { oscript.hasattribute("src") ?

Certificate functions
sn mxr 3.2 and later cert_findcertbynickname mxr 3.2 and later cert_findcertbynicknameoremailaddr mxr 3.2 and later cert_findcertbysubjectkeyid mxr 3.7 and later cert_findcertextension mxr 3.4 and later cert_findcertissuer mxr 3.3 and later cert_findkeyusageextension mxr 3.4 and later cert_findsmimeprofile mxr 3.2 and later cert_findsubjectkeyidextension mxr 3.7 and later cert_findusercertbyusage mxr 3.4 and later cert_findusercertsbyusage mxr 3.4 and later cert_finishcertificaterequestattributes mxr 3.10 and later cert_finishextensions mxr 3.5 and later cert_formatname mxr 3.2 and later ...
...te mxr 3.12 and later cert_nicknamestringsfromcertlist mxr 3.4 and later cert_opencertdbfilename mxr 3.2 and later cert_ocspcachesettings mxr 3.11.7 and later cert_pkixverifycert mxr 3.12 and later cert_removecertlistnode mxr 3.6 and later cert_rfc1485_escapeandquote mxr 3.2 and later cert_savesmimeprofile mxr 3.2 and later cert_setsloptime mxr 3.2 and later cert_setocspfailuremode mxr 3.11.7 and later cert_setocsptimeout mxr 3.12 and later cert_setusepkixforvalidation mxr 3.12 and later cert_startcertextensions mxr 3.5 and later cert_startcertificaterequestattributes mxr 3.10 and later c...

S/MIME functions
setdigests mxr 3.2 and later nss_cmssigneddata_setdigestvalue mxr 3.4 and later nss_cmssigneddata_signerinfocount mxr 3.2 and later nss_cmssigneddata_verifycertsonly mxr 3.2 and later nss_cmssigneddata_verifysignerinfo mxr 3.2 and later nss_cmssignerinfo_addmssmimeenckeyprefs mxr 3.6 and later nss_cmssignerinfo_addsmimecaps mxr 3.2 and later nss_cmssignerinfo_addsmimeenckeyprefs mxr 3.2 and later nss_cmssignerinfo_addsigningtime mxr 3.2 and later nss_cmssignerinfo_create mxr 3.2 and later nss_cmssignerinfo_createwithsub...
...ssignerinfo_getsigningtime mxr 3.2 and later nss_cmssignerinfo_getverificationstatus mxr 3.2 and later nss_cmssignerinfo_getversion mxr 3.2 and later nss_cmssignerinfo_includecerts mxr 3.2 and later nss_cmsutil_verificationstatustostring mxr 3.2 and later nss_smimesignerinfo_savesmimeprofile mxr 3.4 and later nss_smimeutil_findbulkalgforrecipients mxr 3.2 and later ...

MCD, Mission Control Desktop, AKA AutoConfig - Archive of obsolete content
:23:08 cest 2011 defaults/pref/ 277 fri jun 24 20:23:08 cest 2011 defaults/pref/all-l10n.js 27221 fri jun 24 20:23:08 cest 2011 defaults/pref/all-thunderbird.js 5865 fri jun 24 20:23:08 cest 2011 defaults/pref/composer.js 42591 fri jun 24 20:23:08 cest 2011 defaults/pref/mailnews.js 806 fri jun 24 20:23:08 cest 2011 defaults/pref/mdn.js 267 fri jun 24 20:23:08 cest 2011 defaults/pref/smime.js 921 fri jun 24 20:23:08 cest 2011 defaults/pref/thunderbird-branding.js 347 fri jun 24 20:23:08 cest 2011 defaults/profile/prefs.js 84859 fri jun 24 20:23:08 cest 2011 greprefs.js however, "autoconfig" can still work in firefox 22, if it doesn't exist, you'll have to manually create the directory branch to set my ff-autoconfig.js in defaults/preferences/ : [root@calaz firefox]# mkdir...

Index
there are several available keywords: o sslclient o sslserver o smime o objectsigning o sslca o smimeca o objectsigningca o critical x.509 certificate extensions are described in rfc 5280.

Using JSS
spr4 nspr os abstraction layer http://ftp.mozilla.org/pub/mozilla.org/nspr/releases plc4 nspr standard c library replacement functions plds4 nspr data structure types nss3 nss crypto, pkcs #11, and utilities http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases ssl3 nss ssl library smime3 nss s/mime functions and types nssckbi pkcs #11 module containing built-in root ca certificates.

NSS 3.12.9 release notes
bug 596798: win_rand.c (among others) uses unsafe _snwprintf bug 597622: do not use the sec_error_bad_info_access_location error code for bad crl distribution point urls bug 619268: memory leaks in cert_changecerttrust and cert_savesmimeprofile bug 585518: addtrust qualified ca root serial wrong in certdata.txt trust entry bug 337433: need cert_findcertbynicknameoremailaddrbyusage bug 592939: expired cas in certdata.txt documentation <for a="" class="new " documentation="" href="/en/index.html#documentation" list="" nss="" of="" pages="" primary="" rel="internal" see="" the="" title="en/index.html#documentation">nss d...

NSS_3.12_release_notes.html
ev_m_stop_testing_on_fresh_info cert_rev_m_continue_testing_on_fresh_info cert_rev_mi_test_each_method_separately cert_rev_mi_test_all_local_information_first cert_rev_mi_no_overall_info_requirement cert_rev_mi_require_some_fresh_info_available cert_policy_flag_no_mapping cert_policy_flag_explicit cert_policy_flag_no_any cert_enable_ldap_fetch cert_enable_http_fetch new macro in utilrename.h: smime_aes_cbc_128 the nssckbi pkcs #11 module's version changed to 1.70.

NSS Developer Tutorial
only functions listed in the symbol export lists (nss.def, ssl.def, smime.def, etc.) are truly public functions.

Enc Dec MAC Using Key Wrap CertReq PKCS10 CSR
; goto cleanup; } rv = cert_changecerttrust(handle, cert, trust); } if (rv != secsuccess) { pr_fprintf(pr_stderr, "could not change trust on certificate : %s\n", port_errortostring(rv)); rv = secfailure; goto cleanup; } } if (emailcert) { cert_savesmimeprofile(cert, null, pwdata); } cleanup: if (cert) { cert_destroycertificate (cert); } if (trust) { port_free(trust); } if (certder.data) { port_free(certder.data); } return rv; } /* * create a certificate */ static secstatus createcert( certcertdbhandle *handle, pk11slotinfo *slot, char * issuer...

sample2
rv != secsuccess) { pr_fprintf(pr_stderr, "could not authenticate to token %s : %s\n", pk11_gettokenname(slot), port_errortostring(rv)); rv = secfailure; goto cleanup; } rv = cert_changecerttrust(handle, cert, trust); } if (rv != secsuccess) { pr_fprintf(pr_stderr, "could not change trust on certificate : %s\n", port_errortostring(rv)); rv = secfailure; goto cleanup; } } if (emailcert) { cert_savesmimeprofile(cert, null, pwdata); } cleanup: if (cert) { cert_destroycertificate (cert); } if (trust) { port_free(trust); } if (certder.data) { port_free(certder.data); } return rv; } /* * create a certificate */ static secstatus createcert( certcertdbhandle *handle, pk11slotinfo *slot, char * issuernickname, char *infilename, char *outfilename, seckeyprivatekey **selfsignprivkey, void *pwarg, secoidta...

Installation guide
nspr: libnspr4.so libplds4.so libplc4.so nss: (note the use of * for libfreebl -- some platforms have multiple ones) libfreebl*3.so libfreebl*3.chk libsoftokn3.so libsoftokn3.chk libnss3.so libsmime3.so libssl3.so libnssckbi.so ...

NSS tools : certutil
there are several available keywords: + sslclient + sslserver + smime + objectsigning + sslca + smimeca + objectsigningca + critical x.509 certificate extensions are described in rfc 5280.

Utility functions
nssrwlock_havewritelock mxr 3.2 and later nssrwlock_lockread mxr 3.2 and later nssrwlock_lockwrite mxr 3.2 and later nssrwlock_new mxr 3.2 and later nssrwlock_unlockread mxr 3.2 and later nssrwlock_unlockwrite mxr 3.2 and later nsssmime_versioncheck mxr 3.2.1 and later port_alloc mxr 3.2 and later port_arenaalloc mxr 3.2 and later port_arenagrow mxr 3.2 and later port_arenamark mxr 3.2 and later port_arenarelease mxr 3.2 and later port_arenastrdup mxr ...