Name: boot/shim Summary: Binaries for UEFI Secure Boot Publisher: solaris Version: 0.9 Build Release: 5.11 Branch: 11.4.0.0.1.14.0 Packaging Date: Tue Aug 14 15:30:56 2018 Size: 2.25 MB Compressed Size: 714.87 kB FMRI: pkg://solaris/boot/shim@0.9,5.11-11.4.0.0.1.14.0:20180814T153056Z License: Shim is licensed under an overarching BSD license and have some subcomponents licensed under OpenSSL licenses. It also contains a certificate from DigiCert. ./COPYRIGHT: ./netboot.c: ./replacements.c: ./shim.c: Copyright 2012 Red Hat, Inc Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Significant portions of this code are derived from Tianocore (http://tianocore.sf.net) and are Copyright 2009-2012 Intel Corporation. Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
* Copyright (c) 1998- 2014 The OpenSSL Project. All rights reserved. ./Cryptlib/Include/openssl/: ./Cryptlib/OpenSSL/crypto/: ./Cryptlib/OpenSSL/e_os.h: /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions -- * 1. Redistributions of source code must retain the copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * "This product includes cryptographic software written by * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * * Portions of the attached software ("Contribution") are developed by * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. * * The Contribution is licensed pursuant to the Eric Young open source * license provided above. * * The binary polynomial arithmetic software is originally written by * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. * */ * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * ECDH support in OpenSSL originally developed by * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * * Portions of the attached software ("Contribution") are developed by * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. * * The Contribution is licensed pursuant to the OpenSSL open source * license provided above. * * The elliptic curve binary polynomial software is originally written by * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. * * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * * The Elliptic Curve Public-Key Crypto Library (ECC Code) included * herein is developed by SUN MICROSYSTEMS, INC., and is contributed * to the OpenSSL project. * * The ECC Code is licensed pursuant to the OpenSSL open source * license provided below. * * The ECDH software is originally written by Douglas Stebila of * Sun Microsystems Laboratories. * * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * ECDH support in OpenSSL originally developed by * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * * Portions of the attached software ("Contribution") are developed by * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. * * The Contribution is licensed pursuant to the OpenSSL open source * license provided above. * * ECC cipher suite support in OpenSSL originally written by * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. * * Copyright (c) 2004, Richard Levitte * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ * @author Vincent Rijmen * @author Antoon Bosselaers * @author Paulo Barreto * * This code is hereby placed in the public domain. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * Binary polynomial ECC support in OpenSSL originally developed by * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */ /* * Blowfish as implemented from 'Blowfish: Springer-Verlag paper' (From * LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, CAMBRIDG E * SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) */ * Copyright Patrick Powell 1995 * This code is based on code written by Patrick Powell * It may be used for any purpose as long as this notice remains intact * on all source code distributions. */ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * * Portions of the attached software ("Contribution") are developed by * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. * * The Contribution is licensed pursuant to the Eric Young open source * license provided above. * * The binary polynomial arithmetic software is originally written by * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * * The Elliptic Curve Public-Key Crypto Library (ECC Code) included * herein is developed by SUN MICROSYSTEMS, INC., and is contributed * to the OpenSSL project. * * The ECC Code is licensed pursuant to the OpenSSL open source * license provided below. * * In addition, Sun covenants to all licensees who provide a reciprocal * covenant with respect to their own patents if any, not to sue under * current and future patent claims necessarily infringed by the making, * using, practicing, selling, offering for sale and/or otherwise * disposing of the ECC Code as delivered hereunder (or portions thereof), * provided that such covenant shall not apply: * 1) for code that a licensee deletes from the ECC Code; * 2) separates from the ECC Code; or * 3) for infringements caused by: * i) the modification of the ECC Code or * ii) the combination of the ECC Code with other software or * devices where such combination causes the infringement. * * The software is originally written by Sheueling Chang Shantz and * Douglas Stebila of Sun Microsystems Laboratories. * NOTE: This file is licensed pursuant to the OpenSSL license below and may * be modified; but after modifications, the above covenant may no longer * apply! In such cases, the corresponding paragraph ["In addition, Sun * covenants ... causes the infringement."] and this note can be edited out; * but please keep the Sun copyright notice and attribution. */ * Invert a, reduce modulo p, and store the result in r. r could be a. Uses * Modified Almost Inverse Algorithm (Algorithm 10) from Hankerson, D., * Hernandez, J.L., and Menezes, A. "Software Implementation of Elliptic * Curve Cryptography Over Binary Fields". * From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer IEEE * Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40 This module in * only based on the code in this paper and is almost definitely not the sam e * as the MIT implementation. /* @(#)des.h 2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI */ /* * Sun RPC is a product of Sun Microsystems, Inc. and is provided for * unrestricted use provided that this legend is included on all tape * media and as a part of the software program in whole or part. Users * may copy or modify Sun RPC without charge, but are not authorized * to license or distribute it to anyone else except as part of a product or * program developed by the user. * * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. * * Sun RPC is provided with no support and without any obligation on the * part of Sun Microsystems, Inc. to assist in its use, correction, * modification or enhancement. * * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC * OR ANY PART THEREOF. * * In no event will Sun Microsystems, Inc. be liable for any lost revenue * or profits or other special, indirect and consequential damages, even if * Sun has been advised of the possibility of such damages. * * Sun Microsystems, Inc. * 2550 Garcia Avenue * Mountain View, California 94043 */ /* * Generic DES driver interface * Keep this file hardware independent! * Copyright (c) 1986 by Sun Microsystems, Inc. */ /* Original version from Steven Schoch */ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * ECDH support in OpenSSL originally developed by * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * * The Elliptic Curve Public-Key Crypto Library (ECC Code) included * herein is developed by SUN MICROSYSTEMS, INC., and is contributed * to the OpenSSL project. * * The ECC Code is licensed pursuant to the OpenSSL open source * license provided below. * * The software is originally written by Sheueling Chang Shantz and * Douglas Stebila of Sun Microsystems Laboratories. * * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * * The Elliptic Curve Public-Key Crypto Library (ECC Code) included * herein is developed by SUN MICROSYSTEMS, INC., and is contributed * to the OpenSSL project. * * The ECC Code is licensed pursuant to the OpenSSL open source * license provided below. * * The software is originally written by Sheueling Chang Shantz and * Douglas Stebila of Sun Microsystems Laboratories. * */ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * Portions originally developed by SUN MICROSYSTEMS, INC., and * contributed to the OpenSSL project. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * * Portions of the attached software ("Contribution") are developed by * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. * * The Contribution is licensed pursuant to the OpenSSL open source * license provided above. * * The elliptic curve binary polynomial software is originally written by * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * Portions of this software developed by SUN MICROSYSTEMS, INC., * and contributed to the OpenSSL project. */ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * * The Elliptic Curve Public-Key Crypto Library (ECC Code) included * herein is developed by SUN MICROSYSTEMS, INC., and is contributed * to the OpenSSL project. * * The ECC Code is licensed pursuant to the OpenSSL open source * license provided below. * * The ECDH software is originally written by Douglas Stebila of * Sun Microsystems Laboratories. * */ * Copyright (c) 2002 Bob Beck * Copyright (c) 2002 Theo de Raadt * Copyright (c) 2002 Markus Friedl * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * ECDH support in OpenSSL originally developed by * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * * The Elliptic Curve Public-Key Crypto Library (ECC Code) included * herein is developed by SUN MICROSYSTEMS, INC., and is contributed * to the OpenSSL project. * * The ECC Code is licensed pursuant to the OpenSSL open source * license provided below. * * The ECDH engine software is originally written by Nils Gura and * Douglas Stebila of Sun Microsystems Laboratories. * * symbol names have been changed, with permission from the author. */ /* $LP: LPlib/source/LPdir.h,v 1.1 2004/06/14 08:56:04 _cvs_levitte Exp $ */ /* * Copyright (c) 2004, Richard Levitte * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ -- * http://developer.intel.com/design/security/rng/redist_license.htm */ * This seeding method was proposed in Peter Gutmann, Software * Generation of Practically Strong Random Numbers, * http://www.usenix.org/publications/library/proceedings/sec98/gutmann.html * revised version at http://www.cryptoengines.com/~peter/06_random.pdf * (The assignment of entropy estimates below is arbitrary, but based * on Peter's analysis the full poll appears to be safe. Additional * interactive seeding is encouraged.) -- * the original copyright message is: * * (C) Copyright Microsoft Corp. 1993. All rights reserved. * * You have a royalty-free right to use, modify, reproduce and * distribute the Sample Files (and/or any modified version) in * any way you find useful, provided that you agree that * Microsoft has no warranty obligations or liability for any * Sample Application Files which are modified. * Written by Ulf Moeller. This software is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. */ /* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */ /* Copyright (c) 2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions -- * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ /* Calaculates and sets the affine coordinates of an EC_POINT from the given * compressed coordinates. Uses algorithm 2.3.4 of SEC 1. * Note that the simple implementation only uses affine coordinates. * * This algorithm is patented by Certicom Corp. under US Patent 6,141,420 * (for licensing information, contact licensing@certicom.com). * This function is disabled by default and can be enabled by defining the * preprocessor macro OPENSSL_EC_BIN_PT_COMP at Configure-time. */ ./crypt_blowfish.c: * Written by Solar Designer in 1998-2011. * No copyright is claimed, and the software is hereby placed in the public * domain. In case this attempt to disclaim copyright and place the software * in the public domain is deemed null and void, then the software is * Copyright (c) 1998-2011 Solar Designer and it is hereby released to the * general public under the following terms: * * Redistribution and use in source and binary forms, with or without * modification, are permitted. * -- * as part of a software package, or anywhere else to improve security, * ensure compatibility, or for any other purpose. I would appreciate * it if you give credit where it is due and keep your modifications in * the public domain as well, but I don't require that in order to let * you place this code and any modifications you make under a license * of your choice. * * This implementation is mostly compatible with OpenBSD's bcrypt.c (prefix * "$2a$") by Niels Provos , and uses some of his * ideas. The password hashing algorithm was designed by David Mazieres ./crypt_blowfish.h: * Written by Solar Designer in 2000-2011. * No copyright is claimed, and the software is hereby placed in the public * domain. In case this attempt to disclaim copyright and place the software * in the public domain is deemed null and void, then the software is * Copyright (c) 2000-2011 Solar Designer and it is hereby released to the * general public under the following terms: * * Redistribution and use in source and binary forms, with or without * modification, are permitted. * ./fallback.c: * Copyright 2012-2013 Red Hat, Inc. * All rights reserved. * * See "COPYING" for license terms. * * Author(s): Peter Jones */ ./include/PeImage.h: Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.
Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php. THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. ./lib/configtable.c: * Copyright 2013 * * see COPYING file * ./lib/console.c: * Copyright 2012 * Copyright 2013 Red Hat Inc. * * see COPYING file */ ./lib/execute.c: * Copyright 2012 * * see COPYING file * Code Copyright 2012 Red Hat, Inc * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the * distribution. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * */ ./lib/guid.c: ./lib/security_policy.c: ./lib/shell.c: ./lib/simple_file.c: * Copyright 2012 * * see COPYING file */ ./lib/variables.c: * Copyright 2012 * * see COPYING file * -- * Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.
* This program and the accompanying materials * are licensed and made available under the terms and conditions of the BSD License * which accompanies this distribution. The full text of the license may be found * at * http://opensource.org/licenses/bsd-license.php * * THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, * WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. ./replacements.h: * Copyright 2013 Red Hat, Inc * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the * distribution. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. */ ./ucs2.h: * Copyright 2013 Red Hat, Inc * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the * distribution. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * Significant portions of this code are derived from Tianocore * (http://tianocore.sf.net) and are Copyright 2009-2012 Intel * Corporation. */ The Certificate is issued to Oracle Corporation: https://www.digicert.com/ssl-cps-repository.htm This certificate is intended for the following purpose(s): Ensures software came from software publisher Protects software from alteration after publication 2.16.840.1.114412.3.2 Issued to: Oracle Corporation Issued by: DigiCert EV Code Signing CA (SHA2) Valid from 6/25/2014 to 6/30/2017 DigiCert Certificate Terms of Use These terms apply to each digital certificate (Certificate) issued by DigiCert, Inc., a Utah corporation (DigiCert) to an entity, as identified in the account or issued certificates (Customer). Customer and DigiCert agree as follows: Requests. Customer may request SSL Certificates only for domain names registered to Customer, an affiliate of Customer, or an entity that expressly authorizes DigiCert to allow Customer to obtain and manage Certificates for the domain name. DigiCert may limit the number of domain names that Customer may include in a single Certificate in its sole discretion. Verification. After receiving a request for a Certificate through the Account, DigiCert will review the request and attempt to verify the relevant information in accordance with the DigiCert CPS and industry guidelines. Verification is subject to DigiCerts sole satisfaction, and DigiCert may refuse to issue a Certificate for any reason. DigiCert shall notify Customer if a certificate request is refused and provide a reason for the refusal. Certificate Practices Statement or CPS means DigiCerts written statement of the policies and practices used to operate its PKI infrastructure. DigiCerts CPS documents are available at https://www.digicert.com/ssl-cps-repository.htm. Certificate Life Cycle. The lifecycle of an issued Certificate depends on the selection made by Customer when ordering the Certificate, the requirements in the CPS, and the intended use of the Certificate. DigiCert may modify Certificate lifecycles for unissued Certificates as necessary to comply with requirements of (i) the agreement with Customer, (ii) industry standards, (iii) DigiCerts auditors, or (iv) an Application Software Vendor. Customer shall not use Certificates after their expiration date. Application Software Vendors means an entity that displays or uses Certificates in connection with a distributed root store in which DigiCert participates or will participate. Certificates containing internal server names or private IP addresses must expire on or before Nov 1, 2015. Issuance. If verification is completed to DigiCerts satisfaction, DigiCert will issue the requested Certificate and deliver the Certificate to Customer. DigiCert may deliver the Certificate using any reasonable means of delivery. Typically, DigiCert will deliver Certificates via email to an address specified by Customer, as an electronic download in the Account, or in response to an API call made by Customer. Certificates are issued from a DigiCert root or intermediate certificate selected by DigiCert. Customer shall abide by all applicable laws and regulations when ordering and using Certificates, including United States export laws. Customer is responsible for obtaining and maintaining any license necessary to distribute the Certificates to end users and systems. Customer acknowledges that the Certificates are not available in countries restricted by the Office of Foreign Assets Control. Certificate License. Effective immediately after delivery and continuing until the Certificate expires or is revoked, Customer may use, for the benefit of the Certificates subject, each issued Certificate and corresponding Key Set for the purposes described in the CPS, in accordance with all applicable laws, and in accordance with terms herein. Customer shall promptly inform DigiCert if it becomes aware of any misuse of a Certificate, private key, or the Account. Customer is responsible for obtaining and maintaining any authorization or license necessary to use a Certificate, including any license required under United States export laws. Management. DigiCert will generally issue, manage, renew, and/or Revoke a Certificate in accordance with any instructions submitted by Customer through the Account or API and may rely on such instructions as accurate. Although DigiCert may send a reminder about expiring Certificates, DigiCert is under no obligation to do so, and Customer is solely responsible for ensuring Certificates are renewed prior to expiration. Security and Use of Key Sets. Customer shall protect the key sets associated with a Certificate and take all steps necessary to prevent the compromise, loss or unauthorized use of a private key associated with a Certificate. Customer shall request revocation of any Certificate if Customer has reason to believe that the integrity or reliability of a Certificate is compromised. If Customer suspects misuse or compromise of a private key, Customer shall promptly notify DigiCert, cease using the Certificate, and request revocation of the Certificate. Customer shall promptly cease using the key set corresponding to a Certificate upon the earlier of (i) revocation of the Certificate and (ii) the date when the allowed usage period for the Key Set expires. Defective Certificates. If a Certificate contains a defect, DigiCert shall use commercially reasonable efforts to cure the defect after receiving notice from Customer. DigiCert is not obligated to correct a defect if (i) Customer misused, damaged, or modified the Certificate, (ii) Customer did not promptly report the defect to DigiCert, or (iii) Customer has breached any provision of this Agreement. Relying Party Warranty. Customer acknowledges that the Relying Party Warranty is only for the benefit of Relying Parties. Customer does not have rights under the warranty, including any right to enforce the terms of the warranty or make a claim under the warranty. Relying Party means an entity other than Customer that acts in reliance on a Certificate or a digital signature. An Application Software Vendor is not a Relying Party when the software distributed by the Application Software Vendor merely displays information regarding a Certificate or facilitates the use of the Certificate or digital signature. Relying Party Warranty means a warranty offered to a Relying Party that meets the conditions found in the Relying Party Warranty Agreement posted on DigiCerts website at https://www.digicert.com/docs/agreements/DigiCert_RPA.pdf. Representations. For each requested Certificate, Customer represents to DigiCert that: Customer has the right to use or is the lawful owner of (i) any domain name(s) specified in the Certificate and (ii) any common name or organization name specified in the Certificate, the individual accepting the agreement is expressly authorized by the Customer to sign and enter into a legally valid and enforceable agreement to obtain a form of digital identity for the Customer, Customer has read, understands, and agrees to the CPS, and the organization included in the certificate and the registered domain name holder is aware of and approves of each Certificate request. By accepting an agreement that incorporates these terms, the signer is entering into a legally valid and enforceable agreement to obtain a form of digital identity for the Customer. The signer acknowledges that he/she has the authority to obtain the digital equivalent of a company stamp, seal, or officer's signature to establish the authenticity of the Customers website, and that the Customer is responsible for all uses of an Certificate. By accepting an agreement on behalf of the Customer, the signer represents that he/she (i) is acting as an authorized representative of the Customer, (ii) is expressly authorized by Customer to sign agreements and approve Certificate requests on Customers behalf, and (iii) has or will confirm Customers exclusive right to use the domain(s) to be included in any issued Certificates. Restrictions. Customer shall only use a TLS/SSL Certificate on the servers accessible at the domain names listed in the issued Certificate. Customer shall not: modify, sub license, or create a derivative work of any Certificate (except as required to use the Certificate for its intended purpose) or Private Key, upload or distribute any files or software that may damage the operation of anothers computer, make representations about or use a Certificate except as allowed in the CPS, impersonate or misrepresent Customers affiliation with any entity, use the Certificates or any related software (such as a DigiCert account) in a manner that could reasonably result in a civil or criminal action being taken against Customer or DigiCert, use a Certificate or related software to breach the confidence of a third party or to send or receive unsolicited bulk correspondence, interfere with the proper functioning of the DigiCert website or with any transactions conducted through the DigiCert website, attempt to use a Certificate to issue other Certificates, or intentionally create a private key that is substantially similar to a DigiCert or third party private key. Certificate Revocation. DigiCert may revoke a Certificate without notice for the reasons stated in the CPS, including if DigiCert reasonably believes that: Customer requested revocation of the Certificate or did not authorize the issuance of the Certificate, Customer has breached its agreement or an obligation it has under the CPS, any provision of the agreement with customer containing a representation or obligation related to the issuance, use, management, or revocation of the Certificate terminates or is held invalid, Customer is added to a government prohibited person or entity list or is operating from a prohibited destination under the laws of the United States, the Certificate contains inaccurate or misleading information, the Certificate was used outside of its intended purpose or used to sign malicious software, the private key associated with a Certificate was disclosed or compromised, the Certificate was(a) misused, (b) used or issued contrary to law, the CPS, or industry standards, or (c) used, directly or indirectly, for illegal or fraudulent purposes, industry standards or DigiCerts CPS require Certificate revocation, or revocation is necessary to protect the rights, confidential information, operations, or reputation of DigiCert or a third party. After revocation, Customer shall cease using the Certificate and remove the Certificate from all devices where it is installed and cease using the Certificate. Industry Standards. Both parties shall comply with all industry and privacy standards that apply to the Certificates. If industry standards change, DigiCert and Customer shall work together in good faith to amend the applicable agreement, modify issued certificates, and comply with the changes. Equipment. Customer is responsible, at Customers expense, for (i) all computers, telecommunication equipment, software, access to the Internet, and communications networks (if any) required to use the Certificates and related DigiCert software or services, and (ii) Customers conduct and its website maintenance, operation, development, and content. Certificate Beneficiaries. Relying parties and Application Software Vendors are express third party beneficiaries of Customers obligations and representations related to the use or issuance of a Certificate. The relying parties and Application Software Vendors are not express third party beneficiaries with respect to any DigiCert software. DIGICERT CERTIFICATE SUBSCRIBER AGREEMENT PLEASE READ THIS AGREEMENT CAREFULLY BEFORE PROCEEDING. YOU MUST CHECK "I AGREE" BELOW TO ACKNOWLEDGE THAT YOU HAVE READ THIS AGREEMENT, THAT YOU UNDERSTAND IT, AND THAT YOU AGREE TO IT. IF YOU DO NOT ACCEPT THIS AGREEMENT, DO NOT ORDER OR APPROVE THE ISSUANCE OF A DIGITAL CERTIFICATE. IF YOU HAVE ANY QUESTIONS REGARDING THIS AGREEMENT, PLEASE E-MAIL DIGICERT AT LEGAL@DIGICERT.COM OR CALL 1-800-896-7973. THIS AGREEMENT CONTAINS A BINDING ARBITRATION CLAUSE. These certificate terms of use are between DigiCert, Inc., a Utah corporation (DigiCert) and the entity applying for a Certificate, as identified in the account or issued certificates. Certificate means a digitally signed electronic data file issued by DigiCert to a person, group, or role in order to confirm your authorization for use of the Private Key corresponding to the Public Key contained in the certificate. You and DigiCert agree as follows: 1. Use 1.1. Applicability. These terms cover each Certificate issued by DigiCert to you, regardless of (i) the Certificate type (email, code signing, Direct, or TLS/SSL), (ii) when you request the Certificate, or (iii) when the Certificate actually issues. 1.2. Information. You will provide accurate, complete, and non-misleading information to DigiCert at all times. If any information provided to DigiCert changes or becomes misleading or inaccurate, you will promptly inform DigiCert and update the information. You may not request a certificate with contents that infringe on the intellectual property rights of another entity. All certificate request data is incorporated into this document as part of these terms. 1.3. Key Pairs. A Private Key means the key that is kept secret by you that is used to create Digital Signatures and/or decrypt electronic records or files that were encrypted with the corresponding Public Key. A Public Key means your publically disclosed key that is contained in your Certificate and corresponds to the secret Private Key that you use. Subscribers should (i) generate key pairs using trustworthy systems, (ii) use key pairs that are at least the equivalent of RSA 2048 bit keys, (iii) keep all Private Keys confidential, (iv) within one working day, notify DigiCert, cease using the Certificate, and request Certificate revocation if you suspect misuse or compromise of a Private Key, and use reasonable measures to protect Private Keys from disclosure. You will promptly cease using the Certificate and corresponding Private Key upon the earlier of (i) revocation of the Certificate, (ii) termination of this agreement, (iii) expiration of the Certificate, or (iv) industry standards no longer permit use of the Certificate or Private Key. You are solely responsible for any failure to protect your Private Keys. You may only generate and store key pairs for Adobe Signing Certificates and EV Code Signing Certificates on a FIPS 140-2 Level 2 device. All other Certificate types may be stored on secure software or hardware systems. 1.4. Issuance. After you request a Certificate, DigiCert will verify an entity in accordance with DigiCerts CPS and applicable industry standards. If verification is completed to DigiCerts sole satisfaction, then DigiCert will issue the requested Certificate and deliver the Certificate to you using an appropriate delivery mechanism as selected by DigiCert. Typically, DigiCert delivers Certificates either through your online DigiCert account or via a provided email address. DigiCert may refuse to accept a Certificate request or issue a Certificate in its sole discretion. DigiCert will notify you through the account if your request is refused but DigiCert is not required to provide a reason for the refusal. 1.5. IGTF Certificates. The following applies to IGTF Certificates: (i) Private Key Generation. For IGTF compliant Certificates, you must keep all Private Keys confidential and use reasonable measures to protect the Private Key from disclosure. You must request revocation of the Certificate within one working day of any suspected misuse or compromise of a Certificate or Private Key. You must generate your key pair using one of the following methods: (i) inside a secure hardware token, (ii) using trustworthy cryptographic software on a local computer system where you are the sole user and administrator, (iii) on a computer system administered by your sponsor or a third party if (a) the key material is generated using trustworthy cryptographic software, (b) access is limited to designated individuals, who are subject to and aware of applicable privacy rules and a professional code of conduct, (c) the private key and pass phrase are not sent in clear text over a network, (d) the encrypted private key file is not sent over the network unprotected, (e) the system is located in a secure environment, where access is controlled and limited to only authorized personnel, and (f) a system does not persistently keep pass phrases or plain text private keys for longer than 24 hours. (ii) IGTF Private Key Storage. For IGTF compliant Certificates, you may store your Private Key using one of the following methods: (i) protected by a pass phrase on a hardware token from which the Private Key cannot be extracted, (ii) in a persistently encrypted form on a computer system where you are the sole user and administrator, or (iii) on a computer system administered by your sponsor or a third party if (a) the Private Key is stored in a persistently encrypted form and protected by a pass phrase, (b) data needed to decrypt or use the private key is present only as a result of your action and only for as long as you are using the system, (c) administrative access is limited to designated individuals who are subject to and aware of applicable privacy rules and a professional code of conduct, (d) the systems are located in a secure environment, where access is controlled and limited to only authorized personnel, (e) the private key and pass phrase are not sent in clear text over a network, (f) the encrypted private key file is not sent over the network unprotected, and (g) the system does not persistently keep pass phrases or plain text private keys for longer than 24 hours. For IGTF passphrases, you must use pass phrases that are at least 12 characters long and follow the industrys current best practices. If a third party is involved in generating or storing a Private Key, the third party must have a defined data privacy and security policy that provides reasonable assurance of data security. You shall make this policy available to DigiCert upon request. 1.6. SSL and Code Signing Certificates. EV Certificate means a Certificate that contains the DigiCert Extended Validation Certificate Policy Object Identifier as set forth in the CPS and is issued in accordance with the EV Guidelines. EV Certificates include both SSL Certificates and Code Signing Certificates. EV Guidelines means the Guidelines for Extended Validation Certificates as officially published, amended, and updated by the CA/Browser Forum at http://www.cabforum.org. CPS refers to DigiCerts written statements of the policies and procedures used to operate its Public Key infrastructure. DigiCerts CPS documents are available at http://www.digicert.com/ssl-cps-repository.htm. (i) Certificate Transparency. To ensure Certificates function properly throughout their lifecycle, DigiCert may log SSL Certificates with a public certificate transparency database. Because this will become a requirement for Certificate functionality, you cannot opt out of this process. Log server information is publicly accessible. Once submitted, information cannot be removed from a log server. (ii) Limitations on License. DigiCert may reject any request for an SSL Certificates only for domain names registered to (i) you, (ii) your affiliates, or (iii) an entity that expressly authorized, in writing, you to obtain and manage Certificates for the domain name in the Certificate. (iii) Certificate Approvers. During the term of this agreement, you expressly authorize the individuals appointed as Certificate Approvers or Administrators in your account (the designation of which is expressly incorporated into this agreement) to request and approve EV Certificates on your behalf. With respect to DigiCerts obligations under the EV Guidelines and other industry standards, you expressly authorize DigiCert to rely on any representations made by a Certificate Approver in connection with an ordered Certificate, including verification of your exclusive right to use the domain name listed in the Certificate. You are responsible for all EV Certificates requested by a Certificate Approver until such Certificate Approvers EV authority is revoked. You may revoke a certificate Approvers EV authority by emailing DigiCert at admin@digicert.com. You are responsible for periodically reviewing and updating the individuals authorized to approve EV Certificate orders. (iv) Representations. You represent that (a) you have the right to use the domain name, common name, and organization name listed in the Certificate (if applicable), (b) if you represent an entity applying for or that will be named in the Certificate, you are expressly authorized to sign this agreement on behalf of that entity and will make the entity aware of each Certificate request, (c) you have read, understand, and agree to the CPS and this agreement, (d) you will make sure the organization included in the Certificate and the registered domain name holder (if a domain name is included the Certificate) will be aware of and approve each Certificate request. (v) Acceptance. For EV Certificates: By accepting these terms, you are entering into a legally valid and enforceable agreement to obtain a form of digital identity for the Certificates subject. You acknowledge that you have the authority to obtain the digital equivalent of a company stamp, seal, or (where applicable) officer's signature to establish the authenticity of the subjects website or signed code, and that you are responsible for all uses of its EV Certificate. By accepting this agreement on behalf of the subject, you represent that you (i) are acting as an authorized representative of the subject, (ii) are expressly authorized by subject to sign Subscriber agreements and approve EV Certificate requests on subjects behalf, and (iii) if applicable, have confirmed subjects exclusive right to use the domain(s) to be included in any issued EV Certificates. 1.7. License. Effective immediately after delivery and continuing until the Certificate expires or is revoked, DigiCert grants you a revocable, non-exclusive, non-transferable license to use, for the benefit of the subject, each issued Certificate and the corresponding Key Sets in accordance with the CPS and the terms of this agreement. You are responsible for any use of the Certificate and any equipment and software required to use the Certificate. You may not install or use a Certificate until after you have reviewed and verified the accuracy of the data included in the Certificate. You will promptly inform DigiCert if you become aware of any breach of this agreement or misuse of a Certificate, Private Key, or your account. You are responsible for obtaining and maintaining any authorization or license necessary to use a Certificate. 1.8. Restrictions. You should not (a) share your Certificate or Private Key with another user except where permitted by the CPS, (b) use a Certificate or Private Key to operate nuclear power facilities, air traffic control systems, aircraft navigation systems, weapons control systems, or any other system requiring failsafe operation whose failure could lead to injury, death or environmental damage, (c) modify, sub license, reverse-engineer or create a derivative work of any Certificate (except as required to use the Certificate for its intended purpose) or Private Key, (d) use or make representations about a Certificate except as allowed in the CPS, (e) impersonate or misrepresent your affiliation with any entity or use a Certificate in a manner that could reasonably result in a civil or criminal action being taken against you or DigiCert, (f) use a Certificate to send or receive unsolicited bulk correspondence, sign or distribute any files, software, or code that may damage the operation of anothers computer or that is downloaded without a users consent, or breach the confidence of a third party, (g) attempt to use a Certificate to issue other Certificates, or (h) intentionally create a Private Key that is substantially similar to a DigiCert or third party Private Key. 1.9. Revocation. DigiCert may revoke a Certificate without notice for the reasons stated in the CPS, including if DigiCert believes that (a) you or the subject requested revocation of the Certificate or did not authorize the Certificates issuance, (b) you or the subject breach this agreement or fail to comply with the CPS, (c) a provision of this agreement containing a representation or obligation related to the issuance, use, management, or revocation of the Certificate terminates or is held invalid, (d) you or the subject are added to a government prohibited person or entity list or are operating from a prohibited destination under the laws of the United States, (e) the Certificate contains inaccurate or misleading information, (f) the Certificate was used outside of its intended purpose or used to sign malicious software, (g) the Private Key associated with a Certificate was disclosed or compromised, (h) this agreement terminates, (i) the Certificate was used or issued, directly or indirectly, contrary to law, the CPS, or industry standards, (j) industry standards or DigiCerts CPS require revocation, or (k) revocation is necessary to protect the rights, confidential information, operations, or reputation of DigiCert or a third party. 1.10. Renewals. DigiCert may send a reminder to you about expiring Certificates, but you are solely responsible for ensuring your Certificates are renewed prior to their expiration. 1.11. Publication of Certificate. You consent to (i) DigiCerts public disclosure of information embedded in an issued Certificate, and (ii) DigiCerts transfer of your information to servers located inside the United States. DigiCert retains a right to use any information provided through the account, provided that all such use is in compliance with its privacy policy as provided on its website. DigiCert may modify the privacy policy in its sole discretion. 1.12. Express Install. DigiCerts may provide an express installation utility as part of its services. Using this utility will automatically configure server settings as appropriate to use the Certificate. A link to express install is provided either in the email providing notification of Certificate issuance or on DigiCerts website. You may (i) not modify, sub-license, reverse engineer, or create a derivative work of the utility and (ii) only use the utility with a DigiCert product or service and not with Certificates, software, or other products or services provided from a third party. You are solely liable for any use of the utility. DIGICERT HEREBY DISCLAIMS ALL WARRANTIES ASSOCIATED WITH THE UTILITY AND ALL LIABILITY FOR YOUR USE OF THE UTILITY. 2. Term and Termination 2.1. Term. This agreement is effective upon your acceptance and lasts until the earlier of (i) the expiration date of all Certificates issued under this agreement, or (ii) the termination of this agreement by a party as allowed herein. All rights and licenses granted to you terminate immediately upon termination of this agreement. 2.2. Termination. Either party may terminate this agreement for convenience by providing 30 days prior notice to the other party. DigiCert may terminate the agreement immediately for any reasonable reason related to this Agreement, including, but not limited to (i) you or the subject materially breach this agreement, (ii) you or the subject engaged in illegal or fraudulent activity or an activity that could materially harm DigiCerts business, (iii) DigiCert cannot verify you or the subject to DigiCerts sole satisfaction, or (iv) if you or the subject (a) have a receiver, trustee, or liquidator appointed over substantially all of your or the subjects assets, (b) have an involuntary bankruptcy proceeding filed against you or the subject that is not dismissed within 30 days of filing, (c) file a voluntary petition of bankruptcy or reorganization. 2.3. Survival. All provisions of this agreement that, by their nature, are intended to survive termination of the agreement and continue in full force and effect, including all provisions related to representations by you under the following sections: Publication of Certificate (Section 1.11), Disclaimer of Warranties and Limitations on Liability (Section 3), Indemnity (Section 4), Arbitration (section 5), and the Miscellaneous provisions (Section 6). 3. Disclaimers of Warranty and Limitations on Liability 3.1. Relying Party Warranties. You acknowledge that any applicable Relying Party Warranty is only for the benefit of Relying Parties. You do not have rights under the warranty, including any right to enforce the terms of the warranty or make a claim under the warranty. Not all Certificates are covered by a warranty. Relying Party means an entity that acts in reliance on a Certificate or a Digital Signature. An Application Software Vendor is not a Relying Party when the software distributed by the Application Software Vendor merely displays information regarding a Certificate or facilitates the use of the Certificate or digital signature. Relying Party Warranty is a warranty provided by DigiCert against certificate mis-issuance that is available only to Relying Parties who meet the conditions and fulfill all of the terms set forth at http://www.digicert.com/docs/agreements/DigiCert_RPA.pdf. Application Software Vendor means a software developer that displays or uses Certificates and distributes root certificates. 3.2. Remedy. Your sole remedy for a defect in a Certificate is to have DigiCert use reasonable efforts to correct the defect. DigiCert is not obligated to correct a defect if (i) the Certificate was misused, damaged, or modified, (ii) you did not promptly report the defect to DigiCert, or (iii) you breached any provision of this agreement. 3.3. Warranty Disclaimers. THE CERTIFICATES, AND ANY RELATED SOFTWARE, PRODUCTS, AND SERVICES, INCLUDING THE EXPRESS INSTALL UTILITY, ARE PROVIDED "AS IS" AND "AS AVAILABLE. TO THE MAXIMUM EXTENT PERMITTED BY LAW, DIGICERT DISCLAIMS ALL EXPRESS AND IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. DIGICERT DOES NOT WARRANT THAT ANY SERVICE OR PRODUCT WILL MEET YOUR EXPECTATIONS OR THAT ACCESS TO THE ACCOUNT WILL BE TIMELY OR ERROR-FREE. DigiCert does not guarantee the availability of any products or services and may modify or discontinue any product or service offering at any time. 3.4. Limitation on Liability. This agreement does not limit a partys liability for (i) death or personal injury resulting from the negligence of a party, or (ii) fraud or fraudulent statements made by a party. EXCEPT AS STATED ABOVE, DIGICERTS MAXIMUM LIABILITY RESULTING FROM THESE TERMS IS LIMITED TO THE AMOUNT PAID OR PAYABLE BY YOU TO DIGICERT DURING THE 12 MONTHS PRIOR TO WHEN THE EVENT GIVING RISE TO THE LIABILITY OCCURRED. DIGICERT IS NOT LIABLE FOR ANY INDIRECT, CONSEQUENTIAL, SPECIAL, OR PUNITIVE DAMAGES OR ANY LOSS OF PROFIT, REVENUE, DATA, OR OPPORTUNITY, EVEN IF DIGICERT IS AWARE OF THE POSSIBILITY OF SUCH DAMAGES. 3.5. Liability. You are liable for any claims (including damages, costs, and defense expenses) that are brought by third parties against DigiCert, its agents and assigns, that are result from use of your Certificate or Private Key or that are caused by your intentional or grossly negligent breach of this agreement. DigiCert is not responsible for your employees or agents, including any expenses owed to them. 3.6. Extent. The limitations in this section apply to the maximum extent permitted by law and apply regardless of (i) the reason for or nature of the liability, including tort claims, (ii) the number of claims of liability, (iii) the extent or nature of the damages, or (iv) whether any other provisions of this agreement were breached or proven ineffective. 4. Indemnity 4.1. Obligation. You will indemnify, hold harmless, and defend DigiCert and its employees, officers, directors, shareholders, affiliates, and assigns against all third party claims and all related liabilities, damages, and costs, including reasonable attorneys fees, arising from (i) your breach of this agreement, (ii) your failure to disclose a material fact related to the issuance of a Certificate or to protect the Authentication Mechanisms used to secure the account, (iii) an allegation that your actions or negligence was the cause of the claim, liability, or cost, (iv) your website, products, and services, or (v) your use of DigiCerts products or services to infringe on the rights of a third party. 4.2. Indemnification Procedure. An entity seeking indemnification under this agreement (Indemnified Party) must notify you promptly of any event requiring indemnification. However, an Indemnified Partys failure to notify will not relieve you from your indemnification obligations, except to the extent that the failure to notify materially prejudices you. You may assume the defense of any proceeding requiring indemnification unless assuming the defense would result in potential conflicting interests as determined by the Indemnified Party in good faith. An Indemnified Party may, at your expense, defend itself until your counsel has initiated a defense of the Indemnified Party. Even after you assume the defense, the Indemnified Party may participate in any proceeding using counsel of its own choice and at its own expense. You may not settle any proceeding related to this agreement unless the settlement also includes an unconditional release of liability for all Indemnified Parties. 4.3. Additions to and Limitations on Liability. Your indemnification obligations are not DigiCerts sole remedy under this agreement and are in addition to any other remedies that DigiCert may have against you. You must commence any claim or action arising from this agreement within one year from the occurrence of events giving rise to a cause of action. You waive your right to any claim that is commenced more than one year from the first date on which the cause of action arose. 5. Arbitration 5.1. Requirement. To the maximum extent permitted by law, you will settle any dispute or claim related to this agreement, the CPS, DigiCerts websites, or any Certificate issued under this Agreement using binding arbitration in accordance with the Arbitration Rules of the American Arbitration Association (AAA). The parties shall hold all arbitration proceedings in Lehi, Utah. The parties shall settle all such disputes and claims settled in this manner in lieu of any action at law or equity; except that nothing in this subsection precludes a party from bringing an action for injunctive relief or other equitable relief. 5.2. Proceeding. During arbitration, the parties shall use a single arbitrator appointed by the AAA to arbitrate a dispute or claim. The arbitrator must exhibit a reasonable familiarity with the issues. The award of the arbitrator is binding and final upon all parties. Either party may have a court with proper jurisdiction enter the award. This agreement remains in full force and effect while the outcome of the arbitration proceeding is pending. The arbitrator shall follow applicable law in conducting the arbitration. 5.3. Costs. A party shall pay any costs, including reasonably attorney fees, to which the arbitrator determines that the prevailing party is entitled. Each party shall pay its own costs associated with the arbitration if such costs are not awarded by the arbitrator. The arbitrator may not award punitive damages or speculative damages to either party and does not have the power to amend this agreement. 6. Miscellaneous 6.1. Agreement. Unless explicitly stated otherwise, this agreement, along with all documents referred to herein, constitutes the entire agreement between the parties with respect to the issuance and use of the requested Certificate, superseding all other agreements that may exist with respect to that particular Certificate. DigiCert may amend any of its (i) website and any documents listed thereon, (ii) CPS, (iii) fees, (iv) privacy policy, or (iv) the conditions under which you receive a Certificate. Amendments are effective upon the earlier of DigiCerts posting the amendment on its website or your receipt of the amendment. You must periodically review DigiCerts website to be aware of any changes to this agreement or the relevant documents. Your continued use of a Certificate after an amendment is posted constitutes your acceptance of the amendment. If a law or industry standard changes and that change affects the Certificates or other services provided under this agreement, then DigiCert may amend this agreement to the extent necessary to comply with the change. The laws of the state of Utah govern the interpretation, construction, and enforcement of this agreement and all matters related to it, including tort claims, without regards to any conflicts-of-laws principles. The parties hereby submit to the exclusive jurisdiction of and venue in the state and federal courts located in the State of Utah. 6.2. Waiver. A partys failure to enforce or delay in enforcing a provision of this agreement does not waive (i) the partys right to enforce the same provision later, or (ii) the partys right to enforce any other provision of the agreement. A waiver is only effective if in writing and signed by the party against whom the waiver is claimed. 6.3. Industry Standards. Both parties will comply with all industry and privacy standards applicable to the Certificates. If industry standards change, DigiCert and you will work together in good faith to amend this agreement to comply with the changes. 6.4. Force Majeure and Internet Frailties. Neither party is liable for any failure or delay in performing its obligations under this agreement to the extent that the circumstances causing such failure or delay are beyond a partys reasonably control. You acknowledge that the Certificates are subject to the operation and telecommunication infrastructures of the Internet and the operation of your Internet connection services, all of which are beyond DigiCerts control. 6.5. Notices. You must send all notices in English writing by first class mail with return receipt request to DigiCert, Inc. at 2600 West Executive Parkway, Suite 500, Lehi, Utah 84043. DigiCert will send notices to you either, in DigiCerts discretion, through the account or through your email address (as provided by you). Notices to DigiCert are effective when received. Notices to you are effective when sent. 6.6. Assignment. You may not assign your rights or obligations under this agreement without the prior written consent of DigiCert. Any transfer without consent is void. DigiCert may assign its rights and obligations without your consent. 6.7. Severability. The invalidity or unenforceability of a provision under this agreement, as determined by a court or administrative body of competent jurisdiction, does not affect the validity or enforceability of the remainder of this agreement. The parties will substitute any invalid or unenforceable provision with a valid or enforceable provision that achieves the same economic, legal, and commercial objectives as the invalid or unenforceable provision. 6.8. Rights of Third Parties. Application Software Vendors and Relying Parties are express third party beneficiaries of your obligations and representations under this agreement that directly relate to the use or issuance of a Certificate. Other than the Application Software Vendors and Relying Parties, no third parties have any rights or remedies under the agreement. 6.9. Interpretation. The definitive version of this agreement is written in English. If this agreement is translated into another language and there is a conflict between the English version and the translated version, the English language version controls. ACCEPTANCE BY CHECKING "I AGREE", YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND THIS AGREEMENT AND THAT YOU WILL TO COMPLY WITH ITS TERMS. DO NOT CHECK "I AGREE" AND DO NOT PROCEED IF YOU DO NOT ACCEPT THIS AGREEMENT.