upstream/oracle/userland-gate: components/shim/shim.license@eaed6d702f04

Shim is licensed under an overarching BSD license and have some subcomponents licensed under OpenSSL licenses. It also contains a certificate from DigiCert.

./COPYRIGHT:
./netboot.c:
./replacements.c:
./shim.c:
Copyright 2012 Red Hat, Inc <[email protected]>

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:

Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.

Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the
distribution.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
OF THE POSSIBILITY OF SUCH DAMAGE.

Significant portions of this code are derived from Tianocore
(http://tianocore.sf.net) and are Copyright 2009-2012 Intel
Corporation.

./Cryptlib/Include/openssl/:
./Cryptlib/OpenSSL/crypto/:
./Cryptlib/OpenSSL/e_os.h:
/* Copyright (C) 1995-1998 Eric Young ([email protected])
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young ([email protected]).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson ([email protected]).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
--
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young ([email protected])"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson ([email protected])"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* Portions of the attached software ("Contribution") are developed by
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
*
* The Contribution is licensed pursuant to the Eric Young open source
* license provided above.
*
* The binary polynomial arithmetic software is originally written by
* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
*
*/
* This product includes cryptographic software written by Eric Young
* ([email protected]). This product includes software written by Tim
* Hudson ([email protected]).
*
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* ECDH support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* Portions of the attached software ("Contribution") are developed by
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
*
* The Contribution is licensed pursuant to the OpenSSL open source
* license provided above.
*
* The elliptic curve binary polynomial software is originally written by
* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
*
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* The Elliptic Curve Public-Key Crypto Library (ECC Code) included
* herein is developed by SUN MICROSYSTEMS, INC., and is contributed
* to the OpenSSL project.
*
* The ECC Code is licensed pursuant to the OpenSSL open source
* license provided below.
*
* The ECDH software is originally written by Douglas Stebila of
* Sun Microsystems Laboratories.
*
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* ECDH support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.

* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* Portions of the attached software ("Contribution") are developed by
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
*
* The Contribution is licensed pursuant to the OpenSSL open source
* license provided above.
*
* ECC cipher suite support in OpenSSL originally written by
* Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
*
* Copyright (c) 2004, Richard Levitte <[email protected]>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
--
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
* @author Vincent Rijmen <[email protected]>
* @author Antoon Bosselaers <[email protected]>
* @author Paulo Barreto <[email protected]>
*
* This code is hereby placed in the public domain.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* Binary polynomial ECC support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
/*
* Blowfish as implemented from 'Blowfish: Springer-Verlag paper' (From
* LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, CAMBRIDG E
* SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
*/
* Copyright Patrick Powell 1995
* This code is based on code written by Patrick Powell <[email protected]>
* It may be used for any purpose as long as this notice remains intact
* on all source code distributions.
*/
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* Portions of the attached software ("Contribution") are developed by
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
*
* The Contribution is licensed pursuant to the Eric Young open source
* license provided above.
*
* The binary polynomial arithmetic software is originally written by
* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.

* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* The Elliptic Curve Public-Key Crypto Library (ECC Code) included
* herein is developed by SUN MICROSYSTEMS, INC., and is contributed
* to the OpenSSL project.
*
* The ECC Code is licensed pursuant to the OpenSSL open source
* license provided below.
*
* In addition, Sun covenants to all licensees who provide a reciprocal
* covenant with respect to their own patents if any, not to sue under
* current and future patent claims necessarily infringed by the making,
* using, practicing, selling, offering for sale and/or otherwise
* disposing of the ECC Code as delivered hereunder (or portions thereof),
* provided that such covenant shall not apply:
* 1) for code that a licensee deletes from the ECC Code;
* 2) separates from the ECC Code; or
* 3) for infringements caused by:
* i) the modification of the ECC Code or
* ii) the combination of the ECC Code with other software or
* devices where such combination causes the infringement.
*
* The software is originally written by Sheueling Chang Shantz and
* Douglas Stebila of Sun Microsystems Laboratories.
* NOTE: This file is licensed pursuant to the OpenSSL license below and may
* be modified; but after modifications, the above covenant may no longer
* apply! In such cases, the corresponding paragraph ["In addition, Sun
* covenants ... causes the infringement."] and this note can be edited out;
* but please keep the Sun copyright notice and attribution.
*/
* Invert a, reduce modulo p, and store the result in r. r could be a. Uses
* Modified Almost Inverse Algorithm (Algorithm 10) from Hankerson, D.,
* Hernandez, J.L., and Menezes, A. "Software Implementation of Elliptic
* Curve Cryptography Over Binary Fields".

* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer IEEE
* Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40 This module in
* only based on the code in this paper and is almost definitely not the sam e
* as the MIT implementation.
/* @(#)des.h 2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI */
/*
* Sun RPC is a product of Sun Microsystems, Inc. and is provided for
* unrestricted use provided that this legend is included on all tape
* media and as a part of the software program in whole or part. Users
* may copy or modify Sun RPC without charge, but are not authorized
* to license or distribute it to anyone else except as part of a product or
* program developed by the user.
*
* SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
* WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
* PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
*
* Sun RPC is provided with no support and without any obligation on the
* part of Sun Microsystems, Inc. to assist in its use, correction,
* modification or enhancement.
*
* SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
* INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
* OR ANY PART THEREOF.
*
* In no event will Sun Microsystems, Inc. be liable for any lost revenue
* or profits or other special, indirect and consequential damages, even if
* Sun has been advised of the possibility of such damages.
*
* Sun Microsystems, Inc.
* 2550 Garcia Avenue
* Mountain View, California 94043
*/
/*
* Generic DES driver interface
* Keep this file hardware independent!
* Copyright (c) 1986 by Sun Microsystems, Inc.
*/
/* Original version from Steven Schoch <[email protected]> */

* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* ECDH support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/

* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* Portions originally developed by SUN MICROSYSTEMS, INC., and
* contributed to the OpenSSL project.
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* Portions of the attached software ("Contribution") are developed by
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
*
* The Contribution is licensed pursuant to the OpenSSL open source
* license provided above.
*
* The elliptic curve binary polynomial software is originally written by
* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.

* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* Portions of this software developed by SUN MICROSYSTEMS, INC.,
* and contributed to the OpenSSL project.
*/
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* The Elliptic Curve Public-Key Crypto Library (ECC Code) included
* herein is developed by SUN MICROSYSTEMS, INC., and is contributed
* to the OpenSSL project.
*
* The ECC Code is licensed pursuant to the OpenSSL open source
* license provided below.
*
* The ECDH software is originally written by Douglas Stebila of
* Sun Microsystems Laboratories.
*
*/
* Copyright (c) 2002 Bob Beck <[email protected]>
* Copyright (c) 2002 Theo de Raadt
* Copyright (c) 2002 Markus Friedl
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
* ECDH support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
* The Elliptic Curve Public-Key Crypto Library (ECC Code) included
* herein is developed by SUN MICROSYSTEMS, INC., and is contributed
* to the OpenSSL project.
*
* The ECC Code is licensed pursuant to the OpenSSL open source
* license provided below.
*
* The ECDH engine software is originally written by Nils Gura and
* Douglas Stebila of Sun Microsystems Laboratories.
*
* symbol names have been changed, with permission from the author.
*/

/* $LP: LPlib/source/LPdir.h,v 1.1 2004/06/14 08:56:04 _cvs_levitte Exp $ */
/*
* Copyright (c) 2004, Richard Levitte <[email protected]>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
--
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/

--
* http://developer.intel.com/design/security/rng/redist_license.htm
*/
* This seeding method was proposed in Peter Gutmann, Software
* Generation of Practically Strong Random Numbers,
* http://www.usenix.org/publications/library/proceedings/sec98/gutmann.html
* revised version at http://www.cryptoengines.com/~peter/06_random.pdf
* (The assignment of entropy estimates below is arbitrary, but based
* on Peter's analysis the full poll appears to be safe. Additional
* interactive seeding is encouraged.)
--
* the original copyright message is:
*
* (C) Copyright Microsoft Corp. 1993. All rights reserved.
*
* You have a royalty-free right to use, modify, reproduce and
* distribute the Sample Files (and/or any modified version) in
* any way you find useful, provided that you agree that
* Microsoft has no warranty obligations or liability for any
* Sample Application Files which are modified.
* Written by Ulf Moeller. This software is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied.
*/
/* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */

/* Copyright (c) 2004 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
--
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
--
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* Calaculates and sets the affine coordinates of an EC_POINT from the given
* compressed coordinates. Uses algorithm 2.3.4 of SEC 1.
* Note that the simple implementation only uses affine coordinates.
*
* This algorithm is patented by Certicom Corp. under US Patent 6,141,420
* (for licensing information, contact [email protected]).
* This function is disabled by default and can be enabled by defining the
* preprocessor macro OPENSSL_EC_BIN_PT_COMP at Configure-time.
*/

./crypt_blowfish.c:
* Written by Solar Designer <solar at openwall.com> in 1998-2011.
* No copyright is claimed, and the software is hereby placed in the public
* domain. In case this attempt to disclaim copyright and place the software
* in the public domain is deemed null and void, then the software is
* Copyright (c) 1998-2011 Solar Designer and it is hereby released to the
* general public under the following terms:
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted.
*
--
* as part of a software package, or anywhere else to improve security,
* ensure compatibility, or for any other purpose. I would appreciate
* it if you give credit where it is due and keep your modifications in
* the public domain as well, but I don't require that in order to let
* you place this code and any modifications you make under a license
* of your choice.
*
* This implementation is mostly compatible with OpenBSD's bcrypt.c (prefix
* "$2a$") by Niels Provos <provos at citi.umich.edu>, and uses some of his
* ideas. The password hashing algorithm was designed by David Mazieres

./crypt_blowfish.h:
* Written by Solar Designer <solar at openwall.com> in 2000-2011.
* No copyright is claimed, and the software is hereby placed in the public
* domain. In case this attempt to disclaim copyright and place the software
* in the public domain is deemed null and void, then the software is
* Copyright (c) 2000-2011 Solar Designer and it is hereby released to the
* general public under the following terms:
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted.
*

./fallback.c:
* Copyright 2012-2013 Red Hat, Inc.
* All rights reserved.
*
* See "COPYING" for license terms.
*
* Author(s): Peter Jones <[email protected]>
*/

./include/PeImage.h:
Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>
Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php.

THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

./lib/configtable.c:
* Copyright 2013 <[email protected]>
*
* see COPYING file
*

./lib/console.c:
* Copyright 2012 <[email protected]>
* Copyright 2013 Red Hat Inc. <[email protected]>
*
* see COPYING file
*/

./lib/execute.c:
* Copyright 2012 <[email protected]>
*
* see COPYING file
* Code Copyright 2012 Red Hat, Inc <[email protected]>
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/

./lib/guid.c:
./lib/security_policy.c:
./lib/shell.c:
./lib/simple_file.c:
* Copyright 2012 <[email protected]>
*
* see COPYING file
*/

./lib/variables.c:
* Copyright 2012 <[email protected]>
*
* see COPYING file
*
--
* Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
* This program and the accompanying materials
* are licensed and made available under the terms and conditions of the BSD License
* which accompanies this distribution. The full text of the license may be found
* at
* http://opensource.org/licenses/bsd-license.php
*
* THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
* WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.

./replacements.h:
* Copyright 2013 Red Hat, Inc <[email protected]>
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/

./ucs2.h:
* Copyright 2013 Red Hat, Inc <[email protected]>
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
* Significant portions of this code are derived from Tianocore
* (http://tianocore.sf.net) and are Copyright 2009-2012 Intel
* Corporation.
*/

The Certificate is issued to Oracle Corporation: https://www.digicert.com/ssl-cps-repository.htm
This certificate is intended for the following purpose(s):
Ensures software came from software publisher
Protects software from alteration after publication
2.16.840.1.114412.3.2
Issued to: Oracle Corporation
Issued by: DigiCert EV Code Signing CA (SHA2)
Valid from 6/25/2014 to 6/30/2017

DigiCert Certificate Terms of Use

These terms apply to each digital certificate (Certificate) issued by DigiCert, Inc., a Utah corporation (DigiCert) to an entity, as identified in the account or issued certificates (Customer). Customer and DigiCert agree as follows:

Requests. Customer may request SSL Certificates only for domain names registered to Customer, an affiliate of Customer, or an entity that expressly authorizes DigiCert to allow Customer to obtain and manage Certificates for the domain name. DigiCert may limit the number of domain names that Customer may include in a single Certificate in its sole discretion.

Verification. After receiving a request for a Certificate through the Account, DigiCert will review the request and attempt to verify the relevant information in accordance with the DigiCert CPS and industry guidelines. Verification is subject to DigiCerts sole satisfaction, and DigiCert may refuse to issue a Certificate for any reason. DigiCert shall notify Customer if a certificate request is refused and provide a reason for the refusal. Certificate Practices Statement or CPS means DigiCerts written statement of the policies and practices used to operate its PKI infrastructure. DigiCerts CPS documents are available at https://www.digicert.com/ssl-cps-repository.htm.

Certificate Life Cycle. The lifecycle of an issued Certificate depends on the selection made by Customer when ordering the Certificate, the requirements in the CPS, and the intended use of the Certificate. DigiCert may modify Certificate lifecycles for unissued Certificates as necessary to comply with requirements of (i) the agreement with Customer, (ii) industry standards, (iii) DigiCerts auditors, or (iv) an Application Software Vendor. Customer shall not use Certificates after their expiration date. Application Software Vendors means an entity that displays or uses Certificates in connection with a distributed root store in which DigiCert participates or will participate. Certificates containing internal server names or private IP addresses must expire on or before Nov 1, 2015.

Issuance. If verification is completed to DigiCerts satisfaction, DigiCert will issue the requested Certificate and deliver the Certificate to Customer. DigiCert may deliver the Certificate using any reasonable means of delivery. Typically, DigiCert will deliver Certificates via email to an address specified by Customer, as an electronic download in the Account, or in response to an API call made by Customer. Certificates are issued from a DigiCert root or intermediate certificate selected by DigiCert. Customer shall abide by all applicable laws and regulations when ordering and using Certificates, including United States export laws. Customer is responsible for obtaining and maintaining any license necessary to distribute the Certificates to end users and systems. Customer acknowledges that the Certificates are not available in countries restricted by the Office of Foreign Assets Control.

Certificate License. Effective immediately after delivery and continuing until the Certificate expires or is revoked, Customer may use, for the benefit of the Certificates subject, each issued Certificate and corresponding Key Set for the purposes described in the CPS, in accordance with all applicable laws, and in accordance with terms herein. Customer shall promptly inform DigiCert if it becomes aware of any misuse of a Certificate, private key, or the Account. Customer is responsible for obtaining and maintaining any authorization or license necessary to use a Certificate, including any license required under United States export laws.

Management. DigiCert will generally issue, manage, renew, and/or Revoke a Certificate in accordance with any instructions submitted by Customer through the Account or API and may rely on such instructions as accurate. Although DigiCert may send a reminder about expiring Certificates, DigiCert is under no obligation to do so, and Customer is solely responsible for ensuring Certificates are renewed prior to expiration.

Security and Use of Key Sets. Customer shall protect the key sets associated with a Certificate and take all steps necessary to prevent the compromise, loss or unauthorized use of a private key associated with a Certificate. Customer shall request revocation of any Certificate if Customer has reason to believe that the integrity or reliability of a Certificate is compromised. If Customer suspects misuse or compromise of a private key, Customer shall promptly notify DigiCert, cease using the Certificate, and request revocation of the Certificate. Customer shall promptly cease using the key set corresponding to a Certificate upon the earlier of (i) revocation of the Certificate and (ii) the date when the allowed usage period for the Key Set expires.

Defective Certificates. If a Certificate contains a defect, DigiCert shall use commercially reasonable efforts to cure the defect after receiving notice from Customer. DigiCert is not obligated to correct a defect if (i) Customer misused, damaged, or modified the Certificate, (ii) Customer did not promptly report the defect to DigiCert, or (iii) Customer has breached any provision of this Agreement.

Relying Party Warranty. Customer acknowledges that the Relying Party Warranty is only for the benefit of Relying Parties. Customer does not have rights under the warranty, including any right to enforce the terms of the warranty or make a claim under the warranty. Relying Party means an entity other than Customer that acts in reliance on a Certificate or a digital signature. An Application Software Vendor is not a Relying Party when the software distributed by the Application Software Vendor merely displays information regarding a Certificate or facilitates the use of the Certificate or digital signature. Relying Party Warranty means a warranty offered to a Relying Party that meets the conditions found in the Relying Party Warranty Agreement posted on DigiCerts website at https://www.digicert.com/docs/agreements/DigiCert_RPA.pdf.

Representations. For each requested Certificate, Customer represents to DigiCert that:

Customer has the right to use or is the lawful owner of (i) any domain name(s) specified in the Certificate and (ii) any common name or organization name specified in the Certificate,

the individual accepting the agreement is expressly authorized by the Customer to sign and enter into a legally valid and enforceable agreement to obtain a form of digital identity for the Customer,

Customer has read, understands, and agrees to the CPS, and

the organization included in the certificate and the registered domain name holder is aware of and approves of each Certificate request.

By accepting an agreement that incorporates these terms, the signer is entering into a legally valid and enforceable agreement to obtain a form of digital identity for the Customer. The signer acknowledges that he/she has the authority to obtain the digital equivalent of a company stamp, seal, or officer's signature to establish the authenticity of the Customers website, and that the Customer is responsible for all uses of an Certificate. By accepting an agreement on behalf of the Customer, the signer represents that he/she (i) is acting as an authorized representative of the Customer, (ii) is expressly authorized by Customer to sign agreements and approve Certificate requests on Customers behalf, and (iii) has or will confirm Customers exclusive right to use the domain(s) to be included in any issued Certificates.

Restrictions. Customer shall only use a TLS/SSL Certificate on the servers accessible at the domain names listed in the issued Certificate. Customer shall not:

modify, sub license, or create a derivative work of any Certificate (except as required to use the Certificate for its intended purpose) or Private Key,

upload or distribute any files or software that may damage the operation of anothers computer,

make representations about or use a Certificate except as allowed in the CPS,

impersonate or misrepresent Customers affiliation with any entity,

use the Certificates or any related software (such as a DigiCert account) in a manner that could reasonably result in a civil or criminal action being taken against Customer or DigiCert,

use a Certificate or related software to breach the confidence of a third party or to send or receive unsolicited bulk correspondence,

interfere with the proper functioning of the DigiCert website or with any transactions conducted through the DigiCert website,

attempt to use a Certificate to issue other Certificates, or

intentionally create a private key that is substantially similar to a DigiCert or third party private key.

Certificate Revocation. DigiCert may revoke a Certificate without notice for the reasons stated in the CPS, including if DigiCert reasonably believes that:

Customer requested revocation of the Certificate or did not authorize the issuance of the Certificate,

Customer has breached its agreement or an obligation it has under the CPS,

any provision of the agreement with customer containing a representation or obligation related to the issuance, use, management, or revocation of the Certificate terminates or is held invalid,

Customer is added to a government prohibited person or entity list or is operating from a prohibited destination under the laws of the United States,

the Certificate contains inaccurate or misleading information,

the Certificate was used outside of its intended purpose or used to sign malicious software,

the private key associated with a Certificate was disclosed or compromised,

the Certificate was(a) misused, (b) used or issued contrary to law, the CPS, or industry standards, or (c) used, directly or indirectly, for illegal or fraudulent purposes,

industry standards or DigiCerts CPS require Certificate revocation, or

revocation is necessary to protect the rights, confidential information, operations, or reputation of DigiCert or a third party.

After revocation, Customer shall cease using the Certificate and remove the Certificate from all devices where it is installed and cease using the Certificate.

Industry Standards. Both parties shall comply with all industry and privacy standards that apply to the Certificates. If industry standards change, DigiCert and Customer shall work together in good faith to amend the applicable agreement, modify issued certificates, and comply with the changes.

Equipment. Customer is responsible, at Customers expense, for (i) all computers, telecommunication equipment, software, access to the Internet, and communications networks (if any) required to use the Certificates and related DigiCert software or services, and (ii) Customers conduct and its website maintenance, operation, development, and content.

Certificate Beneficiaries. Relying parties and Application Software Vendors are express third party beneficiaries of Customers obligations and representations related to the use or issuance of a Certificate. The relying parties and Application Software Vendors are not express third party beneficiaries with respect to any DigiCert software.

DIGICERT CERTIFICATE SUBSCRIBER AGREEMENT

PLEASE READ THIS AGREEMENT CAREFULLY BEFORE PROCEEDING. YOU MUST CHECK "I AGREE"
BELOW TO ACKNOWLEDGE THAT YOU HAVE READ THIS AGREEMENT, THAT YOU UNDERSTAND IT,
AND THAT YOU AGREE TO IT. IF YOU DO NOT ACCEPT THIS AGREEMENT, DO NOT ORDER OR
APPROVE THE ISSUANCE OF A DIGITAL CERTIFICATE. IF YOU HAVE ANY QUESTIONS REGARDING
THIS AGREEMENT, PLEASE E-MAIL DIGICERT AT [email protected] OR CALL 1-800-896-7973.
THIS AGREEMENT CONTAINS A BINDING ARBITRATION CLAUSE.

These certificate terms of use are between DigiCert, Inc., a Utah corporation (DigiCert) and the entity
applying for a Certificate, as identified in the account or issued certificates. Certificate means a digitally
signed electronic data file issued by DigiCert to a person, group, or role in order to confirm your authorization
for use of the Private Key corresponding to the Public Key contained in the certificate. You and DigiCert agree
as follows:

1. Use
1.1. Applicability. These terms cover each Certificate issued by DigiCert to you, regardless of (i) the
Certificate type (email, code signing, Direct, or TLS/SSL), (ii) when you request the Certificate, or
(iii) when the Certificate actually issues.
1.2. Information. You will provide accurate, complete, and non-misleading information to DigiCert at
all times. If any information provided to DigiCert changes or becomes misleading or inaccurate,
you will promptly inform DigiCert and update the information. You may not request a certificate
with contents that infringe on the intellectual property rights of another entity. All certificate
request data is incorporated into this document as part of these terms.
1.3. Key Pairs. A Private Key means the key that is kept secret by you that is used to create Digital
Signatures and/or decrypt electronic records or files that were encrypted with the
corresponding Public Key. A Public Key means your publically disclosed key that is contained
in your Certificate and corresponds to the secret Private Key that you use. Subscribers should (i)
generate key pairs using trustworthy systems, (ii) use key pairs that are at least the equivalent of
RSA 2048 bit keys, (iii) keep all Private Keys confidential, (iv) within one working day, notify
DigiCert, cease using the Certificate, and request Certificate revocation if you suspect misuse or
compromise of a Private Key, and use reasonable measures to protect Private Keys from
disclosure. You will promptly cease using the Certificate and corresponding Private Key upon the
earlier of (i) revocation of the Certificate, (ii) termination of this agreement, (iii) expiration of the
Certificate, or (iv) industry standards no longer permit use of the Certificate or Private Key. You
are solely responsible for any failure to protect your Private Keys. You may only generate and
store key pairs for Adobe Signing Certificates and EV Code Signing Certificates on a FIPS 140-2
Level 2 device. All other Certificate types may be stored on secure software or hardware systems.
1.4. Issuance. After you request a Certificate, DigiCert will verify an entity in accordance with
DigiCerts CPS and applicable industry standards. If verification is completed to DigiCerts sole
satisfaction, then DigiCert will issue the requested Certificate and deliver the Certificate to you
using an appropriate delivery mechanism as selected by DigiCert. Typically, DigiCert delivers
Certificates either through your online DigiCert account or via a provided email address. DigiCert
may refuse to accept a Certificate request or issue a Certificate in its sole discretion. DigiCert will
notify you through the account if your request is refused but DigiCert is not required to provide a
reason for the refusal.
1.5. IGTF Certificates. The following applies to IGTF Certificates:
(i) Private Key Generation. For IGTF compliant Certificates, you must keep all Private Keys
confidential and use reasonable measures to protect the Private Key from disclosure. You
must request revocation of the Certificate within one working day of any suspected misuse
or compromise of a Certificate or Private Key. You must generate your key pair using one of
the following methods: (i) inside a secure hardware token, (ii) using trustworthy
cryptographic software on a local computer system where you are the sole user and
administrator, (iii) on a computer system administered by your sponsor or a third party if (a)
the key material is generated using trustworthy cryptographic software, (b) access is limited
to designated individuals, who are subject to and aware of applicable privacy rules and a
professional code of conduct, (c) the private key and pass phrase are not sent in clear text
over a network, (d) the encrypted private key file is not sent over the network unprotected,
(e) the system is located in a secure environment, where access is controlled and limited to
only authorized personnel, and (f) a system does not persistently keep pass phrases or plain
text private keys for longer than 24 hours.
(ii) IGTF Private Key Storage. For IGTF compliant Certificates, you may store your Private Key
using one of the following methods: (i) protected by a pass phrase on a hardware token from
which the Private Key cannot be extracted, (ii) in a persistently encrypted form on a
computer system where you are the sole user and administrator, or (iii) on a computer
system administered by your sponsor or a third party if (a) the Private Key is stored in a
persistently encrypted form and protected by a pass phrase, (b) data needed to decrypt or
use the private key is present only as a result of your action and only for as long as you are
using the system, (c) administrative access is limited to designated individuals who are
subject to and aware of applicable privacy rules and a professional code of conduct, (d) the
systems are located in a secure environment, where access is controlled and limited to only
authorized personnel, (e) the private key and pass phrase are not sent in clear text over a
network, (f) the encrypted private key file is not sent over the network unprotected, and (g)
the system does not persistently keep pass phrases or plain text private keys for longer than
24 hours. For IGTF passphrases, you must use pass phrases that are at least 12 characters
long and follow the industrys current best practices. If a third party is involved in
generating or storing a Private Key, the third party must have a defined data privacy and
security policy that provides reasonable assurance of data security. You shall make this
policy available to DigiCert upon request.
1.6. SSL and Code Signing Certificates. EV Certificate means a Certificate that contains the DigiCert
Extended Validation Certificate Policy Object Identifier as set forth in the CPS and is issued in
accordance with the EV Guidelines. EV Certificates include both SSL Certificates and Code
Signing Certificates. EV Guidelines means the Guidelines for Extended Validation Certificates as
officially published, amended, and updated by the CA/Browser Forum at
http://www.cabforum.org. CPS refers to DigiCerts written statements of the policies and
procedures used to operate its Public Key infrastructure. DigiCerts CPS documents are available
at http://www.digicert.com/ssl-cps-repository.htm.
(i) Certificate Transparency. To ensure Certificates function properly throughout their lifecycle,
DigiCert may log SSL Certificates with a public certificate transparency database. Because
this will become a requirement for Certificate functionality, you cannot opt out of this
process. Log server information is publicly accessible. Once submitted, information cannot
be removed from a log server.
(ii) Limitations on License. DigiCert may reject any request for an SSL Certificates only for
domain names registered to (i) you, (ii) your affiliates, or (iii) an entity that expressly
authorized, in writing, you to obtain and manage Certificates for the domain name in the
Certificate.
(iii) Certificate Approvers. During the term of this agreement, you expressly authorize the
individuals appointed as Certificate Approvers or Administrators in your account (the
designation of which is expressly incorporated into this agreement) to request and approve
EV Certificates on your behalf. With respect to DigiCerts obligations under the EV
Guidelines and other industry standards, you expressly authorize DigiCert to rely on any
representations made by a Certificate Approver in connection with an ordered Certificate,
including verification of your exclusive right to use the domain name listed in the Certificate.
You are responsible for all EV Certificates requested by a Certificate Approver until such
Certificate Approvers EV authority is revoked. You may revoke a certificate Approvers EV
authority by emailing DigiCert at [email protected]. You are responsible for periodically
reviewing and updating the individuals authorized to approve EV Certificate orders.
(iv) Representations. You represent that (a) you have the right to use the domain name, common
name, and organization name listed in the Certificate (if applicable), (b) if you represent an
entity applying for or that will be named in the Certificate, you are expressly authorized to
sign this agreement on behalf of that entity and will make the entity aware of each Certificate
request, (c) you have read, understand, and agree to the CPS and this agreement, (d) you will
make sure the organization included in the Certificate and the registered domain name
holder (if a domain name is included the Certificate) will be aware of and approve each
Certificate request.
(v) Acceptance. For EV Certificates: By accepting these terms, you are entering into a legally
valid and enforceable agreement to obtain a form of digital identity for the Certificates
subject. You acknowledge that you have the authority to obtain the digital equivalent of a
company stamp, seal, or (where applicable) officer's signature to establish the authenticity of
the subjects website or signed code, and that you are responsible for all uses of its EV
Certificate. By accepting this agreement on behalf of the subject, you represent that you (i)
are acting as an authorized representative of the subject, (ii) are expressly authorized by
subject to sign Subscriber agreements and approve EV Certificate requests on subjects
behalf, and (iii) if applicable, have confirmed subjects exclusive right to use the domain(s) to
be included in any issued EV Certificates.
1.7. License. Effective immediately after delivery and continuing until the Certificate expires or is
revoked, DigiCert grants you a revocable, non-exclusive, non-transferable license to use, for the
benefit of the subject, each issued Certificate and the corresponding Key Sets in accordance with
the CPS and the terms of this agreement. You are responsible for any use of the Certificate and
any equipment and software required to use the Certificate. You may not install or use a
Certificate until after you have reviewed and verified the accuracy of the data included in the
Certificate. You will promptly inform DigiCert if you become aware of any breach of this
agreement or misuse of a Certificate, Private Key, or your account. You are responsible for
obtaining and maintaining any authorization or license necessary to use a Certificate.
1.8. Restrictions. You should not (a) share your Certificate or Private Key with another user except
where permitted by the CPS, (b) use a Certificate or Private Key to operate nuclear power
facilities, air traffic control systems, aircraft navigation systems, weapons control systems, or any
other system requiring failsafe operation whose failure could lead to injury, death or
environmental damage, (c) modify, sub license, reverse-engineer or create a derivative work of
any Certificate (except as required to use the Certificate for its intended purpose) or Private Key,
(d) use or make representations about a Certificate except as allowed in the CPS, (e) impersonate
or misrepresent your affiliation with any entity or use a Certificate in a manner that could
reasonably result in a civil or criminal action being taken against you or DigiCert, (f) use a
Certificate to send or receive unsolicited bulk correspondence, sign or distribute any files,
software, or code that may damage the operation of anothers computer or that is downloaded
without a users consent, or breach the confidence of a third party, (g) attempt to use a
Certificate to issue other Certificates, or (h) intentionally create a Private Key that is substantially
similar to a DigiCert or third party Private Key.
1.9. Revocation. DigiCert may revoke a Certificate without notice for the reasons stated in the CPS,
including if DigiCert believes that (a) you or the subject requested revocation of the Certificate or
did not authorize the Certificates issuance, (b) you or the subject breach this agreement or fail to
comply with the CPS, (c) a provision of this agreement containing a representation or obligation
related to the issuance, use, management, or revocation of the Certificate terminates or is held
invalid, (d) you or the subject are added to a government prohibited person or entity list or are
operating from a prohibited destination under the laws of the United States, (e) the Certificate
contains inaccurate or misleading information, (f) the Certificate was used outside of its intended
purpose or used to sign malicious software, (g) the Private Key associated with a Certificate was
disclosed or compromised, (h) this agreement terminates, (i) the Certificate was used or issued,
directly or indirectly, contrary to law, the CPS, or industry standards, (j) industry standards or
DigiCerts CPS require revocation, or (k) revocation is necessary to protect the rights, confidential
information, operations, or reputation of DigiCert or a third party.
1.10. Renewals. DigiCert may send a reminder to you about expiring Certificates, but you are solely
responsible for ensuring your Certificates are renewed prior to their expiration.
1.11. Publication of Certificate. You consent to (i) DigiCerts public disclosure of information
embedded in an issued Certificate, and (ii) DigiCerts transfer of your information to servers
located inside the United States. DigiCert retains a right to use any information provided through
the account, provided that all such use is in compliance with its privacy policy as provided on its
website. DigiCert may modify the privacy policy in its sole discretion.
1.12. Express Install. DigiCerts may provide an express installation utility as part of its services. Using
this utility will automatically configure server settings as appropriate to use the Certificate. A
link to express install is provided either in the email providing notification of Certificate issuance
or on DigiCerts website. You may (i) not modify, sub-license, reverse engineer, or create a
derivative work of the utility and (ii) only use the utility with a DigiCert product or service and
not with Certificates, software, or other products or services provided from a third party. You are
solely liable for any use of the utility. DIGICERT HEREBY DISCLAIMS ALL WARRANTIES
ASSOCIATED WITH THE UTILITY AND ALL LIABILITY FOR YOUR USE OF THE UTILITY.

2. Term and Termination
2.1. Term. This agreement is effective upon your acceptance and lasts until the earlier of (i) the
expiration date of all Certificates issued under this agreement, or (ii) the termination of this
agreement by a party as allowed herein. All rights and licenses granted to you terminate
immediately upon termination of this agreement.
2.2. Termination. Either party may terminate this agreement for convenience by providing 30 days
prior notice to the other party. DigiCert may terminate the agreement immediately for any
reasonable reason related to this Agreement, including, but not limited to (i) you or the subject
materially breach this agreement, (ii) you or the subject engaged in illegal or fraudulent activity
or an activity that could materially harm DigiCerts business, (iii) DigiCert cannot verify you or
the subject to DigiCerts sole satisfaction, or (iv) if you or the subject (a) have a receiver, trustee,
or liquidator appointed over substantially all of your or the subjects assets, (b) have an
involuntary bankruptcy proceeding filed against you or the subject that is not dismissed within
30 days of filing, (c) file a voluntary petition of bankruptcy or reorganization.
2.3. Survival. All provisions of this agreement that, by their nature, are intended to survive
termination of the agreement and continue in full force and effect, including all provisions related
to representations by you under the following sections: Publication of Certificate (Section 1.11),
Disclaimer of Warranties and Limitations on Liability (Section 3), Indemnity (Section 4),
Arbitration (section 5), and the Miscellaneous provisions (Section 6).
3. Disclaimers of Warranty and Limitations on Liability
3.1. Relying Party Warranties. You acknowledge that any applicable Relying Party Warranty is only
for the benefit of Relying Parties. You do not have rights under the warranty, including any right
to enforce the terms of the warranty or make a claim under the warranty. Not all Certificates are
covered by a warranty. Relying Party means an entity that acts in reliance on a Certificate or a
Digital Signature. An Application Software Vendor is not a Relying Party when the software
distributed by the Application Software Vendor merely displays information regarding a
Certificate or facilitates the use of the Certificate or digital signature. Relying Party Warranty
is a warranty provided by DigiCert against certificate mis-issuance that is available only to
Relying Parties who meet the conditions and fulfill all of the terms set forth at
http://www.digicert.com/docs/agreements/DigiCert_RPA.pdf. Application Software Vendor
means a software developer that displays or uses Certificates and distributes root certificates.
3.2. Remedy. Your sole remedy for a defect in a Certificate is to have DigiCert use reasonable efforts
to correct the defect. DigiCert is not obligated to correct a defect if (i) the Certificate was
misused, damaged, or modified, (ii) you did not promptly report the defect to DigiCert, or (iii)
you breached any provision of this agreement.
3.3. Warranty Disclaimers. THE CERTIFICATES, AND ANY RELATED SOFTWARE, PRODUCTS, AND
SERVICES, INCLUDING THE EXPRESS INSTALL UTILITY, ARE PROVIDED "AS IS" AND "AS
AVAILABLE. TO THE MAXIMUM EXTENT PERMITTED BY LAW, DIGICERT DISCLAIMS ALL
EXPRESS AND IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. DIGICERT DOES NOT
WARRANT THAT ANY SERVICE OR PRODUCT WILL MEET YOUR EXPECTATIONS OR THAT
ACCESS TO THE ACCOUNT WILL BE TIMELY OR ERROR-FREE. DigiCert does not guarantee the
availability of any products or services and may modify or discontinue any product or service
offering at any time.
3.4. Limitation on Liability. This agreement does not limit a partys liability for (i) death or personal
injury resulting from the negligence of a party, or (ii) fraud or fraudulent statements made by a
party. EXCEPT AS STATED ABOVE, DIGICERTS MAXIMUM LIABILITY RESULTING FROM THESE
TERMS IS LIMITED TO THE AMOUNT PAID OR PAYABLE BY YOU TO DIGICERT DURING THE 12
MONTHS PRIOR TO WHEN THE EVENT GIVING RISE TO THE LIABILITY OCCURRED. DIGICERT
IS NOT LIABLE FOR ANY INDIRECT, CONSEQUENTIAL, SPECIAL, OR PUNITIVE DAMAGES OR
ANY LOSS OF PROFIT, REVENUE, DATA, OR OPPORTUNITY, EVEN IF DIGICERT IS AWARE OF THE
POSSIBILITY OF SUCH DAMAGES.
3.5. Liability. You are liable for any claims (including damages, costs, and defense expenses) that are
brought by third parties against DigiCert, its agents and assigns, that are result from use of your
Certificate or Private Key or that are caused by your intentional or grossly negligent breach of
this agreement. DigiCert is not responsible for your employees or agents, including any expenses
owed to them.
3.6. Extent. The limitations in this section apply to the maximum extent permitted by law and apply
regardless of (i) the reason for or nature of the liability, including tort claims, (ii) the number of
claims of liability, (iii) the extent or nature of the damages, or (iv) whether any other provisions
of this agreement were breached or proven ineffective.

4. Indemnity
4.1. Obligation. You will indemnify, hold harmless, and defend DigiCert and its employees, officers,
directors, shareholders, affiliates, and assigns against all third party claims and all related
liabilities, damages, and costs, including reasonable attorneys fees, arising from (i) your breach
of this agreement, (ii) your failure to disclose a material fact related to the issuance of a
Certificate or to protect the Authentication Mechanisms used to secure the account, (iii) an
allegation that your actions or negligence was the cause of the claim, liability, or cost, (iv) your
website, products, and services, or (v) your use of DigiCerts products or services to infringe on
the rights of a third party.
4.2. Indemnification Procedure. An entity seeking indemnification under this agreement
(Indemnified Party) must notify you promptly of any event requiring indemnification.
However, an Indemnified Partys failure to notify will not relieve you from your indemnification
obligations, except to the extent that the failure to notify materially prejudices you. You may
assume the defense of any proceeding requiring indemnification unless assuming the defense
would result in potential conflicting interests as determined by the Indemnified Party in good
faith. An Indemnified Party may, at your expense, defend itself until your counsel has initiated a
defense of the Indemnified Party. Even after you assume the defense, the Indemnified Party may
participate in any proceeding using counsel of its own choice and at its own expense. You may
not settle any proceeding related to this agreement unless the settlement also includes an
unconditional release of liability for all Indemnified Parties.
4.3. Additions to and Limitations on Liability. Your indemnification obligations are not DigiCerts sole
remedy under this agreement and are in addition to any other remedies that DigiCert may have
against you. You must commence any claim or action arising from this agreement within one
year from the occurrence of events giving rise to a cause of action. You waive your right to any
claim that is commenced more than one year from the first date on which the cause of action
arose.

5. Arbitration
5.1. Requirement. To the maximum extent permitted by law, you will settle any dispute or claim
related to this agreement, the CPS, DigiCerts websites, or any Certificate issued under this
Agreement using binding arbitration in accordance with the Arbitration Rules of the American
Arbitration Association (AAA). The parties shall hold all arbitration proceedings in Lehi, Utah.
The parties shall settle all such disputes and claims settled in this manner in lieu of any action at
law or equity; except that nothing in this subsection precludes a party from bringing an action for
injunctive relief or other equitable relief.
5.2. Proceeding. During arbitration, the parties shall use a single arbitrator appointed by the AAA to
arbitrate a dispute or claim. The arbitrator must exhibit a reasonable familiarity with the issues.
The award of the arbitrator is binding and final upon all parties. Either party may have a court
with proper jurisdiction enter the award. This agreement remains in full force and effect while
the outcome of the arbitration proceeding is pending. The arbitrator shall follow applicable law
in conducting the arbitration.
5.3. Costs. A party shall pay any costs, including reasonably attorney fees, to which the arbitrator
determines that the prevailing party is entitled. Each party shall pay its own costs associated
with the arbitration if such costs are not awarded by the arbitrator. The arbitrator may not
award punitive damages or speculative damages to either party and does not have the power to
amend this agreement.

6. Miscellaneous
6.1. Agreement. Unless explicitly stated otherwise, this agreement, along with all documents referred
to herein, constitutes the entire agreement between the parties with respect to the issuance and
use of the requested Certificate, superseding all other agreements that may exist with respect to
that particular Certificate. DigiCert may amend any of its (i) website and any documents listed
thereon, (ii) CPS, (iii) fees, (iv) privacy policy, or (iv) the conditions under which you receive a
Certificate. Amendments are effective upon the earlier of DigiCerts posting the amendment on
its website or your receipt of the amendment. You must periodically review DigiCerts website to
be aware of any changes to this agreement or the relevant documents. Your continued use of a
Certificate after an amendment is posted constitutes your acceptance of the amendment. If a law
or industry standard changes and that change affects the Certificates or other services provided
under this agreement, then DigiCert may amend this agreement to the extent necessary to
comply with the change. The laws of the state of Utah govern the interpretation, construction,
and enforcement of this agreement and all matters related to it, including tort claims, without
regards to any conflicts-of-laws principles. The parties hereby submit to the exclusive
jurisdiction of and venue in the state and federal courts located in the State of Utah.
6.2. Waiver. A partys failure to enforce or delay in enforcing a provision of this agreement does not
waive (i) the partys right to enforce the same provision later, or (ii) the partys right to enforce
any other provision of the agreement. A waiver is only effective if in writing and signed by the
party against whom the waiver is claimed.
6.3. Industry Standards. Both parties will comply with all industry and privacy standards applicable
to the Certificates. If industry standards change, DigiCert and you will work together in good
faith to amend this agreement to comply with the changes.
6.4. Force Majeure and Internet Frailties. Neither party is liable for any failure or delay in performing
its obligations under this agreement to the extent that the circumstances causing such failure or
delay are beyond a partys reasonably control. You acknowledge that the Certificates are subject
to the operation and telecommunication infrastructures of the Internet and the operation of your
Internet connection services, all of which are beyond DigiCerts control.
6.5. Notices. You must send all notices in English writing by first class mail with return receipt
request to DigiCert, Inc. at 2600 West Executive Parkway, Suite 500, Lehi, Utah 84043. DigiCert
will send notices to you either, in DigiCerts discretion, through the account or through your
email address (as provided by you). Notices to DigiCert are effective when received. Notices to
you are effective when sent.
6.6. Assignment. You may not assign your rights or obligations under this agreement without the
prior written consent of DigiCert. Any transfer without consent is void. DigiCert may assign its
rights and obligations without your consent.
6.7. Severability. The invalidity or unenforceability of a provision under this agreement, as
determined by a court or administrative body of competent jurisdiction, does not affect the
validity or enforceability of the remainder of this agreement. The parties will substitute any
invalid or unenforceable provision with a valid or enforceable provision that achieves the same
economic, legal, and commercial objectives as the invalid or unenforceable provision.
6.8. Rights of Third Parties. Application Software Vendors and Relying Parties are express third party
beneficiaries of your obligations and representations under this agreement that directly relate to
the use or issuance of a Certificate. Other than the Application Software Vendors and Relying
Parties, no third parties have any rights or remedies under the agreement.
6.9. Interpretation. The definitive version of this agreement is written in English. If this agreement is
translated into another language and there is a conflict between the English version and the
translated version, the English language version controls.

ACCEPTANCE
BY CHECKING "I AGREE", YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND THIS AGREEMENT
AND THAT YOU WILL TO COMPLY WITH ITS TERMS. DO NOT CHECK "I AGREE" AND DO NOT PROCEED IF
YOU DO NOT ACCEPT THIS AGREEMENT.

author	jiri.kralovec@oracle.com <jiri.kralovec@oracle.com>
	Fri, 07 Apr 2017 00:53:32 -0700
changeset 7846	eaed6d702f04
parent 7222	37e367b978c0
permissions	-rw-r--r--