diff --git a/Linux/README.md b/Linux/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..165f59e5f669f206d987d6091411c274a0e547bf
--- /dev/null
+++ b/Linux/README.md
@@ -0,0 +1,39 @@
+Revoke-China-Certs on Linux
+==========================================
+
+## Intro
+
+This tool revokes certain CA certificates for NSS-based applications on Linux,
+(most notably, Firefox & Chrome).
+
+On Linux there are multiple libraries for SSL/TLS and each may have its own
+certificate store. The `/etc/ca-certificate.conf` configures the trusted
+Root CAs for OpenSSL (which `wget` uses by default). Another widely used
+library is NSS by Mozilla, which supports blacklisting a specific intermediate
+CA without fiddling with the Root CA.
+
+**This tool is experimental. DO MAKE BACKUPS before you do anything!**
+
+## Usage
+
+First you need to have packages installed to provide `certutil`. On Ubuntu it would be:
+
+ sudo apt-get install libnss3-tools
+
+Then, use the `revoke-china-certs.sh` to do the revocation. For Chrome it would be:
+
+ ./revoke-china-certs.sh extended $HOME/.pki/nssdb
+
+to revoke trust of CAs within the *extended* set. Change `extended` to `all` or `base`
+or `restore` to revoke other sets of certs.
+
+Since Firefox maintains different certificate store for different browser profile (rather
+than per Linux user for Chrome), you need to do this for every profile under `~/.mozilla/firefox`.
+
+ for profile in `ls ~/.mozilla/firefox/*.default`;do
+ ./revoke-china-certs.sh extended $HOME/.mozilla/firefox/$profile
+ done
+
+## Notes
+
+Deselecting a CA by `dpkg-reconfigure ca-certificates` does NOT affect any NSS-based applications.
diff --git a/Linux/nss_revoke.sh b/Linux/nss_revoke.sh
new file mode 100755
index 0000000000000000000000000000000000000000..e6d63ffda6ca8ad66a4b35ba29254b1f8430dae4
--- /dev/null
+++ b/Linux/nss_revoke.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+DBPATH=$1
+CERTS=$2
+
+
+echo "Resetting CA set"
+RESETS=``
+
+certutil -d sql:${DBPATH} -L | grep -oP "NSS Certificate DB:revoke-china-certs:[^\s]+" | \
+while read CERT;do
+ certutil -d sql:${DBPATH} -D -n "${CERT}"
+done
+
+echo "Revoking CAs in $DBPATH/cert9.db"
+
+for CERT in $CERTS;do
+ # p,p,p: prohibit all use
+ certutil -d sql:${DBPATH} -A -n "revoke-china-certs:${CERT}" -t p,p,p -i ${CERT}
+done
+
+echo "Done"
diff --git a/Linux/revoke-china-certs.sh b/Linux/revoke-china-certs.sh
new file mode 100755
index 0000000000000000000000000000000000000000..d5870007a0ee70b8a065cf48b3916bfb5d58ffad
--- /dev/null
+++ b/Linux/revoke-china-certs.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+set -e
+
+if [ ${1:-extended} = 'all' ];then
+ echo "Generating ALL CRL set"
+ # TODO: Explicitly distinguish between CA & EE certificates.
+ CA_CERTS=`ls ../Windows/Certs/Online/*.crt`
+ EE_CERTS=`ls ../Windows/Certs/Online/\[Fake\]*.crt`
+ echo "all"
+elif [ ${1:-extended} = 'extended' ];then
+ echo "Generating EXTENDED CRL set"
+ CA_CERTS=`ls ../Windows/Certs/Online/CNNIC_*.crt ../Windows/Certs/Online/China_Internet_Network_Information_Center_EV_Certificates_Root.crt ../Windows/Certs/Online/[Suspicious]WaccBaiduCom.crt ../Windows/Certs/Online/GiantRootCA.crt ../Windows/Certs/Online/CFCA_*.crt ../Windows/Certs/Online/UCA_*.crt ../Windows/Certs/Online/[Suspicious]GoAgent_CA.crt`
+ EE_CERTS=`ls ../Windows/Certs/Online/\[Fake\]*.crt`
+elif [ ${1:-extended} = 'restore' ];then
+ echo "Generating RESTORE CRL set"
+ CA_CERTS=''
+ EE_CERTS=''
+else
+ echo "Generating Basic CRL set"
+ CA_CERTS=`ls ../Windows/Certs/Online/CNNIC_*.crt ../Windows/Certs/Online/China_Internet_Network_Information_Center_EV_Certificates_Root.crt ../Windows/Certs/Online/[Suspicious]WaccBaiduCom.crt ../Windows/Certs/Online/GiantRootCA.crt`
+ EE_CERTS=`ls ../Windows/Certs/Online/\[Fake\]*.crt`
+fi
+
+CERTS=`echo $CA_CERTS $EE_CERTS`
+./nss_revoke.sh ${2:-~/.pki/nssdb} "${CERTS}"
diff --git a/README.md b/README.md
index 16b1cdbe6b5bf66f340b76a9184eabb62afd03d5..66e06e7313e97c83190ea02c9cc31992ee32d840 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@ Revoke China Certificates.<br />
全自动å¯ç–‘è¯ä¹¦åŠé”€å·¥å…·/全自動å¯ç–‘憑è‰æ’¤éŠ·å·¥å…·<br />
### Updated
-**2015-02-24**
+**2015-02-25**
### Type
* Online Certificates/在线è¯ä¹¦/在線è‰æ›¸
@@ -24,6 +24,7 @@ Revoke China Certificates.<br />
* [English](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Online)
* [简体ä¸æ–‡](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Online(Chinese_Simplified))
* [ç¹é«”ä¸æ–‡](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Online(Chinese_Traditional))
+* [Android](https://github.com/chengr28/RevokeChinaCerts/tree/master/Android)
### Usage(CodeSigning/Organization)
* [English(CodeSigning)](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_CodeSigning)
diff --git a/Windows/Certs/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd.crt b/Windows/Certs/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd_201112.crt
similarity index 100%
rename from Windows/Certs/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd.crt
rename to Windows/Certs/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd_201112.crt
diff --git a/Windows/Certs/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd_201412.crt b/Windows/Certs/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd_201412.crt
new file mode 100644
index 0000000000000000000000000000000000000000..fe24f2c9721b8985961d2cb838e2a561214423cf
--- /dev/null
+++ b/Windows/Certs/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd_201412.crt
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFdzCCBF+gAwIBAgIQeh/nZ2pISdruK//EpP9L0zANBgkqhkiG9w0BAQUFADCB
+tDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
+ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
+YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEuMCwGA1UEAxMl
+VmVyaVNpZ24gQ2xhc3MgMyBDb2RlIFNpZ25pbmcgMjAxMCBDQTAeFw0xNDEyMjkw
+MDAwMDBaFw0xNjAxMjgyMzU5NTlaMIGoMQswCQYDVQQGEwJDTjEQMA4GA1UECBMH
+YmVpamluZzEQMA4GA1UEBxMHYmVpamluZzEzMDEGA1UEChQqQmVpamluZyBLaW5n
+c29mdCBTZWN1cml0eSBzb2Z0d2FyZSBDby4sTHRkMQswCQYDVQQLFAJJVDEzMDEG
+A1UEAxQqQmVpamluZyBLaW5nc29mdCBTZWN1cml0eSBzb2Z0d2FyZSBDby4sTHRk
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4H96NpBPM4piYDBxHB93
+26igM/APfSN0by7vsRhpg60SpXn8XJW/vSJKr8HUpYwtS+GPN9aFvN/KpDT5+SRB
+26RYoinHgyLsxFSPQIqQVgbyBwJxu16pjbva8qML2z7Uh1ioNv8nzIRwLy1BI2/M
+etHCmGcN7KgnCy+Bjq1l0ipeVjbrjIeRm7oskvv0epjiblCKywSLY4gpuaJ8h04T
+qdzmYkzKyvD5gjtkQT0u6CORuhNNjrReOiSYRrAOsuhQzGpy4cQtpwEd0F2gGgmb
+0uwrawyMYv5gg/YJxZd0E+GPjjhqi2NVDOSb+dXwyLuDk6OBPBy5Oib3SpU1lBxP
+TwIDAQABo4IBjTCCAYkwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCB4AwKwYDVR0f
+BCQwIjAgoB6gHIYaaHR0cDovL3NmLnN5bWNiLmNvbS9zZi5jcmwwZgYDVR0gBF8w
+XTBbBgtghkgBhvhFAQcXAzBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2Iu
+Y29tL2NwczAlBggrBgEFBQcCAjAZDBdodHRwczovL2Quc3ltY2IuY29tL3JwYTAT
+BgNVHSUEDDAKBggrBgEFBQcDAzBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGG
+E2h0dHA6Ly9zZi5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9zZi5zeW1j
+Yi5jb20vc2YuY3J0MB8GA1UdIwQYMBaAFM+Zqep7JvRLyY6P1/AFJu/j0qedMB0G
+A1UdDgQWBBTLiDXjtqWv2mSKzUhOhjUOpHO2zDARBglghkgBhvhCAQEEBAMCBBAw
+FgYKKwYBBAGCNwIBGwQIMAYBAQABAf8wDQYJKoZIhvcNAQEFBQADggEBAJIO9o10
+lg4MSyqbRmeoUvEW9T8I2nUY2mKqUzMYdF4jhBljuv5cKYtnCVbr7yXW7IhkwyAR
+zspPNMYrVLI03MvIbyGhk7T9F65wv7/uqJsnfqT/a6C6jhqLFGHoyFGTH207Xm+j
+6goixclXkI7ZoFGTnHM0h0T9AlfU4gEn3hgjUhK8iL1Eh4YPcXiMsqttL1run223
+qJ3074wUL8kC0gSDGmjN5hHX3ljt4REqYWoghlt1nq2q6O01cJ6y0lpAf58+EvjE
+BA7LWfneE3B7gsLNlpNmj4efRCHu9aUODXXs/eRGDqmaVib1Z6ayQAPAL5laUd6P
+Xgr+GTs36XnG4QQ=
+-----END CERTIFICATE-----
diff --git a/Windows/Certs/CodeSigning/Certification_Authority_Of_WoSign_UTN_USERFirst_Object.crt b/Windows/Certs/CodeSigning/Certification_Authority_Of_WoSign_UTN_USERFirst_Object.crt
new file mode 100644
index 0000000000000000000000000000000000000000..ce33adfea01ba065ea142c868c5a126e4a4138c3
--- /dev/null
+++ b/Windows/Certs/CodeSigning/Certification_Authority_Of_WoSign_UTN_USERFirst_Object.crt
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFljCCBH6gAwIBAgIQa9rf7/BmG9JkKvRuy7J5QDANBgkqhkiG9w0BAQUFADCB
+lTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
+Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
+dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHTAbBgNVBAMTFFVUTi1VU0VSRmlyc3Qt
+T2JqZWN0MB4XDTk5MDcwOTE4MzEyMFoXDTE5MDcwOTE4NDAzNlowVTELMAkGA1UE
+BhMCQ04xGjAYBgNVBAoTEVdvU2lnbiBDQSBMaW1pdGVkMSowKAYDVQQDEyFDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eSBvZiBXb1NpZ24wggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQC9yo2suJEVVpd7a1x6wt5r2aGwwxAj+qehsswx+j7Zpilv
+Fj3ga/i4QF/bOagAeougTVR9wiJ4/I4JuKiF18yVl0t02J5+8ADkDomuSShEGhCZ
+Mg8liFOkDbMPEggWCwNxJxx/4dvS/WdoxAVdCg5dcNfYl6C8U0GakY30njZmen5W
+wZBf5rFoIDakjCQsLEcLWXZmMLW+3u2P+J3TuwEw5vLzDuAskoDzhfkoirRULprt
+93b8FWgW60ps6y4Sj9TP/gzHXB0LfgUyvl6wCSpC1clOkLNZDbt6fs3VCFq0f9gc
+aRH5Jw97Bq9Ugxh74d1UelFobnf8xr9SSmZGobJnGrujT3egvl3//FYLQ3J3kMqe
++fI59Q2p9OrX57MQLzBCNyHMMHDJhpgPzFhNg7t95RqlN422rDKXADpjcSQenjfE
+/3TUN8Di/ohGYBHdCD9QNqu4eqSVYmpusMpqIVpp8/P7HXA5lfOnbqaBiaGIxTtx
+yqNS7oO7/aB39ORv50LbbUqZijRIvBfc5IAIIrbyMcA/BD7rnyB51rgGZGQCMdep
+zVL7hEVpCQAq3FWLxAZGS8BKHQlbOSj9qavOAPkuSEsm5jBMpVjKtESCT+eRHjPD
+sJP/EfyB0sofcSnddk+SJa8dgbcPL4zDBswvJ6NK5A6ZunweRR9/qhlFlv38PQID
+AQABo4IBHzCCARswHwYDVR0jBBgwFoAU2u1kdBScFDyr3ZmpvVsoTYs8ydgwHQYD
+VR0OBBYEFOFmzw7R8bNLtwYgFP6HEtX2/vs+MA4GA1UdDwEB/wQEAwIBhjASBgNV
+HRMBAf8ECDAGAQH/AgECMB0GA1UdJQQWMBQGCCsGAQUFBwMDBggrBgEFBQcDCDAR
+BgNVHSAECjAIMAYGBFUdIAAwRwYDVR0fBEAwPjA8oDqgOIY2aHR0cDovL2NybC50
+cnVzdC1wcm92aWRlci5jb20vVVROLVVTRVJGaXJzdC1PYmplY3QuY3JsMDoGCCsG
+AQUFBwEBBC4wLDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AudHJ1c3QtcHJvdmlk
+ZXIuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQBYbPGDS5n2cyuZB6PYV87Ul/1qAoO+
+YLEX4xd0YXFlPHkptf5lGMTYHeLa39oO+aB113l6yw7N+TBSg+PaLh7lMjRlG3Pd
+DZ/5MVh6x2s5umEeoUZgkdRPvIHOUt3LgES8ihg3DARFDgj254fFDPuLApMkIllb
+WzD6vXa++7WYiUP+8VLWIFGCnNkqGT8Y+Ila+0Zx+6m/l5lBzTbaJ1UCE7rSUzjV
+5X7AwhsAqgw8saNsVv+6Yn6BHsqPiKCaXW9n6s4bjR9aXPnyH/9KUARYa3DX3Po6
+/KIRD4F2E48pERsqB2jPUIxHLXXlBFxK4QCaif3/PqvMrblWw6clW2Rc
+
+-----END CERTIFICATE-----
diff --git a/Windows/Certs/CodeSigning/MeituCom.crt b/Windows/Certs/CodeSigning/MeituCom_201212.crt
similarity index 100%
rename from Windows/Certs/CodeSigning/MeituCom.crt
rename to Windows/Certs/CodeSigning/MeituCom_201212.crt
diff --git a/Windows/Certs/CodeSigning/MeituCom_201411.crt b/Windows/Certs/CodeSigning/MeituCom_201411.crt
new file mode 100644
index 0000000000000000000000000000000000000000..2f97680fb51516f92709ed2a1c9ab3b180321d04
--- /dev/null
+++ b/Windows/Certs/CodeSigning/MeituCom_201411.crt
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFHTCCBAWgAwIBAgIQd+eV0+QIQll1ve8mWjtqaDANBgkqhkiG9w0BAQsFADBK
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMSQwIgYDVQQDExtU
+aGF3dGUgQ29kZSBTaWduaW5nIENBIC0gRzIwHhcNMTQxMTIwMDAwMDAwWhcNMTcw
+MjE4MjM1OTU5WjCBmzELMAkGA1UEBhMCQ04xDzANBgNVBAgMBkZ1amlhbjEPMA0G
+A1UEBwwGWGlhbWVuMSowKAYDVQQKDCHljqbpl6jnvo7lm77nvZHnp5HmioDmnInp
+mZDlhazlj7gxEjAQBgNVBAsMCeS6p+WTgemDqDEqMCgGA1UEAwwh5Y6m6Zeo576O
+5Zu+572R56eR5oqA5pyJ6ZmQ5YWs5Y+4MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0A
+MIIBCAKCAQEA9N5Sk0o4NYQBIR0wOkKQH72/1D5Y0ixJzZBror/HcQXr3sqtGRhU
+CPcJM+Prms8P8D51lTnyglrsQ9cKfc4BVnVgr7v2bb2IoWKa3YfscT/18+UKcpfp
+qCmRoDp5o/gv89j85kZyId0QNpUCL8s9QOWzGFdJHR3AyKRKaSEavyw0aTNoc64u
+vD8UYh3xe7+V/lPgvWMPQVei1PYQB+wn2dxS+rGHzjBeJjknVGIEUBIk87BDVR0u
+8hRxPRZhmwKa/bF+0Y0ITc6Ww4xoO2aAxJbvMBz9ArswfcG7cORnOIHq6SLkPC6X
+NOF5Nr2qHDBXuhyc8eR3+BymQENx1PykFwIBA6OCAa0wggGpMAkGA1UdEwQCMAAw
+HwYDVR0jBBgwFoAU1A1lP3q9NMb+R+dMDcC98t4Vq3EwHQYDVR0OBBYEFAy577up
+AqP40qggs6wuPEw7nJ11MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly90aC5zeW1j
+Yi5jb20vdGguY3JsMA4GA1UdDwEB/wQEAwIHgDAfBgNVHSUEGDAWBggrBgEFBQcD
+AwYKKwYBBAGCNwIBFjBzBgNVHSAEbDBqMGgGC2CGSAGG+EUBBzACMFkwJgYIKwYB
+BQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMC8GCCsGAQUFBwICMCMM
+IWh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3NpdG9yeTAdBgNVHQQEFjAUMA4w
+DAYKKwYBBAGCNwIBFgMCB4AwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNo
+dHRwOi8vdGguc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vdGguc3ltY2Iu
+Y29tL3RoLmNydDARBglghkgBhvhCAQEEBAMCBBAwDQYJKoZIhvcNAQELBQADggEB
+AKYeUS0q1WvEy/yVm7fwjul/340/+1kmxI9jgfOptJ4O7PrYWsA6jx9vxZk9JzqS
+WCkBilkm51GFBCjkAILzXyizFYF5eoi9U3dqNf7ekECxI+L4H1AWkc7mcEO3yS7v
+tWs4bxgCFSov8BUpZcS74qu1//3ck2jnbVzoZwZ/uqGjDfQspkkhW3OaKHTsUDuq
+P0rcg2Gl/MuHjSnN33D80OxTssExxM1Y3qpdWxwvPMRs9ooaS4Ir250xLOcCycFt
+Gi8InbV4f9hszhaQrpMREVHWRYUA9VkTpnEx8ySkoY4nsQPTxI+IoS7NLQgm5CrY
+lAksmYYywLTZ0s0f/T2gSww=
+-----END CERTIFICATE-----
diff --git a/Windows/Certs/CodeSigning/Tencent_Technology_Shenzhen_Company_Limited.crt b/Windows/Certs/CodeSigning/Tencent_Technology_Shenzhen_Company_Limited_201301.crt
similarity index 100%
rename from Windows/Certs/CodeSigning/Tencent_Technology_Shenzhen_Company_Limited.crt
rename to Windows/Certs/CodeSigning/Tencent_Technology_Shenzhen_Company_Limited_201301.crt
diff --git a/Windows/Certs/Online/Certification_Authority_Of_WoSign_Chinese_StartCom.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign_Chinese_StartCom_1.crt
similarity index 100%
rename from Windows/Certs/Online/Certification_Authority_Of_WoSign_Chinese_StartCom.crt
rename to Windows/Certs/Online/Certification_Authority_Of_WoSign_Chinese_StartCom_1.crt
diff --git a/Windows/Certs/Online/Certification_Authority_Of_WoSign_Chinese_StartCom_2.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign_Chinese_StartCom_2.crt
new file mode 100644
index 0000000000000000000000000000000000000000..61f5dd755de6cc6f5ca1c11bd6f6b27ada95e175
--- /dev/null
+++ b/Windows/Certs/Online/Certification_Authority_Of_WoSign_Chinese_StartCom_2.crt
@@ -0,0 +1,36 @@
+-----BEGIN CERTIFICATE-----
+MIIGTTCCBDWgAwIBAgIHH86n9ql/6TANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
+EwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERp
+Z2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MjI0NjM2WhcNMTkxMjMxMjM1
+OTU5WjBGMQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQx
+GzAZBgNVBAMMEkNBIOayg+mAmuagueivgeS5pjCCAiIwDQYJKoZIhvcNAQEBBQAD
+ggIPADCCAgoCggIBANBJIR4l/IfBKsKs23aGBk7n0HQ03O1lNfxQ1og/pPB/6w9f
+eS+Jsf28Y1g3k5s4+LdbqfrYcce0vICXjWxL8VDVKimqqBl6luaVjnTtlwpXdfQF
+220LObkBf6r21tps5gXgpE1S/NvQdLcRjHuNT/+Hg67/BQMTV1A3/oyWUhBMX7+U
+cWnZlj4MQ0++MMCfOXRPBkVdo9ZWOWgHzIdPUHeTcdlECLGKNOmJrNubTuHZ5FJF
+jC4UH5FrGR1oKSxWxOIeE1dk8GHjuRHfsOFXoBut11/Rr9srLT/QaI4P6p8PizVY
+GxMc9N41oQpd1urfEm/A+2kHRnLcgfYEIxfgTXXhcm+wKOub4eGDoZ9KXa/Mm/oC
+ILYYYneRO6PVZa3cfJB3HERBpEqL65Vy6fYJZNyoLZ90eOjBogljnO+g20+dlasg
+T7ew94dcpqDkNzjHXOM1Dyyto4Ci7C5dwM/tiwXC5nNu9onV9dJGjuptYxseisl9
+pvic6+XVY4VNc2ZpEf7IDvTBx2ZJU37kGWvx6XpZo21+xRfmJ8bvG9tv/A1NBgG0
+DlwwRlVgrzhlOspHuqwszEYfskaWP/PtJgXud6Fqa34tbVhcStSOZ7jx2tVGiif5
+EfLJQv5O3t8fXMSkhocWM6GnFxilDeQF5SvCKwuilZC5/WA8Tok+55zuH7sBAgMB
+AAGjggEHMIIBAzASBgNVHRMBAf8ECDAGAQH/AgECMA4GA1UdDwEB/wQEAwIBBjAd
+BgNVHQ4EFgQU4E2/3JtBXRPoZPCn6RWk4YHBujEwHwYDVR0jBBgwFoAUTgvvGqRA
+W6UXaYcwyjRoQ9BBrvIwaQYIKwYBBQUHAQEEXTBbMCcGCCsGAQUFBzABhhtodHRw
+Oi8vb2NzcC5zdGFydHNzbC5jb20vY2EwMAYIKwYBBQUHMAKGJGh0dHA6Ly9haWEu
+c3RhcnRzc2wuY29tL2NlcnRzL2NhLmNydDAyBgNVHR8EKzApMCegJaAjhiFodHRw
+Oi8vY3JsLnN0YXJ0c3NsLmNvbS9zZnNjYS5jcmwwDQYJKoZIhvcNAQELBQADggIB
+AI274T7wqbpK6IUpiNBGwjQCnLQYCkkOse9rVge7hwFTdK2gpoA1bNcBmrmEubOP
+jRBVHNhW+bXyJIc+UBs8RdjcgJMmGHSVhMPs2zvncMwx5b2FHvr4ajWwXcL3INlF
+vwJYifZgzi9FSe+Xg9KLqfQMSZNCpIop57BJ8F/hhnWcmjNvCtPod9jaV91SMy/R
+xN6FfVNV8V/TJNYlJYNjLF9xSHxgpLYu5WHPFzHzyFdPlDdtWZbgoTyXJ0zKwsMV
+w1zS6WDAGRWHgWlRRXPbmBSBPhXk5JfSBLX8M/uHJGl1t6frghUdSqw7EiOJn7T8
+JE7dIsi3zx462waTg7jKDLpzC34/PEvPYcF7X5pybb/TQVjjGzWZg61sQERjfN7B
+ePHm6SGg74pOkX4XVVuX8SnaH/Y+dTmaZfGJKDs50PU7PpF5qA2x1FaeIFuzklqt
+H4DHm6uaOsO5HOIWstKhtlH9xnb2l9vxF581/Tlxea6OUtHfk4J7GvGcowyADI8g
+7OOYkS8e9GQ2DBVqacq0VrnIFA0uAXGTL27Oh6VYFmZ61MjVEhXF5y4yHQ8KFpQK
+vFCV0S6lX0VqalP0cPBCUftf1L8qBqy5FMQDhlET6Lwh0FT1iTvz03xlQMRZBzyS
+EkE9+JcNYJ8zFJKmjFvuStRRmMJTdkorYuwFw2tQZLFs
+-----END CERTIFICATE-----
diff --git a/Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_200609.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_200609_1.crt
similarity index 100%
rename from Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_200609.crt
rename to Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_200609_1.crt
diff --git a/Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_200609_2.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_200609_2.crt
new file mode 100644
index 0000000000000000000000000000000000000000..09793e919debd1b6c6475448bf3db54796f667ec
--- /dev/null
+++ b/Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_200609_2.crt
@@ -0,0 +1,36 @@
+-----BEGIN CERTIFICATE-----
+MIIGXDCCBESgAwIBAgIHGcKFMOk7NjANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
+EwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERp
+Z2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MjI0NjM2WhcNMTkxMjMxMjM1
+OTU5WjBVMQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQx
+KjAoBgNVBAMTIUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbjCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL3Kjay4kRVWl3trXHrC3mvZobDD
+ECP6p6GyzDH6PtmmKW8WPeBr+LhAX9s5qAB6i6BNVH3CInj8jgm4qIXXzJWXS3TY
+nn7wAOQOia5JKEQaEJkyDyWIU6QNsw8SCBYLA3EnHH/h29L9Z2jEBV0KDl1w19iX
+oLxTQZqRjfSeNmZ6flbBkF/msWggNqSMJCwsRwtZdmYwtb7e7Y/4ndO7ATDm8vMO
+4CySgPOF+SiKtFQumu33dvwVaBbrSmzrLhKP1M/+DMdcHQt+BTK+XrAJKkLVyU6Q
+s1kNu3p+zdUIWrR/2BxpEfknD3sGr1SDGHvh3VR6UWhud/zGv1JKZkahsmcau6NP
+d6C+Xf/8VgtDcneQyp758jn1Dan06tfnsxAvMEI3IcwwcMmGmA/MWE2Du33lGqU3
+jbasMpcAOmNxJB6eN8T/dNQ3wOL+iEZgEd0IP1A2q7h6pJViam6wymohWmnz8/sd
+cDmV86dupoGJoYjFO3HKo1Lug7v9oHf05G/nQtttSpmKNEi8F9zkgAgitvIxwD8E
+PuufIHnWuAZkZAIx16nNUvuERWkJACrcVYvEBkZLwEodCVs5KP2pq84A+S5ISybm
+MEylWMq0RIJP55EeM8Owk/8R/IHSyh9xKd12T5Ilrx2Btw8vjMMGzC8no0rkDpm6
+fB5FH3+qGUWW/fw9AgMBAAGjggEHMIIBAzASBgNVHRMBAf8ECDAGAQH/AgECMA4G
+A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU4WbPDtHxs0u3BiAU/ocS1fb++z4wHwYD
+VR0jBBgwFoAUTgvvGqRAW6UXaYcwyjRoQ9BBrvIwaQYIKwYBBQUHAQEEXTBbMCcG
+CCsGAQUFBzABhhtodHRwOi8vb2NzcC5zdGFydHNzbC5jb20vY2EwMAYIKwYBBQUH
+MAKGJGh0dHA6Ly9haWEuc3RhcnRzc2wuY29tL2NlcnRzL2NhLmNydDAyBgNVHR8E
+KzApMCegJaAjhiFodHRwOi8vY3JsLnN0YXJ0c3NsLmNvbS9zZnNjYS5jcmwwDQYJ
+KoZIhvcNAQELBQADggIBALZt+HD74g1MmLMHSRX1BMRsysr1aKAI/hJtnAQGya2a
+kVI+eMRc7p9UHe7j8V4wyUnhOeCmnTZsV/rmNE9V6IeoLN0F8VgSkejKzih4j98H
+hQGl3EWWBdSAsisFmsuapYvgOmfmc0e+Sv0nsYjv5srPjQ4mn/pfV3itbf6umzUI
+scO6wQBKS30Uvffx01UYrNAzcIhtxAlxFKYrT4iB5wsAN6kVfX7XAZY/L697Yq4K
+Sr9LOS41EIv+BDnkPDoMCVZAOrX0wmgMtflSze6d+Jj8eOdYR48cc1hpM6v/3d+O
+JAF3mBk6sGZ5vOEIow5PwQSz8wHI69NZHDXSkx5wZYJ/28/7yJkSYMNEbzqAS9e+
+IaoUemTL3TdDRVsyLkXw2VkfaxjwfOlVNhlhX7V98Y29iOR1S5jdJ7DkhEQqYYRX
+BYIRH6o1WPMgDq9Z7/pVcnINJtCbU0mszjcuZWH/9uwb6vbxptPRtXu+NfQiwbyN
+Ab1oXoMNL+zW2mMMJ9FUPuSo085LMriRlP/7W0ktdRiounGaO67ZwKlPh5Hti3tr
+IJiJOYNPgMRpzBfJyE6+5KmlgXZwBgQyzYNl9Lx9PhO80uhvY6q1O9qNhjKCeJ3Z
+zP+/V2R07Sg9RGIVYUv3lLANKmcc8MubpZK/+EFawT1g7Z+7uG2bzqlqFj9+6gbx
+-----END CERTIFICATE-----
diff --git a/Windows/RevokeChinaCerts_CodeSigning.bat b/Windows/RevokeChinaCerts_CodeSigning.bat
index ccef18842ee1490eb2e4eb8f85837b0c215bf5c7..f9ba65e94e518de8a0043747904e793b2f304bb7 100644
--- a/Windows/RevokeChinaCerts_CodeSigning.bat
+++ b/Windows/RevokeChinaCerts_CodeSigning.bat
@@ -13,7 +13,7 @@ set CertMgr="%cd%\Tools\CertMgr"
if %PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432% EQU x86 set CertMgr="%cd%\Tools\CertMgr_x86"
set Folder=%cd%\Certs\CodeSigning
set /a SetForce = 0
-set SetForceAppender="%cd%\Tools\SoftCertPolicyAppender\SoftCertPolicyAppender"
+set SetForceAppender="%cd%\Tools\SoftCertPolicyAppender\Binary\SoftCertPolicyAppender"
@echo RevokeChinaCerts CodeSigning batch
@echo.
@echo Do you want to set force cetificates policy? [Y/N]
@@ -33,10 +33,13 @@ goto %UserChoice%
:: All version
:CASE_1
+if %SetForce% EQU 0 (
:: WoSign Code Signing Authority(UTN-USERFirst-Object)
%CertMgr% -add -c "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed
:: WoTrust Code Signing Authority(UTN-USERFirst-Object)
%CertMgr% -add -c "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed
+:: Certification Authority of WoSign(UTN-USERFirst-Object)
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_UTN_USERFirst_Object.crt" -s Disallowed
:: 91.Com
%CertMgr% -add -c "%Folder%\91Com.crt" -s Disallowed
:: Baidu (China) Co., Ltd.
@@ -47,8 +50,10 @@ goto %UserChoice%
%CertMgr% -add -c "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" -s Disallowed
:: Beijing Funshion Online Technologies Ltd.
%CertMgr% -add -c "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" -s Disallowed
-:: Beijing Kingsoft Security software Co.,Ltd
-%CertMgr% -add -c "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd.crt" -s Disallowed
+:: Beijing Kingsoft Security software Co.,Ltd(2011-12-26)
+%CertMgr% -add -c "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201112.crt" -s Disallowed
+:: Beijing Kingsoft Security software Co.,Ltd(2014-12-29)
+%CertMgr% -add -c "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201412.crt" -s Disallowed
:: BEIJING KUWO TECHNOLOGY CO.,LTD.
%CertMgr% -add -c "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" -s Disallowed
:: BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.
@@ -65,8 +70,10 @@ goto %UserChoice%
%CertMgr% -add -c "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" -s Disallowed
:: Maxthon (Asia) Limited
%CertMgr% -add -c "%Folder%\Maxthon_Asia_Limited.crt" -s Disallowed
-:: Meitu.Com
-%CertMgr% -add -c "%Folder%\MeituCom.crt" -s Disallowed
+:: Meitu.Com(2012-12-18)
+%CertMgr% -add -c "%Folder%\MeituCom_201212.crt" -s Disallowed
+:: Meitu.Com(2014-11-20)
+%CertMgr% -add -c "%Folder%\MeituCom_201411.crt" -s Disallowed
:: NetEase(Hangzhou) Network Co. Ltd.
%CertMgr% -add -c "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" -s Disallowed
:: PPLive Corporation
@@ -79,10 +86,10 @@ goto %UserChoice%
%CertMgr% -add -c "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" -s Disallowed
:: TAOBAO (CHINA) SOFTWARE CO.,LTD.
%CertMgr% -add -c "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" -s Disallowed
-:: Tencent Technology Shenzhen Company Limited
-%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited.crt" -s Disallowed
:: Tencent Technology Shenzhen Company Limited(2010-01-26)
%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" -s Disallowed
+:: Tencent Technology Shenzhen Company Limited(2013-01-17)
+%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201301.crt" -s Disallowed
:: UC Mobile Limited
%CertMgr% -add -c "%Folder%\UC_Mobile_Limited.crt" -s Disallowed
:: Wandou Technology Ltd
@@ -95,137 +102,115 @@ goto %UserChoice%
%CertMgr% -add -c "%Folder%\YlmfCom.crt" -s Disallowed
:: YY Inc
%CertMgr% -add -c "%Folder%\YY_Inc.crt" -s Disallowed
+) else (
:: Set force
-@echo.
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" "%Folder%\91Com.crt" "%Folder%\Baidu_China_CoLtd.crt" "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt" "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd.crt" "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt" "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt" "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt" "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt" "%Folder%\Kingsoft_Security_CoLtd.crt" "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" "%Folder%\Maxthon_Asia_Limited.crt" "%Folder%\MeituCom.crt" "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" "%Folder%\PPLive_Corporation.crt" "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt" "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt" "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" "%Folder%\Tencent_Technology_Shenzhen_Company_Limited.crt" "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" "%Folder%\UC_Mobile_Limited.crt" "%Folder%\Wandou_Technology_Ltd.crt" "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt" "%Folder%\XiamiCom.crt" "%Folder%\YlmfCom.crt" "%Folder%\YY_Inc.crt")
+%SetForceAppender% --set-force "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" "%Folder%\Certification_Authority_Of_WoSign_UTN_USERFirst_Object.crt" "%Folder%\91Com.crt" "%Folder%\Baidu_China_CoLtd.crt" "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt" "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201112.crt" "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201412.crt" "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt" "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt" "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt" "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt" "%Folder%\Kingsoft_Security_CoLtd.crt" "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" "%Folder%\Maxthon_Asia_Limited.crt" "%Folder%\MeituCom_201212.crt" "%Folder%\MeituCom_201411.crt" "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" "%Folder%\PPLive_Corporation.crt" "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt" "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt" "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201301.crt" "%Folder%\UC_Mobile_Limited.crt" "%Folder%\Wandou_Technology_Ltd.crt" "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt" "%Folder%\XiamiCom.crt" "%Folder%\YlmfCom.crt" "%Folder%\YY_Inc.crt")
goto EXIT
:: Choice version
:CASE_2
set /p UserChoice="Revoke WoSign Code Signing Authority(UTN-USERFirst-Object)? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt"))
@echo.
set /p UserChoice="Revoke WoTrust Code Signing Authority(UTN-USERFirst-Object)? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt"))
+@echo.
+set /p UserChoice="Revoke Certification Authority of WoSign(UTN-USERFirst-Object)? [Y/N]"
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_UTN_USERFirst_Object.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Certification_Authority_Of_WoSign_UTN_USERFirst_Object.crt"))
@echo.
set /p UserChoice="Revoke 91.Com? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\91Com.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\91Com.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\91Com.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\91Com.crt"))
@echo.
set /p UserChoice="Revoke Baidu (China) Co., Ltd.? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Baidu_China_CoLtd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Baidu_China_CoLtd.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Baidu_China_CoLtd.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Baidu_China_CoLtd.crt"))
@echo.
set /p UserChoice="Revoke Beijing baidu Netcom science and technology co.ltd? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt"))
@echo.
set /p UserChoice="Revoke Beijing Baofeng Technology Co., Ltd.? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt"))
@echo.
set /p UserChoice="Revoke Beijing Funshion Online Technologies Ltd.? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt"))
@echo.
-set /p UserChoice="Revoke Beijing Kingsoft Security software Co.,Ltd? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd.crt"))
+set /p UserChoice="Revoke Beijing Kingsoft Security software Co.,Ltd(2011-12-26)? [Y/N]"
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201112.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201112.crt"))
+@echo.
+set /p UserChoice="Revoke Beijing Kingsoft Security software Co.,Ltd(2014-12-29)? [Y/N]"
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201412.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201412.crt"))
@echo.
set /p UserChoice="Revoke BEIJING KUWO TECHNOLOGY CO.,LTD.? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt"))
@echo.
set /p UserChoice="Revoke BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt"))
@echo.
set /p UserChoice="Revoke Beijing Rising Information Technology Corporation Limited? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt"))
@echo.
set /p UserChoice="Revoke Beijing Sohu New Media Information Technology Co., Ltd.? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt"))
@echo.
set /p UserChoice="Revoke Guangzhou Tieren Network Technology Co.,Ltd.? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt"))
@echo.
set /p UserChoice="Revoke Kingsoft Security Co.,Ltd? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Kingsoft_Security_CoLtd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Kingsoft_Security_CoLtd.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Kingsoft_Security_CoLtd.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Kingsoft_Security_CoLtd.crt"))
@echo.
set /p UserChoice="Revoke LE SHI INTERNET INFORMATION TECHNOLOGY CORP.,BEI JING? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt"))
@echo.
set /p UserChoice="Revoke Maxthon (Asia) Limited? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Maxthon_Asia_Limited.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Maxthon_Asia_Limited.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Maxthon_Asia_Limited.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Maxthon_Asia_Limited.crt"))
+@echo.
+set /p UserChoice="Revoke Meitu.Com(2012-12-18)? [Y/N]"
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\MeituCom_201212.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\MeituCom_201212.crt"))
@echo.
-set /p UserChoice="Revoke Meitu.Com? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\MeituCom.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\MeituCom.crt"))
+set /p UserChoice="Revoke Meitu.Com(2014-11-20)? [Y/N]"
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\MeituCom_201411.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\MeituCom_201411.crt"))
@echo.
set /p UserChoice="Revoke NetEase(Hangzhou) Network Co. Ltd.? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt"))
@echo.
set /p UserChoice="Revoke PPLive Corporation? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\PPLive_Corporation.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\PPLive_Corporation.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\PPLive_Corporation.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\PPLive_Corporation.crt"))
@echo.
set /p UserChoice="Revoke Qihoo 360 Software Beijing Company Limited? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt"))
@echo.
set /p UserChoice="Revoke Shanghai Quan Tudou Network Technology Co., Ltd.? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt"))
@echo.
set /p UserChoice="Revoke ShenZhen Xunlei Networking Technologies Ltd.? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt"))
@echo.
set /p UserChoice="Revoke TAOBAO (CHINA) SOFTWARE CO.,LTD.? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt"))
-@echo.
-set /p UserChoice="Revoke Tencent Technology Shenzhen Company Limited? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Tencent_Technology_Shenzhen_Company_Limited.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt"))
@echo.
set /p UserChoice="Revoke Tencent Technology Shenzhen Company Limited(2010-01-26)? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt"))
+@echo.
+set /p UserChoice="Revoke Tencent Technology Shenzhen Company Limited(2013-01-17)? [Y/N]"
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201301.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201301.crt"))
@echo.
set /p UserChoice="Revoke UC Mobile Limited? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\UC_Mobile_Limited.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\UC_Mobile_Limited.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\UC_Mobile_Limited.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\UC_Mobile_Limited.crt"))
@echo.
set /p UserChoice="Revoke Wandou Technology Ltd? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Wandou_Technology_Ltd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Wandou_Technology_Ltd.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Wandou_Technology_Ltd.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Wandou_Technology_Ltd.crt"))
@echo.
set /p UserChoice="Revoke Xiamen Yitianxia Network Technology Co., Ltd? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt"))
@echo.
set /p UserChoice="Revoke Xiami.Com? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\XiamiCom.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\XiamiCom.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\XiamiCom.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\XiamiCom.crt"))
@echo.
set /p UserChoice="Revoke Ylmf.Com? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\YlmfCom.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\YlmfCom.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\YlmfCom.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\YlmfCom.crt"))
@echo.
set /p UserChoice="Revoke YY Inc? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\YY_Inc.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\YY_Inc.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\YY_Inc.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\YY_Inc.crt"))
goto EXIT
@@ -235,6 +220,8 @@ goto EXIT
%CertMgr% -del -c -sha1 EA36152981E296F9763E1DC74B3262D3928563F8 -s Disallowed
:: WoTrust Code Signing Authority(UTN-USERFirst-Object)
%CertMgr% -del -c -sha1 B28CCC46D234A7D7CF7F21CCB9406F48A5273CC6 -s Disallowed
+:: Certification Authority of WoSign(UTN-USERFirst-Object)
+%CertMgr% -del -c -sha1 1C1ECDCCf764E6168177C5711F33EC9229A29F88 -s Disallowed
:: 91.Com
%CertMgr% -del -c -sha1 E87D1C1D3FE2BCA700EB7B8DC0E45B97EAF19405 -s Disallowed
:: Baidu (China) Co., Ltd.
@@ -245,8 +232,10 @@ goto EXIT
%CertMgr% -del -c -sha1 CB6F65314E5B25D61304AB2C9C8870B574CC21F5 -s Disallowed
:: Beijing Funshion Online Technologies Ltd.
%CertMgr% -del -c -sha1 9AB5445104C6CCE5A22431CF29C4331CBC328A1B -s Disallowed
-:: Beijing Kingsoft Security software Co.,Ltd
+:: Beijing Kingsoft Security software Co.,Ltd(2011-01-26)
%CertMgr% -del -c -sha1 E88DD1ACD2DB3A352072AA49C675F4944A3FEF82 -s Disallowed
+:: Beijing Kingsoft Security software Co.,Ltd(2014-12-29)
+%CertMgr% -del -c -sha1 CC9467907AD45574588F4E16F29CA36D5F78C0F8 -s Disallowed
:: BEIJING KUWO TECHNOLOGY CO.,LTD.
%CertMgr% -del -c -sha1 5FFFD1A3EAE5ED74558913C4A8476D1514C6D61F -s Disallowed
:: BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.
@@ -263,8 +252,10 @@ goto EXIT
%CertMgr% -del -c -sha1 62DF2BC4B5902B52C215C697D06038E3B28CF5D3 -s Disallowed
:: Maxthon (Asia) Limited
%CertMgr% -del -c -sha1 1481414E8E87412A00D3341167FE3A92C681B830 -s Disallowed
-:: Meitu.Com
+:: Meitu.Com(2012-12-18)
%CertMgr% -del -c -sha1 7B6FAE77BD19FEC5410293344B36124774A6D8F1 -s Disallowed
+:: Meitu.Com(2014-11-20)
+%CertMgr% -del -c -sha1 EBA2ADB1C0B7A61E5BA25B8356387F27049BA1A1 -s Disallowed
:: NetEase(Hangzhou) Network Co. Ltd.
%CertMgr% -del -c -sha1 E0387F3AF5752A4620EC617C39153C0E666CF5F8 -s Disallowed
:: PPLive Corporation
@@ -277,10 +268,10 @@ goto EXIT
%CertMgr% -del -c -sha1 4099665730474153EADF671B8B475C03C08A46D0 -s Disallowed
:: TAOBAO (CHINA) SOFTWARE CO.,LTD.
%CertMgr% -del -c -sha1 E5777A69CAFD7F7C6F89C5297DD1159C7AE9B881 -s Disallowed
-:: Tencent Technology Shenzhen Company Limited
-%CertMgr% -del -c -sha1 2FDD445591CD2EEDBEF8B8A281896A59C08B3DC9 -s Disallowed
:: Tencent Technology Shenzhen Company Limited(2010-01-26)
%CertMgr% -del -c -sha1 8B46390D86B891E5A3D3AAB2B00D6FDB27A0F791 -s Disallowed
+:: Tencent Technology Shenzhen Company Limited(2013-01-17)
+%CertMgr% -del -c -sha1 2FDD445591CD2EEDBEF8B8A281896A59C08B3DC9 -s Disallowed
:: UC Mobile Limited
%CertMgr% -del -c -sha1 1540C77B5D19FC5A71A04DB001488E55B45DDC7F -s Disallowed
:: Wandou Technology Ltd
@@ -295,7 +286,7 @@ goto EXIT
%CertMgr% -del -c -sha1 B3B89CD7940DC67E4291A3EE767AC17A3BC9E620 -s Disallowed
:: Unset force
@echo.
-if %SetForce% EQU 1 (%SetForceAppender% -r --unset-force "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" "%Folder%\91Com.crt" "%Folder%\Baidu_China_CoLtd.crt" "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt" "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd.crt" "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt" "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt" "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt" "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt" "%Folder%\Kingsoft_Security_CoLtd.crt" "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" "%Folder%\Maxthon_Asia_Limited.crt" "%Folder%\MeituCom.crt" "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" "%Folder%\PPLive_Corporation.crt" "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt" "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt" "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" "%Folder%\Tencent_Technology_Shenzhen_Company_Limited.crt" "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" "%Folder%\UC_Mobile_Limited.crt" "%Folder%\Wandou_Technology_Ltd.crt" "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt" "%Folder%\XiamiCom.crt" "%Folder%\YlmfCom.crt" "%Folder%\YY_Inc.crt")
+if %SetForce% EQU 1 (%SetForceAppender% -r --unset-force "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" "%Folder%\Certification_Authority_Of_WoSign_UTN_USERFirst_Object.crt" "%Folder%\91Com.crt" "%Folder%\Baidu_China_CoLtd.crt" "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt" "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201112.crt" "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201412.crt" "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt" "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt" "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt" "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt" "%Folder%\Kingsoft_Security_CoLtd.crt" "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" "%Folder%\Maxthon_Asia_Limited.crt" "%Folder%\MeituCom_201212.crt" "%Folder%\MeituCom_201411.crt" "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" "%Folder%\PPLive_Corporation.crt" "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt" "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt" "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201301.crt" "%Folder%\UC_Mobile_Limited.crt" "%Folder%\Wandou_Technology_Ltd.crt" "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt" "%Folder%\XiamiCom.crt" "%Folder%\YlmfCom.crt" "%Folder%\YY_Inc.crt")
:: Print to screen.
diff --git a/Windows/RevokeChinaCerts_Online.bat b/Windows/RevokeChinaCerts_Online.bat
index ca5e50661a354010830c5b5b1b7dd2e0ecf85c01..340dc90243b8f9f366e76042be281c89f5f5269e 100644
--- a/Windows/RevokeChinaCerts_Online.bat
+++ b/Windows/RevokeChinaCerts_Online.bat
@@ -69,12 +69,18 @@ goto %UserChoice%
:: Certification Authority of WoSign 2(StartCom/2011-03-01)
%CertMgr% -del -c -sha1 692790DA5189529CC5CE1E16E984277A03023E99 -s -r localMachine CA
%CertMgr% -del -c -sha1 692790DA5189529CC5CE1E16E984277A03023E99 -s -r CurrentUser CA
-:: Certification Authority of WoSign(StartCom/2006-09-18)
+:: Certification Authority of WoSign 1(StartCom/2006-09-18)
%CertMgr% -del -c -sha1 804E5FB7DE84F5F5B28347233EAF07846B6070D3 -s -r localMachine CA
%CertMgr% -del -c -sha1 804E5FB7DE84F5F5B28347233EAF07846B6070D3 -s -r CurrentUser CA
-:: Certification Authority of WoSign(Chinese/StartCom) [v998]
+:: Certification Authority of WoSign 2(StartCom/2006-09-18) [v998]
+%CertMgr% -del -c -sha1 B0B68AE97CFE2AFACD0DC2010B9D70ACE593E8A6 -s -r localMachine CA
+%CertMgr% -del -c -sha1 B0B68AE97CFE2AFACD0DC2010B9D70ACE593E8A6 -s -r localMachine CA
+:: Certification Authority of WoSign 1(Chinese/StartCom) [v998]
%CertMgr% -del -c -sha1 D8EFF6C28BB508E4702565F42748454A872BD412 -s -r localMachine CA
%CertMgr% -del -c -sha1 D8EFF6C28BB508E4702565F42748454A872BD412 -s -r CurrentUser CA
+:: Certification Authority of WoSign 2(Chinese/StartCom) [v998]
+%CertMgr% -del -c -sha1 CE335662F0EA6764B95C7F50A995A514ACE8C815 -s -r localMachine CA
+%CertMgr% -del -c -sha1 CE335662F0EA6764B95C7F50A995A514ACE8C815 -s -r CurrentUser CA
:: Certification Authority of WoSign(USERTrust) [v998]
%CertMgr% -del -c -sha1 56FAADDC596DCF78D585D83A35BC04B690D12736 -s -r localMachine CA
%CertMgr% -del -c -sha1 56FAADDC596DCF78D585D83A35BC04B690D12736 -s -r CurrentUser CA
@@ -166,8 +172,10 @@ goto %UserChoice%
%CertMgr% -add -c "%Folder%\CA_WoSign_ECC_Root.crt" -s Disallowed
%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_StartCom_201103_1.crt" -s Disallowed
%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_StartCom_201103_2.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_StartCom_200609.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_Chinese_StartCom.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_StartCom_200609_1.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_StartCom_200609_2.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_Chinese_StartCom_1.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_Chinese_StartCom_2.crt" -s Disallowed
%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_USERTrust.crt" -s Disallowed
%CertMgr% -add -c "%Folder%\WoSign_Premium_Server_Authority_USERTrust.crt" -s Disallowed
%CertMgr% -add -c "%Folder%\WoSign_Server_Authority_USERTrust.crt" -s Disallowed
@@ -407,10 +415,14 @@ goto EXIT
%CertMgr% -del -c -sha1 868241C8B85AF79E2DAC79EDADB723E82A36AFC3 -s Disallowed
:: Certification Authority of WoSign 2(StartCom/2011-03-01)
%CertMgr% -del -c -sha1 692790DA5189529CC5CE1E16E984277A03023E99 -s Disallowed
-:: Certification Authority of WoSign(StartCom/2006-09-18)
+:: Certification Authority of WoSign 1(StartCom/2006-09-18)
%CertMgr% -del -c -sha1 804E5FB7DE84F5F5B28347233EAF07846B6070D3 -s Disallowed
-:: Certification Authority of WoSign(Chinese/StartCom) [v998]
+:: Certification Authority of WoSign 2(StartCom/2006-09-18) [v998]
+%CertMgr% -del -c -sha1 B0B68AE97CFE2AFACD0DC2010B9D70ACE593E8A6 -s Disallowed
+:: Certification Authority of WoSign 1(Chinese/StartCom) [v998]
%CertMgr% -del -c -sha1 D8EFF6C28BB508E4702565F42748454A872BD412 -s Disallowed
+:: Certification Authority of WoSign 2(Chinese/StartCom) [v998]
+%CertMgr% -del -c -sha1 CE335662F0EA6764B95C7F50A995A514ACE8C815 -s Disallowed
:: Certification Authority of WoSign(USERTrust) [v998]
%CertMgr% -del -c -sha1 56FAADDC596DCF78D585D83A35BC04B690D12736 -s Disallowed
:: WoSign Premium Server Authority(USERTrust)
diff --git a/Windows/RevokeChinaCerts_Organization.bat b/Windows/RevokeChinaCerts_Organization.bat
index 82f9959ee3a451feaa7a3ac98556e0c3d14cb5d3..c629cbe58fdb31c45fc66dbb33af19b52fb8f69e 100644
--- a/Windows/RevokeChinaCerts_Organization.bat
+++ b/Windows/RevokeChinaCerts_Organization.bat
@@ -13,7 +13,7 @@ set CertMgr="%cd%\Tools\CertMgr"
if %PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432% EQU x86 set CertMgr="%cd%\Tools\CertMgr_x86"
set Folder=%cd%\Certs\Organization
set /a SetForce = 0
-set SetForceAppender="%cd%\Tools\SoftCertPolicyAppender\SoftCertPolicyAppender"
+set SetForceAppender="%cd%\Tools\SoftCertPolicyAppender\Binary\SoftCertPolicyAppender"
@echo RevokeChinaCerts Organization batch
@echo.
@echo Do you want to set force cetificates policy? [Y/N]
@@ -33,6 +33,7 @@ goto %UserChoice%
:: All version
:CASE_1
+if %SetForce% EQU 0 (
:: ABC
%CertMgr% -add -c "%Folder%\ABC.crt" -s Disallowed
:: ABC TEST CA
@@ -93,137 +94,108 @@ goto %UserChoice%
%CertMgr% -add -c "%Folder%\SZCA_200307.crt" -s Disallowed
:: TenpayCom Root CA
%CertMgr% -add -c "%Folder%\TenpayCom_Root_CA.crt" -s Disallowed
+) else (
:: Set force
-@echo.
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ABC.crt" "%Folder%\ABC_TEST_CA.crt" "%Folder%\ABC2048.crt" "%Folder%\AlibabaCom_Corporation_Root_CA.crt" "%Folder%\ALIPAY_ROOT.crt" "%Folder%\Alipay_Trust_NetWork.crt" "%Folder%\BOCOMCA.crt" "%Folder%\CCB_CA_ROOT_199906.crt" "%Folder%\CCB_CA_ROOT_200906.crt" "%Folder%\CFCA.crt" "%Folder%\CFCA_CS_CA.crt" "%Folder%\CFCA_CS_TEST_CA.crt" "%Folder%\CFCA_Operation_CA3.crt" "%Folder%\CFCA_RCA.crt" "%Folder%\CFCA_Root_CA.crt" "%Folder%\CFCA_RSA_RCA.crt" "%Folder%\China_Trust_Network_1.crt" "%Folder%\China_Trust_Network_2.crt" "%Folder%\China_Trust_Network_3.crt" "%Folder%\ICBC.crt" "%Folder%\ICBC_Root_CA.crt" "%Folder%\IcbcCA.crt" "%Folder%\iTruschina_CN_Root_CA_1.crt" "%Folder%\iTruschina_CN_Root_CA_2.crt" "%Folder%\iTruschina_CN_Root_CA_3.crt" "%Folder%\Personal_ICBC_CA.crt" "%Folder%\ROOTCA_OSCCA.crt" "%Folder%\SZCA.crt" "%Folder%\SZCA_200307.crt" "%Folder%\TenpayCom_Root_CA.crt")
+%SetForceAppender% --set-force "%Folder%\ABC.crt" "%Folder%\ABC_TEST_CA.crt" "%Folder%\ABC2048.crt" "%Folder%\AlibabaCom_Corporation_Root_CA.crt" "%Folder%\ALIPAY_ROOT.crt" "%Folder%\Alipay_Trust_NetWork.crt" "%Folder%\BOCOMCA.crt" "%Folder%\CCB_CA_ROOT_199906.crt" "%Folder%\CCB_CA_ROOT_200906.crt" "%Folder%\CFCA.crt" "%Folder%\CFCA_CS_CA.crt" "%Folder%\CFCA_CS_TEST_CA.crt" "%Folder%\CFCA_Operation_CA3.crt" "%Folder%\CFCA_RCA.crt" "%Folder%\CFCA_Root_CA.crt" "%Folder%\CFCA_RSA_RCA.crt" "%Folder%\China_Trust_Network_1.crt" "%Folder%\China_Trust_Network_2.crt" "%Folder%\China_Trust_Network_3.crt" "%Folder%\ICBC.crt" "%Folder%\ICBC_Root_CA.crt" "%Folder%\IcbcCA.crt" "%Folder%\iTruschina_CN_Root_CA_1.crt" "%Folder%\iTruschina_CN_Root_CA_2.crt" "%Folder%\iTruschina_CN_Root_CA_3.crt" "%Folder%\Personal_ICBC_CA.crt" "%Folder%\ROOTCA_OSCCA.crt" "%Folder%\SZCA.crt" "%Folder%\SZCA_200307.crt" "%Folder%\TenpayCom_Root_CA.crt")
goto EXIT
:: Choice version
:CASE_2
set /p UserChoice="Revoke ABC? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ABC.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ABC.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\ABC.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\ABC.crt"))
@echo.
set /p UserChoice="Revoke ABC TEST CA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ABC_TEST_CA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force %Folder%\ABC_TEST_CA.crt""))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\ABC_TEST_CA.crt" -s Disallowed) else (%SetForceAppender% --set-force %Folder%\ABC_TEST_CA.crt""))
@echo.
set /p UserChoice="Revoke ABC2048? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ABC2048.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force %Folder%\ABC2048.crt""))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\ABC2048.crt" -s Disallowed) else (%SetForceAppender% --set-force %Folder%\ABC2048.crt""))
@echo.
set /p UserChoice="Revoke Alibaba.com Corporation Root CA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\AlibabaCom_Corporation_Root_CA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\AlibabaCom_Corporation_Root_CA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\AlibabaCom_Corporation_Root_CA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\AlibabaCom_Corporation_Root_CA.crt"))
@echo.
set /p UserChoice="Revoke ALIPAY_ROOT? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ALIPAY_ROOT.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ALIPAY_ROOT.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\ALIPAY_ROOT.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\ALIPAY_ROOT.crt"))
@echo.
set /p UserChoice="Revoke Alipay Trust NetWork? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Alipay_Trust_NetWork.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Alipay_Trust_NetWork.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Alipay_Trust_NetWork.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Alipay_Trust_NetWork.crt"))
@echo.
set /p UserChoice="Revoke BOCOMCA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\BOCOMCA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\BOCOMCA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\BOCOMCA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\BOCOMCA.crt"))
@echo.
set /p UserChoice="Revoke CCB CA ROOT(1999-06-29)? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CCB_CA_ROOT_199906.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CCB_CA_ROOT_199906.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\CCB_CA_ROOT_199906.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\CCB_CA_ROOT_199906.crt"))
@echo.
set /p UserChoice="Revoke CCB CA ROOT(2009-06-01)? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CCB_CA_ROOT_200906.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CCB_CA_ROOT_200906.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\CCB_CA_ROOT_200906.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\CCB_CA_ROOT_200906.crt"))
@echo.
set /p UserChoice="Revoke CFCA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\CFCA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\CFCA.crt"))
@echo.
set /p UserChoice="Revoke CFCA CS CA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA_CS_CA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA_CS_CA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\CFCA_CS_CA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\CFCA_CS_CA.crt"))
@echo.
set /p UserChoice="Revoke CFCA CS TEST CA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA_CS_TEST_CA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA_CS_TEST_CA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\CFCA_CS_TEST_CA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\CFCA_CS_TEST_CA.crt"))
@echo.
set /p UserChoice="Revoke CFCA Operation CA3? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA_Operation_CA3.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA_Operation_CA3.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\CFCA_Operation_CA3.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\CFCA_Operation_CA3.crt"))
@echo.
set /p UserChoice="Revoke CFCA RCA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA_RCA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA_RCA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\CFCA_RCA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\CFCA_RCA.crt"))
@echo.
set /p UserChoice="Revoke CFCA Root CA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA_Root_CA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA_Root_CA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\CFCA_Root_CA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\CFCA_Root_CA.crt"))
@echo.
set /p UserChoice="Revoke CFCA RSA RCA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA_RSA_RCA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA_RSA_RCA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\CFCA_RSA_RCA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\CFCA_RSA_RCA.crt"))
@echo.
set /p UserChoice="Revoke China Trust Network(1)? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\China_Trust_Network_1.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\China_Trust_Network_1.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\China_Trust_Network_1.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\China_Trust_Network_1.crt"))
@echo.
set /p UserChoice="Revoke China Trust Network(2)? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\China_Trust_Network_2.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\China_Trust_Network_2.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\China_Trust_Network_2.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\China_Trust_Network_2.crt"))
@echo.
set /p UserChoice="Revoke China Trust Network(3)? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\China_Trust_Network_3.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\China_Trust_Network_3.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\China_Trust_Network_3.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\China_Trust_Network_3.crt"))
@echo.
set /p UserChoice="Revoke ICBC? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ICBC.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ICBC.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\ICBC.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\ICBC.crt"))
@echo.
set /p UserChoice="Revoke ICBC Root CA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ICBC_Root_CA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ICBC_Root_CA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\ICBC_Root_CA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\ICBC_Root_CA.crt"))
@echo.
set /p UserChoice="Revoke IcbcCA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\IcbcCA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\IcbcCA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\IcbcCA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\IcbcCA.crt"))
@echo.
set /p UserChoice="Revoke iTruschina CN Root CA(1)? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_1.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\iTruschina_CN_Root_CA_1.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_1.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\iTruschina_CN_Root_CA_1.crt"))
@echo.
set /p UserChoice="Revoke iTruschina CN Root CA(2)? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_2.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\iTruschina_CN_Root_CA_2.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_2.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\iTruschina_CN_Root_CA_2.crt"))
@echo.
set /p UserChoice="Revoke iTruschina CN Root CA(3)? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_3.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\iTruschina_CN_Root_CA_3.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_3.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\iTruschina_CN_Root_CA_3.crt"))
@echo.
set /p UserChoice="Revoke Personal ICBC CA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Personal_ICBC_CA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Personal_ICBC_CA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\Personal_ICBC_CA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\Personal_ICBC_CA.crt"))
@echo.
set /p UserChoice="Revoke ROOTCA OSCCA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ROOTCA_OSCCA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ROOTCA_OSCCA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\ROOTCA_OSCCA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\ROOTCA_OSCCA.crt"))
@echo.
set /p UserChoice="Revoke SZCA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\SZCA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\SZCA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\SZCA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\SZCA.crt"))
@echo.
set /p UserChoice="Revoke SZCA(20030722)? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\SZCA_200307.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\SZCA_200307.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\SZCA_200307.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\SZCA_200307.crt"))
@echo.
set /p UserChoice="Revoke TenpayCom Root CA? [Y/N]"
-if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\TenpayCom_Root_CA.crt" -s Disallowed
-if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\TenpayCom_Root_CA.crt"))
+if /i %UserChoice% EQU Y (if %SetForce% EQU 0 (%CertMgr% -add -c "%Folder%\TenpayCom_Root_CA.crt" -s Disallowed) else (%SetForceAppender% --set-force "%Folder%\TenpayCom_Root_CA.crt"))
goto EXIT
:: Restore certificates
+:CASE_3
:: ABC
%CertMgr% -del -c -sha1 78D0CDF5752D1E5B58A674644CFE3499BF02F9EF -s Disallowed
:: ABC TEST CA
diff --git a/Windows/Tools/SoftCertPolicyAppender/Source/.gitignore b/Windows/Tools/SoftCertPolicyAppender/.gitignore
similarity index 100%
rename from Windows/Tools/SoftCertPolicyAppender/Source/.gitignore
rename to Windows/Tools/SoftCertPolicyAppender/.gitignore
diff --git a/Windows/Tools/SoftCertPolicyAppender/LocalPolicy.dll b/Windows/Tools/SoftCertPolicyAppender/Binary/LocalPolicy.dll
similarity index 100%
rename from Windows/Tools/SoftCertPolicyAppender/LocalPolicy.dll
rename to Windows/Tools/SoftCertPolicyAppender/Binary/LocalPolicy.dll
diff --git a/Windows/Tools/SoftCertPolicyAppender/SoftCertPolicyAppender.exe b/Windows/Tools/SoftCertPolicyAppender/Binary/SoftCertPolicyAppender.exe
similarity index 72%
rename from Windows/Tools/SoftCertPolicyAppender/SoftCertPolicyAppender.exe
rename to Windows/Tools/SoftCertPolicyAppender/Binary/SoftCertPolicyAppender.exe
index 6d128dbaf42b7c6ea109687874feefe4cabe8ff6..c13253c8104003894122344ec901297bd56fcf9a 100644
Binary files a/Windows/Tools/SoftCertPolicyAppender/SoftCertPolicyAppender.exe and b/Windows/Tools/SoftCertPolicyAppender/Binary/SoftCertPolicyAppender.exe differ
diff --git a/Windows/Tools/SoftCertPolicyAppender/README.md b/Windows/Tools/SoftCertPolicyAppender/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..0ccdc1a3fa7fcbfc92f22e469a5a6dd7f7c61463
--- /dev/null
+++ b/Windows/Tools/SoftCertPolicyAppender/README.md
@@ -0,0 +1,16 @@
+## 使用方法
+SoftCertPolicyAppender.exe <å‚æ•°> <è¯ä¹¦è·¯å¾„>
+SoftCertPolicyAppender.exe <å‚æ•°> <è¯ä¹¦è·¯å¾„> <è¯ä¹¦è·¯å¾„2> ...
+
+## å‚数说明
+* --set-force å¯ç”¨å¼ºåˆ¶ç–ç•¥
+* --unset-force å–消强制ç–ç•¥
+* -r 移除è¯ä¹¦è§„则
+* -h 显示帮助信æ¯
+
+## 备注
+- 需è¦ç®¡ç†å‘˜æƒé™
+- 需è¦[.NET Framework 4.0](http://www.microsoft.com/en-us/download/details.aspx?id=17718)
+
+## 引用组件
+[Local-Policy](https://bitbucket.org/MartinEden/local-policy/overview)
diff --git a/Windows/Tools/SoftCertPolicyAppender/Source/README.md b/Windows/Tools/SoftCertPolicyAppender/Source/README.md
deleted file mode 100644
index 963b928bafcd84774317351eabc44d55e22f5aea..0000000000000000000000000000000000000000
--- a/Windows/Tools/SoftCertPolicyAppender/Source/README.md
+++ /dev/null
@@ -1,20 +0,0 @@
-## 使用方法 ##
-SoftCertPolicyAppender.exe <å‚æ•°> <è¯ä¹¦è·¯å¾„>
-
-SoftCertPolicyAppender.exe <å‚æ•°> <è¯ä¹¦è·¯å¾„> <è¯ä¹¦è·¯å¾„2> ...
-
-**å‚数说明**
-
-- --set-force å¯ç”¨å¼ºåˆ¶ç–ç•¥
-- --unset-force å–消强制ç–ç•¥
-- -r 移除è¯ä¹¦è§„则
-- -h 显示帮助信æ¯
-
-
-## 备注 ##
-- 需è¦ç®¡ç†å‘˜æƒé™
-- 需è¦[.net framework 4.0](http://www.microsoft.com/en-us/download/details.aspx?id=17718)
-
-
-## 引用组件 ##
-[local-policy](https://bitbucket.org/MartinEden/local-policy/overview)
diff --git a/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/Program.cs b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/Program.cs
index 436a7649b7394f88944157e8ffab071b2c00252c..8b513e491ef4007f41908831591920f6bfc05568 100644
--- a/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/Program.cs
+++ b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/Program.cs
@@ -1,4 +1,5 @@
using System;
+using System.IO;
using System.Linq;
using System.Security.Cryptography.X509Certificates;
@@ -12,7 +13,7 @@ namespace SoftCertPolicyAppender
var flag = 0;
var cers = args.Where(x => x.EndsWith(".cer") || x.EndsWith(".crt") || x.EndsWith(".pem")).ToArray();
- if (args.Contains("-h") || args.Contains("--help")||args.Length==0)
+ if (args.Contains("-h") || args.Contains("--help") || args.Length==0)
{
const string usage = @"Usage: SoftwareRestrictionPolicyController.exe [Option]... [CertFile]...
Config software restriction policy by cli.
@@ -56,21 +57,44 @@ CertFiles:
Console.Write("{0}.", i + 1);
Console.ResetColor();
- switch (flag)
+ bool retry;
+ do
{
- case 0:
- SoftwareRestrictionPolicyController.AddCertRule(cert);
- Console.Write("Add cert policy for ");
- break;
- case 1:
- SoftwareRestrictionPolicyController.RemoveCertRule(cert);
- Console.Write("Remove cert policy for ");
- break;
- }
+ retry = false;
+ try
+ {
+ switch (flag)
+ {
+ case 0:
+ SoftwareRestrictionPolicyController.AddCertRule(cert);
+ Console.Write("Add cert policy for ");
+ break;
+ case 1:
+ SoftwareRestrictionPolicyController.RemoveCertRule(cert);
+ Console.Write("Remove cert policy for ");
+ break;
+ }
- Console.ForegroundColor = ConsoleColor.Yellow;
- Console.WriteLine("{0}({1})", cert.Subject, cert.Thumbprint);
- Console.ResetColor();
+ Console.ForegroundColor = ConsoleColor.Yellow;
+ Console.WriteLine("{0}({1})", cert.Subject, cert.Thumbprint);
+ Console.ResetColor();
+ }
+ catch (FileLoadException ex)
+ {
+ Console.Write(ex.Message+" Please select Retry, Ignore or Abort(R|I|A):");
+ var select= (Console.ReadLine()??"").ToLower();
+ switch (select)
+ {
+ case "i":
+ break;
+ case "a":
+ return;
+ default:
+ retry = true;
+ break;
+ }
+ }
+ } while (retry);
}
catch (Exception e)
{