diff --git a/Android/.gitignore b/Android/.gitignore
new file mode 100644
index 0000000000000000000000000000000000000000..829ccdadb5b3be06319186c2685b1a01a1389d52
--- /dev/null
+++ b/Android/.gitignore
@@ -0,0 +1,2 @@
+./flashable.zip
+flashable/data/misc/keychain/*_blacklist.txt
diff --git a/Android/README.md b/Android/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..d42ab7756b33ef2129258ebf55326eedd0720071
--- /dev/null
+++ b/Android/README.md
@@ -0,0 +1,108 @@
+Android Certificates Blacklisting
+=====================================================
+
+This tool generates flashable zip to use with custom recovery on an
+Android 4.1+ device.
+
+## Introduction
+
+This utility blacklists CA and EE certificates.
+
+## Usage -- Use prebuilt configurations (Recommended)
+
+### With root access
+
+Assuming you have root access on your phone, `cd` into the folder whose
+name corresponds to the config you want (RESTORE, ALL, EXTENDED or BASE).
+
+ git clone [REPO_ADDRESS]
+ cd Android/prebuilt/[type]
+ ./rooted.sh
+
+If you are on windows and do not have BASH, use:
+
+ git clone [REPO_ADDRESS]
+ cd Android/prebuilt/[type]
+ adb push pubkey_blacklist.txt /sdcard/pubkey_blacklist.txt
+ adb push serial_blacklist.txt /sdcard/serial_blacklist.txt
+
+ adb shell su -c "cp /sdcard/pubkey_blacklist.txt /data/misc/keychain/pubkey_blacklist.txt"
+ adb shell su -c "cp /sdcard/serial_blacklist.txt /data/misc/keychain/serial_blacklist.txt"
+
+### Without root access
+
+ git clone [REPO_ADDRESS]
+ cd Android/prebuilt/[type]
+ adb push flashable.zip /sdcard/update.zip
+ # Reboot phone to recovery
+ adb reboot recovery
+ # Now flash the zip file using your custom recovery
+
+## Usage -- Building from source
+
+First, use `git` to clone the whole repo. `cd` to this dir. Use `generate.sh`
+to generate the configuration files you need.
+
+ git clone [REPO_ADDRESS]
+ cd RevokeChinaCerts/Android
+ ./generate.sh extended
+
+By substituting `extended` with `restore`, `base` or `all` you can get
+corresponding configuration files.
+
+### If you have root
+
+If you have a rooted Android device and appropriate ADB drivers installed,
+use `rooted.sh` to transfer the configuration files to your device.
+
+ ./rooted.sh
+
+Then, reboot the device so that the new configuration applies.
+
+If the above method fails, please use the recovery-based approach described below.
+
+### Recovery-based approach
+
+After you run `generate.sh` you get a `flashable.zip` in the current folder,
+which can be flashed on to Android via a custom recovery.
+
+## Notes
+
+The utility changes configurations under `/data` partition of your Android device,
+which is wiped every time you do a factory reset or flash a factory image.
+
+This utility doesn't remove any certificates under `/system` and should not
+cause any trouble when doing OTAs. Still, this configuration overrides the certs
+installed on your system. (That's to say, if you remove trust of *Wosign* using
+this tool, manually installing the CA cert from *Wosign* *DOES NOT* cause
+the system to see certs issued by Wosign as valid.)
+
+On Android, each application can define its own policy of certificate validation.
+An application may define custom methods to accept only some specific certificates (aka
+pinning, which is also available system-wide), or accept whatever certificate regardless
+of its issuer (e.g., Twidere). Having certs removed with this tool does NOT guarantee that
+a particular app rejects certificates associated with those.
+
+Blacklisting in Android works as follows. The CA certs are blacklisted by the
+SHA1 checksum of their public keys and EE certs the serial number. Since serial
+numbers are only required to be unique for respective certificate authorities,
+blacklisting serial numbers may accidentally blacklist other *innocent* ones, especially
+when the serial number is small.
+
+The certificate blacklisting in Android is probably updated via the Play services,
+and installing this tool may interfere with future blacklistings from Google, which is probably
+done when setting up the first Google Account on a device and maybe sometime later. Although,
+Google didn't push much certificate revocation info through this channel. Up to now (Feb of 2015)
+the blacklists consists of only two respectively:
+
+ CA Public Key: 5f3ab33d55007054bc5e3e5553cd8d8465d77c61,
+ 783333c9687df63377efceddd82efa9101913e8e
+ Serial Number: 827,864 [These are hex values]
+
+Installing this tool may prevent you from getting an updated blacklist,
+should a next Diginotar occurs.
+
+For more detailed description on certificate blacklisting on Android, see
+[here](http://nelenkov.blogspot.hk/2012/07/certificate-blacklisting-in-jelly-bean.html). And
+[here](http://nelenkov.blogspot.hk/2012/12/certificate-pinning-in-android-42.html) for
+certificate pinning.
diff --git a/Android/README_zhCN.md b/Android/README_zhCN.md
new file mode 100644
index 0000000000000000000000000000000000000000..307e9cc9cce3d004e651e7aade716c430d096e59
--- /dev/null
+++ b/Android/README_zhCN.md
@@ -0,0 +1,40 @@
+Androidè¯ä¹¦å±è”½
+=====================================================
+
+本工具为Android 4.1或以上之设备安装用于å±è”½æŸäº›æ•°å—è¯ä¹¦çš„é…置。
+
+## 简介
+
+本工具安装的é…置文件将å±è”½æŸäº›CAå’ŒEEè¯ä¹¦ã€‚
+
+## 推è用法
+
+### 有 root æƒé™
+
+若您æŒæœ‰å¾…é…置之Android设备root访问,请在`cd`进入对应å称的文件夹ä¸
+(RESTORE, ALL, EXTENDED or BASE, 推èextended),并调用root.sh文件安装入对应的é…置文件。
+
+ git clone [REPO_ADDRESS]
+ cd Android/prebuilt/[type]
+ ./rooted.sh
+
+若您使用Windowså¹³å°ä¸”未有BASH,请在命令行ä¸è¿è¡Œï¼š
+
+ git clone [REPO_ADDRESS]
+ cd Android/prebuilt/[type]
+ adb push pubkey_blacklist.txt /sdcard/pubkey_blacklist.txt
+ adb push serial_blacklist.txt /sdcard/serial_blacklist.txt
+
+ adb shell su -c "cp /sdcard/pubkey_blacklist.txt /data/misc/keychain/pubkey_blacklist.txt"
+ adb shell su -c "cp /sdcard/serial_blacklist.txt /data/misc/keychain/serial_blacklist.txt"
+
+### è‹¥æ— root æƒé™
+
+ git clone [REPO_ADDRESS]
+ cd Android/prebuilt/[type]
+ adb push flashable.zip /sdcard/update.zip
+ # 下é¢å‘½ä»¤å°†é‡å¯æ‚¨çš„Android设备至recovery状æ€
+ adb reboot recovery
+ # 请使用recovery刷入zip包
+
+更具体的使用方法,详è§README.md
diff --git a/Android/ca-blacklist.sh b/Android/ca-blacklist.sh
new file mode 100755
index 0000000000000000000000000000000000000000..aa7d822d26a2f577d45f24cfbb4268e4976a081f
--- /dev/null
+++ b/Android/ca-blacklist.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+# Generate CA-blacklist
+# Android blacklists CAs by their public key hash
+
+# Built-in blacklist (2015 Feb)
+echo "5f3ab33d55007054bc5e3e5553cd8d8465d77c61"
+echo "783333c9687df63377efceddd82efa9101913e8e"
+
+for file in "$@";do
+ openssl x509 -inform pem -in ${file} -pubkey -noout \
+ | sed '$d' | sed '1d' | base64 -d | sha1sum | awk '{print $1}'
+done
diff --git a/Android/ee-blacklist.sh b/Android/ee-blacklist.sh
new file mode 100755
index 0000000000000000000000000000000000000000..07cbed43218a844aff20d7538893652044022bbe
--- /dev/null
+++ b/Android/ee-blacklist.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+# Android blacklists EE by serial number
+
+# Builtin Blacklist (2015 Feb)
+echo "827"
+echo "864"
+
+for file in "$@";do
+ keytool -printcert -file ${file} | grep Serial \
+ | awk -F ':' '{print $2}' | tr -d '[] '
+done
diff --git a/Android/flashable.sh b/Android/flashable.sh
new file mode 100755
index 0000000000000000000000000000000000000000..ac4ec5f150f3f1673fcc8d7054ac683df2186943
--- /dev/null
+++ b/Android/flashable.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+# Generate flashable
+
+GEN_ZIP='flashable.zip'
+
+mkdir -p flashable/data/misc/keychain
+
+rm $GEN_ZIP
+
+cp pubkey_blacklist.txt flashable/data/misc/keychain
+cp serial_blacklist.txt flashable/data/misc/keychain
+(cd flashable; zip ../$GEN_ZIP -r *)
diff --git a/Android/flashable/META-INF/com/google/android/update-binary b/Android/flashable/META-INF/com/google/android/update-binary
new file mode 100644
index 0000000000000000000000000000000000000000..58e845f7e410b7c90868a5a0f484aa7854ed63f6
--- /dev/null
+++ b/Android/flashable/META-INF/com/google/android/update-binary
@@ -0,0 +1,44 @@
+#!/sbin/sh
+
+OUTFD=$2
+ZIP=$3
+
+ui_print() {
+ echo -n -e "ui_print $1\n" > /proc/self/fd/$OUTFD
+ echo -n -e "ui_print\n" > /proc/self/fd/$OUTFD
+}
+
+
+ui_print "*********************"
+ui_print "RevokeChinaCerts"
+ui_print "*********************"
+
+ui_print "- Mounting /system, /data and rootfs"
+mount /system
+mount /data
+mount -o rw,remount /system
+mount -o rw,remount /system /system
+mount -o rw,remount /data
+mount -o rw,remount /data /data
+mount -o rw,remount /
+mount -o rw,remount / /
+
+
+ui_print "- Extracting files"
+cd /tmp
+mkdir revoke
+cd revoke
+unzip -o "$ZIP"
+
+FILESPATH=/tmp/revoke
+
+ui_print "- Installing files"
+cp $FILESPATH/data/misc/keychain/serial_blacklist.txt /data/misc/keychain/serial_blacklist.txt
+cp $FILESPATH/data/misc/keychain/pubkey_blacklist.txt /data/misc/keychain/pubkey_blacklist.txt
+
+ui_print "- Unmounting /system and /data"
+umount /system
+umount /data
+
+ui_print "- Done !"
+exit 0
diff --git a/Android/flashable/META-INF/com/google/android/updater-script b/Android/flashable/META-INF/com/google/android/updater-script
new file mode 100644
index 0000000000000000000000000000000000000000..d366b5b961198ad4c88f499f55a8692d502a58ca
--- /dev/null
+++ b/Android/flashable/META-INF/com/google/android/updater-script
@@ -0,0 +1 @@
+# this is a dummy file, the magic is in update-binary, which is a shell script
\ No newline at end of file
diff --git a/Android/flashable/data/misc/keychain/pubkey_blacklist.txt b/Android/flashable/data/misc/keychain/pubkey_blacklist.txt
new file mode 100644
index 0000000000000000000000000000000000000000..e223c298497c17eec89d6beeea75c73a37feeefd
--- /dev/null
+++ b/Android/flashable/data/misc/keychain/pubkey_blacklist.txt
@@ -0,0 +1 @@
+5f3ab33d55007054bc5e3e5553cd8d8465d77c61,783333c9687df63377efceddd82efa9101913e8e,bb2d75ce172accdf05d9a86d278298889986c891,55921a5b2e62b0e07b8ba9ae9ffca0f6e656263c,4bd5e15116a2a7eda3a5c7e0ffb187180ec0e3d5,1bcdfe7c5a0832b44f7e533b8f927881c7932dc1,8080355e6edde7f01bf7d9d340d9e0ef52c3c1cd,
diff --git a/Android/flashable/data/misc/keychain/serial_blacklist.txt b/Android/flashable/data/misc/keychain/serial_blacklist.txt
new file mode 100644
index 0000000000000000000000000000000000000000..b370753e3312b8ff50d0fe92789122574e04587c
--- /dev/null
+++ b/Android/flashable/data/misc/keychain/serial_blacklist.txt
@@ -0,0 +1 @@
+827,864,a40fd55e2a14343323a8d407a2255ae8,3,17,f0c1fb04dd2c9ed8f94f0820591e72ad,29,6497d09c3bbc9baf857ed3c29a31d1ec,2c,27,
diff --git a/Android/generate.sh b/Android/generate.sh
new file mode 100755
index 0000000000000000000000000000000000000000..b3c7fabf07530298e31d59eb813f3a9eaa1492ff
--- /dev/null
+++ b/Android/generate.sh
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+if [ ${1:-extended} = 'all' ];then
+ echo "Generating ALL CRL set"
+ # TODO: Explicitly distinguish between CA & EE certificates.
+ CA_CERTS=`ls ../Windows/Certs/Online/*.crt`
+ EE_CERTS=`ls ../Windows/Certs/Online/\[Fake\]*.crt`
+ echo "all"
+elif [ ${1:-extended} = 'extended' ];then
+ echo "Generating EXTENDED CRL set"
+ CA_CERTS=`ls ../Windows/Certs/Online/CNNIC_*.crt ../Windows/Certs/Online/China_Internet_Network_Information_Center_EV_Certificates_Root.crt ../Windows/Certs/Online/[Suspicious]WaccBaiduCom.crt ../Windows/Certs/Online/GiantRootCA.crt ../Windows/Certs/Online/CFCA_*.crt ../Windows/Certs/Online/UCA_*.crt ../Windows/Certs/Online/[Suspicious]GoAgent_CA.crt`
+ EE_CERTS=`ls ../Windows/Certs/Online/\[Fake\]*.crt`
+elif [ ${1:-extended} = 'restore' ];then
+ echo "Generating RESTORE CRL set"
+ CA_CERTS=''
+ EE_CERTS=''
+else
+ echo "Generating Basic CRL set"
+ CA_CERTS=`ls ../Windows/Certs/Online/CNNIC_*.crt ../Windows/Certs/Online/China_Internet_Network_Information_Center_EV_Certificates_Root.crt ../Windows/Certs/Online/[Suspicious]WaccBaiduCom.crt ../Windows/Certs/Online/GiantRootCA.crt`
+ EE_CERTS=`ls ../Windows/Certs/Online/\[Fake\]*.crt`
+fi
+
+echo "Generating Configurations"
+# Generate a blacklist of CA cert public keys
+PUBKEYS=`bash ca-blacklist.sh ${CA_CERTS} | tr '\n' ','`
+# Generate a blacklist of EE cert serial numbers
+SERIALS=`bash ee-blacklist.sh ${EE_CERTS} | tr '\n' ','`
+
+echo "Writing Configurations"
+echo $PUBKEYS > pubkey_blacklist.txt
+echo $SERIALS > serial_blacklist.txt
+
+echo "Generated and saved to pubkey_blacklist.txt and serial_blacklist.txt"
+
+echo "Building Flashable Zip"
+bash flashable.sh
+
+echo "Done!"
diff --git a/Android/make.sh b/Android/make.sh
new file mode 100755
index 0000000000000000000000000000000000000000..b9d858836f6fce3fde9a712887262e2808cd2493
--- /dev/null
+++ b/Android/make.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+# This script is used to generate configurations by the author.
+# The generated content is already included in the repo and you should
+# not need to manually run this one.
+
+# remove files
+echo "Purging old files..."
+rm -rf prebuilt
+mkdir prebuilt
+
+echo "Building new configurations"
+for type in `echo all restore extended base`;do
+ mkdir prebuilt/$type
+ bash generate.sh $type
+ cp *_blacklist.txt prebuilt/$type/
+ cp flashable.zip prebuilt/$type/
+ cp rooted.sh prebuilt/$type
+done
diff --git a/Android/prebuilt/all/flashable.zip b/Android/prebuilt/all/flashable.zip
new file mode 100644
index 0000000000000000000000000000000000000000..6986efe83b4999bbe3c2ab428081f325b8ee608f
Binary files /dev/null and b/Android/prebuilt/all/flashable.zip differ
diff --git a/Android/prebuilt/all/pubkey_blacklist.txt b/Android/prebuilt/all/pubkey_blacklist.txt
new file mode 100644
index 0000000000000000000000000000000000000000..c24bc5194e99e56d9943a9bc363a15a86f54401d
--- /dev/null
+++ b/Android/prebuilt/all/pubkey_blacklist.txt
@@ -0,0 +1 @@
+5f3ab33d55007054bc5e3e5553cd8d8465d77c61,783333c9687df63377efceddd82efa9101913e8e,a3ad040e50f50b88d063e35a5c240ba80b9245fe,e3510047fedeb0f181c427ff84c0acf882279ddd,9554dec2b762ff8033b8abe95e580d9c111bad88,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,c206fbd53bba0ceef2d2d2453d0752263a9fe75f,c206fbd53bba0ceef2d2d2453d0752263a9fe75f,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,e4c5745946f0d1047a4c38d64065b2a35d47890b,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,3592761947e2907b7ac880f429bf2be66c81511a,8476c303b2e34d57fd0645a7c4315f2dbeaaf0a4,8476c303b2e34d57fd0645a7c4315f2dbeaaf0a4,bb2d75ce172accdf05d9a86d278298889986c891,313f4613292545f326f99ed52f39984851290f4d,55921a5b2e62b0e07b8ba9ae9ffca0f6e656263c,4bd5e15116a2a7eda3a5c7e0ffb187180ec0e3d5,999b76540b4a9c7a35ca8f0f2eaa747a0faec56e,59c4eac320386f231960f00c9a40575e15fcf7fc,8e50b2eaf0918b206ac00ea293e19e56e0a35eb0,9bc82bc98b8b7e0f04e32c98855cd5d2240fd683,338201361c67b6b318e8f5d1d9aaab0366094fec,e167132d8a321df76ef8c4437b0501ffd1326fd8,1385e3b2cfb0acf63bd1c1341323cd1b6874b08b,53b4fcaf73a83f05aada6591db7de0ec2f1eb1f2,91006fb7f72ea6e663728df481d33c3eecc62595,1bcdfe7c5a0832b44f7e533b8f927881c7932dc1,051c6d0c7ca9b0d9b9e50a5bc8f9f5e38348eb78,c8188f7a06a99bf579dd9f8896afd1d91f19bc2a,512f553fc62ace8ab3852d74cade03e78d8d9ef1,01a17a5d694770dcd773ea9161a7cba09cf886c6,2cdd8e7bef3b800169a389712256018a6337f416,1af49f3422fb42ac986d0a59a898d99eac88554a,2b4da71b2b88d19b8b83e66bc088e3847cc67cb7,380a68cc29a7a9c9b1a4ef80a2974e1074041bb5,ae9d8d5e418c1bfbade8f4574dc43758ea628289,8080355e6edde7f01bf7d9d340d9e0ef52c3c1cd,361a7afb69a9add6ba6f295e0aedaeba7fcd4a69,28a4baee613e0ab8158395654e4fcc13c170e3e3,90e241c211418b95b1a9e09c37247e849fe4bea1,f8920be908a9c5d5a0fbf39aaa98a5743749ad9f,ad0e6682a87932e81c8bc594049ed7d0aec958e8,8a534b089bc61c824d694f55d9c902a58c67b661,79ef6f41e89da009aefc1c00289fd3a301fae845,68c76297f5f2e7c3ceea09d195f48971ca7ab97e,d69f981e878991857486449306aa950c8283035f,de87a22419f1c1c39ed12d43dfa740de8372b097,3f89633e2cd86a916895b3af56afa2ed31490e73,f9dae5809fd2d82419aa30c7f903640a55df944f,58f4733635ba21d4d9d63f2dcdec69bcb7d45dde,aeeca8e857e9bf7da296c473c071f8cabc31999f,3f89633e2cd86a916895b3af56afa2ed31490e73,f9dae5809fd2d82419aa30c7f903640a55df944f,58f4733635ba21d4d9d63f2dcdec69bcb7d45dde,aeeca8e857e9bf7da296c473c071f8cabc31999f,
diff --git a/Android/prebuilt/all/rooted.sh b/Android/prebuilt/all/rooted.sh
new file mode 100644
index 0000000000000000000000000000000000000000..454ca6c9da1dc6a8540f033366a71a1d60d68709
--- /dev/null
+++ b/Android/prebuilt/all/rooted.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+adb push pubkey_blacklist.txt /sdcard/pubkey_blacklist.txt
+adb push serial_blacklist.txt /sdcard/serial_blacklist.txt
+
+adb shell su -c "cp /sdcard/pubkey_blacklist.txt /data/misc/keychain/pubkey_blacklist.txt"
+adb shell su -c "cp /sdcard/serial_blacklist.txt /data/misc/keychain/serial_blacklist.txt"
+
+echo "Please reboot your phone"
diff --git a/Android/prebuilt/all/serial_blacklist.txt b/Android/prebuilt/all/serial_blacklist.txt
new file mode 100644
index 0000000000000000000000000000000000000000..b370753e3312b8ff50d0fe92789122574e04587c
--- /dev/null
+++ b/Android/prebuilt/all/serial_blacklist.txt
@@ -0,0 +1 @@
+827,864,a40fd55e2a14343323a8d407a2255ae8,3,17,f0c1fb04dd2c9ed8f94f0820591e72ad,29,6497d09c3bbc9baf857ed3c29a31d1ec,2c,27,
diff --git a/Android/prebuilt/base/flashable.zip b/Android/prebuilt/base/flashable.zip
new file mode 100644
index 0000000000000000000000000000000000000000..f27e40de0cce6e1cb229d97814a8915dd8d9e254
Binary files /dev/null and b/Android/prebuilt/base/flashable.zip differ
diff --git a/Android/prebuilt/base/pubkey_blacklist.txt b/Android/prebuilt/base/pubkey_blacklist.txt
new file mode 100644
index 0000000000000000000000000000000000000000..e223c298497c17eec89d6beeea75c73a37feeefd
--- /dev/null
+++ b/Android/prebuilt/base/pubkey_blacklist.txt
@@ -0,0 +1 @@
+5f3ab33d55007054bc5e3e5553cd8d8465d77c61,783333c9687df63377efceddd82efa9101913e8e,bb2d75ce172accdf05d9a86d278298889986c891,55921a5b2e62b0e07b8ba9ae9ffca0f6e656263c,4bd5e15116a2a7eda3a5c7e0ffb187180ec0e3d5,1bcdfe7c5a0832b44f7e533b8f927881c7932dc1,8080355e6edde7f01bf7d9d340d9e0ef52c3c1cd,
diff --git a/Android/prebuilt/base/rooted.sh b/Android/prebuilt/base/rooted.sh
new file mode 100644
index 0000000000000000000000000000000000000000..454ca6c9da1dc6a8540f033366a71a1d60d68709
--- /dev/null
+++ b/Android/prebuilt/base/rooted.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+adb push pubkey_blacklist.txt /sdcard/pubkey_blacklist.txt
+adb push serial_blacklist.txt /sdcard/serial_blacklist.txt
+
+adb shell su -c "cp /sdcard/pubkey_blacklist.txt /data/misc/keychain/pubkey_blacklist.txt"
+adb shell su -c "cp /sdcard/serial_blacklist.txt /data/misc/keychain/serial_blacklist.txt"
+
+echo "Please reboot your phone"
diff --git a/Android/prebuilt/base/serial_blacklist.txt b/Android/prebuilt/base/serial_blacklist.txt
new file mode 100644
index 0000000000000000000000000000000000000000..b370753e3312b8ff50d0fe92789122574e04587c
--- /dev/null
+++ b/Android/prebuilt/base/serial_blacklist.txt
@@ -0,0 +1 @@
+827,864,a40fd55e2a14343323a8d407a2255ae8,3,17,f0c1fb04dd2c9ed8f94f0820591e72ad,29,6497d09c3bbc9baf857ed3c29a31d1ec,2c,27,
diff --git a/Android/prebuilt/extended/flashable.zip b/Android/prebuilt/extended/flashable.zip
new file mode 100644
index 0000000000000000000000000000000000000000..4f59582ace7c7bfc8544776b1e39296f7f508cc5
Binary files /dev/null and b/Android/prebuilt/extended/flashable.zip differ
diff --git a/Android/prebuilt/extended/pubkey_blacklist.txt b/Android/prebuilt/extended/pubkey_blacklist.txt
new file mode 100644
index 0000000000000000000000000000000000000000..5415b79e4ab3e212ce176a9d02795063aacbbea2
--- /dev/null
+++ b/Android/prebuilt/extended/pubkey_blacklist.txt
@@ -0,0 +1 @@
+5f3ab33d55007054bc5e3e5553cd8d8465d77c61,783333c9687df63377efceddd82efa9101913e8e,3592761947e2907b7ac880f429bf2be66c81511a,8476c303b2e34d57fd0645a7c4315f2dbeaaf0a4,8476c303b2e34d57fd0645a7c4315f2dbeaaf0a4,bb2d75ce172accdf05d9a86d278298889986c891,55921a5b2e62b0e07b8ba9ae9ffca0f6e656263c,4bd5e15116a2a7eda3a5c7e0ffb187180ec0e3d5,1bcdfe7c5a0832b44f7e533b8f927881c7932dc1,ae9d8d5e418c1bfbade8f4574dc43758ea628289,8080355e6edde7f01bf7d9d340d9e0ef52c3c1cd,79ef6f41e89da009aefc1c00289fd3a301fae845,68c76297f5f2e7c3ceea09d195f48971ca7ab97e,d69f981e878991857486449306aa950c8283035f,de87a22419f1c1c39ed12d43dfa740de8372b097,
diff --git a/Android/prebuilt/extended/rooted.sh b/Android/prebuilt/extended/rooted.sh
new file mode 100644
index 0000000000000000000000000000000000000000..454ca6c9da1dc6a8540f033366a71a1d60d68709
--- /dev/null
+++ b/Android/prebuilt/extended/rooted.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+adb push pubkey_blacklist.txt /sdcard/pubkey_blacklist.txt
+adb push serial_blacklist.txt /sdcard/serial_blacklist.txt
+
+adb shell su -c "cp /sdcard/pubkey_blacklist.txt /data/misc/keychain/pubkey_blacklist.txt"
+adb shell su -c "cp /sdcard/serial_blacklist.txt /data/misc/keychain/serial_blacklist.txt"
+
+echo "Please reboot your phone"
diff --git a/Android/prebuilt/extended/serial_blacklist.txt b/Android/prebuilt/extended/serial_blacklist.txt
new file mode 100644
index 0000000000000000000000000000000000000000..b370753e3312b8ff50d0fe92789122574e04587c
--- /dev/null
+++ b/Android/prebuilt/extended/serial_blacklist.txt
@@ -0,0 +1 @@
+827,864,a40fd55e2a14343323a8d407a2255ae8,3,17,f0c1fb04dd2c9ed8f94f0820591e72ad,29,6497d09c3bbc9baf857ed3c29a31d1ec,2c,27,
diff --git a/Android/prebuilt/restore/flashable.zip b/Android/prebuilt/restore/flashable.zip
new file mode 100644
index 0000000000000000000000000000000000000000..c3a5c9d2ca36898fa4d3bf467f10d0d6ee8644d0
Binary files /dev/null and b/Android/prebuilt/restore/flashable.zip differ
diff --git a/Android/prebuilt/restore/pubkey_blacklist.txt b/Android/prebuilt/restore/pubkey_blacklist.txt
new file mode 100644
index 0000000000000000000000000000000000000000..b4504a659f0bcf69249a9a355c7c1d35e707a5f8
--- /dev/null
+++ b/Android/prebuilt/restore/pubkey_blacklist.txt
@@ -0,0 +1 @@
+5f3ab33d55007054bc5e3e5553cd8d8465d77c61,783333c9687df63377efceddd82efa9101913e8e,
diff --git a/Android/prebuilt/restore/rooted.sh b/Android/prebuilt/restore/rooted.sh
new file mode 100644
index 0000000000000000000000000000000000000000..454ca6c9da1dc6a8540f033366a71a1d60d68709
--- /dev/null
+++ b/Android/prebuilt/restore/rooted.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+adb push pubkey_blacklist.txt /sdcard/pubkey_blacklist.txt
+adb push serial_blacklist.txt /sdcard/serial_blacklist.txt
+
+adb shell su -c "cp /sdcard/pubkey_blacklist.txt /data/misc/keychain/pubkey_blacklist.txt"
+adb shell su -c "cp /sdcard/serial_blacklist.txt /data/misc/keychain/serial_blacklist.txt"
+
+echo "Please reboot your phone"
diff --git a/Android/prebuilt/restore/serial_blacklist.txt b/Android/prebuilt/restore/serial_blacklist.txt
new file mode 100644
index 0000000000000000000000000000000000000000..ef459381a70bf7cac0f3958d63a64bef90b1ace0
--- /dev/null
+++ b/Android/prebuilt/restore/serial_blacklist.txt
@@ -0,0 +1 @@
+827,864,
diff --git a/Android/pubkey_blacklist.txt b/Android/pubkey_blacklist.txt
new file mode 100644
index 0000000000000000000000000000000000000000..e223c298497c17eec89d6beeea75c73a37feeefd
--- /dev/null
+++ b/Android/pubkey_blacklist.txt
@@ -0,0 +1 @@
+5f3ab33d55007054bc5e3e5553cd8d8465d77c61,783333c9687df63377efceddd82efa9101913e8e,bb2d75ce172accdf05d9a86d278298889986c891,55921a5b2e62b0e07b8ba9ae9ffca0f6e656263c,4bd5e15116a2a7eda3a5c7e0ffb187180ec0e3d5,1bcdfe7c5a0832b44f7e533b8f927881c7932dc1,8080355e6edde7f01bf7d9d340d9e0ef52c3c1cd,
diff --git a/Android/rooted.sh b/Android/rooted.sh
new file mode 100644
index 0000000000000000000000000000000000000000..454ca6c9da1dc6a8540f033366a71a1d60d68709
--- /dev/null
+++ b/Android/rooted.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+adb push pubkey_blacklist.txt /sdcard/pubkey_blacklist.txt
+adb push serial_blacklist.txt /sdcard/serial_blacklist.txt
+
+adb shell su -c "cp /sdcard/pubkey_blacklist.txt /data/misc/keychain/pubkey_blacklist.txt"
+adb shell su -c "cp /sdcard/serial_blacklist.txt /data/misc/keychain/serial_blacklist.txt"
+
+echo "Please reboot your phone"
diff --git a/Android/serial_blacklist.txt b/Android/serial_blacklist.txt
new file mode 100644
index 0000000000000000000000000000000000000000..b370753e3312b8ff50d0fe92789122574e04587c
--- /dev/null
+++ b/Android/serial_blacklist.txt
@@ -0,0 +1 @@
+827,864,a40fd55e2a14343323a8d407a2255ae8,3,17,f0c1fb04dd2c9ed8f94f0820591e72ad,29,6497d09c3bbc9baf857ed3c29a31d1ec,2c,27,
diff --git a/Linux/validator.sh b/Linux/validator.sh
new file mode 100755
index 0000000000000000000000000000000000000000..2eefc9b3e310008e733e74017ca82f6fbe02f81c
--- /dev/null
+++ b/Linux/validator.sh
@@ -0,0 +1,53 @@
+#!/bin/sh
+# This script accesses the test sites described in README.
+# This file should be updated according to README file.
+
+base() {
+ # use cnnic.cn so that it matches the address in the cert
+ # served, rather than cnnic.net.cn as presented in README
+ wget -O /dev/null https://www.cnnic.cn/ 2>/dev/null && \
+ wget -O /dev/null https://evdemo.cnnic.cn/ 2>/dev/null && \
+ wget -O /dev/null https://wacc.n.shifen.com/ 2>/dev/null && \
+ wget -O /dev/null https://mail.ztgame.com/ 2>/dev/null && \
+ wget -O /dev/null https://211.146.10.133/ 2>/dev/null
+ RESULT=$?
+ if [ $RESULT -eq 0 ];then
+ echo "Failed test sites for BASE incremental-set"
+ else
+ echo "Passed test sites for BASE incremental-set"
+ fi
+}
+
+extended() {
+ wget -O /dev/null https://cstest.cfca.com.cn/ 2>/dev/null && \
+ wget -O /dev/null https://cs.cfca.com.cn/ 2>/dev/null && \
+ wget -O /dev/null https://www.sheca.com/ 2>/dev/null && \
+ wget -O /dev/null https://ibanks.bankofshanghai.com/ 2>/dev/null
+ RESULT=$?
+ if [ $RESULT -eq 0 ];then
+ echo "Failed test sites for EXTENDED incremental-set"
+ else
+ echo "Passed test sites for EXTENDED incremental-set"
+ fi
+}
+
+all() {
+ wget -O /dev/null https://www.wosign.com/ 2>/dev/null
+ RESULT=$?
+ if [ $RESULT -eq 0 ];then
+ echo "Failed test sites for ALL incremental-set"
+ else
+ echo "Passed test sites for ALL incremental-set"
+ fi
+}
+
+echo "---------------------"
+echo "Beginning tests."
+echo "There are 3 tests (BASE/EXTENDED/ALL), each of which would print a"\
+ " 'Passed test' if passes"
+echo "---------------------"
+base
+extended
+all
+echo "---------------------"
+echo "All tests executed."
diff --git a/README.md b/README.md
index f39767be90ee84f8399b984373e369b018969006..f592487904a3ad77d5efe42c297b313d0aa1960d 100644
--- a/README.md
+++ b/README.md
@@ -4,37 +4,43 @@ Revoke China Certificates.<br />
全自动å¯ç–‘è¯ä¹¦åŠé”€å·¥å…·/全自動å¯ç–‘憑è‰æ’¤éŠ·å·¥å…·<br />
### Updated
-**2014-12-30**
+**2015-02-24**
### Type
* Online Certificates/在线è¯ä¹¦/在線è‰æ›¸
* These certificates are used in TLS connection for confirming servers.
- * æœåŠ¡å™¨è®¤è¯éƒ¨åˆ†ï¼Œç”¨äºŽå±è”½ TLS åŠ å¯†è¿žæŽ¥æ—¶æ‰€ä½¿ç”¨çš„è¯ä¹¦
- * 伺æœå™¨èªè‰éƒ¨åˆ†ï¼Œç”¨æ–¼é®ç½© TLS åŠ å¯†é€£æŽ¥æ™‚æ‰€ä½¿ç”¨çš„è‰æ›¸
+ * æœåŠ¡å™¨è®¤è¯éƒ¨åˆ†ï¼šç”¨äºŽå±è”½ TLS åŠ å¯†è¿žæŽ¥æ—¶æ‰€ä½¿ç”¨çš„è¯ä¹¦
+ * 伺æœå™¨èªè‰éƒ¨åˆ†ï¼šç”¨æ–¼é®ç½© TLS åŠ å¯†é€£æŽ¥æ™‚æ‰€ä½¿ç”¨çš„è‰æ›¸
* CodeSigning Certificates/代ç è¯ä¹¦/代碼è‰æ›¸
- * These certificates are used in code signing for confirming software publishers.
- * 代ç ç¾å部分,用于å±è”½æŸè½¯ä»¶å‘行商å‘行软件的è¿è¡Œ
- * 代碼簽å部分,用於é®ç½©æŸè»Ÿé«”發行商發行軟體的é‹è¡Œ
-* Organization Certificates/组织è¯ä¹¦/組織è‰æ›¸
- * These certificates are used in software installing for confirming their organizations.
- * 组织认è¯éƒ¨åˆ†ï¼Œç”¨äºŽå±è”½éƒ¨åˆ†ç»„织和ä¼ä¸šçš„è¯ä¹¦
- * 組織èªè‰éƒ¨åˆ†ï¼Œç”¨æ–¼é®ç½©éƒ¨åˆ†çµ„織和ä¼æ¥çš„è‰æ›¸
+ * These certificates are used in code signing for confirming software publishers(Only supported Windows).
+ * 代ç ç¾å部分:用于å±è”½æŸè½¯ä»¶å‘行商å‘行软件的è¿è¡Œï¼Œæš‚æ—¶åªæ”¯æŒ Windows å¹³å°
+ * 代碼簽å部分:用於é®ç½©æŸè»Ÿé«”發行商發行軟體的é‹è¡Œï¼Œæš«æ™‚åªæ”¯æ´ Windows 平臺
+* Organization Certificates/组织è¯ä¹¦/組織è‰æ›¸ï¼Œæš«æ™‚åªæ”¯æ´ Windows 平臺
+ * These certificates are used in software installing for confirming their organizations(Only supported Windows).
+ * 组织认è¯éƒ¨åˆ†ï¼šç”¨äºŽå±è”½éƒ¨åˆ†ç»„织和ä¼ä¸šçš„è¯ä¹¦ï¼Œæš‚æ—¶åªæ”¯æŒ Windows å¹³å°
+ * 組織èªè‰éƒ¨åˆ†ï¼šç”¨æ–¼é®ç½©éƒ¨åˆ†çµ„織和ä¼æ¥çš„è‰æ›¸ï¼Œæš«æ™‚åªæ”¯æ´ Windows 平臺
-### Usage(Online Certificates)
-* [English](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe)
-* [简体ä¸æ–‡](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe(Chinese_Simplified))
-* [ç¹é«”ä¸æ–‡](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe(Chinese_Traditional))
+### Usage(Online)
+* [English](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Online)
+* [简体ä¸æ–‡](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Online(Chinese_Simplified))
+* [ç¹é«”ä¸æ–‡](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Online(Chinese_Traditional))
+* [Android](https://github.com/chengr28/RevokeChinaCerts/tree/master/Android)
-### Usage(CodeSigning Certificates)
-* [English](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_CodeSigning)
-* [简体ä¸æ–‡](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_CodeSigning(Chinese_Simplified))
-* [ç¹é«”ä¸æ–‡](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_CodeSigning(Chinese_Traditional))
+### Usage(CodeSigning/Organization)
+* [English(CodeSigning)](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_CodeSigning)
+* [English(Organization)](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Organization)
+* [简体ä¸æ–‡(CodeSigning)](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_CodeSigning(Chinese_Simplified))
+* [简体ä¸æ–‡(Organization)](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Organization(Chinese_Simplified))
+* [ç¹é«”ä¸æ–‡(CodeSigning)](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_CodeSigning(Chinese_Traditional))
+* [ç¹é«”ä¸æ–‡(Organization)](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Organization(Chinese_Traditional))
-### Usage(Organization Certificates)
-* [English](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Organization)
-* [简体ä¸æ–‡](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Organization(Chinese_Simplified))
-* [ç¹é«”ä¸æ–‡](https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Organization(Chinese_Traditional))
+### Contributors
+* [Script to automatically disable for Mac OS X - QuantumGhost](https://github.com/QuantumGhost/RevokeChinaCerts/tree/master/Mac)
+* [SoftCertPolicyAppender - lhyqy5](https://github.com/lhyqy5/RevokeChinaCerts/tree/master/Windows/SoftCertPolicyAppender)
+* [Android version of automated tools - phoeagon](https://github.com/phoeagon/RevokeChinaCerts/tree/master/Android)
### Thanks
+* [BlockChinaSoftware](https://github.com/SCFWSE/BlockChinaSoftware)
+* [UTLS-Blocker](https://github.com/SCFWSE/UTLS-Blocker)
* [拉黑è¯ä¹¦ è®©ä½ çš„ç”µè„‘å†ä¹Ÿè£…ä¸ä¸ŠæŸäº›è½¯ä»¶ 附è¯ä¹¦å¤§å…¨](http://blog.eqoe.cn/posts/ban-digital-cert.html)
-* [Anti-China-Anit-virus](https://github.com/SCFWSE-Ye/Anti-China-Anit-virus)
+* [Local-Policy](https://bitbucket.org/MartinEden/local-policy/overview)
diff --git a/Windows/ArchiveCerts/RevokeChinaCerts_CodeSigning.bat b/Windows/ArchiveCerts/RevokeChinaCerts_CodeSigning.bat
deleted file mode 100644
index 383cda699736579eefa21f166f608250fd044ba5..0000000000000000000000000000000000000000
--- a/Windows/ArchiveCerts/RevokeChinaCerts_CodeSigning.bat
+++ /dev/null
@@ -1,57 +0,0 @@
-:: RevokeChinaCerts CodeSigning batch
-:: Revoke China Certificates.
-::
-:: Author: Chengr28
-::
-
-@echo off
-
-:: Folder location
-cd /d %~dp0
-cd..
-set Folder=%cd%
-
-:: Architecture check
-set CertMgr="%Folder%\Tools\CertMgr"
-if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%Folder%\Tools\CertMgr_x86"
-
-:: Add certificates to CRL
-set Folder=%Folder%\ArchiveCerts\CodeSigning
-%CertMgr% -add -c "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\91Com.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Baidu_China_CoLtd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Kingsoft_Security_CoLtd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Maxthon_Asia_Limited.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\MeituCom.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\PPLive_Corporation.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\UC_Mobile_Limited.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Wandou_Technology_Ltd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\XiamiCom.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\YlmfCom.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\YY_Inc.crt" -s Disallowed
-
-:: Print to screen.
-@echo.
-@echo RevokeChinaCerts CodeSigning version
-@echo Done. Please confirm the messages on screen.
-@echo.
-@pause
diff --git a/Windows/ArchiveCerts/RevokeChinaCerts_CodeSigning_Choice.bat b/Windows/ArchiveCerts/RevokeChinaCerts_CodeSigning_Choice.bat
deleted file mode 100644
index 3a8fb682abd57e738d386ae5aa7d449d97c154a0..0000000000000000000000000000000000000000
--- a/Windows/ArchiveCerts/RevokeChinaCerts_CodeSigning_Choice.bat
+++ /dev/null
@@ -1,210 +0,0 @@
-:: RevokeChinaCerts CodeSigning Choice batch
-:: Revoke China Certificates.
-::
-:: Author: Chengr28
-::
-
-@echo off
-
-:: Folder location
-cd /d %~dp0
-cd..
-set Folder=%cd%
-
-:: Architecture check
-set CertMgr="%Folder%\Tools\CertMgr"
-if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%Folder%\Tools\CertMgr_x86"
-
-:: Add certificates to CRL
-set Folder=%Folder%\ArchiveCerts\CodeSigning
-set /p UserChoice="Revoke WoSign Code Signing Authority(UTN-USERFirst-Object)? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-1
-%CertMgr% -add -c "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed
-
-:CERT-1
-@echo.
-set /p UserChoice="Revoke WoTrust Code Signing Authority(UTN-USERFirst-Object)? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-2
-%CertMgr% -add -c "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed
-
-:CERT-2
-@echo.
-set /p UserChoice="Revoke 91.Com? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-3
-%CertMgr% -add -c "%Folder%\91Com.crt" -s Disallowed
-
-:CERT-3
-@echo.
-set /p UserChoice="Revoke Baidu (China) Co., Ltd.? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-4
-%CertMgr% -add -c "%Folder%\Baidu_China_CoLtd.crt" -s Disallowed
-
-:CERT-4
-@echo.
-set /p UserChoice="Revoke Beijing baidu Netcom science and technology co.ltd? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-5
-%CertMgr% -add -c "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt" -s Disallowed
-
-:CERT-5
-@echo.
-set /p UserChoice="Revoke Beijing Baofeng Technology Co., Ltd.? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-6
-%CertMgr% -add -c "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" -s Disallowed
-
-:CERT-6
-@echo.
-set /p UserChoice="Revoke Beijing Funshion Online Technologies Ltd.? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-7
-%CertMgr% -add -c "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" -s Disallowed
-
-:CERT-7
-@echo.
-set /p UserChoice="Revoke Beijing Kingsoft Security software Co.,Ltd? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-8
-%CertMgr% -add -c "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd.crt" -s Disallowed
-
-:CERT-8
-@echo.
-set /p UserChoice="Revoke BEIJING KUWO TECHNOLOGY CO.,LTD.? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-9
-%CertMgr% -add -c "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" -s Disallowed
-
-:CERT-9
-@echo.
-set /p UserChoice="Revoke BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-10
-%CertMgr% -add -c "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt" -s Disallowed
-
-:CERT-10
-@echo.
-set /p UserChoice="Revoke Beijing Rising Information Technology Corporation Limited? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-11
-%CertMgr% -add -c "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt" -s Disallowed
-
-:CERT-11
-@echo.
-set /p UserChoice="Revoke Beijing Sohu New Media Information Technology Co., Ltd.? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-12
-%CertMgr% -add -c "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt" -s Disallowed
-
-:CERT-12
-@echo.
-set /p UserChoice="Revoke Guangzhou Tieren Network Technology Co.,Ltd.? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-13
-%CertMgr% -add -c "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt" -s Disallowed
-
-:CERT-13
-@echo.
-set /p UserChoice="Revoke Kingsoft Security Co.,Ltd? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-14
-%CertMgr% -add -c "%Folder%\Kingsoft_Security_CoLtd.crt" -s Disallowed
-
-:CERT-14
-@echo.
-set /p UserChoice="Revoke LE SHI INTERNET INFORMATION TECHNOLOGY CORP.,BEI JING? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-15
-%CertMgr% -add -c "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" -s Disallowed
-
-:CERT-15
-@echo.
-set /p UserChoice="Revoke Maxthon (Asia) Limited? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-16
-%CertMgr% -add -c "%Folder%\Maxthon_Asia_Limited.crt" -s Disallowed
-
-:CERT-16
-@echo.
-set /p UserChoice="Revoke Meitu.Com? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-17
-%CertMgr% -add -c "%Folder%\MeituCom.crt" -s Disallowed
-
-:CERT-17
-@echo.
-set /p UserChoice="Revoke NetEase(Hangzhou) Network Co. Ltd.? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-18
-%CertMgr% -add -c "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" -s Disallowed
-
-:CERT-18
-@echo.
-set /p UserChoice="Revoke PPLive Corporation? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-19
-%CertMgr% -add -c "%Folder%\PPLive_Corporation.crt" -s Disallowed
-
-:CERT-19
-@echo.
-set /p UserChoice="Revoke Qihoo 360 Software Beijing Company Limited? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-20
-%CertMgr% -add -c "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt" -s Disallowed
-
-:CERT-20
-@echo.
-set /p UserChoice="Revoke Shanghai Quan Tudou Network Technology Co., Ltd.? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-21
-%CertMgr% -add -c "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt" -s Disallowed
-
-:CERT-21
-@echo.
-set /p UserChoice="Revoke ShenZhen Xunlei Networking Technologies Ltd.? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-22
-%CertMgr% -add -c "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" -s Disallowed
-
-:CERT-22
-@echo.
-set /p UserChoice="Revoke TAOBAO (CHINA) SOFTWARE CO.,LTD.? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-23
-%CertMgr% -add -c "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" -s Disallowed
-
-:CERT-23
-@echo.
-set /p UserChoice="Revoke Tencent Technology Shenzhen Company Limited? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-24
-%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited.crt" -s Disallowed
-
-:CERT-24
-@echo.
-set /p UserChoice="Revoke Tencent Technology Shenzhen Company Limited(2010-01-26)? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-25
-%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" -s Disallowed
-
-:CERT-25
-@echo.
-set /p UserChoice="Revoke UC Mobile Limited? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-26
-%CertMgr% -add -c "%Folder%\UC_Mobile_Limited.crt" -s Disallowed
-
-:CERT-26
-@echo.
-set /p UserChoice="Revoke Wandou Technology Ltd? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-27
-%CertMgr% -add -c "%Folder%\Wandou_Technology_Ltd.crt" -s Disallowed
-
-:CERT-27
-@echo.
-set /p UserChoice="Revoke Xiamen Yitianxia Network Technology Co., Ltd? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-28
-%CertMgr% -add -c "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt" -s Disallowed
-
-:CERT-28
-@echo.
-set /p UserChoice="Revoke Xiami.Com? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-29
-%CertMgr% -add -c "%Folder%\XiamiCom.crt" -s Disallowed
-
-:CERT-29
-@echo.
-set /p UserChoice="Revoke Ylmf.Com? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-30
-%CertMgr% -add -c "%Folder%\YlmfCom.crt" -s Disallowed
-
-:CERT-30
-@echo.
-set /p UserChoice="Revoke YY Inc? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto Exit
-%CertMgr% -add -c "%Folder%\YY_Inc.crt" -s Disallowed
-
-:: Print to screen.
-:Exit
-@echo.
-@echo RevokeChinaCerts CodeSigning Choice version
-@echo Done. Please confirm the messages on screen.
-@echo.
-@pause
diff --git a/Windows/ArchiveCerts/RevokeChinaCerts_CodeSigning_Restore.bat b/Windows/ArchiveCerts/RevokeChinaCerts_CodeSigning_Restore.bat
deleted file mode 100644
index 17e25dee15e55dcd9ed34c4d358c3539f099d36d..0000000000000000000000000000000000000000
--- a/Windows/ArchiveCerts/RevokeChinaCerts_CodeSigning_Restore.bat
+++ /dev/null
@@ -1,86 +0,0 @@
-:: RevokeChinaCerts CodeSigning Restore batch
-:: Revoke China Certificates.
-::
-:: Author: Chengr28
-::
-
-@echo off
-
-:: Folder location
-cd /d %~dp0
-cd..
-
-:: Architecture check
-set CertMgr="%cd%\Tools\CertMgr"
-if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%cd%\Tools\CertMgr_x86"
-
-:: Restore certificates
-:: WoSign Code Signing Authority(UTN-USERFirst-Object)
-%CertMgr% -del -c -sha1 EA36152981E296F9763E1DC74B3262D3928563F8 -s Disallowed
-:: WoTrust Code Signing Authority(UTN-USERFirst-Object)
-%CertMgr% -del -c -sha1 B28CCC46D234A7D7CF7F21CCB9406F48A5273CC6 -s Disallowed
-:: 91.Com
-%CertMgr% -del -c -sha1 E87D1C1D3FE2BCA700EB7B8DC0E45B97EAF19405 -s Disallowed
-:: Baidu (China) Co., Ltd.
-%CertMgr% -del -c -sha1 A34B70840C2B6F718877DDB1C2DE2C27F2C91C43 -s Disallowed
-:: Beijing baidu Netcom science and technology co.ltd
-%CertMgr% -del -c -sha1 D60C12D1FDB9E45551A00C8815CCD486C043945B -s Disallowed
-:: Beijing Baofeng Technology Co., Ltd.
-%CertMgr% -del -c -sha1 CB6F65314E5B25D61304AB2C9C8870B574CC21F5 -s Disallowed
-:: Beijing Funshion Online Technologies Ltd.
-%CertMgr% -del -c -sha1 9AB5445104C6CCE5A22431CF29C4331CBC328A1B -s Disallowed
-:: Beijing Kingsoft Security software Co.,Ltd
-%CertMgr% -del -c -sha1 E88DD1ACD2DB3A352072AA49C675F4944A3FEF82 -s Disallowed
-:: BEIJING KUWO TECHNOLOGY CO.,LTD.
-%CertMgr% -del -c -sha1 5FFFD1A3EAE5ED74558913C4A8476D1514C6D61F -s Disallowed
-:: BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.
-%CertMgr% -del -c -sha1 5DC57AF121E3101F4BFEA8A22BBDADC0869C80EE -s Disallowed
-:: Beijing Rising Information Technology Corporation Limited
-%CertMgr% -del -c -sha1 D9421BEDD9F5B8A91DD3F8691E7A42D83C983325 -s Disallowed
-:: Beijing Sohu New Media Information Technology Co., Ltd.
-%CertMgr% -del -c -sha1 D1BB252CAC3D250C55978F7EAAF121DA91A17B42 -s Disallowed
-:: Guangzhou Tieren Network Technology Co.,Ltd.
-%CertMgr% -del -c -sha1 2529C0C0D833806AFBFA3C31987C19A18722A2FE -s Disallowed
-:: Kingsoft Security Co.,Ltd
-%CertMgr% -del -c -sha1 2BDEC50B4446652C126709A08248E572B859CCCC -s Disallowed
-:: LE SHI INTERNET INFORMATION TECHNOLOGY CORP.,BEI JING
-%CertMgr% -del -c -sha1 62DF2BC4B5902B52C215C697D06038E3B28CF5D3 -s Disallowed
-:: Maxthon (Asia) Limited
-%CertMgr% -del -c -sha1 1481414E8E87412A00D3341167FE3A92C681B830 -s Disallowed
-:: Meitu.Com
-%CertMgr% -del -c -sha1 7B6FAE77BD19FEC5410293344B36124774A6D8F1 -s Disallowed
-:: NetEase(Hangzhou) Network Co. Ltd.
-%CertMgr% -del -c -sha1 E0387F3AF5752A4620EC617C39153C0E666CF5F8 -s Disallowed
-:: PPLive Corporation
-%CertMgr% -del -c -sha1 5477E38783CD37B1E5729B15D7C0873A2D72DB9D -s Disallowed
-:: Qihoo 360 Software Beijing Company Limited
-%CertMgr% -del -c -sha1 1E5BB77FCB63F26277F95AAE09B852699327A08A -s Disallowed
-:: Shanghai Quan Tudou Network Technology Co., Ltd.
-%CertMgr% -del -c -sha1 935140881F50BDF775D3CEF034C0D21C18FD2567 -s Disallowed
-:: ShenZhen Xunlei Networking Technologies Ltd.
-%CertMgr% -del -c -sha1 4099665730474153EADF671B8B475C03C08A46D0 -s Disallowed
-:: TAOBAO (CHINA) SOFTWARE CO.,LTD.
-%CertMgr% -del -c -sha1 E5777A69CAFD7F7C6F89C5297DD1159C7AE9B881 -s Disallowed
-:: Tencent Technology Shenzhen Company Limited
-%CertMgr% -del -c -sha1 2FDD445591CD2EEDBEF8B8A281896A59C08B3DC9 -s Disallowed
-:: Tencent Technology Shenzhen Company Limited(2010-01-26)
-%CertMgr% -del -c -sha1 8B46390D86B891E5A3D3AAB2B00D6FDB27A0F791 -s Disallowed
-:: UC Mobile Limited
-%CertMgr% -del -c -sha1 1540C77B5D19FC5A71A04DB001488E55B45DDC7F -s Disallowed
-:: Wandou Technology Ltd
-%CertMgr% -del -c -sha1 AB09D1AFE555CFC580575F5BC78B16B9F1C4E432 -s Disallowed
-:: Xiamen Yitianxia Network Technology Co., Ltd
-%CertMgr% -del -c -sha1 F49A648C69C2F01A0FDEB3992C5AE0A14D5AD9FC -s Disallowed
-:: Xiami.Com
-%CertMgr% -del -c -sha1 EEC507F719D5BA0CB913F034E045A24A509D8A5F -s Disallowed
-:: Ylmf.Com
-%CertMgr% -del -c -sha1 93A77CA50F165A5873DD3995874867B616AB3644 -s Disallowed
-:: YY Inc
-%CertMgr% -del -c -sha1 B3B89CD7940DC67E4291A3EE767AC17A3BC9E620 -s Disallowed
-
-:: Print to screen.
-@echo.
-@echo RevokeChinaCerts CodeSigning Restore version
-@echo Done. Please confirm the messages on screen.
-@echo.
-@pause
diff --git a/Windows/ArchiveCerts/RevokeChinaCerts_Organization.bat b/Windows/ArchiveCerts/RevokeChinaCerts_Organization.bat
deleted file mode 100644
index 0c3e97ca0b59bddb1c43d885ffaa8ed781f620c7..0000000000000000000000000000000000000000
--- a/Windows/ArchiveCerts/RevokeChinaCerts_Organization.bat
+++ /dev/null
@@ -1,56 +0,0 @@
-:: RevokeChinaCerts Organization batch
-:: Revoke China Certificates.
-::
-:: Author: Chengr28
-::
-
-@echo off
-
-:: Folder location
-cd /d %~dp0
-cd..
-set Folder=%cd%
-
-:: Architecture check
-set CertMgr="%Folder%\Tools\CertMgr"
-if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%Folder%\Tools\CertMgr_x86"
-
-:: Add certificates to CRL
-set Folder=%Folder%\ArchiveCerts\Organization
-%CertMgr% -add -c "%Folder%\ABC.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\ABC_TEST_CA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\ABC2048.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\AlibabaCom_Corporation_Root_CA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\ALIPAY_ROOT.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Alipay_Trust_NetWork.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\BOCOMCA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\CCB_CA_ROOT_199906.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\CCB_CA_ROOT_200906.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\CFCA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\CFCA_CS_CA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\CFCA_CS_TEST_CA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\CFCA_Operation_CA3.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\CFCA_RCA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\CFCA_Root_CA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\CFCA_RSA_RCA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\China_Trust_Network_1.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\China_Trust_Network_2.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\China_Trust_Network_3.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\ICBC.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\ICBC_Root_CA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\IcbcCA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_1.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_2.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_3.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\Personal_ICBC_CA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\ROOTCA_OSCCA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\SZCA.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\SZCA_200307.crt" -s Disallowed
-%CertMgr% -add -c "%Folder%\TenpayCom_Root_CA.crt" -s Disallowed
-
-:: Print to screen.
-@echo.
-@echo RevokeChinaCerts Organization version
-@echo Done. Please confirm the messages on screen.
-@echo.
-@pause
diff --git a/Windows/ArchiveCerts/RevokeChinaCerts_Organization_Choice.bat b/Windows/ArchiveCerts/RevokeChinaCerts_Organization_Choice.bat
deleted file mode 100644
index 329680ed380d118b61d055a3298586acb364a60a..0000000000000000000000000000000000000000
--- a/Windows/ArchiveCerts/RevokeChinaCerts_Organization_Choice.bat
+++ /dev/null
@@ -1,204 +0,0 @@
-:: RevokeChinaCerts Organization Choice batch
-:: Revoke China Certificates.
-::
-:: Author: Chengr28
-::
-
-@echo off
-
-:: Folder location
-cd /d %~dp0
-cd..
-set Folder=%cd%
-
-:: Architecture check
-set CertMgr="%Folder%\Tools\CertMgr"
-if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%Folder%\Tools\CertMgr_x86"
-
-:: Add certificates to CRL
-set Folder=%Folder%\ArchiveCerts\Organization
-set /p UserChoice="Revoke ABC? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-1
-%CertMgr% -add -c "%Folder%\ABC.crt" -s Disallowed
-
-:CERT-1
-@echo.
-set /p UserChoice="Revoke ABC TEST CA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-2
-%CertMgr% -add -c "%Folder%\ABC_TEST_CA.crt" -s Disallowed
-
-:CERT-2
-@echo.
-set /p UserChoice="Revoke ABC2048? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-3
-%CertMgr% -add -c "%Folder%\ABC2048.crt" -s Disallowed
-
-:CERT-3
-@echo.
-set /p UserChoice="Revoke Alibaba.com Corporation Root CA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-4
-%CertMgr% -add -c "%Folder%\AlibabaCom_Corporation_Root_CA.crt" -s Disallowed
-
-:CERT-4
-@echo.
-set /p UserChoice="Revoke ALIPAY_ROOT? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-5
-%CertMgr% -add -c "%Folder%\ALIPAY_ROOT.crt" -s Disallowed
-
-:CERT-5
-@echo.
-set /p UserChoice="Revoke Alipay Trust NetWork? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-6
-%CertMgr% -add -c "%Folder%\Alipay_Trust_NetWork.crt" -s Disallowed
-
-:CERT-6
-@echo.
-set /p UserChoice="Revoke BOCOMCA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-7
-%CertMgr% -add -c "%Folder%\BOCOMCA.crt" -s Disallowed
-
-:CERT-7
-@echo.
-set /p UserChoice="Revoke CCB CA ROOT(1999-06-29)? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-8
-%CertMgr% -add -c "%Folder%\CCB_CA_ROOT_199906.crt" -s Disallowed
-
-:CERT-8
-@echo.
-set /p UserChoice="Revoke CCB CA ROOT(2009-06-01)? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-9
-%CertMgr% -add -c "%Folder%\CCB_CA_ROOT_200906.crt" -s Disallowed
-
-:CERT-9
-@echo.
-set /p UserChoice="Revoke CFCA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-10
-%CertMgr% -add -c "%Folder%\CFCA.crt" -s Disallowed
-
-:CERT-10
-@echo.
-set /p UserChoice="Revoke CFCA CS CA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-11
-%CertMgr% -add -c "%Folder%\CFCA_CS_CA.crt" -s Disallowed
-
-:CERT-11
-@echo.
-set /p UserChoice="Revoke CFCA CS TEST CA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-12
-%CertMgr% -add -c "%Folder%\CFCA_CS_TEST_CA.crt" -s Disallowed
-
-:CERT-12
-@echo.
-set /p UserChoice="Revoke CFCA Operation CA3? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-13
-%CertMgr% -add -c "%Folder%\CFCA_Operation_CA3.crt" -s Disallowed
-
-:CERT-13
-@echo.
-set /p UserChoice="Revoke CFCA RCA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-14
-%CertMgr% -add -c "%Folder%\CFCA_RCA.crt" -s Disallowed
-
-:CERT-14
-@echo.
-set /p UserChoice="Revoke CFCA Root CA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-15
-%CertMgr% -add -c "%Folder%\CFCA_Root_CA.crt" -s Disallowed
-
-:CERT-15
-@echo.
-set /p UserChoice="Revoke CFCA RSA RCA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-16
-%CertMgr% -add -c "%Folder%\CFCA_RSA_RCA.crt" -s Disallowed
-
-:CERT-16
-@echo.
-set /p UserChoice="Revoke China Trust Network(1)? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-17
-%CertMgr% -add -c "%Folder%\China_Trust_Network_1.crt" -s Disallowed
-
-:CERT-17
-@echo.
-set /p UserChoice="Revoke China Trust Network(2)? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-18
-%CertMgr% -add -c "%Folder%\China_Trust_Network_2.crt" -s Disallowed
-
-:CERT-18
-@echo.
-set /p UserChoice="Revoke China Trust Network(3)? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-19
-%CertMgr% -add -c "%Folder%\China_Trust_Network_3.crt" -s Disallowed
-
-:CERT-19
-@echo.
-set /p UserChoice="Revoke ICBC? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-20
-%CertMgr% -add -c "%Folder%\ICBC.crt" -s Disallowed
-
-:CERT-20
-@echo.
-set /p UserChoice="Revoke ICBC Root CA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-21
-%CertMgr% -add -c "%Folder%\ICBC_Root_CA.crt" -s Disallowed
-
-:CERT-21
-@echo.
-set /p UserChoice="Revoke IcbcCA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-22
-%CertMgr% -add -c "%Folder%\IcbcCA.crt" -s Disallowed
-
-:CERT-22
-@echo.
-set /p UserChoice="Revoke iTruschina CN Root CA(1)? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-23
-%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_1.crt" -s Disallowed
-
-:CERT-23
-@echo.
-set /p UserChoice="Revoke iTruschina CN Root CA(2)? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-24
-%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_2.crt" -s Disallowed
-
-:CERT-24
-@echo.
-set /p UserChoice="Revoke iTruschina CN Root CA(3)? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-25
-%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_3.crt" -s Disallowed
-
-:CERT-25
-@echo.
-set /p UserChoice="Revoke Personal ICBC CA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-26
-%CertMgr% -add -c "%Folder%\Personal_ICBC_CA.crt" -s Disallowed
-
-:CERT-26
-@echo.
-set /p UserChoice="Revoke ROOTCA OSCCA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-27
-%CertMgr% -add -c "%Folder%\ROOTCA_OSCCA.crt" -s Disallowed
-
-:CERT-27
-@echo.
-set /p UserChoice="Revoke SZCA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-28
-%CertMgr% -add -c "%Folder%\SZCA.crt" -s Disallowed
-
-:CERT-28
-@echo.
-set /p UserChoice="Revoke SZCA(20030722)? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto CERT-29
-%CertMgr% -add -c "%Folder%\SZCA_200307.crt" -s Disallowed
-
-:CERT-29
-@echo.
-set /p UserChoice="Revoke TenpayCom Root CA? [Y/N]"
-if /i not "%UserChoice%" == "Y" goto Exit
-%CertMgr% -add -c "%Folder%\TenpayCom_Root_CA.crt" -s Disallowed
-
-:: Print to screen.
-:Exit
-@echo.
-@echo RevokeChinaCerts Organization Choice version
-@echo Done. Please confirm the messages on screen.
-@echo.
-@pause
diff --git a/Windows/ArchiveCerts/RevokeChinaCerts_Organization_Restore.bat b/Windows/ArchiveCerts/RevokeChinaCerts_Organization_Restore.bat
deleted file mode 100644
index c038986c1493b3d6fce967fcaa7d23df370c25b6..0000000000000000000000000000000000000000
--- a/Windows/ArchiveCerts/RevokeChinaCerts_Organization_Restore.bat
+++ /dev/null
@@ -1,84 +0,0 @@
-:: RevokeChinaCerts Organization Restore batch
-:: Revoke China Certificates.
-::
-:: Author: Chengr28
-::
-
-@echo off
-
-:: Folder location
-cd /d %~dp0
-cd..
-
-:: Architecture check
-set CertMgr="%cd%\Tools\CertMgr"
-if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%cd%\Tools\CertMgr_x86"
-
-:: Restore certificates
-:: ABC
-%CertMgr% -del -c -sha1 78D0CDF5752D1E5B58A674644CFE3499BF02F9EF -s Disallowed
-:: ABC TEST CA
-%CertMgr% -del -c -sha1 F18C39F8B5A3E9BADC811BBA7690E8D0143BD851 -s Disallowed
-:: ABC2048
-%CertMgr% -del -c -sha1 6FAE9AD81467C5FCB93574670F52C8EF538F8B6D -s Disallowed
-:: Alibaba.com Corporation Root CA
-%CertMgr% -del -c -sha1 A7217F919843199C958C128449DD52D2723B0A8A -s Disallowed
-:: ALIPAY_ROOT
-%CertMgr% -del -c -sha1 59864294A96B3E5C37C058E9D1FBDE5FF0C2E4EE -s Disallowed
-:: Alipay Trust NetWork
-%CertMgr% -del -c -sha1 89A2FB0E332BA7275FE712FEC669D746125B1F32 -s Disallowed
-:: BOCOMCA
-%CertMgr% -del -c -sha1 4571466B830EAC5FCDC22103B9733C1A15CE78AC -s Disallowed
-:: CCB CA ROOT(1999-06-29)
-%CertMgr% -del -c -sha1 3018E5D74DF29E3590F5BB8DF01AA7FC116BB4DE -s Disallowed
-:: CCB CA ROOT(2009-06-01)
-%CertMgr% -del -c -sha1 8582B4AF7491B3D16636EEB32D44993D7DEE6C40 -s Disallowed
-:: CFCA
-%CertMgr% -del -c -sha1 A9743B713E4109381622D3689AB5D9E1DC51B164 -s Disallowed
-:: CFCA CS CA
-%CertMgr% -del -c -sha1 D3FBFAA8A67FC9A2EADBF86AEB5D07A9D6AF322E -s Disallowed
-:: CFCA CS TEST CA
-%CertMgr% -del -c -sha1 B5DCF1C58E86DBED2EA2D217A5C28D11FD9254F0 -s Disallowed
-:: CFCA Operation CA3
-%CertMgr% -del -c -sha1 5A3A3EA74AE5D29F25A670024949869D1222E42A -s Disallowed
-:: CFCA RCA
-%CertMgr% -del -c -sha1 AE73DFF81CF24E50DD52CA1496E7EF94876061CB -s Disallowed
-:: CFCA Root CA
-%CertMgr% -del -c -sha1 31BD6AEF73031C5A49338E7A06040DD815EF7512 -s Disallowed
-:: CFCA RSA RCA
-%CertMgr% -del -c -sha1 57C5CEBB53FBF181E0B13977AF864F1C13F11AA9 -s Disallowed
-:: China Trust Network(1)
-%CertMgr% -del -c -sha1 C2CAEB0DC296FD50596BCA0F53C5364521167039 -s Disallowed
-:: China Trust Network(2)
-%CertMgr% -del -c -sha1 B39B0B24B156D8B6123CAF7BA249DC81F27E39FA -s Disallowed
-:: China Trust Network(3)
-%CertMgr% -del -c -sha1 7C88AE178AE6AB8E69C30AF586D84EF29B6E6AE3 -s Disallowed
-:: ICBC
-%CertMgr% -del -c -sha1 E3F9043072BABF5E9C631960B34CCCF9FFC8BA41 -s Disallowed
-:: ICBC Root CA
-%CertMgr% -del -c -sha1 5A960203C10CFA8D42DD115B61154F98E2F617F7 -s Disallowed
-:: IcbcCA
-%CertMgr% -del -c -sha1 A02A23D13576ECA35498DC69166A20651E203E31 -s Disallowed
-:: iTruschina CN Root CA(1)
-%CertMgr% -del -c -sha1 240A61A2577970625B9F0B81283C4AA4037217B1 -s Disallowed
-:: iTruschina CN Root CA(2)
-%CertMgr% -del -c -sha1 46F168AF009C28C18F452EB85F5E8747892B3C8B -s Disallowed
-:: iTruschina CN Root CA(3)
-%CertMgr% -del -c -sha1 654E9FADD2032AE1B87D6263AF04FD7FEE38D57C -s Disallowed
-:: Personal ICBC CA
-%CertMgr% -del -c -sha1 2ABC81B0D7D052F887965562BB10AA66A80F7674 -s Disallowed
-:: ROOTCA OSCCA
-%CertMgr% -del -c -sha1 DBB84423C928ABE889D0E368FC3191D151DDB1AB -s Disallowed
-:: SZCA
-%CertMgr% -del -c -sha1 B0049D436F27237EE59C746A1EF3C96A8E1B54AC -s Disallowed
-:: SZCA(20030722)
-%CertMgr% -del -c -sha1 90D7A97592F0A3E2165DE5DA23B57701D74A298D -s Disallowed
-:: TenpayCom Root CA
-%CertMgr% -del -c -sha1 56502166C0DE2488950491C90C7560E0E7AA7378 -s Disallowed
-
-:: Print to screen.
-@echo.
-@echo RevokeChinaCerts Organization Restore version
-@echo Done. Please confirm the messages on screen.
-@echo.
-@pause
diff --git a/Windows/ArchiveCerts/CodeSigning/91Com.crt b/Windows/Certs/CodeSigning/91Com.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/91Com.crt
rename to Windows/Certs/CodeSigning/91Com.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/BEIJING_KUWO_TECHNOLOGY_COLTD.crt b/Windows/Certs/CodeSigning/BEIJING_KUWO_TECHNOLOGY_COLTD.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/BEIJING_KUWO_TECHNOLOGY_COLTD.crt
rename to Windows/Certs/CodeSigning/BEIJING_KUWO_TECHNOLOGY_COLTD.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt b/Windows/Certs/CodeSigning/BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt
rename to Windows/Certs/CodeSigning/BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Baidu_China_CoLtd.crt b/Windows/Certs/CodeSigning/Baidu_China_CoLtd.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Baidu_China_CoLtd.crt
rename to Windows/Certs/CodeSigning/Baidu_China_CoLtd.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt b/Windows/Certs/CodeSigning/Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt
rename to Windows/Certs/CodeSigning/Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Beijing_Baofeng_Technology_CoLtd.crt b/Windows/Certs/CodeSigning/Beijing_Baofeng_Technology_CoLtd.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Beijing_Baofeng_Technology_CoLtd.crt
rename to Windows/Certs/CodeSigning/Beijing_Baofeng_Technology_CoLtd.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Beijing_Funshion_Online_Technologies_Ltd.crt b/Windows/Certs/CodeSigning/Beijing_Funshion_Online_Technologies_Ltd.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Beijing_Funshion_Online_Technologies_Ltd.crt
rename to Windows/Certs/CodeSigning/Beijing_Funshion_Online_Technologies_Ltd.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd.crt b/Windows/Certs/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd_201112.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd.crt
rename to Windows/Certs/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd_201112.crt
diff --git a/Windows/Certs/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd_201412.crt b/Windows/Certs/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd_201412.crt
new file mode 100644
index 0000000000000000000000000000000000000000..fe24f2c9721b8985961d2cb838e2a561214423cf
--- /dev/null
+++ b/Windows/Certs/CodeSigning/Beijing_Kingsoft_Security_Software_CoLtd_201412.crt
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFdzCCBF+gAwIBAgIQeh/nZ2pISdruK//EpP9L0zANBgkqhkiG9w0BAQUFADCB
+tDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
+ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
+YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEuMCwGA1UEAxMl
+VmVyaVNpZ24gQ2xhc3MgMyBDb2RlIFNpZ25pbmcgMjAxMCBDQTAeFw0xNDEyMjkw
+MDAwMDBaFw0xNjAxMjgyMzU5NTlaMIGoMQswCQYDVQQGEwJDTjEQMA4GA1UECBMH
+YmVpamluZzEQMA4GA1UEBxMHYmVpamluZzEzMDEGA1UEChQqQmVpamluZyBLaW5n
+c29mdCBTZWN1cml0eSBzb2Z0d2FyZSBDby4sTHRkMQswCQYDVQQLFAJJVDEzMDEG
+A1UEAxQqQmVpamluZyBLaW5nc29mdCBTZWN1cml0eSBzb2Z0d2FyZSBDby4sTHRk
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4H96NpBPM4piYDBxHB93
+26igM/APfSN0by7vsRhpg60SpXn8XJW/vSJKr8HUpYwtS+GPN9aFvN/KpDT5+SRB
+26RYoinHgyLsxFSPQIqQVgbyBwJxu16pjbva8qML2z7Uh1ioNv8nzIRwLy1BI2/M
+etHCmGcN7KgnCy+Bjq1l0ipeVjbrjIeRm7oskvv0epjiblCKywSLY4gpuaJ8h04T
+qdzmYkzKyvD5gjtkQT0u6CORuhNNjrReOiSYRrAOsuhQzGpy4cQtpwEd0F2gGgmb
+0uwrawyMYv5gg/YJxZd0E+GPjjhqi2NVDOSb+dXwyLuDk6OBPBy5Oib3SpU1lBxP
+TwIDAQABo4IBjTCCAYkwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCB4AwKwYDVR0f
+BCQwIjAgoB6gHIYaaHR0cDovL3NmLnN5bWNiLmNvbS9zZi5jcmwwZgYDVR0gBF8w
+XTBbBgtghkgBhvhFAQcXAzBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2Iu
+Y29tL2NwczAlBggrBgEFBQcCAjAZDBdodHRwczovL2Quc3ltY2IuY29tL3JwYTAT
+BgNVHSUEDDAKBggrBgEFBQcDAzBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGG
+E2h0dHA6Ly9zZi5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9zZi5zeW1j
+Yi5jb20vc2YuY3J0MB8GA1UdIwQYMBaAFM+Zqep7JvRLyY6P1/AFJu/j0qedMB0G
+A1UdDgQWBBTLiDXjtqWv2mSKzUhOhjUOpHO2zDARBglghkgBhvhCAQEEBAMCBBAw
+FgYKKwYBBAGCNwIBGwQIMAYBAQABAf8wDQYJKoZIhvcNAQEFBQADggEBAJIO9o10
+lg4MSyqbRmeoUvEW9T8I2nUY2mKqUzMYdF4jhBljuv5cKYtnCVbr7yXW7IhkwyAR
+zspPNMYrVLI03MvIbyGhk7T9F65wv7/uqJsnfqT/a6C6jhqLFGHoyFGTH207Xm+j
+6goixclXkI7ZoFGTnHM0h0T9AlfU4gEn3hgjUhK8iL1Eh4YPcXiMsqttL1run223
+qJ3074wUL8kC0gSDGmjN5hHX3ljt4REqYWoghlt1nq2q6O01cJ6y0lpAf58+EvjE
+BA7LWfneE3B7gsLNlpNmj4efRCHu9aUODXXs/eRGDqmaVib1Z6ayQAPAL5laUd6P
+Xgr+GTs36XnG4QQ=
+-----END CERTIFICATE-----
diff --git a/Windows/ArchiveCerts/CodeSigning/Beijing_Rising_Information_Technology_Corporation_Limited.crt b/Windows/Certs/CodeSigning/Beijing_Rising_Information_Technology_Corporation_Limited.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Beijing_Rising_Information_Technology_Corporation_Limited.crt
rename to Windows/Certs/CodeSigning/Beijing_Rising_Information_Technology_Corporation_Limited.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt b/Windows/Certs/CodeSigning/Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt
rename to Windows/Certs/CodeSigning/Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Guangzhou_Tieren_Network_Technology_CoLtd.crt b/Windows/Certs/CodeSigning/Guangzhou_Tieren_Network_Technology_CoLtd.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Guangzhou_Tieren_Network_Technology_CoLtd.crt
rename to Windows/Certs/CodeSigning/Guangzhou_Tieren_Network_Technology_CoLtd.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Kingsoft_Security_CoLtd.crt b/Windows/Certs/CodeSigning/Kingsoft_Security_CoLtd.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Kingsoft_Security_CoLtd.crt
rename to Windows/Certs/CodeSigning/Kingsoft_Security_CoLtd.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt b/Windows/Certs/CodeSigning/LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt
rename to Windows/Certs/CodeSigning/LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Maxthon_Asia_Limited.crt b/Windows/Certs/CodeSigning/Maxthon_Asia_Limited.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Maxthon_Asia_Limited.crt
rename to Windows/Certs/CodeSigning/Maxthon_Asia_Limited.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/MeituCom.crt b/Windows/Certs/CodeSigning/MeituCom_201212.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/MeituCom.crt
rename to Windows/Certs/CodeSigning/MeituCom_201212.crt
diff --git a/Windows/Certs/CodeSigning/MeituCom_201411.crt b/Windows/Certs/CodeSigning/MeituCom_201411.crt
new file mode 100644
index 0000000000000000000000000000000000000000..2f97680fb51516f92709ed2a1c9ab3b180321d04
--- /dev/null
+++ b/Windows/Certs/CodeSigning/MeituCom_201411.crt
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFHTCCBAWgAwIBAgIQd+eV0+QIQll1ve8mWjtqaDANBgkqhkiG9w0BAQsFADBK
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMSQwIgYDVQQDExtU
+aGF3dGUgQ29kZSBTaWduaW5nIENBIC0gRzIwHhcNMTQxMTIwMDAwMDAwWhcNMTcw
+MjE4MjM1OTU5WjCBmzELMAkGA1UEBhMCQ04xDzANBgNVBAgMBkZ1amlhbjEPMA0G
+A1UEBwwGWGlhbWVuMSowKAYDVQQKDCHljqbpl6jnvo7lm77nvZHnp5HmioDmnInp
+mZDlhazlj7gxEjAQBgNVBAsMCeS6p+WTgemDqDEqMCgGA1UEAwwh5Y6m6Zeo576O
+5Zu+572R56eR5oqA5pyJ6ZmQ5YWs5Y+4MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0A
+MIIBCAKCAQEA9N5Sk0o4NYQBIR0wOkKQH72/1D5Y0ixJzZBror/HcQXr3sqtGRhU
+CPcJM+Prms8P8D51lTnyglrsQ9cKfc4BVnVgr7v2bb2IoWKa3YfscT/18+UKcpfp
+qCmRoDp5o/gv89j85kZyId0QNpUCL8s9QOWzGFdJHR3AyKRKaSEavyw0aTNoc64u
+vD8UYh3xe7+V/lPgvWMPQVei1PYQB+wn2dxS+rGHzjBeJjknVGIEUBIk87BDVR0u
+8hRxPRZhmwKa/bF+0Y0ITc6Ww4xoO2aAxJbvMBz9ArswfcG7cORnOIHq6SLkPC6X
+NOF5Nr2qHDBXuhyc8eR3+BymQENx1PykFwIBA6OCAa0wggGpMAkGA1UdEwQCMAAw
+HwYDVR0jBBgwFoAU1A1lP3q9NMb+R+dMDcC98t4Vq3EwHQYDVR0OBBYEFAy577up
+AqP40qggs6wuPEw7nJ11MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly90aC5zeW1j
+Yi5jb20vdGguY3JsMA4GA1UdDwEB/wQEAwIHgDAfBgNVHSUEGDAWBggrBgEFBQcD
+AwYKKwYBBAGCNwIBFjBzBgNVHSAEbDBqMGgGC2CGSAGG+EUBBzACMFkwJgYIKwYB
+BQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMC8GCCsGAQUFBwICMCMM
+IWh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3NpdG9yeTAdBgNVHQQEFjAUMA4w
+DAYKKwYBBAGCNwIBFgMCB4AwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNo
+dHRwOi8vdGguc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vdGguc3ltY2Iu
+Y29tL3RoLmNydDARBglghkgBhvhCAQEEBAMCBBAwDQYJKoZIhvcNAQELBQADggEB
+AKYeUS0q1WvEy/yVm7fwjul/340/+1kmxI9jgfOptJ4O7PrYWsA6jx9vxZk9JzqS
+WCkBilkm51GFBCjkAILzXyizFYF5eoi9U3dqNf7ekECxI+L4H1AWkc7mcEO3yS7v
+tWs4bxgCFSov8BUpZcS74qu1//3ck2jnbVzoZwZ/uqGjDfQspkkhW3OaKHTsUDuq
+P0rcg2Gl/MuHjSnN33D80OxTssExxM1Y3qpdWxwvPMRs9ooaS4Ir250xLOcCycFt
+Gi8InbV4f9hszhaQrpMREVHWRYUA9VkTpnEx8ySkoY4nsQPTxI+IoS7NLQgm5CrY
+lAksmYYywLTZ0s0f/T2gSww=
+-----END CERTIFICATE-----
diff --git a/Windows/ArchiveCerts/CodeSigning/NetEase_Hangzhou_Network_CoLtd.crt b/Windows/Certs/CodeSigning/NetEase_Hangzhou_Network_CoLtd.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/NetEase_Hangzhou_Network_CoLtd.crt
rename to Windows/Certs/CodeSigning/NetEase_Hangzhou_Network_CoLtd.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/PPLive_Corporation.crt b/Windows/Certs/CodeSigning/PPLive_Corporation.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/PPLive_Corporation.crt
rename to Windows/Certs/CodeSigning/PPLive_Corporation.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Qihoo_360_Software_Beijing_Company_Limited.crt b/Windows/Certs/CodeSigning/Qihoo_360_Software_Beijing_Company_Limited.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Qihoo_360_Software_Beijing_Company_Limited.crt
rename to Windows/Certs/CodeSigning/Qihoo_360_Software_Beijing_Company_Limited.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt b/Windows/Certs/CodeSigning/Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt
rename to Windows/Certs/CodeSigning/Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/ShenZhen_Xunlei_Networking_Technologies_Ltd.crt b/Windows/Certs/CodeSigning/ShenZhen_Xunlei_Networking_Technologies_Ltd.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/ShenZhen_Xunlei_Networking_Technologies_Ltd.crt
rename to Windows/Certs/CodeSigning/ShenZhen_Xunlei_Networking_Technologies_Ltd.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/TAOBAO_CHINA_SOFTWARE_COLTD.crt b/Windows/Certs/CodeSigning/TAOBAO_CHINA_SOFTWARE_COLTD.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/TAOBAO_CHINA_SOFTWARE_COLTD.crt
rename to Windows/Certs/CodeSigning/TAOBAO_CHINA_SOFTWARE_COLTD.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Tencent_Technology_Shenzhen_Company_Limited_201001.crt b/Windows/Certs/CodeSigning/Tencent_Technology_Shenzhen_Company_Limited_201001.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Tencent_Technology_Shenzhen_Company_Limited_201001.crt
rename to Windows/Certs/CodeSigning/Tencent_Technology_Shenzhen_Company_Limited_201001.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Tencent_Technology_Shenzhen_Company_Limited.crt b/Windows/Certs/CodeSigning/Tencent_Technology_Shenzhen_Company_Limited_201301.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Tencent_Technology_Shenzhen_Company_Limited.crt
rename to Windows/Certs/CodeSigning/Tencent_Technology_Shenzhen_Company_Limited_201301.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/UC_Mobile_Limited.crt b/Windows/Certs/CodeSigning/UC_Mobile_Limited.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/UC_Mobile_Limited.crt
rename to Windows/Certs/CodeSigning/UC_Mobile_Limited.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Wandou_Technology_Ltd.crt b/Windows/Certs/CodeSigning/Wandou_Technology_Ltd.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Wandou_Technology_Ltd.crt
rename to Windows/Certs/CodeSigning/Wandou_Technology_Ltd.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt b/Windows/Certs/CodeSigning/WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt
rename to Windows/Certs/CodeSigning/WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt b/Windows/Certs/CodeSigning/WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt
rename to Windows/Certs/CodeSigning/WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/Xiamen_Yitianxia_Network_Technology_CoLtd.crt b/Windows/Certs/CodeSigning/Xiamen_Yitianxia_Network_Technology_CoLtd.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/Xiamen_Yitianxia_Network_Technology_CoLtd.crt
rename to Windows/Certs/CodeSigning/Xiamen_Yitianxia_Network_Technology_CoLtd.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/XiamiCom.crt b/Windows/Certs/CodeSigning/XiamiCom.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/XiamiCom.crt
rename to Windows/Certs/CodeSigning/XiamiCom.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/YY_Inc.crt b/Windows/Certs/CodeSigning/YY_Inc.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/YY_Inc.crt
rename to Windows/Certs/CodeSigning/YY_Inc.crt
diff --git a/Windows/ArchiveCerts/CodeSigning/YlmfCom.crt b/Windows/Certs/CodeSigning/YlmfCom.crt
similarity index 100%
rename from Windows/ArchiveCerts/CodeSigning/YlmfCom.crt
rename to Windows/Certs/CodeSigning/YlmfCom.crt
diff --git a/Windows/ArchiveCerts/Organization/Autoridad_de_Certificacion_Raiz_del_Estado_Venezolano_200702.crt b/Windows/Certs/Online/Autoridad_de_Certificacion_Raiz_del_Estado_Venezolano_200702.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/Autoridad_de_Certificacion_Raiz_del_Estado_Venezolano_200702.crt
rename to Windows/Certs/Online/Autoridad_de_Certificacion_Raiz_del_Estado_Venezolano_200702.crt
diff --git a/Windows/ArchiveCerts/Organization/Autoridad_de_Certificacion_Raiz_del_Estado_Venezolano_201012.crt b/Windows/Certs/Online/Autoridad_de_Certificacion_Raiz_del_Estado_Venezolano_201012.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/Autoridad_de_Certificacion_Raiz_del_Estado_Venezolano_201012.crt
rename to Windows/Certs/Online/Autoridad_de_Certificacion_Raiz_del_Estado_Venezolano_201012.crt
diff --git a/Windows/Certs/Online/CA_WoSign_ECC_Root.crt b/Windows/Certs/Online/CA_WoSign_ECC_Root.crt
new file mode 100644
index 0000000000000000000000000000000000000000..e1197da583a51ba9bff9c82d90021b44a1e37372
--- /dev/null
+++ b/Windows/Certs/Online/CA_WoSign_ECC_Root.crt
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQsw
+CQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMT
+EkNBIFdvU2lnbiBFQ0MgUm9vdDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4
+NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEb
+MBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZIzj0CAQYFK4EEACID
+YgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiUt5v8
+KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES
+1ns2o0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
+FgQUqv3VWqP2h4syhf3RMluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB
+1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0Daupn75OcsqF1NnstTJFGG+rrQIwfcf3
+aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYua/GRspBl9JrmkO5K
+-----END CERTIFICATE-----
diff --git a/Windows/Certs/CFCA_EV_ROOT.crt b/Windows/Certs/Online/CFCA_EV_ROOT.crt
similarity index 100%
rename from Windows/Certs/CFCA_EV_ROOT.crt
rename to Windows/Certs/Online/CFCA_EV_ROOT.crt
diff --git a/Windows/Certs/CFCA_GT_CA_201106.crt b/Windows/Certs/Online/CFCA_GT_CA_201106.crt
similarity index 100%
rename from Windows/Certs/CFCA_GT_CA_201106.crt
rename to Windows/Certs/Online/CFCA_GT_CA_201106.crt
diff --git a/Windows/Certs/CFCA_GT_CA_201208.crt b/Windows/Certs/Online/CFCA_GT_CA_201208.crt
similarity index 100%
rename from Windows/Certs/CFCA_GT_CA_201208.crt
rename to Windows/Certs/Online/CFCA_GT_CA_201208.crt
diff --git a/Windows/Certs/CNNIC_ROOT.crt b/Windows/Certs/Online/CNNIC_ROOT.crt
similarity index 100%
rename from Windows/Certs/CNNIC_ROOT.crt
rename to Windows/Certs/Online/CNNIC_ROOT.crt
diff --git a/Windows/Certs/CNNIC_SSL_Entrust.crt b/Windows/Certs/Online/CNNIC_SSL_Entrust.crt
similarity index 100%
rename from Windows/Certs/CNNIC_SSL_Entrust.crt
rename to Windows/Certs/Online/CNNIC_SSL_Entrust.crt
diff --git a/Windows/Certs/Certification_Authority_Of_WoSign.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign.crt
similarity index 100%
rename from Windows/Certs/Certification_Authority_Of_WoSign.crt
rename to Windows/Certs/Online/Certification_Authority_Of_WoSign.crt
diff --git a/Windows/Certs/Certification_Authority_Of_WoSign_200908.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign_200908.crt
similarity index 100%
rename from Windows/Certs/Certification_Authority_Of_WoSign_200908.crt
rename to Windows/Certs/Online/Certification_Authority_Of_WoSign_200908.crt
diff --git a/Windows/Certs/Certification_Authority_Of_WoSign_Chinese.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign_Chinese.crt
similarity index 100%
rename from Windows/Certs/Certification_Authority_Of_WoSign_Chinese.crt
rename to Windows/Certs/Online/Certification_Authority_Of_WoSign_Chinese.crt
diff --git a/Windows/Certs/Certification_Authority_Of_WoSign_Chinese_StartCom.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign_Chinese_StartCom.crt
similarity index 100%
rename from Windows/Certs/Certification_Authority_Of_WoSign_Chinese_StartCom.crt
rename to Windows/Certs/Online/Certification_Authority_Of_WoSign_Chinese_StartCom.crt
diff --git a/Windows/Certs/Online/Certification_Authority_Of_WoSign_G2.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign_G2.crt
new file mode 100644
index 0000000000000000000000000000000000000000..9efaf611c62a22efd6728ee9c5c3dbf4d5c1354f
--- /dev/null
+++ b/Windows/Certs/Online/Certification_Authority_Of_WoSign_G2.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBY
+MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNV
+BAMTJENlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDEx
+MDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgxCzAJBgNVBAYTAkNOMRowGAYDVQQK
+ExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPX
+JYY1kBaiXW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgO
+gHzKtB0TiGsOqCR3A9DuW/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg
+5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg95k4ot+vElbGs/V6r+kHLXZ1L3PR8du9n
+fwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BKv0mUYQs4kI9dJGwlezt5
+2eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD
+VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJ
+KoZIhvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8
+fHulwqZm46qwtyeYP0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G
+3CE4Q3RM+zD4F3LBMvzIkRfEzFg3TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yy
+SrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu+sif/a+RZQp4OBXllxcU3fng
+LDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+7Q9LGOHSJDy7
+XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg=
+-----END CERTIFICATE-----
diff --git a/Windows/Certs/Certification_Authority_Of_WoSign_StartCom_200609.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_200609.crt
similarity index 100%
rename from Windows/Certs/Certification_Authority_Of_WoSign_StartCom_200609.crt
rename to Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_200609.crt
diff --git a/Windows/Certs/Certification_Authority_Of_WoSign_StartCom_201103_1.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_201103_1.crt
similarity index 100%
rename from Windows/Certs/Certification_Authority_Of_WoSign_StartCom_201103_1.crt
rename to Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_201103_1.crt
diff --git a/Windows/Certs/Certification_Authority_Of_WoSign_StartCom_201103_2.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_201103_2.crt
similarity index 100%
rename from Windows/Certs/Certification_Authority_Of_WoSign_StartCom_201103_2.crt
rename to Windows/Certs/Online/Certification_Authority_Of_WoSign_StartCom_201103_2.crt
diff --git a/Windows/Certs/Certification_Authority_Of_WoSign_USERTrust.crt b/Windows/Certs/Online/Certification_Authority_Of_WoSign_USERTrust.crt
similarity index 100%
rename from Windows/Certs/Certification_Authority_Of_WoSign_USERTrust.crt
rename to Windows/Certs/Online/Certification_Authority_Of_WoSign_USERTrust.crt
diff --git a/Windows/Certs/China_Internet_Network_Information_Center_EV_Certificates_Root.crt b/Windows/Certs/Online/China_Internet_Network_Information_Center_EV_Certificates_Root.crt
similarity index 100%
rename from Windows/Certs/China_Internet_Network_Information_Center_EV_Certificates_Root.crt
rename to Windows/Certs/Online/China_Internet_Network_Information_Center_EV_Certificates_Root.crt
diff --git a/Windows/Certs/Class_1_Primary_CA.crt b/Windows/Certs/Online/Class_1_Primary_CA.crt
similarity index 100%
rename from Windows/Certs/Class_1_Primary_CA.crt
rename to Windows/Certs/Online/Class_1_Primary_CA.crt
diff --git a/Windows/Certs/GiantRootCA.crt b/Windows/Certs/Online/GiantRootCA.crt
similarity index 100%
rename from Windows/Certs/GiantRootCA.crt
rename to Windows/Certs/Online/GiantRootCA.crt
diff --git a/Windows/Certs/Government_Root_Certification_Authority.crt b/Windows/Certs/Online/Government_Root_Certification_Authority.crt
similarity index 100%
rename from Windows/Certs/Government_Root_Certification_Authority.crt
rename to Windows/Certs/Online/Government_Root_Certification_Authority.crt
diff --git a/Windows/Certs/Hongkong_Post_Root_CA.crt b/Windows/Certs/Online/Hongkong_Post_Root_CA.crt
similarity index 100%
rename from Windows/Certs/Hongkong_Post_Root_CA.crt
rename to Windows/Certs/Online/Hongkong_Post_Root_CA.crt
diff --git a/Windows/Certs/Hongkong_Post_Root_CA_1.crt b/Windows/Certs/Online/Hongkong_Post_Root_CA_1.crt
similarity index 100%
rename from Windows/Certs/Hongkong_Post_Root_CA_1.crt
rename to Windows/Certs/Online/Hongkong_Post_Root_CA_1.crt
diff --git a/Windows/Certs/Online/JGZXCA.crt b/Windows/Certs/Online/JGZXCA.crt
new file mode 100644
index 0000000000000000000000000000000000000000..4bf82c4f8b8dd3fa2683e856b3a3a687b910c1fe
--- /dev/null
+++ b/Windows/Certs/Online/JGZXCA.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDWTCCAkGgAwIBAgIIKRNWlc7d5tYwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UE
+BhMCQ04xDjAMBgNVBAoMBVNBUkZUMQ0wCwYDVQQLDARKR1pYMQ8wDQYDVQQDDAZK
+R1pYQ0EwHhcNMTMwNjE5MDk1MDE3WhcNNDMwNjEyMDk1MDE3WjA9MQswCQYDVQQG
+EwJDTjEOMAwGA1UECgwFU0FSRlQxDTALBgNVBAsMBEpHWlgxDzANBgNVBAMMBkpH
+WlhDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMOhFBLDhRNxOKD9
+Ey5qXCXk58cM4xYS9dgw7wfaxo3Zp219VuIaR06MRA9BzAu/Q1LxIEOnk/Q2nkmp
+VdEptHGsANPEOHNgdGIn+9EhurymbOUBOQ1+oUG8EoiyZSa88U2xl880L9Lu5A1y
+fT7c5RVgInY58no5i08DbSSPGnZeGzAUBIX94eXVsGYEQluUVjKBPiBZ3il4W7R0
+qjNg/ml/riDQPDZ4053wzumZP381lFtKWoUPDpI6JXRkRs+Piorq3EeVCMQ13ENu
+i4snxvY+jgjE5MLI8xeEnBEBob4fsvB31k/442JBWEKnudqEg1MBkDzheNJlIVFY
+BcrwxPsCAwEAAaNdMFswHwYDVR0jBBgwFoAUMcJT9IHOLBFGnXLIw6jsqYbBXa0w
+DAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFDHCU/SBziwRRp1y
+yMOo7KmGwV2tMA0GCSqGSIb3DQEBBQUAA4IBAQAq1LS3tJgAcBnvEpGZPGz8RwP2
+qgjTruy0n08UkkMXcp8FAgZNVK5NyuGPMxN2jpWCIxLGl83XEjIqK0VEAecCRyVo
+WY/bnCAvgeuIaVkrNm3Xmwc7Sw83sVxxccXu9WptaR8fM+lud95ZfZCs6p7xo8hL
+Lhz6wimoH8xZgsb5CW2wmPncQtOCFeNcIMRWor/r5hGPZDvw6NfO0lYz3+ZcAh2X
+BsevpLg9MfVHMs7hJM1ZH6b08aylVA1MtXI9F5mo+UFM47n0hqLTPpemmNtn9K14
+rf3XhyDYQ8iJdwntp+pPbUDaq9qPa7FDjKiuHJ3S9xElmovhcEa71LVmvsFW
+-----END CERTIFICATE-----
diff --git a/Windows/Certs/Macao_Post_eSignTrust_Root_Certification_Authority.crt b/Windows/Certs/Online/Macao_Post_eSignTrust_Root_Certification_Authority.crt
similarity index 100%
rename from Windows/Certs/Macao_Post_eSignTrust_Root_Certification_Authority.crt
rename to Windows/Certs/Online/Macao_Post_eSignTrust_Root_Certification_Authority.crt
diff --git a/Windows/Certs/Macao_Post_eSignTrust_Root_Certification_Authority_G02.crt b/Windows/Certs/Online/Macao_Post_eSignTrust_Root_Certification_Authority_G02.crt
similarity index 100%
rename from Windows/Certs/Macao_Post_eSignTrust_Root_Certification_Authority_G02.crt
rename to Windows/Certs/Online/Macao_Post_eSignTrust_Root_Certification_Authority_G02.crt
diff --git a/Windows/Certs/SRCA.crt b/Windows/Certs/Online/SRCA.crt
similarity index 100%
rename from Windows/Certs/SRCA.crt
rename to Windows/Certs/Online/SRCA.crt
diff --git a/Windows/Certs/Online/Superfish_Inc.crt b/Windows/Certs/Online/Superfish_Inc.crt
new file mode 100644
index 0000000000000000000000000000000000000000..275b6f5bef5f6f3b7dd1302a71b04df3033fe7ba
--- /dev/null
+++ b/Windows/Certs/Online/Superfish_Inc.crt
@@ -0,0 +1,35 @@
+-----BEGIN CERTIFICATE-----
+MIIC9TCCAl6gAwIBAgIJANL8E4epRNznMA0GCSqGSIb3DQEBBQUAMFsxGDAWBgNV
+BAoTD1N1cGVyZmlzaCwgSW5jLjELMAkGA1UEBxMCU0YxCzAJBgNVBAgTAkNBMQsw
+CQYDVQQGEwJVUzEYMBYGA1UEAxMPU3VwZXJmaXNoLCBJbmMuMB4XDTE0MDUxMjE2
+MjUyNloXDTM0MDUwNzE2MjUyNlowWzEYMBYGA1UEChMPU3VwZXJmaXNoLCBJbmMu
+MQswCQYDVQQHEwJTRjELMAkGA1UECBMCQ0ExCzAJBgNVBAYTAlVTMRgwFgYDVQQD
+Ew9TdXBlcmZpc2gsIEluYy4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOjz
+Shh2Xxk/sc9Y6X9DBwmVgDXFD/5xMSeBmRImIKXfj2r8QlU57gk4idngNsSsAYJb
+1Tnm+Y8HiN/+7vahFM6pdEXY/fAXVyqC4XouEpNarIrXFWPRt5tVgA9YvBxJ7SBi
+3bZMpTrrHD2g/3pxptMQeDOuS8Ic/ZJKocPnQaQtAgMBAAGjgcAwgb0wDAYDVR0T
+BAUwAwEB/zAdBgNVHQ4EFgQU+5izU38URC7o7tUJml4OVoaoNYgwgY0GA1UdIwSB
+hTCBgoAU+5izU38URC7o7tUJml4OVoaoNYihX6RdMFsxGDAWBgNVBAoTD1N1cGVy
+ZmlzaCwgSW5jLjELMAkGA1UEBxMCU0YxCzAJBgNVBAgTAkNBMQswCQYDVQQGEwJV
+UzEYMBYGA1UEAxMPU3VwZXJmaXNoLCBJbmMuggkA0vwTh6lE3OcwDQYJKoZIhvcN
+AQEFBQADgYEApHyg7ApKx3DEcWjzOyLi3JyN0JL+c35yK1VEmxu0Qusfr76645Oj
+1IsYwpTws6a9ZTRMzST4GQvFFQra81eLqYbPbMPuhC+FCxkUF5i0DNSWi+kczJXJ
+TtCqSwGl9t9JEoFqvtW+znZ9TqyLiOMw7TGEUI+88VAqW0qmXnwPcfo=
+-----END CERTIFICATE-----
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIDHHhyAEZQoICAggA
+MBQGCCqGSIb3DQMHBAiHEg+MCYQ30ASCAoDEvGvFRHvtWOb5Rc0f3lbVKqeUvWSz
+xQn+rZELHnwb6baolmbFcsi6XkacVzL/EF7Ll4de/CSQ6pZZCCvfDzov0mPOuGve
+SAe7hbAcol7+JWVfzbnVTblPf0i7mwSvK61cKq7YfcKJ2os/uJGpeX9zraywWyFx
+f+EdTr348dOez8uHkURyY1cvSHsIdITALkChOonAYT68SVighTeB6xOCwfmsHx+X
+3Qbhom2YCIxfJiaAoz2/LndCpDaEfOrVrxXFOKXrIbmeDEyjDQj16AVni9uuaj7l
+NiO3zrrqxsfdVINPaAYRKQnS102jXqkH01z72c/MpMMC6dwZswF5V3R7RSXngyBn
+1GLxVFHKR753Gt0IDag13Bd8Jt890/v0tE0Kx66jCkRGn+VCq6+bsnh7VpTH/cG5
+dlFnv56lv2leknu5ghdJHX8YQ6HjnioaaheLA+ORAxqAlD8Itt1/pRBOOMSkutdz
+d1px9dB2ZBpSoRAOcBwU5aFaw9uu+tXyzrPM3tZomu8ryQYMNlmVgPNDJOz6jPJi
+jaZHWTS7U6j370oH/B0KTUG/ybrJGFnOmPP4h2u/ugG75EkfotURsvbrWuetQhOi
+TCH+9nbIcT3pxnTXqI2IRHZXMturQ+6fqlJF3bb9bWarMBuC3KgprqyqXxeM0Sqg
+VlyKLWwAuMf2Ec7t7ujqaNmVgv6bpwHEbR6njIi7lC7j4w6D2YQ8vacgvS3MB/K0
+SX54HNVBVuXhAixPtYJ6tOBGm7QFAKaXju0PJ+AljnMEsHRekOs2u42OHBXEWDE8
+VHw7/lTXWsJkBcQM+g/svyqV4xKHDAixPms2SUwJyKjvEgV+CQok4F/T
+-----END ENCRYPTED PRIVATE KEY-----
diff --git a/Windows/Certs/TWCA_Global_Root_CA.crt b/Windows/Certs/Online/TWCA_Global_Root_CA.crt
similarity index 100%
rename from Windows/Certs/TWCA_Global_Root_CA.crt
rename to Windows/Certs/Online/TWCA_Global_Root_CA.crt
diff --git a/Windows/Certs/TWCA_Root_Certification_Authority_1.crt b/Windows/Certs/Online/TWCA_Root_Certification_Authority_1.crt
similarity index 100%
rename from Windows/Certs/TWCA_Root_Certification_Authority_1.crt
rename to Windows/Certs/Online/TWCA_Root_Certification_Authority_1.crt
diff --git a/Windows/Certs/TWCA_Root_Certification_Authority_2.crt b/Windows/Certs/Online/TWCA_Root_Certification_Authority_2.crt
similarity index 100%
rename from Windows/Certs/TWCA_Root_Certification_Authority_2.crt
rename to Windows/Certs/Online/TWCA_Root_Certification_Authority_2.crt
diff --git a/Windows/Certs/TWCA_Secure_CA_Baltimore.crt b/Windows/Certs/Online/TWCA_Secure_CA_Baltimore.crt
similarity index 100%
rename from Windows/Certs/TWCA_Secure_CA_Baltimore.crt
rename to Windows/Certs/Online/TWCA_Secure_CA_Baltimore.crt
diff --git a/Windows/Certs/TWCA_Secure_Certification_Authority_USERTrust.crt b/Windows/Certs/Online/TWCA_Secure_Certification_Authority_USERTrust.crt
similarity index 100%
rename from Windows/Certs/TWCA_Secure_Certification_Authority_USERTrust.crt
rename to Windows/Certs/Online/TWCA_Secure_Certification_Authority_USERTrust.crt
diff --git a/Windows/Certs/TaiCA_Secure_CA_GTE.crt b/Windows/Certs/Online/TaiCA_Secure_CA_GTE.crt
similarity index 100%
rename from Windows/Certs/TaiCA_Secure_CA_GTE.crt
rename to Windows/Certs/Online/TaiCA_Secure_CA_GTE.crt
diff --git a/Windows/Certs/UCA_Extended_Validation_Root.crt b/Windows/Certs/Online/UCA_Extended_Validation_Root.crt
similarity index 100%
rename from Windows/Certs/UCA_Extended_Validation_Root.crt
rename to Windows/Certs/Online/UCA_Extended_Validation_Root.crt
diff --git a/Windows/Certs/UCA_Global_Root.crt b/Windows/Certs/Online/UCA_Global_Root.crt
similarity index 100%
rename from Windows/Certs/UCA_Global_Root.crt
rename to Windows/Certs/Online/UCA_Global_Root.crt
diff --git a/Windows/Certs/UCA_Root_200101.crt b/Windows/Certs/Online/UCA_Root_200101.crt
similarity index 100%
rename from Windows/Certs/UCA_Root_200101.crt
rename to Windows/Certs/Online/UCA_Root_200101.crt
diff --git a/Windows/Certs/UCA_Root_200401.crt b/Windows/Certs/Online/UCA_Root_200401.crt
similarity index 100%
rename from Windows/Certs/UCA_Root_200401.crt
rename to Windows/Certs/Online/UCA_Root_200401.crt
diff --git a/Windows/Certs/WoSign_Client_Authority_USERTrust.crt b/Windows/Certs/Online/WoSign_Client_Authority_USERTrust.crt
similarity index 100%
rename from Windows/Certs/WoSign_Client_Authority_USERTrust.crt
rename to Windows/Certs/Online/WoSign_Client_Authority_USERTrust.crt
diff --git a/Windows/Certs/WoSign_Premium_Server_Authority_USERTrust.crt b/Windows/Certs/Online/WoSign_Premium_Server_Authority_USERTrust.crt
similarity index 100%
rename from Windows/Certs/WoSign_Premium_Server_Authority_USERTrust.crt
rename to Windows/Certs/Online/WoSign_Premium_Server_Authority_USERTrust.crt
diff --git a/Windows/Certs/WoSign_SGC_Server_Authority_USERTrust.crt b/Windows/Certs/Online/WoSign_SGC_Server_Authority_USERTrust.crt
similarity index 100%
rename from Windows/Certs/WoSign_SGC_Server_Authority_USERTrust.crt
rename to Windows/Certs/Online/WoSign_SGC_Server_Authority_USERTrust.crt
diff --git a/Windows/Certs/WoSign_Server_Authority_USERTrust.crt b/Windows/Certs/Online/WoSign_Server_Authority_USERTrust.crt
similarity index 100%
rename from Windows/Certs/WoSign_Server_Authority_USERTrust.crt
rename to Windows/Certs/Online/WoSign_Server_Authority_USERTrust.crt
diff --git a/Windows/Certs/WoTrust_Client_Authority_USERTrust.crt b/Windows/Certs/Online/WoTrust_Client_Authority_USERTrust.crt
similarity index 100%
rename from Windows/Certs/WoTrust_Client_Authority_USERTrust.crt
rename to Windows/Certs/Online/WoTrust_Client_Authority_USERTrust.crt
diff --git a/Windows/Certs/WoTrust_Premium_Server_Authority_USERTrust.crt b/Windows/Certs/Online/WoTrust_Premium_Server_Authority_USERTrust.crt
similarity index 100%
rename from Windows/Certs/WoTrust_Premium_Server_Authority_USERTrust.crt
rename to Windows/Certs/Online/WoTrust_Premium_Server_Authority_USERTrust.crt
diff --git a/Windows/Certs/WoTrust_SGC_Server_Authority_USERTrust.crt b/Windows/Certs/Online/WoTrust_SGC_Server_Authority_USERTrust.crt
similarity index 100%
rename from Windows/Certs/WoTrust_SGC_Server_Authority_USERTrust.crt
rename to Windows/Certs/Online/WoTrust_SGC_Server_Authority_USERTrust.crt
diff --git a/Windows/Certs/WoTrust_Server_Authority_USERTrust.crt b/Windows/Certs/Online/WoTrust_Server_Authority_USERTrust.crt
similarity index 100%
rename from Windows/Certs/WoTrust_Server_Authority_USERTrust.crt
rename to Windows/Certs/Online/WoTrust_Server_Authority_USERTrust.crt
diff --git a/Windows/Certs/Online/[Fake]AnyHotmailCom_201501.crt b/Windows/Certs/Online/[Fake]AnyHotmailCom_201501.crt
new file mode 100644
index 0000000000000000000000000000000000000000..83bf5431fc67fef554e98c502aa759738d824ca2
--- /dev/null
+++ b/Windows/Certs/Online/[Fake]AnyHotmailCom_201501.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBtDCCAR2gAwIBAgIRAKQP1V4qFDQzI6jUB6IlWugwDQYJKoZIhvcNAQEFBQAw
+GDEWMBQGA1UEAwwNKi5ob3RtYWlsLmNvbTAeFw0xNTAxMTUxNjAwMDBaFw0xNTA3
+MTUxNjAwMDBaMBgxFjAUBgNVBAMMDSouaG90bWFpbC5jb20wgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAJENNBZyIbjcC5+G0a6k1Ehp4duLKnDv5jo5hR9rJtvV
+MkrDEiLLq8wBfrjqdgF2vPbIOh5LsCkcp9xXB+tzVrIDGDp0MgR/LI3NIiqVE/Gs
+cRf1jTCqmBmjrdQO4la2xJc1YUid7FXLFgDzrw3PifmSf0ZOWiFIdzh2ytfLMCzR
+AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAeuJehM98jXYGi+ImGUO3XnpIKqbUdzTw
+OkL/uQsXAmgEax6K14NmpZ41xh/h0DuU7OKA19aauZbgo/OtyDxXbd6cxIVxvz+B
+GKLBCz/vreIFHItwnUyPvV6BOPiz7HbCQ3UO2bhMnWtpP5dMZD3A34tXKMU0AUHy
+bT6TDKc5BaE=
+-----END CERTIFICATE-----
diff --git a/Windows/Certs/[Fake]GitHubCom_201301.crt b/Windows/Certs/Online/[Fake]GitHubCom_201301.crt
similarity index 100%
rename from Windows/Certs/[Fake]GitHubCom_201301.crt
rename to Windows/Certs/Online/[Fake]GitHubCom_201301.crt
diff --git a/Windows/Certs/[Fake]GoogleCom_201407.crt b/Windows/Certs/Online/[Fake]GoogleCom_201407.crt
similarity index 100%
rename from Windows/Certs/[Fake]GoogleCom_201407.crt
rename to Windows/Certs/Online/[Fake]GoogleCom_201407.crt
diff --git a/Windows/Certs/[Fake]GoogleCom_201409.crt b/Windows/Certs/Online/[Fake]GoogleCom_201409.crt
similarity index 100%
rename from Windows/Certs/[Fake]GoogleCom_201409.crt
rename to Windows/Certs/Online/[Fake]GoogleCom_201409.crt
diff --git a/Windows/Certs/[Fake]HotmaiCom_201410.crt b/Windows/Certs/Online/[Fake]HotmaiCom_201410.crt
similarity index 100%
rename from Windows/Certs/[Fake]HotmaiCom_201410.crt
rename to Windows/Certs/Online/[Fake]HotmaiCom_201410.crt
diff --git a/Windows/Certs/[Fake]WwwFacebookCom_201410.crt b/Windows/Certs/Online/[Fake]WwwFacebookCom_201410.crt
similarity index 100%
rename from Windows/Certs/[Fake]WwwFacebookCom_201410.crt
rename to Windows/Certs/Online/[Fake]WwwFacebookCom_201410.crt
diff --git a/Windows/Certs/[Fake]WwwIcloudCom_201410.crt b/Windows/Certs/Online/[Fake]WwwIcloudCom_201410.crt
similarity index 100%
rename from Windows/Certs/[Fake]WwwIcloudCom_201410.crt
rename to Windows/Certs/Online/[Fake]WwwIcloudCom_201410.crt
diff --git a/Windows/Certs/[Fake]YahooCom_201409.crt b/Windows/Certs/Online/[Fake]YahooCom_201409.crt
similarity index 100%
rename from Windows/Certs/[Fake]YahooCom_201409.crt
rename to Windows/Certs/Online/[Fake]YahooCom_201409.crt
diff --git a/Windows/Certs/[Suspicious]GoAgent_CA.crt b/Windows/Certs/Online/[Suspicious]GoAgent_CA.crt
similarity index 100%
rename from Windows/Certs/[Suspicious]GoAgent_CA.crt
rename to Windows/Certs/Online/[Suspicious]GoAgent_CA.crt
diff --git a/Windows/Certs/[Suspicious]WaccBaiduCom.crt b/Windows/Certs/Online/[Suspicious]WaccBaiduCom.crt
similarity index 100%
rename from Windows/Certs/[Suspicious]WaccBaiduCom.crt
rename to Windows/Certs/Online/[Suspicious]WaccBaiduCom.crt
diff --git a/Windows/Certs/ePKI_Root_Certification_Authority.crt b/Windows/Certs/Online/ePKI_Root_Certification_Authority.crt
similarity index 100%
rename from Windows/Certs/ePKI_Root_Certification_Authority.crt
rename to Windows/Certs/Online/ePKI_Root_Certification_Authority.crt
diff --git a/Windows/ArchiveCerts/Organization/ABC.crt b/Windows/Certs/Organization/ABC.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/ABC.crt
rename to Windows/Certs/Organization/ABC.crt
diff --git a/Windows/ArchiveCerts/Organization/ABC2048.crt b/Windows/Certs/Organization/ABC2048.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/ABC2048.crt
rename to Windows/Certs/Organization/ABC2048.crt
diff --git a/Windows/ArchiveCerts/Organization/ABC_TEST_CA.crt b/Windows/Certs/Organization/ABC_TEST_CA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/ABC_TEST_CA.crt
rename to Windows/Certs/Organization/ABC_TEST_CA.crt
diff --git a/Windows/ArchiveCerts/Organization/ALIPAY_ROOT.crt b/Windows/Certs/Organization/ALIPAY_ROOT.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/ALIPAY_ROOT.crt
rename to Windows/Certs/Organization/ALIPAY_ROOT.crt
diff --git a/Windows/ArchiveCerts/Organization/AlibabaCom_Corporation_Root_CA.crt b/Windows/Certs/Organization/AlibabaCom_Corporation_Root_CA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/AlibabaCom_Corporation_Root_CA.crt
rename to Windows/Certs/Organization/AlibabaCom_Corporation_Root_CA.crt
diff --git a/Windows/ArchiveCerts/Organization/Alipay_Trust_NetWork.crt b/Windows/Certs/Organization/Alipay_Trust_NetWork.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/Alipay_Trust_NetWork.crt
rename to Windows/Certs/Organization/Alipay_Trust_NetWork.crt
diff --git a/Windows/ArchiveCerts/Organization/BOCOMCA.crt b/Windows/Certs/Organization/BOCOMCA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/BOCOMCA.crt
rename to Windows/Certs/Organization/BOCOMCA.crt
diff --git a/Windows/ArchiveCerts/Organization/CCB_CA_ROOT_199906.crt b/Windows/Certs/Organization/CCB_CA_ROOT_199906.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CCB_CA_ROOT_199906.crt
rename to Windows/Certs/Organization/CCB_CA_ROOT_199906.crt
diff --git a/Windows/ArchiveCerts/Organization/CCB_CA_ROOT_200906.crt b/Windows/Certs/Organization/CCB_CA_ROOT_200906.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CCB_CA_ROOT_200906.crt
rename to Windows/Certs/Organization/CCB_CA_ROOT_200906.crt
diff --git a/Windows/ArchiveCerts/Organization/CFCA.crt b/Windows/Certs/Organization/CFCA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CFCA.crt
rename to Windows/Certs/Organization/CFCA.crt
diff --git a/Windows/ArchiveCerts/Organization/CFCA_CS_CA.crt b/Windows/Certs/Organization/CFCA_CS_CA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CFCA_CS_CA.crt
rename to Windows/Certs/Organization/CFCA_CS_CA.crt
diff --git a/Windows/ArchiveCerts/Organization/CFCA_CS_SM2_CA.crt b/Windows/Certs/Organization/CFCA_CS_SM2_CA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CFCA_CS_SM2_CA.crt
rename to Windows/Certs/Organization/CFCA_CS_SM2_CA.crt
diff --git a/Windows/ArchiveCerts/Organization/CFCA_CS_TEST_CA.crt b/Windows/Certs/Organization/CFCA_CS_TEST_CA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CFCA_CS_TEST_CA.crt
rename to Windows/Certs/Organization/CFCA_CS_TEST_CA.crt
diff --git a/Windows/ArchiveCerts/Organization/CFCA_CS_TEST_SM2_CA.crt b/Windows/Certs/Organization/CFCA_CS_TEST_SM2_CA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CFCA_CS_TEST_SM2_CA.crt
rename to Windows/Certs/Organization/CFCA_CS_TEST_SM2_CA.crt
diff --git a/Windows/ArchiveCerts/Organization/CFCA_EV_SM2_ROOT.crt b/Windows/Certs/Organization/CFCA_EV_SM2_ROOT.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CFCA_EV_SM2_ROOT.crt
rename to Windows/Certs/Organization/CFCA_EV_SM2_ROOT.crt
diff --git a/Windows/ArchiveCerts/Organization/CFCA_GT_SM2_CA.crt b/Windows/Certs/Organization/CFCA_GT_SM2_CA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CFCA_GT_SM2_CA.crt
rename to Windows/Certs/Organization/CFCA_GT_SM2_CA.crt
diff --git a/Windows/ArchiveCerts/Organization/CFCA_Operation_CA3.crt b/Windows/Certs/Organization/CFCA_Operation_CA3.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CFCA_Operation_CA3.crt
rename to Windows/Certs/Organization/CFCA_Operation_CA3.crt
diff --git a/Windows/ArchiveCerts/Organization/CFCA_RCA.crt b/Windows/Certs/Organization/CFCA_RCA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CFCA_RCA.crt
rename to Windows/Certs/Organization/CFCA_RCA.crt
diff --git a/Windows/ArchiveCerts/Organization/CFCA_RSA_RCA.crt b/Windows/Certs/Organization/CFCA_RSA_RCA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CFCA_RSA_RCA.crt
rename to Windows/Certs/Organization/CFCA_RSA_RCA.crt
diff --git a/Windows/ArchiveCerts/Organization/CFCA_Root_CA.crt b/Windows/Certs/Organization/CFCA_Root_CA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CFCA_Root_CA.crt
rename to Windows/Certs/Organization/CFCA_Root_CA.crt
diff --git a/Windows/ArchiveCerts/Organization/CFCA_SM2_RCA.crt b/Windows/Certs/Organization/CFCA_SM2_RCA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/CFCA_SM2_RCA.crt
rename to Windows/Certs/Organization/CFCA_SM2_RCA.crt
diff --git a/Windows/ArchiveCerts/Organization/China_Trust_Network_1.crt b/Windows/Certs/Organization/China_Trust_Network_1.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/China_Trust_Network_1.crt
rename to Windows/Certs/Organization/China_Trust_Network_1.crt
diff --git a/Windows/ArchiveCerts/Organization/China_Trust_Network_2.crt b/Windows/Certs/Organization/China_Trust_Network_2.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/China_Trust_Network_2.crt
rename to Windows/Certs/Organization/China_Trust_Network_2.crt
diff --git a/Windows/ArchiveCerts/Organization/China_Trust_Network_3.crt b/Windows/Certs/Organization/China_Trust_Network_3.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/China_Trust_Network_3.crt
rename to Windows/Certs/Organization/China_Trust_Network_3.crt
diff --git a/Windows/ArchiveCerts/Organization/ICBC.crt b/Windows/Certs/Organization/ICBC.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/ICBC.crt
rename to Windows/Certs/Organization/ICBC.crt
diff --git a/Windows/ArchiveCerts/Organization/ICBC_Root_CA.crt b/Windows/Certs/Organization/ICBC_Root_CA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/ICBC_Root_CA.crt
rename to Windows/Certs/Organization/ICBC_Root_CA.crt
diff --git a/Windows/ArchiveCerts/Organization/IcbcCA.crt b/Windows/Certs/Organization/IcbcCA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/IcbcCA.crt
rename to Windows/Certs/Organization/IcbcCA.crt
diff --git a/Windows/ArchiveCerts/Organization/Personal_ICBC_CA.crt b/Windows/Certs/Organization/Personal_ICBC_CA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/Personal_ICBC_CA.crt
rename to Windows/Certs/Organization/Personal_ICBC_CA.crt
diff --git a/Windows/ArchiveCerts/Organization/ROOTCA_NRCAC.crt b/Windows/Certs/Organization/ROOTCA_NRCAC.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/ROOTCA_NRCAC.crt
rename to Windows/Certs/Organization/ROOTCA_NRCAC.crt
diff --git a/Windows/ArchiveCerts/Organization/ROOTCA_OSCCA.crt b/Windows/Certs/Organization/ROOTCA_OSCCA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/ROOTCA_OSCCA.crt
rename to Windows/Certs/Organization/ROOTCA_OSCCA.crt
diff --git a/Windows/ArchiveCerts/Organization/SZCA.crt b/Windows/Certs/Organization/SZCA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/SZCA.crt
rename to Windows/Certs/Organization/SZCA.crt
diff --git a/Windows/ArchiveCerts/Organization/SZCA_200307.crt b/Windows/Certs/Organization/SZCA_200307.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/SZCA_200307.crt
rename to Windows/Certs/Organization/SZCA_200307.crt
diff --git a/Windows/ArchiveCerts/Organization/TenpayCom_Root_CA.crt b/Windows/Certs/Organization/TenpayCom_Root_CA.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/TenpayCom_Root_CA.crt
rename to Windows/Certs/Organization/TenpayCom_Root_CA.crt
diff --git a/Windows/ArchiveCerts/Organization/iTruschina_CN_Root_CA_1.crt b/Windows/Certs/Organization/iTruschina_CN_Root_CA_1.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/iTruschina_CN_Root_CA_1.crt
rename to Windows/Certs/Organization/iTruschina_CN_Root_CA_1.crt
diff --git a/Windows/ArchiveCerts/Organization/iTruschina_CN_Root_CA_2.crt b/Windows/Certs/Organization/iTruschina_CN_Root_CA_2.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/iTruschina_CN_Root_CA_2.crt
rename to Windows/Certs/Organization/iTruschina_CN_Root_CA_2.crt
diff --git a/Windows/ArchiveCerts/Organization/iTruschina_CN_Root_CA_3.crt b/Windows/Certs/Organization/iTruschina_CN_Root_CA_3.crt
similarity index 100%
rename from Windows/ArchiveCerts/Organization/iTruschina_CN_Root_CA_3.crt
rename to Windows/Certs/Organization/iTruschina_CN_Root_CA_3.crt
diff --git a/Windows/RevokeChinaCerts_Base.bat b/Windows/RevokeChinaCerts_Base.bat
deleted file mode 100644
index ece4b9bf7a09e78e4dd978faea47dd8c57c78bf5..0000000000000000000000000000000000000000
--- a/Windows/RevokeChinaCerts_Base.bat
+++ /dev/null
@@ -1,108 +0,0 @@
-:: RevokeChinaCerts Base batch
-:: Revoke China Certificates.
-::
-:: Author: JayXon, Chengr28
-::
-
-@echo off
-
-:: Permission check
-:: Administrator permissions are not necessary(2014-09-21)
-::if "%PROCESSOR_ARCHITECTURE%" == "AMD64" (set SystemPath = %SystemRoot%\SysWOW64) else (set SystemPath = %SystemRoot%\system32)
-::rd "%SystemPath%\Test_Permissions" > nul 2 > nul
-::md "%SystemPath%\Test_Permissions" 2 > nul || (echo Require Administrator Permission. && pause > nul && Exit)
-::rd "%SystemPath%\Test_Permissions" > nul 2 > nul
-::del /f /q %SystemPath%\TestPermission.log
-::echo "Permission check." >> %SystemPath%\TestPermission.log
-::if not exist %SystemPath%\TestPermission.log (echo Require Administrator Permission. && pause > nul && Exit)
-::del /f /q %SystemPath%\TestPermission.log
-cd /d %~dp0
-
-:: Update certificates list of system.
-"%~dp0\Tools\RootSUPD_201403_x86"
-
-:: Architecture check
-set CertMgr="%~dp0\Tools\CertMgr"
-if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%~dp0\Tools\CertMgr_x86"
-
-:: Delete certificates(Base part)
-:: Fake GitHub.Com(2013-01-25)
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r localMachine Root
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r CurrentUser AuthRoot
-:: Fake Google.Com(2014-07-24)
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r localMachine Root
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r CurrentUser AuthRoot
-:: Fake Google.Com(2014-09-18) [YFdyh000]
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r localMachine Root
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r CurrentUser AuthRoot
-:: Fake Yahoo.Com(2014-09-30)
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r localMachine Root
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r CurrentUser AuthRoot
-:: Fake Hotmai.Com(2014-10-02)
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r localMachine Root
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r CurrentUser AuthRoot
-:: Fake Www.Facebook.Com(2014-10-08) [Yiwen Zhang]
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r localMachine Root
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r CurrentUser AuthRoot
-:: Fake Www.Icound.Com(2014-10-04) [YFdyh000]
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r localMachine Root
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r CurrentUser AuthRoot
-:: CNNIC ROOT
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r localMachine Root
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r CurrentUser AuthRoot
-:: China Internet Network Information Center EV Certificates Root
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r localMachine Root
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r CurrentUser AuthRoot
-:: CNNIC SSL(Entrust)
-%CertMgr% -del -c -sha1 6856BB1A6C4F76DACA362187CC2CCD484EDDC25D -s -r localMachine CA
-%CertMgr% -del -c -sha1 6856BB1A6C4F76DACA362187CC2CCD484EDDC25D -s -r CurrentUser CA
-:: Baidu WACC service [SCFWSE]
-%CertMgr% -del -c -sha1 561422647B89BE22F203EBCAEF52B5007227510A -s -r localMachine CA
-%CertMgr% -del -c -sha1 561422647B89BE22F203EBCAEF52B5007227510A -s -r CurrentUser CA
-:: GiantRootCA
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r localMachine Root
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r CurrentUser AuthRoot
-
-@echo.
-
-:: Add certificates to CRL(Base part)
-%CertMgr% -add -c "%~dp0\Certs\[Fake]GitHubCom_201301.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]GoogleCom_201407.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]GoogleCom_201409.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]YahooCom_201409.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]HotmaiCom_201410.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]WwwFacebookCom_201410.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]WwwIcloudCom_201410.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\CNNIC_ROOT.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\China_Internet_Network_Information_Center_EV_Certificates_Root.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\CNNIC_SSL_Entrust.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Suspicious]WaccBaiduCom.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\GiantRootCA.crt" -s Disallowed
-
-:: Print to screen.
-::Exit
-@echo.
-@echo RevokeChinaCerts Base version
-@echo Done. Please confirm the messages on screen.
-@echo.
-@pause
diff --git a/Windows/RevokeChinaCerts_CodeSigning.bat b/Windows/RevokeChinaCerts_CodeSigning.bat
new file mode 100644
index 0000000000000000000000000000000000000000..fcb142c58d93da5b0c50521ddbb4fa52d4f49837
--- /dev/null
+++ b/Windows/RevokeChinaCerts_CodeSigning.bat
@@ -0,0 +1,323 @@
+:: RevokeChinaCerts CodeSigning batch
+:: Revoke China Certificates.
+::
+:: Author: Chengr28
+::
+
+@echo off
+
+
+:: Locate folder, architecture check and choice
+cd /d %~dp0
+set CertMgr="%cd%\Tools\CertMgr"
+if %PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432% EQU x86 set CertMgr="%cd%\Tools\CertMgr_x86"
+set Folder=%cd%\Certs\CodeSigning
+set /a SetForce = 0
+set SetForceAppender="%cd%\Tools\SoftCertPolicyAppender\SoftCertPolicyAppender"
+@echo RevokeChinaCerts CodeSigning batch
+@echo.
+@echo Do you want to set force cetificates policy? [Y/N]
+@echo Setting force need Administrator permissions and Microsoft .NET Framework 4.0!
+set /p UserChoice="Choose: "
+if /i %UserChoice% EQU Y (set /a SetForce=1)
+@echo.
+@echo 1: Revoke CodeSigning cetificates
+@echo 2: Revoke CodeSigning cetificates(Choice version)
+@echo 3: Restore all CodeSigning revoking
+@echo.
+set /p UserChoice="Choose: "
+set UserChoice=CASE_%UserChoice%
+cls
+goto %UserChoice%
+
+
+:: All version
+:CASE_1
+:: WoSign Code Signing Authority(UTN-USERFirst-Object)
+%CertMgr% -add -c "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed
+:: WoTrust Code Signing Authority(UTN-USERFirst-Object)
+%CertMgr% -add -c "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed
+:: 91.Com
+%CertMgr% -add -c "%Folder%\91Com.crt" -s Disallowed
+:: Baidu (China) Co., Ltd.
+%CertMgr% -add -c "%Folder%\Baidu_China_CoLtd.crt" -s Disallowed
+:: Beijing baidu Netcom science and technology co.ltd
+%CertMgr% -add -c "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt" -s Disallowed
+:: Beijing Baofeng Technology Co., Ltd.
+%CertMgr% -add -c "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" -s Disallowed
+:: Beijing Funshion Online Technologies Ltd.
+%CertMgr% -add -c "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" -s Disallowed
+:: Beijing Kingsoft Security software Co.,Ltd(2011-12-26)
+%CertMgr% -add -c "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201112.crt" -s Disallowed
+:: Beijing Kingsoft Security software Co.,Ltd(2014-12-29)
+%CertMgr% -add -c "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201412.crt" -s Disallowed
+:: BEIJING KUWO TECHNOLOGY CO.,LTD.
+%CertMgr% -add -c "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" -s Disallowed
+:: BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.
+%CertMgr% -add -c "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt" -s Disallowed
+:: Beijing Rising Information Technology Corporation Limited
+%CertMgr% -add -c "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt" -s Disallowed
+:: Beijing Sohu New Media Information Technology Co., Ltd.
+%CertMgr% -add -c "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt" -s Disallowed
+:: Guangzhou Tieren Network Technology Co.,Ltd.
+%CertMgr% -add -c "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt" -s Disallowed
+:: Kingsoft Security Co.,Ltd
+%CertMgr% -add -c "%Folder%\Kingsoft_Security_CoLtd.crt" -s Disallowed
+:: LE SHI INTERNET INFORMATION TECHNOLOGY CORP.,BEI JING
+%CertMgr% -add -c "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" -s Disallowed
+:: Maxthon (Asia) Limited
+%CertMgr% -add -c "%Folder%\Maxthon_Asia_Limited.crt" -s Disallowed
+:: Meitu.Com(2012-12-18)
+%CertMgr% -add -c "%Folder%\MeituCom_201212.crt" -s Disallowed
+:: Meitu.Com(2014-11-20)
+%CertMgr% -add -c "%Folder%\MeituCom_201411.crt" -s Disallowed
+:: NetEase(Hangzhou) Network Co. Ltd.
+%CertMgr% -add -c "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" -s Disallowed
+:: PPLive Corporation
+%CertMgr% -add -c "%Folder%\PPLive_Corporation.crt" -s Disallowed
+:: Qihoo 360 Software Beijing Company Limited
+%CertMgr% -add -c "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt" -s Disallowed
+:: Shanghai Quan Tudou Network Technology Co., Ltd.
+%CertMgr% -add -c "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt" -s Disallowed
+:: ShenZhen Xunlei Networking Technologies Ltd.
+%CertMgr% -add -c "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" -s Disallowed
+:: TAOBAO (CHINA) SOFTWARE CO.,LTD.
+%CertMgr% -add -c "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" -s Disallowed
+:: Tencent Technology Shenzhen Company Limited(2010-01-26)
+%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" -s Disallowed
+:: Tencent Technology Shenzhen Company Limited(2013-01-17)
+%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201301.crt" -s Disallowed
+:: UC Mobile Limited
+%CertMgr% -add -c "%Folder%\UC_Mobile_Limited.crt" -s Disallowed
+:: Wandou Technology Ltd
+%CertMgr% -add -c "%Folder%\Wandou_Technology_Ltd.crt" -s Disallowed
+:: Xiamen Yitianxia Network Technology Co., Ltd
+%CertMgr% -add -c "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt" -s Disallowed
+:: Xiami.Com
+%CertMgr% -add -c "%Folder%\XiamiCom.crt" -s Disallowed
+:: Ylmf.Com
+%CertMgr% -add -c "%Folder%\YlmfCom.crt" -s Disallowed
+:: YY Inc
+%CertMgr% -add -c "%Folder%\YY_Inc.crt" -s Disallowed
+:: Set force
+@echo.
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" "%Folder%\91Com.crt" "%Folder%\Baidu_China_CoLtd.crt" "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt" "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201112.crt" "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201412.crt" "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt" "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt" "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt" "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt" "%Folder%\Kingsoft_Security_CoLtd.crt" "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" "%Folder%\Maxthon_Asia_Limited.crt" "%Folder%\MeituCom_201212.crt" "%Folder%\MeituCom_201411.crt" "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" "%Folder%\PPLive_Corporation.crt" "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt" "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt" "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201301.crt" "%Folder%\UC_Mobile_Limited.crt" "%Folder%\Wandou_Technology_Ltd.crt" "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt" "%Folder%\XiamiCom.crt" "%Folder%\YlmfCom.crt" "%Folder%\YY_Inc.crt")
+goto EXIT
+
+
+:: Choice version
+:CASE_2
+set /p UserChoice="Revoke WoSign Code Signing Authority(UTN-USERFirst-Object)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt"))
+@echo.
+set /p UserChoice="Revoke WoTrust Code Signing Authority(UTN-USERFirst-Object)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt"))
+@echo.
+set /p UserChoice="Revoke 91.Com? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\91Com.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\91Com.crt"))
+@echo.
+set /p UserChoice="Revoke Baidu (China) Co., Ltd.? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Baidu_China_CoLtd.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Baidu_China_CoLtd.crt"))
+@echo.
+set /p UserChoice="Revoke Beijing baidu Netcom science and technology co.ltd? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt"))
+@echo.
+set /p UserChoice="Revoke Beijing Baofeng Technology Co., Ltd.? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt"))
+@echo.
+set /p UserChoice="Revoke Beijing Funshion Online Technologies Ltd.? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt"))
+@echo.
+set /p UserChoice="Revoke Beijing Kingsoft Security software Co.,Ltd(2011-12-26)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201112.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201112.crt"))
+@echo.
+set /p UserChoice="Revoke Beijing Kingsoft Security software Co.,Ltd(2014-12-29)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201412.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201412.crt"))
+@echo.
+set /p UserChoice="Revoke BEIJING KUWO TECHNOLOGY CO.,LTD.? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt"))
+@echo.
+set /p UserChoice="Revoke BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt"))
+@echo.
+set /p UserChoice="Revoke Beijing Rising Information Technology Corporation Limited? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt"))
+@echo.
+set /p UserChoice="Revoke Beijing Sohu New Media Information Technology Co., Ltd.? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt"))
+@echo.
+set /p UserChoice="Revoke Guangzhou Tieren Network Technology Co.,Ltd.? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt"))
+@echo.
+set /p UserChoice="Revoke Kingsoft Security Co.,Ltd? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Kingsoft_Security_CoLtd.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Kingsoft_Security_CoLtd.crt"))
+@echo.
+set /p UserChoice="Revoke LE SHI INTERNET INFORMATION TECHNOLOGY CORP.,BEI JING? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt"))
+@echo.
+set /p UserChoice="Revoke Maxthon (Asia) Limited? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Maxthon_Asia_Limited.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Maxthon_Asia_Limited.crt"))
+@echo.
+set /p UserChoice="Revoke Meitu.Com(2012-12-18)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\MeituCom_201212.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\MeituCom_201212.crt"))
+@echo.
+set /p UserChoice="Revoke Meitu.Com(2014-11-20)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\MeituCom_201411.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\MeituCom_201411.crt"))
+@echo.
+set /p UserChoice="Revoke NetEase(Hangzhou) Network Co. Ltd.? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt"))
+@echo.
+set /p UserChoice="Revoke PPLive Corporation? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\PPLive_Corporation.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\PPLive_Corporation.crt"))
+@echo.
+set /p UserChoice="Revoke Qihoo 360 Software Beijing Company Limited? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt"))
+@echo.
+set /p UserChoice="Revoke Shanghai Quan Tudou Network Technology Co., Ltd.? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt"))
+@echo.
+set /p UserChoice="Revoke ShenZhen Xunlei Networking Technologies Ltd.? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt"))
+@echo.
+set /p UserChoice="Revoke TAOBAO (CHINA) SOFTWARE CO.,LTD.? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt"))
+@echo.
+set /p UserChoice="Revoke Tencent Technology Shenzhen Company Limited(2010-01-26)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt"))
+@echo.
+set /p UserChoice="Revoke Tencent Technology Shenzhen Company Limited(2013-01-17)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201301.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201301.crt"))
+@echo.
+set /p UserChoice="Revoke UC Mobile Limited? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\UC_Mobile_Limited.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\UC_Mobile_Limited.crt"))
+@echo.
+set /p UserChoice="Revoke Wandou Technology Ltd? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Wandou_Technology_Ltd.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Wandou_Technology_Ltd.crt"))
+@echo.
+set /p UserChoice="Revoke Xiamen Yitianxia Network Technology Co., Ltd? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt"))
+@echo.
+set /p UserChoice="Revoke Xiami.Com? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\XiamiCom.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\XiamiCom.crt"))
+@echo.
+set /p UserChoice="Revoke Ylmf.Com? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\YlmfCom.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\YlmfCom.crt"))
+@echo.
+set /p UserChoice="Revoke YY Inc? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\YY_Inc.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\YY_Inc.crt"))
+goto EXIT
+
+
+:: Restore certificates
+:CASE_3
+:: WoSign Code Signing Authority(UTN-USERFirst-Object)
+%CertMgr% -del -c -sha1 EA36152981E296F9763E1DC74B3262D3928563F8 -s Disallowed
+:: WoTrust Code Signing Authority(UTN-USERFirst-Object)
+%CertMgr% -del -c -sha1 B28CCC46D234A7D7CF7F21CCB9406F48A5273CC6 -s Disallowed
+:: 91.Com
+%CertMgr% -del -c -sha1 E87D1C1D3FE2BCA700EB7B8DC0E45B97EAF19405 -s Disallowed
+:: Baidu (China) Co., Ltd.
+%CertMgr% -del -c -sha1 A34B70840C2B6F718877DDB1C2DE2C27F2C91C43 -s Disallowed
+:: Beijing baidu Netcom science and technology co.ltd
+%CertMgr% -del -c -sha1 D60C12D1FDB9E45551A00C8815CCD486C043945B -s Disallowed
+:: Beijing Baofeng Technology Co., Ltd.
+%CertMgr% -del -c -sha1 CB6F65314E5B25D61304AB2C9C8870B574CC21F5 -s Disallowed
+:: Beijing Funshion Online Technologies Ltd.
+%CertMgr% -del -c -sha1 9AB5445104C6CCE5A22431CF29C4331CBC328A1B -s Disallowed
+:: Beijing Kingsoft Security software Co.,Ltd(2011-01-26)
+%CertMgr% -del -c -sha1 E88DD1ACD2DB3A352072AA49C675F4944A3FEF82 -s Disallowed
+:: Beijing Kingsoft Security software Co.,Ltd(2014-12-29)
+%CertMgr% -del -c -sha1 CC9467907AD45574588F4E16F29CA36D5F78C0F8 -s Disallowed
+:: BEIJING KUWO TECHNOLOGY CO.,LTD.
+%CertMgr% -del -c -sha1 5FFFD1A3EAE5ED74558913C4A8476D1514C6D61F -s Disallowed
+:: BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.
+%CertMgr% -del -c -sha1 5DC57AF121E3101F4BFEA8A22BBDADC0869C80EE -s Disallowed
+:: Beijing Rising Information Technology Corporation Limited
+%CertMgr% -del -c -sha1 D9421BEDD9F5B8A91DD3F8691E7A42D83C983325 -s Disallowed
+:: Beijing Sohu New Media Information Technology Co., Ltd.
+%CertMgr% -del -c -sha1 D1BB252CAC3D250C55978F7EAAF121DA91A17B42 -s Disallowed
+:: Guangzhou Tieren Network Technology Co.,Ltd.
+%CertMgr% -del -c -sha1 2529C0C0D833806AFBFA3C31987C19A18722A2FE -s Disallowed
+:: Kingsoft Security Co.,Ltd
+%CertMgr% -del -c -sha1 2BDEC50B4446652C126709A08248E572B859CCCC -s Disallowed
+:: LE SHI INTERNET INFORMATION TECHNOLOGY CORP.,BEI JING
+%CertMgr% -del -c -sha1 62DF2BC4B5902B52C215C697D06038E3B28CF5D3 -s Disallowed
+:: Maxthon (Asia) Limited
+%CertMgr% -del -c -sha1 1481414E8E87412A00D3341167FE3A92C681B830 -s Disallowed
+:: Meitu.Com(2012-12-18)
+%CertMgr% -del -c -sha1 7B6FAE77BD19FEC5410293344B36124774A6D8F1 -s Disallowed
+:: Meitu.Com(2014-11-20)
+%CertMgr% -del -c -sha1 EBA2ADB1C0B7A61E5BA25B8356387F27049BA1A1 -s Disallowed
+:: NetEase(Hangzhou) Network Co. Ltd.
+%CertMgr% -del -c -sha1 E0387F3AF5752A4620EC617C39153C0E666CF5F8 -s Disallowed
+:: PPLive Corporation
+%CertMgr% -del -c -sha1 5477E38783CD37B1E5729B15D7C0873A2D72DB9D -s Disallowed
+:: Qihoo 360 Software Beijing Company Limited
+%CertMgr% -del -c -sha1 1E5BB77FCB63F26277F95AAE09B852699327A08A -s Disallowed
+:: Shanghai Quan Tudou Network Technology Co., Ltd.
+%CertMgr% -del -c -sha1 935140881F50BDF775D3CEF034C0D21C18FD2567 -s Disallowed
+:: ShenZhen Xunlei Networking Technologies Ltd.
+%CertMgr% -del -c -sha1 4099665730474153EADF671B8B475C03C08A46D0 -s Disallowed
+:: TAOBAO (CHINA) SOFTWARE CO.,LTD.
+%CertMgr% -del -c -sha1 E5777A69CAFD7F7C6F89C5297DD1159C7AE9B881 -s Disallowed
+:: Tencent Technology Shenzhen Company Limited(2010-01-26)
+%CertMgr% -del -c -sha1 8B46390D86B891E5A3D3AAB2B00D6FDB27A0F791 -s Disallowed
+:: Tencent Technology Shenzhen Company Limited(2013-01-17)
+%CertMgr% -del -c -sha1 2FDD445591CD2EEDBEF8B8A281896A59C08B3DC9 -s Disallowed
+:: UC Mobile Limited
+%CertMgr% -del -c -sha1 1540C77B5D19FC5A71A04DB001488E55B45DDC7F -s Disallowed
+:: Wandou Technology Ltd
+%CertMgr% -del -c -sha1 AB09D1AFE555CFC580575F5BC78B16B9F1C4E432 -s Disallowed
+:: Xiamen Yitianxia Network Technology Co., Ltd
+%CertMgr% -del -c -sha1 F49A648C69C2F01A0FDEB3992C5AE0A14D5AD9FC -s Disallowed
+:: Xiami.Com
+%CertMgr% -del -c -sha1 EEC507F719D5BA0CB913F034E045A24A509D8A5F -s Disallowed
+:: Ylmf.Com
+%CertMgr% -del -c -sha1 93A77CA50F165A5873DD3995874867B616AB3644 -s Disallowed
+:: YY Inc
+%CertMgr% -del -c -sha1 B3B89CD7940DC67E4291A3EE767AC17A3BC9E620 -s Disallowed
+:: Unset force
+@echo.
+if %SetForce% EQU 1 (%SetForceAppender% --unset-force "%Folder%\WoSign_Code_Signing_Authority_UTN_USERFirst_Object.crt" "%Folder%\WoTrust_Code_Signing_Authority_UTN_USERFirst_Object.crt" "%Folder%\91Com.crt" "%Folder%\Baidu_China_CoLtd.crt" "%Folder%\Beijing_Baidu_Netcom_Science_And_Technology_CoLtd.crt" "%Folder%\Beijing_Baofeng_Technology_CoLtd.crt" "%Folder%\Beijing_Funshion_Online_Technologies_Ltd.crt" "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201112.crt" "%Folder%\Beijing_Kingsoft_Security_Software_CoLtd_201412.crt" "%Folder%\BEIJING_KUWO_TECHNOLOGY_COLTD.crt" "%Folder%\BEIJING_QIYI_CENTURY_SCIENCE_TECHNOLOGY_COLTD.crt" "%Folder%\Beijing_Rising_Information_Technology_Corporation_Limited.crt" "%Folder%\Beijing_Sohu_New_Media_Information_Technology_CoLtd.crt" "%Folder%\Guangzhou_Tieren_Network_Technology_CoLtd.crt" "%Folder%\Kingsoft_Security_CoLtd.crt" "%Folder%\LE_SHI_INTERNET_INFORMATION_TECHNOLOGY_CORP_BEIJING.crt" "%Folder%\Maxthon_Asia_Limited.crt" "%Folder%\MeituCom_201212.crt" "%Folder%\MeituCom_201411.crt" "%Folder%\NetEase_Hangzhou_Network_CoLtd.crt" "%Folder%\PPLive_Corporation.crt" "%Folder%\Qihoo_360_Software_Beijing_Company_Limited.crt" "%Folder%\Shanghai_Quan_Tudou_Network_Technology_CoLtd.crt" "%Folder%\ShenZhen_Xunlei_Networking_Technologies_Ltd.crt" "%Folder%\TAOBAO_CHINA_SOFTWARE_COLTD.crt" "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201001.crt" "%Folder%\Tencent_Technology_Shenzhen_Company_Limited_201301.crt" "%Folder%\UC_Mobile_Limited.crt" "%Folder%\Wandou_Technology_Ltd.crt" "%Folder%\Xiamen_Yitianxia_Network_Technology_CoLtd.crt" "%Folder%\XiamiCom.crt" "%Folder%\YlmfCom.crt" "%Folder%\YY_Inc.crt")
+
+
+:: Print to screen.
+:EXIT
+@echo.
+@echo RevokeChinaCerts CodeSigning batch
+@echo Done, please confirm the messages on screen.
+@echo.
+@pause
diff --git a/Windows/RevokeChinaCerts_Extended.bat b/Windows/RevokeChinaCerts_Extended.bat
deleted file mode 100644
index c37aad52ace04d3f52273f927c5437e4b4ae6be0..0000000000000000000000000000000000000000
--- a/Windows/RevokeChinaCerts_Extended.bat
+++ /dev/null
@@ -1,173 +0,0 @@
-:: RevokeChinaCerts Extended batch
-:: Revoke China Certificates.
-::
-:: Author: JayXon, Chengr28
-::
-
-@echo off
-
-:: Permission check
-:: Administrator permissions are not necessary(2014-09-21)
-::if "%PROCESSOR_ARCHITECTURE%" == "AMD64" (set SystemPath = %SystemRoot%\SysWOW64) else (set SystemPath = %SystemRoot%\system32)
-::rd "%SystemPath%\Test_Permissions" > nul 2 > nul
-::md "%SystemPath%\Test_Permissions" 2 > nul || (echo Require Administrator Permission. && pause > nul && Exit)
-::rd "%SystemPath%\Test_Permissions" > nul 2 > nul
-::del /f /q %SystemPath%\TestPermission.log
-::echo "Permission check." >> %SystemPath%\TestPermission.log
-::if not exist %SystemPath%\TestPermission.log (echo Require Administrator Permission. && pause > nul && Exit)
-::del /f /q %SystemPath%\TestPermission.log
-cd /d %~dp0
-
-:: Update certificates list of system.
-"%~dp0\Tools\RootSUPD_201403_x86"
-
-:: Architecture check
-set CertMgr="%~dp0\Tools\CertMgr"
-if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%~dp0\Tools\CertMgr_x86"
-
-:: Delete certificates(Base part)
-:: Fake GitHub.Com(2013-01-25)
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r localMachine Root
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r CurrentUser AuthRoot
-:: Fake Google.Com(2014-07-24)
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r localMachine Root
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r CurrentUser AuthRoot
-:: Fake Google.Com(2014-09-18) [YFdyh000]
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r localMachine Root
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r CurrentUser AuthRoot
-:: Fake Yahoo.Com(2014-09-30)
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r localMachine Root
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r CurrentUser AuthRoot
-:: Fake Hotmai.Com(2014-10-02)
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r localMachine Root
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r CurrentUser AuthRoot
-:: Fake Www.Facebook.Com(2014-10-08) [Yiwen Zhang]
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r localMachine Root
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r CurrentUser AuthRoot
-:: Fake Www.Icound.Com(2014-10-04) [YFdyh000]
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r localMachine Root
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r CurrentUser AuthRoot
-:: CNNIC ROOT
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r localMachine Root
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r CurrentUser AuthRoot
-:: China Internet Network Information Center EV Certificates Root
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r localMachine Root
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r CurrentUser AuthRoot
-:: CNNIC SSL(Entrust)
-%CertMgr% -del -c -sha1 6856BB1A6C4F76DACA362187CC2CCD484EDDC25D -s -r localMachine CA
-%CertMgr% -del -c -sha1 6856BB1A6C4F76DACA362187CC2CCD484EDDC25D -s -r CurrentUser CA
-:: Baidu WACC service [SCFWSE]
-%CertMgr% -del -c -sha1 561422647B89BE22F203EBCAEF52B5007227510A -s -r localMachine CA
-%CertMgr% -del -c -sha1 561422647B89BE22F203EBCAEF52B5007227510A -s -r CurrentUser CA
-:: GiantRootCA
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r localMachine Root
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r CurrentUser AuthRoot
-
-:: Delete certificates(Extended part)
-:: CFCA GT CA(2011-06-13)
-%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s -r localMachine Root
-%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s -r CurrentUser AuthRoot
-:: CFCA GT CA(2012-08-21) [YFdyh000]
-%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s -r localMachine Root
-%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s -r CurrentUser AuthRoot
-:: CFCA EV ROOT
-%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s -r localMachine Root
-%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s -r CurrentUser AuthRoot
-:: UCA Global Root
-%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s -r localMachine Root
-%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s -r CurrentUser AuthRoot
-:: UCA Root(2004-01-01)
-%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s -r localMachine Root
-%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s -r CurrentUser AuthRoot
-:: UCA Extended Validation Root
-%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s -r localMachine Root
-%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s -r CurrentUser AuthRoot
-:: UCA ROOT(2001-01-01)
-%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s -r localMachine Root
-%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s -r CurrentUser AuthRoot
-:: GoAgent CA [lenovo-me]
-%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s -r localMachine Root
-%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s -r CurrentUser AuthRoot
-:: SZCA [yfdyh000]
-::%CertMgr% -del -c -sha1 B0049D436F27237EE59C746A1EF3C96A8E1B54AC -s -r localMachine Root
-::%CertMgr% -del -c -sha1 B0049D436F27237EE59C746A1EF3C96A8E1B54AC -s -r localMachine AuthRoot
-::%CertMgr% -del -c -sha1 B0049D436F27237EE59C746A1EF3C96A8E1B54AC -s -r CurrentUser Root
-::%CertMgr% -del -c -sha1 B0049D436F27237EE59C746A1EF3C96A8E1B54AC -s -r CurrentUser AuthRoot
-:: SZCA(2003-07-22) [yfdyh000]
-::%CertMgr% -del -c -sha1 90D7A97592F0A3E2165DE5DA23B57701D74A298D -s -r localMachine Root
-::%CertMgr% -del -c -sha1 90D7A97592F0A3E2165DE5DA23B57701D74A298D -s -r localMachine AuthRoot
-::%CertMgr% -del -c -sha1 90D7A97592F0A3E2165DE5DA23B57701D74A298D -s -r CurrentUser Root
-::%CertMgr% -del -c -sha1 90D7A97592F0A3E2165DE5DA23B57701D74A298D -s -r CurrentUser AuthRoot
-
-@echo.
-
-:: Add certificates to CRL(Base part)
-%CertMgr% -add -c "%~dp0\Certs\[Fake]GitHubCom_201301.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]GoogleCom_201407.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]GoogleCom_201409.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]YahooCom_201409.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]HotmaiCom_201410.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]WwwFacebookCom_201410.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]WwwIcloudCom_201410.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\CNNIC_ROOT.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\China_Internet_Network_Information_Center_EV_Certificates_Root.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\CNNIC_SSL_Entrust.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Suspicious]WaccBaiduCom.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\GiantRootCA.crt" -s Disallowed
-:: Add certificates to CRL(Extended part)
-:: Move to All version.
-:: %CertMgr% -add -c ROOTCA.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\CFCA_GT_CA_201106.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\CFCA_GT_CA_201208.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\CFCA_EV_ROOT.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\UCA_Global_Root.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\UCA_Root_200401.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\UCA_Extended_Validation_Root.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\UCA_ROOT_200101.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Suspicious]GoAgent_CA.crt" -s Disallowed
-::%CertMgr% -add -c "%~dp0\Certs\SZCA.crt" -s Disallowed
-::%CertMgr% -add -c "%~dp0\Certs\SZCA_200307.crt" -s Disallowed
-
-:: Print to screen.
-::Exit
-@echo.
-@echo RevokeChinaCerts Extended version
-@echo Done. Please confirm the messages on screen.
-@echo.
-@pause
diff --git a/Windows/RevokeChinaCerts_All.bat b/Windows/RevokeChinaCerts_Online.bat
similarity index 55%
rename from Windows/RevokeChinaCerts_All.bat
rename to Windows/RevokeChinaCerts_Online.bat
index 5e1aab2f2e2329be665c9bfaa6dce0b00b25cb79..ca5e50661a354010830c5b5b1b7dd2e0ecf85c01 100644
--- a/Windows/RevokeChinaCerts_All.bat
+++ b/Windows/RevokeChinaCerts_Online.bat
@@ -1,4 +1,4 @@
-:: RevokeChinaCerts All batch
+:: RevokeChinaCerts Online batch
:: Revoke China Certificates.
::
:: Author: JayXon, Chengr28
@@ -6,141 +6,28 @@
@echo off
-:: Permission check
-:: Administrator permissions are not necessary(2014-09-21)
-::if "%PROCESSOR_ARCHITECTURE%" == "AMD64" (set SystemPath = %SystemRoot%\SysWOW64) else (set SystemPath = %SystemRoot%\system32)
-::rd "%SystemPath%\Test_Permissions" > nul 2 > nul
-::md "%SystemPath%\Test_Permissions" 2 > nul || (echo Require Administrator Permission. && pause > nul && Exit)
-::rd "%SystemPath%\Test_Permissions" > nul 2 > nul
-::del /f /q %SystemPath%\TestPermission.log
-::echo "Permission check." >> %SystemPath%\TestPermission.log
-::if not exist %SystemPath%\TestPermission.log (echo Require Administrator Permission. && pause > nul && Exit)
-::del /f /q %SystemPath%\TestPermission.log
-cd /d %~dp0
-
-:: Update certificates list of system.
-"%~dp0\Tools\RootSUPD_201403_x86"
-:: Architecture check
+:: Locate folder, architecture check, choice and update certificates
+cd /d %~dp0
set CertMgr="%~dp0\Tools\CertMgr"
-if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%~dp0\Tools\CertMgr_x86"
-
-:: Delete certificates(Base part)
-:: Fake GitHub.Com(2013-01-25)
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r localMachine Root
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r CurrentUser AuthRoot
-:: Fake Google.Com(2014-07-24)
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r localMachine Root
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r CurrentUser AuthRoot
-:: Fake Google.Com(2014-09-18) [YFdyh000]
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r localMachine Root
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r CurrentUser AuthRoot
-:: Fake Yahoo.Com(2014-09-30)
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r localMachine Root
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r CurrentUser AuthRoot
-:: Fake Hotmai.Com(2014-10-02)
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r localMachine Root
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r CurrentUser AuthRoot
-:: Fake Www.Facebook.Com(2014-10-08) [Yiwen Zhang]
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r localMachine Root
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r CurrentUser AuthRoot
-:: Fake Www.Icound.Com(2014-10-04) [YFdyh000]
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r localMachine Root
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r CurrentUser AuthRoot
-:: CNNIC ROOT
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r localMachine Root
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r CurrentUser AuthRoot
-:: China Internet Network Information Center EV Certificates Root
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r localMachine Root
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r CurrentUser AuthRoot
-:: CNNIC SSL(Entrust)
-%CertMgr% -del -c -sha1 6856BB1A6C4F76DACA362187CC2CCD484EDDC25D -s -r localMachine CA
-%CertMgr% -del -c -sha1 6856BB1A6C4F76DACA362187CC2CCD484EDDC25D -s -r CurrentUser CA
-:: Baidu WACC service [SCFWSE]
-%CertMgr% -del -c -sha1 561422647B89BE22F203EBCAEF52B5007227510A -s -r localMachine CA
-%CertMgr% -del -c -sha1 561422647B89BE22F203EBCAEF52B5007227510A -s -r CurrentUser CA
-:: GiantRootCA
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r localMachine Root
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r CurrentUser AuthRoot
+if %PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432% EQU x86 set CertMgr="%~dp0\Tools\CertMgr_x86"
+set Folder=%cd%\Certs\Online
+@echo RevokeChinaCerts Online batch
+@echo.
+@echo 1: Base version
+@echo 2: Extended version
+@echo 3: All version
+@echo 4: Restore all Online revoking
+@echo.
+set /p UserChoice="Choose: "
+if %UserChoice% GTR 0 (if %UserChoice% LEQ 4 ("%~dp0\Tools\RootSUPD_201403_x86"))
+set UserChoice=CASE_%UserChoice%
+cls
+goto %UserChoice%
-:: Delete certificates(Extended part)
-:: CFCA GT CA(2011-06-13)
-%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s -r localMachine Root
-%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s -r CurrentUser AuthRoot
-:: CFCA GT CA(2012-08-21) [YFdyh000]
-%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s -r localMachine Root
-%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s -r CurrentUser AuthRoot
-:: CFCA EV ROOT
-%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s -r localMachine Root
-%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s -r CurrentUser AuthRoot
-:: UCA Global Root
-%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s -r localMachine Root
-%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s -r CurrentUser AuthRoot
-:: UCA Root(2004-01-01)
-%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s -r localMachine Root
-%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s -r CurrentUser AuthRoot
-:: UCA Extended Validation Root
-%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s -r localMachine Root
-%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s -r CurrentUser AuthRoot
-:: UCA ROOT(2001-01-01)
-%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s -r localMachine Root
-%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s -r CurrentUser AuthRoot
-:: GoAgent CA [lenovo-me]
-%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s -r localMachine Root
-%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s -r localMachine AuthRoot
-%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s -r CurrentUser Root
-%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s -r CurrentUser AuthRoot
-:: SZCA [yfdyh000]
-::%CertMgr% -del -c -sha1 B0049D436F27237EE59C746A1EF3C96A8E1B54AC -s -r localMachine Root
-::%CertMgr% -del -c -sha1 B0049D436F27237EE59C746A1EF3C96A8E1B54AC -s -r localMachine AuthRoot
-::%CertMgr% -del -c -sha1 B0049D436F27237EE59C746A1EF3C96A8E1B54AC -s -r CurrentUser Root
-::%CertMgr% -del -c -sha1 B0049D436F27237EE59C746A1EF3C96A8E1B54AC -s -r CurrentUser AuthRoot
-:: SZCA(2003-07-22) [yfdyh000]
-::%CertMgr% -del -c -sha1 90D7A97592F0A3E2165DE5DA23B57701D74A298D -s -r localMachine Root
-::%CertMgr% -del -c -sha1 90D7A97592F0A3E2165DE5DA23B57701D74A298D -s -r localMachine AuthRoot
-::%CertMgr% -del -c -sha1 90D7A97592F0A3E2165DE5DA23B57701D74A298D -s -r CurrentUser Root
-::%CertMgr% -del -c -sha1 90D7A97592F0A3E2165DE5DA23B57701D74A298D -s -r CurrentUser AuthRoot
:: Delete certificates(All part)
-:: ROOTCA OSCCA
-::%CertMgr% -del -c -sha1 DBB84423C928ABE889D0E368FC3191D151DDB1AB -s -r localMachine Root
-::%CertMgr% -del -c -sha1 DBB84423C928ABE889D0E368FC3191D151DDB1AB -s -r localMachine AuthRoot
-::%CertMgr% -del -c -sha1 DBB84423C928ABE889D0E368FC3191D151DDB1AB -s -r CurrentUser Root
-::%CertMgr% -del -c -sha1 DBB84423C928ABE889D0E368FC3191D151DDB1AB -s -r CurrentUser AuthRoot
+:CASE_3
:: SRCA
%CertMgr% -del -c -sha1 AE3F2E66D48FC6BD1DF131E89D768D505DF14302 -s -r localMachine Root
%CertMgr% -del -c -sha1 AE3F2E66D48FC6BD1DF131E89D768D505DF14302 -s -r localMachine AuthRoot
@@ -166,6 +53,16 @@ if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%~dp
%CertMgr% -del -c -sha1 33A4D8BC38608EF52EF0E28A35091E9250907FB9 -s -r localMachine AuthRoot
%CertMgr% -del -c -sha1 33A4D8BC38608EF52EF0E28A35091E9250907FB9 -s -r CurrentUser Root
%CertMgr% -del -c -sha1 33A4D8BC38608EF52EF0E28A35091E9250907FB9 -s -r CurrentUser AuthRoot
+:: Certification Authority of WoSign G2 [v998]
+%CertMgr% -del -c -sha1 FBEDDC9065B7272037BC550C9C56DEBBF27894E1 -s -r localMachine Root
+%CertMgr% -del -c -sha1 FBEDDC9065B7272037BC550C9C56DEBBF27894E1 -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 FBEDDC9065B7272037BC550C9C56DEBBF27894E1 -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 FBEDDC9065B7272037BC550C9C56DEBBF27894E1 -s -r CurrentUser AuthRoot
+:: CA WoSign ECC Root [v998]
+%CertMgr% -del -c -sha1 D27AD2BEED94C0A13CC72521EA5D71BE8119F32B -s -r localMachine Root
+%CertMgr% -del -c -sha1 D27AD2BEED94C0A13CC72521EA5D71BE8119F32B -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 D27AD2BEED94C0A13CC72521EA5D71BE8119F32B -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 D27AD2BEED94C0A13CC72521EA5D71BE8119F32B -s -r CurrentUser AuthRoot
:: Certification Authority of WoSign 1(StartCom/2011-03-01)
%CertMgr% -del -c -sha1 868241C8B85AF79E2DAC79EDADB723E82A36AFC3 -s -r localMachine CA
%CertMgr% -del -c -sha1 868241C8B85AF79E2DAC79EDADB723E82A36AFC3 -s -r CurrentUser CA
@@ -205,21 +102,6 @@ if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%~dp
:: WoTrust Client Authority(USERTrust)
%CertMgr% -del -c -sha1 38CFE78D9F1F0B0637AFCAAA3D5549D87C0AA1D0 -s -r localMachine CA
%CertMgr% -del -c -sha1 38CFE78D9F1F0B0637AFCAAA3D5549D87C0AA1D0 -s -r CurrentUser CA
-:: China Trust Network(1) [QuantumGhost]
-::%CertMgr% -del -c -sha1 C2CAEB0DC296FD50596BCA0F53C5364521167039 -s -r localMachine Root
-::%CertMgr% -del -c -sha1 C2CAEB0DC296FD50596BCA0F53C5364521167039 -s -r localMachine AuthRoot
-::%CertMgr% -del -c -sha1 C2CAEB0DC296FD50596BCA0F53C5364521167039 -s -r CurrentUser Root
-::%CertMgr% -del -c -sha1 C2CAEB0DC296FD50596BCA0F53C5364521167039 -s -r CurrentUser AuthRoot
-:: China Trust Network(2) [QuantumGhost]
-::%CertMgr% -del -c -sha1 B39B0B24B156D8B6123CAF7BA249DC81F27E39FA -s -r localMachine Root
-::%CertMgr% -del -c -sha1 B39B0B24B156D8B6123CAF7BA249DC81F27E39FA -s -r localMachine AuthRoot
-::%CertMgr% -del -c -sha1 B39B0B24B156D8B6123CAF7BA249DC81F27E39FA -s -r CurrentUser Root
-::%CertMgr% -del -c -sha1 B39B0B24B156D8B6123CAF7BA249DC81F27E39FA -s -r CurrentUser AuthRoot
-:: China Trust Network(3) [QuantumGhost]
-::%CertMgr% -del -c -sha1 7C88AE178AE6AB8E69C30AF586D84EF29B6E6AE3 -s -r localMachine Root
-::%CertMgr% -del -c -sha1 7C88AE178AE6AB8E69C30AF586D84EF29B6E6AE3 -s -r localMachine AuthRoot
-::%CertMgr% -del -c -sha1 7C88AE178AE6AB8E69C30AF586D84EF29B6E6AE3 -s -r CurrentUser Root
-::%CertMgr% -del -c -sha1 7C88AE178AE6AB8E69C30AF586D84EF29B6E6AE3 -s -r CurrentUser AuthRoot
:: Hongkong Post Root CA
%CertMgr% -del -c -sha1 E0925E18C7765E22DABD9427529DA6AF4E066428 -s -r localMachine Root
%CertMgr% -del -c -sha1 E0925E18C7765E22DABD9427529DA6AF4E066428 -s -r localMachine AuthRoot
@@ -274,73 +156,309 @@ if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%~dp
:: TWCA Secure Certification Authority
%CertMgr% -del -c -sha1 339D811FEC673E7F731307A34C7C7523ABBE7DFE -s -r localMachine CA
%CertMgr% -del -c -sha1 339D811FEC673E7F731307A34C7C7523ABBE7DFE -s -r CurrentUser CA
+:: Add certificates to CRL(All part)
+%CertMgr% -add -c "%Folder%\SRCA.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_Chinese.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Class_1_Primary_CA.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_200908.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_G2.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\CA_WoSign_ECC_Root.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_StartCom_201103_1.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_StartCom_201103_2.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_StartCom_200609.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_Chinese_StartCom.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Certification_Authority_Of_WoSign_USERTrust.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\WoSign_Premium_Server_Authority_USERTrust.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\WoSign_Server_Authority_USERTrust.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\WoSign_SGC_Server_Authority_USERTrust.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\WoSign_Client_Authority_USERTrust.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\WoTrust_Premium_Server_Authority_USERTrust.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\WoTrust_Server_Authority_USERTrust.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\WoTrust_SGC_Server_Authority_USERTrust.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\WoTrust_Client_Authority_USERTrust.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Hongkong_Post_Root_CA.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Hongkong_Post_Root_CA_1.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Macao_Post_eSignTrust_Root_Certification_Authority.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Macao_Post_eSignTrust_Root_Certification_Authority_G02.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\ePKI_Root_Certification_Authority.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Government_Root_Certification_Authority.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\TWCA_Global_Root_CA.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\TWCA_Root_Certification_Authority_1.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\TWCA_Root_Certification_Authority_2.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\TaiCA_Secure_CA_GTE.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\TWCA_Secure_CA_Baltimore.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\TWCA_Secure_Certification_Authority_USERTrust.crt" -s Disallowed
-@echo.
-:: Add certificates to CRL(Base part)
-%CertMgr% -add -c "%~dp0\Certs\[Fake]GitHubCom_201301.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]GoogleCom_201407.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]GoogleCom_201409.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]YahooCom_201409.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]HotmaiCom_201410.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]WwwFacebookCom_201410.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Fake]WwwIcloudCom_201410.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\CNNIC_ROOT.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\China_Internet_Network_Information_Center_EV_Certificates_Root.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\CNNIC_SSL_Entrust.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Suspicious]WaccBaiduCom.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\GiantRootCA.crt" -s Disallowed
+:: Delete certificates(Extended part)
+:CASE_2
+:: CFCA GT CA(2011-06-13)
+%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s -r localMachine Root
+%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s -r CurrentUser AuthRoot
+:: CFCA GT CA(2012-08-21) [YFdyh000]
+%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s -r localMachine Root
+%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s -r CurrentUser AuthRoot
+:: CFCA EV ROOT
+%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s -r localMachine Root
+%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s -r CurrentUser AuthRoot
+:: UCA Global Root
+%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s -r localMachine Root
+%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s -r CurrentUser AuthRoot
+:: UCA Root(2004-01-01)
+%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s -r localMachine Root
+%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s -r CurrentUser AuthRoot
+:: UCA Extended Validation Root
+%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s -r localMachine Root
+%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s -r CurrentUser AuthRoot
+:: UCA ROOT(2001-01-01)
+%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s -r localMachine Root
+%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s -r CurrentUser AuthRoot
+:: GoAgent CA [lenovo-me]
+%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s -r localMachine Root
+%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s -r CurrentUser AuthRoot
:: Add certificates to CRL(Extended part)
-%CertMgr% -add -c "%~dp0\Certs\CFCA_GT_CA_201106.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\CFCA_GT_CA_201208.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\CFCA_EV_ROOT.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\UCA_Global_Root.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\UCA_Root_200401.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\UCA_Extended_Validation_Root.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\UCA_ROOT_200101.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\[Suspicious]GoAgent_CA.crt" -s Disallowed
-::%CertMgr% -add -c "%~dp0\Certs\SZCA.crt" -s Disallowed
-::%CertMgr% -add -c "%~dp0\Certs\SZCA_200307.crt" -s Disallowed
-:: Add certificates to CRL(All part)
-::%CertMgr% -add -c "%~dp0\Certs\ROOTCA_OSCCA.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\SRCA.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Certification_Authority_Of_WoSign.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Certification_Authority_Of_WoSign_Chinese.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Class_1_Primary_CA.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Certification_Authority_Of_WoSign_200908.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Certification_Authority_Of_WoSign_StartCom_201103_1.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Certification_Authority_Of_WoSign_StartCom_201103_2.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Certification_Authority_Of_WoSign_StartCom_200609.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Certification_Authority_Of_WoSign_Chinese_StartCom.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Certification_Authority_Of_WoSign_USERTrust.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\WoSign_Premium_Server_Authority_USERTrust.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\WoSign_Server_Authority_USERTrust.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\WoSign_SGC_Server_Authority_USERTrust.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\WoSign_Client_Authority_USERTrust.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\WoTrust_Premium_Server_Authority_USERTrust.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\WoTrust_Server_Authority_USERTrust.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\WoTrust_SGC_Server_Authority_USERTrust.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\WoTrust_Client_Authority_USERTrust.crt" -s Disallowed
-::%CertMgr% -add -c "%~dp0\Certs\China_Trust_Network_1.crt" -s Disallowed
-::%CertMgr% -add -c "%~dp0\Certs\China_Trust_Network_2.crt" -s Disallowed
-::%CertMgr% -add -c "%~dp0\Certs\China_Trust_Network_3.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Hongkong_Post_Root_CA.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Hongkong_Post_Root_CA_1.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Macao_Post_eSignTrust_Root_Certification_Authority.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Macao_Post_eSignTrust_Root_Certification_Authority_G02.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\ePKI_Root_Certification_Authority.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\Government_Root_Certification_Authority.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\TWCA_Global_Root_CA.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\TWCA_Root_Certification_Authority_1.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\TWCA_Root_Certification_Authority_2.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\TaiCA_Secure_CA_GTE.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\TWCA_Secure_CA_Baltimore.crt" -s Disallowed
-%CertMgr% -add -c "%~dp0\Certs\TWCA_Secure_Certification_Authority_USERTrust.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\CFCA_GT_CA_201106.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\CFCA_GT_CA_201208.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\CFCA_EV_ROOT.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\UCA_Global_Root.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\UCA_Root_200401.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\UCA_Extended_Validation_Root.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\UCA_ROOT_200101.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\[Suspicious]GoAgent_CA.crt" -s Disallowed
+
+
+:: Delete certificates(Base part)
+:CASE_1
+:: Fake github.com(2013-01-25)
+%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r localMachine Root
+%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s -r CurrentUser AuthRoot
+:: Fake google.com(2014-07-24)
+%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r localMachine Root
+%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s -r CurrentUser AuthRoot
+:: Fake google.com(2014-09-18) [YFdyh000]
+%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r localMachine Root
+%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s -r CurrentUser AuthRoot
+:: Fake yahoo.com(2014-09-30)
+%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r localMachine Root
+%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s -r CurrentUser AuthRoot
+:: Fake hotmai.com(2014-10-02)
+%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r localMachine Root
+%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s -r CurrentUser AuthRoot
+:: Fake www.facebook.com(2014-10-08) [Yiwen Zhang]
+%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r localMachine Root
+%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s -r CurrentUser AuthRoot
+:: Fake www.icound.com(2014-10-04) [YFdyh000]
+%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r localMachine Root
+%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s -r CurrentUser AuthRoot
+:: Fake *.hotmail.com(2015-01-17) [YFdyh000]
+%CertMgr% -del -c -sha1 75F411595FE9A21A17A4967C7B666E5152791A32 -s -r localMachine Root
+%CertMgr% -del -c -sha1 75F411595FE9A21A17A4967C7B666E5152791A32 -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 75F411595FE9A21A17A4967C7B666E5152791A32 -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 75F411595FE9A21A17A4967C7B666E5152791A32 -s -r CurrentUser AuthRoot
+:: CNNIC ROOT
+%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r localMachine Root
+%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s -r CurrentUser AuthRoot
+:: China Internet Network Information Center EV Certificates Root
+%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r localMachine Root
+%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s -r CurrentUser AuthRoot
+:: CNNIC SSL(Entrust)
+%CertMgr% -del -c -sha1 6856BB1A6C4F76DACA362187CC2CCD484EDDC25D -s -r localMachine CA
+%CertMgr% -del -c -sha1 6856BB1A6C4F76DACA362187CC2CCD484EDDC25D -s -r CurrentUser CA
+:: Baidu WACC service [SCFWSE]
+%CertMgr% -del -c -sha1 561422647B89BE22F203EBCAEF52B5007227510A -s -r localMachine CA
+%CertMgr% -del -c -sha1 561422647B89BE22F203EBCAEF52B5007227510A -s -r CurrentUser CA
+:: GiantRootCA
+%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r localMachine Root
+%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s -r CurrentUser AuthRoot
+:: JGZXCA
+%CertMgr% -del -c -sha1 7A4AA61E2A88704115E47748D8647DAEE6837559 -s -r localMachine Root
+%CertMgr% -del -c -sha1 7A4AA61E2A88704115E47748D8647DAEE6837559 -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 7A4AA61E2A88704115E47748D8647DAEE6837559 -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 7A4AA61E2A88704115E47748D8647DAEE6837559 -s -r CurrentUser AuthRoot
+:: Superfish, Inc. [Septembers/v998]
+%CertMgr% -del -c -sha1 C864484869D41D2B0D32319C5A62F9315AAF2CBD -s -r localMachine Root
+%CertMgr% -del -c -sha1 C864484869D41D2B0D32319C5A62F9315AAF2CBD -s -r localMachine AuthRoot
+%CertMgr% -del -c -sha1 C864484869D41D2B0D32319C5A62F9315AAF2CBD -s -r CurrentUser Root
+%CertMgr% -del -c -sha1 C864484869D41D2B0D32319C5A62F9315AAF2CBD -s -r CurrentUser AuthRoot
+:: Add certificates to CRL(Base part)
+%CertMgr% -add -c "%Folder%\[Fake]GitHubCom_201301.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\[Fake]GoogleCom_201407.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\[Fake]GoogleCom_201409.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\[Fake]YahooCom_201409.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\[Fake]HotmaiCom_201410.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\[Fake]WwwFacebookCom_201410.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\[Fake]WwwIcloudCom_201410.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\[Fake]AnyHotmailCom_201501.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\CNNIC_ROOT.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\China_Internet_Network_Information_Center_EV_Certificates_Root.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\CNNIC_SSL_Entrust.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\[Suspicious]WaccBaiduCom.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\GiantRootCA.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\JGZXCA.crt" -s Disallowed
+%CertMgr% -add -c "%Folder%\Superfish_Inc.crt" -s Disallowed
+goto EXIT
+
+
+:: Restore certificates
+:CASE_4
+:: Base part
+:: Fake github.com(2013-01-25)
+%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s Disallowed
+:: Fake google.com(2014-07-24)
+%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s Disallowed
+:: Fake google.com(2014-09-18) [YFdyh000]
+%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s Disallowed
+:: Fake yahoo.com(2014-09-30)
+%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s Disallowed
+:: Fake hotmai.com(2014-10-02)
+%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s Disallowed
+:: Fake www.facebook.com(2014-10-08) [Yiwen Zhang]
+%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s Disallowed
+:: Fake www.icound.com(2014-10-04) [YFdyh000]
+%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s Disallowed
+:: Fake *.hotmail.com(2015-01-17) [YFdyh000]
+%CertMgr% -del -c -sha1 75F411595FE9A21A17A4967C7B666E5152791A32 -s Disallowed
+:: CNNIC ROOT
+%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s Disallowed
+:: China Internet Network Information Center EV Certificates Root
+%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s Disallowed
+:: CNNIC SSL(Entrust)
+%CertMgr% -del -c -sha1 6856BB1A6C4F76DACA362187CC2CCD484EDDC25D -s Disallowed
+:: Baidu WACC service [SCFWSE]
+%CertMgr% -del -c -sha1 561422647B89BE22F203EBCAEF52B5007227510A -s Disallowed
+:: GiantRootCA
+%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s Disallowed
+:: JGZXCA
+%CertMgr% -del -c -sha1 7A4AA61E2A88704115E47748D8647DAEE6837559 -s Disallowed
+:: Superfish, Inc. [Septembers/v998]
+%CertMgr% -del -c -sha1 C864484869D41D2B0D32319C5A62F9315AAF2CBD -s Disallowed
+
+:: Extended part
+:: CFCA GT CA(2011-06-13)
+%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s Disallowed
+:: CFCA GT CA(2012-08-21) [YFdyh000]
+%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s Disallowed
+:: CFCA EV ROOT
+%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s Disallowed
+:: UCA Global Root
+%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s Disallowed
+:: UCA Root(2004-01-01)
+%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s Disallowed
+:: UCA Extended Validation Root
+%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s Disallowed
+:: UCA ROOT(2001-01-01)
+%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s Disallowed
+:: GoAgent CA [lenovo-me]
+%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s Disallowed
+
+:: All part
+:: SRCA
+%CertMgr% -del -c -sha1 AE3F2E66D48FC6BD1DF131E89D768D505DF14302 -s Disallowed
+:: Certification Authority of WoSign
+%CertMgr% -del -c -sha1 B94294BF91EA8FB64BE61097C7FB001359B676CB -s Disallowed
+:: Certification Authority of WoSign(Chinese)
+%CertMgr% -del -c -sha1 1632478D89F9213A92008563F5A4A7D312408AD6 -s Disallowed
+:: Class 1 Primary CA
+%CertMgr% -del -c -sha1 6A174570A916FBE84453EED3D070A1D8DA442829 -s Disallowed
+:: Certification Authority of WoSign(2009-08-08)
+%CertMgr% -del -c -sha1 33A4D8BC38608EF52EF0E28A35091E9250907FB9 -s Disallowed
+:: Certification Authority of WoSign G2 [v998]
+%CertMgr% -del -c -sha1 FBEDDC9065B7272037BC550C9C56DEBBF27894E1 -s Disallowed
+:: CA WoSign ECC Root [v998]
+%CertMgr% -del -c -sha1 D27AD2BEED94C0A13CC72521EA5D71BE8119F32B -s Disallowed
+:: Certification Authority of WoSign 1(StartCom/2011-03-01)
+%CertMgr% -del -c -sha1 868241C8B85AF79E2DAC79EDADB723E82A36AFC3 -s Disallowed
+:: Certification Authority of WoSign 2(StartCom/2011-03-01)
+%CertMgr% -del -c -sha1 692790DA5189529CC5CE1E16E984277A03023E99 -s Disallowed
+:: Certification Authority of WoSign(StartCom/2006-09-18)
+%CertMgr% -del -c -sha1 804E5FB7DE84F5F5B28347233EAF07846B6070D3 -s Disallowed
+:: Certification Authority of WoSign(Chinese/StartCom) [v998]
+%CertMgr% -del -c -sha1 D8EFF6C28BB508E4702565F42748454A872BD412 -s Disallowed
+:: Certification Authority of WoSign(USERTrust) [v998]
+%CertMgr% -del -c -sha1 56FAADDC596DCF78D585D83A35BC04B690D12736 -s Disallowed
+:: WoSign Premium Server Authority(USERTrust)
+%CertMgr% -del -c -sha1 E3D569137E603E7BACB6BCC66AE943850C8ADF38 -s Disallowed
+:: WoSign Server Authority(USERTrust)
+%CertMgr% -del -c -sha1 3E14B8BD6C568657D852D95D387249AE857B4A39 -s Disallowed
+:: WoSign SGC Server Authority(USERTrust)
+%CertMgr% -del -c -sha1 6D5A18050D56BFDE525CBE89E8C45DD1B53D12E9 -s Disallowed
+:: WoSign Client Authority(USERTrust)
+%CertMgr% -del -c -sha1 FAD4319D4E173FF3853E51C98D21919BF3DA1A1E -s Disallowed
+:: WoTrust Premium Server Authority(USERTrust)
+%CertMgr% -del -c -sha1 381CBC5048AFD9A02D3E5882D5F22D962B1A5F72 -s Disallowed
+:: WoTrust Server Authority(USERTrust)
+%CertMgr% -del -c -sha1 337DF96418F08A9355870513AFCEBDC68BCED767 -s Disallowed
+:: WoTrust SGC Server Authority(USERTrust)
+%CertMgr% -del -c -sha1 46A762F3C3CF3732DE22A8BA1EBBA3BC048F9B8C -s Disallowed
+:: WoTrust Client Authority(USERTrust)
+%CertMgr% -del -c -sha1 38CFE78D9F1F0B0637AFCAAA3D5549D87C0AA1D0 -s Disallowed
+:: Hongkong Post Root CA
+%CertMgr% -del -c -sha1 E0925E18C7765E22DABD9427529DA6AF4E066428 -s Disallowed
+:: Hongkong Post Root CA 1 [v998]
+%CertMgr% -del -c -sha1 D6DAA8208D09D2154D24B52FCB346EB258B28A58 -s Disallowed
+:: Macao Post eSignTrust Root Certification Authority
+%CertMgr% -del -c -sha1 89C32E6B524E4D65388B9ECEDC637134ED4193A3 -s Disallowed
+:: Macao Post eSignTrust Root Certification Authority(G02)
+%CertMgr% -del -c -sha1 06143151E02B45DDBADD5D8E56530DAAE328CF90 -s Disallowed
+:: ePKI Root Certification Authority
+%CertMgr% -del -c -sha1 67650DF17E8E7E5B8240A4F4564BCFE23D69C6F0 -s Disallowed
+:: Government Root Certification Authority
+%CertMgr% -del -c -sha1 F48B11BFDEABBE94542071E641DE6BBE882B40B9 -s Disallowed
+:: TWCA Global Root CA
+%CertMgr% -del -c -sha1 9CBB4853F6A4F6D352A4E83252556013F5ADAF65 -s Disallowed
+:: TWCA Root Certification Authority(1)
+%CertMgr% -del -c -sha1 CF9E876DD3EBFC422697A3B5A37AA076A9062348 -s Disallowed
+:: TWCA Root Certification Authority(2)
+%CertMgr% -del -c -sha1 DF646DCB7B0FD3A96AEE88C64E2D676711FF9D5F -s Disallowed
+:: TaiCA Secure CA
+%CertMgr% -del -c -sha1 5B404B6DB43E1F71557F75552E7668289B1B6309 -s Disallowed
+:: TWCA Secure CA
+%CertMgr% -del -c -sha1 3F3E6C4B33802A2FEA46C5CACA14770A40018899 -s Disallowed
+:: TWCA Secure Certification Authority
+%CertMgr% -del -c -sha1 339D811FEC673E7F731307A34C7C7523ABBE7DFE -s Disallowed
+
:: Print to screen.
-::Exit
+:EXIT
@echo.
-@echo RevokeChinaCerts All version
-@echo Done. Please confirm the messages on screen.
+@echo RevokeChinaCerts Online batch
+@echo Done, please confirm the messages on screen.
@echo.
@pause
diff --git a/Windows/RevokeChinaCerts_Organization.bat b/Windows/RevokeChinaCerts_Organization.bat
new file mode 100644
index 0000000000000000000000000000000000000000..477ff15c0afa72eebeacd75045419a4164a186b4
--- /dev/null
+++ b/Windows/RevokeChinaCerts_Organization.bat
@@ -0,0 +1,299 @@
+:: RevokeChinaCerts Organization batch
+:: Revoke China Certificates.
+::
+:: Author: Chengr28
+::
+
+@echo off
+
+
+:: Locate folder, architecture check and choice
+cd /d %~dp0
+set CertMgr="%cd%\Tools\CertMgr"
+if %PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432% EQU x86 set CertMgr="%cd%\Tools\CertMgr_x86"
+set Folder=%cd%\Certs\Organization
+set /a SetForce = 0
+set SetForceAppender="%cd%\Tools\SoftCertPolicyAppender\SoftCertPolicyAppender"
+@echo RevokeChinaCerts Organization batch
+@echo.
+@echo Do you want to set force cetificates policy? [Y/N]
+@echo Setting force need Administrator permissions and Microsoft .NET Framework 4.0!
+set /p UserChoice="Choose: "
+if /i %UserChoice% EQU Y (set /a SetForce=1)
+@echo.
+@echo 1: Revoke Organization cetificates
+@echo 2: Revoke Organization cetificates(Choice version)
+@echo 3: Restore all Organization revoking
+@echo.
+set /p UserChoice="Choose: "
+set UserChoice=CASE_%UserChoice%
+cls
+goto %UserChoice%
+
+
+:: All version
+:CASE_1
+:: ABC
+%CertMgr% -add -c "%Folder%\ABC.crt" -s Disallowed
+:: ABC TEST CA
+%CertMgr% -add -c "%Folder%\ABC_TEST_CA.crt" -s Disallowed
+:: ABC2048
+%CertMgr% -add -c "%Folder%\ABC2048.crt" -s Disallowed
+:: Alibaba.com Corporation Root CA
+%CertMgr% -add -c "%Folder%\AlibabaCom_Corporation_Root_CA.crt" -s Disallowed
+:: ALIPAY_ROOT
+%CertMgr% -add -c "%Folder%\ALIPAY_ROOT.crt" -s Disallowed
+:: Alipay Trust NetWork
+%CertMgr% -add -c "%Folder%\Alipay_Trust_NetWork.crt" -s Disallowed
+:: BOCOMCA
+%CertMgr% -add -c "%Folder%\BOCOMCA.crt" -s Disallowed
+:: CCB CA ROOT(1999-06-29)
+%CertMgr% -add -c "%Folder%\CCB_CA_ROOT_199906.crt" -s Disallowed
+:: CCB CA ROOT(2009-06-01)
+%CertMgr% -add -c "%Folder%\CCB_CA_ROOT_200906.crt" -s Disallowed
+:: CFCA
+%CertMgr% -add -c "%Folder%\CFCA.crt" -s Disallowed
+:: CFCA CS CA
+%CertMgr% -add -c "%Folder%\CFCA_CS_CA.crt" -s Disallowed
+:: CFCA CS TEST CA
+%CertMgr% -add -c "%Folder%\CFCA_CS_TEST_CA.crt" -s Disallowed
+:: CFCA Operation CA3
+%CertMgr% -add -c "%Folder%\CFCA_Operation_CA3.crt" -s Disallowed
+:: CFCA RCA
+%CertMgr% -add -c "%Folder%\CFCA_RCA.crt" -s Disallowed
+:: CFCA Root CA
+%CertMgr% -add -c "%Folder%\CFCA_Root_CA.crt" -s Disallowed
+:: CFCA RSA RCA
+%CertMgr% -add -c "%Folder%\CFCA_RSA_RCA.crt" -s Disallowed
+:: China Trust Network(1)
+%CertMgr% -add -c "%Folder%\China_Trust_Network_1.crt" -s Disallowed
+:: China Trust Network(2)
+%CertMgr% -add -c "%Folder%\China_Trust_Network_2.crt" -s Disallowed
+:: China Trust Network(3)
+%CertMgr% -add -c "%Folder%\China_Trust_Network_3.crt" -s Disallowed
+:: ICBC
+%CertMgr% -add -c "%Folder%\ICBC.crt" -s Disallowed
+:: ICBC Root CA
+%CertMgr% -add -c "%Folder%\ICBC_Root_CA.crt" -s Disallowed
+:: IcbcCA
+%CertMgr% -add -c "%Folder%\IcbcCA.crt" -s Disallowed
+:: iTruschina CN Root CA(1)
+%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_1.crt" -s Disallowed
+:: iTruschina CN Root CA(2)
+%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_2.crt" -s Disallowed
+:: iTruschina CN Root CA(3)
+%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_3.crt" -s Disallowed
+:: Personal ICBC CA
+%CertMgr% -add -c "%Folder%\Personal_ICBC_CA.crt" -s Disallowed
+:: ROOTCA OSCCA
+%CertMgr% -add -c "%Folder%\ROOTCA_OSCCA.crt" -s Disallowed
+:: SZCA
+%CertMgr% -add -c "%Folder%\SZCA.crt" -s Disallowed
+:: SZCA(20030722)
+%CertMgr% -add -c "%Folder%\SZCA_200307.crt" -s Disallowed
+:: TenpayCom Root CA
+%CertMgr% -add -c "%Folder%\TenpayCom_Root_CA.crt" -s Disallowed
+:: Set force
+@echo.
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ABC.crt" "%Folder%\ABC_TEST_CA.crt" "%Folder%\ABC2048.crt" "%Folder%\AlibabaCom_Corporation_Root_CA.crt" "%Folder%\ALIPAY_ROOT.crt" "%Folder%\Alipay_Trust_NetWork.crt" "%Folder%\BOCOMCA.crt" "%Folder%\CCB_CA_ROOT_199906.crt" "%Folder%\CCB_CA_ROOT_200906.crt" "%Folder%\CFCA.crt" "%Folder%\CFCA_CS_CA.crt" "%Folder%\CFCA_CS_TEST_CA.crt" "%Folder%\CFCA_Operation_CA3.crt" "%Folder%\CFCA_RCA.crt" "%Folder%\CFCA_Root_CA.crt" "%Folder%\CFCA_RSA_RCA.crt" "%Folder%\China_Trust_Network_1.crt" "%Folder%\China_Trust_Network_2.crt" "%Folder%\China_Trust_Network_3.crt" "%Folder%\ICBC.crt" "%Folder%\ICBC_Root_CA.crt" "%Folder%\IcbcCA.crt" "%Folder%\iTruschina_CN_Root_CA_1.crt" "%Folder%\iTruschina_CN_Root_CA_2.crt" "%Folder%\iTruschina_CN_Root_CA_3.crt" "%Folder%\Personal_ICBC_CA.crt" "%Folder%\ROOTCA_OSCCA.crt" "%Folder%\SZCA.crt" "%Folder%\SZCA_200307.crt" "%Folder%\TenpayCom_Root_CA.crt")
+goto EXIT
+
+
+:: Choice version
+:CASE_2
+set /p UserChoice="Revoke ABC? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ABC.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ABC.crt"))
+@echo.
+set /p UserChoice="Revoke ABC TEST CA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ABC_TEST_CA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force %Folder%\ABC_TEST_CA.crt""))
+@echo.
+set /p UserChoice="Revoke ABC2048? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ABC2048.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force %Folder%\ABC2048.crt""))
+@echo.
+set /p UserChoice="Revoke Alibaba.com Corporation Root CA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\AlibabaCom_Corporation_Root_CA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\AlibabaCom_Corporation_Root_CA.crt"))
+@echo.
+set /p UserChoice="Revoke ALIPAY_ROOT? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ALIPAY_ROOT.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ALIPAY_ROOT.crt"))
+@echo.
+set /p UserChoice="Revoke Alipay Trust NetWork? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Alipay_Trust_NetWork.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Alipay_Trust_NetWork.crt"))
+@echo.
+set /p UserChoice="Revoke BOCOMCA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\BOCOMCA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\BOCOMCA.crt"))
+@echo.
+set /p UserChoice="Revoke CCB CA ROOT(1999-06-29)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CCB_CA_ROOT_199906.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CCB_CA_ROOT_199906.crt"))
+@echo.
+set /p UserChoice="Revoke CCB CA ROOT(2009-06-01)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CCB_CA_ROOT_200906.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CCB_CA_ROOT_200906.crt"))
+@echo.
+set /p UserChoice="Revoke CFCA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA.crt"))
+@echo.
+set /p UserChoice="Revoke CFCA CS CA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA_CS_CA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA_CS_CA.crt"))
+@echo.
+set /p UserChoice="Revoke CFCA CS TEST CA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA_CS_TEST_CA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA_CS_TEST_CA.crt"))
+@echo.
+set /p UserChoice="Revoke CFCA Operation CA3? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA_Operation_CA3.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA_Operation_CA3.crt"))
+@echo.
+set /p UserChoice="Revoke CFCA RCA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA_RCA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA_RCA.crt"))
+@echo.
+set /p UserChoice="Revoke CFCA Root CA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA_Root_CA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA_Root_CA.crt"))
+@echo.
+set /p UserChoice="Revoke CFCA RSA RCA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\CFCA_RSA_RCA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\CFCA_RSA_RCA.crt"))
+@echo.
+set /p UserChoice="Revoke China Trust Network(1)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\China_Trust_Network_1.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\China_Trust_Network_1.crt"))
+@echo.
+set /p UserChoice="Revoke China Trust Network(2)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\China_Trust_Network_2.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\China_Trust_Network_2.crt"))
+@echo.
+set /p UserChoice="Revoke China Trust Network(3)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\China_Trust_Network_3.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\China_Trust_Network_3.crt"))
+@echo.
+set /p UserChoice="Revoke ICBC? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ICBC.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ICBC.crt"))
+@echo.
+set /p UserChoice="Revoke ICBC Root CA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ICBC_Root_CA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ICBC_Root_CA.crt"))
+@echo.
+set /p UserChoice="Revoke IcbcCA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\IcbcCA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\IcbcCA.crt"))
+@echo.
+set /p UserChoice="Revoke iTruschina CN Root CA(1)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_1.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\iTruschina_CN_Root_CA_1.crt"))
+@echo.
+set /p UserChoice="Revoke iTruschina CN Root CA(2)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_2.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\iTruschina_CN_Root_CA_2.crt"))
+@echo.
+set /p UserChoice="Revoke iTruschina CN Root CA(3)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\iTruschina_CN_Root_CA_3.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\iTruschina_CN_Root_CA_3.crt"))
+@echo.
+set /p UserChoice="Revoke Personal ICBC CA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\Personal_ICBC_CA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\Personal_ICBC_CA.crt"))
+@echo.
+set /p UserChoice="Revoke ROOTCA OSCCA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\ROOTCA_OSCCA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\ROOTCA_OSCCA.crt"))
+@echo.
+set /p UserChoice="Revoke SZCA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\SZCA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\SZCA.crt"))
+@echo.
+set /p UserChoice="Revoke SZCA(20030722)? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\SZCA_200307.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\SZCA_200307.crt"))
+@echo.
+set /p UserChoice="Revoke TenpayCom Root CA? [Y/N]"
+if /i %UserChoice% EQU Y (%CertMgr% -add -c "%Folder%\TenpayCom_Root_CA.crt" -s Disallowed
+if %SetForce% EQU 1 (%SetForceAppender% --set-force "%Folder%\TenpayCom_Root_CA.crt"))
+goto EXIT
+
+
+:: Restore certificates
+:CASE_3
+:: ABC
+%CertMgr% -del -c -sha1 78D0CDF5752D1E5B58A674644CFE3499BF02F9EF -s Disallowed
+:: ABC TEST CA
+%CertMgr% -del -c -sha1 F18C39F8B5A3E9BADC811BBA7690E8D0143BD851 -s Disallowed
+:: ABC2048
+%CertMgr% -del -c -sha1 6FAE9AD81467C5FCB93574670F52C8EF538F8B6D -s Disallowed
+:: Alibaba.com Corporation Root CA
+%CertMgr% -del -c -sha1 A7217F919843199C958C128449DD52D2723B0A8A -s Disallowed
+:: ALIPAY_ROOT
+%CertMgr% -del -c -sha1 59864294A96B3E5C37C058E9D1FBDE5FF0C2E4EE -s Disallowed
+:: Alipay Trust NetWork
+%CertMgr% -del -c -sha1 89A2FB0E332BA7275FE712FEC669D746125B1F32 -s Disallowed
+:: BOCOMCA
+%CertMgr% -del -c -sha1 4571466B830EAC5FCDC22103B9733C1A15CE78AC -s Disallowed
+:: CCB CA ROOT(1999-06-29)
+%CertMgr% -del -c -sha1 3018E5D74DF29E3590F5BB8DF01AA7FC116BB4DE -s Disallowed
+:: CCB CA ROOT(2009-06-01)
+%CertMgr% -del -c -sha1 8582B4AF7491B3D16636EEB32D44993D7DEE6C40 -s Disallowed
+:: CFCA
+%CertMgr% -del -c -sha1 A9743B713E4109381622D3689AB5D9E1DC51B164 -s Disallowed
+:: CFCA CS CA
+%CertMgr% -del -c -sha1 D3FBFAA8A67FC9A2EADBF86AEB5D07A9D6AF322E -s Disallowed
+:: CFCA CS TEST CA
+%CertMgr% -del -c -sha1 B5DCF1C58E86DBED2EA2D217A5C28D11FD9254F0 -s Disallowed
+:: CFCA Operation CA3
+%CertMgr% -del -c -sha1 5A3A3EA74AE5D29F25A670024949869D1222E42A -s Disallowed
+:: CFCA RCA
+%CertMgr% -del -c -sha1 AE73DFF81CF24E50DD52CA1496E7EF94876061CB -s Disallowed
+:: CFCA Root CA
+%CertMgr% -del -c -sha1 31BD6AEF73031C5A49338E7A06040DD815EF7512 -s Disallowed
+:: CFCA RSA RCA
+%CertMgr% -del -c -sha1 57C5CEBB53FBF181E0B13977AF864F1C13F11AA9 -s Disallowed
+:: China Trust Network(1)
+%CertMgr% -del -c -sha1 C2CAEB0DC296FD50596BCA0F53C5364521167039 -s Disallowed
+:: China Trust Network(2)
+%CertMgr% -del -c -sha1 B39B0B24B156D8B6123CAF7BA249DC81F27E39FA -s Disallowed
+:: China Trust Network(3)
+%CertMgr% -del -c -sha1 7C88AE178AE6AB8E69C30AF586D84EF29B6E6AE3 -s Disallowed
+:: ICBC
+%CertMgr% -del -c -sha1 E3F9043072BABF5E9C631960B34CCCF9FFC8BA41 -s Disallowed
+:: ICBC Root CA
+%CertMgr% -del -c -sha1 5A960203C10CFA8D42DD115B61154F98E2F617F7 -s Disallowed
+:: IcbcCA
+%CertMgr% -del -c -sha1 A02A23D13576ECA35498DC69166A20651E203E31 -s Disallowed
+:: iTruschina CN Root CA(1)
+%CertMgr% -del -c -sha1 240A61A2577970625B9F0B81283C4AA4037217B1 -s Disallowed
+:: iTruschina CN Root CA(2)
+%CertMgr% -del -c -sha1 46F168AF009C28C18F452EB85F5E8747892B3C8B -s Disallowed
+:: iTruschina CN Root CA(3)
+%CertMgr% -del -c -sha1 654E9FADD2032AE1B87D6263AF04FD7FEE38D57C -s Disallowed
+:: Personal ICBC CA
+%CertMgr% -del -c -sha1 2ABC81B0D7D052F887965562BB10AA66A80F7674 -s Disallowed
+:: ROOTCA OSCCA
+%CertMgr% -del -c -sha1 DBB84423C928ABE889D0E368FC3191D151DDB1AB -s Disallowed
+:: SZCA
+%CertMgr% -del -c -sha1 B0049D436F27237EE59C746A1EF3C96A8E1B54AC -s Disallowed
+:: SZCA(20030722)
+%CertMgr% -del -c -sha1 90D7A97592F0A3E2165DE5DA23B57701D74A298D -s Disallowed
+:: TenpayCom Root CA
+%CertMgr% -del -c -sha1 56502166C0DE2488950491C90C7560E0E7AA7378 -s Disallowed
+:: Unset force
+@echo.
+if %SetForce% EQU 1 (%SetForceAppender% -r --unset-force "%Folder%\ABC.crt" "%Folder%\ABC_TEST_CA.crt" "%Folder%\ABC2048.crt" "%Folder%\AlibabaCom_Corporation_Root_CA.crt" "%Folder%\ALIPAY_ROOT.crt" "%Folder%\Alipay_Trust_NetWork.crt" "%Folder%\BOCOMCA.crt" "%Folder%\CCB_CA_ROOT_199906.crt" "%Folder%\CCB_CA_ROOT_200906.crt" "%Folder%\CFCA.crt" "%Folder%\CFCA_CS_CA.crt" "%Folder%\CFCA_CS_TEST_CA.crt" "%Folder%\CFCA_Operation_CA3.crt" "%Folder%\CFCA_RCA.crt" "%Folder%\CFCA_Root_CA.crt" "%Folder%\CFCA_RSA_RCA.crt" "%Folder%\China_Trust_Network_1.crt" "%Folder%\China_Trust_Network_2.crt" "%Folder%\China_Trust_Network_3.crt" "%Folder%\ICBC.crt" "%Folder%\ICBC_Root_CA.crt" "%Folder%\IcbcCA.crt" "%Folder%\iTruschina_CN_Root_CA_1.crt" "%Folder%\iTruschina_CN_Root_CA_2.crt" "%Folder%\iTruschina_CN_Root_CA_3.crt" "%Folder%\Personal_ICBC_CA.crt" "%Folder%\ROOTCA_OSCCA.crt" "%Folder%\SZCA.crt" "%Folder%\SZCA_200307.crt" "%Folder%\TenpayCom_Root_CA.crt")
+
+
+:: Print to screen.
+:EXIT
+@echo.
+@echo RevokeChinaCerts Organization batch
+@echo Done, please confirm the messages on screen.
+@echo.
+@pause
diff --git a/Windows/RevokeChinaCerts_Restore.bat b/Windows/RevokeChinaCerts_Restore.bat
deleted file mode 100644
index a570c1766237ead93c53ae1438ffe9eb9c5eb7b1..0000000000000000000000000000000000000000
--- a/Windows/RevokeChinaCerts_Restore.bat
+++ /dev/null
@@ -1,141 +0,0 @@
-:: RevokeChinaCerts Restore batch
-:: Revoke China Certificates.
-::
-:: Author: JayXon, Chengr28
-::
-
-@echo off
-
-:: Update certificates list of system.
-cd /d %~dp0
-"%~dp0\Tools\RootSUPD_201403_x86"
-
-:: Architecture check
-set CertMgr="%~dp0\Tools\CertMgr"
-if "%PROCESSOR_ARCHITECTURE%%PROCESSOR_ARCHITEW6432%" == "x86" set CertMgr="%~dp0\Tools\CertMgr_x86"
-
-:: Restore certificates(Base part)
-:: Fake GitHub.Com(2013-01-25)
-%CertMgr% -del -c -sha1 27A29C3A8B3261770E8B59448557DC9E9339E68C -s Disallowed
-:: Fake Google.Com(2014-07-24)
-%CertMgr% -del -c -sha1 F6BEADB9BC02E0A152D71C318739CDECFC1C085D -s Disallowed
-:: Fake Google.Com(2014-09-18) [YFdyh000]
-%CertMgr% -del -c -sha1 316076F2866588DBB233C7F9EB68B58125150C21 -s Disallowed
-:: Fake Yahoo.Com(2014-09-30)
-%CertMgr% -del -c -sha1 2290C311EA0F3F57E06DF45B698E18E828E59BC3 -s Disallowed
-:: Fake Hotmai.Com(2014-10-02)
-%CertMgr% -del -c -sha1 30F3B3ADC6E570BDA606B9F96DE24190CE262C67 -s Disallowed
-:: Fake Www.Facebook.Com(2014-10-08) [Yiwen Zhang]
-%CertMgr% -del -c -sha1 DC6EE6EDC4C078E1B2C12F6D1985000E27CFD318 -s Disallowed
-:: Fake Www.Icound.Com(2014-10-04) [YFdyh000]
-%CertMgr% -del -c -sha1 F468B5F3FED807974476A22B32EA3137D924F7BA -s Disallowed
-:: CNNIC ROOT
-%CertMgr% -del -c -sha1 8BAF4C9B1DF02A92F7DA128EB91BACF498604B6F -s Disallowed
-:: China Internet Network Information Center EV Certificates Root
-%CertMgr% -del -c -sha1 4F99AA93FB2BD13726A1994ACE7FF005F2935D1E -s Disallowed
-:: CNNIC SSL(Entrust)
-%CertMgr% -del -c -sha1 6856BB1A6C4F76DACA362187CC2CCD484EDDC25D -s Disallowed
-:: Baidu WACC service [SCFWSE]
-%CertMgr% -del -c -sha1 561422647B89BE22F203EBCAEF52B5007227510A -s Disallowed
-:: GiantRootCA
-%CertMgr% -del -c -sha1 7514436E903C901069980499CA70DE74FC06C83C -s Disallowed
-
-:: Restore certificates(Extended part)
-:: CFCA GT CA(2011-06-13)
-%CertMgr% -del -c -sha1 EABDA240440ABBD694930A01D09764C6C2D77966 -s Disallowed
-:: CFCA GT CA(2012-08-21) [YFdyh000]
-%CertMgr% -del -c -sha1 A8F2DFE36AE0CC2DB9DD38347D30AED9551DD25A -s Disallowed
-:: CFCA EV ROOT
-%CertMgr% -del -c -sha1 E2B8294B5584AB6B58C290466CAC3FB8398F8483 -s Disallowed
-:: UCA Global Root
-%CertMgr% -del -c -sha1 0B972C9EA6E7CC58D93B20BF71EC412E7209FABF -s Disallowed
-:: UCA Root(2004-01-01)
-%CertMgr% -del -c -sha1 8250BED5A214433A66377CBC10EF83F669DA3A67 -s Disallowed
-:: UCA Extended Validation Root
-%CertMgr% -del -c -sha1 B9C9F58B3BBEF575E2B58328770E7B0076C40B5E -s Disallowed
-:: UCA ROOT(2001-01-01)
-%CertMgr% -del -c -sha1 3120F295417730075F8CD42D0CAE008EB5726EF8 -s Disallowed
-:: GoAgent CA [lenovo-me]
-%CertMgr% -del -c -sha1 AB702CDF18EBE8B438C52869CD4A5DEF48B40E33 -s Disallowed
-:: SZCA [yfdyh000]
-::%CertMgr% -del -c -sha1 B0049D436F27237EE59C746A1EF3C96A8E1B54AC -s Disallowed
-:: SZCA(2003-07-22) [yfdyh000]
-::%CertMgr% -del -c -sha1 90D7A97592F0A3E2165DE5DA23B57701D74A298D -s Disallowed
-
-:: Restore certificates(All part)
-:: ROOTCA OSCCA
-::%CertMgr% -del -c -sha1 DBB84423C928ABE889D0E368FC3191D151DDB1AB -s Disallowed
-:: SRCA
-%CertMgr% -del -c -sha1 AE3F2E66D48FC6BD1DF131E89D768D505DF14302 -s Disallowed
-:: Certification Authority of WoSign
-%CertMgr% -del -c -sha1 B94294BF91EA8FB64BE61097C7FB001359B676CB -s Disallowed
-:: Certification Authority of WoSign(Chinese)
-%CertMgr% -del -c -sha1 1632478D89F9213A92008563F5A4A7D312408AD6 -s Disallowed
-:: Class 1 Primary CA
-%CertMgr% -del -c -sha1 6A174570A916FBE84453EED3D070A1D8DA442829 -s Disallowed
-:: Certification Authority of WoSign(2009-08-08)
-%CertMgr% -del -c -sha1 33A4D8BC38608EF52EF0E28A35091E9250907FB9 -s Disallowed
-:: Certification Authority of WoSign 1(StartCom/2011-03-01)
-%CertMgr% -del -c -sha1 868241C8B85AF79E2DAC79EDADB723E82A36AFC3 -s Disallowed
-:: Certification Authority of WoSign 2(StartCom/2011-03-01)
-%CertMgr% -del -c -sha1 692790DA5189529CC5CE1E16E984277A03023E99 -s Disallowed
-:: Certification Authority of WoSign(StartCom/2006-09-18)
-%CertMgr% -del -c -sha1 804E5FB7DE84F5F5B28347233EAF07846B6070D3 -s Disallowed
-:: Certification Authority of WoSign(Chinese/StartCom) [v998]
-%CertMgr% -del -c -sha1 D8EFF6C28BB508E4702565F42748454A872BD412 -s Disallowed
-:: Certification Authority of WoSign(USERTrust) [v998]
-%CertMgr% -del -c -sha1 56FAADDC596DCF78D585D83A35BC04B690D12736 -s Disallowed
-:: WoSign Premium Server Authority(USERTrust)
-%CertMgr% -del -c -sha1 E3D569137E603E7BACB6BCC66AE943850C8ADF38 -s Disallowed
-:: WoSign Server Authority(USERTrust)
-%CertMgr% -del -c -sha1 3E14B8BD6C568657D852D95D387249AE857B4A39 -s Disallowed
-:: WoSign SGC Server Authority(USERTrust)
-%CertMgr% -del -c -sha1 6D5A18050D56BFDE525CBE89E8C45DD1B53D12E9 -s Disallowed
-:: WoSign Client Authority(USERTrust)
-%CertMgr% -del -c -sha1 FAD4319D4E173FF3853E51C98D21919BF3DA1A1E -s Disallowed
-:: WoTrust Premium Server Authority(USERTrust)
-%CertMgr% -del -c -sha1 381CBC5048AFD9A02D3E5882D5F22D962B1A5F72 -s Disallowed
-:: WoTrust Server Authority(USERTrust)
-%CertMgr% -del -c -sha1 337DF96418F08A9355870513AFCEBDC68BCED767 -s Disallowed
-:: WoTrust SGC Server Authority(USERTrust)
-%CertMgr% -del -c -sha1 46A762F3C3CF3732DE22A8BA1EBBA3BC048F9B8C -s Disallowed
-:: WoTrust Client Authority(USERTrust)
-%CertMgr% -del -c -sha1 38CFE78D9F1F0B0637AFCAAA3D5549D87C0AA1D0 -s Disallowed
-:: China Trust Network(1) [QuantumGhost]
-::%CertMgr% -del -c -sha1 C2CAEB0DC296FD50596BCA0F53C5364521167039 -s Disallowed
-:: China Trust Network(2) [QuantumGhost]
-::%CertMgr% -del -c -sha1 B39B0B24B156D8B6123CAF7BA249DC81F27E39FA -s Disallowed
-:: China Trust Network(3) [QuantumGhost]
-::%CertMgr% -del -c -sha1 7C88AE178AE6AB8E69C30AF586D84EF29B6E6AE3 -s Disallowed
-:: Hongkong Post Root CA
-%CertMgr% -del -c -sha1 E0925E18C7765E22DABD9427529DA6AF4E066428 -s Disallowed
-:: Hongkong Post Root CA 1 [v998]
-%CertMgr% -del -c -sha1 D6DAA8208D09D2154D24B52FCB346EB258B28A58 -s Disallowed
-:: Macao Post eSignTrust Root Certification Authority
-%CertMgr% -del -c -sha1 89C32E6B524E4D65388B9ECEDC637134ED4193A3 -s Disallowed
-:: Macao Post eSignTrust Root Certification Authority(G02)
-%CertMgr% -del -c -sha1 06143151E02B45DDBADD5D8E56530DAAE328CF90 -s Disallowed
-:: ePKI Root Certification Authority
-%CertMgr% -del -c -sha1 67650DF17E8E7E5B8240A4F4564BCFE23D69C6F0 -s Disallowed
-:: Government Root Certification Authority
-%CertMgr% -del -c -sha1 F48B11BFDEABBE94542071E641DE6BBE882B40B9 -s Disallowed
-:: TWCA Global Root CA
-%CertMgr% -del -c -sha1 9CBB4853F6A4F6D352A4E83252556013F5ADAF65 -s Disallowed
-:: TWCA Root Certification Authority(1)
-%CertMgr% -del -c -sha1 CF9E876DD3EBFC422697A3B5A37AA076A9062348 -s Disallowed
-:: TWCA Root Certification Authority(2)
-%CertMgr% -del -c -sha1 DF646DCB7B0FD3A96AEE88C64E2D676711FF9D5F -s Disallowed
-:: TaiCA Secure CA
-%CertMgr% -del -c -sha1 5B404B6DB43E1F71557F75552E7668289B1B6309 -s Disallowed
-:: TWCA Secure CA
-%CertMgr% -del -c -sha1 3F3E6C4B33802A2FEA46C5CACA14770A40018899 -s Disallowed
-:: TWCA Secure Certification Authority
-%CertMgr% -del -c -sha1 339D811FEC673E7F731307A34C7C7523ABBE7DFE -s Disallowed
-
-:: Print to screen.
-::Exit
-@echo.
-@echo RevokeChinaCerts Restore version
-@echo Done. Please confirm the messages on screen.
-@echo.
-@pause
diff --git a/Windows/SoftCertPolicyAppender/README.md b/Windows/SoftCertPolicyAppender/README.md
deleted file mode 100644
index aaaa3ded57f6ad64d8f225a48aa92b6327b3c473..0000000000000000000000000000000000000000
--- a/Windows/SoftCertPolicyAppender/README.md
+++ /dev/null
@@ -1,12 +0,0 @@
-## 使用方法 ##
-SoftCertPolicyAppender.exe <è¯ä¹¦è·¯å¾„>
-
-SoftCertPolicyAppender.exe <è¯ä¹¦è·¯å¾„> <è¯ä¹¦è·¯å¾„2> ...
-
-## 备注 ##
-- 需è¦ç®¡ç†å‘˜æƒé™
-- 需è¦[.net framework 4.0](http://www.microsoft.com/en-us/download/details.aspx?id=17718)
-
-
-## 引用组件 ##
-[local-policy](https://bitbucket.org/MartinEden/local-policy/overview)
diff --git a/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/CertPolicyAppender.cs b/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/CertPolicyAppender.cs
deleted file mode 100644
index d81e395d48fb6220ab8eb8ea6274f99134205f35..0000000000000000000000000000000000000000
--- a/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/CertPolicyAppender.cs
+++ /dev/null
@@ -1,150 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Security.Cryptography.X509Certificates;
-using LocalPolicy;
-using Microsoft.Win32;
-
-namespace SoftCertPolicyAppender
-{
- public class CertPolicyAppender
- {
- private X509Certificate2 _cert;
-
- public void Load(string certFile)
- {
- var cert = new X509Certificate2();
- cert.Import(certFile);
- _cert = cert;
-
- }
-
- /// <summary>
- /// æž„é€ å†™å†™å…¥æ³¨å†Œè¡¨çš„è¯ä¹¦æ•°æ®
- /// </summary>
- /// <returns></returns>
- private byte[] CalcRegCertData()
- {
- var cert = _cert;
- var thumbprintData = cert.Thumbprint.HexString2Bytes().ToArray();
-
- var rtn = new List<byte>();
-
- //æ·»åŠ æ•°æ®å¤´,æ ¼å¼æ˜¯æ ¹æ®æ³¨å†Œè¡¨çš„æ•°æ®æŽ¨ç®—çš„,未注释部分为未知
- rtn.AddRange(BitConverter.GetBytes(3)); //å¯èƒ½ä¸ºç‰ˆæœ¬å·
- rtn.AddRange(BitConverter.GetBytes(1)); //å¯èƒ½ä¸ºæ¬¡ç‰ˆæœ¬å·
- rtn.AddRange(BitConverter.GetBytes(thumbprintData.Length)); //è¯ä¹¦å®…指纹长度
- rtn.AddRange(thumbprintData); //è¯ä¹¦æŒ‡çº¹æ•°æ®
- rtn.AddRange(BitConverter.GetBytes(0x0d));
- rtn.AddRange(BitConverter.GetBytes(1));
- rtn.AddRange(BitConverter.GetBytes((short)2));
- rtn.AddRange(BitConverter.GetBytes(0));
- rtn.AddRange(BitConverter.GetBytes(0x1b));
- rtn.AddRange(BitConverter.GetBytes(1));
- rtn.AddRange(BitConverter.GetBytes(8));
- rtn.AddRange(BitConverter.GetBytes(DateTime.Now.ToFileTime())); //时间戳
- rtn.AddRange(BitConverter.GetBytes(0x20));
- rtn.AddRange(BitConverter.GetBytes(1));
- rtn.AddRange(BitConverter.GetBytes(cert.RawData.Length)); //è¯ä¹¦é•¿åº¦
- //æ·»åŠ è¯ä¹¦æ•°æ®
- rtn.AddRange(cert.RawData);
-
- return rtn.ToArray();
- }
-
- /// <summary>
- /// 写入注册表项
- /// </summary>
- /// <returns></returns>
- public void WriteRegisty()
- {
- var cer = _cert;
- const string keyPath = @"Software\Microsoft\Windows\CurrentVersion\Group Policy Objects";
- var rk = RegistryKey.OpenBaseKey(RegistryHive.CurrentUser, RegistryView.Default);
- var srk = rk.OpenSubKey(keyPath);
- if (srk == null)
- {
- throw new ApplicationException("æ— æ³•æ‰“å¼€æ³¨å†Œè¡¨é¡¹:" + keyPath);
- }
- var certKeys = srk.GetSubKeyNames()
- .Where(x => x.EndsWith("Machine"))
- .Select(
- x =>
- string.Format(
- "{0}\\{1}\\Software\\Policies\\Microsoft\\SystemCertificates\\Disallowed\\Certificates\\{2}",
- keyPath, x, cer.Thumbprint))
- //.Where(x => rk.OpenSubKey(x) == null)
- .ToList();
-
- foreach (var key in certKeys.Select(rk.CreateSubKey))
- {
- key.SetValue("Blob", CalcRegCertData(), RegistryValueKind.Binary);
- }
-
-
- }
-
-
- /// <summary>
- /// æ·»åŠ è¯ä¹¦ç»„ç–ç•¥
- /// </summary>
- /// <remarks>引用组件æ¥è‡ª:https://bitbucket.org/MartinEden/local-policy/overview </remarks>
- public void AddCertPolicy()
- {
- var cert = _cert;
-
- var gpo = new ComputerGroupPolicyObject();
- var keyPath = string.Format("Software\\Policies\\Microsoft\\SystemCertificates\\Disallowed\\Certificates\\{0}", cert.Thumbprint);
- using (var machine = gpo.GetRootRegistryKey(GroupPolicySection.Machine))
- {
- using (var cerKey = machine.CreateSubKey(keyPath))
- {
- cerKey.SetValue("Blob", CalcRegCertData(), RegistryValueKind.Binary);
- }
- }
- gpo.Save();
-
- }
- }
-
-
- /// <summary>
- /// 工具类
- /// </summary>
- public static class Helper
- {
-
- /// <summary>
- /// 解æž16进制å—符串为byte数组
- /// </summary>
- /// <param name="hexstring"></param>
- /// <returns></returns>
- public static IEnumerable<byte> HexString2Bytes(this string hexstring)
- {
- for (int i = 0; i < hexstring.Length; i += 2)
- {
- var hex = hexstring.Substring(i, 2);
- yield return Convert.ToByte(hex, 16);
- }
- }
-
- /// <summary>
- /// 转æ¢ä¸º16进制å—符串
- /// </summary>
- /// <param name="bs"></param>
- /// <param name="isLowcase"></param>
- /// <param name="split"></param>
- /// <returns></returns>
- public static string ToHexString(this IEnumerable<byte> bs, bool isLowcase = false, string split = "")
- {
- var rtn = "";
- foreach (var item in bs)
- {
- var fmtstr = isLowcase ? "x2" : "X2";
- rtn += item.ToString(fmtstr) + split;
- }
- return rtn.TrimEnd(split.ToCharArray());
- }
- }
-
-}
\ No newline at end of file
diff --git a/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/Program.cs b/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/Program.cs
deleted file mode 100644
index f2d33d6dced02cb6e9389481eebbbdb25d15c0d4..0000000000000000000000000000000000000000
--- a/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/Program.cs
+++ /dev/null
@@ -1,35 +0,0 @@
-using System;
-using System.Linq;
-
-namespace SoftCertPolicyAppender
-{
- class Program
- {
- [STAThread]
- static void Main(string[] args)
- {
-
- var cers = args.Where(x => x.EndsWith(".cer") || x.EndsWith(".crt") || x.EndsWith(".pem"));
-
- foreach (var s in cers)
- {
- try
- {
- var appdender = new CertPolicyAppender();
- appdender.Load(s);
- appdender.WriteRegisty();
- appdender.AddCertPolicy();
- }
- catch (Exception e)
- {
- Console.ForegroundColor = ConsoleColor.Red;
- Console.WriteLine(e);
- Console.ResetColor();
- }
- }
- Console.ForegroundColor = ConsoleColor.Green;
- Console.WriteLine("Success!");
- Console.ResetColor();
- }
- }
-}
diff --git a/Windows/SoftCertPolicyAppender/prebuilt/SoftCertPolicyAppender.exe b/Windows/SoftCertPolicyAppender/prebuilt/SoftCertPolicyAppender.exe
deleted file mode 100644
index c5a5abfd9f40afaac13506e07b77039f80e3a77d..0000000000000000000000000000000000000000
Binary files a/Windows/SoftCertPolicyAppender/prebuilt/SoftCertPolicyAppender.exe and /dev/null differ
diff --git a/Windows/SoftCertPolicyAppender/.gitignore b/Windows/Tools/SoftCertPolicyAppender/.gitignore
similarity index 97%
rename from Windows/SoftCertPolicyAppender/.gitignore
rename to Windows/Tools/SoftCertPolicyAppender/.gitignore
index 3dbb5b00e2ef422c7606e206f37fa0c2ec97451c..60b0755a9eba0f05025fc7805256595a947d313c 100644
--- a/Windows/SoftCertPolicyAppender/.gitignore
+++ b/Windows/Tools/SoftCertPolicyAppender/.gitignore
@@ -1,4 +1,4 @@
-## Ignore Visual Studio temporary files, build results, and
+## Ignore Visual Studio temporary files, build results, and
## files generated by popular Visual Studio add-ons.
# User-specific files
diff --git a/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/_libs/LocalPolicy.dll b/Windows/Tools/SoftCertPolicyAppender/LocalPolicy.dll
similarity index 100%
rename from Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/_libs/LocalPolicy.dll
rename to Windows/Tools/SoftCertPolicyAppender/LocalPolicy.dll
diff --git a/Windows/Tools/SoftCertPolicyAppender/README.md b/Windows/Tools/SoftCertPolicyAppender/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..0ccdc1a3fa7fcbfc92f22e469a5a6dd7f7c61463
--- /dev/null
+++ b/Windows/Tools/SoftCertPolicyAppender/README.md
@@ -0,0 +1,16 @@
+## 使用方法
+SoftCertPolicyAppender.exe <å‚æ•°> <è¯ä¹¦è·¯å¾„>
+SoftCertPolicyAppender.exe <å‚æ•°> <è¯ä¹¦è·¯å¾„> <è¯ä¹¦è·¯å¾„2> ...
+
+## å‚数说明
+* --set-force å¯ç”¨å¼ºåˆ¶ç–ç•¥
+* --unset-force å–消强制ç–ç•¥
+* -r 移除è¯ä¹¦è§„则
+* -h 显示帮助信æ¯
+
+## 备注
+- 需è¦ç®¡ç†å‘˜æƒé™
+- 需è¦[.NET Framework 4.0](http://www.microsoft.com/en-us/download/details.aspx?id=17718)
+
+## 引用组件
+[Local-Policy](https://bitbucket.org/MartinEden/local-policy/overview)
diff --git a/Windows/Tools/SoftCertPolicyAppender/SoftCertPolicyAppender.exe b/Windows/Tools/SoftCertPolicyAppender/SoftCertPolicyAppender.exe
new file mode 100644
index 0000000000000000000000000000000000000000..6d128dbaf42b7c6ea109687874feefe4cabe8ff6
Binary files /dev/null and b/Windows/Tools/SoftCertPolicyAppender/SoftCertPolicyAppender.exe differ
diff --git a/Windows/Tools/SoftCertPolicyAppender/Source/.gitignore b/Windows/Tools/SoftCertPolicyAppender/Source/.gitignore
new file mode 100644
index 0000000000000000000000000000000000000000..60b0755a9eba0f05025fc7805256595a947d313c
--- /dev/null
+++ b/Windows/Tools/SoftCertPolicyAppender/Source/.gitignore
@@ -0,0 +1,182 @@
+## Ignore Visual Studio temporary files, build results, and
+## files generated by popular Visual Studio add-ons.
+
+# User-specific files
+*.suo
+*.user
+*.sln.docstates
+
+# Build results
+[Dd]ebug/
+[Dd]ebugPublic/
+[Rr]elease/
+x64/
+build/
+bld/
+[Bb]in/
+[Oo]bj/
+
+# Enable "build/" folder in the NuGet Packages folder since NuGet packages use it for MSBuild targets
+!packages/*/build/
+
+# MSTest test Results
+[Tt]est[Rr]esult*/
+[Bb]uild[Ll]og.*
+
+#NUNIT
+*.VisualState.xml
+TestResult.xml
+
+*_i.c
+*_p.c
+*_i.h
+*.ilk
+*.meta
+*.obj
+*.pch
+#*.pdb
+*.pgc
+*.pgd
+*.rsp
+*.sbr
+*.tlb
+*.tli
+*.tlh
+*.tmp
+*.tmp_proj
+*.log
+*.vspscc
+*.vssscc
+.builds
+*.pidb
+*.svclog
+*.scc
+
+# Chutzpah Test files
+_Chutzpah*
+
+# Visual C++ cache files
+ipch/
+*.aps
+*.ncb
+*.opensdf
+*.sdf
+*.cachefile
+
+# Visual Studio profiler
+*.psess
+*.vsp
+*.vspx
+
+# TFS 2012 Local Workspace
+$tf/
+
+# Guidance Automation Toolkit
+*.gpState
+
+# ReSharper is a .NET coding add-in
+_ReSharper*/
+*.[Rr]e[Ss]harper
+*.DotSettings.user
+
+# JustCode is a .NET coding addin-in
+.JustCode
+
+# TeamCity is a build add-in
+_TeamCity*
+
+# DotCover is a Code Coverage Tool
+*.dotCover
+
+# NCrunch
+*.ncrunch*
+_NCrunch_*
+.*crunch*.local.xml
+
+# MightyMoose
+*.mm.*
+AutoTest.Net/
+
+# Installshield output folder
+[Ee]xpress/
+
+# DocProject is a documentation generator add-in
+DocProject/buildhelp/
+DocProject/Help/*.HxT
+DocProject/Help/*.HxC
+DocProject/Help/*.hhc
+DocProject/Help/*.hhk
+DocProject/Help/*.hhp
+DocProject/Help/Html2
+DocProject/Help/html
+
+# Click-Once directory
+publish/
+
+# Publish Web Output
+*.[Pp]ublish.xml
+*.azurePubxml
+
+# NuGet Packages Directory
+## TODO: If you have NuGet Package Restore enabled, uncomment the next line
+#packages/
+## TODO: If the tool you use requires repositories.config, also uncomment the next line
+#!packages/repositories.config
+
+# Windows Azure Build Output
+csx/
+*.build.csdef
+
+# Windows Store app package directory
+AppPackages/
+
+# Others
+sql/
+*.Cache
+ClientBin/
+[Ss]tyle[Cc]op.*
+~$*
+*~
+*.dbmdl
+*.dbproj.schemaview
+*.pfx
+*.publishsettings
+
+# RIA/Silverlight projects
+Generated_Code/
+
+# Backup & report files from converting an old project file to a newer
+# Visual Studio version. Backup files are not needed, because we have git ;-)
+_UpgradeReport_Files/
+Backup*/
+UpgradeLog*.XML
+UpgradeLog*.htm
+
+# SQL Server files
+App_Data/*.mdf
+App_Data/*.ldf
+
+# Business Intelligence projects
+*.rdl.data
+*.bim.layout
+*.bim_*.settings
+
+# Microsoft Fakes
+FakesAssemblies/
+
+# =========================
+# Windows detritus
+# =========================
+
+# Windows image file caches
+Thumbs.db
+ehthumbs.db
+
+# Folder config file
+Desktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+#diff backup
+*.orig
diff --git a/Windows/Tools/SoftCertPolicyAppender/Source/README.md b/Windows/Tools/SoftCertPolicyAppender/Source/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..963b928bafcd84774317351eabc44d55e22f5aea
--- /dev/null
+++ b/Windows/Tools/SoftCertPolicyAppender/Source/README.md
@@ -0,0 +1,20 @@
+## 使用方法 ##
+SoftCertPolicyAppender.exe <å‚æ•°> <è¯ä¹¦è·¯å¾„>
+
+SoftCertPolicyAppender.exe <å‚æ•°> <è¯ä¹¦è·¯å¾„> <è¯ä¹¦è·¯å¾„2> ...
+
+**å‚数说明**
+
+- --set-force å¯ç”¨å¼ºåˆ¶ç–ç•¥
+- --unset-force å–消强制ç–ç•¥
+- -r 移除è¯ä¹¦è§„则
+- -h 显示帮助信æ¯
+
+
+## 备注 ##
+- 需è¦ç®¡ç†å‘˜æƒé™
+- 需è¦[.net framework 4.0](http://www.microsoft.com/en-us/download/details.aspx?id=17718)
+
+
+## 引用组件 ##
+[local-policy](https://bitbucket.org/MartinEden/local-policy/overview)
diff --git a/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender.sln b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender.sln
similarity index 100%
rename from Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender.sln
rename to Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender.sln
diff --git a/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/CertPolicyAppender.cs b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/CertPolicyAppender.cs
new file mode 100644
index 0000000000000000000000000000000000000000..33cf2424997a6fc349e452d92d01023367cabbdd
--- /dev/null
+++ b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/CertPolicyAppender.cs
@@ -0,0 +1,208 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Cryptography.X509Certificates;
+using LocalPolicy;
+using Microsoft.Win32;
+
+namespace SoftCertPolicyAppender
+{
+ public class SoftwareRestrictionPolicyController
+ {
+
+ /// <remarks>引用组件æ¥è‡ª:https://bitbucket.org/MartinEden/local-policy/overview </remarks>
+ private static void DeletePolicyKey(string path)
+ {
+ var gpo = new ComputerGroupPolicyObject();
+ using (var machine = gpo.GetRootRegistryKey(GroupPolicySection.Machine))
+ {
+ machine.DeleteSubKey(path, false);
+ }
+ gpo.Save();
+ }
+
+ /// <remarks>引用组件æ¥è‡ª:https://bitbucket.org/MartinEden/local-policy/overview </remarks>
+ private static void SetPolicyKey(string path, string name, object value, RegistryValueKind kind)
+ {
+ var gpo = new ComputerGroupPolicyObject();
+ using (var machine = gpo.GetRootRegistryKey(GroupPolicySection.Machine))
+ {
+ using (var cerKey = machine.CreateSubKey(path))
+ {
+ if (cerKey != null) cerKey.SetValue(name, value, kind);
+ }
+ }
+ gpo.Save();
+ }
+
+ private static void SetPolicyRegistryKey(string path, string name, object value, RegistryValueKind kind)
+ {
+ const string keyPath = @"Software\Microsoft\Windows\CurrentVersion\Group Policy Objects";
+ using (var rk = RegistryKey.OpenBaseKey(RegistryHive.CurrentUser, RegistryView.Default))
+ {
+ List<string> certKeys;
+ using (var srk = rk.OpenSubKey(keyPath))
+ {
+ if (srk == null)
+ {
+ throw new ApplicationException("æ— æ³•æ‰“å¼€æ³¨å†Œè¡¨é¡¹:" + keyPath);
+ }
+ certKeys = srk.GetSubKeyNames().Where(x => x.EndsWith("Machine")).Select(x => string.Format("{0}\\{1}\\{2}", keyPath, x, path))
+ //.Where(x => rk.OpenSubKey(x) == null)
+ .ToList();
+ }
+
+ foreach (var key in certKeys)
+ {
+ using (var skey = rk.CreateSubKey(key))
+ {
+ if (skey != null) skey.SetValue(name, value, kind);
+ }
+ }
+ }
+
+ }
+
+ private static void DeletePolicyRegistryKey(string path)
+ {
+ const string keyPath = @"Software\Microsoft\Windows\CurrentVersion\Group Policy Objects";
+ using (var rk = RegistryKey.OpenBaseKey(RegistryHive.CurrentUser, RegistryView.Default))
+ {
+ List<string> certKeys;
+ using (var srk = rk.OpenSubKey(keyPath))
+ {
+ if (srk == null)
+ {
+ throw new ApplicationException("æ— æ³•æ‰“å¼€æ³¨å†Œè¡¨é¡¹:" + keyPath);
+ }
+ certKeys = srk.GetSubKeyNames().Where(x => x.EndsWith("Machine")).Select(x => string.Format("{0}\\{1}\\{2}", keyPath, x, path))
+ //.Where(x => rk.OpenSubKey(x) == null)
+ .ToList();
+ }
+
+ foreach (var key in certKeys)
+ {
+ rk.DeleteSubKey(key, false);
+ }
+ }
+
+ }
+
+
+ /// <summary>
+ /// æž„é€ å†™å†™å…¥æ³¨å†Œè¡¨çš„è¯ä¹¦æ•°æ®
+ /// </summary>
+ /// <returns></returns>
+ private static byte[] CalcRegCertData(X509Certificate2 cert)
+ {
+ var thumbprintData = cert.Thumbprint.HexString2Bytes().ToArray();
+
+ var rtn = new List<byte>();
+
+ //æ·»åŠ æ•°æ®å¤´,æ ¼å¼æ˜¯æ ¹æ®æ³¨å†Œè¡¨çš„æ•°æ®æŽ¨ç®—çš„,未注释部分为未知
+ rtn.AddRange(BitConverter.GetBytes(3)); //å¯èƒ½ä¸ºç‰ˆæœ¬å·
+ rtn.AddRange(BitConverter.GetBytes(1)); //å¯èƒ½ä¸ºæ¬¡ç‰ˆæœ¬å·
+ rtn.AddRange(BitConverter.GetBytes(thumbprintData.Length)); //è¯ä¹¦å®…指纹长度
+ rtn.AddRange(thumbprintData); //è¯ä¹¦æŒ‡çº¹æ•°æ®
+ rtn.AddRange(BitConverter.GetBytes(0x0d));
+ rtn.AddRange(BitConverter.GetBytes(1));
+ rtn.AddRange(BitConverter.GetBytes((short)2));
+ rtn.AddRange(BitConverter.GetBytes(0));
+ rtn.AddRange(BitConverter.GetBytes(0x1b));
+ rtn.AddRange(BitConverter.GetBytes(1));
+ rtn.AddRange(BitConverter.GetBytes(8));
+ rtn.AddRange(BitConverter.GetBytes(DateTime.Now.ToFileTime())); //时间戳
+ rtn.AddRange(BitConverter.GetBytes(0x20));
+ rtn.AddRange(BitConverter.GetBytes(1));
+ rtn.AddRange(BitConverter.GetBytes(cert.RawData.Length)); //è¯ä¹¦é•¿åº¦
+ //æ·»åŠ è¯ä¹¦æ•°æ®
+ rtn.AddRange(cert.RawData);
+
+ return rtn.ToArray();
+ }
+
+
+ /// <summary>
+ /// æ·»åŠ è¯ä¹¦è§„则
+ /// </summary>
+ /// <param name="cert"></param>
+ public static void AddCertRule(X509Certificate2 cert)
+ {
+ var keyPath = string.Format("Software\\Policies\\Microsoft\\SystemCertificates\\Disallowed\\Certificates\\{0}", cert.Thumbprint);
+ const string keyName = "Blob";
+ const RegistryValueKind kind = RegistryValueKind.Binary;
+ var value = CalcRegCertData(cert);
+ SetPolicyKey(keyPath, keyName,value,kind);
+ SetPolicyRegistryKey(keyPath,keyName,value,kind);
+ }
+
+
+ /// <summary>
+ /// 移除è¯ä¹¦è§„则
+ /// </summary>
+ /// <param name="cert"></param>
+ public static void RemoveCertRule(X509Certificate2 cert)
+ {
+ var keyPath = string.Format("Software\\Policies\\Microsoft\\SystemCertificates\\Disallowed\\Certificates\\{0}", cert.Thumbprint);
+ DeletePolicyKey(keyPath);
+ DeletePolicyRegistryKey(keyPath);
+ }
+
+
+ /// <summary>
+ /// 设置是å¦å¯ç”¨å¼ºåˆ¶ç–ç•¥
+ /// </summary>
+ /// <param name="enable"></param>
+ public static void SetForcePolicyState(bool enable)
+ {
+ const string keyPath = "Software\\Policies\\Microsoft\\Windows\\Safer\\CodeIdentifiers";
+ const string keyName = "AuthenticodeEnabled";
+ const RegistryValueKind kind = RegistryValueKind.DWord;
+ var value = enable ? 1 : 0;
+ SetPolicyKey(keyPath, keyName, value, kind);
+ SetPolicyRegistryKey(keyPath, keyName, value, kind);
+ }
+
+ }
+
+
+ /// <summary>
+ /// 工具类
+ /// </summary>
+ public static class Helper
+ {
+
+ /// <summary>
+ /// 解æž16进制å—符串为byte数组
+ /// </summary>
+ /// <param name="hexstring"></param>
+ /// <returns></returns>
+ public static IEnumerable<byte> HexString2Bytes(this string hexstring)
+ {
+ for (int i = 0; i < hexstring.Length; i += 2)
+ {
+ var hex = hexstring.Substring(i, 2);
+ yield return Convert.ToByte(hex, 16);
+ }
+ }
+
+ /// <summary>
+ /// 转æ¢ä¸º16进制å—符串
+ /// </summary>
+ /// <param name="bs"></param>
+ /// <param name="isLowcase"></param>
+ /// <param name="split"></param>
+ /// <returns></returns>
+ public static string ToHexString(this IEnumerable<byte> bs, bool isLowcase = false, string split = "")
+ {
+ var rtn = "";
+ foreach (var item in bs)
+ {
+ var fmtstr = isLowcase ? "x2" : "X2";
+ rtn += item.ToString(fmtstr) + split;
+ }
+ return rtn.TrimEnd(split.ToCharArray());
+ }
+ }
+
+}
\ No newline at end of file
diff --git a/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/Program.cs b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/Program.cs
new file mode 100644
index 0000000000000000000000000000000000000000..436a7649b7394f88944157e8ffab071b2c00252c
--- /dev/null
+++ b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/Program.cs
@@ -0,0 +1,85 @@
+using System;
+using System.Linq;
+using System.Security.Cryptography.X509Certificates;
+
+namespace SoftCertPolicyAppender
+{
+ class Program
+ {
+ [STAThread]
+ static void Main(string[] args)
+ {
+ var flag = 0;
+ var cers = args.Where(x => x.EndsWith(".cer") || x.EndsWith(".crt") || x.EndsWith(".pem")).ToArray();
+
+ if (args.Contains("-h") || args.Contains("--help")||args.Length==0)
+ {
+ const string usage = @"Usage: SoftwareRestrictionPolicyController.exe [Option]... [CertFile]...
+Config software restriction policy by cli.
+
+Options:
+ --set-force set force certificate policy.
+ --unset-force unset force certificate policy.
+ -r remove certificate rule by CERTFILEs not add.
+
+CertFiles:
+ Certificate file path that will add certificate rule.
+";
+ Console.Write(usage);
+ return;
+ }
+
+ if (args.Contains("-r"))
+ {
+ flag = 1;
+ }
+
+ if (args.Contains("--set-force"))
+ {
+ SoftwareRestrictionPolicyController.SetForcePolicyState(true);
+ Console.WriteLine("Apply force certificate policy");
+ }
+
+ if (args.Contains("--unset-force"))
+ {
+ SoftwareRestrictionPolicyController.SetForcePolicyState(false);
+ Console.WriteLine("Cancel force certificate policy");
+ }
+
+ for (var i = 0; i < cers.Length; i++)
+ {
+ try
+ {
+ var cert = new X509Certificate2(cers[i]);
+
+ Console.ForegroundColor = ConsoleColor.DarkGreen;
+ Console.Write("{0}.", i + 1);
+ Console.ResetColor();
+
+ switch (flag)
+ {
+ case 0:
+ SoftwareRestrictionPolicyController.AddCertRule(cert);
+ Console.Write("Add cert policy for ");
+ break;
+ case 1:
+ SoftwareRestrictionPolicyController.RemoveCertRule(cert);
+ Console.Write("Remove cert policy for ");
+ break;
+ }
+
+ Console.ForegroundColor = ConsoleColor.Yellow;
+ Console.WriteLine("{0}({1})", cert.Subject, cert.Thumbprint);
+ Console.ResetColor();
+ }
+ catch (Exception e)
+ {
+ Console.ForegroundColor = ConsoleColor.Red;
+ Console.WriteLine(e);
+ Console.ResetColor();
+ }
+ }
+ Console.WriteLine("Done");
+ }
+ }
+}
diff --git a/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/Properties/AssemblyInfo.cs b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/Properties/AssemblyInfo.cs
similarity index 95%
rename from Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/Properties/AssemblyInfo.cs
rename to Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/Properties/AssemblyInfo.cs
index f0b951654606b531b51d56bbc2070b8e6138e80f..0da5aa03a6386a1afa6d686b8ec244636cf966f7 100644
--- a/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/Properties/AssemblyInfo.cs
+++ b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/Properties/AssemblyInfo.cs
@@ -10,7 +10,7 @@ using System.Runtime.InteropServices;
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("")]
[assembly: AssemblyProduct("AutoAddSoftCertPolicy")]
-[assembly: AssemblyCopyright("Copyright © 2014")]
+[assembly: AssemblyCopyright("Copyright © 2014 lhyqy5")]
[assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")]
diff --git a/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender.csproj b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/SoftCertPolicyAppender.csproj
similarity index 96%
rename from Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender.csproj
rename to Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/SoftCertPolicyAppender.csproj
index 3f475b333b5711092adfc3932065e1c412fcda89..bbfbeea08a53311578b0264d9d3f97adbbecd937 100644
--- a/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender.csproj
+++ b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/SoftCertPolicyAppender.csproj
@@ -11,6 +11,7 @@
<AssemblyName>SoftCertPolicyAppender</AssemblyName>
<TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
<FileAlignment>512</FileAlignment>
+ <TargetFrameworkProfile>Client</TargetFrameworkProfile>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget>
@@ -52,6 +53,7 @@
<Compile Include="Properties\AssemblyInfo.cs" />
</ItemGroup>
<ItemGroup>
+ <None Include="app.config" />
<None Include="app.manifest" />
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
diff --git a/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/app.config b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/app.config
new file mode 100644
index 0000000000000000000000000000000000000000..e2a5a1876245c765a0223d76c68ded6e5f0bd3ba
--- /dev/null
+++ b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/app.config
@@ -0,0 +1,3 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0,Profile=Client"/></startup></configuration>
diff --git a/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/app.manifest b/Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/app.manifest
similarity index 100%
rename from Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/SoftCertPolicyAppender/app.manifest
rename to Windows/Tools/SoftCertPolicyAppender/Source/SoftCertPolicyAppender/app.manifest
diff --git a/Windows/SoftCertPolicyAppender/prebuilt/LocalPolicy.dll b/Windows/Tools/SoftCertPolicyAppender/Source/_libs/LocalPolicy.dll
similarity index 100%
rename from Windows/SoftCertPolicyAppender/prebuilt/LocalPolicy.dll
rename to Windows/Tools/SoftCertPolicyAppender/Source/_libs/LocalPolicy.dll
diff --git a/Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/_libs/LocalPolicy.pdb b/Windows/Tools/SoftCertPolicyAppender/Source/_libs/LocalPolicy.pdb
similarity index 100%
rename from Windows/SoftCertPolicyAppender/SoftCertPolicyAppender/_libs/LocalPolicy.pdb
rename to Windows/Tools/SoftCertPolicyAppender/Source/_libs/LocalPolicy.pdb