You are currently viewing a snapshot of www.mozilla.org taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to www.mozilla.org, please file a bug.

Skip to main content

NSS 3.11 Release Notes

12 January 2006

Newsgroup: mozilla.dev.tech.crypto

Contents

Introduction

Network Security Services (NSS) 3.11 is a minor release with the following new features:
  • Performance improvement and addition of the SSL PKCS#11 bypass.
  • Support for Elliptic Curve Cryptography (ECC).
NSS 3.11 is tri-licensed under the MPL 1.1/GPL 2.0/LGPL 2.1.

Distribution Information

The CVS tag for the NSS 3.11 release is NSS_3_11_RTM.  It has been certified with NSPR 4.6.1.

NSS 3.11 source and binary distributions are also available on ftp.mozilla.org for anonymous ftp download:

You also need to download the NSPR 4.6.1 binary distributions to get the NSPR 4.6.1 header files and shared libraries, which NSS 3.11 requires. NSPR 4.6.1 binary distributions are in ftp://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v4.6.1/.

Documentation

For a list of the primary NSS documentation pages on mozilla.org, see NSS Documentation.

New in NSS 3.11

The sections that follow discuss specific changes in NSS 3.11 in more detail.

  • The SSL PKCS#11 bypass was implemented, and can be turned on programmatically by applications to provide up to a 300% performance improvement for servers . This setting should not be used by customers with FIPS140-x requirements or hardware modules.

  • There is a freebl shared library on all platforms. While it is a private interface, applications that bundle NSS must also bundle this shared library as it is required for proper operation of NSS.

  • Functions added to the nss 3.11 shared library:
      • CERT_CompareValidityTimes (see certdb.h)
      PK11_CopyTokenPrivKeyToSessionPrivKey (see pk11pub.h)
      PK11_FreeSlotListElement (see pk11pub.h)
      PK11_GenerateRandomOnSlot (see pk11pub.h)
      PK11_GetSymKeyUserData (see pk11pub.h)
      PK11_MapSignKeyType (see pk11pub.h)
      PK11_SetSymKeyUserData (see pk11pub.h)
      SECMOD_CloseUserDB (see pk11pub.h)
      SECMOD_HasRootCerts (see pk11pub.h)
      SECMOD_OpenUserDB (see pk11pub.h)

  • Fortezza is no longer supported. The following include files are no longer provided: swfort.h and swfortt.h.

  • Support for ECC is added.

  • blapit.h defines new input block size for hash algorithm:
      • MD2_BLOCK_LENGTH
      MD5_BLOCK_LENGTH
      SHA1_BLOCK_LENGTH
      HASH_BLOCK_LENGTH_MAX

  • The following initialization flags are added (see nss.h for more details):
      • NSS_INIT_PK11THREADSAFE
      NSS_INIT_PK11RELOAD
      NSS_INIT_NOPK11FINALIZE
      NSS_INIT_RESERVED
      NSS_INIT_COOPERATE

  • The nssckbi PKCS #11 module's version changed to 1.60.

  • pkcs11n.h defines the new following macros:
      • Netscape-defined object classes
        CKO_NETSCAPE_NEWSLOT
        CKO_NETSCAPE_DELSLOT
      Netscape-defined object attributes
        CKA_NETSCAPE_MODULE_SPEC
      softoken slot ID's
        SFTK_MIN_USER_SLOT_ID
        SFTK_MAX_USER_SLOT_ID
        SFTK_MIN_FIPS_USER_SLOT_ID
        SFTK_MAX_FIPS_USER_SLOT_ID

  • New for PKCS #11 (see pkcs11t.h for details):
      • CKO: Objects
        CKO_MECHANISM
      CKH: Hardware features
        CKH_USER_INTERFACE
      CKK: Keys
        CKK_BLOWFISH
        CKK_TWOFISH
      CKC: Certificates
        CKC_WTLS
      CKF: Flags
        CKF_ARRAY_ATTRIBUTE
        CKF_EC_F_P
      CKA: Attributes
        CKA_CERTIFICATE_CATEGORY
        CKA_JAVA_MIDP_SECURITY_DOMAIN
        CKA_URL
        CKA_HASH_OF_SUBJECT_PUBLIC_KEY
        CKA_HASH_OF_ISSUER_PUBLIC_KEY
        CKA_CHECK_VALUE
        CKA_SUBPRIME_BITS
        CKA_ALWAYS_AUTHENTICATE
        CKA_WRAP_WITH_TRUSTED
        CKA_WRAP_TEMPLATE
        CKA_UNWRAP_TEMPLATE
        CKA_PIXEL_X
        CKA_PIXEL_Y
        CKA_RESOLUTION
        CKA_CHAR_ROWS
        CKA_CHAR_COLUMNS
        CKA_COLOR
        CKA_BITS_PER_PIXEL
        CKA_CHAR_SETS
        CKA_ENCODING_METHODS
        CKA_MIME_TYPES
        CKA_MECHANISM_TYPE
        CKA_REQUIRED_CMS_ATTRIBUTES
        CKA_DEFAULT_CMS_ATTRIBUTES
        CKA_SUPPORTED_CMS_ATTRIBUTES
        CKA_ALLOWED_MECHANISMS
      CKM: Mechanisms
        CKM_RSA_PKCS_PSS
        CKM_SHA1_RSA_PKCS_PSS
        CKM_SHA256_RSA_PKCS_PSS
        CKM_SHA384_RSA_PKCS_PSS
        CKM_SHA512_RSA_PKCS_PSS
        CKM_DES_OFB64
        CKM_DES_OFB8
        CKM_DES_CFB64
        CKM_DES_CFB8
        CKM_WTLS_PRE_MASTER_KEY_GEN
        CKM_WTLS_MASTER_KEY_DERIVE
        CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC
        CKM_WTLS_PRF
        CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE
        CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE
        CKM_CMS_SIG
        CKM_BLOWFISH_KEY_GEN
        CKM_BLOWFISH_CBC
        CKM_TWOFISH_KEY_GEN
        CKM_TWOFISH_CBC
        CKM_DES_ECB_ENCRYPT_DATA
        CKM_DES_CBC_ENCRYPT_DATA
        CKM_DES3_ECB_ENCRYPT_DATA
        CKM_DES3_CBC_ENCRYPT_DATA
        CKM_AES_ECB_ENCRYPT_DATA
        CKM_AES_CBC_ENCRYPT_DATA
        CKM_X9_42_DH_PARAMETER_GEN
      CKR: Return values
        CKR_FUNCTION_REJECTED
      CKG: MFGs
        CKG_MGF1_SHA256
        CKG_MGF1_SHA384
        CKG_MGF1_SHA512
      CKD: Key derivation functions
        CKD_SHA1_KDF_ASN1
        CKD_SHA1_KDF_CONCATENATE
      CKU: Users
        CKU_CONTEXT_SPECIFIC

  • Deprecated for PKCS #11  (see pkcs11t.h for details):
      • CKO: Objects
        CKO_KG_PARAMETERS (deprecated in v2.20)
      CKK: Keys
        CKK_ECDSA (deprecated in v2.11)
        CKK_CAST5 (deprecated in v2.11)
      CKA: Attributes
        CKA_ECDSA_PARAMS (deprecated v2.11)
        CKA_SECONDARY_AUTH (deprecated v2.11)
        CKA_AUTH_PIN_FLAGS (deprecated v2.11)
        CKA_SECONDARY_AUTH (deprecated v2.11)
        CKA_AUTH_PIN_FLAGS (deprecated v2.11)
      CKM: Mechanisms
        CKM_ECDSA_KEY_PAIR_GEN (deprecated in v2.11)
      CKR: Return values
        CKR_KEY_PARAMS_INVALID (deprecated in v2.20)

  • Changed for PKCS #11  (see pkcs11t.h for details):
      • CKF: Flags
        CKF_EC_FP changed into CKF_EC_F_P
      CKM: Mechanisms
        CKM_DH_X9_42_PARAMETER_GEN changed into CKM_X9_42_DH_PARAMETER_GEN

  • The following PK11_ATTR_XXX bitflags are used to specify PKCS #11 object attributes that have Boolean values (see secmodt.h for details):
      • PK11_ATTR_TOKEN
      PK11_ATTR_SESSION
      PK11_ATTR_PRIVATE
      PK11_ATTR_PUBLIC
      PK11_ATTR_MODIFIABLE
      PK11_ATTR_UNMODIFIABLE
      PK11_ATTR_SENSITIVE
      PK11_ATTR_INSENSITIVE
      PK11_ATTR_EXTRACTABLE
      PK11_ATTR_UNEXTRACTABLE

  • Special strings the password callback function can return only if the slot is an protected auth path slot (see secmodt.h for details):
      • PK11_PW_RETRY
      PK11_PW_AUTHENTICATED
      PK11_PW_TRY

  • New SSL options (see ssl.h for details):
      • SSL_BYPASS_PKCS11
      SSL_NO_LOCKS

Bugs Fixed

  • Bug 300068: gcc4 warning about uninitialized variable
  • Bug 286685: Rename all softoken private functions and types from PK11 to SFTK
  • Bug 278276: Slot List Elements cannot be freed by applications.
  • Bug 287418: Softoken has unnecessary memory allocations when doing DSA.
  • Bug 294556: unexported api calls in pk11pub.h
  • Bug 298627: Need to give apps access to Random number generators on tokens.
  • Bug 303010: Certificate upgrade can drop S/MIME certificates.
  • Bug 266123: nss-3.9.2 produces segmention faults when trying to compile on ppc64
  • Bug 298340: When using a secure smartcard device the key verification after generation requires annoying multiple PIN entries
  • Bug 298906: crash when accepting new certificate permanently on taschenonkel.de
  • Bug 298953: sslBuffer_Grow leaks memory if PORT_Realloc fails
  • Bug 298962: Remove nssBestCertificate related dead code
  • Bug 302262: dsa.c should use the macros defined in secmpi.h
  • Bug 302286: NSS misinterprets the CKA_PRIME_BITS attribute for DSA's p parameter
  • Bug 302663: SECKEY_CopySubjectPublicKeyInfo uses bit count as byte count
  • Bug 303116: Two off-by-one errors in lib/freebl/ecl
  • Bug 303130: Memory leak of mp_int in ECPoints_mul
  • Bug 307848: Build error: coreconf/config.mk: No such file or directory
  • Bug 310336: Building NSS on Windows 2003 Server fails
  • Bug 310518: SEC_ERROR_INVALID_PASSWORD is defined but not used
  • Bug 311074: NSS build fails when building from readonly sources
  • Bug 312202: HP-UX IPF (IA64
  • Bug 53229: certutil should not use gets()
  • Bug 259135: power-up self-tests needed for SHA-256
  • Bug 305984: Update the isFIPS information SSLCipherSuiteInfo table
  • Bug 310260: JSS CipherSuite SSLServer talking to JSSE SSLClient test broken
  • Bug 166727: certutil is calling CERT_GetDBContentVersion
  • Bug 292809: NSS treatment of CKR_CRYPTOKI_ALREADY_INITIALIZED may be incorrect
  • Bug 315135: pk12util: problem using -w option(segmentation fault)
  • Bug 274132: allow disabling 3DES wrapping of keys in SSL session cache
  • Bug 274518: SSL close layer function is too CPU intensive
  • Bug 286643: Eliminate unnecessary memory zeroing for performance
  • Bug 292049: NSS passes invalid handles to C_UnwrapKey
  • Bug 303316: Make TLS algorithms callable via freebl API (blapi)
  • Bug 303334: freebl symmetric ciphers need to be able to use preallocated contexts
  • Bug 305147: Enhance SSL performance
  • Bug 311440: selfserv with ECC enabled crashes in free()
  • Bug 311590: Uninitialized variable 'slot' in ssl3_HandleServerHello in ssl3con.c
  • Bug 316640: binary compatibility regression - fortezza cipher suites
  • Bug 298630: freebl needs a memory cache invariant RSA implementation
  • Bug 303507: Enhance RSA performance using comba multiplication and squaring
  • Bug 303508: Add freebl shared libs that do only 64-bit integer math
  • Bug 257693: EC_ValidatePublicKey needs actual checks in security/nss/lib/freebl/ec.c
  • Bug 294106: Implement the recommended PRNG changes described in FIPS 186-2 Change Notice 1
  • Bug 297849: Cannot build NSS and NSPR 32 bits on a 64-bit Linux OS
  • Bug 298511: Increase FIPS 186-2 RNG internal state size
  • Bug 298512: Ensure the seed and seed key input for RNG do not have same value for FIPS 140-2
  • Bug 298513: Implement pairwise consistency test for key transport key generation FIPS 140-2
  • Bug 298514: Implement pairwise consistency for digitial signature key generation for FIPS 140-2
  • Bug 298516: Implement minimum length of PINs for FIPS 140-2 mode
  • Bug 298517: Implement minimum time intervals for login attempts failures for FIPS 140-2
  • Bug 302219: Enable NSS to use tokens that support X9.31 RSA key pair generation.
  • Bug 302998: We should check for zero DSA parameters x and k.
  • Bug 304360: ECC private key could be bigger than group order
  • Bug 311958: Update the nssckbi versions for NSS 3.11
  • Bug 313196: HMAC SHA-384 and HMAC SHA-512 should use 128-byte block size
  • Bug 217024: NSS should provide a function for comparing validity
  • Bug 232604: shlibsign tries to open DBs in $HOME/.netscape
  • Bug 292151: strsclnt should not start threads for each connection; and should allow specifying ratio of full handshakes
  • Bug 292156: selfserv should allow more than 1024 SSL server session cache entries
  • Bug 292390: NSS tools that use SECU_ParseCommandLine crash when option arguments are omitted - certutil
  • Bug 293686: signver has command-line options with optional arguments; and may crash if some arguments are omitted
  • Bug 297735: C_Initialize in softoken should return CKR_CANT_LOCK with application-provided locks
  • Bug 297802: linker flags for shared libraries are set improperly on unix
  • Bug 298955: rsaperf won't authenticate to hardware tokens
  • Bug 306785: memory leaks in PQG_ParamGenSeedLen
  • Bug 314115: SEC_QuickDERDecodeItem modifies SECItem.type field during decoding process
  • Bug 315021: ret_cr16.s is in the wrong directory
  • Bug 316219: freebl won't build on OS/2
  • Bug 316250: crmftest doesn't build on OS/2
  • Bug 290263: CERT_CreateCertificateRequest creates an invalid array of attributes
  • Bug 200708: Some locks are not contended for
  • Bug 274538: token private key is unwrapped with DES every time it's used in SSL server full handshakes
  • Bug 285932: Need faster SHA1 implementation
  • Bug 289530: sftk_CopyObject doesn't copy token objects
  • Bug 293847: Remove dead NSS_CLASSIC code from pk11wrap
  • Bug 303338: New assembler multiply code needed for Sparc v8 ISA
  • Bug 272484: Certificate manager crashes [[@ _PR_MD_ATOMIC_DECREMENT - PK11_FreeSymKey]
  • Bug 292239: Merge PKCS #11 v2.20 header files
  • Bug 302416: NSS root cert module & fortezza should not be using NSPR static libraries
  • Bug 66490: New NSS library contains stubs for NSPR functions
  • Bug 240554: Add ECDSA support in S/MIME
  • Bug 287057: Memory leak in CERT_FindCRLDistributionPoints
  • Bug 292427: getting NSS_Get_CERT_SignedCrlTemplate error
  • Bug 297734: root cert module does not support OS locking mode
  • Bug 302058: make pretty print utility print hex data in case when data type was not recognized
  • Bug 316446: warning during freebl build on Solaris
  • Bug 315994: pwdecrypt crashes and leaks memory
  • Bug 127994: duplicate symbol warnings during linking of the root cert module
  • Bug 288728: NSSCMSRecipientID_BrandNew not handled in nss_cms_recipients_traverse
  • Bug 294720: cvs remove three dead makefiles
  • Bug 271317: libswft.so linking problems ; needs DEF file
  • Bug 303872: RNG_SystemInfoForRNG() is missing from blapi and loader

Compatibility

NSS 3.11 shared libraries are backward compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with NSS 3.11 shared libraries without recompiling or relinking.  Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries.

Feedback

Bugs discovered should be reported by filing a bug report with bugzilla (product NSS).

You can also give feedback directly to the developers on the IRC channel #mozcrypto on the server irc.mozilla.org.