NSS 3.12.3 Release Notes

2009-04-01

Newsgroup: mozilla.dev.tech.crypto

Contents

• Introduction
• Distribution Information
• New in NSS 3.12.3
• Bugs Fixed
• Documentation
• Compatibility
• Feedback

Introduction

Network Security Services (NSS) 3.12.3 is a patch release for NSS 3.12. The bug fixes in NSS 3.12.3 are described in the "Bugs Fixed" section below.

NSS 3.12.3 is tri-licensed under the MPL 1.1/GPL 2.0/LGPL 2.1.

Distribution Information

The CVS tag for the NSS 3.12.3 release is NSS_3_12_3_RTM.  NSS 3.12.3 requires NSPR 4.7.4.

See the Documentation section for the build instructions.

NSS 3.12.3 source and binary distributions are also available on ftp.mozilla.org for secure HTTPS download:

• Source tarballs: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_12_3_RTM/src/.
• Binary distributions: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_12_3_RTM/. Both debug and optimized builds are provided. Go to the subdirectory for your platform, DBG (debug) or OPT (optimized), to get the tar.gz or zip file. The tar.gz or zip file expands to an nss-3.12.3 directory containing three subdirectories:
  • include - NSS header files
  • lib - NSS shared libraries
  • bin - NSS Tools and test programs

You also need to download the NSPR 4.7.4 binary distributions to get the NSPR 4.7.4 header files and shared libraries, which NSS 3.12.3 requires. NSPR 4.7.4 binary distributions are in https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v4.7.4/.

New in NSS 3.12.3

• Changes in behavior:
• In the development of NSS 3.12.3, it became necessary to change some old library behaviors due to the discovery of certain vulnerabilities in the old behaviors, and to correct some errors that had limited NSS's ability to interoperate with cryptographic hardware and software from other sources.
  
  Most of these changes should cause NO problems for NSS users, but in some cases, some customers' software, hardware and/or certificates may be dependent on the old behaviors, and may have difficulty with the new behaviors. In anticipation of that, the NSS team has provided ways to easily cause NSS to revert to its previous behavior through the use of environment variables.
  
  Here is a table of the new environment variables introduced in NSS 3.12.3 and information about how they affect these new behaviors. The information in this table is excerpted from
  /En/NSS_reference/NSS_environment_variables
  
  

  Environment Variable	Value Type	Description
  NSRANDCOUNT	Integer (byte count)	Sets the maximum number of bytes to read from the file named in the environment variable NSRANDFILE (see below). Makes NSRANDFILE usable with /dev/urandom.
  NSS_ALLOW_WEAK_SIGNATURE_ALG	Boolean (any non-empty value to enable)	Enables the use of MD2 and MD4 hash algorithms inside signatures. This was allowed by default before NSS 3.12.3.
  NSS_HASH_ALG_SUPPORT	String	Specifies algorithms allowed to be used in certain applications, such as in signatures on certificates and CRLs. See documentation at this link.
  NSS_STRICT_NOFORK	String ("1", "DISABLED", or any other non-empty value)	It is an error to try to use a PKCS#11 crypto module in a process before it has been initialized in that process, even if the module was initialized in the parent process. Beginning in NSS 3.12.3, Softoken will detect this error. This environment variable controls Softoken's response to that error. If set to "1" or unset, Softoken will trigger an assertion failure in debug builds, and will report an error in non-DEBUG builds. If set to "DISABLED", Softoken will ignore forks, and behave as it did in older versions. If set to any other non-empty value, Softoken will report an error in both DEBUG and non-DEBUG builds.
  NSS_USE_DECODED_CKA_EC_POINT	Boolean (any non-empty value to enable)	Tells NSS to send EC key points across the PKCS#11 interface in the non-standard unencoded format that was used by default before NSS 3.12.3. The new key point format is a DER encoded ASN.1 OCTET STRING.
  NSS_USE_SHEXP_IN_CERT_NAME	Boolean (any non-empty value to enable)	Tells NSS to allow shell-style wildcard patterns in certificates to match SSL server host names. This behavior was the default before NSS 3.12.3. The new behavior conforms to RFC 2818.

• New Korean SEED cipher:
  • New macros for SEED support:
    • in blapit.h:
      NSS_SEED
      NSS_SEED_CBC
      SEED_BLOCK_SIZE
      SEED_KEY_LENGTH
      in pkcs11t.h:
      CKK_SEED
      CKM_SEED_KEY_GEN
      CKM_SEED_ECB
      CKM_SEED_CBC
      CKM_SEED_MAC
      CKM_SEED_MAC_GENERAL
      CKM_SEED_CBC_PAD
      CKM_SEED_ECB_ENCRYPT_DATA
      CKM_SEED_CBC_ENCRYPT_DATA
      in secmod.h:
      PUBLIC_MECH_SEED_FLAG
      in secmodt.h:
      SECMOD_SEED_FLAG
      in secoidt.h:
      SEC_OID_SEED_CBC
      in sslproto.h:
      TLS_RSA_WITH_SEED_CBC_SHA
      in sslt.h:
      ssl_calg_seed
  • New structure for SEED support:
    • (see blapit.h)
      SEEDContextStr
      SEEDContext
• New functions in the nss shared library:
  • CERT_RFC1485_EscapeAndQuote (see cert.h)
    CERT_CompareCerts (see cert.h)
    CERT_RegisterAlternateOCSPAIAInfoCallBack (see ocsp.h)
    PK11_GetSymKeyHandle (see pk11pqg.h)
    UTIL_SetForkState (see secoid.h)
    NSS_GetAlgorithmPolicy (see secoid.h)
    NSS_SetAlgorithmPolicy (see secoid.h)
    • For the 2 functions above see also (in secoidt.h):
      NSS_USE_ALG_IN_CERT_SIGNATURE
      NSS_USE_ALG_IN_CMS_SIGNATURE
      NSS_USE_ALG_RESERVED
• Support for the Watcom C compiler is removed
  • The file watcomfx.h is removed.

Bugs Fixed

The following bugs have been fixed in NSS 3.12.3.

• Bug 159483: cert name matching: RFC 2818 vs. backwards compatibility (wildcards)
• Bug 334678: prng_fips1861.c redefines the macro BSIZE on HP-UX
• Bug 335016: mpp_pprime (Miller-Rabin probabilistic primality test) may choose 0 or 1 as the random integer
• Bug 347037: Make shlibsign depend on the softoken only
• Bug 371522: Auto-Update of CRLs stops after first update
• Bug 380784: PK11MODE in non FIPS mode failed.
• Bug 394077: libpkix need to return revocation status of a cert
• Bug 412468: modify certutil
• Bug 417092: Modify pkix_CertSelector API to return an error if cert was rejected.
• Bug 426413: Audit messages need distinct types
• Bug 438870: Free Freebl hashing code of dependencies on NSPR and libUtil
• Bug 439115: DB merge allows nickname conflicts in merged DB
• Bug 439199: SSE2 instructions for bignum are not implemented on Windows 32-bit
• Bug 441321: Tolerate incorrect encoding of DSA signatures in SSL 3.0 handshakes
• Bug 444404: libpkix reports unknown issuer for nearly all certificate errors
• Bug 452391: certutil -K incorrectly reports ec private key as an orphan
• Bug 453234: Support for SEED Cipher Suites to TLS RFC4010
• Bug 453364: Improve PK11_CipherOp error reporting (was: PK11_CreateContextBySymKey returns NULL
• Bug 456406: Slot list leaks in symkeyutil
• Bug 461085: RFE: export function CERT_CompareCerts
• Bug 462293: Crash on fork after Softoken is dlClose'd on some Unix platforms in NSS 3.12
• Bug 463342: move some headers to freebl/softoken
• Bug 463452: SQL DB creation does not set files protections to 0600
• Bug 463678: Need to add RPATH to 64-bit libraries on HP-UX
• Bug 464088: Option to build NSS without dbm (handy for WinCE)
• Bug 464223: Certutil didn't accept certificate request to sign.
• Bug 464406: Fix signtool regressions
• Bug 465270: uninitialised value in devutil.c::create_object()
• Bug 465273: dead assignment in devutil.c::nssSlotArray_Clone()
• Bug 465926: During import of PKCS #12 files
• Bug 466180: SSL_ConfigMPServerSIDCache with default parameters fails on {Net
• Bug 466194: CERT_DecodeTrustString should take a const char * input trusts string.
• Bug 466736: Incorrect use of NSS_USE_64 in lib/libpkix/pkix_pl_nss/system/pkix_pl_object.c
• Bug 466745: random number generator fails on windows ce
• Bug 467298: SQL DB code uses local cache on local file system
• Bug 468279: softoken crash importing email cert into newly upgraded DB
• Bug 468532: Trusted CA trust flags not being honored in CERT_VerifyCert
• Bug 469583: Coverity: uninitialized variable used in sec_pkcs5CreateAlgorithmID
• Bug 469944: when built with Microsoft compilers
• Bug 470351: crlutil build fails on Windows because it calls undeclared isatty
• Bug 471539: Stop honoring digital signatures in certificates and CRLs based on weak hashes
• Bug 471665: NSS reports incorrect sizes for (AES) symmetric keys
• Bug 471715: Add cert to nssckbi to override rogue md5-collision CA cert
• Bug 472291: crash in libpkix object leak tests due to null pointer dereferencing in pkix_build.c:3218.
• Bug 472319: Vfychain validates chain even if revoked certificate.
• Bug 472749: Softoken permits AES keys of ANY LENGTH to be created
• Bug 473147: pk11mode tests fails on AIX when using shareable DBs.
• Bug 473357: ssltap incorrectly parses handshake messages that span record boundaries
• Bug 473365: Incompatible argument in pkix_validate.c.
• Bug 473505: softoken's C_Initialize and C_Finalize should succeed after a fork in a child process
• Bug 473944: Trust anchor is not trusted when requireFreshInfo flag is set.
• Bug 474532: Softoken cannot import certs with empty subjects and non-empty nicknames
• Bug 474777: Wrong deallocation when modifying CRL.
• Bug 476126: CERT_AsciiToName fails when AVAs in an RDN are separated by '+'
• Bug 477186: Infinite loop in CERT_GetCertChainFromCert
• Bug 477777: Selfserv crashed in client/server tests.
• Bug 478171: Consolidate the coreconf/XXX.mk files for Windows
• Bug 478563: Add _MSC_VER (the cl version) to coreconf.
• Bug 478724: NSS build fails on Windows since 20090213.1 nightly build.
• Bug 478931: object leak in pkix_List_MergeLists function
• Bug 478994: Allow Softoken's fork check to be disabled
• Bug 479029: OCSP Response signature cert found invalid if issuer is trusted only for SSL
• Bug 479601: Wrong type (UTF8 String) for email addresses in subject by CERT_AsciiToName
• Bug 480142: Use sizeof on the correct type of ckc_x509 in lib/ckfw
• Bug 480257: OCSP fails when response > 1K Byte
• Bug 480280: The CKA_EC_POINT PKCS#11 attribute is encoded in the wrong way: missing encapsulating octet string
• Bug 480442: Remove (empty) watcomfx.h from nss
• Bug 481216: Fix specific spelling errors in NSS
• Bug 482702: OCSP test with revoked CA cert validated as good.
• Bug 483113: add environment variable to disable/enable hash algorithms in cert/CRL signatures
• Bug 483168: NSS Callback API for looking up a default OCSP Responder URL
• Bug 483963: Assertion failure in OCSP tests.
• Bug 484425: Need accessor function to retrieve SymKey handle
• Bug 484466: sec_error_invalid_args with NSS_ENABLE_PKIX_VERIFY=1
• Bug 485127: bltest crashes when attempting rc5_cbc or rc5_ecb
• Bug 485140: Wrong command line flags used to build intel-aes.s with Solaris gas for x86_64
• Bug 485370: crash
• Bug 485713: Files added by Red Hat recently have missing texts in license headers.
• Bug 485729: Remove lib/freebl/mapfile.Solaris
• Bug 485837: vc90.pdb files are output in source directory instead of OBJDIR
• Bug 486060: sec_asn1d_parse_leaf uses argument uninitialized by caller pbe_PK11AlgidToParam

Documentation

For a list of the primary NSS documentation pages on mozilla.org, see NSS Documentation. New and revised documents available since the release of NSS 3.11 include the following:

• Build Instructions for NSS 3.11.4 and above
• NSS Shared DB

Compatibility

NSS 3.12.3 shared libraries are backward compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with NSS 3.12.3 shared libraries without recompiling or relinking.  Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries.

Feedback

Bugs discovered should be reported by filing a bug report with mozilla.org Bugzilla (product NSS).