Important Bug Fix Information: NSS 3.1.1 fixes several bugs in the freebl library of NSS 3.1, including
one that affects RSA key pair generation and other important operations.
If you are using NSS with the freebl library, use NSS 3.1.1 rather than NSS 3.1.
For details, see NSS 3.1.1 Release Notes.
Contents
Introduction
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and server applications.
These libraries provide the security foundation for a variety of server products from
iPlanet
E-Commerce Solutions, including iPlanet Certificate Management System, iPlanet Web Server,
iPlanet Directory Server, and iPlanet Messaging Server. NSS 3.1 provides, for the first time,
a complete open-source implementation of the crypto libraries used to implement security
features in these products, including a new implementation of the RSA algorithm. (For
more information on the effects of the RSA algorithm going into the public domain, see the
Mozilla Crypto FAQ. For schedule and other details
of the plan for NSS 3.1, see NSS 3.1 Plan.)
The NSS libraries also underlie Personal Security Manager (PSM),
which performs cryptographic operations on behalf of Netscape Communicator, Netscape 6,
and other client applications.
If you are developing applications that support SSL, S/MIME, or other Internet security standards,
you can now use NSS libraries to implement comparable security features in your own applications.
NSS 3.1 also includes a framework to which developers and OEMs can contribute patches, such as
assembler code, to optimize performance on their platforms.
NSS 3.1 is dual-licensed under the MPL and the GPL.
CVS Information
The CVS tag for the NSS 3.1 release is NSS_3_1_RTM.
Important: If you are using the freebl library to
build NSS, use NSS 3.1.1 rather than NSS 3.1.
For details, see NSS 3.1.1 Release Notes.
Bugs Fixed
For a list of the bugs that were fixed in the NSS 3.1 release, click here.
Documentation
For a list of the primary NSS documentation pages on mozilla.org, see NSS Documentation.
New and revised documents available with this release include the following:
Source may be viewed with a browser (via the LXR tool) at
http://lxr.mozilla.org/mozilla/source/security/nss/
Changes Since NSS 3.0
New functions and features include the following:
- This release requires NSPR 4.0 and supports both NSPR 4.0 and 4.1
(because NSPR 4.1 is backward compatible with NSPR 4.0). To use NSS 3.1 under GPL,
you must use NSPR 4.1, because that is the first version of NSPR covered by the dual license.
- DES is implemented in this release.
- The BigNum package used in this release is based on
MPI: Arbitrary Precision Integer Arithmetic.
- This release includes unencumbered crypto code on top of the BigNum package, including RSA public
key, RSA private Key, Diffie-Hellman, Fortezza KEA, DSA sign, DSA verify,
key generation, param generation and verification, and other algorithms.
- This release includes a new implementation of a pseudo-random number generator that we believe to be FIPS-compliant.
- This release includes an Arcfour implementation.
- Root CAs
- The S/MIME Toolkit can be used with this release.
- This release enforces RNG seeding and provides a new initialization function. NSS 3.1 enforces a requirement it has always
had--that the RNG be properly seeded before it is used. Application programs that call
NSS_Init to initialize NSS already meet this requirement.
If you wish to run NSS without setting up configuration files (that is, without using storage for the
certificate and key database files), you must call the new initialization function
NSS_NoDB_Init, which also seeds the RNG properly.
- There is a new NSS initialization function NSS_InitReadWrite. NSS_InitReadWrite
behaves similarly to NSS_Init, with the difference being that NSS_InitReadWrite opens a
database and allows for read/write privileges.
- The key and certificate database name callback functions that are passed as arguments to SECKEY_OpenKeyDB or CERT_OpenCertDB must return their result in memory allocated by an NSPR memory allocation function such as PR_Malloc.
- This release supports IPv6 (PR_AF_INET6) sockets.
We have also received patches for FreeBSD, NetBSD, and OS/2 ports in the past month. The OS/2 ports are from IBM.
Platform Information
NSS is maintained on the platforms listed below. "Certified" means the iPlanet NSS team has built
and run QA tests for NSS on a machine with the specified OS.
| Platform |
Build |
Certify |
Compiler(s) |
| AIX |
4.3.3 (32 bit) |
4.3.3 (32 bit)
4.3.3 (64 bit) |
xlC/C++ 3.6.4 |
| 4.3.3 (64 bit) |
4.3.3 (64 bit) |
xlC/C++ 3.6.4 |
| Compaq Tru64 |
4.0D |
4.0D
5.0A |
(cc) Digital C v5.6-071 |
| HP-UX |
11.0 (32 bit) |
11.0 (32 bit)
11.0 (64 bit) |
C compiler: A.11.01.00 |
| 11.0 (64 bit) |
11.0 (64 bit) |
C compiler A.11.01.00 |
| Linux |
RedHat 6.0 |
RedHat 6.0
RedHat 6.1 |
egcs-1.1.2 |
| NT |
NT 4.0 w/ SP 6a |
NT 4.0 w/ SP 6a
Win2000 |
VC++ 6.0 Service Pack 3 |
| Windows |
NT 4.0 w/ SP 6a |
NT 4.0 w/ SP 6a
Win2000 |
VC++ 6.0 Service Pack 3 |
| Solaris |
2.6 |
2.6
8 (32 bit)
8 (64 bit) |
WorkShop Compilers
C/C++ version 4.2 |
| 8 (64-bit) |
8 (64-bit) |
WorkShop Compilers
C/C++ version 5.0 |
Note to Macintosh Developers: Due to a lack of resources, our team was unable to develop NSS for the Macintosh platform. We are looking for help from any interested parties to modify the Macintosh project file for NSS 3.1. For contact information, please see the Feedback section.
NSS has not yet been formally tested or certified on any other platforms. If you have successfully run NSS on other platforms, or if you are interested in taking responsibility for testing and maintaining NSS on a particular platform that's not listed above, post a message to mozilla.dev.tech.crypto
Known Bugs and Issues
Bug #59438 in the freebl library of NSS 3.1,
sometimes referred to as the "prime number generation bug," affects the
following algorithms on all platforms:
- Diffie-Hellman and DSA parameter generation: The parameter
may not be a prime. Generation of Diffie-Hellman or DSA
parameters is typically done only by a Certification
Authority (e.g. in CMS), not in other client or server
products.
- RSA key pair generation: The keys may not contain the
product of two primes. RSA key pair generation is done by
all SSL servers, each time they are started up, to generate
a "step down" key for use with export cipher suites. It is
also done by all products that generate Certificate Signing
Requests.
The bug described above has been fixed in NSS 3.1.1.
Note that this bug does not affect products using NSS
3.1 with RSA BSAFE Crypto-C or Netscape's internal
libcrypto library. It also does not affect any present
releases of Personal Security Manager from Netscape or iPlanet, since those have all used the
libcrypto library. However, it affects other releases of Personal Security Manager
that may have used the NSS 3.1 freebl library.
NSS 3.1 uses mozilla/dbm, which is based on Berkeley DB 1.85.
Berkeley DB 1.85 is released under the original BSD license, whose "advertising clause"
is incompatible with the GNU GPL. In a letter dated July 22, 1999, UC Berkeley announced
that the advertising clause is deleted from all the BSD Unix files (of any version of BSD)
containing it. (The announcement is available at
ftp.cs.berkeley.edu/ucb/4bsd/README.Impt.License.Change.)
The final (AT&T proprietary) 4.4BSD release contained version 1.6 of Berkeley DB.
The 4.4BSD-Lite2 release contained version 1.74 of Berkeley DB.
Since Berkeley DB 1.85 is not technically in any version of BSD
(although it is derived from the Berkeley DB files in 4.4BSD and 4.4BSD-Lite2),
it is not clear whether the Berkeley announcement deletes the advertising clause from Berkeley DB 1.85.
For a list of known bugs that have not been fixed in NSS 3.1, please click here.
Compatibility
NSS 3.1 is backward compatible with NSS 3.0.x.
Feedback
Bugs discovered should be reported by filing a bug report with bugzilla (product NSS).
You can also give feedback directly to the developers on the IRC channel #mozcrypto
on the server irc.mozilla.org.