Re: CERT advisory CA-2003-26: Vulnerability in SSL
Nelson B wrote: The above comment was intended to mean (I believe) that you will be prompted for the SAME password rather more frequently than in non-FIPS mode. Too bad. I know some people who would find an interesting feature to have one password per key. Maybe this could done by creating one token per key, but it's more a hack and maybe not manageable. ___ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
Re: CERT advisory CA-2003-26: Vulnerability in SSL
Julien Pierre wrote: FIPS mode is a higher security mode of operation. You will get a lot more token password prompts, [...] Does this mean there can be more than one password per module ? ___ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
Re: CERT advisory CA-2003-26: Vulnerability in SSL
Jean-Marc Desperrier wrote: Julien Pierre wrote: FIPS mode is a higher security mode of operation. You will get a lot more token password prompts, [...] Does this mean there can be more than one password per module ? Well, the rule is one password per token. But, when operating in FIPS mode, you typically only have one token operating in the module. The above comment was intended to mean (I believe) that you will be prompted for the SAME password rather more frequently than in non-FIPS mode. -- Nelson B ___ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
Re: CERT advisory CA-2003-26: Vulnerability in SSL
Julien, Could you refresh my memory about FIPS mode? How do you turn it on in NSS (what API call) and if not on, what does that entail for an NSS app? Also this softokn3.chk file: What is it for exactly, and does it need to be in a special location? I assume it's related to the softoken library which provides a software implementation of a PKCS#11 module. -- POC ___ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
Re: CERT advisory CA-2003-26: Vulnerability in SSL
POC wrote on 1/27/2004, 12:37 PM: Also this softokn3.chk file: What is it for exactly, and does it need to be in a special location? I assume it's related to the softoken library which provides a software implementation of a PKCS#11 module. The softokn3.chk file contains a checksum for softokn3.dll. When in FIPS mode, softokn3.dll is required to compute its checksum and compare it with the value in softokn3.chk. softokn3.chk must be installed in the same directory as softokn3.dll. On Unix platforms, this file is called libsoftokn3.chk. On 32-bit Solaris SPARC and 32-bit HP-UX PA-RISC, you also need two additional .chk files: libfreebl_pure32_3.chk and libfreebl_hybrid_3.chk, which match the libfreebl_pure32_3.{so,sl} and libfreebl_hybrid_3.{so,sl} shared libraries on these two platforms. Wan-Teh ___ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
Re: CERT advisory CA-2003-26: Vulnerability in SSL
POC wrote: Julien, Could you refresh my memory about FIPS mode? How do you turn it on in NSS (what API call) and if not on, what does that entail for an NSS app? FIPS mode is a higher security mode of operation. You will get a lot more token password prompts, and private keys cannot travel accross tokens even wrapped, among other things. To enable/disable it, please see the code in the modutil tool in pk11.c, specifically the FipsMode function. Also this softokn3.chk file: What is it for exactly, and does it need to be in a special location? I assume it's related to the softoken library which provides a software implementation of a PKCS#11 module. As Wan-Teh pointed out, the file should live at the same location as the softokn3 DLL/so file. On Solaris there are extra libfreebl*.chk files. ___ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
Re: CERT advisory CA-2003-26: Vulnerability in SSL
Julien Pierre wrote: Nelson, If your application uses FIPS mode, you need an additional softokn3.chk file, not just the NSS DLLs . Otherwise you won't be able to turn on FIPS mode (a feature Mozilla actually supports). This file first appeared in NSS 3.8 - it did not exist in 3.7 . Thank you for reminding me of that that, Julien. I tend to forget about FIPS mode. :( ___ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
Re: CERT advisory CA-2003-26: Vulnerability in SSL
Nelson, Nelson B wrote: 3. If I'm not mistaken, NSS 3.9 *should* be a drop in replacement for NSS 3.7 and later, so it should be possible to simply install the NSS 3.9 shared libraries over the older ones in existing products. No need to wait for a new product release to use the new NSS. (Be sure to backup your old software and NSS databases first though. Your mileage may vary.) For example, I've installed NSS 3.9 DLLs into a mozilla 1.3.1 installation and it works just fine. If your application uses FIPS mode, you need an additional softokn3.chk file, not just the NSS DLLs . Otherwise you won't be able to turn on FIPS mode (a feature Mozilla actually supports). This file first appeared in NSS 3.8 - it did not exist in 3.7 . Julien ___ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
Re: CERT advisory CA-2003-26: Vulnerability in SSL
Wan-Teh Chang wrote: POC wrote: Does the following vulnerability with ASN1, noted in some versions of openSSL, also affect NSS? http://www.cert.org/advisories/CA-2003-26.html The NISCC TLS/SSL and S/MIME test suites uncovered several vulnerabilities in NSS. All of the vulnerabilities found during our NISCC testing have been fixed in NSS 3.9. We recommend that all NSS customers upgrade to NSS 3.9 in the next release of your product I'd like to add a few more comments, speaking unofficially, of course. 1. OpenSSL and NSS are separately developed software, so none of the specific vulnerabilities of one directly affect the other. However, it is possible that the two products coincidentally had vulnerabilities to similar sorts of attacks. 2. The types of vulnerabilities that were found in NSS would cause denial of service, through crashes or memory leaks. I didn't find any stack buffer overflows of the sort that allow attackers to run their own code. 3. If I'm not mistaken, NSS 3.9 *should* be a drop in replacement for NSS 3.7 and later, so it should be possible to simply install the NSS 3.9 shared libraries over the older ones in existing products. No need to wait for a new product release to use the new NSS. (Be sure to backup your old software and NSS databases first though. Your mileage may vary.) For example, I've installed NSS 3.9 DLLs into a mozilla 1.3.1 installation and it works just fine. -- Nelson B ___ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
CERT advisory CA-2003-26: Vulnerability in SSL
Does the following vulnerability with ASN1, noted in some versions of openSSL, also affect NSS? http://www.cert.org/advisories/CA-2003-26.html -- POC ___ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
Re: CERT advisory CA-2003-26: Vulnerability in SSL
POC wrote: Does the following vulnerability with ASN1, noted in some versions of openSSL, also affect NSS? http://www.cert.org/advisories/CA-2003-26.html The NISCC TLS/SSL and S/MIME test suites uncovered several vulnerabilities in NSS. All of the vulnerabilities found during our NISCC testing have been fixed in NSS 3.9. We recommend that all NSS customers upgrade to NSS 3.9 in the next release of your product Wan-Teh ___ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto