Re: dev-tech-crypto Digest, Vol 5, Issue 13
Peter Djalaliev wrote: So there is patch for including the Hello extension? Where can I find it? Is it in some kind of a nightly build or in the CVS directory? You probably should read the following to see more precisely what it's all about : https://bugzilla.mozilla.org/show_bug.cgi?id=226271#c11 This patch adds: - handling of new alerts - ssl3_CallHelloExtensionSenders() which goes through table of registered functions to format extensions, and calls them to append their extensions, [...] - ssl3_HandleClientHelloExtensions(), goes through the received client hello extensions, distributing them to functions registered [...] - ssl3_SendServerNameIndicationExtension() formats and appends an SNI extension only if ECC cipher suites are enabled. [...] - ssl3_HandleServerNameIndicationExtension() handles a received SNI extension by discarding it. [...] - ssl3_RegisterServerHelloExtensionSender() allows dynamic registration of sender functions for server hello extensions. [...] - ssl3_AppendHandshakeNumber() and ssl3_ConsumeHandshakeNumber() are no longer static to ssl3con.c, so that the extension senders and handlers in ssl3ecc.c can use them. ( comment from Nelson Bolyard ) *But* also note the following comment of Nelson in an earlier message here : The framework is not finished. The interface to it is still private. When it is finished, it will have a public interface. So I might have brought public light on this a bit early :-) ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: FIPS 140-2 certification plans
I just noticed on the FIPS page what might be an error... http://wiki.mozilla.org/FIPS_Validation The HMAC row of the table has the following in the Modes column: KeySize BlockSize, KeySize = BlockSize, KeySize BlockSize Should one of those be a ? Let me know if there's someone/where else to notify for this. I don't want to spam the group with this little stuff... Dave ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: FIPS 140-2 certification plans
David Stutzman wrote: I just read an interesting article about the FIPS certification of OpenSSL which was brought on by the Defense Department’s Defense Medical Logistics Standard Support program. It says that they had the source verified instead of the binary and Because the source code was validated, it could be compiled for any platform, be it Linux, Microsoft Windows or some obscure operating system. The article: http://www.gcn.com/print/25_12/40733-1.html After reading on the FIPS page of the NSS wiki: http://wiki.mozilla.org/FIPS_Validation It seems you guys are not going after source validation because you list specific platforms for the validated toolkit. Is that correct? If so, are there any plans to have the full source validated so NSS could be used as freely as OpenSSL will soon be. Yes, that's correct. We are not going after source validation this time. We will definitely consider source validation for our future validations. Note that NIST already allows a crypto module vendor or user to recompile the source code, without modification, for another platform and *maintain the validation status*, with the caveat that NIST makes no statement about the correct operation of the crypto module on platforms not listed on the certificate. See implementation guidance (IG) G.5 in http://csrc.nist.gov/cryptval/140-1/FIPS1402IG.pdf. NSS source code has a lot of ifdefs for various platforms. So even if the same source files are re-compiled on another platform, the actual C code that's re-compiled will be somewhat different. This is true of any portable software crypto module, especially if it optimizes crypto performance with assembly code. Even if the exact same C code is recompiled, the differences in the alignments and sizes of 'long', pointers, and other types may cause incorrect operation on some platforms. (Just search for implementation defined in KR's The C Programming Language book.) So what do you think of source validation or the vendor/user re-compilation allowed by IG G.5? Wan-Teh ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
NSS Apache module - mod_nss
A fair bit of work has been done to mod_nss, an SSL module for Apache that uses NSS instead of OpenSSL, since it was released last September. Changes since then include use the NSS OCSP client, addition of a FIPS mode (similar to modutil -fips true -dbdir /path/to/database), options to seed the NSS Random Number Generator, support for Apache 2.2 as well as a number of important bug fixes. If anyone is interested in trying this out I've created RPMS for RHEL 4 and Fedora Core 4 and 5. It should be as simple as installing a couple of RPMS and firing up Apache. The default listener is 8443 since I don't want it to interfere with any existing OpenSSL configuration. mod_nss can co-exist with mod_ssl in the same server. You can find out more about mod_nss and download the binaries and/or source from http://directory.fedora.redhat.com/wiki/Mod_nss cheers rob ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: NSS Apache module - mod_nss
Rob Crittenden wrote: A fair bit of work has been done to mod_nss, an SSL module for Apache that uses NSS instead of OpenSSL, since it was released last September. Changes since then include use the NSS OCSP client, addition of a FIPS mode (similar to modutil -fips true -dbdir /path/to/database), options to seed the NSS Random Number Generator, support for Apache 2.2 as well as a number of important bug fixes. Rob, You da MAN! Seriously, I really appreciate the work you (and others?) have done on this! -- Nelson B ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: NSS Apache module - mod_nss
Rob Crittenden wrote: A fair bit of work has been done to mod_nss, an SSL module for Apache that uses NSS instead of OpenSSL, since it was released last September. Changes since then include use the NSS OCSP client, addition of a FIPS mode (similar to modutil -fips true -dbdir /path/to/database), options to seed the NSS Random Number Generator, support for Apache 2.2 as well as a number of important bug fixes. We recently fixed a bug in our selfserv test program that it can't find its private key when NSS is in FIPS mode. The function that had the bug is PK11_FindKeyByAnyCert. (See https://bugzilla.mozilla.org/show_bug.cgi?id=337789.) Is mod_nss not using PK11_FindKeyByAnyCert? Wan-Teh ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: NSS Apache module - mod_nss
Wan-Teh Chang wrote: Rob Crittenden wrote: A fair bit of work has been done to mod_nss, an SSL module for Apache that uses NSS instead of OpenSSL, since it was released last September. Changes since then include use the NSS OCSP client, addition of a FIPS mode (similar to modutil -fips true -dbdir /path/to/database), options to seed the NSS Random Number Generator, support for Apache 2.2 as well as a number of important bug fixes. We recently fixed a bug in our selfserv test program that it can't find its private key when NSS is in FIPS mode. The function that had the bug is PK11_FindKeyByAnyCert. (See https://bugzilla.mozilla.org/show_bug.cgi?id=337789.) Is mod_nss not using PK11_FindKeyByAnyCert? It's possible that mod_nss didn't run into the above bug if it logged in to the token before looking for the server private key. ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto