clarification of CSR attributes in NSS
I'm in the process of adding CSR support to the NSS python binding and I'm not sure I fully follow how CSR attributes are handled so I'm looking for some clarification. From reading the relevant RFC's my understanding is that a CSR contains a sequence of attributes and an attribute has a type (OID) and a set of values matching that OID type. One possible attribute type is a PKCS #9 Extension Request, but their could be other attribute types as well, right? What's confusing me that the NSS API (as well as the implementation) seems to assume the *only* attribute type in a CSR will be a PKCS #9 Extension Request (i.e. a set of cert extensions). Am I missing something? What about the other possible CSR attributes? Or in practice are they never used? Or am I being lame and just not finding the code in NSS which deals with CSR attribute other than cert extensions? Or do I just not understand the RFC definition of a CSR? Thanks, John -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Using a 'secret' SSL client certificate from Mozilla
On 08/27/2010 06:36 PM, Michael Smith wrote: Hi all, In our (mozilla/xulrunner-based) application, we're trying to set up a secure connection to a server that requires a client certificate. Rather than the normal case of a client certificate belonging to the user, and just added to the certificate store, we want to have a certificate that nominally belongs to the application, and is secret from the user (strange, but that's what I'm stuck with). The specific requirements are that we not store it unencrypted in the filesystem - and simply setting a password on the key db isn't an option, as that would interfere with the _user's_ use of the key db for any of their certificates, and that it must not be available in the UI (so we want to somehow hide it from the 'View Certificates' UI - or at least not be exportable from there). Can anyone suggest an approach to implementing this? System services (e.g. daemons) have a very similar requirement for accessing their security information and being able to operate unattended. The usual solution for system services is to create a system user (typically a uid less 1024, but that varies by OS). The security information is placed in a file only that user can read. Upon start up the process will switch it's effective uid to that uid. However if your application is a normal user process running under the uid of the user that won't work. It works in the case of a system service because those processes start with root privileges and can drop privileges to the daemon uid after they've begun executing. Very much akin to what I described above are the requirements for storing a host certificate for machine authentication when joining a domain. But once again the storage of that cert is protected by root level privileges. Another possible approach would be akin to what Cyrus SASL saslauthd does. saslauthd is a tiny root daemon process who purpose is to access authentication information on behalf of an unprivileged process. The unprivileged process sends a request to saslauthd which is running with root privileges and requests it perform an authentication on it's behalf. In fact the basic concept is not all that different from RADIUS. If your application is a normal user application running under the uid of the user who started and you have no way to install and start a system daemon then I can't think of a mechanism that couldn't be compromised and/or wouldn't require user intervention. Anybody else have better ideas? -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: NSS 3.12.5: Error '-8023' ... how to track it down?
On 01/11/2011 11:36 AM, Bernhard Thalmayr wrote: Hi experts, I have apache httpd running with a shared lib using NSS/NSPR. The lib talks to an SSL enabled server using PR_WRITE. Occasionally PR_WRITE returns error '-8023'. OS is CentOS 5.5 64bit. NSS: @(#)NSS 3.12.5.0 Aug 3 2010 17:15:02 NSPR: @(#)NSPR 4.8.2 2010-08-03 17:13:30 I've tried 'ltrace' to trace the NSS/NSPR library calls but without success ... 'ltrace' does not show anything. AFAIH understood the source '-8023' could be 'SEC_ERROR_PKCS11_DEVICE_ERROR' or 'CKR_DEVICE_ERROR'. There's no other PKCS11 module involved but the internal one. How can I track down this issue? Install the debugging symbols and source code for nss and nspr yum install nss-debuginfo nspr-debuginfo Then run the process under gdb or attach gdb to a running process and set a break point on PR_SetError, you will probably need to issue this gdb command (or put it in a .gdbinit file): set breakpoint pending on You should break in the debugger with full source code when an error is set, you can then look around to see why. -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Python-nss
On 02/24/2011 02:39 PM, Chris wrote: Hello, Recently I was looking into the Firefox Sync utility. I setup my own customer server and got my web browser to successfully sync to my computer and then wanted to look at the database entries. Of course the data is encrypted which makes sense if I'm going to send my data to a public server, but in my case not necessary. I wanted to try to decrypt the information to see what it was storing in the database and so I've been researching how to do this. I found references to a python package python-nss which is available in RPM format, but I'm using Debian and having trouble actually finding something pre-compiled. I downloaded the source code for the python-nss tool from http://ftp.mozilla.org/pub/mozilla.org/security/python-nss/releases/PYNSS_RELEASE_0_11_0/src/python-nss-0.11.tar.bz2. When I try to build this I'm getting compile erorr's and they seem to be caused by a missing definition for NSSInitParameters. The reference to this name is in py_nss.h, but i can not actually find where it is defined in any of the included source code of any of the required libraries (searched all the code in nss3 and nspr4). Can anyone provide help on this. Is this python-nss project actually being maintained? Seems like it may not be. python-nss is absolutely being maintained. In fact if you looked at the timestamps on version 0.11 you would have seen that release is only a couple days old. I am the maintainer. As for the compile errors, I suspect you might be using an old version of NSS, what version do you have? If someone wants to package python-nss for Debian, I think that would be fantastic (hint, it's not going to be me, I work for Red Hat who has generously funded the entire development effort and we're obviously Fedora and RPM based, not Debian and apt based) I would be happy to help you get it to build. My first suggestion would be to see if you can find a more current version of NSS for debian. I don't really understand debian packaging but it's my understanding there are different channels for updates and you might have to look in the right place. If no current versions of NSS are available the next option would be to #ifdef parts of the binding depending on the version of NSS which is available, but that's an effort I'd prefer to avoid at the moment for a host of reasons. Hope that helps! John -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Python-nss
On 02/25/2011 01:08 PM, Chris wrote: The reason I thought it seemed unmaintained is because I was having a hard time finding an official page dedicated to the project. Yes, that's a deficiency. The lack of a project page is part due the fact I'm the only person supporting the project and the difficulty of getting the right Mozilla mojo to maintain public pages. So I do apologize for that, it really should be done. Now I just need to find some examples or perhaps direct help on how I might decrypt the information stored in my FireFox Sync repository. I don't know what Firefox sync does or how it works. Some firefox folks hang out on this list, but it's not Firefox central :-) You might do better to go to a firefox specific list. Perhaps you can clear something up for me. The whole NSS and PKCS#11 seems to be a rather large and complicated system. Like I said I really just want to decrypt the data in my database. From what I found (looked at some javascript source code files for the FireFox Sync project) it looks like sync uses NSS to encrypt, but I'm not clear on how to determine what algorithm it uses. At first I thought maybe PKCS#11 was an algorithm, but I'm starting to thing it is just a container for algorithm's and so then I must ask what is actually being used. Maybe I don't need python-nss if the data is just being encrypted using some standard algorithm (wrapped up in NSS or PKCS#11) which python already has facilities to decode. You're right on one count, NSS and PKCS11 are large complicated systems. NSS actually comprises quite a bit more than PKCS11. PKCS11 is a standard promulgated by RSA for managing cryptographic tokens. NSS amongst other things provides API's which are compatible with the PKCS11 API's. NSS also implements support for the SSL/TLS protocols, certificate management, PKI infrastructure, and exposes API's which are the building blocks of those larger components. Whether NSS can help you with your quest for solving your Firefox sync issue will be determined by what Firefox sync is doing and only the Firefox folks can tell you that. I suspect they already have tools to do what you want which would be a much shorter path than trying to build something on your own out of the NSS toolbox. Using NSS directly (even through Python) requires a fair amount of sophisticated knowledge to utilize NSS's building blocks to produce a comprehensive solution to some cryptographic problem. HTH, John -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: BUG with AES encrypt / decrypt
On 07/22/2011 08:28 AM, florent ainardi wrote: On 22 juil, 12:29, helpcrypto helpcryptohelpcry...@gmail.com wrote: i dont know if this is related what you are trying, but i use an smartcard with attached certificate to encrypt data. For all the operations, im invoking OpenSSL functions. i try to make a simple program to encrypt data with aes but the question is : does the AES is implemented in nss , what are the library to import ? ok but what about NSS mozilla ? everything i read is about public key, certificate but what about symetric algo with private key ?? i had to encrypt data with AES cbc or ecb, i found nothing about that if you have any idea, please post it here Have a look at: PK11_ImportSymKey PK11_CreateContextBySymKey PK11_CipherOp PK11_DigestFinal -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: does anyone try to use AES_CBC ???
On 07/22/2011 02:18 PM, Honza Bambas wrote: On 7/22/2011 8:06 PM, Matej Kurpel wrote: On 22. 7. 2011 18:36, Brian Smith wrote: - Original Message - From: Matej Kurpelmkur...@gmail.com On 22 juil, 14:41, helpcrypto helpcryptohelpcry...@gmail.com wrote: at this time, i had just to make some test about the AES_CBC or AES_ECB like time to encrypt, time to decrypt,how memory used, how cpu used for just a simple operation . for tis kind of test private key and IV will be set in the programm not given by secure way. Take a look at this code. I pieced this together by looking at lib/ssl/ssl3con.c. It is probably very similar to the code in cmd/digest. I have not tested it, compiled it, or even thought about it much. Also, I left out all the error handling to mislead you into thinking that your final code will be readable. /* const SECItem * input; holds plaintext data SECItem * output; will hold encrypted data unsigned maxout; size of output-data buffer */ output-data = NULL; output-len = 0; PK11SlotInfo *slot = PK11_GetInternalSlot(); PK11Context *context = NULL; PK11Symkey * aesKey = NULL; SECItem *param = NULL; /* This is not the proper way to deal with key material in a real application. keyData is a pointer to a SECItem that holds the raw key, and ivData is a pointer to a SECItem that holds the IV. */ aesKey = PK11_ImportSymKey(slot, CKM_AES_CBC, PK11_OriginUnwrap, CKA_ENCRYPT, keyData, NULL); param = PK11_ParamFromIV(CKM_AES_CBC, iv); context = PK11_CreateContextBySymKey(CKM_AES_CBC, CKA_ENCRYPT, aesKey, param); PK11_CipherOp(context, output-data,output-len, maxout, input-data, input-len); PK11_DestroyContext(context, PR_TRUE); PK11_FreeSlot(slot); OpenSSL is intended for this purpose, not NSS. ... Cheers, Brian But NSS gets the key using PKCS#11 from a token. And you need to get it from a file directly (or a variable). Check this method: http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/src/nsPKCS12Blob.cpp#135 You need to import it to the database or memory anyway; depends on how you init NSS (http://mxr.mozilla.org/mozilla-central/source/security/nss/lib/nss/nssinit.c#720) -hb- 15 seconds of googling shows how to do this: http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn5.html http://www.mozilla.org/projects/security/pki/nss/sample-code/sample2.html -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: nss program language
On 07/25/2011 05:08 AM, florent ainardi wrote: hi all i have a doubt concerning the language of the nss library i parse a sample of code given on the official website and it seems to be written in cpp can you confirm that the nss library is full written in C or C++ or it has both of them NSS is written in C. The source can be obtained here: ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/ -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: bug compiling ridiculous program
On 07/26/2011 10:22 AM, florent ainardi wrote: hi i have just installed nss library and all dependencies (libc6, sqlite, zlib1g .. ) my program look like this #includenss/nss.h #includenss/pk11pub.h that's all when i launch the gcc command : gcc test.c -otest -lnss i have more than hundred error but the firsts one are these prtypes.h not found in nss directory seccomon.h not found in nss directory and also prlink.h, prlog.h, plarena.h plstr.h does anyone can help me and tell me what package i forget to install or have an idea i also try to compile the sample2.c from the official website of mozilla nss, and i have the same error so i'm sure and forget something O.K. some of this is a basic software development you should already understand, not really an appropriate question for this list (also it's not a bug). Also, you don't need to CC all the mailing lists and newsgroups, the redundant posts are generally not appreciated. However, this is what you need to do, find the location where the headers are installed and add -Ipath to the compile command where path is the installed path. Read the compiler doc to understand the -I option. If the headers aren't on your system then: prtypes.h belongs the nspr package, not nss, nspr is a dependency of nss, this is documented. If you're installing using pre-built packages make sure you also install the devel packages, those have the headers necessary for software development (hence the devel suffix). For RPM based systems it would be nspr-devel, nss-devel, nss-util-devel (because you need both nspr and nss). Understanding where to find headers, how to install packages, etc. are OS specific issues better dealt on a mailing list devoted to software development on you're chosen OS. Hope that helps and gets you started, John -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: nss and java ?
On 08/08/2011 08:59 AM, florent ainardi wrote: hi i would like to know if someone try to implement nss library in a java program ? is it very difficult ? does nss is easy to implement in java or do i have to forget my idea ? please tell me your opinion about that and share to me your experience if you're concerned by java and nss regards all Google is your friend :-) http://www.mozilla.org/projects/security/pki/jss/ https://developer.mozilla.org/En/JSS JSS is used extensively by the Red Hat Certificate Server and it's free version known as Dogtag. I believe it's used by others but I can't enumerate them. JSS does not currently have an active development community, an issue which needs to be addressed. Since JSS is critical to the Certificate Sever we've been fixing bugs and adding some new features (e.g. better ECC support). But because we're one or two minor revisions behind the official version we haven't yet pushed these fixes upstream, another problem which we need to rectify. -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: error during compil
On 08/09/2011 04:10 AM, florent ainardi wrote: i have a little problem when i try to compil my program nss and nspr are installed on my system when i launch gcc with the following syntax gcc -g test.c -otest -I/usr/include/nss -I/usr/include/nspr i have the following error undefined reference to 'PR_Init' undefined reference to 'NSS_NoDB_Init' undefined reference to 'PR_Get_Error' do you have an idea ? Yes, but the real question is why don't you? Your questions on this list suggest you're struggling with basic computer science. With all due respect you need to take some courses in fundamentals. This list is dedicated to advanced topics in computer security, it is not the place to learn how to compile and link, one of the very first topics in a computer science education. The answer to your question is that you need to supply the nss and nspr libraries which contain those symbols to the linker. This is done with the -l command line arg passed to gcc when you're building a final executable image. The undefined reference error means the linker (do you know what that is?) is unable to resolve (i.e. locate the compiled code) for those functions because they are not in your test.c program, rather they are in the nss and nspr libraries, hence your test.c program makes a reference to a symbol which is undefined. So where is it defined? In the nss and nspr libraries! Pay particular attention to the -I and -l command line args and be sure to understand the distinction between them. In previous emails you incorrectly conflated include files and libraries. They play very distinct and separate roles during the build process. In the future I'm sure the folks on this list would be happy to help you with actual issues with NSS, PKI and cryptography, but not with computer science 101 :-) As a courtesy to others on this list such things are said to be off topic. HTH, John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Removal of NSS and/or NSPR from the API exposed to addons
On 01/19/2012 07:26 AM, Mike Hommey wrote: He is talking about runtime detection. Not build time detection. And we already have --with-system-nss. My point is that it's probably not worth trying to do runtime detection because few systems will have the right system nss anyways. I've been lurking on this thread. There seems to be an assumption that on Linux system NSS won't be current, won't be available and you might deploy something which has a dependency that can't be detected and satisfied during installation. At least on RPM based systems (Fedora and RHEL in particular) none of this is true. When packages are built you have to opportunity to express the dependency, the installer won't install the package unless the dependencies can be satisfied and the installer knows how to locate and download the dependencies. Also, when there is a dependency affecting other packages there is a coordinated effort update things in unison. Can't speak for Debian based systems, but my understanding is they have similar facilities. So what's the problem with using system NSS? BTW, the practice of not using system NSS with firefox massively broke things for us recently, one of the clear downsides of using private versions of NSS independent of the global system environment. Would truly like to avoid that experience again. -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
error handling bug in nss_Shutdown
FYI, there is a bug in the error handling logic in nss_Shutdown() which causes a bogus error code to be returned due to the following sequence of steps in nss_Shutdown(): ... status = STAN_Shutdown(); ... nss_DestroyErrorStack(); nssArena_Shutdown(); if (status == PR_FAILURE) { if (NSS_GetError() == NSS_ERROR_BUSY) { PORT_SetError(SEC_ERROR_BUSY); } shutdownRV = SECFailure; } Note that NSS_GetError() is called *after* nss_DestroyErrorStack()! When NSS_GetError() is called error_get_my_stack() is invoked but because the thread local stack was destroyed it happily recreates a brand new error stack with no errors, as result NSS_GetError() returns 0. This then causes a failure to set the correct error code via PORT_SetError(). NSS_Shutdown() returns SECFailure and the caller of NSS_Shutdown() then invokes PORT_GetError() which then returns a completely bogus error code from the dim past (because errors are never cleared). Filed bug as: https://bugzilla.mozilla.org/show_bug.cgi?id=816488 -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Web Crypto API(s) and what Mozilla wants / needs
On 02/14/2013 02:34 PM, Ryan Sleevi wrote: On Thu, February 14, 2013 10:43 am, Robert Relyea wrote: On 02/14/2013 07:54 AM, David Dahl wrote: - Original Message - From: Gervase Markhamg...@mozilla.org To: mozilla-dev-tech-cry...@lists.mozilla.org Cc: Eric Rescorlae...@mozilla.com, Brian Smithbsm...@mozilla.com, Brendan Eichbren...@mozilla.com, Ben Adidabenad...@mozilla.com, Brian Warnerwar...@mozilla.com Sent: Thursday, February 14, 2013 5:22:41 AM Subject: Re: Web Crypto API(s) and what Mozilla wants / needs On 13/02/13 20:55, David Dahl wrote: The main issue is: What does Mozilla actually need here? What is Mozilla's official policy or thinking on a crypto API for the DOM? As you are the Mozillian with most experience in this area, I'd say that insofar as we will ever have an official policy, it's likely to be what you think (after taking the input of others, as you are doing). Please feel empowered :-) Ah, thanks! I am however, not a 'crypto expert' and would like the actual experts to weigh in and set the 'policy' (for lack of a better word.) At this point in the game, it would seem that FirefoxOS, with it's enhanced security model, would benefit greatly from APIs like this. I am hoping that will help in garnering the resources to implement and/or develop an engineering schedule for this. -david Well, I am quite pleased with the approach of providing a limited controllable set of primitives that are easy to use. The encrypt/sign - decrypt/verify using PKI completely sounds like the right first primitive to supply, along with seal/unseal. Key management/key exchange is the hardest part to get right in crypto. Both of these provide the simplest model for managing these things. Agreed on key management/key exchange. Note that the current proposal intentionally largely tries to avoid these matters, for that reason. Instead, it operates on the presumption that the user has a Key object, and the question is what operations can be performed with it. I'm sure there are lots of applications where these primitives are insufficient, but enabling a stable set that is easy for the non-crypto person to get right definately sounds like the right way to move forward. (Both of these also has the advantage of allowing you to define API's where algorithm selection can be automatic, meaning the users automatically get new algorithm support without having to change the javascript application. Bob, As you mentioned, there are lots of applications where these primitives are insufficient. Certainly, NSS would not be in usable today for Firefox or Chromium if it adopted only the high-level approach being proposed (and as reflected in APIs like KeyCzar and NaCL). Likewise, NSS's highest-level APIs (like S/MIME) go largely unmaintained/unused, while the low-level crypto is used in a variety of projects (as shown at the sheer number of packages converted at http://fedoraproject.org/wiki/FedoraCryptoConsolidation ). Do you know of any applications where they *would* be sufficient? Do you anticipate non-crypto people to be able to use 'crypto', even high-level, for the development of an overall secure system? I'm aware of the arguments made in http://cr.yp.to/highspeed/coolnacl-20120725.pdf , and I certainly support a high-level API, but I don't think you avoid any of the thorny issues (algorithm negotiation, wire format, etc), and I'm not sure that the high-level API makes the overall *application* any more or less secure than a low-level API using recognized primitives. I guess it's my way of suggesting I'm more concerned about the places where these primitives are insufficient, and I'm less convinced of the idea that it any more easier for the non-crypto person to get right. Given your long-standing role in NSS, I'm curious your thoughts on the types of applications that would be able to actually (and successfully, and securely) use such an API. Sorry to butt in on a question directed to Bob, but ... Here's one data point. I constantly hear the complaint from developers that NSS is too low level and using it is too hard. They wonder why there can't be a higher level API that insulates them from many of the quirky details they find somewhat incomprehensible leaving them with doubts about the correctness of what they've done and dismayed at the time it took to accomplish it. So yes, I think higher level API's would be welcome. I also think it would be welcome if the high level API interfaces permitted swapping out the low level crypto library on which they are based. Why? It's not unusual for someone with a problem to be asked, can you use X, Y, or Z instead and tell me if you still have the issue. That's a non-starter for many applications unless they had the foresight to implement pluggable crypto, and I'm only aware of a handful of those, usually they've hitched their horse to one implementation. -- John Dennis jden...@redhat.com Looking to carve out
Re: Web Crypto API(s) and what Mozilla wants / needs
On 02/14/2013 03:19 PM, Ryan Sleevi wrote: On Thu, February 14, 2013 11:55 am, John Dennis wrote: Surely you're not suggesting that arbitrary web applications be able to use JavaScript to swap out the crypto library used by the browser? Absolutely not from JavaScript. But as a browser config sure. This is purely in the context of a Javascript API intended for both web applications AND extensions (or, in the case of B2G, B2G Apps). So there's a wide spectrum of possible applications that may be developed or wish to be developed. For example, would a B2G SSH be possible? ConnectBot is quite popular on Android - after all, AIUI, the NSS Android builds themselves rely on having an SSH app installed on the phone (Kai, is that a correct understanding?) Were you perhaps talking about a new C API for high-level crypto, that interops with multiple 'lower' level APIs Yes that's where my thoughts were going. If high level Javascript as well as C/C++/Java/Python/Ruby etc. API's followed the same models, used the same terminology, names, and fundamental objects I think it would be a huge win. It seems to me the current state of affairs is there is wealth of incompatible poorly written crypto API's across a range of languages and environments. Good API design is an art. Having a crypto guru write a crypto API for the masses is akin to asking a kernel developer to develop a friendly user interface, it's possible but not likely. I think where I was going is if this effort could yield a simple, easy to use, easy to comprehend, easy to be secure API that serves 90% of the common use cases then I think it would have accomplished something we haven't achieved yet, and if so it can be a model to converge on. It would be something the whole software ecosystem would appreciate. I'd like to see a lot more focus on API design driven by usability requirements instead of driven by the underlying implementation. A lot of effort has to go into developing abstractions while rigorously applying the simplicity test. I'm afraid committees have a poor track record in this regard FWIW. :-( (if so, what APIs?). Arguably, NSS is itself a 'pluggable' crypto - everything in pk11wrap and higher is implemented in terms of PKCS#11 - that is, not directly talking to softoken, but speaking to generic PKCS#11 modules and slots, which are a standard abstraction for crypto modules/libraries. Well, I think it might be a bit a stretch to call NSS pluggable, but I see where you're coming from. There is still a fair amount of ground not covered by PKCS11. I think one might be hard pressed to have a rich crypto environment while restricting yourself to only what's available via PKCS11, but your point is taken. Also PKCS11 is a bit long in the tooth by contemporary standards, but that's another topic. -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Using libnss with client certificates via pkcs11
On 06/20/2013 01:20 PM, Johan Dahlin wrote: [Sorry if this appears twice, the first copy got stuck in the moderation queue] I'm investigating the use of smart card readers for my application[1], which is also free software. As part of the brazilian eletronic legislation I need to be able to connect to a https server[2] and do a couple of soap calls. It works just fine in Firefox 21, when I: * Go to the site * Add a certificate exception via the I accept the risk dialog * Enter the PIN for the smart card reader via a popup dialog * Access the site normally When I tried adapting httplib_example.py in python-nss I ran into two problems: it has an unknown issuer which I can workaround by implementing a SSL_AuthCertificateHook. The second problem however is that I need a way to use the client certificate from the smart card reader, including ask the user to enter a pin code. How can I access a site requiring a client certificate stored on a pkcs11 compatible smart card readers via libnss/python-nss? Did you set the socket client auth callback to supply the client cert? See SSLSocket.set_client_auth_data_callback() There is an example of it's usage in doc/examples/ssl_example.py John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Importing a symmetic key into NSS database
On 07/31/2013 09:47 AM, Rajesh Kareti wrote: Hi, I need some help in setting up the NSS Cryptographic module for doing Encryption and Decryption. Could any one help me in doing that. Thanks you, Raj Raj, please do not hijack threads, your question has nothing to do with importing a symmetric key. Using NSS to perform miscellaneous cryptographic operations https://developer.mozilla.org/en-US/docs/NSS/NSS_Tech_Notes/nss_tech_note5 and NSS Sample Code https://developer.mozilla.org/en-US/docs/NSS/NSS_Sample_Code Were you unable to find these? On Tue, Jul 30, 2013 at 9:37 PM, John jbu...@yahoo.com wrote: At this point I usually ask, what is it you are trying to do? usually when I see someone trying to import or export keyblobs, they are coding at the wrong level and we should be pushing more of whatever protocol you are running into NSS. I'm developing a One Time Password software token and wanting to store the shared secret in the NSS database. At this point I'm inclined to think importing the shared secret using PK11_CreateGenericObject() is probably more appropriate, i.e. if I can get it to work. Can you recommend a better approach? -- View this message in context: http://mozilla.6506.n7.nabble.com/Importing-a-symmetic-key-into-NSS-database-tp286642p286750.html Sent from the Mozilla - Cryptography mailing list archive at Nabble.com. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
cert validation failure when root cert is in chain
I'm trying to debug a validation failure when using CERT_VerifyCertificate(). The cert being validated is a SSL Server Cert, it is signed by a root cert. I have confirmed the server cert validates using CERT_VerifyCertificate() in a stand alone program an the root cert imported and trusted into an NSS database. I've also confirms it validates with openssl verify. The problem seems to come when the cert is used in an SSL handshake (in this particular instance when the openldap libary is making a TLS connection to an openldap server (the openldap library is using NSS, e.g. tls_m.c). Stepping through CERT_VerifyCertificate as called by the openldap library I have found where verification failure occurs. First also let me say that I've also run the connection through the NSS ssltap tool and I can see that the server is sending the client 2 certs, the server cert and the root ca cert that signed it. Hence during the connection attempt there is cert chain of length 2. The verify failure occurs cert_VerifyCertChainOld() in this code: /* make sure that the issuer is not self signed. If it is, then * stop here to prevent looping. */ if (issuerCert-isRoot) { PORT_SetError(SEC_ERROR_UNTRUSTED_ISSUER); LOG_ERROR(log, issuerCert, count+1, 0); goto loser; } This suggests to me that NSS will not accept a cert chain with the root cert in it. Is that correct? My understanding (and verified via some additional research) is that while it's not optimal/common to include the root cert in the chain it is in fact permissible. The basic idea I believe is the root cert in the chain is ignored and previous cert in the chain is validated by finding the root issuer in the trust store. Yes/No/Comments? The stand alone validation succeeds apparently because there is no chain to traverse with a root cert in it. Is NSS behaving incorrectly by rejecting a chain with a root cert? Is the server behaving incorrectly by sending a chain with a root cert? What causes a root cert to be included in a chain? Any suggestions, comments, or insights which will help me get around the problem? P.S.: The certs are generated with GNUtls, There seem to be some oddities in the certs, for instance the server cert includes a BasicConstraints extension with the CA flag set to False, it doesn't seem to be creating a problem for NSS during validation. The CA cert also has BasicConstaints but with the CA flag set to true and path length set to 2. Not sure if this is relevant to this issue or not. -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: TLS: error: the certificate '/etc/openldap/certs/xxx.crt' could not be found in the database - error -12285:Unable to find the certificate or key necessary for authentication.
On 09/19/2014 10:43 AM, Sterling Sahaydak wrote: I was told by the Chief Architect, OpenLDAP the following: This has nothing to do with OpenLDAP. Your build is using the MozNSS crypto library, ask them for help. So, here is my setup - I've recently updated both my openldap servers to 2.4.39 version and everything seems to be working EXCEPT the mirror synchronization which was the issue I had previously with 2.4.23 Running on CentOS 6.5 Setup - Server1(provider):ldap-east.x.net Server2(consumer): ldap-west.x.net Not using self signed certs. Instead have a SAN(Subject Alternative Name)cert from DigiCert with 4 hostnames: ldap.x.net ldap-1.x.net ldap-2.x.net ldap-alt.x.net I'm using slapd.conf vs cn=config. A code snippet of my slapd.conf file showing the TLS setup: [root@ldap-east openldap]# cat slapd.conf include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/sudo.schema allow bind_v2 TLSCertificateFile /etc/openldap/certs/ldap_x_net.crt TLSCertificateKeyFile /etc/openldap/certs/ldap_x_net.key TLSCACertificateFile /etc/openldap/certs/CAcompany.crt The details of the Error Msg: [root@ldap-east certs]# slapd -d sync 541b16ed @(#) $OpenLDAP: slapd 2.4.39 (Sep 16 2014 19:42:16) $ r...@admin.pcoral.net:/root/rpmbuild/BUILD/openldap-2.4.39/openldap-2.4.39/servers/slapd 541b16ed /etc/openldap/slapd.conf: line 165: warning, destination attributeType 'sAMAccountName' is not defined in schema 541b16ed PROXIED attributeDescription SAMACCOUNTNAME inserted. 541b16ed /etc/openldap/slapd.conf: line 215: rootdn is always granted unlimited privileges. 541b16ed bdb_monitor_db_open: monitoring disabled; configure monitor database to enable 541b16ed slapd starting TLS: error: the certificate '/etc/openldap/certs/ldap_x_net.crt' could not be found in the database - error -12285:Unable to find the certificate or key necessary for authentication.. TLS: certificate '/etc/openldap/certs/ldap_x_net.crt' successfully loaded from PEM file. TLS: no unlocked certificate for certificate 'CN=ldap.x.net,O=xx, INC.,L=Alviso,ST=California,C=US'. 541b16ed do_syncrep2: rid=001 LDAP_RES_INTERMEDIATE - REFRESH_DELETE *** I wonder if there is something about SAN certs where ldap is having issues ? *** Since it is a signed CA cert in a mirror sync setup do I need to set it up in the local CA(using certutil) and add it? (didn't have to for non-sync use) *** Unclear of 'not found in database' - which one? I've tried adding it using certutil in various permutations of setting adding the cert to the local CA database with all the various SAN names as different nick names *** I've also setup symlinks in /etc/openldap/certs pointing from the hashes - certs - but all of these with the exact same output as above. I saw a very similar question on the python-ldap list a couple of days ago, I wonder if this is related. The ldap library on Red Hat systems is configured to use NSS not OpenLDAP. The NSS support implemented in the tls_m.c file which is part of the ldap distribution. The LDAP folks generally don't want to support NSS which is probably why you were referred here. Your best bet might be work with the author of tls_m.c who is Rich Megginson rmegg...@redhat.com However having said that I took a look at what you posted and the source code tls_m.c. There is not enough information in what you provided to help in any great detail. I think you might be getting confused by some of the debug messages because the way tls_m.c works is it will try a few different approaches until one succeeds. Some of the messages you posted are examples of that. Note how you got a message about the cert being successfully loaded after the message about being unable to find the cert. The message about the NSS database is thus a red herring. tls_m.c should work fine with PEM files and thus I'd wouldn't go down the route of trying muck with NSS databases yet (unless you're really conversant with what you're doing). I would make sure the files you are providing are valid and in the right format. For instance is the key file actually PKCS12 format requiring a password or is it PEM? Is the cert chain fully available in the CA file? Are the files readable? Is SElinux enforcing enabled? Are there AVC's? Do the exact same files work in another context? If you're adventurous and can do C debugging I would ldap under GDB and break in the method tlsm_add_key_from_file() and make sure your private key is getting loaded. HTH, John -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Updates to the Server Side TLS guide
On 10/21/2014 09:02 PM, Julien Vehent wrote: NSS is very rarely used in servers. Not true. Red Hat ships many products with NSS server configurations. -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: documentation for NSS API?
On 12/16/2014 02:59 AM, D. Hugh Redelmeier wrote: I'm sure that this is a dumb / naive set of questions. Just the sort of thing that should be met with the response Read The Fine Manual. Could you point me towards it? Thanks. Current NSS documentation can be found here: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS However the amount of actual API documentation is minimal. The technical notes and sample code may be your best bet, they illustrate how to perform a number of frequently needed tasks. As for per function documentation some of the header files have comments for some of the functions. In addition to the technical notes and sample code on the web you can peruse the source code to see how things are called, the utilities (e.g. certutil, etc.) are a good starting point. Learning to use NSS is mostly a matter of browsing the NSS source code. It would benefit NSS adoption if there was better documentation but for what it's worth this seems to be a hallmark of crypto libraries, openssl, kerberos, GSSAPI, etc. are all equally opaque. :-( HTH, John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: best practices - python-nss to serialize PEM
On 01/14/2015 02:59 PM, Robert Daniels wrote: John, Some additional observations. If I debug with a breakpoint over the password callback, it's never called when invoking pkcs12_export, however it is invoked when calling find_key_by_any_cert. Hmmm ... that seems odd. It's NSS that decides if it needs to acquire a password in order to perform an operation. So I guess there are two possibilities here, either NSS never invoked the password callback or the python binding somehow failed to invoke the callback you set. However I would expect if that were the case you would get a subsequent error about not have permission to access the key. What version of python-nss are you using? I also notice 2 flavors of the callbacks for password, one taking 2 parameters and the other 3, which is confusing. find_any_key_bt_cert only works with the 3-parameeter flavor. I used a 2-param callback as was given in the sample code for test_pkcs12.py cb1(slot, retry, password) cb2(slow, retry) FYI The API docs for python-nss are here: https://mozilla.github.io/python-nss-docs/ Specifically the doc for setting the password callback is here: https://mozilla.github.io/python-nss-docs/nss.nss-module.html#set_password_callback which says: The callback has the signature: password_callback(slot, retry, [user_data1, ...]) - string or None I think the reason you're confused is that the callback takes 2 required parameters (slot retry), all other parameters are optional. You decide what you need to pass to the callback. In traditional C or Java code such callbacks usually have 1 user data parameter, if you only need to pass one value you pass that in the user data parameter, if you need 2 or more values you're forced to pass a complex structure. But because Python has a more relaxed calling convention it's easy to support the equivalent of varargs (variable arguments), so all you have to do is make sure your callback and what you pass have the same signature. If you pass 3 args make sure the callback accepts 3 args, etc. As for why pkcs12 is not working for you I can't say. There were bug fixes along the way, hence why I'm wondering about the version. I do know other projects are using the pkcs12 functionality, that combined with the unit test suggests it works in the cases we know about. If you're still stuck it might come down to sharing your db with me and allowing me to run it under the debugger. However, I'm real busy at the moment and I'm not sure I can take the time out, but if I can I'll try to help. -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: best practices - python-nss to serialize PEM
On 01/15/2015 02:35 PM, Robert Daniels wrote: Ok, I tested this on the latest 0.16 and it works. Thanks again for the help. Fabulous, thanks for the feedback. -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: best practices - python-nss to serialize PEM
On 01/14/2015 09:58 AM, Robert Daniels wrote: Trying as you suggested today, but ran into some other thing which is puzzling. When I call cert = find_cert_from_nickname(nn, pwd) I successfully pull the server cert. I then call find_key_by_any_cert(cert, certpassword) I get an object back (nss.nss.PrivateKey). So, presumably the PK exists for the cert. However, after calling pkcx12_data = nss.pkcs12_export(nn, pwd) it throws an exception with Private Key could not be located and exported. So confused as why I can get a PrivateKey object, but not export it with the cert. Does it work using pk12util? -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: best practices - python-nss to serialize PEM
On 01/15/2015 07:50 AM, Robert Daniels wrote: We are using python-nss 0.12. I will pull the newest and see if that fixes the problem. Current version is 0.16.0. Not sure where you're pulling it from, the Mozilla site https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Python_binding_for_NSS Is always up to date as well as Fedora packages. I think Debian tracks it closely as well. I just realized that pypi was out of date, it only had 0.14.0. I just updated pypi. Also on the password callback, just a theory but it could be since it cannot find the cert, it does not get to the point where it needs the password. Makes sense. I'll chime back after testing with a newer version of python-nss. -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Problems with python-nss get_cert_nicknames
On 01/09/2015 08:07 AM, Roger Dunn wrote: I need to enumerate the certs in my local store, and in my testing, only user certs can be enumerated using the get_cert_nicknames api. It also appears to be the only exposed api for listing certs in the db. I'm using the ver 0.12 version of python-nss. The function get_cert_nicknames takes a parameter which lists ALL certs, USER certs, CA certs, SERVER certs. I have a mix of user and valid CA certs in my nssdb, and the only flag that works is nss.SEC_CERT_NICKNAMES_USER, and does indeed return my user certs. I'm unable to programmatically discover other certs using this api. After reviewing the nss 'C' source code, I noticed a #ifdef surrounding the sections that handle the other 3 cases. Is this functional, and if not, is there some other mechanism to enumerate the certs? There was an almost identical question posted last night by tahoeki...@gmail.com with the subject nss-python issue. I assume this is a duplicate post by the same person, yes or no? In any event if you tracked the problem down to a specific location in the source code it would help if you included that information. I located the problematic code: file: lib/certhigh/certhigh.c line: 371 function: CollectNicknames I have no idea why this logic is commented out. FWIW I did code up a simple python-nss test and reproduced the behavior. The problem has nothing to do with python-nss. python-nss simply calls the NSS function CERT_GetCertNicknames(). Maybe one of the core NSS developers can shed light on why the code is commented out. My suggestion would be to file a bug against NSS. https://bugzilla.mozilla.org/enter_bug.cgi?format=guided#h=bugForm|NSS|Libraries -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: best practices - python-nss to serialize PEM
On 01/13/2015 09:58 AM, Robert Daniels wrote: I also need to serialize private keys in the same fashion. Any hints greatly appreciated. By design NSS prohibits access to private keys therefore you cannot serialize private keys. However, you can export a cert/key pair in PKCS12 format. See nss.pkcs12_export. There isn't an example python program for pkcs12 but there is a unit test, see test/test_pkcs12.py. Because it's a unit test it's not a simple straight forward example but it does illustrate using other command line tools which are used to verify the pkcs12 operation. OpenSSL does permit extracting a key from a PKCS12 file, so once you've extracted the key/cert to a .p12 file you can use OpenSSL to get the key. Note, there is no need to use python-nss to extract a cert/key from a NSS database, you can use the pk12util command line utility directly. FWIW the pkcs12 implementation in python-nss pretty much mirrors what pk12util is doing using essentially the same NSS entry points. -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: best practices - python-nss to serialize PEM
On 01/12/2015 08:50 AM, robertdaniels2...@gmail.com wrote: I'm loading certs via python-nss, and need to serialize the format as x509 PEM output. I'm using a mix of python-nss and openssl. crypto.dump_certificate does not take a nss.Certificate parameter, so looking for what is the best practices path to achieve this. The soon to be released version 0.17.0 has support for serializing a SecItem to PEM form. To use it you would get the binary DER data for the cert via the der_data property and then serialize it to PEM like this: nss.SecItem(cert.der_data).to_base64(pem_type='CERTIFICATE') but ... 0.17.0 hasn't been released yet. So in the mean time you can grab the binary DER data from the cert (e.g. cert.der_data) and pass it into this Python function import base64 def make_pem(der_data): data = base64.b64encode(der_data) pemcert = '\n'.join([data[x:x+64] for x in range(0, len(data), 64)]) return '-BEGIN CERTIFICATE-\n' + \ pemcert + \ '\n-END CERTIFICATE-' print make_pem(cert.der_data) -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Fwd: [members] The PKCS 11 OASIS Standards are published
FYI Forwarded Message Subject:[members] The PKCS 11 OASIS Standards are published Date: Tue, 21 Apr 2015 12:30:56 -0400 From: Chet Ensign chet.ens...@oasis-open.org To: tc-annou...@lists.oasis-open.org, memb...@lists.oasis-open.org, pkc...@lists.oasis-open.org pkc...@lists.oasis-open.org, pkcs11-comm...@lists.oasis-open.org OASIS Members, OASIS is pleased to announce the publication of its newest OASIS Standards: PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 OASIS Standard 14 April 2015 PKCS #11 Cryptographic Token Interface Profiles Version 2.40 OASIS Standard 14 April 2015 PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 OASIS Standard 14 April 2015 PKCS #11 Cryptographic Token Interface Historical Mechanisms Specification Version 2.40 OASIS Standard 14 April 2015 Overview: PKCS #11 is an application programming interface (API) that enables interaction with cryptographic devices in multi-vendor environments. The Base Specification provides normative definition of PKCS #11 objects, attributes and operations. Profiles describes conformant profiles consisting of PKCS #11 objects, attributes, operations and mechanisms. Current Mechanisms describe the application of PKCS #11 objects, attributes and operations for specific mechanisms currently in general use. Historical Mechanisms describe the application of PKCS #11 objects, attributes and operations for specific mechanisms that have been but are no longer in general use. The OASIS PKCS 11 Technical Committee develops enhancements to improve the PKCS #11 standard for ease of use in code libraries, open source applications, wrappers, and enterprise/COTS products: implementation guidelines, usage tutorials, test scenarios and test suites, interoperability testing, coordination of functional testing, development of conformance profiles, and providing reference implementations. These new OASIS Standards were approved by the membership of the organization on 14 April 2015. - PKCS #11 Cryptographic Token Interface Base Specification Version 2.40: https://www.oasis-open.org/committees/ballot.php?id=2784 - PKCS #11 Cryptographic Token Interface Profiles Version 2.40: https://www.oasis-open.org/committees/ballot.php?id=2785 - PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40: https://www.oasis-open.org/committees/ballot.php?id=2786 - PKCS #11 Cryptographic Token Interface Historical Mechanisms Specification Version 2.40: https://www.oasis-open.org/committees/ballot.php?id=2787 URIs: The prose specifications and related files are available here: - PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 Editable source (Authoritative): http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.doc HTML: http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html PDF: http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.pdf - PKCS #11 Cryptographic Token Interface Profiles Version 2.40 Editable source (Authoritative): http://docs.oasis-open.org/pkcs11/pkcs11-profiles/v2.40/os/pkcs11-profiles-v2.40-os.doc HTML: http://docs.oasis-open.org/pkcs11/pkcs11-profiles/v2.40/os/pkcs11-profiles-v2.40-os.html PDF: http://docs.oasis-open.org/pkcs11/pkcs11-profiles/v2.40/os/pkcs11-profiles-v2.40-os.pdf - PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Editable source (Authoritative): http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/os/pkcs11-curr-v2.40-os.doc HTML: http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/os/pkcs11-curr-v2.40-os.html PDF: http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/os/pkcs11-curr-v2.40-os.pdf - PKCS #11 Cryptographic Token Interface Historical Mechanisms Specification Version 2.40 Editable source (Authoritative): http://docs.oasis-open.org/pkcs11/pkcs11-hist/v2.40/os/pkcs11-hist-v2.40-os.doc HTML: http://docs.oasis-open.org/pkcs11/pkcs11-hist/v2.40/os/pkcs11-hist-v2.40-os.html PDF: http://docs.oasis-open.org/pkcs11/pkcs11-hist/v2.40/os/pkcs11-hist-v2.40-os.pdf ZIP distribution files (complete): For your convenience, OASIS provides complete packages of each prose specification and related files in ZIP distribution files. You can download the ZIP files here: - PKCS #11 Cryptographic Token Interface Base Specification: http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.zip - PKCS #11 Cryptographic Token Interface Profiles Version: http://docs.oasis-open.org/pkcs11/pkcs11-profiles/v2.40/os/pkcs11-profiles-v2.40-os.zip - PKCS #11 Cryptographic Token Interface Current Mechanisms Specification: http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/os/pkcs11-curr-v2.40-os.zip - PKCS #11 Cryptographic Token Interface Historical Mechanisms Specification: http://docs.oasis-open.org/pkcs11/pkcs11-hist/v2.40/os/pkcs11-hist-v2.40-os.zip Our
Re: New JSS Version?
On 08/05/2015 02:37 PM, Opa114 wrote: Am Dienstag, 14. Juli 2015 14:45:20 UTC+2 schrieb Opa114: Hi, when will be a new release of JSS come out? The last Version is very old and did not support some features of latest NSS, which are very important for me. And the JSS should be improved, because some methods are very bad or not implemented. Any information? is there no one who has information??? Well, I was going to reply but I wasn't sure my information was 100% correct so I was going to let someone else reply. To the best of my knowledge no one owns JSS anymore, i.e. there is no dedicated developer nor upstream. Christina Fu c...@redhat.com occasionally will fix a bug in JSS because Christina works on the Dogtag (i.e. Certificate Server) project which has a dependency on JSS. But I don't think Christina is prepared to own JSS and roll out new features. I seem to recall Christina may have added ECC support in JSS but I'm not sure. Then there is the fact the version of JSS used by her team is a fork (or at least it was). Really the best answer if you need something in JSS is patches welcome. -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: How to use NSS in my C++ Project?
On 11/10/2015 04:38 PM, Opa114 wrote: Hi, can someone explain me how i use NSS and NSPR in my C++ Project? I'm new to C++ and want use in project the NSS libraries, so i thought i could include the header files i need, but did not work, so what's the right way? 2 things: When you ask a question and want others to help you it's best to give details, a statement like "did not work" doesn't tell the reader anything, only you know how it didn't work (but in this case I can probably guess) You need to declare the headers are C language via extern "C". This is a very common C++ issue and discussed widely. Some headers will add the extern "C" declaration as a friendly service, I just checked the NSS headers and unfortunately only 2 of the headers actually do this so you'll have to provide the declaration yourself. extern "C" { #include "nss.h" } should do the trick, google mixing C and C++, you should find a ton of information. Must i compile NSS and NSPR first and the use the DLL / Libs? Would be very helpful if someone could explain it in detail. Thanks a lot! -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Import Keys from OpenSSL into NSS
On 10/30/2015 06:23 AM, JBarry wrote: Good Morning, I'll apologize in advance if this question has already been asked/answered (I did look and found nothing that helped me out) or if the question seems trivial. I am a college intern currently working with NSS for the first time, so please forgive me if I state anything incorrectly or in a confusing manner. So I would like to import keys generated by OpenSSL into NSS and make them usable in NSS. Any help on how to accomplish this (any commands needed/used) as well was what functions help do this (so I can better understand the system) would be much appreciated. My reasoning behind wanting to do this is mainly because I am having a hard time understanding how keys are generated in NSS and my supervisor stated that if we could import the keys from OpenSSL then that would work just as well. (If you also have the ability to explain this then that would be extra awesome) Any help is much appreciated, https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/tools/NSS_Tools_certutil -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Import Keys from OpenSSL into NSS
On 10/30/2015 10:05 AM, John Dennis wrote: On 10/30/2015 06:23 AM, JBarry wrote: Good Morning, I'll apologize in advance if this question has already been asked/answered (I did look and found nothing that helped me out) or if the question seems trivial. I am a college intern currently working with NSS for the first time, so please forgive me if I state anything incorrectly or in a confusing manner. So I would like to import keys generated by OpenSSL into NSS and make them usable in NSS. Any help on how to accomplish this (any commands needed/used) as well was what functions help do this (so I can better understand the system) would be much appreciated. My reasoning behind wanting to do this is mainly because I am having a hard time understanding how keys are generated in NSS and my supervisor stated that if we could import the keys from OpenSSL then that would work just as well. (If you also have the ability to explain this then that would be extra awesome) Any help is much appreciated, https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/tools/NSS_Tools_certutil Opps, hit send too quick You'll create a NSS database using certutil (above link) Then you'll import your key/cert into the NSS database using pk12util https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Tools/pk12util Some more useful info here in this link: https://docs.oracle.com/cd/E19316-01/820-4335/ablrf/index.html To get your OpenSSL key/cert into a pkcs12 file you'll need to read up on this command. openssl pkcs12 -export -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: RFC7512 PKCS#11 URI support
One of the problems I have with the argument Ryan presents concerning API contracts and breakage is that "API contract" Ryan talks about is to the best of my knowledge undocumented, it's a API "convention" observed by a select group of developers "in the know". I don't see anything about a token plus colon prefix in the documentation: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/SSL_functions/pkfnc.html#1035673 If the API does not have documented behavior constraints then you can't be causing a API breakage. P.S.: CERT_FindCertByNickname is also undocumented. Nor is there any documentation on the syntax of nicknames in Cert DB. -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: RFC7512 PKCS#11 URI support
On 03/17/2016 10:52 AM, Ryan Sleevi wrote: On a technical front, Chrome and Firefox, as browsers, have been removing support for the notion of generic URIs, and investing in aligning on the URL spec - that is, making a conscious decision NOT to use URIs as URIs. Could you clarify this statement? > NOT to use URIs as URIs Is this a typo? -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: How to get a list of SubjectAltNames of a cert in NSS
On 02/23/2017 11:04 AM, Paul Wouters wrote: Hi, I'm looking at the best way to get a list of SubjectAltNames of a CERTCertificate. Anyone have a pointer (haha) for me ? CERT_DecodeAltNameExtension See secu_PrintAltNameExtension() in cmd/lib/secutil.c or cert_VerifySubjectAltName() in lib/certdb/certdb.c for an examples. -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: CERT_AsciiToName() and unknown OIDs
On 02/23/2017 09:00 AM, Miklos Vajna wrote: Hi, [ I ran into this problem as a follow-up of the previous ECDSA question I asked earlier, but I assume this problem is independent. ] I'm trying to use CERT_AsciiToName() to get the DER-encoded equivalent of a string from an XML signature. The original string from my XML signature was: "C=HU,L=Budapest,O=NISZ Nemzeti Infokommunikációs Szolgáltató Zrt.,CN=Állampolgári Tanúsítványkiadó - Qualified Citizen CA,UNDEF=VATHU-10585560" CERT_AsciiToName() fails for this, as nss/lib/certdb/alg1485.c's name2kinds table has no idea about "UNDEF", and researching a bit it seems to be indeed a custom construct, so I complained to the creator of the signature about this. As a reply they now improved, their replacement is: "C=HU,L=Budapest,O=NISZ Nemzeti Infokommunikációs Szolgáltató Zrt.,CN=Állampolgári Tanúsítványkiadó - Qualified Citizen CA,2.5.4.97=VATHU-10585560" This fails the same way, for the same reason. I guess what their intention was to encode the OID into the part before the "=" character, for an OID that is indeed advertised by ETSI, but has no IANA registered type name. Reading ParseRFC1485AVA() in same file my guess was the correct syntax would be: "C=HU,L=Budapest,O=NISZ Nemzeti Infokommunikációs Szolgáltató Zrt.,CN=Állampolgári Tanúsítványkiadó - Qualified Citizen CA,OID.2.5.4.97=VATHU-10585560" but before suggesting this to the creator of the signature (author of the software that generates this XML signature), I wanted to check if NSS is happy with it, and it's not. Here is how it fails exactly: In case of using the proper "OID." prefix, ParseRFC1485AVA() calls SEC_StringToOID() and that returns SECSuccess, but later the if (kind == SEC_OID_UNKNOWN) condition still leads to PORT_SetError(SEC_ERROR_INVALID_AVA) and thus CERT_AsciiToName() fails. So my question: am I right this is a bug in NSS? If absolutely needed, I could work around the problem in my client code, but it would be nice if NSS could handle the situation. I guess there are several options, like 1) teching NSS about this OID 2) ignoring unknown OIDs 3) allowing unknown OIDs and encoding them into the DER blob. At least it looks a bit confusing that the OID.x.y... syntax is supported, but unknown OIDs are not allowed. If the conclusion is that this new OID just has to be added to the list of OIDs NSS recognizes, I can try to craft a patch that does so. (Though so far I did not try to build NSS myself, I'm just using the distro debug packages.) You should follow the RFC specifications, in this case RFC-4514 and RFC-4512. The second example with the RDN 2.5.4.97=VATHU-10585560 is correct. It does appear that ParseRFC1485AVA has a bug if (!PL_strncasecmp("oid.", tagBuf, 4)) { rv = SEC_StringToOID(arena, , tagBuf, strlen(tagBuf)); SEC_StringToOID() can handle a numericoid (e.g. dotted decimal) with or without a "OID." prefix. The test should include a test for a numericoid. FWIW the code is implementing a very old obsoleted RFC the "oid." prefix comes from RFC-1485 published in 1995, the current RFC 4514 is from 2006. RFC 4514 obsoletes 2253 which obsoletes 1779 which obsoletes 1485. -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: How to get a list of SubjectAltNames of a cert in NSS
On 02/23/2017 11:14 AM, John Dennis wrote: On 02/23/2017 11:04 AM, Paul Wouters wrote: Hi, I'm looking at the best way to get a list of SubjectAltNames of a CERTCertificate. Anyone have a pointer (haha) for me ? CERT_DecodeAltNameExtension See secu_PrintAltNameExtension() in cmd/lib/secutil.c or cert_VerifySubjectAltName() in lib/certdb/certdb.c for an examples. Actually, if all you want to simply grab the names avoiding C code you can use the nss python binding. Attached is a simple Python script, the Symantec cert to use as an example, and the output of the script % python nss_print_subject_alt_names.py symantec.pem -- John certificate filename: symantec.pem certificate subject: CN=www.symantec.com,OU=Corp Mktg & Comms - Online Exp,O=Symantec Corporation,STREET=350 Ellis Street,L=Mountain View,ST=California,postalCode=94043,C=US,serialNumber=2158113,businessCategory=Private Organization,incorporationState=Delaware,incorporationCountry=US has 25 alternate names partnernet.symantec.com partnernet-internal.symantec.com sites-internal.symantec.com www.go.symantec.com www4.symantec.com sites.symantec.com sites-qa.symantec.com my-qa.symantec.com bcportal.symantec.com partnernet.norton.com scm.symantec.com partnernet-internal.norton.com partnernet-uat.symantec.com securityresponse.symantec.com my.symantec.com go.symantec.com sites-uat.symantec.com partnernet-qa.symantec.com partnernet-uat.norton.com partnernet-qa.norton.com partnernet-sit.symantec.com www.symantec.com m.symantec.com partnernet-temp.symantec.com my-uat.symantec.com -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: How to get a list of SubjectAltNames of a cert in NSS
Argh ... looks like the mailing list scrubbed 2 of my attachments. Here is the python code (not as an attachment), hope the mailer does not mangle it. import sys import nss.nss as nss from nss.error import NSPRError # Perform basic configuration and setup nss.nss_init_nodb() # Get the cert filename from command line argument filename = sys.argv[1] print "certificate filename: %s" % (filename) # Read the certificate from the file si = nss.read_der_from_file(filename, True) # Parse the DER encoded data returning a Certificate object cert = nss.Certificate(si) # Get the SubjectAltName extension from the cert try: extension = cert.get_extension(nss.SEC_OID_X509_SUBJECT_ALT_NAME) except KeyError: print "Certificate does not contain a SubjectAltName extension" sys.exit(1) # Get the names from the extension names = nss.x509_alt_name(extension.value) # Print out the names print 'certificate subject: %s' % cert.subject print 'has %d alternate names' % len(names) for name in names: print ' %s' % name # Success sys.exit(0) -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: NSS open multiple NSS-Databses at once?
On 01/11/2017 03:21 AM, Opa114 wrote: Am Mittwoch, 11. Januar 2017 00:45:45 UTC+1 schrieb Robert Relyea: On 01/10/2017 02:07 PM, Opa114 wrote: Am Dienstag, 10. Januar 2017 22:24:10 UTC+1 schrieb Robert Relyea: On 01/10/2017 10:18 AM, Opa114 wrote: thanks, but these facts i know. I don't want top let multiple applications open one Database, i want to open multiple different Mozilla databases, in the old standard format, with one (my) application. I tried to use the NSS_Init functions. These works with openening one database, but when i open a second one the whole application crashes,so that's why i asked the question and may be get some working example c++ code? 1) Where are you crashing (it's not expected to work, but I don't expect a crash because you called NSS_Init again). 2) To open additional databases you want to use SECMOD_OpenUserDB: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/PKCS11_Functions#SECMOD_OpenUserDB You can call that multiple times. Once the database is opened any of the NSS find functions will find all the certs in both databases. The slot returned from SECOMD_OpenUserDB can be used in functions that take a slot to narrow the operations just to that particular database. To NSS each database will look basically like a smart card. When you are through with that database you can use SECMOD_CloseUserDB() bob thanks for reply. Here are first some little code of which did not work, that means it crashes: functionLoadFirefox() { SECStatus rv = NSS_InitReadWrite(PATH_TO_FF_DB); ... if success load Certificates with PK11_ListCerts(PK11CertListAll, NULL); NSS_Shutdown(); } functionLoadThunderbird() { SECStatus rv = NSS_InitReadWrite(PATH_TO_TB_DB); ... if success load Certificates with PK11_ListCerts(PK11CertListAll, NULL); NSS_Shutdown(); } So these are my two functions in which i opened and clos the databases and retrieve the certificates. So the certs you got from the first call is likely preventing NSS_Shutdown from completing. The certs hold references to the respective slots. Those references prevent NSS_Shutdown from closing completely. The will prevent the second NSS_Init from succeeding, so you probably crash in your second shutdown. You can detect this happened by looking at the return value from NSS_Shutdown(). --> 2) To open additional databases you want to use SECMOD_OpenUserDB So this means. First i have to call NSS_Init with let's say firefox database ad the i have to call SECMOD_OpenUserDB with the thudnerbirddatabse, right? Or must i load both with the SECMOD_OpenUserDB? You can either use NSS_Init with no database and then call SECMOD_OpenUserDB() for both, or you can call NSS_Init with one database and then call SECMOD_OpenUserDB with the other. --> Once the database is opened any of the NSS find functions will find all the certs in both databases But i have to know from which databse the certificates are coming from. So i need to know that let's say Certificate ABC ist stored inside Firefox Databse and Certificate 123 is stored in Thunerbird Database. How can i do that? or is this not possible? The slot the database can be found in the cert->slot entry, but this will only give you ONE of the slots the cert lives in. If a cert exists in both databases, it will have a single entry on the list and be "somewhat" random which slot is listed (If you open one database with NSS_Init and the second with SECMOD_OpenUserDB() then the one you opened with SECMOD_OpenUserDB() will be the slot that shows up. To fix this issue, there's a function called PK11_GetAllSlotsForCert() which returns a slotList and will return all the slots that hold this cert. The slots map one for one to the databases you opened (or any smart cards you have loaded). You can control the 'tokenName' of each slot with the string arguments you pass to SECMOD_OpenUserDB(), and you can get the token name with PK11_GetTokenName() on each slot on the list.. You could also use PK11_ListCertsInSlot() which takes a slot (SECMOD_OpenUserDB() will return a slot for you) and lists only those certs in that slot. Be sure to free all these things once you are through with them, or your shutdown will fail at the end again. bob thanks again for the detailed explanation, that helps me a lot - many thanks! --> So the certs you got from the first call is likely preventing NSS_Shutdown from completing. So when i free the used stuff i can close the database correctly, so that i can open the second one. If i can close the first one correctly and NSS shuts down i should be able to open the second one, too. Can you give me some more details to my piece of code or in general how to free the things correctly? Yes, you have to make sure NSS_Shutdown*() returns without an error, if it doesn't the next NSS_init* won't work. You can test for whether NSS is still in an initialized state with NSS_IsInitialized(). If NSS does not shutdown successfully it's because of
Re: NSS API documentation - Am I missing something?
On 03/18/2017 02:36 AM, arequip...@gmail.com wrote: I am trying to create a simple program that does some basic management of an NSS database (add/update/remove) certificates, and I'm having a terrible time finding documentation for even basic stuff. (E.g. how do I iterate through a CERTCertList?) The best documentation on these is the NSS source code. In particular the source to the certutil command line utility. cmd/certutil/certutil.c Look for ListCerts on line 575. It's also useful and instructive to search the code base for other references to the same types, often you'll discover a pattern or see some other tidbit that's useful. The documentation on developer.mozilla.org seems *really* incomplete. I think many would agree. Is there a better source somewhere that I'm missing? Probably not, I think most developers using NSS learn it from studying either the NSS source or source code that uses NSS. At one time there was better doc online but I think some of it has disappeared with various attempts to organize Mozilla developer doc. -- John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto