TGOS wrote: > > On Wed, 13 Nov 2002 19:09:00 -0800 "Nelson B. Bolyard" > <[EMAIL PROTECTED]> wrote in netscape.public.mozilla.security:
> > The request is based on a false premise, that the key is > > derived from the master password. The key is NOT derived from the master > > password. > > Then Mozilla crypto system is a very bad system. Really!? Let's see. The U.S. Government has put NSS (the crypto security module used in mozilla and Netscape browsers) on their list of validated crypto modules, meeting the Federal Information Processing Standard 140-1, the Federal Security Requirements for Cryptographic modules. It's on the same list with many other well known hardware and software security modules. The U.S. Department of Defense uses it. They studied it in depth. See for your self at these URLs: http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf http://csrc.ncsl.nist.gov/cryptval/140-1/1401val2002.htm (scroll down to #247) http://csrc.ncsl.nist.gov/cryptval/140-1/140crt/140crt247.pdf http://dii-sw.ncr.disa.mil/Del/netlic.html#products The validation certificate is listed in Sun's name because Sun is one of the major contributors to, and users of, NSS, and Sun sponsored the NIST validation, I believe. > > The key generation, storage, and related encryption and decryption is > > all done inside of a cryptographic "token" (hardware device, or software). > > Pardon me, but what cryptographic hardware does Mozilla support? I'm not > aware of any such support build into Mozilla. Nearly every crypto hardware device that supports a PKCS #11 software interface, version 2.x, works with mozilla. That's Public Key Cryptography Standard Number 11, in case you're not familiar with it. http://www.rsasecurity.com/rsalabs/pkcs/pkcs-11/ Devices ranging from high end crypto accelerators down to little crypto devices that fit on your key chain or in your wallet work with mozilla. I have 3 devices on my key chain in my pocket, and one in my wallet, all from different manufacturers, and all work with mozilla for signing email, decrypting email, and authenticating to SSL/TLS servers. NSS's crypto software emulates a PKCS 11 hardware token. > > The base64 encoded blob you see contains an ASN.1 DER encoded structure > > which contains the key identifier; another DER encoded structure which > > contains the algorithm identifier (the system is not limited to any one > > encryption algorithm) and the initialization vector (for block ciphers > > only); and the encrypted data. > > And this is documented where? The ASN.1 encoding, and the algorithm identifier OIDs used, are all international PKI standards. Many are also documented in Internet RFCs. See, for example, ftp://ftp.rfc-editor.org/in-notes/rfc3279.txt If you were familiar with the relevant standards, you probably wouldn't be asking this question. I suggest you start by studying the standards and "related documents" listed on these pages: http://www.mozilla.org/projects/security/pki/nss/overview.html#standards http://www.mozilla.org/projects/security/pki/nss/nss-3.4/nss-3.4-algorithms.html http://www.rsasecurity.com/rsalabs/pkcs/ > A security system that is only secure as long as the details stay a > secret was never secure in the first place. A good security system is > still secure even if all code is open and all implementation details are > known to the public. The Mozilla code is open, And therefore does not depend on secrecy. It's all wide open. Don't be afraid. Have a look for yourself. > Have the people that planned the security system never considered that > other programs which are NOT part of Mozilla, which do NOT have access > to the Mozilla libraries and which are NOT written in C++ may want to > access Mozilla's stored user data? Mozilla's NSS libraries are written in c, not c++, and are freely accessible. NSS is used by many products not written in C++. See a list at http://www.mozilla.org/projects/security/pki/nss/overview.html#proven There is even a Java "reflection" available for it, known as JSS. See http://www.mozilla.org/projects/security/pki/jss/ The desire for NSS to be usable by many other products is precisely why mozilla's NSS security system uses an open standard API, the PKCS #11 standard, for access to all its data. NSS's PKCS 11 crypto module is a dynamically loaded shared library, so an application doesn't need to link with it to use it. See http://www.rsasecurity.com/rsalabs/pkcs/pkcs-11/ Netscape and mozilla have reserved the right to change the internal implementation, including the database formats, without notice. They will soon change again. But the APIs will continue to work. > This still leaves my initial questions open: > > Which encryption method does Mozilla use to encrypt the database and how > does it get the key to decrypt the database from the master password. Those were clearly NOT your original questions. You've learned some more about NSS, and you're asking new and more relevant questions now. Have a look at http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/ > And if every encryption method has an ID, where is documented which ID > stands for which method? And again it's lack of documentation. The OIDs used to identify the crypto algorithms are all found in standards that are will known to the community of crypto developers. Knowledge of the relevant crypto standards is a prerequisite to working with NSS internals and NSS data. > See, I can't guess im which out of hundred source code file this might be > written in a two-liner if it's written anywhere at all. That's why mozilla's source servers have powerful source searching and cross referencing capabilities. Look at them here http://lxr.mozilla.org/security/ > > It's far easier just to use the token via the same API that mozilla > > uses. > > Unacceptable, because the app will not be written in C++ and must run on > systems where Mozilla isn't even installed (as long as all the user > profiles are installed, that should be no problem). You proposed to write a program to manipulate mozilla user profiles, as a supposed convenience to mozilla users. Now you say it must run on systems where mozilla isn't installed? That doesn't sound very convenient for mozilla users. Sounds fishy. I wonder if the program has another true purpose. > > If you want web pages that explain this, start with these: > > http://lxr.mozilla.org/security/source/security/manager/ssl/src/nsSDR.cpp#158 > > http://lxr.mozilla.org/security/source/security/nss/lib/pk11wrap/pk11sdr.c#254 > > And that's what Mozilla programmers call documentation? No, it's what they call source code. The answers to all your questions are in there, starting at those lines. Follow one of those links. Notice that many identifiers are underlined. Click on of those identifiers. See how the cross referencing works. > > Use the Source, Luke! > > Thanks for the links, but without any further documentation, I'm afraid > it's quite useless. Reminds me of an old saying: You can lead a horse to water, but you can't make him drink. > -- > TGOS Now, I've written as much as I'm going to in this thread. No one is obliged to keep answering demands for more explanation about NSS, especially when the source is open. You're going to have to do some work to understand what you're attempting to do. Read the source. Or don't. But there's no point in complaining about open source. People who have clearly studied the source and still have questions, and who ask those questions without complaint, often get their questions answered in netscape.public.mozilla.crypto. Followup there. -- Nelson B Speaking only for myself.
