date:20090915

Re: Rus GOST 89

2009-09-15 Thread James Cloos

Frank Hecker hec...@mozillafoundation.org writes:

 Nelson B Bolyard wrote:
 Today, I see the FSF web site talks about copyright assignment. I don't
 know all the implications of that, but I presume that it is essentially
 a relinquishment, except that you keep your own name on the copyrighted
 work.

 One last comment on this: Typical copyright assignment agreements
 transfer all rights in the code to someone else.

Note, though, that the FSF's assignment contract licenses the rights
back to the contributor.  You only give up ownership of the code; you
can still use/modify/distribute/etc the contributed code after
contributing it to the FSF.

But only because they explicitly license it back.

(How that interacts with the extent to which the contributed code is a
derivative of GPL or LGPL code sounds like an interesting question.)

-JimC
-- 
James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Complete chaos in the FreeBL hash_End() semantics.

2009-09-15 Thread Andreev Konstantin


Hello.

At the moment NSS head supports 6 hash algorithm: md2,md5,sha{,-256,-384,-512}.

However, their implementations in freebl backend have no consistent semantics 
for method

   *hash*_End( Context *, unsigned char *digest, unsigned int *digestLen, 
unsigned int maxDigestLen )

Look how various hashes handle (maxDigestLen  REAL_HASH_LENGTH) case:

  MD2_End,MD5_End:
PORT_SetError(SEC_ERROR_INVALID_ARGS) then return.
  - there is no other indication to the caller about error occured
  - they do not care about clearing error if maxDigestLen is sufficient

  SHA1_End:
application dies with post-mortem message.

  SHA{256,384,512}_End:
return only maxDigestLen of digest
  - there is no error indication to the caller at all

I should correctly add GOST hash algorithm to the NSS, but which semantics 
should I implement for GOST_End() ?

I would propose to unify *hash*_End() semantics for (maxDigestLen  
REAL_HASH_LENGTH) as follows:

  1) return only maxDigestLen of digest
  2) always set digestLen to the real hash length.
  3) do *not* kill application (this is unfriendly), do not SetError(). The caller 
can always detect digest buffer shortage from the fact (digestLen  
maxDigestLen), and caller now knows required buffer length from digestLen.

Best regards,
--
Konstantin Andreev, software engineer.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Complete chaos in the FreeBL hash_End() semantics.

2009-09-15 Thread Wan-Teh Chang

On Tue, Sep 15, 2009 at 8:51 AM, Andreev Konstantin andr...@swemel.ru wrote:
 Hello.

 At the moment NSS head supports 6 hash algorithm:
 md2,md5,sha{,-256,-384,-512}.

 However, their implementations in freebl backend have no consistent
 semantics for method

   *hash*_End( Context *, unsigned char *digest, unsigned int *digestLen,
 unsigned int maxDigestLen )

 Look how various hashes handle (maxDigestLen  REAL_HASH_LENGTH) case:

  MD2_End,MD5_End:
    PORT_SetError(SEC_ERROR_INVALID_ARGS) then return.
      - there is no other indication to the caller about error occured
      - they do not care about clearing error if maxDigestLen is sufficient

  SHA1_End:
    application dies with post-mortem message.

  SHA{256,384,512}_End:
    return only maxDigestLen of digest
      - there is no error indication to the caller at all

 I should correctly add GOST hash algorithm to the NSS, but which semantics
 should I implement for GOST_End() ?

 I would propose to unify *hash*_End() semantics for (maxDigestLen 
 REAL_HASH_LENGTH) as follows:

  1) return only maxDigestLen of digest
  2) always set digestLen to the real hash length.
  3) do *not* kill application (this is unfriendly), do not SetError(). The
 caller can always detect digest buffer shortage from the fact (digestLen 
 maxDigestLen), and caller now knows required buffer length from digestLen.

Thank you for the bug report.  The semantics of SHA{256,384,512}_End
are the closest to what I would expect, based on my experience with
other NSS crypto functions.  I would expect that on return, *digestLen
contains the number of bytes written.

Also note that there are Hash_HashBuf functions that require
you to know the output length of a hash algorithm.  So I think the
FreeBL hash functions assume that the callers know the hash
output length.

Wan-Teh
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Rus GOST 89

2009-09-15 Thread Nelson B Bolyard

On 2009-09-15 07:47 PDT, Andreev Konstantin wrote:
 Hello.
 
 I am currently in the process of adding support for GOST algorithms (RFC
 4357,4490,4491) into the NSS.
 
 At this moment I implemented GOST hashing and GOST signature verification
 algorithms in the NSS. This works throughout the whole stack of mozilla
 code, from adding GOST X.509 certificate into the PSM GUI to the freebl
 backend.
 
 I'd like to contribute my work to Mozilla, and would like to communicate
 with one of the NSS project owners/developers for code review and
 guidelines.
 
 Best regards, -- Konstantin Andreev, software engineer.

Greetings, Konstantin Andreev,

You've come to the right place.  Perhaps you have already seen the thread
with one nsk yatree about this subject.

The NSS team will require a contribution whose level of completeness is
approximately the same as that of the Camellia patch.  Such a patch would
include all the following.

   implementation of the GOST code added to libfreebl.
   test program for libfreebl enhanced to test GOST.
   test script for freebl enhanced to test GOST.
   implementation of the new PKCS#11 mechanism(s) added to libsoftokn,
   implementation of the new cipher suites added to libSSL.
   SSL test programs enhanced to test the new cipher suites.
   SSL test scripts enhanced to test the new cipher suites.

All the new code must be licensed with Mozilla's public tri license.

I suggest that you start by filing a bug in bugzilla.mozilla.org,
product: NSS, component: libraries, severity: enhancement.
You can attach your patch(es) there.  We can discuss them there.
Please make all patches as unified CVS diffs against the trunk of NSS's
CVS tree.  e.g. the output of cvs -q diff -Npu

Thanks.  And welcome to the NSS project.
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Complete chaos in the FreeBL hash_End() semantics.

2009-09-15 Thread Robert Relyea


On 09/15/2009 08:51 AM, Andreev Konstantin wrote:

Hello.

At the moment NSS head supports 6 hash algorithm: 
md2,md5,sha{,-256,-384,-512}.


However, their implementations in freebl backend have no consistent 
semantics for method


   *hash*_End( Context *, unsigned char *digest, unsigned int 
*digestLen, unsigned int maxDigestLen )


Look how various hashes handle (maxDigestLen  REAL_HASH_LENGTH) case:

  MD2_End,MD5_End:
PORT_SetError(SEC_ERROR_INVALID_ARGS) then return.
  - there is no other indication to the caller about error occured
  - they do not care about clearing error if maxDigestLen is 
sufficient


  SHA1_End:
application dies with post-mortem message.

  SHA{256,384,512}_End:
return only maxDigestLen of digest
  - there is no error indication to the caller at all

I should correctly add GOST hash algorithm to the NSS, but which 
semantics should I implement for GOST_End() ?


These are private interfaces for NSS softoken, applications can not call 
them directly. It's fine to require maxDigestLen to be at least 
REAL_HASH_LENGTH. You may assert or not in GOST.


I would propose to unify *hash*_End() semantics for (maxDigestLen  
REAL_HASH_LENGTH) as follows:


  1) return only maxDigestLen of digest
  2) always set digestLen to the real hash length.
  3) do *not* kill application (this is unfriendly), do not 
SetError(). The caller can always detect digest buffer shortage from 
the fact (digestLen  maxDigestLen), and caller now knows required 
buffer length from digestLen.


You are assuming applications have access to these functions. If the 
caller passes something less than REAL_HASH_LENGTH for maxDigestLen, 
then it's a bug in the internals of NSS. If this were to change we would 
also update the remaining hash functions.


bob

-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Rus GOST 89

2009-09-15 Thread Robert Relyea


On 09/15/2009 07:47 AM, Andreev Konstantin wrote:

Hello.

I am currently in the process of adding support for GOST algorithms 
(RFC 4357,4490,4491) into the NSS.


At this moment I implemented GOST hashing and GOST signature 
verification algorithms in the NSS. This works throughout the whole 
stack of mozilla code, from adding GOST X.509 certificate into the PSM 
GUI to the freebl backend.


I'd like to contribute my work to Mozilla, and would like to 
communicate with one of the NSS project owners/developers for code 
review and guidelines.


Best regards,
--



I would like make some points about in this thread:

Currently both Seed and Camillia were added directly to NSS softoken. 
This has the advantage that you can mimic what the other natively 
supported algorithms do in NSS, it has the disadvantage that it puts 
your non-FIPS algorithm into our FIPS token, subject to the restrictions 
of FIPS update.


An alternative solution would be to add the new algorithm as a 
separately loaded PKCS #11 module. NSS is capable to identifying these 
modules and using them when necessary. At some point I would like to 
move both Camillia and SEED to this type of module. In fact there is no 
reason that this module couldn't hold all the non-FIPS algorithms.


The one thing I still really need to make this work is a way to 
automatically add the new algorithm's configuration. (And add the 
appropriate information to SSL, which currently still needs to have all 
new cipher suites added programmatically).


bob


-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: TLS version 1.1 + 1.2

2009-09-15 Thread Eddy Nigg


On 09/15/2009 10:07 PM, Nelson B Bolyard:

On 2009-09-15 11:55 PDT, Eddy Nigg wrote:
   

Does mod_nss (NSS based Apache SSL module aka mod_ssl) support TLS v.1.1
and 1.2?
 

NSS does not support TLS 1.1 or TLS 1.2.

Sun's NSS team was planning to add that support in NSS 3.13, but
the pending acquisition of Sun has put all of Sun's future NSS
development plans on hold indefinitely.
   


OK, thanks for your kind answer!

--
Regards

Signer:  Eddy Nigg, StartCom Ltd.
XMPP:start...@startcom.org
Blog:http://blog.startcom.org/
Twitter: http://twitter.com/eddy_nigg

--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Rus GOST 89

Complete chaos in the FreeBL hash_End() semantics.

Re: Complete chaos in the FreeBL hash_End() semantics.

Re: Rus GOST 89

Re: Complete chaos in the FreeBL hash_End() semantics.

Re: Rus GOST 89

Re: TLS version 1.1 + 1.2

7 matches

Site Navigation

Mail list logo

Footer information

Re: Rus GOST 89

Complete chaos in the FreeBL *hash*_End() semantics.

Re: Complete chaos in the FreeBL *hash*_End() semantics.

Re: Rus GOST 89

Re: Complete chaos in the FreeBL *hash*_End() semantics.

Re: Rus GOST 89

Re: TLS version 1.1 + 1.2

7 matches

Mail list logo

Complete chaos in the FreeBL hash_End() semantics.

Re: Complete chaos in the FreeBL hash_End() semantics.

Re: Complete chaos in the FreeBL hash_End() semantics.