Changelog:
Notable Changes:
* The following CA certificates were Removed:
- 1574670 - Remove expired Class 2 Primary root certificate
- 1574670 - Remove expired UTN-USERFirst-Client root certificat
- 1574670 - Remove expired Deutsche Telekom Root CA 2 root certificate
- 1566569 - Remove Swisscom Root CA 2 root certificate
* Significant improvements to AES-GCM performance on ARM
Bugs fixed in NSS 3.46:
* 1572164 - Don't unnecessarily free session in NSC_WrapKey
* 1574220 - Improve controls after errors in tstcln, selfserv and vfyserv
cmds
* 1550636 - Upgrade SQLite in NSS to a 2019 version
* 1572593 - Reset advertised extensions in ssl_ConstructExtensions
* 1415118 - NSS build with ./build.sh --enable-libpkix fails
* 1539788 - Add length checks for cryptographic primitives
* 1542077 - mp_set_ulong and mp_set_int should return errors on bad values
* 1572791 - Read out-of-bounds in DER_DecodeTimeChoice_Util from
SSLExp_DelegateCredential
* 1560593 - Cleanup.sh script does not set error exit code for tests that
"Failed with core"
* 1566601 - Add Wycheproof test vectors for AES-KW
* 1571316 - curve25519_32.c:280: undefined reference to `PR_Assert' when
building NSS 3.45 on armhf-linux
* 1516593 - Client to generate new random during renegotiation
* 1563258 - fips.sh fails due to non-existent "resp" directories
* 1561598 - Remove -Wmaybe-uninitialized warning in pqg.c
* 1560806 - Increase softoken password max size to 500 characters
* 1568776 - Output paths relative to repository in NSS coverity
* 1453408 - modutil -changepw fails in FIPS mode if password is an empty
string
* 1564727 - Use a PSS SPKI when possible for delegated credentials
* 1493916 - fix ppc64 inline assembler for clang
* 1561588 - Remove -Wmaybe-uninitialized warning in p7env.c
* 1561548 - Remove -Wmaybe-uninitialized warning in
pkix_pl_ldapdefaultclient.c
* 1512605 - Incorrect alert description after unencrypted Finished msg
* 1564715 - Read /proc/cpuinfo when AT_HWCAP2 returns 0
* 1532194 - Remove or fix -DDEBUG_$USER from make builds
* 1565577 - Visual Studio's cl.exe -? hangs on Windows x64 when building nss
since changeset 9162c654d06915f0f15948fbf67d4103a229226f
* 1564875 - Improve rebuilding with build.sh
* 1565243 - Support TC_OWNER without email address in nss taskgraph
* 1563778 - Increase maxRunTime on Mac taskcluster Tools, SSL tests
* 1561591 - Remove -Wmaybe-uninitialized warning in tstclnt.c
* 1561587 - Remove -Wmaybe-uninitialized warning in lgattr.c
* 1561558 - Remove -Wmaybe-uninitialized warning in httpserv.c
* 1561556 - Remove -Wmaybe-uninitialized warning in tls13esni.c
* 1561332 - ec.c:28 warning: comparison of integers of different signs: 'int'
and 'unsigned long'
* 1564714 - Print certutil commands during setup
* 1565013 - HACL image builder times out while fetching gpg key
* 1563786 - Update hacl-star docker image to pull specific commit
* 1559012 - Improve GCM perfomance using PMULL2
* 1528666 - Correct resumption validation checks
* 1568803 - More tests for client certificate authentication
* 1564284 - Support profile mobility across Windows and Linux
* 1573942 - Gtest for pkcs11.txt with different breaking line formats
* 1575968 - Add strsclnt option to enforce the use of either IPv4 or IPv6
* 1549847 - Fix NSS builds on iOS
* 1485533 - Enable NSS_SSL_TESTS on taskcluster
Changelog:
New Functions
in pk11pub.h:
PK11_FindRawCertsWithSubject - Finds all certificates on the given
slot with the given subject distinguished name and returns them as DER bytes.
If no such certificates can be found, returns SECSuccess and sets *results to
NULL. If a failure is encountered while fetching any of the matching
certificates, SECFailure is returned and *results will be NULL.
Notable Changes in NSS 3.45
Bug 1540403 - Implement Delegated Credentials (draft-ietf-tls-subcerts)
This adds a new experimental function: SSL_DelegateCredential
Note: In 3.45, selfserv does not yet support delegated credentials.
See Bug 1548360.
Note: In 3.45 the SSLChannelInfo is left unmodified, while an upcoming
change in 3.46 will set SSLChannelInfo.authKeyBits to that of the delegated
credential for better policy enforcement. See Bug 1563078.
Bug 1550579 - Replace ARM32 Curve25519 implementation with one from
fiat-crypto
Bug 1551129 - Support static linking on Windows
Bug 1552262 - Expose a function PK11_FindRawCertsWithSubject for finding
certificates with a given subject on a given slot
Bug 1546229 - Add IPSEC IKE support to softoken
Bug 1554616 - Add support for the Elbrus lcc compiler (<=1.23)
Bug 1543874 - Expose an external clock for SSL
This adds new experimental functions: SSL_SetTimeFunc,
SSL_CreateAntiReplayContext, SSL_SetAntiReplayContext, and
SSL_ReleaseAntiReplayContext.
The experimental function SSL_InitAntiReplay is removed.
Bug 1546477 - Various changes in response to the ongoing FIPS review
Note: The source package size has increased substantially due to the
new FIPS test vectors. This will likely prompt follow-on work, but please
accept our apologies in the meantime.
Certificate Authority Changes
The following CA certificates were Removed:
Bug 1552374 - CN = Certinomis - Root CA
SHA-256 Fingerprint:
2A99F5BC1174B73CBB1D620884E01C34E51CCB3978DA125F0E33268883BF4158
Bugs fixed in NSS 3.45
Bug 1540541 - Don't unnecessarily strip leading 0's from key material
during PKCS11 import (CVE-2019-11719)
Bug 1515342 - More thorough input checking (CVE-2019-11729)
Bug 1552208 - Prohibit use of RSASSA-PKCS1-v1_5 algorithms in TLS 1.3
(CVE-2019-11727)
Bug 1227090 - Fix a potential divide-by-zero in makePfromQandSeed from
lib/freebl/pqg.c (static analysis)
Bug 1227096 - Fix a potential divide-by-zero in PQG_VerifyParams from
lib/freebl/pqg.c (static analysis)
Bug 1509432 - De-duplicate code between mp_set_long and mp_set_ulong
Bug 1515011 - Fix a mistake with ChaCha20-Poly1305 test code where tags
could be faked. Only relevant for clients that might have copied the unit test
code verbatim
Bug 1550022 - Ensure nssutil3 gets built on Android
Bug 1528174 - ChaCha20Poly1305 should no longer modify output length on
failure
Bug 1549382 - Don't leak in PKCS#11 modules if C_GetSlotInfo() returns
error
Bug 1551041 - Fix builds using GCC < 4.3 on big-endian architectures
Bug 1554659 - Add versioning to OpenBSD builds to fix link time errors
using NSS
Bug 1553443 - Send session ticket only after handshake is marked as
finished
Bug 1550708 - Fix gyp scripts on Solaris SPARC so that
libfreebl_64fpu_3.so builds
Bug 1554336 - Optimize away unneeded loop in mpi.c
Bug 1559906 - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor
specific mechanism
Bug 1558126 - TLS_AES_256_GCM_SHA384 should be marked as FIPS compatible
Bug 1555207 - HelloRetryRequestCallback return code for rejecting 0-RTT
Bug 1556591 - Eliminate races in uses of PK11_SetWrapKey
Bug 1558681 - Stop using a global for anti-replay of TLS 1.3 early data
Bug 1561510 - Fix a bug where removing -arch XXX args from CC didn't work
Bug 1561523 - Add a string for the new-ish error
SSL_ERROR_MISSING_POST_HANDSHAKE_AUTH_EXTENSION
Changelog:
3.44.1:
* 1554336 - Optimize away unneeded loop in mpi.c
* 1515342 - More thorough input checking
* 1540541 - Don't unnecessarily strip leading 0's from key material during
PKCS11 import
* 1515236 - Add a SSLKEYLOGFILE enable/disable flag at build.sh
* 1546229 - Add IPSEC IKE support to softoken
* 1473806 - Fix SECKEY_ConvertToPublicKey handling of non-RSA keys
* 1546477 - Updates to testing for FIPS validation
* 1552208 - Prohibit use of RSASSA-PKCS1-v1_5 algorithms in TLS 1.3
* 1551041 - Unbreak build on GCC < 4.3 big-endian
Changelog:
New Functions:
in lib/certdb/cert.h
CERT_GetCertificateDer - Access the DER-encoded form of a
CERTCertificate.
Notable Changes in NSS 3.44:
* It is now possible to build NSS as a static library (Bug 1543545)
* Initial support for building for iOS.
Bugs fixed in NSS 3.44:
* 1501542 - Implement CheckARMSupport for Android
* 1531244 - Use __builtin_bswap64 in crypto_primitives.h
* 1533216 - CERT_DecodeCertPackage() crash with Netscape Certificate
Sequences
* 1533616 - sdb_GetAttributeValueNoLock should make at most one sql query,
rather than one for each attribute
* 1531236 - Provide accessor for CERTCertificate.derCert
* 1536734 - lib/freebl/crypto_primitives.c assumes a big endian machine
* 1532384 - In NSS test certificates, use @example.com (not @bogus.com)
* 1538479 - Post-Handshake messages after async server authentication break
when using record layer separation
* 1521578 - x25519 support in pk11pars.c
* 1540205 - freebl build fails with -DNSS_DISABLE_CHACHAPOLY
* 1532312 - post-handshake auth doesn't interoperate with OpenSSL
* 1542741 - certutil -F crashes with segmentation fault
* 1546925 - Allow preceding text in try comment
* 1534468 - Expose ChaCha20 primitive
* 1418944 - Quote CC/CXX variables passed to nspr
* 1543545 - Allow to build NSS as a static library
* 1487597 - Early data that arrives before the handshake completes can be
read afterwards
* 1548398 - freebl_gtest not building on Linux/Mac
* 1548722 - Fix some Coverity warnings
* 1540652 - softoken/sdb.c: Logically dead code
* 1549413 - Android log lib is not included in build
* 1537927 - IPsec usage is too restrictive for existing deployments
* 1549608 - Signature fails with dbm disabled
* 1549848 - Allow building NSS for iOS using gyp
* 1549847 - NSS's SQLite compilation warnings make the build fail on iOS
* 1550041 - freebl not building on iOS simulator
* 1542950 - MacOS cipher test timeouts
Like SHA1_Update, define another name, NSS_MD5_Update and
use via CPP macto.
This change fixes PDF export of misc/libreoffice.
And make pkglint happier.
Changelog:
New Functionality:
* in sechash.h
HASH_GetHashOidTagByHashType - convert type HASH_HashType to type
SECOidTag
* in sslexp.h
SSL_SendCertificateRequest - allow server to request post-handshake client
authentication. To use this both peers need to enable the
SSL_ENABLE_POST_HANDSHAKE_AUTH option. Note that while the mechanism is
present, post-handshake authentication is currently not TLS 1.3 compliant
due to Bug 1532312
Notable changes:
* The following CA certificates were Added:
- CN = emSign Root CA - G1
SHA-256 Fingerprint:
40F6AF0346A99AA1CD1D555A4E9CCE62C7F9634603EE406615833DC8C8D00367
- CN = emSign ECC Root CA - G3
SHA-256 Fingerprint:
86A1ECBA089C4A8D3BBE2734C612BA341D813E043CF9E8A862CD5C57A36BBE6B
- CN = emSign Root CA - C1
SHA-256 Fingerprint:
125609AA301DA0A249B97A8239CB6A34216F44DCAC9F3954B14292F2E8C8608F
- CN = emSign ECC Root CA - C3
SHA-256 Fingerprint:
BC4D809B15189D78DB3E1D8CF4F9726A795DA1643CA5F1358E1DDB0EDC0D7EB3
- CN = Hongkong Post Root CA 3
SHA-256 Fingerprint:
5A2FC03F0C83B090BBFA40604B0988446C7636183DF9846E17101A447FB8EFD6
Bugs fixed in NSS 3.43
* Bug 1528669 and Bug 1529308 - Improve Gyp build system handling
* Bug 1529950 and Bug 1521174 - Improve NSS S/MIME tests for Thunderbird
* Bug 1530134 - If Docker isn't installed, try running a local clang-format
as a fallback
* Bug 1531267 - Enable FIPS mode automatically if the system FIPS mode flag
is set
* Bug 1528262 - Add a -J option to the strsclnt command to specify sigschemes
* Bug 1513909 - Add manual for nss-policy-check
* Bug 1531074 - Fix a deref after a null check in SECKEY_SetPublicValue
* Bug 1517714 - Properly handle ESNI with HRR
* Bug 1529813 - Expose HKDF-Expand-Label with mechanism
* Bug 1535122 - Align TLS 1.3 HKDF trace levels
* Bug 1530102 - Use getentropy on compatible versions of FreeBSD
Changelog:
New Functionality:
* Bug 818686 - Support XDG basedir specification
Notable changes:
* Added support for some of the testcases from the Wycheproof project:
- Bug 1508666 - Added AES-GCM test cases
- Bug 1508673 - Added ChaCha20-Poly1305 test cases
- Bug 1514999 - Added the Curve25519 test cases
- Thanks to Jonas Allmann for adapting these tests.
Bugs fixed in NSS 3.42:
* Bug 1490006 - Reject invalid CH.legacy_version in TLS 1.3
* Bug 1507135 and Bug 1507174 - Add additional null checks to several CMS
functions to fix a rare CMS crash. Thanks to Hanno Böck and Damian Poddebniak
for the discovery and fixes.
* Bug 1513913 - A fix for Solaris where Firefox 60 core dumps during start when
using profile from version 52
New functionality:
* Bug 1252891 - Implemented EKU handling for IPsec IKE.
* Bug 1423043 - Enable half-closed states for TLS.
* Bug 1493215 - Enabled the following ciphersuites by default:
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_GCM_SHA384
Notable changes:
* The following CA certificates were added:
CN = Certigna Root CA
CN = GTS Root R1
CN = GTS Root R2
CN = GTS Root R3
CN = GTS Root R4
CN = UCA Global G2 Root
CN = UCA Extended Validation Root
* The following CA certificates were removed:
CN = AC Raíz Certicámara S.A.
CN = Certplus Root CA G1
CN = Certplus Root CA G2
CN = OpenTrust Root CA G1
CN = OpenTrust Root CA G2
CN = OpenTrust Root CA G3
Bugs fixed in NSS 3.41:
* Bug 1412829, Reject empty supported_signature_algorithms in Certificate
Request in TLS 1.2
* Bug 1485864 - Cache side-channel variant of the Bleichenbacher attack
(CVE-2018-12404)
* Bug 1481271 - Resend the same ticket in ClientHello after HelloRetryRequest
* Bug 1493769 - Set session_id for external resumption tokens
* Bug 1507179 - Reject CCS after handshake is complete in TLS 1.3
Changelog:
Notable bug fixes:
* Bug 1478698 - FFDHE key exchange sometimes fails with decryption failure
New functionality:
* The draft-00 version of encrypted SNI support is implemented
* tstclnt now takes -N option to specify encrypted SNI key
Notable changes:
* The mozilla::pkix library has been ported from Mozilla PSM to NSS.
This is a C++ library for building certification paths.
mozilla::pkix APIs are not exposed in the libraries NSS builds.
* It is easier to build NSS on Windows in mozilla-build environments.
* The following CA certificates were Removed:
CN = Visa eCommerce Root
Changelog:
Notable bug fixes:
* Bug 1483128 - NSS responded to an SSLv2-compatible ClientHello
with a ServerHello that had an all-zero random (CVE-2018-12384)
New functionality:
* The tstclnt and selfserv utilities added support for configuring
the enabled TLS signature schemes using the -J parameter.
* NSS will use RSA-PSS keys to authenticate in TLS. Support for
these keys is disabled by default but can be enabled using
SSL_SignatureSchemePrefSet().
* certutil added the ability to delete an orphan private key from
an NSS key database.
* Added the nss-policy-check utility, which can be used to check
an NSS policy configuration for problems.
* A PKCS#11 URI can be used as an identifier for a PKCS#11 token.
Notable changes:
* The TLS 1.3 implementation uses the final version number from
RFC 8446.
* Previous versions of NSS accepted an RSA PKCS#1 v1.5 signature
where the DigestInfo structure was missing the NULL parameter.
Starting with version 3.39, NSS requires the encoding to contain
the NULL parameter.
* The tstclnt and selfserv test utilities no longer accept the -z
parameter, as support for TLS compression was removed in a
previous NSS version.
* The CA certificates list was updated to version 2.26.
* The following CA certificates were Added:
- OU = GlobalSign Root CA - R6
- CN = OISTE WISeKey Global Root GC CA
The following CA certificate was Removed:
- CN = ComSign
The following CA certificates had the Websites trust bit disabled:
- CN = Certplus Root CA G1
- CN = Certplus Root CA G2
- CN = OpenTrust Root CA G1
- CN = OpenTrust Root CA G2
- CN = OpenTrust Root CA G3
Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
Changelog:
No new functionality is introduced in these releases.
The following compatibility fixes are included. Users are encouraged to upgrade.
* Bug 1462303 - Connecting to a server that was recently upgraded to
TLS 1.3 would result in a SSL_RX_MALFORMED_SERVER_HELLO error.
* Bug 1460673 - Fix a rare bug with PKCS#12 files.
Changelog:
No new functionality is introduced in these releases.
The following compatibility fixes are included. Users are encouraged
to upgrade.
* Bug 1462303 - Connecting to a server that was recently upgraded to TLS 1.3
would result in a SSL_RX_MALFORMED_SERVER_HELLO error.
* Bug 1460673 - Fix a rare bug with PKCS#12 files.
Changelog:
* The TLS 1.3 implementation was updated to Draft 28.
* An issue where NSS erroneously accepted HRR requests was resolved.
* Added HACL* Poly1305 32-bit
* The code to support the NPN protocol has been fully removed.
* NSS allows servers now to register ALPN handling callbacks to
select a protocol.
* NSS supports opening SQL databases in read-only mode.
* On Linux, some build configurations can use glibc's function
getentropy(), which uses the kernel's getrandom() function.
* The CA list was updated to version 2.24, which removed the
following CA certificates:
- CN = S-TRUST Universal Root CA
- CN = TC TrustCenter Class 3 CA II
- CN = TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
No new functionality is introduced in this release. This is a patch release to fix regression bugs.
In NSS version 3.35 the iteration count in optimized builds, which is used for password based encryption algorithm related to encrypted PKCS#7 or PKCS#12 data, was increased to one million iterations. That change had caused an interoperability regression with operating systems that are limited to 600 K iterations. NSS 3.36.1 has been changed to use the same 600 K limit.
Certain smartcard operations could result in a deadlock
This Bugzilla query returns all the bugs fixed in NSS 3.36.1:
https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classification=Components&query_format=advanced&product=NSS&target_milestone=3.36.1
* Require devel/nspr-4.19
Changelog:
The NSS team has released Network Security Services (NSS) 3.36,
which is a minor release.
Summary of the major changes included in this release:
- Replaced existing vectorized ChaCha20 code with verified
HACL* implementation.
- Experimental APIs for TLS session cache handling.
Changelog:
The NSS team has released Network Security Services (NSS) 3.35,
which is a minor release.
Summary of the major changes included in this release:
- The default database storage format has been changed to SQL,
using filenames cert9.db, key4.db, pkcs11.txt.
- TLS 1.3 support has been updated to draft -23, along with
additional significant changes.
- Support for TLS compression was removed.
- Added formally verified implementations of non-vectorized Chacha20
and non-vectorized Poly1305 64-bit.
- When creating encrypted PKCS#7 or PKCS#12 data, NSS uses a
higher iteration count for stronger security.
- The CA trust list was updated to version 2.22.
The actual fix as been done by "pkglint -F */*/buildlink3.mk", and was
reviewed manually.
There are some .include lines that still are indented with zero spaces
although the surrounding .if is indented. This is existing practice.
Changelog:
The following CA certificate was Re-Added. It was removed in
NSS 3.34, but has been re-added with only the Email trust bit
set. (bug 1418678)
CN = Certum CA, O=Unizeto Sp. z o.o.
SHA-256 Fingerprint: D8:E0:FE:BC:1D:B2:E3:8D:00:94:0F:37:D2:7D:41:34:4D:99:3E:73:4B:99:D5:65:6D:97:78:D4:D8:14:36:24
Removed entries from certdata.txt for actively distrusted
certificates that have expired (bug 1409872).
The version of the CA list was set to 2.20.
The following CA certificates were Added:
CN = GDCA TrustAUTH R5 ROOT
SHA-256 Fingerprint: BF:FF:8F:D0:44:33:48:7D:6A:8A:A6:0C:1A:29:76:7A:9F:C2:BB:B0:5E:42:0F:71:3A:13:B9:92:89:1D:38:93
Trust Flags: Websites
CN = SSL.com Root Certification Authority RSA
SHA-256 Fingerprint: 85:66:6A:56:2E:E0:BE:5C:E9:25:C1:D8:89:0A:6F:76:A8:7E:C1:6D:4D:7D:5F:29:EA:74:19:CF:20:12:3B:69
Trust Flags: Websites, Email
CN = SSL.com Root Certification Authority ECC
SHA-256 Fingerprint: 34:17:BB:06:CC:60:07:DA:1B:96:1C:92:0B:8A:B4:CE:3F:AD:82:0E:4A:A3:0B:9A:CB:C4:A7:4E:BD:CE:BC:65
Trust Flags: Websites, Email
CN = SSL.com EV Root Certification Authority RSA R2
SHA-256 Fingerprint: 2E:7B:F1:6C:C2:24:85:A7:BB:E2:AA:86:96:75:07:61:B0:AE:39:BE:3B:2F:E9:D0:CC:6D:4E:F7:34:91:42:5C
Trust Flags: Websites
CN = SSL.com EV Root Certification Authority ECC
SHA-256 Fingerprint: 22:A2:C1:F7:BD:ED:70:4C:C1:E7:01:B5:F4:08:C3:10:88:0F:E9:56:B5:DE:2A:4A:44:F9:9C:87:3A:25:A7:C8
Trust Flags: Websites
CN = TrustCor RootCert CA-1
SHA-256 Fingerprint: D4:0E:9C:86:CD:8F:E4:68:C1:77:69:59:F4:9E:A7:74:FA:54:86:84:B6:C4:06:F3:90:92:61:F4:DC:E2:57:5C
Trust Flags: Websites, Email
CN = TrustCor RootCert CA-2
SHA-256 Fingerprint: 07:53:E9:40:37:8C:1B:D5:E3:83:6E:39:5D:AE:A5:CB:83:9E:50:46:F1:BD:0E:AE:19:51:CF:10:FE:C7:C9:65
Trust Flags: Websites, Email
CN = TrustCor ECA-1
SHA-256 Fingerprint: 5A:88:5D:B1:9C:01:D9:12:C5:75:93:88:93:8C:AF:BB:DF:03:1A:B2:D4:8E:91:EE:15:58:9B:42:97:1D:03:9C
Trust Flags: Websites, Email
The following CA certificates were Removed:
CN = Certum CA, O=Unizeto Sp. z o.o.
SHA-256 Fingerprint: D8:E0:FE:BC:1D:B2:E3:8D:00:94:0F:37:D2:7D:41:34:4D:99:3E:73:4B:99:D5:65:6D:97:78:D4:D8:14:36:24
CN = StartCom Certification Authority
SHA-256 Fingerprint: C7:66:A9:BE:F2:D4:07:1C:86:3A:31:AA:49:20:E8:13:B2:D1:98:60:8C:B7:B7:CF:E2:11:43:B8:36:DF:09:EA
CN = StartCom Certification Authority
SHA-256 Fingerprint: E1:78:90:EE:09:A3:FB:F4:F4:8B:9C:41:4A:17:D6:37:B7:A5:06:47:E9:BC:75:23:22:72:7F:CC:17:42:A9:11
CN = StartCom Certification Authority G2
SHA-256 Fingerprint: C7:BA:65:67:DE:93:A7:98:AE:1F:AA:79:1E:71:2D:37:8F:AE:1F:93:C4:39:7F:EA:44:1B:B7:CB:E6:FD:59:95
CN = TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı - Sürüm 3
SHA-256 Fingerprint: E4:C7:34:30:D7:A5:B5:09:25:DF:43:37:0A:0D:21:6E:9A:79:B9:D6:DB:83:73:A0:C6:9E:B1:CC:31:C7:C5:2A
CN = ACEDICOM Root
SHA-256 Fingerprint: 03:95:0F:B4:9A:53:1F:3E:19:91:94:23:98:DF:A9:E0:EA:32:D7:BA:1C:DD:9B:C8:5D:B5:7E:D9:40:0B:43:4A
CN = Certinomis - Autorité Racine
SHA-256 Fingerprint: FC:BF:E2:88:62:06:F7:2B:27:59:3C:8B:07:02:97:E1:2D:76:9E:D1:0E:D7:93:07:05:A8:09:8E:FF:C1:4D:17
CN = TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı
SHA-256 Fingerprint: 97:8C:D9:66:F2:FA:A0:7B:A7:AA:95:00:D9:C0:2E:9D:77:F2:CD:AD:A6:AD:6B:A7:4A:F4:B9:1C:66:59:3C:50
CN = PSCProcert
SHA-256 Fingerprint: 3C:FC:3C:14:D1:F6:84:FF:17:E3:8C:43:CA:44:0C:00:B9:67:EC:93:3E:8B:FE:06:4C:A1:D7:2C:90:F2:AD:B0
CN = CA 沃通根证书, O=WoSign CA Limited
SHA-256 Fingerprint: D6:F0:34:BD:94:AA:23:3F:02:97:EC:A4:24:5B:28:39:73:E4:47:AA:59:0F:31:0C:77:F4:8F:DF:83:11:22:54
CN = Certification Authority of WoSign
SHA-256 Fingerprint: 4B:22:D5:A6:AE:C9:9F:3C:DB:79:AA:5E:C0:68:38:47:9C:D5:EC:BA:71:64:F7:F2:2D:C1:D6:5F:63:D8:57:08
CN = Certification Authority of WoSign G2
SHA-256 Fingerprint: D4:87:A5:6F:83:B0:74:82:E8:5E:96:33:94:C1:EC:C2:C9:E5:1D:09:03:EE:94:6B:02:C3:01:58:1E:D9:9E:16
CN = CA WoSign ECC Root
SHA-256 Fingerprint: 8B:45:DA:1C:06:F7:91:EB:0C:AB:F2:6B:E5:88:F5:FB:23:16:5C:2E:61:4B:F8:85:56:2D:0D:CE:50:B2:9B:02
libfreebl no longer requires SSE2 instructions.
New in NSS 3.34
New Functionality
When listing an NSS database using certutil -L, but the database
hasn't yet been initialized with any non-empty or empty password,
the text "Database needs user init" will be included in the listing.
When using certutil to set an inacceptable password in FIPS mode,
a correct explanation of acceptable passwords will be printed.
SSLKEYLOGFILE is now supported with TLS 1.3, see Bug 1287711 for details.
SSLChannelInfo has two new fields (Bug 1396525)
SSLNamedGroup originalKeaGroup holds the key exchange group of the
original handshake when the session was resumed.
PRBool resumed is PR_TRUE when the session is resumed and PR_FALSE
otherwise.
RSA-PSS signatures are now supported on certificates. Certificates
with RSA-PSS or RSA-PKCS#1v1.5 keys can be used to create an RSA-PSS
signature on a certificate using the --pss-sign argument to certutil.
New Functions
Compatibility
NSS 3.34 shared libraries are backward compatible with all older NSS 3.x
shared libraries. A program linked with older NSS 3.x shared libraries
will work with NSS 3.34 shared libraries without recompiling or relinking.
Furthermore, applications that restrict their use of NSS APIs to the
functions listed in NSS Public Functions will remain compatible with
future versions of the NSS shared libraries.
Changelog:
Notable Changes in NSS 3.33
TLS compression is no longer supported. API calls that attempt to enable compression are accepted without failure. However, TLS compression will remain disabled.
This version of NSS uses a formally verified implementation of Curve25519 on 64-bit systems.
The compile time flag DISABLE_ECC has been removed.
When NSS is compiled without NSS_FORCE_FIPS=1 startup checks are not performed anymore.
Various minor improvements and correctness fixes.
Changelog:
Notable Changes:
================
* Various minor improvements and correctness fixes.
* The Code Signing trust bit was turned off for all included root certificates.
* The Websites (TLS/SSL) trust bit was turned off for the following root
certificates:
- CN = AddTrust Class 1 CA Root
- CN = Swisscom Root CA 2
* The following CA certificates were Removed:
- CN = AddTrust Public CA Root
- CN = AddTrust Qualified CA Root
- CN = China Internet Network Information Center EV Certificates Root
- CN = CNNIC ROOT
- CN = ComSign Secured CA
- CN = GeoTrust Global CA 2
- CN = Secure Certificate Services
- CN = Swisscom Root CA 1
- CN = Swisscom Root EV CA 2
- CN = Trusted Certificate Services
- CN = UTN-USERFirst-Hardware
- CN = UTN-USERFirst-Object
Changelog:
New functionality:
==================
* Allow certificates to be specified by RFC7512 PKCS#11 URIs.
* Allow querying a certificate object for its temporary or permanent storage
status in a thread safe way.
New Functions:
==============
* CERT_GetCertIsPerm - retrieve the permanent storage status attribute of a
certificate in a thread safe way.
* CERT_GetCertIsTemp - retrieve the temporary storage status attribute of a
certificate in a thread safe way.
* PK11_FindCertFromURI - find a certificate identified by the given URI.
* PK11_FindCertsFromURI - find a list of certificates identified by the given
URI.
* PK11_GetModuleURI - retrieve the URI of the given module.
* PK11_GetTokenURI - retrieve the URI of a token based on the given slot
information.
* PK11URI_CreateURI - create a new PK11URI object from a set of attributes.
* PK11URI_DestroyURI - destroy a PK11URI object.
* PK11URI_FormatURI - format a PK11URI object to a string.
* PK11URI_GetPathAttribute - retrieve a path attribute with the given name.
* PK11URI_GetQueryAttribute - retrieve a query attribute with the given name.
* PK11URI_ParseURI - parse PKCS#11 URI and return a new PK11URI object.
New Macros:
===========
* Several new macros that start with PK11URI_PATTR_ for path attributes defined
in RFC7512.
* Several new macros that start with PK11URI_QATTR_ for query attributes defined
in RFC7512.
Notable Changes:
================
* The APIs that set a TLS version range have been changed to trim the requested
range to the overlap with a systemwide crypto policy, if configured.
SSL_VersionRangeGetSupported can be used to query the overlap between the
library's supported range of TLS versions and the systemwide policy.
* Previously, SSL_VersionRangeSet and SSL_VersionRangeSetDefault returned a
failure if the requested version range wasn't fully allowed by the systemwide
crypto policy. They have been changed to return success, if at least one TLS
version overlaps between the requested range and the systemwide policy. An
application may call SSL_VersionRangeGet and SSL_VersionRangeGetDefault to
query the TLS version range that was effectively activated.
* Corrected the encoding of Domain Name Constraints extensions created by
certutil.
* NSS supports a clean seeding mechanism for *NIX systems now using only
/dev/urandom. This is used only when SEED_ONLY_DEV_URANDOM is set at compile
time.
* CERT_AsciiToName can handle OIDs in dotted decimal form now.
The HG tag is NSS_3_31_RTM. NSS 3.31 requires NSPR 4.15 or newer.
Changelog:
The NSS team has released Network Security Services (NSS) 3.30.2,
which is a patch release to update the list of root CA certificates.
Below is a summary of the changes.
Please refer to the full release notes for additional details,
including the SHA256 fingerprints of the changed CA certificates.
Notable Changes:
* The following CA certificates were Removed
- O = Japanese Government, OU = ApplicationCA
- CN = WellsSecure Public Root Certificate Authority
- CN = TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6
- CN = Microsec e-Szigno Root
* The following CA certificates were Added
- CN = D-TRUST Root CA 3 2013
- CN = TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
* The version number of the updated root CA list has been set to 2.14
(Bug 1350859)
* Domain name constraints for one of the new CAs have been added to the
NSS code (Bug 1349705)
Changelog:
New in NSS 3.30:
================
* In the PKCS#11 root CA module (nssckbi), CAs with positive trust are
marked with a new boolean attribute, CKA_NSS_MOZILLA_CA_POLICY, set to
true. Applications that need to distinguish them from other other root CAs
may use the exported function PK11_HasAttributeSet.
* Support for callback functions that can be used to monitor SSL/TLS alerts
that are sent or received.
Notable Changes:
================
* The TLS server code has been enhanced to support session tickets when no
RSA certificate is configured.
* RSA-PSS signatures produced by key pairs with a modulus bit length that
is not a multiple of 8 are now supported.
* The pk12util tool now supports importing and exporting data encrypted in
the AES based schemes defined in PKCS#5 v2.1.
Changelog:
The NSS team has released Network Security Services (NSS) 3.29.3
No new functionality is introduced in this release.
This is a patch release to fix a rare crash when initializing an SSL socket
fails.
The NSS team has released Network Security Services (NSS) 3.29.2
No new functionality is introduced in this release.
This is a patch release to fix an issue with TLS session tickets.
Changelog:
Notable Changes:
================
* Fixed a NSS 3.28 regression in the signature scheme flexibility that
causes connectivity issues between iOS 8 clients and NSS servers with ECDSA
certificates (bug1334114
<https://bugzilla.mozilla.org/show_bug.cgi?id=1334114>).
