Getting Started With NSS
Network Security Services (NSS) is a base library for cryptographic algorithms and secure network protocols used by Mozilla software.
Would you like to get involved and help us to improve the core security of Mozilla Firefox and other applications that make use of NSS? We are looking forward to your contributions!
We have a large list of tasks waiting for attention, and we are happy to assist you in identifying areas that match your interest or skills. You can find us on Mozilla IRC in channel #nss or you could ask your questions on the mozilla.dev.tech.crypto newsgroup.
The NSS library and its supporting command line tools are written in the C programming language. Its build system and the automated tests are based on makefiles and bash scripts.
Over time, many documents have been produced that describe various aspects of NSS. You can start with:
- the current primary NSS documentation page from which we link to other documentation.
- a General Overview of the applications that use NSS and the features it provides.
- a high level Introduction to the Internals of NSS.
- learn about getting the NSS sources, building, and testing.
- Old documentation that is on the archived mozilla.org website.
(Unfortunately the NSS project doesn't have a technical writer at this time, so our documentation is not as organized as we would like it to be. You could contribute by organizing it in a better way.)
A good place to start learning how to write NSS applications are the command line tools that are maintained by the NSS developers. You can find them in subdirectory mozilla/security/nss/cmd
Or have a look at some basic NSS sample code.
A new set of samples is currently under development and review, see Create new NSS samples.
You are welcome to download the samples via: hg clone https://hg.mozilla.org/projects/nss; cd nss; hg update SAMPLES_BRANCH
... (this section is still under construction, but there are many contribution opportunities)
Start by opening a bugzilla account at bugzilla.mozilla.org if you don't have one.
NSS :: Libraries component for issues you'd like to work on. We maintain a list of NSS bugs marked with a keyword "good-first-bug" that you can view.
Seee our section on NSS sources, building, and testing to get started making your patch. When you're satisfied with it, you'll need code review.
http://phabricator.services.mozilla.com/ is our code review tool, which uses your Bugzilla account. Use our Phabricator user instructions to upload patches for review.
Some items that will be evaluated during code review are listed in checklist form on Github.
Note that we don't land code that isn't both reviewed and tested. Code only works when it has tests, and tests only work when they're part of the automation.