mozilla
Your Search Results

    4.3 Release Notes

    Release Date: 01 April 2009

    Introduction

    Network Security Services for Java (JSS) 4.3 is a minor release with the following new features:

    • SQLite-Based Shareable Certificate and Key Databases
    • libpkix: an RFC 3280 Compliant Certificate Path Validation Library
    • PKCS11 needsLogin method
    • support HmacSHA256, HmacSHA384, and HmacSHA512
    • support for all NSS 3.12 initialization options

    JSS 4.3 is tri-licensed under MPL 1.1/GPL 2.0/LGPL 2.1.

    New in JSS 4.3

     A list of bug fixes and enhancement requests were implemented in this release can be obtained by running this bugzilla query

    JSS 4.3 requires NSS 3.12 or higher.

    • New SQLite-Based Shareable Certificate and Key Databases by prepending the string "sql:" to the directory path passed to configdir parameter for Crypomanager.initialize method or using the NSS environment variable NSS_DEFAULT_DB_TYPE.
    • Libpkix: an RFC 3280 Compliant Certificate Path Validation Library (see PKIXVerify)
    • PK11Token.needsLogin method (see needsLogin)
    • support HmacSHA256, HmacSHA384, and HmacSHA512 (see HMACTest.java)
    • support for all NSS 3.12 initialization options (see InitializationValues)
    • New SSL error codes (see http://mxr.mozilla.org/security/sour...util/SSLerrs.h)
        SSL_ERROR_UNSUPPORTED_EXTENSION_ALERT
        SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT
        SSL_ERROR_UNRECOGNIZED_NAME_ALERT
        SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT
        SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT
    • New TLS cipher suites (see http://mxr.mozilla.org/security/sour...SSLSocket.java):
        TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
        TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
        TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
        TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
        TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
        TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
    • Note: the following TLS cipher suites are declared but are not yet implemented:
        TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA
        TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA
        TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA
        TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA
        TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA
        TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA
        TLS_ECDH_anon_WITH_NULL_SHA
        TLS_ECDH_anon_WITH_RC4_128_SHA
        TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
        TLS_ECDH_anon_WITH_AES_128_CBC_SHA
        TLS_ECDH_anon_WITH_AES_256_CBC_SHA

    Distribution Information

    <hr>

    Documentation

    Documentation for JSS 4.3 is available as follows:

    Platform Information

    • JSS 4.3 works with JDK versions 4 or higher we suggest the latest.
    • JSS 4.3 requires NSS 3.12 or higher.
    • JSS 4.3 requires NSPR 4.7.1 or higher.
    • JSS only supports the native threading model (no green threads).
    <hr>

    Known Bugs and Issues

    • For a list of reported bugs that have not yet been fixed, click here. Note that some bugs may have been fixed since JSS 4.3 was released. 
    <hr>

    Compatibility

    • JSS 4.3 is backwards compatible with JSS 4.2. Applications compiled against JSS 4.2 will work with JSS 4.3.
    • The 4.3 version of libjss4.so/jss4.dll must only be used with jss4.jar. In general, a JSS JAR file must be used with the JSS shared library from the exact same release.
    • To obtain the version info from the jar file use, "System.out.println(org.mozilla.jss.CryptoManager.JAR_JSS_VERSION)" and to check the shared library: strings libjss4.so | grep -i header  
    <hr>

    Feedback

    Document Tags and Contributors

    Tags: 
    Contributors to this page: Sheppy, kwright, Glenb
    Last updated by: Sheppy,