index.rst (7103B)
1 .. _mozilla_projects_nss_jss_4_3_releasenotes: 2 3 4.3 Release Notes 4 ================= 5 6 .. _release_date_01_april_2009: 7 8 `Release Date: 01 April 2009 <#release_date_01_april_2009>`__ 9 ------------------------------------------------------------- 10 11 .. container:: 12 13 `Introduction <#introduction>`__ 14 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 15 16 .. container:: 17 18 Network Security Services for Java (JSS) 4.3 is a minor release with the following new features: 19 20 - SQLite-Based Shareable Certificate and Key Databases 21 - libpkix: an RFC 3280 Compliant Certificate Path Validation Library 22 - PKCS11 needsLogin method 23 - support HmacSHA256, HmacSHA384, and HmacSHA512 24 - support for all NSS 3.12 initialization options 25 26 JSS 4.3 is `tri-licensed <https://www.mozilla.org/MPL>`__ under MPL 1.1/GPL 2.0/LGPL 2.1. 27 28 .. _new_in_jss_4.3: 29 30 `New in JSS 4.3 <#new_in_jss_4.3>`__ 31 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 32 33 .. container:: 34 35 A list of bug fixes and enhancement requests were implemented in this release can be obtained by 36 running this `bugzilla 37 query <http://bugzilla.mozilla.org/buglist.cgi?product=JSS&target_milestone=4.2.5&target_milestone=4.3&bug_status=RESOLVED&resolution=FIXED>`__ 38 39 **JSS 4.3 requires**\ `NSS 40 3.12 <https://www.mozilla.org/projects/security/pki/nss/nss-3.12/nss-3.12-release-notes.html>`__\ **or 41 higher.** 42 43 - New `SQLite-Based Shareable Certificate and Key 44 Databases <https://wiki.mozilla.org/NSS_Shared_DB>`__ by prepending the string "sql:" to the 45 directory path passed to configdir parameter for Crypomanager.initialize method or using the 46 NSS environment variable :ref:`mozilla_projects_nss_reference_nss_environment_variables`. 47 - Libpkix: an RFC 3280 Compliant Certificate Path Validation Library (see 48 `PKIXVerify <http://mxr.mozilla.org/mozilla/ident?i=PKIXVerify>`__) 49 - PK11Token.needsLogin method (see needsLogin) 50 - support HmacSHA256, HmacSHA384, and HmacSHA512 (see 51 `HMACTest.java <http://mxr.mozilla.org/mozilla/source/security/jss/org/mozilla/jss/tests/HMACTest.java>`__) 52 - support for all NSS 3.12 initialization options (see InitializationValues) 53 - New SSL error codes (see https://mxr.mozilla.org/security/sour...util/SSLerrs.h) 54 55 - SSL_ERROR_UNSUPPORTED_EXTENSION_ALERT 56 SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT 57 SSL_ERROR_UNRECOGNIZED_NAME_ALERT 58 SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT 59 SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT 60 61 - New TLS cipher suites (see https://mxr.mozilla.org/security/sour...SSLSocket.java): 62 63 - TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 64 TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 65 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 66 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 67 TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 68 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 69 70 - Note: the following TLS cipher suites are declared but are not yet implemented: 71 72 - TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 73 TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 74 TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA 75 TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 76 TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 77 TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA 78 TLS_ECDH_anon_WITH_NULL_SHA 79 TLS_ECDH_anon_WITH_RC4_128_SHA 80 TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA 81 TLS_ECDH_anon_WITH_AES_128_CBC_SHA 82 TLS_ECDH_anon_WITH_AES_256_CBC_SHA 83 84 85 86 `Distribution Information <#distribution_information>`__ 87 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 88 89 .. container:: 90 91 - JSS is checked into ``mozilla/security/jss/``. 92 - The CVS tag for the JSS 4.3 release is ``JSS_4_3_RTM``. 93 - Source tarballs are available from 94 https://archive.mozilla.org/pub/security/jss/releases/JSS_4_3_RTM/src/jss-4.3.tar.bz2 95 - Binary releases are no longer available on mozilla. JSS is a JNI library we provide the 96 jss4.jar but expect you to build the JSS's matching JNI shared library. We provide the 97 jss4.jar in case you do not want to obtain your own JCE code signing certificate. JSS is a 98 JCE provider and therefore the jss4.jar must be signed. 99 https://archive.mozilla.org/pub/security/jss/releases/JSS_4_3_RTM/ 100 101 -------------- 102 103 `Documentation <#documentation>`__ 104 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 105 106 .. container:: 107 108 Documentation for JSS 4.3 is available as follows: 109 110 - `Build Instructions for JSS 4.3 </jss_build_4.3.html>`__ 111 - Javadoc `[online] </javadoc>`__ 112 `[zipped] <ftp://ftp.mozilla.org/pub/mozilla.org/security/jss/releases/JSS_4_3_RTM/doc/JSS_4_3_RTM-doc.zip>`__ 113 - Read the instructions on `using JSS </using_jss.html>`__. 114 - Source may be viewed with a browser (via the MXR tool) at 115 http://mxr.mozilla.org/mozilla/source/security/jss/ 116 - The RUN TIME behavior of JSS can be affected by the 117 :ref:`mozilla_projects_nss_reference_nss_environment_variables`. 118 119 .. _platform_information: 120 121 `Platform Information <#platform_information>`__ 122 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 123 124 .. container:: 125 126 - JSS 4.3 works with JDK versions 4 or higher we suggest the latest. 127 - JSS 4.3 requires `NSS 128 3.12 <https://www.mozilla.org/projects/security/pki/nss/nss-3.12/nss-3.12-release-notes.html>`__ 129 or higher. 130 - JSS 4.3 requires `NSPR 4.7.1 <https://www.mozilla.org/projects/nspr/release-notes/>`__ or 131 higher. 132 - JSS only supports the native threading model (no green threads). 133 134 -------------- 135 136 .. _known_bugs_and_issues: 137 138 `Known Bugs and Issues <#known_bugs_and_issues>`__ 139 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 140 141 .. container:: 142 143 - For a list of reported bugs that have not yet been fixed, `click 144 here. <http://bugzilla.mozilla.org/buglist.cgi?bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&&product=JSS>`__ 145 Note that some bugs may have been fixed since JSS 4.3 was released. 146 147 -------------- 148 149 `Compatibility <#compatibility>`__ 150 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 151 152 .. container:: 153 154 - JSS 4.3 is backwards compatible with JSS 4.2. Applications compiled against JSS 4.2 will work 155 with JSS 4.3. 156 - The 4.3 version of libjss4.so/jss4.dll must only be used with jss4.jar. In general, a JSS JAR 157 file must be used with the JSS shared library from the exact same release. 158 - To obtain the version info from the jar file use, 159 "System.out.println(org.mozilla.jss.CryptoManager.JAR_JSS_VERSION)" and to check the shared 160 library: strings libjss4.so \| grep -i header 161 162 -------------- 163 164 `Feedback <#feedback>`__ 165 ~~~~~~~~~~~~~~~~~~~~~~~~ 166 167 .. container:: 168 169 - Bugs discovered should be reported by filing a bug report with 170 `bugzilla <http://bugzilla.mozilla.org/enter_bug.cgi?product=JSS>`__. 171 - You can also give feedback directly to the developers on the Mozilla Cryptography forums... 172 173 - `Mailing list <https://lists.mozilla.org/listinfo/dev-tech-crypto>`__ 174 - `Newsgroup <http://groups.google.com/group/mozilla.dev.tech.crypto>`__ 175 - `RSS feed <http://groups.google.com/group/mozilla.dev.tech.crypto/feeds>`__