Search completed in 1.02 seconds.
NSS Sample Code Sample_2_Initialization of NSS
nss sample code 2: initializing
nss this example program demonstrates how to initialize the
nss database.
... sample code 1 /* nspr headers */ #include <prthread.h> #include <plgetopt.h> #include <prprf.h> /*
nss headers */ #include <
nss.h> #include <pk11func.h> #include "util.h" /* print a usage message and exit */ static void usage(const char *progname) { fprintf(stderr, "\nusage: %s -d <dbdirpath> [-p <plainpasswc>]" " [-f <passwdffile>]\n\n", progname); fprintf(stderr, "%-15s specify a db directory path\n\n", "-d <dbdirpath>"); fprintf(stderr, "%-15s specify a plaintext password\n\n", "-p <plainpasswc>"); fprintf(stderr, "%-15s specify a password file\n\n", "-f <plainpasswc>"); exit(-1); } /* initialize the slot password */ char *initslotpassword(...
... pr_fprintf(pr_stderr, "failed to change password.\n"); return secfailure; } port_memset(oldpw, 0, pl_strlen(oldpw)); port_free(oldpw); pr_fprintf(pr_stdout, "password changed successfully.\n"); } port_memset(newpw, 0, pl_strlen(newpw)); port_free(newpw); return secsuccess; } /* * this example illustrates initialization of the
nss database.
...And 3 more matches
Python binding for NSS
project information python-
nss is a python binding for
nss (network security services) and nspr (netscape portable runtime).
...
nss provides cryptography services supporting ssl, tls, pki, pkix, x509, pkcs*, etc.
...
nss is an alternative to ope
nssl and used extensively by major software projects.
...And 93 more matches
An overview of NSS Internals
a high-level overview to the internals of network security services (
nss) software developed by the mozilla.org projects traditionally used its own implementation of security protocols and cryptographic algorithms, originally called netscape security services, nowadays called network security services (
nss).
...
nss is a library written in the c programming language.
...
nss offers lots of functionality; we'll walk through the list of modules, design principles, and important relevant standards.
...And 63 more matches
NSS environment variables
note:
nss environment variables are subject to be changed and/or removed from
nss.
... run-time environment variables these environment variables affect the run time behavior of
nss shared libraries.
... there is a separate set of environment variables that affect how
nss is built, documented below.
...And 42 more matches
NSS FAQ
general questions what is network security services (
nss)
nss is set of libraries, apis, utilities, and documentation designed to support cross-platform development of security-enabled client and server applications.
... for an overview of
nss, see overview of
nss.
... for detailed information on the open-source
nss project, see
nss project page.
...And 39 more matches
NSS_3.12_release_notes.html
nss 3.12 release notes 17 june 2008 newsgroup: mozilla.dev.tech.crypto contents introduction distribution information new in
nss 3.12 bugs fixed documentation compatibility feedback introduction network security services (
nss) 3.12 is a minor release with the following new features: sqlite-based shareable certificate and key databases libpkix: an rfc 3280 compliant certificate path validation library camellia cipher support tls session ticket extension (rfc 5077)
nss 3.12 is tri-licensed under the mpl 1.1/gpl 2.0/lgpl 2.1.
... note: firefox 3 uses
nss 3.12, but not the new sqlite-based shareable certificate and key databases.
... distribution information the cvs tag for the
nss 3.12 release is
nss_3_12_rtm.
...And 39 more matches
NSS_3.12.3_release_notes.html
nss 3.12.3 release notes 2009-04-01 newsgroup: mozilla.dev.tech.crypto contents introduction distribution information new in
nss 3.12.3 bugs fixed documentation compatibility feedback introduction network security services (
nss) 3.12.3 is a patch release for
nss 3.12.
... the bug fixes in
nss 3.12.3 are described in the "bugs fixed" section below.
...
nss 3.12.3 is tri-licensed under the mpl 1.1/gpl 2.0/lgpl 2.1.
...And 33 more matches
NSS tools : modutil
please contribute to the initial review in mozilla
nss bug 836477[1] description the security module database tool, modutil, is a command-line utility for managing pkcs #11 module information both within secmod.db files and within hardware tokens.
...the default
nss pkcs #11 module cannot be deleted.
... the internal
nss pkcs #11 module cannot be disabled.
...And 32 more matches
NSS API Guidelines
nss api guidelines newsgroup: mozilla.dev.tech.crypto introduction this document describes how the
nss code is organized, the libraries that get built from the
nss sources, and guidelines for writing
nss code.
... these guidelines will familiarize you with some of the ways things can be done in the
nss code.
... this will help you understand existing
nss code.
...And 31 more matches
The new nsString class implementation (1999) - Archive of obsolete content
this document is intended to briefly describe the new
nsstring class architecture, and discuss the implications on memory management, optimizations, internationalization and usage patterns.
...well,
nsstring has served us well so far, but it's in need of a facelift.
... and xpcom has really taken off, so
nsstring needs to be brought into alignment.
...And 29 more matches
NSS functions
this page lists all exported functions in
nss 3.11.7 it was ported from here.
... other sources of information: the
nss_reference documents the functions most commonly used by applications to support ssl.
... the
nss home page links to additional ssl documentation.
...And 29 more matches
NSS tools : modutil
the default
nss pkcs #11 module cannot be deleted.
... -fips [true | false] enable (true) or disable (false) fips 140-2 compliance for the default
nss module.
...the jar file uses the
nss pkcs #11 jar format to identify all the files to be installed, the module's name, the mechanism flags, and the cipher flags, as well as any files to be installed on the target machine, including the pkcs #11 module library file and other files such as documentation.
...And 29 more matches
NSS 3.35 release notes
introduction the
nss team has released network security services (
nss) 3.35, which is a minor release.
... distribution information the hg tag is
nss_3_35_rtm.
...
nss 3.35 requires nspr 4.18, or newer.
...And 28 more matches
NSS tools : certutil
name certutil — manage keys and certificate in both
nss databases and other
nss tokens synopsis certutil [options] [[arguments]] description the certificate database tool, certutil, is a command-line utility that can create and modify certificate and key databases.
...this is used to migrate legacy
nss databases (cert8.db and key3.db) into the newer sqlite databases (cert9.db and key4.db).
...
nss recognizes the following prefixes: · sql: requests the newer database · dbm: requests the legacy database if no prefix is specified the default type is retrieved from
nss_default_db_type.
...And 28 more matches
NSS sources building testing
getting the source code of network security services (
nss), how to build it, and how to run its test suite.
... getting source code, and a quick overview the easiest way is to download archives of
nss releases from mozilla's download server.
...because
nss depends on the base library nspr, you should download the archive that combines both
nss and nspr.
...And 26 more matches
NSS 3.12.4 release notes
<center> 2009-08-20 </center> <center>newsgroup: mozilla.dev.tech.crypto</center> introduction network security services (
nss) 3.12.4 is a patch release for
nss 3.12.
... the bug fixes in
nss 3.12.4 are described in the "bugs fixed" section below.
...
nss 3.12.4 is tri-licensed under the mpl 1.1/gpl 2.0/lgpl 2.1.
...And 24 more matches
NSS 3.12.5 release_notes
nss 3.12.5 release notes 2009-12-02 newsgroup: mozilla.dev.tech.crypto introduction network security services (
nss) 3.12.5 is a patch release for
nss 3.12.
... the bug fixes in
nss 3.12.5 are described in the "bugs fixed" section below.
...
nss 3.12.5 is tri-licensed under the mpl 1.1/gpl 2.0/lgpl 2.1.
...And 21 more matches
NSS 3.14.1 release notes
introduction network security services (
nss) 3.14.1 is a patch release for
nss 3.14.
... the bug fixes in
nss 3.14.1 are described in the "bugs fixed" section below.
...
nss 3.14.1 is licensed under the mpl 2.0.
...And 20 more matches
NSS 3.28 release notes
introduction the network security services (
nss) team has released
nss 3.28, which is a minor release.
... distribution information the hg tag is
nss_3_28_rtm.
...
nss 3.28 requires netscape portable runtime (nspr) 4.13.1 or newer.
...And 20 more matches
NSS 3.12.6 release notes
nss 3.12.6 release notes 2010-03-03 newsgroup: mozilla.dev.tech.crypto introduction network security services (
nss) 3.12.6 is a patch release for
nss 3.12.
... the bug fixes in
nss 3.12.6 are described in the "bugs fixed" section below.
...
nss 3.12.6 is tri-licensed under the mpl 1.1/gpl 2.0/lgpl 2.1.
...And 19 more matches
NSS_Initialize
name
nss_initialize - initialize
nss.
... syntax secstatus
nss_initialize(const char *configdir, const char *certprefix, const char *keyprefix, const char *secmodname, pruint32 flags); parameters
nss_initialize has five parameters: configdir [in] the directory where the certificate, key, and module databases live.
...flags [in] bit flags that specify how
nss should be initialized.
...And 19 more matches
NSS 3.24 release notes
introduction the network security services (
nss) team has released
nss 3.24, which is a minor release.
... distribution information the hg tag is
nss_3_24_rtm.
...
nss 3.24 requires netscape portable runtime (nspr) 4.12 or newer.
...And 17 more matches
Getting Started With NSS
how to get involved with
nss network security services (
nss) is a base library for cryptographic algorithms and secure network protocols used by mozilla software.
... would you like to get involved and help us to improve the core security of mozilla firefox and other applications that make use of
nss?
...you can find us on mozilla irc in channel #
nss or you could ask your questions on the mozilla.dev.tech.crypto newsgroup.
...And 16 more matches
NSS_3.12.1_release_notes.html
nss 3.12.1 release notes 2008-09-05 newsgroup: mozilla.dev.tech.crypto contents introduction distribution information new in
nss 3.12.1 bugs fixed documentation compatibility feedback introduction network security services (
nss) 3.12.1 is a patch release for
nss 3.12.
... the bug fixes in
nss 3.12.1 are described in the "bugs fixed" section below.
...
nss 3.12.1 is tri-licensed under the mpl 1.1/gpl 2.0/lgpl 2.1.
...And 16 more matches
NSS 3.14.3 release notes
introduction network security services (
nss) 3.14.3 is a patch release for
nss 3.14.
... the bug fixes in
nss 3.14.3 are described in the "bugs fixed" section below.
... distribution information the cvs tag is
nss_3_14_3_rtm.
...And 16 more matches
NSS 3.21 release notes
introduction the
nss team has released network security services (
nss) 3.21, which is a minor release.
... distribution information the hg tag is
nss_3_21_rtm.
...
nss 3.21 requires nspr 4.10.10 or newer.
...And 16 more matches
Overview of NSS
open source crypto libraries proven application security architecture if you want to add support for ssl, s/mime, or other internet security standards to your application, you can use network security services (
nss) to implement all your security features.
...
nss provides a complete open-source implementation of the crypto libraries used by aol, red hat, google, and other companies in a variety of products, including the following: mozilla products, including firefox, thunderbird, seamonkey, and firefox os.
... server products from red hat: red hat directory server, red hat certificate system, and the mod_
nss ssl module for the apache web server.
...And 16 more matches
NSS 3.28.3 release notes
introduction network security services (
nss) 3.28.3 is a patch release for
nss 3.28.
... the bug fixes in
nss 3.28.3 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_28_3_rtm.
...And 15 more matches
NSS 3.39 release notes
introduction the
nss team has released network security services (
nss) 3.39, which is a minor release.
... distribution information the hg tag is
nss_3_39_rtm.
...
nss 3.39 requires nspr 4.20 or newer.
...And 15 more matches
NSS_3.12.2_release_notes.html
nss 3.12.2 release notes 2008-10-20 newsgroup: mozilla.dev.tech.crypto contents introduction distribution information new in
nss 3.12.2 bugs fixed documentation compatibility feedback introduction network security services (
nss) 3.12.2 is a patch release for
nss 3.12.
... the bug fixes in
nss 3.12.2 are described in the "bugs fixed" section below.
...
nss 3.12.2 is tri-licensed under the mpl 1.1/gpl 2.0/lgpl 2.1.
...And 14 more matches
NSS 3.29.1 release notes
introduction network security services (
nss) 3.29.1 is a patch release for
nss 3.29.
... the bug fixes in
nss 3.29.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_29_1_rtm.
...And 14 more matches
NSS 3.52 release notes
introduction the
nss team has released network security services (
nss) 3.52 on 1 may 2020.
... the
nss team would like to recognize first-time contributors: zhujianwei7 hans petter ja
nsson distribution information the hg tag is
nss_3_52_rtm.
...
nss 3.52 requires nspr 4.25 or newer.
...And 14 more matches
NSS 3.20 release notes
introduction the
nss team has released network security services (
nss) 3.20, which is a minor release.
... distribution information the hg tag is
nss_3_20_rtm.
...
nss 3.20 requires nspr 4.10.8 or newer.
...And 13 more matches
NSS 3.27.1 release notes
introduction network security services (
nss) 3.27.1 is a patch release for
nss 3.27.
... distribution information the hg tag is
nss_3_27_1_rtm.
...
nss 3.27.1 requires nspr 4.13 or newer.
...And 13 more matches
nss tech note5
using
nss to perform miscellaneous cryptographic operations
nss technical note: 5
nss project info is at http://www.mozilla.org/projects/security/pki/
nss/ you can browse the
nss source online at http://lxr.mozilla.org/mozilla/source/security/
nss/ and http://lxr.mozilla.org/security/ be sure to look for sample code first for things you need to do.
... encrypt/decrypt include headers #include "
nss.h" #include "pk11pub.h" make sure
nss is initialized.the simplest init function, in case you don't need a
nss database is
nss_nodb_init(".") choose a cipher mechanism.
... note that some mechanisms (*_pad) imply the padding is handled for you by
nss.
...And 13 more matches
Building NSS
introduction this page has detailed information on how to build
nss.
... because
nss is a cross-platform library that builds on many different platforms and has many options, it may be complex to build.
... build environment
nss needs a c and c++ compiler.
...And 12 more matches
NSS_3.11.10_release_notes.html
nss 3.11.10 release notes 2008-12-10 newsgroup: <ahref="news: mozilla.dev.tech.crypto"="" news.mozilla.org="">mozilla.dev.tech.crypto</ahref="news:> contents introduction distribution information bugs fixed documentation compatibility feedback introduction network security services (
nss) 3.11.10 is a patch release for
nss 3.11.
... the bug fixes in
nss 3.11.10 are described in the "bugs fixed" section below.
... distribution information the cvs tag for the
nss 3.11.10 release is
nss_3_11_10_rtm.
...And 12 more matches
NSS 3.12.9 release notes
<center> 2010-09-23</center> <center> newsgroup: mozilla.dev.tech.crypto</center> introduction network security services (
nss) 3.12.9 is a patch release for
nss 3.12.
... the bug fixes in
nss 3.12.9 are described in the "bugs fixed" section below.
...
nss 3.12.9 is tri-licensed under the mpl 1.1/gpl 2.0/lgpl 2.1.
...And 12 more matches
NSS 3.14.2 release notes
network security services (
nss) 3.14.2 is a patch release for
nss 3.14.
... the bug fixes in
nss 3.14.2 are described in the "bugs fixed" section below.
...
nss 3.14.2 should be used with nspr 4.9.5 or newer.
...And 12 more matches
NSS 3.14 release notes
introduction the
nss team has released network security services (
nss) 3.14, which is a minor release with the following new features: support for tls 1.1 (rfc 4346) experimental support for dtls 1.0 (rfc 4347) and dtls-srtp (rfc 5764) support for aes-ctr, aes-cts, and aes-gcm support for keying material exporters for tls (rfc 5705) in addition to the above new features, the following major changes have been introduced: support for certificate signatures using the md5 hash algorithm is now disabled by default.
... the
nss license has changed to mpl 2.0.
...for an additional explantation on gpl/lgpl compatibility, see security/
nss/copying in the source code.
...And 12 more matches
NSS 3.16.2.1 release notes
introduction network security services (
nss) 3.16.2.1 is a patch release for
nss 3.16, based on the
nss 3.16.2 release.
... the bug fixes in
nss 3.16.2.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_16_2_1_rtm.
...And 12 more matches
NSS 3.16.5 release notes
introduction network security services (
nss) 3.16.5 is a patch release for
nss 3.16.
... the bug fixes in
nss 3.16.5 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_16_5_rtm.
...And 12 more matches
NSS 3.17.1 release notes
introduction network security services (
nss) 3.17.1 is a patch release for
nss 3.17.
... the bug fixes in
nss 3.17.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_17_1_rtm.
...And 12 more matches
NSS 3.37 release notes
introduction the
nss team has released network security services (
nss) 3.37, which is a minor release.
... distribution information the hg tag is
nss_3_37_rtm.
...
nss 3.37 requires nspr 4.19 or newer.
...And 12 more matches
NSS 3.53 release notes
introduction the
nss team released network security services (
nss) 3.53 on 29 may 2020.
...
nss 3.53 will be a long-term support release, supporting firefox 78 esr.
... the
nss team would like to recognize first-time contributors: jan-marek glogowski jeff walden distribution information the hg tag is
nss_3_53_rtm.
...And 12 more matches
NSS Developer Tutorial
nss coding style formatting line length should not exceed 80 characters.
... tabs are used heavily in many
nss source files.
...the proper use of tabs has often been confusing for new
nss developers, so in
nss/lib/ssl, we're gradually removing the use of tabs.
...And 12 more matches
nss tech note6
nss .chk files for the fips 140 mode
nss technical note: 6 in
nss 3.8, we added checksum files required for the
nss softoken to operate in fips 140 mode.
... it must be put in the same directory as the
nss libraries.
... the following applies to
nss 3.8 through 3.10 : on 32-bit solaris sparc (i.e., not x86, and not 64-bit sparc) and 32-bit hp-ux pa-risc (i.e., not itanium, and not 64-bit pa-risc), there are two more .chk files: libfreebl_pure32_3.chk and libfreebl_hybrid_3.chk.
...And 12 more matches
NSS 3.19.1 release notes
introduction network security services (
nss) 3.19.1 is a security release for
nss 3.19.
... the bug fixes in
nss 3.19.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_19_1_rtm.
...And 11 more matches
NSS 3.19.2.1 release notes
introduction network security services (
nss) 3.19.2.1 is a patch release for
nss 3.19.2.
... the bug fixes in
nss 3.19.2.1 are described in the "security advisories" section below.
... distribution information the hg tag is
nss_3_19_2_1_rtm.
...And 11 more matches
NSS 3.19.4 release notes
introduction network security services (
nss) 3.19.4 is a patch release for
nss 3.19.
... the bug fixes in
nss 3.19.4 are described in the "security advisories" section below.
... distribution information the hg tag is
nss_3_19_4_rtm.
...And 11 more matches
NSS 3.19 release notes
introduction the
nss team has released network security services (
nss) 3.19, which is a minor security release.
... distribution information the hg tag is
nss_3_19_rtm.
...
nss 3.19 requires nspr 4.10.8 or newer.
...And 11 more matches
NSS 3.20.1 release notes
introduction network security services (
nss) 3.20.1 is a patch release for
nss 3.20.
... the bug fixes in
nss 3.20.1 are described in the "security advisories" section below.
... distribution information the hg tag is
nss_3_20_1_rtm.
...And 11 more matches
NSS 3.46 release notes
introduction the
nss team has released network security services (
nss) 3.46 on 30 august 2019, which is a minor release.
... the
nss team would like to recognize first-time contributors: giulio benetti louis dassy mike kaganski xhimanshuz distribution information the hg tag is
nss_3_46_rtm.
...
nss 3.46 requires nspr 4.22 or newer.
...And 11 more matches
NSS 3.47 release notes
introduction the
nss team has released network security services (
nss) 3.47 on 18 october 2019, which is a minor release.
... the
nss team would like to recognize first-time contributors: christian weisgerber deian stefan jenine distribution information the hg tag is
nss_3_47_rtm.
...
nss 3.47 requires nspr 4.23 or newer.
...And 11 more matches
NSS 3.48 release notes
introduction the
nss team has released network security services (
nss) 3.48 on 5 december 2019, which is a minor release.
... the
nss team would like to recognize first-time contributors: craig disselkoen giulio benetti lauri kasanen tom prince distribution information the hg tag is
nss_3_48_rtm.
...
nss 3.48 requires nspr 4.24 or newer.
...And 11 more matches
NSS 3.19.2 release notes
introduction network security services (
nss) 3.19.2 is a patch release for
nss 3.19 that addresses compatibility issues in
nss 3.19.1.
... distribution information the hg tag is
nss_3_19_2_rtm.
...
nss 3.19.2 requires nspr 4.10.8 or newer.
...And 10 more matches
NSS 3.22.2 release notes
introduction network security services (
nss) 3.22.2 is a security patch release for
nss 3.22.
... the bug fixes in
nss 3.22.2 are described in the "security fixes" section below.
... distribution information the hg tag is
nss_3_22_2_rtm.
...And 10 more matches
NSS 3.22 release notes
introduction the
nss team has released network security services (
nss) 3.22, which is a minor release.
... distribution information the hg tag is
nss_3_22_rtm.
...
nss 3.22 requires nspr 4.11 or newer.
...And 10 more matches
NSS 3.23 release notes
introduction the
nss team has released network security services (
nss) 3.23, which is a minor release.
... distribution information the hg tag is
nss_3_23_rtm.
...
nss 3.23 requires nspr 4.12 or newer.
...And 10 more matches
NSS 3.25 release notes
introduction the network security services (
nss) team has released
nss 3.25, which is a minor release.
... distribution information the hg tag is
nss_3_25_rtm.
...
nss 3.25 requires netscape portable runtime (nspr) 4.12 or newer.
...And 10 more matches
NSS 3.44 release notes
introduction the
nss team has released network security services (
nss) 3.44 on 10 may 2019, which is a minor release.
... the
nss team would like to recognize first-time contributors: kevin jacobs, david carlier, alexander scheel, and edouard oger.
... distribution information the hg tag is
nss_3_44_rtm.
...And 10 more matches
NSS 3.54 release notes
introduction the
nss team has released network security services (
nss) 3.54 on 26 june 2020, which is a minor release.
... distribution information the hg tag is
nss_3_54_rtm.
...
nss 3.54 requires nspr 4.26 or newer.
...And 10 more matches
nss tech note7
rsa signing and encryption with
nss nss technical note: 7 this technical note explains how to use
nss to perform rsa signing and encryption.
...
nss supports pkcs #1 v1.5.
...
nss doesn't yet support pkcs #1 v2.0 and v2.1, in particular oaep, but oaep support is on our to-do list.
...And 10 more matches
NSS tools : pk12util
nss tools : pk12util name pk12util — export and import keys and certificate to or from a pkcs #12 file and the
nss database synopsis pk12util [-i p12file|-l p12file|-o p12file] [-d [sql:]directory] [-h tokenname] [-p dbprefix] [-r] [-v] [-k slotpasswordfile|-k slotpassword] [-w p12filepasswordfile|-w p12filepassword] description the pkcs #12 utility, pk12util, enables sharing certificates among any server that supports pkcs#12.
... pk12util -i p12file [-h tokenname] [-v] [-d [sql:]directory] [-p dbprefix] [-k slotpasswordfile|-k slotpassword] [-w p12filepasswordfile|-w p12filepassword] for example: # pk12util -i /tmp/cert-files/users.p12 -d sql:/home/my/shared
nssdb enter a password which will be used to encrypt your keys.
... pk12util -o p12file -n certname [-c keycipher] [-c certcipher] [-m|--key_len keylen] [-n|--cert_key_len certkeylen] [-d [sql:]directory] [-p dbprefix] [-k slotpasswordfile|-k slotpassword] [-w p12filepasswordfile|-w p12filepassword] for example: # pk12util -o certs.p12 -n server-cert -d sql:/home/my/shared
nssdb enter password for pkcs12 file: re-enter password: listing keys and certificates the information in a .p12 file are not human-readable.
...And 10 more matches
NSS reference
the proposed chapters below are based on the chapters of the ssl reference and the categories of functions in
nss public functions.
... building and installing
nss overview of an
nss application based on "overview of an ssl application" in the ssl reference.
... getting started with
nss based on "getting started with ssl" in the ssl reference.
...And 10 more matches
NSS tools : pk12util
name pk12util — export and import keys and certificate to or from a pkcs #12 file and the
nss database synopsis pk12util [-i p12file [-h tokenname] [-v] [common-options] ] [ -l p12file [-h tokenname] [-r] [common-options] ] [ -o p12file -n certname [-c keycipher] [-c certcipher] [-m|--key_len keylen] [-n|--cert_key_len certkeylen] [common-options] ] [ common-options are: [-d [sql:]directory] [-p dbprefix] [-k slotpasswordfile|-k slotpassword] [-w p12filepasswordfile|-w p12filepassword] ] description the pkcs #12 utility, pk12util, enables sharing certificates among any server that supports pkcs#12.
... pk12util -i p12file [-h tokenname] [-v] [-d [sql:]directory] [-p dbprefix] [-k slotpasswordfile|-k slotpassword] [-w p12filepasswordfile|-w p12filepassword] for example: # pk12util -i /tmp/cert-files/users.p12 -d sql:/home/my/shared
nssdb enter a password which will be used to encrypt your keys.
... pk12util -o p12file -n certname [-c keycipher] [-c certcipher] [-m|--key_len keylen] [-n|--cert_key_len certkeylen] [-d [sql:]directory] [-p dbprefix] [-k slotpasswordfile|-k slotpassword] [-w p12filepasswordfile|-w p12filepassword] for example: # pk12util -o certs.p12 -n server-cert -d sql:/home/my/shared
nssdb enter password for pkcs12 file: re-enter password: listing keys and certificates the information in a .p12 file are not human-readable.
...And 10 more matches
NSS 3.17.2 release notes
introduction network security services (
nss) 3.17.2 is a patch release for
nss 3.17.
... the bug fixes in
nss 3.17.2 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_17_2_rtm.
...And 9 more matches
NSS 3.18 release notes
introduction the
nss team has released network security services (
nss) 3.18, which is a minor release.
... distribution information the hg tag is
nss_3_18_rtm.
...
nss 3.18 requires nspr 4.10.8 or newer.
...And 9 more matches
NSS 3.19.2.3 release notes
introduction network security services (
nss) 3.19.2.3 is a security patch release for
nss 3.19.2.
... the bug fixes in
nss 3.19.2.3 are described in the "security fixes" section below.
... (current users of
nss 3.19.3,
nss 3.19.4 or
nss 3.20.x are advised to update to
nss 3.21.1,
nss 3.22.2, or a later release.) distribution information the hg tag is
nss_3_19_2_3_rtm.
...And 9 more matches
NSS 3.21.1 release notes
introduction network security services (
nss) 3.21.1 is a security patch release for
nss 3.21.
... the bug fixes in
nss 3.21.1 are described in the "security fixes" section below.
... distribution information the hg tag is
nss_3_21_1_rtm.
...And 9 more matches
NSS 3.27 release notes
introduction the network security services (
nss) team has released
nss 3.27, which is a minor release.
... distribution information the hg tag is
nss_3_27_rtm.
...
nss 3.27 requires netscape portable runtime (nspr) 4.13 or newer.
...And 9 more matches
NSS 3.28.1 release notes
introduction network security services (
nss) 3.28.1 is a patch release for
nss 3.28.
... the bug fixes in
nss 3.28.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_28_1_rtm.
...And 9 more matches
NSS 3.28.5 release notes
introduction network security services (
nss) 3.28.5 is a patch release for
nss 3.28.
... the bug fixes in
nss 3.28.5 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_28_5_rtm.
...And 9 more matches
NSS 3.33 release notes
introduction the network security services (
nss) team has released
nss 3.33, which is a minor release.
... distribution information the hg tag is
nss_3_33_rtm.
...
nss 3.33 requires netscape portable runtime (nspr) 4.17, or newer.
...And 9 more matches
NSS 3.45 release notes
introduction the
nss team has released network security services (
nss) 3.45 on 5 july 2019, which is a minor release.
... the
nss team would like to recognize first-time contributors: bastien abadie christopher patton jeremie courreges-anglas marcus burghardt michael shigorin tomas mraz distribution information the hg tag is
nss_3_45_rtm.
...
nss 3.45 requires nspr 4.21 or newer.
...And 9 more matches
NSS 3.49.2 release notes
introduction network security services (
nss) 3.49.2 is a patch release for
nss 3.49.
... the bug fixes in
nss 3.49.2 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_49_2_rtm.
...And 9 more matches
NSS 3.50 release notes
introduction the
nss team has released network security services (
nss) 3.50 on 7 february 2020, which is a minor release.
... distribution information the hg tag is
nss_3_50_rtm.
...
nss 3.50 requires nspr 4.25 or newer.
...And 9 more matches
NSS 3.55 release notes
introduction the
nss team has released network security services (
nss) 3.55 on 24 july 2020, which is a minor release.
... the
nss team would like to recognize first-time contributors: danh distribution information the hg tag is
nss_3_55_rtm.
...
nss 3.55 requires nspr 4.27 or newer.
...And 9 more matches
NSS release notes template
draft (remove line when document is finished) introduction the
nss team has released network security services (
nss) 3.xx, which is a minor release.
... or network security services (
nss) 3.xx.y is a patch release for
nss 3.xx.
... the bug fixes in
nss 3.xx.y are described in the "bugs fixed" section below.
...And 9 more matches
nsString
names:
nsstring for wide characters nscstring for narrow characters this class is also known as nsaflat[c]string, where "flat" is used to denote a null-terminated string.
... methods constructors void
nsstring() - source constructors void
nsstring(prunichar) - source parameters prunichar c void
nsstring(const prunichar*, pruint32) - source parameters prunichar* data pruint32 length void
nsstring(const
nsstring&) - source parameters
nsstring& str void
nsstring(const
nssubstringtuple&) - source parameters
nssubstringtuple& tuple void
nsstring(const nsastring_internal&) - ...
...source parameters nsastring_internal& readable operator=
nsstring& operator=(const
nsstring&) - source parameters
nsstring& str nsastring_internal& operator=(prunichar) - source parameters prunichar c nsastring_internal& operator=(const prunichar*) - source parameters prunichar* data nsastring_internal& operator=(const nsastring_internal&) - source parameters nsastring_internal& str nsastring_internal& operator=(const
nssubstringtuple&) - source parameters
nssubstringtuple& tuple get prunichar* get() const - source returns the null-terminated string find print32 find(const nscstring&, prbool, print32, print32) const - source search for the given substring within this string.
...And 9 more matches
NSS 3.15.1 release notes
introduction network security services (
nss) 3.15.1 is a patch release for
nss 3.15.
... the bug fixes in
nss 3.15.1 are described in the "bugs fixed" section below.
... distribution information
nss 3.15.1 source distributions are also available on ftp.mozilla.org for secure https download: source tarballs: https://ftp.mozilla.org/pub/mozilla.org/security/
nss/releases/
nss_3_15_1_rtm/src/ new in
nss 3.15.1 new functionality tls 1.2: tls 1.2 (rfc 5246) is supported.
...And 8 more matches
NSS 3.15.2 release notes
introduction network security services (
nss) 3.15.2 is a patch release for
nss 3.15.
... the bug fixes in
nss 3.15.2 are described in the "bugs fixed" section below.
... distribution information
nss 3.15.2 source distributions are also available on ftp.mozilla.org for secure https download: source tarballs: https://ftp.mozilla.org/pub/mozilla.org/security/
nss/releases/
nss_3_15_2_rtm/src/ security advisories the following security-relevant bugs have been resolved in
nss 3.15.2.
...And 8 more matches
NSS 3.15.4 release notes
introduction network security services (
nss) 3.15.4 is a patch release for
nss 3.15.
... the bug fixes in
nss 3.15.4 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_15_4_rtm.
...And 8 more matches
NSS 3.15.5 release notes
introduction network security services (
nss) 3.15.5 is a patch release for
nss 3.15.
... the bug fixes in
nss 3.15.5 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_15_5_rtm.
...And 8 more matches
NSS 3.16.2.2 release notes
introduction network security services (
nss) 3.16.2.2 is a patch release for
nss 3.16.
... the bug fixes in
nss 3.16.2.2 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_16_2_2_rtm.
...And 8 more matches
NSS 3.16.2.3 release notes
introduction network security services (
nss) 3.16.2.3 is a patch release for
nss 3.16.
... the bug fixes in
nss 3.16.2.3 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_16_2_3_rtm.
...And 8 more matches
NSS 3.16.6 release notes
introduction network security services (
nss) 3.16.6 is a patch release for
nss 3.16.
... the bug fixes in
nss 3.16.6 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_16_6_rtm.
...And 8 more matches
NSS 3.16 release notes
introduction the
nss team has released network security services (
nss) 3.16, which is a minor release.
... distribution information the hg tag is
nss_3_16_rtm.
...
nss 3.16 requires nspr 4.10.3 or newer.
...And 8 more matches
NSS 3.17.4 release notes
introduction network security services (
nss) 3.17.4 is a patch release for
nss 3.17.
... the bug fixes in
nss 3.17.4 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_17_4_rtm.
...And 8 more matches
NSS 3.18.1 release notes
introduction network security services (
nss) 3.18.1 is a patch release for
nss 3.18.
... the bug fixes in
nss 3.18.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_18_1_rtm.
...And 8 more matches
NSS 3.19.2.2 release notes
introduction network security services (
nss) 3.19.2.2 is a security patch release for
nss 3.19.2.
... the bug fixes in
nss 3.19.2.2 are described in the "security fixes" section below.
... (current users of
nss 3.19.3 or
nss 3.19.4 are advised to update to
nss 3.20.2,
nss 3.21, or a later release.) distribution information the hg tag is
nss_3_19_2_2_rtm.
...And 8 more matches
NSS 3.20.2 release notes
introduction network security services (
nss) 3.20.2 is a security patch release for
nss 3.20.
... the bug fixes in
nss 3.20.2 are described in the "security fixes" section below.
... distribution information the hg tag is
nss_3_20_2_rtm.
...And 8 more matches
NSS 3.27.2 Release Notes
introduction network security services (
nss) 3.27.2 is a patch release for
nss 3.27.
... distribution information the hg tag is
nss_3_27_2_rtm.
...
nss 3.27.2 requires nspr 4.13 or newer.
...And 8 more matches
NSS 3.36.1 release notes
introduction network security services (
nss) 3.36.1 is a patch release for
nss 3.36.
... distribution information the hg tag is
nss_3_36_1_rtm.
...
nss 3.36.1 requires nspr 4.19 or newer.
...And 8 more matches
NSS 3.36.7 release notes
introduction network security services (
nss) 3.36.7 is a patch release for
nss 3.36.
... the bug fixes in
nss 3.36.7 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_36_7_rtm.
...And 8 more matches
NSS 3.41.1 release notes
introduction network security services (
nss) 3.41.1 is a patch release for
nss 3.41.
... the bug fixes in
nss 3.41.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_41_1_rtm.
...And 8 more matches
NSS 3.42 release notes
introduction the
nss team has released network security services (
nss) 3.42 on 25 january 2019, which is a minor release.
... distribution information the hg tag is
nss_3_42_rtm.
...
nss 3.42 requires nspr 4.20 or newer.
...And 8 more matches
NSS 3.43 release notes
introduction the
nss team has released network security services (
nss) 3.43 on 16 march 2019, which is a minor release.
... distribution information the hg tag is
nss_3_43_rtm.
...
nss 3.43 requires nspr 4.21 or newer.
...And 8 more matches
NSS 3.48.1 release notes
introduction network security services (
nss) 3.48.1 is a patch release for
nss 3.48.
... the bug fixes in
nss 3.48.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_48_1_rtm.
...And 8 more matches
NSS 3.49.1 release notes
introduction network security services (
nss) 3.49.1 is a patch release for
nss 3.49.
... the bug fixes in
nss 3.49.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_49_1_rtm.
...And 8 more matches
NSS 3.49 release notes
introduction the
nss team has released network security services (
nss) 3.49 on 3 january 2020, which is a minor release.
... the
nss team would like to recognize first-time contributors: alex henrie distribution information the hg tag is
nss_3_49_rtm.
...
nss 3.49 requires nspr 4.24 or newer.
...And 8 more matches
NSS 3.51 release notes
introduction the
nss team has released network security services (
nss) 3.51 on 6 march 2020, which is a minor release.
... the
nss team would like to recognize first-time contributors: dmitry baryshkov victor tapia distribution information the hg tag is
nss_3_51_rtm.
...
nss 3.51 requires nspr 4.25 or newer.
...And 8 more matches
NSS 3.56 release notes
introduction the
nss team has released network security services (
nss) 3.56 on 21 august 2020, which is a minor release.
... distribution information the hg tag is
nss_3_56_rtm.
...
nss 3.56 requires nspr 4.28 or newer.
...And 8 more matches
nss tech note2
using the pkcs #11 module logger
nss technical note: 2 modes of operation extracting output from log files the logger displays all activity between
nss and a specified pkcs #11 module.
... it works by inserting a special set of entry points between
nss and the module.
... to enable the module logger, you must set the environment variable
nss_debug_pkcs11_module to the name of the target module.
...And 8 more matches
NSS PKCS11 Functions
back to the
nss reference main page.
... description secmod_loadusermodule loads a new pkcs #11 module into
nss and connects it to the current
nss trust infrastructure.
... once the the module has been successfully loaded, other
nss calls will use it in the normal course of searching.
...And 8 more matches
NSS tools : signver
signver -v -s signature_file -i signed_file -d sql:/home/my/shared
nssdb signaturevalid=yes printing signature data the -a option prints all of the information contained in a signature file.
... signver -a -s signature_file -o output_file
nss database types
nss originally used berkeleydb databases to store security information.
...
nss has some flexibility that allows applications to use their own, independent database engine while keeping a shared database and working around the access issues.
...And 8 more matches
Updating NSPR or NSS in mozilla-central
the nspr and
nss sources in mozilla-central are maintained by the nspr and
nss teams and always taken from exports of hg tags.
...if you check in an individual change by mistake, your change will be lost when the nspr and
nss teams push a new hg tag to mozilla-central.
... (because some developers might not be aware that nspr/
nss are separately maintained and released, the mozilla hg server rejects accidental changes/forking, if the required keywords are missing in the commit comment.) if nspr or
nss must be upgraded to a new static tag, follow this procedure: before starting, make sure your local repository is updated to mozilla-central tip and that there are no local changes: $ hg status -mard pull the new sources $ python client.py update_nspr nspr_tag_name or $ python client.py update_
nss nss_tag_name if you update a branch older than mozilla 17 (without the change from bug 782784), you must manually add a dummy change (add or remove a blank line) to force a rebuild of nspr: mozilla/nsprpub/config/prdepend.h or
nss: mozilla/sec...
...And 7 more matches
NSS 3.14.4 release notes
introduction network security services (
nss) 3.14.4 is a patch release for
nss 3.14.
... the bug fixes in
nss 3.14.4 are described in the "bugs fixed" section below.
... distribution information the cvs tag is
nss_3_14_4_rtm.
...And 7 more matches
NSS 3.14.5 release notes
introduction network security services (
nss) 3.14.5 is a patch release for
nss 3.14.
... the bug fixes in
nss 3.14.5 are described in the "bugs fixed" section below.
... distribution information the cvs tag is
nss_3_14_5_rtm.
...And 7 more matches
NSS 3.15.3.1 release notes
introduction network security services (
nss) 3.15.3.1 is a patch release for
nss 3.15.
... the bug fixes in
nss 3.15.3.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_15_3_1_rtm.
...And 7 more matches
NSS 3.15.3 release notes
introduction network security services (
nss) 3.15.3 is a patch release for
nss 3.15.
... the bug fixes in
nss 3.15.3 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_15_3_rtm.
...And 7 more matches
NSS 3.16.4 release notes
introduction network security services (
nss) 3.16.4 is a patch release for
nss 3.16.
... the bug fixes in
nss 3.16.4 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_16_4_rtm.
...And 7 more matches
NSS 3.17.3 release notes
introduction network security services (
nss) 3.17.3 is a patch release for
nss 3.17.
... the bug fixes in
nss 3.17.3 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_17_3_rtm.
...And 7 more matches
NSS 3.19.3 release notes
introduction network security services (
nss) 3.19.3 is a patch release for
nss 3.19.
... the bug fixes in
nss 3.19.3 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_19_3_rtm.
...And 7 more matches
NSS 3.21.2 release notes
introduction network security services (
nss) 3.21.2 is a security patch release for
nss 3.21.1.
... the bug fixes in
nss 3.21.2 are described in the "security fixes" section below.
... distribution information the hg tag is
nss_3_21_2_rtm.
...And 7 more matches
NSS 3.21.3 release notes
introduction network security services (
nss) 3.21.3 is a security patch release for
nss 3.21.2.
... the bug fixes in
nss 3.21.3 are described in the "security fixes" section below.
... distribution information the hg tag is
nss_3_21_3_rtm.
...And 7 more matches
NSS 3.21.4 release notes
introduction network security services (
nss) 3.21.4 is a security patch release for
nss 3.21.
... the bug fixes in
nss 3.21.4 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_21_4_rtm.
...And 7 more matches
NSS 3.25.1 release notes
introduction network security services (
nss) 3.25.1 is a patch release for
nss 3.25.
... distribution information the hg tag is
nss_3_25_1_rtm.
...
nss 3.25.1 requires nspr 4.12 or newer.
...And 7 more matches
NSS 3.26.2 release notes
introduction network security services (
nss) 3.26.2 is a patch release for
nss 3.26.
... distribution information the hg tag is
nss_3_26_2_rtm.
...
nss 3.26.2 requires nspr 4.12 or newer.
...And 7 more matches
NSS 3.28.4 release notes
introduction network security services (
nss) 3.28.4 is a security patch release for
nss 3.28.
... the bug fixes in
nss 3.28.4 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_28_4_rtm.
...And 7 more matches
NSS 3.29.2 release notes
introduction network security services (
nss) 3.29.2 is a patch release for
nss 3.29.
... the bug fixes in
nss 3.29.2 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_29_2_rtm.
...And 7 more matches
NSS 3.29.3 release notes
introduction network security services (
nss) 3.29.3 is a patch release for
nss 3.29.
... the bug fixes in
nss 3.29.3 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_29_3_rtm.
...And 7 more matches
NSS 3.29.5 release notes
introduction network security services (
nss) 3.29.5 is a security patch release for
nss 3.29.
... the bug fixes in
nss 3.29.5 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_29_5_rtm.
...And 7 more matches
NSS 3.30.1 release notes
introduction network security services (
nss) 3.30.1 is a security patch release for
nss 3.30.
... the bug fixes in
nss 3.30.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_30_1_rtm.
...And 7 more matches
NSS 3.30.2 release notes
introduction network security services (
nss) 3.30.2 is a patch release for
nss 3.30.
... the bug fixes in
nss 3.30.2 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_30_2_rtm.
...And 7 more matches
NSS 3.31 release notes
introduction the network security services (
nss) team has released
nss 3.31, which is a minor release.
... distribution information the hg tag is
nss_3_31_rtm.
...
nss 3.31 requires netscape portable runtime (nspr) 4.15 or newer.
...And 7 more matches
NSS 3.32 release notes
introduction the network security services (
nss) team has released
nss 3.32, which is a minor release.
... distribution information the hg tag is
nss_3_32_rtm.
...
nss 3.32 requires netscape portable runtime (nspr) 4.16, or newer.
...And 7 more matches
NSS 3.36.6 release notes
introduction network security services (
nss) 3.36.6 is a patch release for
nss 3.36.
... the bug fixes in
nss 3.36.6 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_36_6_rtm.
...And 7 more matches
NSS 3.36.8 release notes
introduction network security services (
nss) 3.36.8 is a patch release for
nss 3.36.
... the bug fixes in
nss 3.36.8 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_36_8_rtm.
...And 7 more matches
NSS 3.38 release notes
introduction the
nss team has released network security services (
nss) 3.38, which is a minor release.
... distribution information the hg tag is
nss_3_38_rtm.
...
nss 3.38 requires nspr 4.19 or newer.
...And 7 more matches
NSS 3.40 release notes
introduction the
nss team has released network security services (
nss) 3.40, which is a minor release.
... distribution information the hg tag is
nss_3_40_rtm.
...
nss 3.40 requires nspr 4.20 or newer.
...And 7 more matches
NSS 3.41 release notes
introduction the
nss team has released network security services (
nss) 3.41 on 7 december 2018, which is a minor release.
... distribution information the hg tag is
nss_3_41_rtm.
...
nss 3.41 requires nspr 4.20 or newer.
...And 7 more matches
NSS 3.42.1 release notes
introduction the
nss team has released network security services (
nss) 3.42.1 on 31 january 2019, which is a patch release.
... distribution information the hg tag is
nss_3_42_1_rtm.
...
nss 3.42.1 requires nspr 4.20 or newer.
...And 7 more matches
NSS 3.44.1 release notes
introduction network security services (
nss) 3.44.1 is a patch release for
nss 3.44.
... the bug fixes in
nss 3.44.1 are described in the "bugs fixed" section below.
... the
nss team would like to recognize first-time contributors: greg rubin distribution information the hg tag is
nss_3_44_1_rtm.
...And 7 more matches
NSS 3.44.2 release notes
introduction network security services (
nss) 3.44.2 is a patch release for
nss 3.44.
... the bug fixes in
nss 3.44.2 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_44_2_rtm.
...And 7 more matches
NSS 3.44.3 release notes
introduction network security services (
nss) 3.44.3 is a patch release for
nss 3.44.
... the bug fixes in
nss 3.44.3 are described in the "bugs fixed" section below.
... the
nss team would like to recognize first-time contributors: craig disselkoen distribution information the hg tag is
nss_3_44_3_rtm.
...And 7 more matches
NSS 3.46.1 release notes
introduction network security services (
nss) 3.46.1 is a patch release for
nss 3.46.
... the bug fixes in
nss 3.46.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_46_1_rtm.
...And 7 more matches
NSS 3.47.1 release notes
introduction network security services (
nss) 3.47.1 is a patch release for
nss 3.47.
... the bug fixes in
nss 3.47.1 are described in the "bugs fixed" section below.
... the
nss team would like to recognize first-time contributors: craig disselkoen distribution information the hg tag is
nss_3_47_1_rtm.
...And 7 more matches
NSS 3.51.1 release notes
introduction the
nss team has released network security services (
nss) 3.51.1 on 3 april 2020.
... distribution information the hg tag is
nss_3_51_1_rtm.
...
nss 3.51.1 requires nspr 4.25 or newer.
...And 7 more matches
NSS 3.53.1 release notes
introduction the
nss team has released network security services (
nss) 3.53.1 on 16 june 2020.
... distribution information the hg tag is
nss_3_53_1_rtm.
...
nss 3.53.1 requires nspr 4.25 or newer.
...And 7 more matches
NSS tools : crlutil
name crlutil — list, generate, modify, or delete crls within the
nss security database file(s) and list, create, modify or delete certificates entries in a particular crl.
...please contribute to the initial review in mozilla
nss bug 836477[1] description the certificate revocation list (crl) management tool, crlutil, is a command-line utility that can list, generate, modify, or delete crls within the
nss security database file(s) and list, create, modify or delete certificates entries in a particular crl.
... -p dbprefix specify the prefix used on the
nss security database files (for example, my_cert8.db and my_key3.db).
...And 7 more matches
NSS 3.15 release notes
introduction the
nss team has released network security services (
nss) 3.15, which is a minor release.
... distribution information the hg tag is
nss_3_15_rtm.
...
nss 3.15 requires nspr 4.10 or newer.
...And 6 more matches
NSS 3.16.1 release notes
introduction network security services (
nss) 3.16.1 is a patch release for
nss 3.16.
... the bug fixes in
nss 3.16.1 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_16_1_rtm.
...And 6 more matches
NSS 3.19.2.4 release notes
introduction network security services (
nss) 3.19.2.4 is a security patch release for
nss 3.19.2.
... the bug fixed in
nss 3.19.2.4 have been described in the "security fixes" section below.
... (current users of
nss 3.19.3,
nss 3.19.4 or
nss 3.20.x are advised to update to
nss 3.21.1,
nss 3.22.2 or a later release.) distribution information the hg tag is
nss_3_19_2_4_rtm.
...And 6 more matches
NSS 3.22.1 release notes
introduction network security services (
nss) 3.22.1 is a patch release for
nss 3.22.
... the bug fixes in
nss 3.22.1 are described in the "notable changes" section below.
... distribution information the hg tag is
nss_3_22_1_rtm.
...And 6 more matches
NSS 3.22.3 release notes
introduction network security services (
nss) 3.22.3 is a patch release for
nss 3.22.
... the bug fixes in
nss 3.22.3 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_22_3_rtm.
...And 6 more matches
NSS 3.28.2 release notes
introduction network security services (
nss) 3.28.2 is a patch release for
nss 3.28.
... distribution information the hg tag is
nss_3_28_2_rtm.
...
nss 3.28.2 requires nspr 4.13.1 or newer.
...And 6 more matches
NSS 3.30 release notes
introduction the network security services (
nss) team has released
nss 3.30, which is a minor release.
... distribution information the hg tag is
nss_3_30_rtm.
...
nss 3.30 requires netscape portable runtime (nspr); 4.13.1 or newer.
...And 6 more matches
NSS 3.31.1 release notes
introduction the network security services (
nss) team has released
nss 3.31.1, which is a patch release for
nss 3.31.
... distribution information the hg tag is
nss_3_31_1_rtm.
...
nss 3.31.1 requires netscape portable runtime (nspr) 4.15, or newer.
...And 6 more matches
NSS 3.34.1 release notes
introduction the network security services (
nss) team has released
nss 3.34.1, which is a minor release.
... distribution information the hg tag is
nss_3_34.1_rtm.
...
nss 3.34.1 requires netscape portable runtime (nspr) 4.17, or newer.
...And 6 more matches
NSS 3.34 release notes
introduction the network security services (
nss) team has released
nss 3.34, which is a minor release.
... distribution information the hg tag is
nss_3_34_rtm.
...
nss 3.34 requires netscape portable runtime (nspr) 4.17, or newer.
...And 6 more matches
NSS 3.36.2 release notes
introduction network security services (
nss) 3.36.2 is a patch release for
nss 3.36.
... distribution information the hg tag is
nss_3_36_2_rtm.
...
nss 3.36.2 requires nspr 4.19 or newer.
...And 6 more matches
NSS 3.36.4 release notes
introduction network security services (
nss) 3.36.4 is a patch release for
nss 3.36.
... distribution information the hg tag is
nss_3_36_4_rtm.
...
nss 3.36.4 requires nspr 4.19 or newer.
...And 6 more matches
NSS 3.36.5 release notes
introduction network security services (
nss) 3.36.5 is a patch release for
nss 3.36.
... the bug fixes in
nss 3.36.5 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_36_5_rtm.
...And 6 more matches
NSS 3.36 release notes
introduction the
nss team has released network security services (
nss) 3.36, which is a minor release.
... distribution information the hg tag is
nss_3_36_rtm.
...
nss 3.36 requires nspr 4.19 or newer.
...And 6 more matches
NSS 3.37.1 release notes
introduction network security services (
nss) 3.37.1 is a patch release for
nss 3.37.
... distribution information the hg tag is
nss_3_37_1_rtm.
...
nss 3.37.1 requires nspr 4.19 or newer.
...And 6 more matches
NSS 3.37.3 release notes
introduction network security services (
nss) 3.37.3 is a patch release for
nss 3.37.
... distribution information the hg tag is
nss_3_37_3_rtm.
...
nss 3.37.3 requires nspr 4.19 or newer.
...And 6 more matches
NSS 3.44.4 release notes
introduction the
nss team has released network security services (
nss) 3.44.4 on 19 may 2020.
... distribution information the hg tag is
nss_3_44_4_rtm.
...
nss 3.44.4 requires nspr 4.21 or newer.
...And 6 more matches
NSS 3.52.1 release notes
introduction the
nss team has released network security services (
nss) 3.52.1 on 19 may 2020.
... distribution information the hg tag is
nss_3_52_1_rtm.
...
nss 3.52.1 requires nspr 4.25 or newer.
...And 6 more matches
NSS Sample Code Sample1
nss sample code 1: key generation and transport between servers.
...sample code #include <iostream.h> #include "pk11pub.h" #include "keyhi.h" #include "
nss.h" // key management for keys share among multiple hosts // // this example shows how to use
nss functions to create and // distribute keys that need to be shared among multiple servers // or hosts.
...(currently
nss doesn't store persistant keys.
...And 6 more matches
NSS tools : crlutil
name crlutil — list, generate, modify, or delete crls within the
nss security database file(s) and list, create, modify or delete certificates entries in a particular crl.
... synopsis crlutil [options] arguments description the certificate revocation list (crl) management tool, crlutil, is a command-line utility that can list, generate, modify, or delete crls within the
nss security database file(s) and list, create, modify or delete certificates entries in a particular crl.
... -p dbprefix specify the prefix used on the
nss security database files (for example, my_cert8.db and my_key3.db).
...And 6 more matches
NSS Certificate Download Specification
this document describes the data formats used by
nss 3.x for installing certificates.
... data formats
nss can accept certificates in several formats.
... binary formats
nss's certificate loader will recognize several binary formats.
...And 5 more matches
NSS 3.16.2 release notes
introduction network security services (
nss) 3.16.2 is a patch release for
nss 3.16.
... the bug fixes in
nss 3.16.2 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_16_2_rtm.
...And 5 more matches
NSS 3.16.3 release notes
introduction network security services (
nss) 3.16.3 is a patch release for
nss 3.16.
... the bug fixes in
nss 3.16.3 are described in the "bugs fixed" section below.
... distribution information the hg tag is
nss_3_16_3_rtm.
...And 5 more matches
NSS 3.26 release notes
introduction the network security services (
nss) team has released
nss 3.26, which is a minor release.
... distribution information the hg tag is
nss_3_26_rtm.
...
nss 3.26 requires netscape portable runtime (nspr) 4.12 or newer.
...And 5 more matches
NSS 3.29 release notes
introduction the network security services (
nss) team has released
nss 3.29, which is a minor release.
... distribution information the hg tag is
nss_3_29_rtm.
...
nss 3.29 requires netscape portable runtime (nspr) 4.13.1 or newer.
...And 5 more matches
NSS Memory allocation
nss makes extensive use of nspr's plarenapools for memory allocation.
...when
nss attempts to allocate more memory for an arena pool, the plarenapool code attempts to use an arena from its free list, and only gets a new arena from the heap if there are no arenas in the free list that are large enough to satisfy the request.
...see the prototype at http://mxr.mozilla.org/nspr/source/n.../ds/plarenas.h a program should call that function at the very end, after having shutdown
nss and nspr, to really free the contents of the free list.
...And 4 more matches
NSS 3.40.1 release notes
introduction the
nss team has released network security services (
nss) 3.40.1, which is a patch release for
nss 3.40 distribution information the hg tag is
nss_3_40_1_rtm.
...
nss 3.40.1 requires nspr 4.20 or newer.
...
nss 3.40 source distributions are available on ftp.mozilla.org for secure https download: source tarballs: https://ftp.mozilla.org/pub/mozilla.org/security/
nss/releases/
nss_3_40_1_rtm/src/ new in
nss 3.40.1 new functionality no new functionality is introduced in this release.
...And 4 more matches
NSS Sample Code sample2
nss sample code 2: symmetric encryption /* example code to illustrate des enccryption/decryption using
nss.
... */ #include "
nss.h" #include "pk11pub.h" /* example key & iv */ unsigned char gkey[] = {0xe8, 0xa7, 0x7c, 0xe2, 0x05, 0x63, 0x6a, 0x31}; unsigned char giv[] = {0xe4, 0xbb, 0x3b, 0xd3, 0xc3, 0x71, 0x2e, 0x58}; int main(int argc, char **argv) { ck_mechanism_type ciphermech; pk11slotinfo* slot = null; pk11symkey* symkey = null; secitem* secparam = null; pk11context* enccontex...
...t = null; secitem keyitem, ivitem; secstatus rv, rv1, rv2; unsigned char data[1024], buf1[1024], buf2[1024]; int i, result_len, tmp1_outlen, tmp2_outlen; /* initialize
nss * if your application code has already initialized
nss, you can skip it * here.
...And 4 more matches
NSS Sample Code sample6
nss sample code 6: persistent symmetric keys in
nss database /* example code to illustrate generation of a secret symmetric key ring * that persists in the
nss database.
... * to decrypt, you need the ciphertext and the id of the key that was used * to encrypt * * before running this example, create the
nss database * certutil -n -d .
... * (enter "test" when prompted for password) */ #include "
nss.h" #include "pk11pub.h" /* the key id can be any sequence of bytes.
...And 4 more matches
NSS tools : ssltab
see also the
nss security tools are also documented at [1]http://www.mozilla.org/projects/security/pki/
nss/.
... additional resources
nss is maintained in conjunction with pki and security-related projects through mozilla dn fedora.
...for information specifically about
nss, the
nss project wiki is located at [3]http://www.mozilla.org/projects/security/pki/
nss/.
...And 4 more matches
NSS tools : ssltap
see also the
nss security tools are also documented at [1]http://www.mozilla.org/projects/security/pki/
nss/.
... additional resources
nss is maintained in conjunction with pki and security-related projects through mozilla dn fedora.
...for information specifically about
nss, the
nss project wiki is located at [3]http://www.mozilla.org/projects/security/pki/
nss/.
...And 4 more matches
NSS tools : ssltap
see also the
nss security tools are also documented at [1]http://www.mozilla.org/projects/security/pki/
nss/.
... additional resources
nss is maintained in conjunction with pki and security-related projects through mozilla dn fedora.
... for information specifically about
nss, the
nss project wiki is located at [3]http://www.mozilla.org/projects/security/pki/
nss/.
...And 4 more matches
NSS 3.17 release notes
introduction the
nss team has released network security services (
nss) 3.17, which is a minor release.
... distribution information the hg tag is
nss_3_17_rtm.
...
nss 3.17 requires nspr 4.10.7 or newer.
...And 3 more matches
Release notes for recent versions of NSS
the current stable release of
nss is 3.56, which was released on 21 august 2020.
... (
nss 3.56 release notes) the current esr releases of
nss are 3.44.4 (
nss 3.44.4 release notes), intended for firefox esr 68, which was released on 19 may 2020, and 3.53.1 (
nss 3.53.1 release notes), intended for firefox esr 78, which was released on 16 june 2020.
... past releases
nss 3.56 release notes
nss 3.55 release notes
nss 3.54 release notes
nss 3.53.1 release notes
nss 3.53 release notes
nss 3.52.1 release notes
nss 3.44.4 release notes
nss 3.52 release notes
nss 3.51.1 release notes
nss 3.51 release notes
nss 3.50 release notes
nss 3.49.2 release notes
nss 3.49.1 release notes
nss 3.49 release notes
nss 3.48.1 release notes
nss 3.48 release notes
nss 3.47.1 release notes
nss 3.47 release notes
nss 3.46.1 release notes
nss 3.46 release notes
nss 3.45 release notes
nss 3.44.3 release notes
nss 3.44.2 release notes
nss 3.44.1 release notes
nss 3.44 release notes
nss 3.43 release notes
nss 3.42.1 release notes
nss 3.42 release notes
nss 3.36.8 release notes
nss 3.36.7 release notes
nss 3.41 release notes
nss 3.40.1...
...And 3 more matches
NSS Sample Code Sample_1_Hashing
nss sample code 1: hashing a file.
... this program illustrates the use of
nss message apis.
... sample code 1 /* nspr headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> /*
nss headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5", sec_oid_md5 }, { "sha1", sec_oid_sha1 }, { "sha256", sec_oid_sha256 }, { "sha384", sec_oid_sha384 }, { "sha512", sec_oid_sha512 } }; /* * maps a hash name to a secoidtag.
...And 3 more matches
Initialize NSS database - sample 2
nss sample code 2: initialize the
nss database.
... the
nss sample code below demonstrates how to initialize the
nss database.
... pr_fprintf(pr_stderr, "failed to change password.\n"); return secfailure; } port_memset(oldpw, 0, pl_strlen(oldpw)); port_free(oldpw); pr_fprintf(pr_stdout, "password changed successfully.\n"); } port_memset(newpw, 0, pl_strlen(newpw)); port_free(newpw); return secsuccess; } /* * this example illustrates initialization of the
nss database.
...And 3 more matches
nss tech note3
all about certificate extensions
nss technical note: 3 09 may 2002 nelson b.
... bolyard this week at least 5 different people came to me with variants of the same question: what certificate extensions do i have to put into my cert for
nss to allow it to be used for purpose <x>??
... this message attempts to answer that question, and to document
nss's approach to validating certificates for certain purposes.
...And 3 more matches
NSS Key Log Format
key logs can be written by
nss so that external programs can decrypt tls connections.
...note: starting with
nss 3.24 (used by firefox 48 and 49 only), the sslkeylogfile approach is disabled by default for optimized builds using the makefile (those using gyp via build.sh are not affected).
... distributors can re-enable it at compile time though (using the
nss_allow_sslkeylogfile=1 make variable) which is done for the official firefox binaries.
...And 2 more matches
NSS Sample Code Sample_3_Basic Encryption and MACing
nss sample code 3: basic encryption and macing this example program demonstrates how to encrypt and mac a file.
... sample code 3 /* nspr headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /*
nss headers */ #include <keyhi.h> #include <pk11priv.h> /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header "-----begin aeskey ckaid-----" #define enckey_trailer "-----end aeskey ckaid-----" #define mackey_header "-----begin mackey ckaid-----" #define mackey_trailer "-----end mackey ckaid-----" ...
...*/ rv =
nss_initreadwrite(dbdir); if (rv != secsuccess) { pr_fprintf(pr_stderr, "
nss_initreadwrite failed\n"); goto cleanup; } pk11_setpasswordfunc(getmodulepassword); slot = pk11_getinternalkeyslot(); if (pk11_needlogin(slot)) { rv = pk11_authenticate(slot, pr_true, &pwdata); if (rv != secsuccess) { pr_f...
...And 2 more matches
nss tech note8
background information on libssl's cache functions and sids
nss technical note: 8 27 february 2006 nelson b.
... since
nss 1.0, up until
nss 3.4, there were two global variables that contained the expected session lifetimes for ssl2 and ssl3 sessions.
...however since
nss was delivered as archive libraries, client programs merely declared these two variables for themselves, and then were able to alter those variables directly.
...And 2 more matches
NSS Tech Notes
nss technical notes newsgroup: mozilla.dev.tech.crypto
nss technical notes provide latest information about new
nss features and supplementary documentation for advanced topics in programming with
nss.
... tn1: how to use the
nss asn.1 and quickder decoders.
... tn5: using
nss to perform miscellaneous cryptographic operations.
...And 2 more matches
NSS Key Functions
this chapter describes two functions used to manipulate private keys and key databases such as the key3.db database provided with
nss.
... back to the
nss reference main page.
... seckey_getdefaultkeydb seckey_destroyprivatekey seckey_getdefaultkeydb returns a handle to the default key database opened by
nss_init.
...And 2 more matches
NSS cryptographic module
this chapter describes the data types and functions that one can use to perform cryptographic operations with the
nss cryptographic module.
... the
nss cryptographic module uses the industry standard pkcs #11 v2.20 as its api with some extensions.
... therefore, an application that supports pkcs #11 cryptographic tokens can be easily modified to use the
nss cryptographic module.
...And 2 more matches
NSS tools : cmsutil
." sign message example cmsutil -s [-i infile] [-o outfile] [-d dbdir] [-p password] -n nickname[-tgp] [-y ekprefnick] see also certutil(1) see also additional resources
nss is maintained in conjunction with pki and security-related projects through mozilla dn fedora.
...for information specifically about
nss, the
nss project wiki is located at [2]http://www.mozilla.org/projects/security/pki/
nss/.
... the
nss site relates directly to
nss code changes and releases.
...And 2 more matches
NSS Tools
nss security tools newsgroup: mozilla.dev.tech.crypto overview the
nss security tools allow developers to test, debug, and manage applications that use
nss.
... currently, you must download the
nss 3.1 source and build it to create binary files for the
nss tools.
... for information about downloading the
nss source, see https://developer.mozilla.org/
nss/building.
...And 2 more matches
NSS Tools crlutil
using the certificate revocation list management tool newsgroup: mozilla.dev.tech.crypto the certificate revocation list (crl) management tool is a command-line utility that can list, generate, modify, or delete crls within the
nss security database file(s) and list, create, modify or delete certificates entries in a particular crl.
... -p dbprefix specify the prefix used on the
nss security database files (for example, my_cert8.db and my_key3.db).
... the
nss database files must reside in the same directory.
...And 2 more matches
NSS tools : cmsutil
." sign message example cmsutil -s [-i infile] [-o outfile] [-d dbdir] [-p password] -n nickname[-tgp] [-y ekprefnick] see also certutil(1) see also additional resources
nss is maintained in conjunction with pki and security-related projects through mozilla dn fedora.
... for information specifically about
nss, the
nss project wiki is located at [2]http://www.mozilla.org/projects/security/pki/
nss/.
... the
nss site relates directly to
nss code changes and releases.
...And 2 more matches
NSS tools : signtool
netscape internal fips pkcs #11 module (this module is internally loaded) slots: 1 slots attached status: loaded slot: netscape internal fips-140-1 cryptographic services token: communicator certificate db ----------------------------------------------- see also signver (1) the
nss wiki has information on the new database design and how to configure applications to use it.
... o https://wiki.mozilla.org/
nss_shared_db_howto o https://wiki.mozilla.org/
nss_shared_db additional resources for information about
nss and other tools related to
nss (like jss), check out the
nss project wiki at [1]http://www.mozilla.org/projects/security/pki/
nss/.
... the
nss site relates directly to
nss code changes and releases.
...And 2 more matches
Utilities for nss samples
nss sample code 0: utilities.
... these utility functions are adapted from those found in the sectool library used by the
nss security tools and other
nss test applications.
...*/ #ifndef _util_h #define _util_h #include <prlog.h> #include <termios.h> #include <base64.h> #include <unistd.h> #include <sys/stat.h> #include "util.h" #include <prprf.h> #include <prerror.h> #include <
nss.h> #include <pk11func.h> /* * these utility functions are adapted from those found in * the sectool library used by the
nss security tools and * other
nss test applications.
...*/ #include "util.h" /* * these utility functions are adapted from those found in * the sectool library used by the
nss security tools and * other
nss test applications.
NSS tools : vfychain
additional resources for information about
nss and other tools related to
nss (like jss), check out the
nss project wiki at [1]http://www.mozilla.org/projects/security/pki/
nss/.
... the
nss site relates directly to
nss code changes and releases.
... mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto irc: freenode at #dogtag-pki authors the
nss tools were written and maintained by developers with netscape, red hat, and sun.
...http://www.mozilla.org/projects/security/pki/
nss/ ...
NSS tools : vfyserv
name vfyserv — tbd synopsis vfyserv description the vfyserv tool verifies a certificate chain options additional resources for information about
nss and other tools related to
nss (like jss), check out the
nss project wiki at [1]http://www.mozilla.org/projects/security/pki/
nss/.
... the
nss site relates directly to
nss code changes and releases.
... mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto irc: freenode at #dogtag-pki authors the
nss tools were written and maintained by developers with netscape, red hat, and sun.
...http://www.mozilla.org/projects/security/pki/
nss/ ...
NSS tools : vfychain
additional resources for information about
nss and other tools related to
nss (like jss), check out the
nss project wiki at [1]http://www.mozilla.org/projects/security/pki/
nss/.
... the
nss site relates directly to
nss code changes and releases.
... mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto irc: freenode at #dogtag-pki authors the
nss tools were written and maintained by developers with netscape, red hat, and sun.
...http://www.mozilla.org/projects/security/pki/
nss/ ...
nsIDNSService
netwerk/dns/nsid
nsservice.idlscriptable provides domain name resolution service.
...to access the service, use: var d
nsservice = components.classes["@mozilla.org/network/dns-service;1"] .createinstance(components.interfaces.nsid
nsservice); note: starting in gecko 7.0, the "happy eyeballs" strategy is used to reduce lengthy timeouts when attempting backup connections during attempts to connect from clients that have broken ipv6 connectivity.
...example let d
nsservice = components.classes["@mozilla.org/network/dns-service;1"] .createinstance(components.interfaces.nsid
nsservice); let thread = components.classes["@mozilla.org/thread-manager;1"] .getservice(components.interfaces.nsithreadmanager).currentthread; let host = "www.mozilla.org"; let listener = { onlookupcomplete: function(request, record, status) { if (!com...
...ponents.issuccesscode(status)) { // handle error here return; } let address = record.getnextaddrasstring(); console.log(host + " = " + address); } }; d
nsservice.asyncresolve(host, 0, listener, thread); ...
NSS Sample Code sample4
nss sample code 4: pki encryption /* example code to illustrate pki crypto ops (encrypt with public key, * decrypt with private key) * * code assumes that you have set up a
nss database with a certificate * and a private key.
... */ #include "
nss.h" #include "pk11pub.h" /* this callback is responsible for returning the password to the
nss * key database.
...ver a secure communication * channel */ char *passwdcb(pk11slotinfo *info, prbool retry, void *arg); int main(int argc, char **argv) { secstatus rv; certcertificate *cert = null; seckeypublickey *pubkey = null; seckeyprivatekey *pvtkey = null; int modulus_len, i, outlen; char *buf1 = null; char *buf2 = null; /* initialize
nss */ pk11_setpasswordfunc(passwdcb); rv =
nss_init("."); if (rv != secsuccess) { fprintf(stderr, "
nss initialization failed (err %d)\n", pr_geterror()); goto cleanup; } cert = pk11_findcertfromnickname("testca", null); if (cert == null) { fprintf(stderr, "couldn't find cert testca in
nss db (err %d)\n", pr_geterror()); goto cleanup; } pu...
NSS Sample Code sample5
nss sample code 5: pki encryption with a raw public & private key in der format /* example code to illustrate pki crypto ops (encrypt with public key, * decrypt with private key) * * no
nss db needed.
... */ #include "
nss.h" #include "pk11pub.h" #define base64_encoded_subjectpublickeyinfo "mfwwdqyjkozihvcnaqebbqadswawsajbal3f6tic3jeysugo+a2fpu3w+epv/feix21dc86wynpftw4srftz2onuzyluzdhzdb+k//8dct3iaozuui3r2emcaweaaq==" #define base64_encoded_privatekeyinfo "miibvqibadanbgkqhkig9w0baqefaascat8wgge7ageaakeavcxpmhzckriy6cj5rz89tdb4sm/8v4hfbumlzpziekw1biysw3pag1tpittmmdl1v6t//x1xpcga7nrsldhz4widaqabakeajh8+4qncwcmgivnm6ytbpqt...
...spki = null; seckeyprivatekey *pvtkey = null; int modulus_len, i, outlen; char *buf1 = null; char *buf2 = null; char *pubkstr = base64_encoded_subjectpublickeyinfo; char *pvtkstr = base64_encoded_privatekeyinfo; secitem der; secitem nickname; pk11slotinfo *slot = null; /* initialize
nss * you need to explicitly authenticate to the internal token if you use *
nss_init insteadf of
nss_nodb_init * invoke this after getting the internal token handle * pk11_authenticate(slot, pr_false, null); */ rv =
nss_nodb_init("."); if (rv != secsuccess) { fprintf(stderr, "
nss initialization failed (err %d)\n", pr_geterror()); goto cleanup; } /* ...
NSS Sample Code
nss sample code the collection of sample code here demonstrates how
nss can be used for cryptographic operations, certificate handling, ssl, etc.
... sample code 1: key generation and transport between servers sample code 2: symmetric encryption sample code 3: hashing, mac sample code 4: pki encryption sample code 5: pki encryption with a raw public & private key in der format sample code 6: persistent symmetric keys in
nss database these are very old examples in need of replacement.
... see https://bugzilla.mozilla.org/show_bug.cgi?id=490238 you are welcome to download the new samples via: hg clone https://hg.mozilla.org/projects/
nss; cd
nss; hg update samples_branch the new samples: /docs/mozilla/projects/
nss/new_
nss_samples ...
NSS Third-Party Code
this is a list of third-party code included in the
nss repository, broken into two lists: code that can be compiled into the
nss libraries, and code that is only used for testing.
... note that not all code that can be compiled into the
nss libraries necessarily is.
... compiled in sqlite [/lib/sqlite] berkleydb [/lib/dbm] zlib [/lib/zlib] libjar [/lib/jar] fiat-crypto, ring [lib/freebl/ecl] used for tests gtest [/gtests] downloaded by certain test tooling tlsfuzzer [/tests/tlsfuzzer] bogo tests [/tests/bogo] boringssl, ope
nssl [/tests/interop] ...
RTCIceCandidatePairStats.retransmissionsSent - Web APIs
the rtcicecandidatepairstats dictionary's retransmissio
nssent property indicates the total number of stun connectivity check request retransmissions that have been sent so far on the pair of candidates.
... syntax retransmissio
nssent = rtcicecandidatepairstats.retransmissio
nssent; value an integer value indicating the total number of retransmitted stun connectivity check requests have been sent on the connection referenced by this candidate pair so far.
... specifications specification status comment identifiers for webrtc's statistics apithe definition of 'rtcicecandidatepairstats.retransmissio
nssent' in that specification.
NSS CERTVerify Log
certverifylog all the
nss verify functions except, the *verifynow() functions, take a parameter called 'certverifylog'.
... if you supply the log parameter,
nss will continue chain validation after each error .
NSS Config Options
nss config options format the specified ciphers will be allowed by policy, but an application may allow more by policy explicitly: config="allow=curve1:curve2:hash1:hash2:rsa-1024..." only the specified hashes and curves will be allowed: config="disallow=all allow=sha1:sha256:secp256r1:secp384r1" only the specified hashes and curves will be allowed, and rsa keys of 2048 or more will be accepted, and dh key exchange with 1024-bit primes or more: config="disallow=all allow=sha1:sha256:secp256r1:secp384r1:min-rsa=2048:min-dh=1024" a policy that enables the aes ciphersuites and the secp256/384 curves: config="allow=aes128-cbc:aes128-gcm::hmac-sha1:sha1:sha256:sha384:rsa:ecdhe-rsa:secp256r1:secp384r1" turn off md5 config="disallow=md5" turn off md5 and sha1 only for ssl con...
... policy-lock: turn off the ability for applications to change policy with the call
nss_setalgorithmpolicy.
NSS Sample Code Utilities_1
nss sample code common: utilities this is a library of utilities used by many of the samples.
...seed from noise file read der encoding from a file extract the password from a text file get the module password print as ascii or hexadecimal sample code #include <prlog.h> #include <termios.h> #include <base64.h> #include <unistd.h> #include <sys/stat.h> #include <prprf.h> #include "util.h" /* * these utility functions are adapted from those found in * the sectool library used by the
nss security tools and * other
nss test applications.
NSS Sample Code sample3
sample code 3: hashing, mac /* * demonstration program for hashing and macs */ #include <iostream.h> #include "pk11pub.h" #include "
nss.h" static void printdigest(unsigned char *digest, unsigned int len) { int i; cout << "length: " << len << endl; for(i = 0;i < len;i++) printf("%02x ", digest[i]); cout << endl; } /* * main */ int main(int argc, const char *argv[]) { int status = 0; pk11slotinfo *slot = 0; pk11symkey *key = 0; pk11context *context = 0; unsigned char data[80]; unsigned char digest[20]; /*is there a way to tell how large the output is?*/ unsigned int len; secstatus s; /* initialize
nss * if your application code has already initialized
nss, you can skip it * here.
... * this code uses the simplest of the init functions, which does not * require a
nss database to exist */
nss_nodb_init("."); /* get a slot to use for the crypto operations */ slot = pk11_getinternalkeyslot(); if (!slot) { cout << "getinternalkeyslot failed" << endl; status = 1; goto done; } /* * part 1 - simple hashing */ cout << "part 1 -- simple hashing" << endl; /* initialize data */ memset(data, 0xbc, sizeof data); /* create a context for hashing (digesting) */ context = pk11_createdigestcontext(sec_oid_md5); if (!context) { cout << "createdigestcontext failed" << endl; goto done; } s = pk11_digestbegin(context); if (s != secsuccess) { cout << "digestbegin failed" << endl; goto done; } s = pk11_digestop(context, data, size...
nss tech note1
how to use the
nss asn.1 and quickder decoders
nss technical note: 1
nss 3.6 contains several decoders for asn.1 and der.two of them are extensively used and are part of the public
nss api : the "classic" asn.1 decoder, written by lisa repka .
... the "quickder" decoder, written by julien pierre for
nss 3.6 .
nss tech note4
pulling certificate extension information out of ssl certificates
nss technical note: 4 note: this document contains code snippets that focus on essential aspects of the task and often do not illustrate all the cleanup that needs to be done.
... secstatus cert_findsubjectkeyidexten (certcertificate *cert, secitem *retitem); for more information browse through the
nss source code online at http://lxr.mozilla.org/mozilla/source/security/
nss/ and http://lxr.mozilla.org/security/ documentation on some cert funcs http://www.mozilla.org/projects/security/pki/
nss/ref/ssl/sslcrt.html ...
New NSS Samples
new
nss sample code this collection of sample code demonstrates how
nss can be used for cryptographic operations, certificate handling, ssl, etc.
...see https://bugzilla.mozilla.org/show_bug.cgi?id=490238 how to download the samples: hg clone https://hg.mozilla.org/projects/
nss; cd
nss; hg update samples_branch samples list: sample code 1: hashing sample code 2: init
nss database sample code 3: encrypt/decrypt and mac using token sample code 4: encrypt/decrypt and mac using session objects sample code 5: encrypt/decrypt/mac output public key as a csr sample code 6: encrypt/decrypt/mac generating a pkcs#11 csr common code used by these samples: sample code 0: utilities thanks are due to shailendra jain, mozilla community member, who is the principal author of these samples.
NSS Tools pk12util-tasks
nss security tools: pk12util tasks newsgroup: mozilla.dev.tech.crypto task list need to migrate code to use an up-to-date version of
nss.
... use
nss functions in pcertdb for handling older database ...
nsString external
rs stripwhitespace trim defaultcomparator compare equals operator< operator<= operator== operator>= operator> operator!= equalsliteral lowercaseequalsliteral find rfind findchar rfindchar appendint tointeger base classes
nsstringcontainer data members no public members.
... methods constructors void
nsstring_external() - source void
nsstring_external(const
nsstring_external&) - source parameters
nsstring_external& astring void
nsstring_external(const nsastring&) - source parameters nsastring& areadable void
nsstring_external(const prunichar*, pruint32) - source parameters prunichar* adata pruint32 alength get prunichar* get() const - source operator=
nsstring_external& operator=(const
nsstring_external&) - source parameters
nsstring_external& astring nsastring& operator=(const nsastring&) - source parameters nsastring& astring...
nsSupportsWeakReference
#include "nsweakreference.h" class
nssupportsweakreference { ...
... #include "nsweakreference.h" #include "nsifoo.h" class myfoo : public nsifoo, public
nssupportsweakreference { public: ns_decl_isupports ns_decl_nsifoo ...
Index
found 353 pages: # page tags and summary 1 network security services jss,
nss, needsmigration network security services (
nss) is a set of libraries designed to support cross-platform development of security-enabled client and server applications.
... applications built with
nss can support ssl v3, tls, pkcs #5, pkcs #7, pkcs #11, pkcs #12, s/mime, x.509 v3 certificates, and other security standards.
... 2 an overview of
nss internals api, intermediate, intro,
nss, tools a high-level overview to the internals of network security services (
nss) software developed by the mozilla.org projects traditionally used its own implementation of security protocols and cryptographic algorithms, originally called netscape security services, nowadays called network security services (
nss).
...And 553 more matches
PKCS11 FAQ
does the certificate need to be imported into
nss's internal certificate database?
... if so, is there a way to get the certificate from an external token into
nss's internal certificate database?
...
nss searches all the installed pkcs #11 modules when looking for certificates.
...And 87 more matches
sslfnc.html
upgraded documentation may be found in the current
nss reference ssl functions chapter 4 ssl functions this chapter describes the core ssl functions.
... ssl initialization functions ssl export policy functions ssl configuration functions ssl communication functions ssl functions used by callbacks ssl handshake functions
nss shutdown function deprecated functions ssl initialization functions this section describes the initialization functions that are specific to ssl.
... for a complete list of
nss initialization functions, see initialization.
...And 78 more matches
PKCS11 Implement
implementing pkcs #11 for
nss note: this document was originally for the netscape security library that came with netscape communicator 4.0.
... this note will be removed once the document is updated for the current version of
nss.
... this document supplements the information in pkcs #11: cryptographic token interface standard, version 2.0 with guidelines for implementors of cryptographic modules who want their products to work with mozilla client software: how
nss calls pkcs #11 functions.
...And 75 more matches
Network Security Services
network security services (
nss) is a set of libraries designed to support cross-platform development of security-enabled client and server applications.
... applications built with
nss can support ssl v3, tls, pkcs #5, pkcs #7, pkcs #11, pkcs #12, s/mime, x.509 v3 certificates, and other security standards.
... for detailed information on standards supported, see overview of
nss.
...And 27 more matches
certutil
name certutil — manage keys and certificate in the the
nss database.
...this is used to merge legacy
nss databases (cert8.db and key3.db) into the newer sqlite databases (cert9.db and key4.db).
...this is used to migrate legacy
nss databases (cert8.db and key3.db) into the newer sqlite databases (cert9.db and key4.db).
...And 26 more matches
Mozilla internal string guide
every 16-bit class has an equivalent 8-bit class: naming convention for wide and narrow string classes wide narrow nsastring nsacstring
nsstring nscstring nsautostring nsautocstring etc...
...
nsstring/nscstring: builds on nsastring by guaranteeing a null-terminated storage.
... the remainder of the string classes inherit from either nsastring or
nsstring.
...And 24 more matches
Modularization techniques - Archive of obsolete content
#include "nsisupports.h" // {57ecad90-ae1a-11d1-b66c-00805f8a2676} #define ns_isample_iid \ {0x57ecad90, 0xae1a, 0x11d1, \ {0xb6, 0x6c, 0x00, 0x80, 0x5f, 0x8a, 0x26, 0x76}} /* * nsisample interface declaration */ class nsisample: public nsisupports { public: ns_imethod hello() = 0; }; file
nssample.h
nssample.h defines the class id (cid) for our sample class.
... #include "nsifactory.h" // {d3944dd0-ae1a-11d1-b66c-00805f8a2676} #define ns_sample_cid \ {0xd3944dd0, 0xae1a, 0x11d1, \ {0xb6, 0x6c, 0x00, 0x80, 0x5f, 0x8a, 0x26, 0x76}} extern nsresult getsamplefactory(nsifactory **aresult); file
nssample.cpp
nssample.cpp contains both the declaration and implementation of our sample class, and the declaration and implementation of our class factory.
... #include "nsisample.h" #include "
nssample.h" static ns_define_iid(kisupportsiid, ns_isupports_iid); static ns_define_iid(kifactoryiid, ns_ifactory_iid); static ns_define_iid(kisampleiid, ns_isample_iid); static ns_define_cid(kisamplecid, ns_isample_cid); /* *
nssampleclass declaration */ class
nssample: public nsisample { private: nsrefcnt mrefcnt; public: // constructor and destuctor
nssample(); ~
nssample(); // nsisupports methods ns_imethod queryinterface(const nsiid &aiid, void **aresult); ns_imethod_(nsrefcnt) addref(void); ns_imethod_(nsrefcnt) release(void); // nsisample method ns_imethod hello(); }; /* *
nssamplefactory declaration */ class
nssamplefactory: public nsifactory { private: nsrefcnt mrefcnt; public:
nssamplefactor...
...And 17 more matches
Introduction to Network Security Services
network security services (
nss) is a set of libraries designed to support cross-platform development of communications applications that support ssl, s/mime, and other internet security standards.
... for a general overview of
nss and the standards it supports, see overview of
nss.
... the
nss library supports core crypto operations.
...And 15 more matches
HTTP delegation
background up to version 3.11,
nss connects directly over http to an ocsp responder to make the request and fetch the response.
...instead of improving the simple http client in
nss, the
nss team has decided to provide an
nss api to register application callback functions.
... if provided by the application,
nss will use the registered http client for querying an oscp responder.
...And 14 more matches
HTTP delegation
background up to version 3.11,
nss connects directly over http to an ocsp responder to make the request and fetch the response.
...instead of improving the simple http client in
nss, the
nss team has decided to provide an
nss api to register application callback functions.
... if provided by the application,
nss will use the registered http client for querying an oscp responder.
...And 14 more matches
JSS Provider Notes
it implements cryptographic operations in native code using the
nss libraries.
... specifying the cryptotoken all cryptographic operations in jss and
nss occur on a particular pkcs #11 token, implemented in software or hardware.
...by default, the jss provider carries out all operations except messagedigest on the internal key storage token, a software token included in jss/
nss.
...And 13 more matches
Mozilla-JSS JCA Provider notes
it implements cryptographic operations in native code using the
nss libraries.
...specifying the cryptotoken all cryptographic operations in jss and
nss occur on a particular pkcs #11 token, implemented in software or hardware.
...by default, the jss provider carries out all operations except messagedigest on the internal key storage token, a software token included in jss/
nss.
...And 13 more matches
JSS
legacy jss information can still be found at: source: https://hg.mozilla.org/projects/jss issues: https://bugzilla.mozilla.org/buglist.cgi?product=jss wiki: /docs/mozilla/projects/
nss/jss network security services for java (jss) is a java interface to
nss.
... jss supports most of the security standards and encryption technologies supported by
nss.
... jss offers a implementation of java ssl sockets that uses
nss's ssl/tls implementation rather than sun's jsse implementation.
...And 13 more matches
Using Objective-C from js-ctypes
#import <appkit/appkit.h> int main(void) {
nsspeechsynthesizer* synth = [[
nsspeechsynthesizer alloc] initwithvoice: nil]; [synth startspeakingstring: @"hello, firefox!"]; // wait until start speaking.
...let's look at the following codelet: [
nsspeechsynthesizer alloc] it passes an alloc message to the
nsspeechsynthesizer class, in objective-c syntax.
... it performs the following through this objective-c syntax: get the
nsspeechsynthesizer class definition.
...And 13 more matches
Build instructions
use the building
nss page for more recent information.
... numerous optional features of
nss builds are controlled through make variables.
...(for posix shells), variable=value; export variable gmake target1 target2 here are some (not all) of the make variables that affect
nss builds: build_opt: if set to 1, means do optimized non-debug build.
...And 12 more matches
Signing an XPI - Archive of obsolete content
download the latest network security services (
nss) package from the mozilla ftp site at https://ftp.mozilla.org/pub/mozilla.or.../
nss/releases/.
... for windows, you'll want the
nss-3.11.4.zip package in the
nss_3_11_4_rtm/msvc6.0/winnt5.0_opt.obj/ folder - it is by 2010 the only one with the right binaries.
...in my case it's c:\apps\
nss-3.11.4\ get netscape portable runtime 1.
...And 11 more matches
Mozilla Crypto FAQ - Archive of obsolete content
shortly thereafter the
nss developers began work on an open source implementation of the rsa algorithm; that code, together with code previously developed for other cryptographic algorithms, will be included in a new version 3.1 of the
nss open source cryptographic and pki library.
... this new rsa-capable version of
nss will then be included in a future version of the open source psm software, which will provide ssl support for mozilla.
... at that point both
nss and psm will be completely buildable using the open source code available from the mozilla.org site, and
nss and psm will be included in the mozilla binary releases distributed by mozilla.org.
...And 11 more matches
gtstd.html
upgraded documentation may be found in the current
nss reference getting started with ssl chapter 2 getting started with ssl this chapter describes how to set up your environment, including certificate and key databases.
... ssl, pkcs #11, and the default security databases setting up the certificate and key databases building
nss programs ssl, pkcs #11, and the default security databases the basic relationships among the
nss libraries are described in introduction to network security services.
...netscape provides a built-in pkcs #11 module with
nss.
...And 11 more matches
A Web PKI x509 certificate primer
generate the key using the following command: ope
nssl genpkey -algorithm rsa -out key.pem -pkeyopt rsa_keygen_bits:2048 2048 is considered secure for the next 4 years.
...generate csr using this command: ope
nssl req -new -key key.pem -days 1096 -extensions v3_ca -batch -out example.csr -utf8 -subj '/cn=www.example.com' this creates a new certificate signing request (csr) that will be valid for 3 years.
...write extensions file by creating a new file with name ope
nssl.ss.cnf with the following contents: basicconstraints = ca:false subjectaltname =dns:www.example.com extendedkeyusage =serverauth 4.
...And 11 more matches
JSS FAQ
you will need jdk 1.4 or higher and all the 64 bit versions of nspr, and
nss.
...
nss is a fips-certified software library.
... jss is considered a fips-compliant software library since it only uses
nss for any and all crypto routines.
...And 10 more matches
PKCS #11 Module Specs
nss currently implements this proposal internally.
... these modules specs can be passed by the application directly to
nss via the secmod_loadusermodule() call.
...
nss specific parameters in module specs here are the
nss application specific parameters in use.
...And 9 more matches
XPCOM array guide
for example, here is its use in a class: class medialist { public: void addmedium(const
nsstring& amedium); private: nstarray<
nsstring> mmedia; }; // typesafety of mmedia ensures that we only append an
nsstring void nodecontainer::addmedium(const
nsstring& amedium) { mmedia.appendelement(amedium); } nstarray<t> can also be declared on the stack to collect a temporary list of objects and manipulate them.
... string enumerators can be created from nstarray<
nsstring> or nstarray<nscstring> objects.
... the implementation of the string enumerator interfaces for nstarray<
nsstring> and nstarray<nscstring> supports conversion between utf8 and unicode, and can be queryinterface'd back and forth between nsistringenumerator and nsiutf8stringenumerator.
...And 9 more matches
nsDependentString
eral(const char lowercaseequalsliteral(char assign assignascii assignliteral(const char assignliteral(char adopt replace replaceascii append appendascii appendliteral(const char appendliteral(char operator+= insert cut setcapacity setlength truncate getdata getmutabledata setisvoid stripchar base classes
nsstring data members no public members.
...parameters prunichar* data void rebind(const prunichar*, pruint32) - source parameters prunichar* data pruint32 length void rebind(const prunichar*, const prunichar*) - source parameters prunichar* start prunichar* end operator=
nsstring& operator=(const
nsstring&) - source parameters
nsstring& str nsastring_internal& operator=(prunichar) - source parameters prunichar c nsastring_internal& operator=(const prunichar*) - source parameters prunichar* data nsastring_internal& operator=(const nsastring_internal&) - source parameters nsastring_internal& str nsastring_internal& operator=(const
nssubstringtup...
...le&) - source parameters
nssubstringtuple& tuple get prunichar* get() const - source returns the null-terminated string find print32 find(const nscstring&, prbool, print32, print32) const - source search for the given substring within this string.
...And 9 more matches
nsFixedString
eral(const char lowercaseequalsliteral(char assign assignascii assignliteral(const char assignliteral(char adopt replace replaceascii append appendascii appendliteral(const char appendliteral(char operator+= insert cut setcapacity setlength truncate getdata getmutabledata setisvoid stripchar base classes
nsstring data members no public members.
...by the string (the contents of this buffer may be modified by the string) @param storagesize the size of the fixed buffer @param length (optional) the length of the string already contained in the buffer parameters prunichar* data pruint32 storagesize void nsfixedstring(prunichar*, pruint32, pruint32) - source parameters prunichar* data pruint32 storagesize pruint32 length operator=
nsstring& operator=(const
nsstring&) - source parameters
nsstring& str nsastring_internal& operator=(prunichar) - source parameters prunichar c nsastring_internal& operator=(const prunichar*) - source parameters prunichar* data nsastring_internal& operator=(const nsastring_internal&) - source parameters nsastring_internal& str nsastring_internal& operator=(const
nssubstringtup...
...le&) - source parameters
nssubstringtuple& tuple get prunichar* get() const - source returns the null-terminated string find print32 find(const nscstring&, prbool, print32, print32) const - source search for the given substring within this string.
...And 9 more matches
nsXPIDLString
eral(const char lowercaseequalsliteral(char assign assignascii assignliteral(const char assignliteral(char adopt replace replaceascii append appendascii appendliteral(const char appendliteral(char operator+= insert cut setcapacity setlength truncate getdata getmutabledata setisvoid stripchar base classes
nsstring data members no public members.
... - source parameters nsxpidlstring& str operator const prunichar* prunichar* operator const prunichar*() const - source operator[] prunichar operator[](print32) const - source parameters print32 i prunichar operator[](pruint32) const - source parameters pruint32 i operator= nsxpidlstring& operator=(const nsxpidlstring&) - source parameters nsxpidlstring& str
nsstring& operator=(const
nsstring&) - source parameters
nsstring& str nsastring_internal& operator=(prunichar) - source parameters prunichar c nsastring_internal& operator=(const prunichar*) - source parameters prunichar* data nsastring_internal& operator=(const nsastring_internal&) - source parameters nsastring_internal& str nsastring_internal& operator=(const
nssubstringtup...
...le&) - source parameters
nssubstringtuple& tuple get prunichar* get() const - source returns the null-terminated string find print32 find(const nscstring&, prbool, print32, print32) const - source search for the given substring within this string.
...And 9 more matches
FIPS Mode - an explanation
nss has a "fips mode" that can be enabled when
nss is compiled in a specific way.
... (note: mozilla does not distribute a "fips mode"-ready
nss with firefox.) this page attempts to provide an informal explanation of what it is, who would use it, and why.
... if you're a us government worker, and you want to use a mozilla software product such as firefox, or any product that uses
nss, you will want to use it in a way that is fully conformant with all the relevant fips regulations.
...And 8 more matches
S/MIME functions
the
nss version column indicates which versions of
nss support the function.
... function name/documentation source code
nss versions
nss_cmscontentinfo_getbulkkey mxr 3.2 and later
nss_cmscontentinfo_getbulkkeysize mxr 3.2 and later
nss_cmscontentinfo_getcontent mxr 3.2 and later
nss_cmscontentinfo_getcontentencalgtag mxr 3.2 and later
nss_cmscontentinfo_getcontenttypetag mxr 3.2 and later
nss_cmscontentinfo_setbulkkey mxr 3.2 and later
nss_cmscontentinfo_setcontent mxr 3.2 and later
nss_cmscontentinfo_setcontent_data mxr 3.2 and later
nss_cmscontentinfo_setcontentencalg mxr 3.2 and later ...
...
nss_cmscontentinfo_setcontent_digesteddata mxr 3.2 and later
nss_cmscontentinfo_setcontent_encrypteddata mxr 3.2 and later
nss_cmscontentinfo_setcontent_envelopeddata mxr 3.2 and later
nss_cmscontentinfo_setcontent_signeddata mxr 3.2 and later
nss_cmsdecoder_cancel mxr 3.2 and later
nss_cmsdecoder_finish mxr 3.2 and later
nss_cmsdecoder_start mxr 3.2 and later
nss_cmsdecoder_update mxr 3.2 and later
nss_cmsdigestcontext_cancel mxr 3.2 and later
nss_cmsdigestcontext_finishmultiple mxr 3.2 and later
nss_cmsdig...
...And 8 more matches
NS_ConvertASCIItoUTF16
s_convertasciitoutf16(const char*) - source parameters char* acstring void ns_convertasciitoutf16(const char*, pruint32) - source parameters char* acstring pruint32 alength void ns_convertasciitoutf16(const nsacstring_internal&) - source parameters nsacstring_internal& acstring operator= nsautostring& operator=(const nsautostring&) - source parameters nsautostring& str
nsstring& operator=(const
nsstring&) - source parameters
nsstring& str nsastring_internal& operator=(prunichar) - source parameters prunichar c nsastring_internal& operator=(const prunichar*) - source parameters prunichar* data nsastring_internal& operator=(const nsastring_internal&) - source parameters nsastring_internal& str nsastring_internal& operator=(const
nssubstringtup...
...le&) - source parameters
nssubstringtuple& tuple get prunichar* get() const - source returns the null-terminated string find print32 find(const nscstring&, prbool, print32, print32) const - source search for the given substring within this string.
... @param astring contains set of chars to be found @param aoffset tells us where in this string to start searching (counting from left) @return offset in string, or knotfound parameters char* astring print32 aoffset print32 findcharinset(const
nsstring&, print32) const - source parameters
nsstring& astring print32 aoffset print32 findcharinset(const prunichar*, print32) const - source parameters prunichar* astring print32 aoffset rfindcharinset print32 rfindcharinset(const prunichar*, print32) const - source this method searches this string for the last character found in the given string.
...And 8 more matches
NS_ConvertUTF8toUTF16
d ns_convertutf8toutf16(const char*) - source parameters char* acstring void ns_convertutf8toutf16(const char*, pruint32) - source parameters char* acstring pruint32 alength void ns_convertutf8toutf16(const nsacstring_internal&) - source parameters nsacstring_internal& acstring operator= nsautostring& operator=(const nsautostring&) - source parameters nsautostring& str
nsstring& operator=(const
nsstring&) - source parameters
nsstring& str nsastring_internal& operator=(prunichar) - source parameters prunichar c nsastring_internal& operator=(const prunichar*) - source parameters prunichar* data nsastring_internal& operator=(const nsastring_internal&) - source parameters nsastring_internal& str nsastring_internal& operator=(const
nssubstringtup...
...le&) - source parameters
nssubstringtuple& tuple get prunichar* get() const - source returns the null-terminated string find print32 find(const nscstring&, prbool, print32, print32) const - source search for the given substring within this string.
... @param astring contains set of chars to be found @param aoffset tells us where in this string to start searching (counting from left) @return offset in string, or knotfound parameters char* astring print32 aoffset print32 findcharinset(const
nsstring&, print32) const - source parameters
nsstring& astring print32 aoffset print32 findcharinset(const prunichar*, print32) const - source parameters prunichar* astring print32 aoffset rfindcharinset print32 rfindcharinset(const prunichar*, print32) const - source this method searches this string for the last character found in the given string.
...And 8 more matches
nsAdoptingString
d nsadoptingstring(prunichar*, pruint32) - source parameters prunichar* str pruint32 length void nsadoptingstring(const nsadoptingstring&) - source parameters nsadoptingstring& str operator= nsadoptingstring& operator=(const nsadoptingstring&) - source parameters nsadoptingstring& str nsxpidlstring& operator=(const nsxpidlstring&) - source parameters nsxpidlstring& str
nsstring& operator=(const
nsstring&) - source parameters
nsstring& str nsastring_internal& operator=(prunichar) - source parameters prunichar c nsastring_internal& operator=(const prunichar*) - source parameters prunichar* data nsastring_internal& operator=(const nsastring_internal&) - source parameters nsastring_internal& str nsastring_internal& operator=(const
nssubstringtup...
...le&) - source parameters
nssubstringtuple& tuple operator const prunichar* prunichar* operator const prunichar*() const - source operator[] prunichar operator[](print32) const - source parameters print32 i prunichar operator[](pruint32) const - source parameters pruint32 i get prunichar* get() const - source returns the null-terminated string find print32 find(const nscstring&, prbool, print32, print32) const - source search for the given substring within this string.
... @param astring contains set of chars to be found @param aoffset tells us where in this string to start searching (counting from left) @return offset in string, or knotfound parameters char* astring print32 aoffset print32 findcharinset(const
nsstring&, print32) const - source parameters
nsstring& astring print32 aoffset print32 findcharinset(const prunichar*, print32) const - source parameters prunichar* astring print32 aoffset rfindcharinset print32 rfindcharinset(const prunichar*, print32) const - source this method searches this string for the last character found in the given string.
...And 8 more matches
nsAutoString
- source constructors void nsautostring(prunichar) - source parameters prunichar c void nsautostring(const prunichar*, pruint32) - source parameters prunichar* data pruint32 length void nsautostring(const nsautostring&) - source parameters nsautostring& str void nsautostring(const nsastring_internal&) - source parameters nsastring_internal& str void nsautostring(const
nssubstringtuple&) - source parameters
nssubstringtuple& tuple operator= nsautostring& operator=(const nsautostring&) - source parameters nsautostring& str
nsstring& operator=(const
nsstring&) - source parameters
nsstring& str nsastring_internal& operator=(prunichar) - source parameters prunichar c nsastring_internal& operator=(const prunichar*) - source parameters prun...
...ichar* data nsastring_internal& operator=(const nsastring_internal&) - source parameters nsastring_internal& str nsastring_internal& operator=(const
nssubstringtuple&) - source parameters
nssubstringtuple& tuple get prunichar* get() const - source returns the null-terminated string find print32 find(const nscstring&, prbool, print32, print32) const - source search for the given substring within this string.
... @param astring contains set of chars to be found @param aoffset tells us where in this string to start searching (counting from left) @return offset in string, or knotfound parameters char* astring print32 aoffset print32 findcharinset(const
nsstring&, print32) const - source parameters
nsstring& astring print32 aoffset print32 findcharinset(const prunichar*, print32) const - source parameters prunichar* astring print32 aoffset rfindcharinset print32 rfindcharinset(const prunichar*, print32) const - source this method searches this string for the last character found in the given string.
...And 8 more matches
nsPromiseFlatString
eral(const char lowercaseequalsliteral(char assign assignascii assignliteral(const char assignliteral(char adopt replace replaceascii append appendascii appendliteral(const char appendliteral(char operator+= insert cut setcapacity setlength truncate getdata getmutabledata setisvoid stripchar base classes
nsstring data members no public members.
... methods constructors void nspromiseflatstring(const nsastring_internal&) - source parameters nsastring_internal& str void nspromiseflatstring(const
nssubstringtuple&) - source parameters
nssubstringtuple& tuple operator=
nsstring& operator=(const
nsstring&) - source parameters
nsstring& str nsastring_internal& operator=(prunichar) - source parameters prunichar c nsastring_internal& operator=(const prunichar*) - source parameters prunichar* data nsastring_internal& operator=(const nsastring_internal&) - source parameters nsastring_internal& str nsastring_internal& operator=(const
nssubstringtuple&) - source parameters
nssubstringtuple& tuple get prunichar* get() const - source returns the null-terminated string find print32 find(c...
... @param astring contains set of chars to be found @param aoffset tells us where in this string to start searching (counting from left) @return offset in string, or knotfound parameters char* astring print32 aoffset print32 findcharinset(const
nsstring&, print32) const - source parameters
nsstring& astring print32 aoffset print32 findcharinset(const prunichar*, print32) const - source parameters prunichar* astring print32 aoffset rfindcharinset print32 rfindcharinset(const prunichar*, print32) const - source this method searches this string for the last character found in the given string.
...And 8 more matches
Signing an extension - Archive of obsolete content
get the signing tool we use
nss to sign an extension.
... sudo port install
nss export your certificate if you have your certificate in firefox, export it by following the steps below.
... mkdir keystore cd keystore
nss-certutil -n -d .
...And 7 more matches
List of Mozilla-Based Applications - Archive of obsolete content
name description additional information 389 directory server ldap server uses
nss a380 seatback entertainment system media software this blog post mentions a reference to mozilla being used but i couldn't find more information about it.
... abstract accounting tool adobe acrobat and adobe reader portable document format (pdf) software uses mozilla spidermonkey adobe flash player popular browser plug-in uses
nss in linux version adwatch content management system uses xul and xpcom aicpcu/iia exam app exam delivery software aliwal geocoder geocoding & data on a map amarok xul remote remote control for amarok music player ample sdk javascript gui-framework aol instant messenger im client uses
nss apache web server doesn't use
nss by default, but can be configured to use
nss with mod_
nss ssl module apicawatch site performance monitoring tool uses firefox as part of...
... celtx media tool cenzic hailstorm vulnerability assessment and management tool uses gecko chatzilla irc client standalone version (xulrunner) chromium and google chrome web browser uses mozilla
nss and npapi libraries chromeless browser with html-based interface classilla mozilla browser for mac os 9 clines a clone of color lines (game) standalone version cloud web operating system cloud browse iphone/ipad/ipod touch browser seems to be firefox running remotely on servers that people access through device ...
...And 7 more matches
sslintro.html
upgraded documentation may be found in the current
nss reference overview of an ssl application chapter 1 overview of an ssl application ssl and related apis allow compliant applications to configure sockets for authenticated, tamper-proof, and encrypted communications.
... warning: some of the ssl header files provided as part of
nss 2.0 include both public apis documented in the
nss 2.0 documentation set and private apis intended for internal use by the
nss implementation of ssl.
...must be called before any other
nss functions.
...And 7 more matches
WebIDL bindings
<js::value> js::mutablehandle<js::value> js::value boolean bool bool bool byte int8_t int8_t int8_t bytestring const nsacstring& nscstring& (outparam) nsacstring& (outparam) nscstring date mozilla::dom::date domstring const nsastring& mozilla::dom::domstring& (outparam) nsastring& (outparam)
nsstring& (outparam)
nsstring utf8string const nsacstring& nsacstring& (outparam) nscstring double double double double float float float float interface: non-nullable foo& already_addrefed<foo> foo* owningnonnull<foo> interface: nullable foo* already_addrefed<foo> foo* refptr<foo> ...
... unrestricted double double double double unrestricted float float float float unsigned long uint32_t uint32_t uint32_t unsigned long long uint64_t uint64_t uint64_t unsigned short uint16_t uint16_t uint16_t usvstring const nsastring& mozilla::dom::domstring& (outparam) nsastring& (outparam)
nsstring& (outparam)
nsstring any any is represented in three different ways, depending on use: any arguments become js::handle<js::value>.
...note that this allows callees to declare their methods as taking an nsastring& or
nsstring& if desired.
...And 7 more matches
NSPR functions
nss uses nspr internally as the porting layer.
... however, a small number of nspr functions are required for using the certificate verification and ssl functions in
nss.
... pr_cleanup error reporting
nss uses nspr's thread-specific error code to report errors.
...And 6 more matches
OLD SSL Reference
upgraded documentation may be found in the current
nss reference ssl reference newsgroup: mozilla.dev.tech.crypto writer: sean cotter manager: wan-teh chang chapter 1 overview of an ssl application ssl and related apis allow compliant applications to configure sockets for authenticated, tamper-proof, and encrypted communications.
... initialization initializing caches configuration communication functions used by callbacks cleanup chapter 2 getting started with ssl this chapter describes how to set up your environment, including certificate and key databases, to run the
nss sample code.
... ssl, pkcs #11, and the default security databases setting up the certificate and key databases setting up the ca db and certificate setting up the server db and certificate setting up the client db and certificate verifying the server and client certificates building
nss programs chapter 3 selected ssl types and structures this chapter describes some of the most important types and structures used with the functions described in the rest of this document, and how to manage the memory used for them.
...And 6 more matches
nsAString_internal
<map id="classes" name="classes"> <area alt="" coords="415,5,553,53" href="http://developer.mozilla.org/en/nsastring_internal" shape="rect" title="nsastring_internal"> <area alt="" coords="379,101,451,149" href="http://developer.mozilla.org/en/
nsstring" shape="rect" title="
nsstring"> <area alt="" coords="475,101,635,149" href="http://developer.mozilla.org/en/nsdependentsubstring" shape="rect" title="nsdependentsubstring"> <area alt="" coords="151,197,257,245" href="http://developer.mozilla.org/en/nsfixedstring" shape="rect" title="nsfixedstring"> <area alt="" coords="284,197,396,245" href="http://developer.mozilla.org/en/nsxpidlstring" sha...
... methods constructors void nsastring_internal(const
nssubstringtuple&) - source this is public to support automatic conversion of tuple to string base type, which helps avoid converting to nstastring.
... parameters
nssubstringtuple& tuple void nsastring_internal(prunichar*, pruint32, pruint32) - source parameters prunichar* data pruint32 length pruint32 flags beginreading prunichar* beginreading() const - source reading iterators nsreadingiterator<short unsigned int>& beginreading(nsreadingiterator<short unsigned int>&) const - source deprecated reading iterators parameters nsreadingiterator<short unsigned int>& iter prunichar*& beginreading(const prunichar*&) const - source parameters prunichar*& iter endreading prunichar* endreading() const - source nsreadingiterator<short unsigned int>& endreading(nsreadingiterator<short unsigned int>&) const - source parameters nsreadingiterator<short unsigned int>& iter prunichar*& endreading(const prunichar*&)...
...And 6 more matches
Space Manager Detailed Design - Archive of obsolete content
nsspacemanager the space manager is the central class is a group of classes that manage the occupied and available space that exists in horizontal bands across a canvas.
...the class
nsspacemanager is declared in the file
nsspacemanger.h.
... */ class
nsspacemanager { public:
nsspacemanager(nsipresshell* apresshell, nsiframe* aframe); ~
nsspacemanager(); void* operator new(size_t asize); void operator delete(void* aptr, size_t asize); static void shutdown(); /* * get the frame that's associated with the space manager.
...And 5 more matches
Using JSS
gather components setup your runtime environment initialize jss in your application gather components you need the jss classes and the nspr,
nss, and jss shared libraries.
... nspr and
nss shared libraries jss uses the nspr and
nss libraries for i/o and crypto.
... jss version 3.0 linked statically with
nss, so it only required nspr.
...And 5 more matches
Migration to HG
the nspr,
nss and related projects have stopped using mozilla'a cvs server, but have migrated to mozilla's hg (mercurial) server.
... each project now lives in its own separate space, they can be found at: https://hg.mozilla.org/projects/nspr/ https://hg.mozilla.org/projects/
nss/ https://hg.mozilla.org/projects/jss/ https://hg.mozilla.org/projects/python-
nss/ this migration has been used as an opportunity to change the layout of the source directories.
... likewise for
nss and jss, "mozilla/security" has been removed and files now live at the top level.
...And 5 more matches
Index
157
nsscriptableinputstream components, components:frozen, xpcom, xpcom api reference a component implementing nsiscriptableinputstream.
...these values map onto the values defined in mozilla/security/
nss/lib/softoken/pkcs11t.h and are switched to ckm_*_hmac constant.
...the values map directly onto the values defined in mozilla/security/
nss/lib/cryptohi/hasht.h.
...And 5 more matches
nsIDBFolderInfo
eanproperty(in string propertyname, in boolean defaultvalue); void getcharacterset(out acstring charset, out boolean overriden); void getcharactersetoverride(out boolean charactersetoverride); obsolete since gecko 1.8 string getcharptrcharacterset(); string getcharptrproperty(in string propertyname); void getlocale(in
nsstring result); native code only!
... obsolete since gecko 1.8 void getmailboxname(in
nsstring boxname); native code only!
...rtyname, in boolean apropertyvalue); void setcharacterset(in string charset); void setcharactersetoverride(in boolean charactersetoverride); obsolete since gecko 1.8 void setcharptrproperty(in string apropertyname, in string apropertyvalue); void sethighwater(in nsmsgkey highwater, in boolean force); void setlocale(in
nsstring locale); native code only!
...And 5 more matches
Migrating from Internal Linkage to Frozen Linkage - Archive of obsolete content
- #include "nsastring.h"- #include "
nsstring.h"- #include "nsreadableutils.h"- #include "nsescape.h" + #include "
nsstringapi.h" on windows, if you see the following error, you are including a header you shouldn't be:
nsstringfwd.h(60) : fatal error c1001: internal compiler error to debug this error, make in the failing directory, adding the /showincludes directive to figure out what is being included incorrectly: make -c directory/that/failed os_cppflags=-showi...
...the frozen string api does not have (or need) nsxpidlstring: - nsxpidlstring value; +
nsstring value; ptr->gettermethod(getter_copies(value)); - const prunichar *strvalue = value; + //
nsstring doesn't cast directly to prunichar*, use .get()+ const prunichar *strvalue = value.get(); the frozen string api doesn't accept a length for .truncate().
... use .setlength() instead:
nsstring mystring = somestring; - mystring.truncate(4); + mystring.setlength(4); the frozen string api doesn't support the iterator or const_iterator classes, but you can use pointers the same way:
nsstring mystring = somestring; -
nsstring::const_iterator begin, end;- mystring.beginreading(begin); mystring.endreading(end); + const prunichar *begin, *end;+ mystring.beginreading(&begin, &end); the frozen string api uses comparator functions instead of a virtual comparator class.
...And 4 more matches
HTML parser threading
attribute values, public identifiers (in doctype) and system identifiers (in doctype) are heap-allocated
nsstring objects (i.e.
... pointed to by
nsstring*!).
... attribute values
nsstrings are deleted by the attribute holder when it gets deleted.
...And 4 more matches
JavaScript-DOM Prototypes in Mozilla
this registration is done with the
nsscriptnamespacemanager, which is in charge of keeping track of what names are registered in the global namespace, and what kinds of names those names are (i.e.
...when a class constructor name is registered (nsglobalnamestruct::etypeclassconstructor), the
nsscriptnamespacemanager is given a dom class info id (a 32 bit id that identifies class info defined in nsdomclassinfo).
... when a class prototype name is registered (nsglobalnamestruct::etypeclassproto), the
nsscriptnamespacemanager is given the nsiid of the interface that is inherited by the class which the registered name is a prototype of (e.g.
...And 4 more matches
Enc Dec MAC Output Public Key as CSR
nss sample code 5: encryption/decryption and mac and output public as a csr.
...*/ /* nspr headers */ #include #include #include #include #include #include #include /*
nss headers */ #include #include #include #include #include #include #include #include #include #include #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define default_key_bits 1024 #define cipher_header "-----begin cipher---...
...--begin new certificate request-----" #define ns_certreq_trailer "-----end new certificate request-----" typedef enum { gen_csr, encrypt, decrypt, unknown } commandtype; typedef enum { symkey = 0, mackey = 1, iv = 2, mac = 3, pad = 4, pubkey = 5, lab = 6 } headertype; /* this is conditionalized because port_errortostring was introduced with
nss 3.13.
...And 4 more matches
sslcrt.html
upgraded documentation may be found in the current
nss reference certificate functions chapter 5 certificate functions this chapter describes the functions and related types used to work with a certificate database such as the cert7.db database provided with communicator.
... validating certificates manipulating certificates getting certificate information comparing secitem objects validating certificates cert_verifycertnow cert_verifycertname cert_checkcertvalidtimes
nss_cmpcertchainwcanames cert_verifycertnow checks that the current date is within the certificate's validity period and that the ca signature on the certificate is valid.
... returns the function returns an enumerator of type seccerttimevalidity: typedef enum { seccerttimevalid, seccerttimeexpired, seccerttimenotvalidyet } seccerttimevalidity;
nss_cmpcertchainwcanames determines whether any of the signers in the certificate chain for a specified certificate are on a specified list of ca names.
...And 4 more matches
NS_StringContainerInit
« xpcom api reference summary the ns_stringcontainerinit function initializes a
nsstringcontainer instance for use as a nsastring.
... #include "
nsstringapi.h" nsresult ns_stringcontainerinit(
nsstringcontainer& astring ); parameters astring [in] a
nsstringcontainer instance to be initialized.
...remarks the
nsstringcontainer structure has unspecified size and layout.
...And 4 more matches
Index - Archive of obsolete content
495 generatecrmfrequest()
nss this method will generate a sequence of crmf requests that has n requests.
... 496 importusercertificates
nss the importusercertificates() method is used to import newly issued certificates for the user.
... 497 popchallengeresponse
nss the resultstring will either be a base-64 encoded popodeckeyrespcontent message, or one of the following error strings: 498 jetpack 499 basics writes some information to the error console.
...And 3 more matches
Tamarin build documentation - Archive of obsolete content
if you have trouble starting the app try this: $ export android_swt=$android_build_top/android-sdk-mac_86/tools/lib/x86_64 where $android_build_top is the full path to your sdk/ndk top folder - get the ope
nssl-0.9.8r.tar (ope
nssl-1.0.0c.tar.gz won't work) ope
nssl files from http://www.ope
nssl.org (use the source link on the left).
... unzip the file and put the /ope
nssl main folder under your sdk/ndk top folder.
... make sure its name is just "ope
nssl".
...And 3 more matches
Mozilla Style System Documentation
style context management a style context (class
nsstylecontext, currently also interface nsistylecontext although the interface should go away when all of the style systems can be moved back into the layout dll) represents the style data for a css formatting object.
...the structs are listed in,
nsstylestruct.hand the many of the values are in
nsstyleconsts.h.
... the fundamental way to get a style struct from a style context looks like this: const
nsstyledisplay *display = ns_static_cast(const
nsstyledisplay*, sc->getstyledata(estylestruct_display)); there is also a (non-virtual) method on nsiframe to get the style data from a frame's style context (saving the refcounting needed to get the style context): const
nsstyledisplay *display; frame->getstyledata(estylestruct_display, (const
nsstylestruct*&)display); however, there are similar typesafe global function templates that (should) compile to the same thing bu...
...And 3 more matches
4.3.1 Release Notes
new in jss 4.3.1 a list of bug fixes and enhancement requests were implemented in this release can be obtained by running this bugzilla query jss 4.3.1 requires
nss 3.12.5 or higher.
...all ssl/tls renegotiation is disabled by default in
nss 3.12.5 and therefore will be disabled by default with jss 4.3.1.
...if an application depends on renegotiation feature, it can be enabled by setting the environment variable
nss_ssl_enable_renegotiation to 1.
...And 3 more matches
4.3 Release Notes
release date: 01 april 2009 introduction network security services for java (jss) 4.3 is a minor release with the following new features: sqlite-based shareable certificate and key databases libpkix: an rfc 3280 compliant certificate path validation library pkcs11 needslogin method support hmacsha256, hmacsha384, and hmacsha512 support for all
nss 3.12 initialization options jss 4.3 is tri-licensed under mpl 1.1/gpl 2.0/lgpl 2.1.
... new in jss 4.3 a list of bug fixes and enhancement requests were implemented in this release can be obtained by running this bugzilla query jss 4.3 requires
nss 3.12 or higher.
... new sqlite-based shareable certificate and key databases by prepending the string "sql:" to the directory path passed to configdir parameter for crypomanager.initialize method or using the
nss environment variable
nss_default_db_type.
...And 3 more matches
Hashing - sample 1
nss sample code 1: hashing.
... the
nss same code below computes the hash of a file and saves it to another file, this illustrates the use of
nss message apis.
...*/ /* nspr headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> /*
nss headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> #include <
nss.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5", sec_oid_md5 }, { "sha1", sec_oid_sha1 }, { "sha256", sec_oid_sha256 }, { "sha384", sec_oid_sha384 }, { "sha512", sec_oid_sha512 } }; /* * maps a hash name to a secoidtag.
...And 3 more matches
sample2
*/ /* nspr headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /*
nss headers */ #include <cryptohi.h> #include <keyhi.h> #include <pk11priv.h> #include <cert.h> #include <base64.h> #include <secerr.h> #include <secport.h> #include <secoid.h> #include <secmodt.h> #include <secoidt.h> #include <sechash.h> /* our samples utilities */ #include "util.h" /* constants */ #define blocksize 32 #define modblocksize 128 #define default_key_bits 1024 /* header file constants */ #define enckey...
..." #define ns_cert_vfy_header "-----begin certificate for signature verification-----" #define ns_cert_vfy_trailer "-----end certificate for signature verification-----" #define ns_sig_header "-----begin signature-----" #define ns_sig_trailer "-----end signature-----" #define ns_cert_header "-----begin certificate-----" #define ns_cert_trailer "-----end certificate-----" /* missing publically from
nss versions earlier than 3.13 */ #ifndef sec_error_base #define sec_error_base (-0x2000) typedef enum { sec_error_io = sec_error_base + 0, sec_error_token_not_logged_in = (sec_error_base + 155), sec_error_end_of_list } secerrorcodes; #endif /* port_errortostring introduced in
nss 3.13.
... on earlier versions of
nss that * don't support error tables, pr_errortostring will return "unknown code".
...And 3 more matches
nsDependentSubstring
ource countchar pruint32 countchar(prunichar) const - source parameters prunichar <anonymous> findchar print32 findchar(prunichar, pruint32) const - source parameters prunichar <anonymous> pruint32 offset equals prbool equals(const nsastring_internal&) const - source equality parameters nsastring_internal& <anonymous> prbool equals(const nsastring_internal&, const
nsstringcomparator&) const - source parameters nsastring_internal& <anonymous>
nsstringcomparator& <anonymous> prbool equals(const prunichar*) const - source parameters prunichar* data prbool equals(const prunichar*, const
nsstringcomparator&) const - source parameters prunichar* data
nsstringcomparator& comp equalsascii prbool equalsascii(const char*, pruint32) const - source ...
... source lowercaseequalsliteral(char prbool lowercaseequalsliteral(char (&)[n]) const - source assign void assign(prunichar) - source assignment parameters prunichar c void assign(const prunichar*, pruint32) - source parameters prunichar* data pruint32 length void assign(const nsastring_internal&) - source parameters nsastring_internal& <anonymous> void assign(const
nssubstringtuple&) - source parameters
nssubstringtuple& <anonymous> assignascii void assignascii(const char*, pruint32) - source parameters char* data pruint32 length void assignascii(const char*) - source parameters char* data assignliteral(const char void assignliteral(const char (&)[n]) - source assignliteral(char void assignliteral(char (&)[n]) - source oper...
...ator= nsastring_internal& operator=(prunichar) - source parameters prunichar c nsastring_internal& operator=(const prunichar*) - source parameters prunichar* data nsastring_internal& operator=(const nsastring_internal&) - source parameters nsastring_internal& str nsastring_internal& operator=(const
nssubstringtuple&) - source parameters
nssubstringtuple& tuple adopt void adopt(prunichar*, pruint32) - source parameters prunichar* data pruint32 length replace void replace(pruint32, pruint32, prunichar) - source buffer manipulation parameters pruint32 cutstart pruint32 cutlength prunichar c void replace(pruint32, pruint32, const prunichar*, pruint32) - source parameters pruint32 cutstart pruint32 cutlength prunichar* data pruint32 length void r...
...And 3 more matches
Space Manager High Level Design - Archive of obsolete content
the classes that are considered part of the space manager are:
nsspacemanager nsbanddata nsblockbanddata bandrect / bandlist (private structs) frameinfo (private struct) nsbandtrapezoid outside of the space manager itself, the clients of the space manager also play an important part in the management of he available and used space.
... data model class/component diagram
nsspacemanager: the central point of management of the space taken up by floats in a block nsbanddata: provides information about the frames occupying a band of occupied or available space nsblockbanddata: a specialization of nsbanddata that is used by nsblockreflowstate to determine the available space, float impacts, and where floats are cleared.
...t frame that is get from the passed nsfloatcache argument is reflowed and its rect is retrieved with getrect; the floats margins are added; check if the float can be placed in the actual band: if not advance to the next band; check the float type and if it can be added to the space manager; align the float to its containing block top if rule css2/9.5.1/4 is not respected; add the float using
nsspacemanager::addrectregion compare the area that the float used to occupy with the area that it now occupies: if different, record the vertically affected interval using
nsspacemanager::includeindamage use case 3: space manager is used to find available space to reflow into the nsblockframe makes use of the space manager indirectly to get the available space to reflow a child block or inline f...
...And 2 more matches
URIs and URLs - Archive of obsolete content
nssimpleuri one implementation of nsiuri is
nssimpleuri which is the basis for protocols like "about".
...
nssimpleuri contains setters and getters for the uri and the components of an uri: scheme and path (non-scheme).
...
nsstandardurl the most important implementation of nsiurl is
nsstandardurl which is the basis for protocols like http, ftp, ...
...And 2 more matches
Implementing controls using the Gamepad API - Game development
the second one is fired when a gamepad is disconnected (either physically by the user or due to inactivity.) in the demo, the gamepadapi object is used to store everything related to the api: var gamepadapi = { controller: {}, turbo: false, connect: function() {}, disconnect: function() {}, update: function() {}, buttonpressed: function() {}, buttons: [], buttonscache: [], butto
nsstatus: [], axesstatus: [] }; the buttons array contains the xbox 360 button layout: buttons: [ 'dpad-up','dpad-down','dpad-left','dpad-right', 'start','back','axis-left','axis-right', 'lb','rb','power','a','b','x','y', ], this can be different for other types of gamepads like the ps3 controller (or a no-name, generic one), so you have to be careful and not just assume the button you're ...
...update() is executed on every frame inside the game loop, to update the actual status of the gamepad object regularly: update: function() { // clear the buttons cache gamepadapi.buttonscache = []; // move the buttons status from the previous frame to the cache for(var k=0; k<gamepadapi.butto
nsstatus.length; k++) { gamepadapi.buttonscache[k] = gamepadapi.butto
nsstatus[k]; } // clear the buttons status gamepadapi.butto
nsstatus = []; // get the gamepad object var c = gamepadapi.controller || {}; // loop through buttons and push the pressed ones to the array var pressed = []; if(c.buttons) { for(var b=0,t=c.buttons.length; b<t; b++) { if(c.buttons[b].pressed) ...
...{ pressed.push(gamepadapi.buttons[b]); } } } // loop through axes and push their values to the array var axes = []; if(c.axes) { for(var a=0,x=c.axes.length; a<x; a++) { axes.push(c.axes[a].tofixed(2)); } } // assign received values gamepadapi.axesstatus = axes; gamepadapi.butto
nsstatus = pressed; // return buttons for debugging purposes return pressed; }, on every frame, update() saves buttons pressed during the previous frame to the buttonscache array and takes fresh ones from the gamepadapi.controller object.
...And 2 more matches
Adding a new CSS property
so first, you need to add a member variable (or variables) to the chosen style struct in
nsstylestruct.h and fix the default constructor and the copy constructor of that struct in
nsstylestruct.cpp.
... if this variable needs to be a tagged union, use
nsstylecoord.
... but don't use
nsstylecoord if you only need a single type that
nsstylecoord provides.
...And 2 more matches
HTTP logging
press the enter key after each one.: for 64-bit windows: set moz_log=timestamp,rotate:200,nshttp:5,cache2:5,
nssockettransport:5,nshostresolver:5,cookie:5 set moz_log_file=%temp%\log.txt "c:\program files\mozilla firefox\firefox.exe" for 32-bit windows: set moz_log=timestamp,rotate:200,nshttp:5,cache2:5,
nssockettransport:5,nshostresolver:5,cookie:5 set moz_log_file=%temp%\log.txt "c:\program files (x86)\mozilla firefox\firefox.exe" (these instructions assume that you installed firefox to the default...
... export moz_log=timestamp,rotate:200,nshttp:5,cache2:5,
nssockettransport:5,nshostresolver:5,cookie:5 export moz_log_file=/tmp/log.txt cd /path/to/firefox ./firefox reproduce the problem you're debugging.
... export moz_log=timestamp,rotate:200,nshttp:5,cache2:5,
nssockettransport:5,nshostresolver:5,cookie:5 export moz_log_file=~/desktop/log.txt cd /applications/firefox.app/contents/macos ./firefox-bin (the instructions assume that you've installed firefox directly into your startup disk's applications folder.
...And 2 more matches
Encrypt Decrypt MAC Keys As Session Objects
nss sample code 4: encryption/decryption and mac keys using session.
...*/ /* nspr headers */ #include #include #include #include #include #include #include /*
nss headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header "-----begin aeskey ckaid-----" #define enckey_trailer "-----...
...*/ rv =
nss_initreadwrite(dbdir); if (rv != secsuccess) { pr_fprintf(pr_stderr, "
nss_initreadwrite failed\n"); goto cleanup; } pk11_setpasswordfunc(getmodulepassword); slot = pk11_getinternalkeyslot(); if (pk11_needlogin(slot)) { rv = pk11_authenticate(slot, pr_true, &pwdata); if (rv != secsuccess) { pr_f...
...And 2 more matches
Encrypt and decrypt MAC using token
nss sample code 3: encryption/decryption and mac using token object.
...*/ /* nspr headers */ #include #include #include #include #include #include #include /*
nss headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header "-----begin aeskey ckaid-----" #define enckey_trailer "---...
...*/ rv =
nss_initreadwrite(dbdir); if (rv != secsuccess) { pr_fprintf(pr_stderr, "
nss_initreadwrite failed\n"); goto cleanup; } pk11_setpasswordfunc(getmodulepassword); slot = pk11_getinternalkeyslot(); if (pk11_needlogin(slot)) { rv = pk11_authenticate(slot, pr_true, &pwdata); if (rv != secsuccess) { pr_f...
...And 2 more matches
Enc Dec MAC Using Key Wrap CertReq PKCS10 CSR
nss sample code 6: encryption/decryption and mac and output public as a pkcs 11 csr.
...*/ /* nspr headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /*
nss headers */ #include <keyhi.h> #include <pk11priv.h> /* our samples utilities */ #include "util.h" /* constants */ #define blocksize 32 #define modblocksize 128 #define default_key_bits 1024 /* header file constants */ #define enckey_header "-----begin wrapped enckey-----" #define enckey_trailer "-----end wrapped enckey-----" #define mackey_head...
...&req->subject : &issuercert->subject), validity, req); cert_destroyvalidity(validity); } cleanup: if ( issuercert ) { cert_destroycertificate (issuercert); } return cert; } /* * add a certificate to the
nss database */ secstatus addcert(pk11slotinfo *slot, certcertdbhandle *handle, const char *name, char *trusts, char *infilename, prbool ascii, prbool emailcert, void *pwdata) { secitem certder; secstatus rv; certcerttrust *trust = null; certcertificate *cert = null; certder.data = null; /* read in the entire file specified with the...
...And 2 more matches
Encrypt Decrypt_MAC_Using Token
nss sample code 3: encryption/decryption and mac using token object.
...*/ /* nspr headers */ #include #include #include #include #include #include #include /*
nss headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header "-----begin aeskey ckaid-----" #define enckey_trailer "---...
...*/ rv =
nss_initreadwrite(dbdir); if (rv != secsuccess) { pr_fprintf(pr_stderr, "
nss_initreadwrite failed\n"); goto cleanup; } pk11_setpasswordfunc(getmodulepassword); slot = pk11_getinternalkeyslot(); if (pk11_needlogin(slot)) { rv = pk11_authenticate(slot, pr_true, &pwdata); if (rv != secsuccess) { pr_f...
...And 2 more matches
EncDecMAC using token object - sample 3
encdecmac using token object example: <h2 id="
nss_sample_code_3_hashing.">
nss sample code 3: enc/dec/mac using token object id.</h2> <p class="summary">computes the hash of a file and saves it to another file, illustrates the use of
nss message apis.</p> <pre class="brush: cpp"> /* this source code form is subject to the terms of the mozilla public * license, v.
...*/ /* nspr headers */ #include #include #include #include #include #include #include /*
nss headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_header "-----begin aeskey ckaid-----" #define enckey_trailer "-----end aeskey ckaid-----" #define mackey_header "-----begin mackey ckaid-----" #define mackey_trailer "-----end mackey ckaid-----" #define iv_header "-----begin iv-----" #define iv_trailer "-----end iv-----" #define mac_header "...
...*/ rv =
nss_initreadwrite(dbdir); if (rv != secsuccess) { pr_fprintf(pr_stderr, "
nss_initreadwrite failed\n"); goto cleanup; } pk11_setpasswordfunc(getmodulepassword); slot = pk11_getinternalkeyslot(); if (pk11_needlogin(slot)) { rv = pk11_authenticate(slot, pr_true, &pwdata); if (rv != secsuccess) { pr_fprintf(pr_stderr, "could not authenticate to token %s.\n", pk11_gettokenname(slot)); goto cleanup; } } rv...
...And 2 more matches
pkfnc.html
upgraded documentation may be found in the current
nss reference pkcs #11 functions chapter 7 pkcs #11 functions this chapter describes the core pkcs #11 functions that an application needs for communicating with cryptographic modules.
... pk11_setpasswordfunc defines a callback function used by the
nss libraries whenever information protected by a password needs to be retrieved from the key or certificate databases.
...the callback function is identified in a call to pk11_setpasswordfunc that takes place during
nss initialization.
...And 2 more matches
sslerr.html
upgraded documentation may be found in the current
nss reference
nss and ssl error codes chapter 8
nss and ssl error codes
nss error codes are retrieved using the nspr function pr_geterror.
... ssl_error_unsupported_version -12279 "peer using unsupported version of security protocol." on a client socket, this means the remote server has attempted to negotiate the use of a version of ssl that is not supported by the
nss library, probably an invalid version number.
...if it does, it indicates a flaw in the
nss ssl library.
...And 2 more matches
Utility functions
the
nss version column indicates which versions of
nss support the function.
... function name/documentation source code
nss versions atob_asciitodata mxr deprecated 3.2 use
nssbase64_decodebuffer atob_convertasciitoitem mxr deprecated 3.2 use
nssbase64_decodebuffer btoa_convertitemtoascii mxr deprecated 3.2 use
nssbase64_encodeitem btoa_datatoascii mxr deprecated 3.2 use
nssbase64_encodeitem der_asciitotime mxr 3.5 and later der_decodetimechoice mxr 3.9 and later der_encode mxr 3.4 and later der_encodetimechoice mxr 3.9 and later der_generalizedtimetotime mxr 3.2 and later der_get...
...later hash_gettype mxr 3.12 and later hash_hashbuf mxr 3.10 and later hash_resultlen mxr 3.4 and later hash_resultlenbyoidtag mxr 3.10 and later hash_resultlencontext mxr 3.10 and later hash_update mxr 3.4 and later
nss_init mxr 3.2 and later
nss_initialize mxr 3.2 and later
nss_initreadwrite mxr 3.2 and later
nss_initwithmerge mxr 3.12 and later
nss_isinitialized mxr 3.9.2 and later
nss_nodb_init mxr 3.2 and later
nss_putenv mxr 3.2 a...
...And 2 more matches
XPCOM Stream Guide
primitive input streams type native class contract id interface how to bind to a data source generic
nsstorageinputstream n/a nsiinputstream, nsiseekablestream storagestream.newinputstream(); string (8-bit characters)
nsstringstream @mozilla.org/io/string-input-stream;1 nsistringinputstream stream.setdata(data, length); file nsfileinputstream @mozilla.org/network/file-input-stream;1 nsifileinputstream stream.init(file, ioflags, perm, behavi...
... primitive output streams type native class contract id interface how to bind to a data target generic
nsstoragestream @mozilla.org/storagestream;1 nsistoragestream stream.getoutputstream(); // returns nsioutputstream file nsfileoutputstream @mozilla.org/network/file-output-stream;1 nsifileoutputstream stream.init(file, ioflags, perm, behaviorflags); file
nssafefileoutputstream @mozilla.org/network/safe-file-output-stream;1 nsisafefileoutputstream, nsifileoutputstream stream.init(file, ioflags, perm, behaviorflags); ...
... this can mean if you have characters beyond ascii code 255, you risk losing data using
nsstringstream, for example.
...And 2 more matches
Eclipse CDT
for example, in content/svg/content/src/
nssvgellipseelement.cpp eclipse shows a parse error due to ns_dom_interface_map_entry_classinfo not being defined.
... this define is in nsdomclassinfoid.h, which is included via the following include chain: content/svg/content/src/
nssvgellipseelement.cpp content/svg/content/src/
nssvgpathgeometryelement.h content/svg/content/src/
nssvggraphicelement.h content/svg/content/src/
nssvgstylableelement.h content/svg/content/src/
nssvgelement.h content/base/src/nsgenericelement.h obj-debug/dist/include/nsdomclassinfoid.h in nsdomclassinfoid.h the ns_dom_interface_map_entry_classinfo define is behind an |ifdef _impl_ns_layout|.
... the properties for
nssvgellipseelement.cpp show that this define was picked up by the build option discovery and set on
nssvgellipseelement.cpp, but somehow it's not set for nsdomclassinfoid.h.
... however, if you right click on nsdomclassinfoid.h in the project explorer and select "index > create parser log file", the log shows "context" is set to "accessible/src/base/accevent.cpp", not "content/svg/content/src/
nssvgellipseelement.cpp", and if you check the properties for accevent.cpp, indeed it is not built with the _impl_ns_layout define.
Build instructions for JSS 4.3.x
build instructions for jss 4.3.x newsgroup: mozilla.dev.tech.crypto before building jss, you need to set up your system as follows: build nspr/
nss by following the nspr/
nss build instructions, to check that
nss built correctly, run all.sh (in mozilla/security/
nss/tests) and examine the results (in mozilla/test_results/security/computername.#/results.html.
... unix setenv java_home /usr/local/jdk1.5.0 (or wherever your jdk is installed) windows set java_home=c:\programs\jdk1.5.0 (or wherever your jdk is installed) windows (cygnus) java_home=/cygdrive/c/programs/jdk1.5.0 (or wherever your jdk is installed) export java_home windows build configurations winnt vs win95 as of
nss 3.15.4, nspr/
nss/jss build generates a "win95" configuration by default on windows.
...to generate a "winnt" configuration, set os_target=winnt and build nspr/
nss/jss win95.
...please see howto_successfully_compile_jss_and_
nss_for_32_and_64_bits_on_osx_10.6_(10.6.7) for contributed instructions.
JSS 4.4.0 Release Notes
jss 4.4.0 requires netswork security services (
nss) 3.29.1 and netscape portable runtime (nspr) 4.13.1 or newer.
... support for tls v1.1 and tls v1.2 via
nss though jss.
... bugs fixed in jss 4.4.0 this bugzilla query returns all the bugs fixed in
nss 4.4.0: https://bugzilla.mozilla.org/buglist.cgi?product=jss&target_milestone=4.4&target_milestone=4.4&bug_status=resolved&resolution=fixed documentation build instructions for jss at https://hg.mozilla.org/projects/jss/file/tip/readme platform information you can check out the source from mercurial via hg clone -r 055aa3ce8a61 https://hg.mozilla.org/projects/jss jss 4.4.0 works with openjdk versions 1.7 or higher we suggest the latest - openjdk 1.8.
... jss 4.4.0 requires
nss 3.12.5 or higher though
nss 3.28.3 is recommended.
sample1
/* nspr headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> #include <prprf.h> /*
nss headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5", sec_oid_md5 }, { "sha1", sec_oid_sha1 }, { "sha256", sec_oid_sha256 }, { "sha384", sec_oid_sha384 }, { "sha512", sec_oid_sha512 } }; /* maps a hash name to a secoidtag.
...it illustrates the use of
nss message apis.
...progname + 1 : argv[0]; rv =
nss_nodb_init("/tmp"); if (rv != secsuccess) { fprintf(stderr, "%s:
nss_init failed in directory %s\n", progname, "/tmp"); return -1; } /* parse command line arguments */ optstate = pl_createoptstate(argc, argv, "t:"); while ((status = pl_getnextopt(optstate)) == pl_opt_ok) { switch (optstate->option) { case 't': require_arg(optstate->option, optstate->value); hashname = strdup(optstate->value); break; ...
...hname); if (hashoidtag == sec_oid_unknown) { fprintf(stderr, "%s: invalid digest type - %s\n", progname, hashname); usage(progname); } /* digest it and print the result */ rv = digestfile(pr_stdout, pr_stdin, hashoidtag); if (rv != secsuccess) { fprintf(stderr, "%s: problem digesting data (%d)\n", progname, port_geterror()); } rv =
nss_shutdown(); if (rv != secsuccess) { exit(-1); } return 0; } ...
FC_Initialize
description fc_initialize initializes the
nss cryptographic module for the fips mode of operation.
...
nss_nodb_init(""), which initializes
nss with no databases: "configdir='' certprefix='' keyprefix='' secmod='' flags=readonly,nocertdb,nomod db,forceopen,optimizespace " mozilla firefox initializes
nss with this string (on windows): "configdir='c:\\documents and settings\\wtc\\application data\\mozilla\\firefox\\profiles\\default.7tt' certprefix='' keyprefix='' secmod='secmod.db' flags=optimizespa...
...the
nss cryptographic module always uses os locking and doesn't know how to use the lock functions provided by the application.
...the
nss cryptographic module is in a fatal error state.
troubleshoot.html
troubleshooting
nss and jss builds newsgroup: mozilla.dev.tech.crypto this page summarizes information on troubleshooting the
nss and jss build and test systems, including known problems and configuration suggestions.
... building
nss having /usr/ucb/bin in the path before /usr/ccs/bin breaks the build on 64-bit solaris.
... if the build fails early on the gmakein coreconf try updating your cvs tree with -p: cd mozilla cvs update -p building a 32-bit version on a 64-bit may fail with: /usr/include/features.h:324:26: fatal error: bits/predefs.h: no such file or directory in this case remember to set use_64=1 testing
nss the ssl stress test opens 2,048 tcp connections in quick succession.
...the current workaround is to use some other shell in place of shmsdos, such as sh.exe, which should be distributed with the cygnus toolkit you installed to build
nss.
sslkey.html
upgraded documentation may be found in the current
nss reference key functions chapter 6 key functions this chapter describes two functions used to manipulate private keys and key databases such as the key3.db database provided with communicator.
... seckey_getdefaultkeydb seckey_destroyprivatekey seckey_getdefaultkeydb returns a handle to the default key database opened by
nss_init.
... description
nss_init opens the certificate, key, and security module databases that you specify for use with
nss.
... seckeykeydbhandle returns a handle to the key database opened by
nss_init.
SSL functions
other sources of information: the
nss_reference documents the functions most commonly used by applications to support ssl.
... the
nss home page links to additional ssl documentation.
...the
nss version column indicates which versions of
nss support the function.
... function name/documentation source code
nss versions
nss_getclientauthdata mxr 3.2 and later
nss_setdomesticpolicy mxr 3.2 and later
nss_setexportpolicy mxr 3.2 and later
nss_setfrancepolicy mxr 3.2 and later
nssssl_versioncheck mxr 3.2.1 and later ssl_authcertificate mxr 3.2 and later ssl_authcertificatehook mxr 3.2 and later ssl_badcerthook mxr 3.2 and later ssl_certdbhandleset mxr 3.2 and later ssl_canbypass mxr 3.11.7 and later ssl_cipherpolicyget mxr 3.2 and later ssl_cipherpolicyset mxr 3.2 and later ssl_cipherprefget mxr 3.2 and later ssl_cipherprefgetdefault mxr ...
How to check the security state of an XMLHTTPRequest over SSL - Web APIs
const {cc,ci} = require("chrome"); function createtcperrorfromfailedxhr(xhr) { let status = xhr.channel.queryinterface(ci.nsirequest).status; let errtype; if ((status & 0xff0000) === 0x5a0000) { // security module const nsi
nsserrorsservice = ci.nsi
nsserrorsservice; let
nsserrorsservice = cc['@mozilla.org/
nss_errors_service;1'].getservice(nsi
nsserrorsservice); let errorclass; // geterrorclass will throw a generic ns_error_failure if the error code is // somehow not in the set of covered errors.
... try { errorclass =
nsserrorsservice.geterrorclass(status); } catch (ex) { //catching security protocol exception errorclass = 'securityprotocol'; } if (errorclass == nsi
nsserrorsservice.error_class_bad_cert) { errtype = 'securitycertificate'; } else { errtype = 'securityprotocol'; } //
nss_sec errors (happen below the base value because of negative vals) if ((status & 0xffff) < math.abs(nsi
nsserrorsservice.
nss_sec_error_base)) { // the bases are actually negative, so in our positive numeric space, we // need to subtract the base off our value.
... let
nsserr = math.abs(nsi
nsserrorsservice.
nss_sec_error_base) - (status & 0xffff); switch (
nsserr) { case 11: // sec_error_expired_certificate, sec(11) errname = 'securityexpiredcertificateerror'; break; case 12: // sec_error_revoked_certificate, sec(12) errname = 'securityrevokedcertificateerror'; break; // per bsmith, we will be unable to tell these errors apart very soon, // so it makes sense to just folder them all together already.
...(90) errname = 'securityinadequatekeyusageerror'; break; case 176: // sec_error_cert_signature_algorithm_disabled, sec(176) errname = 'securitycertificatesignaturealgorithmdisablederror'; break; default: errname = 'securityerror'; break; } } else { // calculating the difference let sslerr = math.abs(nsi
nsserrorsservice.
nss_ssl_error_base) - (status & 0xffff); switch (sslerr) { case 3: // ssl_error_no_certificate, ssl(3) errname = 'securitynocertificateerror'; break; case 4: // ssl_error_bad_certificate, ssl(4) errname = 'securitybadcertificateerror'; break; case 8: // ssl_error_unsupported_certificate_type, ssl(8) errn...
Using Dependent Libraries In Extension Components - Archive of obsolete content
+= \ $(dist)/lib/$(lib_prefix)xpcomglue_s.$(lib_suffix) \ $(xpcom_frozen_ldopts) \ $(nspr_libs) \ $(null) include $(topsrcdir)/config/rules.mk defines += -dmoz_dll_prefix=\"$(dll_prefix)\" extensions/stub/bdsstubloader.cpp // copyright (c) 2005 benjamin smedberg <benjamin@smedbergs.us> #include "nscore.h" #include "nsmodule.h" #include "prlink.h" #include "nsilocalfile.h" #include "
nsstringapi.h" #include "nscomptr.h" static char const *const kdependentlibraries[] = { // dependent1.dll on windows, libdependent1.so on linux moz_dll_prefix "dependent1" moz_dll_suffix, moz_dll_prefix "dependent2" moz_dll_suffix, nsnull // note: if the dependent libs themselves depend on other libs, the subdependencies // should be listed first.
...2008 */ //include the stuff from mozilla glue that we need #include "nsilocalfile.h" #include "
nsstringapi.h" #include "nscomptr.h" //include things from the mach-o libraries that we need for loading the libraries.
...static void* lookupsymbol(const mach_header* alib, const char* asymbolname) {
nssymbol sym = nsnull; if (alib) { sym = nslookupsymbolinimage(alib, asymbolname, nslookupsymbolinimage_option_bind | nslookupsymbolinimage_option_return_on_error); } if (!sym) return nsnull; return nsaddressofsymbol(sym); } notes code samples are licensed under the mit license.
Style System Overview - Archive of obsolete content
style contexts each style context (
nsstylecontext), which is the interface through which layout accesses the style data for a given element, points to one rule node.
... style context api the style context api allows data to be obtained through a set of structs (see
nsstylestruct.h).
... first,
nsstylecontext::getstyledata checks for a cached struct on the style context, and returns it if present.
JavaScript crypto - Archive of obsolete content
the importusercertificates() function loads certificates into the
nss database or smartcard if the corresponding key is found there.
...in the add case, the module will be placed in the
nss secmod.db database and will be loaded automatically on application restart.
... in the delete case, the module is removed from the
nss secmod.db.
String Quick Reference - Archive of obsolete content
old way: use
nsstring& and nscstring& void mymethod(const
nsstring& input,
nsstring& output); new way: use nsastring& and nsacstring& void mymethod(const nsastring& input, nsastring& output); substrings what: get direct references to string fragments why: avoid making multiple copies of the string old way: use a bunch of nsautostrings, and use left(), right() and mid() to grab a segment of a string: // get an 8-character string starting at the 4th position nsautostring leftside; str.left(leftside,...
...note: may involve changing existing apis old way: wrap with nscautostring() // foo is a prunichar* string // call // void handlestring(const
nsstring& str); handlestring(nsautostring(foo)); new way: wrap with nsdependentstring // foo is a prunichar* string // fix caller to be // void handlestring(const nsastring& str); handlestring(nsdependentstring(foo)); stack-based strings what: use of special stack-oriented classes why: to avoid excess heap allocations and memory leaks wrong: use
nsstring/nscstring or raw characters // call gets...
...tringvalue(nsastring& out);
nsstring value; getstringvalue(value); // call getstringvalue(char** out); char *result; getstringvalue(&result); // don't forget to free result!
Obsolete: XPCOM-based scripting for NPAPI plugins - Archive of obsolete content
ns_error_not_implemented;} ns_imethod getcontractid(char * *acontractid) {return ns_error_not_implemented;} ns_imethod getclassdescription(char * *aclassdescription) {return ns_error_not_implemented;} ns_imethod getclassid(nscid * *aclassid) {return ns_error_not_implemented;} ns_imethod getclassidnoalloc(nscid *aclassidnoalloc) {return ns_error_not_implemented;} }; class
nsscriptablepeer : public nsitestplugin, public nsclassinfomixin { public:
nsscriptablepeer(); ~
nsscriptablepeer(); ns_decl_isupports ns_decl_nsitestplugin };
nsscriptablepeer::
nsscriptablepeer() { ns_init_isupports(); }
nsscriptablepeer::~
nsscriptablepeer() { } // notice that we expose our claim to implement nsiclassinfo.
... ns_impl_isupports2(
nsscriptablepeer, nsitestplugin, nsiclassinfo) // the following method will be callable from javascript ns_imethodimp
nsscriptablepeer::nativemethod() { return ns_ok; } example 3.
... nsitestplugin *scriptablepeer = (nsitestplugin *)instance->pdata; // see if this is the first time and we haven't created it yet if (!scriptablepeer) { nsitestplugin *scriptablepeer = new
nsscriptablepeer(); if (scriptablepeer) ns_addref(scriptablepeer); // addref for ourself, // don't forget to release on // shutdown to trigger its destruction } // add reference for the caller requesting the object ns_addref(scriptablepeer); *(nsisupports *...
Mozilla Style System
computed style (front end) the interface that the front end exposes to the rest of mozilla consists of a single
nsstyleset object and many
nsstylecontext objects, each of which holds the computed style for an element, pseudo-element, or text node.
...they all have names beginning with
nsstyle*, and they should not be confused with the css structs (nscss*), which hold specified values.
...thus, typical calling code looks like this: if (aframe->getstyledisplay()->mopacity < 1.0f) return pr_true; or like this: const
nsstyleposition *stylepos = aframe->getstyleposition(); if (stylepos->mwidth.getunit() == estyleunit_coord) { nscoord w = stylepos->mwidth.getcoordvalue(); ...
BloatView
for
nsstring you'll see the size of the header struct, not the size of the string contents!) bytes leaked - the number of bytes per instance times the number of objects leaked: (bytes per-inst) x (objects rem).
... class name instance size bytes allocated bytes allocated but not freed blank mozilla yahoo netscape total blank mozilla yahoo netscape total total 1754408 432556 179828 404184 2770976
nsstr 20 6261600 3781900 1120920 1791340 12955760 222760 48760 13280 76160 360960 nshashkey 8 610568 1842400 2457872 1134592 6045432 32000 536 568 1216 34320 nstexttransformer 548 8220 469088 1414936 1532756 3425000 0 0 0 0 0
nsstylecontextdata ...
...-------------------------------------------------- class leaks delta bloat delta -------------------------------------------------------------------------- total 6113530 2.79% 67064808 9.18% stylecontextimpl 265440 81.19% 283584 -26.99% ctoken 236500 17.32% 306676 20.64%
nsstr 217760 14.94% 5817060 7.63% nsxulattribute 113048 -70.92% 113568 -71.16% literalimpl 53280 26.62% 75840 19.40% nsxulelement 51648 0.00% 51648 0.00% nsprofile 51224 0.00% 51224 0.00% nsframe 47568 -26.15% 48096 -50.
CERT_FindCertByDERCert
#include <cert.h> certcertificate *cert_findcertbydercert( certcertdbhandle *handle, secitem *dercert ); parameters handle in pointer to a certcertdbhandle representing the certificate database to look in dercert in pointer to an secitem whose type must be sidercertbuffer and whose data contains a der-encoded certificate description this function looks in the ?
nsscryptocontext?
... and the ?
nsstrustdomain?
... see also occurrences of cert_findcertbydercert in the current
nss source code (generated by lxr).
Certificate functions
the
nss version column indicates which versions of
nss support the function.
... function name/documentation source code
nss versions cert_addcerttolisttail mxr 3.2 and later cert_addextension mxr 3.5 and later cert_addocspacceptableresponses mxr 3.6 and later cert_addokdomainname mxr 3.4 and later cert_addrdn mxr 3.2.1 and later cert_asciitoname mxr 3.2 and later cert_cachecrl mxr 3.10 and later cert_clearocspcache mxr 3.11.7 and later cert_certchainfromcert mxr 3.2 and later cert_certlistfromcert mxr 3.2 and later cert_certtimesvalid mxr 3.2 and later cert_changecerttrust mxr 3.2 and later cert_checkcertvalidtimes mxr 3.2 and later cert_checknamespace ...
...if you need to verify for multiple usages use cert_verifycertificatenow cert_verifyocspresponsesignature mxr 3.6 and later cert_verifysigneddata mxr 3.4 and later cert_verifysigneddatawithpublickey mxr 3.7 and later cert_verifysigneddatawithpublickeyinfo mxr 3.7 and later
nss_cmpcertchainwcanames mxr 3.2 and later
nss_findcertkeatype mxr 3.2 and later ...
PKCS 12 functions
the public functions listed here perform pkcs #12 operations required by some of the
nss tools and other applications.
...the
nss version column indicates which versions of
nss support the function.
... function name/documentation source code
nss versions sec_pkcs12addcertandkey mxr 3.2 and later sec_pkcs12addpasswordintegrity mxr 3.2 and later sec_pkcs12createexportcontext mxr 3.2 and later sec_pkcs12createpasswordprivsafe mxr 3.2 and later sec_pkcs12createunencryptedsafe mxr 3.2 and later sec_pkcs12decoderfinish mxr 3.2 and later sec_pkcs12decodergetcerts mxr 3.4 and later sec_pkcs12decoderimportbags mxr 3.2 and later sec_pkcs12decoderiterateinit mxr 3.10 and later sec_pkcs12decoderiteratenext ...
PKCS 7 functions
the public functions listed here perform pkcs #7 operations required by mail and news applications and by some of the
nss tools.
...the
nss version column indicates which versions of
nss support the function.
... function name/documentation source code
nss versions sec_pkcs7addcertificate mxr 3.3 and later sec_pkcs7addrecipient mxr 3.2 and later sec_pkcs7addsigningtime mxr 3.2 and later sec_pkcs7containscertsorcrls mxr 3.4 and later sec_pkcs7contentisencrypted mxr 3.4 and later sec_pkcs7contentissigned mxr 3.4 and later sec_pkcs7contenttype mxr 3.2 and later sec_pkcs7copycontentinfo mxr 3.4 and later sec_pkcs7createcertsonly mxr 3.3 and later sec_pkcs7createdata mxr 3.2 and later se...
Installation guide
the build system of
nss originated from netscape's build system, which predated the "configure; make; make test; make install" sequence that we're familiar with now.
...this is done here: http://lxr.mozilla.org/security/sour...platlibs.mk#53 53 ifeq ($(os_arch), linux) 54 ifeq ($(use_64), 1) 55 extra_shared_libs += -wl,-rpath,'$$origin/../lib64:$$origin/../lib' 56 else 57 extra_shared_libs += -wl,-rpath,'$$origin/../lib' 58 endif 59 endif for example, if you install certutil in /foo/bar/
nss/bin and the .so's in /foo/bar/
nss/lib, then you only need to add /foo/bar/
nss/bin to your path; you don't need to set ld_library_path.
...nspr: libnspr4.so libplds4.so libplc4.so
nss: (note the use of * for libfreebl -- some platforms have multiple ones) libfreebl*3.so libfreebl*3.chk libsoftokn3.so libsoftokn3.chk lib
nss3.so libsmime3.so libssl3.so lib
nssckbi.so ...
Sample manual installation
the
nss build system does not include a target to install header files and shared libraries in the system directories, so this needs to be done manually.
... after building
nss with "gmake
nss_build_all", the resulting build can be found in the
nss source tree as follows:
nss header files: mozilla/dist/public/
nss nspr header files: mozilla/dist/<obj-dir>/include nspr/
nss shared libs: mozilla/dist/<obj-dir>/lib
nss binary executables: mozilla/dist/<obj-dir>/bin.
...for example, <obj-dir> for a debug build of
nss on the x86 platform with a linux kernel version 2.6 with glibc would be: linux2.6_x86_glibc_pth_dbg.obj from these directories, you can copy the files to any system (or other) directory.
XPCOM glue
windows /fi "xpcom-config.h" linux -include "xpcom-config.h" linker flags: windows for older versions of the firefox sdk: -libpath:c:/path/to/sdk/lib xpcomglue_s.lib xpcom.lib nspr4.lib for recent versions of the firefox sdk (at least version 42, but possibly earlier versions as well): -libpath:c/path/to/sdk/lib xpcomglue_s.lib xul.lib
nss3.lib mozcrt.lib -libpath:c:/path/to/sdk/lib xpcomglue.lib mac -l/path/to/sdk/lib -l/path/to/sdk/bin -wl,-executable-path,/path/to/sdk/bin -lxpcomglue_s -lxpcom -lnspr4 when building against a xulrunner derived sdk, use: -l/path/to/sdk/lib -l/path/to/xulrunner-bin -wl,-executable_path,/path/to/xulrunner-bin -lxpcomglue_s -lxpcom -lnspr4 where 'xulrunner-bin' ...
... to link against nspr using recent versions of the firefox sdk (at least version 42, but possibly earlier versions as well), you need to link against
nss, lib
nss3/
nss3.lib in particular.
... this is because nspr is now merged into
nss during the build process.
XPCOM hashtable guide
data type hashtable class none (for a hash set) nsthashtable simple types (numbers, booleans, etc) nsdatahashtable structs or classes (
nsstring, custom defined structs or classes that are not reference-counted) nsclasshashtable reference-counted concrete classes nsrefptrhashtable interface pointers nsinterfacehashtable each of these classes is a template with two parameters.
... key type hashkey class strings
nsstringhashkey/nscstringhashkey integers nsuint32hashkey/nsuint64hashkey pointers nsptrhashkey<t> owned interface pointers nsisupportshashkey reference-counted concrete classes nsrefptrhashkey there are a number of more esoteric hashkey classes in nshashkeys.h, and you can always roll your own if none of these fit your needs (make sure you're not duplicating an existing hashkey class though!) once you've determined what hashtable and hashkey classes you need, you can put it all together.
...hkey, nsidomwindow> a hashtable that maps 32 bit integers to floats - nsdatahashtable<nsuint32hashkey, float> a hashtable that maps nsisupports pointers to reference counted cacheentrys - nsrefptrhashtable<nsisupportshashkey, cacheentry> a hashtable that maps jscontext pointers to a contextinfo struct - nsclasshashtable<nsptrhashkey<jscontext>, contextinfo> a hashset of strings - nsthashtable<
nsstringhashkey> hashtable api the hashtable classes all expose the same basic api.
IAccessibleTable
lt accessibleat([in] long row, [in] long column, [out] iunknown accessible ); [propget] hresult caption([out] iunknown accessible ); [propget] hresult childindex([in] long rowindex, [in] long columnindex, [out] long cellindex ); [propget] hresult columndescription([in] long column, [out] bstr description ); [propget] hresult columnextentat([in] long row, [in] long column, [out] long ncolum
nsspanned ); [propget] hresult columnheader([out] iaccessibletable accessibletable, [out] long startingrowindex ); [propget] hresult columnindex([in] long cellindex, [out] long columnindex ); [propget] hresult iscolumnselected([in] long column, [out] boolean isselected ); [propget] hresult isrowselected([in] long row, [out] boolean isselected ); [propget] hresult isselected([in] long row, [...
...[propget] hresult columnextentat( [in] long row, [in] long column, [out] long ncolum
nsspanned ); parameters row 0 based row index of the accessible for which to return the column extent.
...ncolum
nsspanned returns the 1 based column extent of the specified cell.
nsISHEntry
return value getanycontentviewer() return any content viewer present in or below this node in the
nsshentry tree.
... this will differ from contentviewer in the case where a child
nsshentry has the content viewer for this tree.
...example see
nssessionstore.js for a real example.
HTTP Public Key Pinning (HPKP) - HTTP
ope
nssl rsa -in my-rsa-key-file.key -outform der -pubout | ope
nssl dgst -sha256 -binary | ope
nssl enc -base64 ope
nssl ec -in my-ecc-key-file.key -outform der -pubout | ope
nssl dgst -sha256 -binary | ope
nssl enc -base64 ope
nssl req -in my-signing-request.csr -pubkey -noout | ope
nssl pkey -pubin -outform der | ope
nssl dgst -sha256 -binary | ope
nssl enc -base64 ope
nssl x509 -in my-certificate.crt -pubke...
...y -noout | ope
nssl pkey -pubin -outform der | ope
nssl dgst -sha256 -binary | ope
nssl enc -base64 the following command will extract the base64 encoded information for a website.
... ope
nssl s_client -servername www.example.com -connect www.example.com:443 | ope
nssl x509 -pubkey -noout | ope
nssl pkey -pubin -outform der | ope
nssl dgst -sha256 -binary | ope
nssl enc -base64 example hpkp header public-key-pins: pin-sha256="cupctazwkaasuywhhnedttwpy3obake3h2+sozs7sws="; pin-sha256="m8hztczm3eluxkcjr2s5p4hhybnf6lhkmjahkhpgpwe="; max-age=5184000; includesubdomains; report-uri="https://www.example.org/hpkp-report" in this example, pin-sha256="cupctazwkaasuywhhnedttwpy3obake3h2+sozs7sws=" pins the server's public key used in production.
JSS build instructions for OSX 10.6 - Archive of obsolete content
howto successfully compile jss and
nss for 32 and 64 bits on osx 10.6 (10.6.7) useful links: https://developer.mozilla.org/en/
nss_reference/building_and_installing_
nss/build_instructions https://developer.mozilla.org/jss_build_4.3.html ftp://ftp.mozilla.org/pub/mozilla.org/ <componente> /releases http://www.mozilla.org/projects/secu...using_jss.html steps: export all this: build_opt="1" cvsroot=":pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot" java_home=$(/usr/libexec/java_home") no_mdupdate="1" nsdistmode="copy" ns_use_gcc="1" create working dir: mkdir
nss-jss cd
nss-jss obtain source: altought manual said nspr_4_6_4_rtm,
nss_3_11_4_rtm, jss_4_2_5_rtm, t...
... cvs login cvs co -r nspr_4_8_7_rtm nspr cvs co -r
nss_3_12_9_with_ckbi_1_82_rtm
nss cvs co -r jss_4_3_2_rtm jss build
nss for 32 and 64: cd mozilla/security/
nss make
nss_build_all cc="gcc -arch i386" ccc="g++ -arch i386" make
nss_build_all use_64=1 build jss for 32 and 64: cd ../jss make cc="gcc -arch i386" ccc="g++ -arch i386" make use_64=1 on osx, java.library.path doesnt seem to have /usr/lib or other paths.
RDF Datasource How-To - Archive of obsolete content
for example, the above datasource would be accessable as follows: nsirdfservice* rdf; rv =
nsservicemanager::getservice(krdfservicecid, kirdfserviceiid, (nsisupports**) &rdf); if (ns_succeeded(rv)) { nsirdfdatasource* mydatasource; rv = rdf->getdatasource("rdf:my-datasource", &mydatasource); if (ns_succeeded(rv)) { // ...do something to mydatasource here...
... ns_release(mydatasource); }
nsservicemanager::releaseservice(krdfservicecid, rdf); } displaying rdf as content now that you've gone through all this pain to expose your information as a datasource, you probably want to see it.
Debugging on Windows
here are some entries that will make your life easier: ;; mozilla (1.7beta and later) nsautostring=<mdata,su>
nsstring=<mdata,su> nscstring=<mdata,s> nscautostring=<mdata,s> nsrect=x=<x,d> y=<y,d> width=<width,d>; height=<height,d>
nsstaticatomwrapper=<mstaticatom->mstring,s> nsiatom=<mstring,su> ; the following are not necessary in vc8 nscomptr<*>=<mrawptr,x> nsrefptr=<mrawptr,x> nsautoptr=<mrawptr,x> after you have made the changes and saved the file, you will need to restart visual c++ for the changes t...
... for xpcom strings (the "external" string api) you can use the following values: ;; mozilla (1.9) ; internal strings nsastring_internal=<mdata,su>, length=<mlength,u> nsacstring_internal=<mdata,s>, length=<mlength,u> ; xpcom strings nsastring=<
nsstringcontainer.v,su>, length=<
nsstringcontainer.d1,u> nsacstring=<nscstringcontainer.v,s>, length=<nscstringcontainer.d1,u>
nsstringcontainer=<v,su>, length=<d1,u> nscstringcontainer=<v,s>, length=<d1,u> there is a more extensive version of this file in progress in autoexpforvc8.
Simple SeaMonkey build
debian linux: # this one-liner should install all necessary build deps sudo aptitude install zip mercurial libasound2-dev libcurl4-ope
nssl-dev libnotify-dev libxt-dev libiw-dev libidl-dev mesa-common-dev autoconf2.13 yasm libgtk2.0-dev libdbus-1-dev libdbus-glib-1-dev python-dev libgstreamer0.10-dev libgstreamer-plugins-base0.10-dev libpulse-dev ubuntu linux # for ubuntu 12.04 lts (precise pangolin), replace the following line with: sudo apt-get build-dep thunderbird sudo apt-get build-dep seamonkey sudo apt-g...
...et install zip unzip mercurial g++ make autoconf2.13 yasm libgtk2.0-dev libglib2.0-dev libdbus-1-dev libdbus-glib-1-dev libasound2-dev libcurl4-ope
nssl-dev libnotify-dev libgstreamer0.10-dev libgstreamer-plugins-base0.10-dev libiw-dev libxt-dev mesa-common-dev libpulse-dev fedora linux centos rhel: sudo yum groupinstall 'development tools' 'development libraries' 'gnome software development' sudo yum install mercurial autoconf213 glibc-static libstdc++-static yasm wireless-tools-devel mesa-libgl-devel alsa-lib-devel libxt-devel gstreamer-devel gstreamer-plugins-base-devel pulseaudio-libs-devel # 'development tools' is defunct in fedora 19 and above use the following sudo yum groupinstall 'c development tools and libraries' sudo yum group mark install "x software dev...
Overview of Mozilla embedding APIs
nsstring there are a collection of string classes which support both unicode and ascii strings.
...global services
nsservicemanager the service manager is the central repository for accessing instances of the various xpcom services.
IPDL Best Practices
consider the following protocol: async protocol pasyncquerier { child: pasyncquery(); } async protocol pasyncquery { child: kickoffquery(
nsstring query); parent: returnresult(
nsstring result); __delete__(); } in this situation, there is a guaranteed sequence of messages that will be sent.
... it makes sense to fold construction and the first message together, as well as the penultimate and deletion messages, so that the final protocol looks like this: async protocol pasyncquerier { child: pasyncquery(
nsstring query); } async protocol pasyncquery { parent: __delete__(
nsstring result); } ...
NSPR release process
make sure the
nss tinderboxes (which also build and test nspr) are all green.
... the build+test cycles of the
nss tinderboxes are very long, so you usually need to wait half a day for them to cycle through.
Function_Name
avoid describing the return until the next section, for example: this function looks in the
nsscryptocontext and the
nsstrustdomain to find the certificate that matches the der-encoded certificate.
... see also copy of the mxr link, with the following text occurrences of function_name in the current
nss source code (generated by mxr).
Cryptography functions
the
nss version column indicates which versions of
nss support the function.
... function name/documentation source code
nss versions pk11_algtagtomechanism mxr 3.2 and later pk11_authenticate mxr 3.2 and later pk11_blockdata mxr 3.2 and later pk11_changepw mxr 3.2 and later pk11_checkuserpassword mxr 3.2 and later pk11_cipherop mxr 3.2 and later pk11_clonecontext mxr 3.2 and later pk11_configurepkcs11 mxr 3.2 and later pk11_convertsessionprivkeytotokenprivkey mxr 3.6 and later pk11_convertsessionsymkeytotokensymkey mxr 3.6 and later pk11_copytokenprivke...
FC_CloseAllSessions
the
nss cryptographic module currently doesn't call the surrender callback function notify.
... (see pkcs #11 v2.20 section 11.17.1.) a user may call fc_closeallsessions without logging into the token (to assume the
nss user role).
FC_GetFunctionList
description fc_getfunctionlist stores in *ppfunctionlist a pointer to the
nss cryptographic module's list of function pointers in the fips mode of operation.
... a user may call fc_getfunctionlist without logging into the token (to assume the
nss user role).
FC_GetInfo
librarydescription: description of the library, "
nss internal crypto services", padded with spaces to 32 characters and not null-terminated.
... a user may call fc_getinfo without logging into the token (to assume the
nss user role).
FC_GetSessionInfo
a user may call fc_getsessioninfo without logging into the token (to assume the
nss user role).
... if the
nss cryptographic module is in the error state, fc_getsessioninfo returns ckr_device_error.
FC_GetTokenInfo
model: model of the device, "
nss 3", padded with spaces to 16 characters and not null-terminated.
... a user may call fc_gettokeninfo without logging into the token (to assume the
nss user role).
FC_OpenSession
the
nss cryptographic module currently doesn't call the surrender callback function notify.
... (see pkcs #11 v2.20 section 11.17.1.) a user may call fc_opensession without logging into the token (to assume the
nss user role).
FC_SeedRandom
the initial seed material is provided by the
nss cryptographic module itself.
... a user may call fc_seedrandom() without logging into the token (to assume the
nss user role).
TLS Cipher Suite Discovery
to that end,
nss's libssl offers a way for applications to discover at run time the set of cipher suites supported by that version of libssl.
... here are the details of how an
nss-based application learns what cipher suites are supported and obtains the information to display to the user.
Mozilla Projects
network security services network security services (
nss) is a set of libraries designed to support cross-platform development of security-enabled client and server applications.
... applications built with
nss can support ssl v3, tls, pkcs #5, pkcs #7, pkcs #11, pkcs #12, s/mime, x.509 v3 certificates, and other security standards.
XPCOM changes in Gecko 2.0
for an up-to-date example of implementing a dynamic modules, see
nssamplemodule.cpp.
...see
nssamplemodule.cpp for more details.
Setting up the Gecko SDK
cspecialthing.h #ifndef __specialthing_impl_h__ #define __specialthing_impl_h__ #include "ispecialthing.h" #include "
nsstringapi.h" #define specialthing_contractid "@starkravingfinkle.org/specialthing;1" #define specialthing_classname "specialthing" #define specialthing_cid { 0x245626, 0x5cc1, 0x11db, { 0x96, 0x73, 0x0, 0xe0, 0x81, 0x61, 0x16, 0x5f } } class cspecialthing : public ispecialthing { public: ns_decl_isupports ns_decl_ispecialthing cspecialthing(); private: ~cspecialthing(); protect...
...ed: /* additional members */
nsstring mname; }; #endif cspecialthing.cpp #include "cspecialthing.h" ns_impl_isupports1(cspecialthing, ispecialthing) cspecialthing::cspecialthing() { /* member initializers and constructor code */ mname.assign(l"default name"); } cspecialthing::~cspecialthing() { /* destructor code */ } /* attribute astring name; */ ns_imethodimp cspecialthing::getname(nsastring & aname) { aname.assign(mname); return ns_ok; } ns_imethodimp cspecialthing::setname(const nsastring & aname) { mname.assign(aname); return ns_ok; } /* long add (in long a, in long b); */ ns_imethodimp cspecialthing::add(print32 a, print32 b, print32 *_retval) { *_retval = a + b; return ns_ok; } this is generally your code.
Using XPCOM Utilities to Make Things Easier
#include "nsigenericfactory.h" static const nsmodulecomponentinfo components[] = { { "pretty class name", sample_cid, "@company.com/sample", sampleconstructor } } ns_impl_nsgetmodule(
nssamplemodule, components) most of the components in the mozilla browser client use this approach.
...::sample() { // note: in newer versions of gecko (1.3 or later) // you don't have to do this: ns_init_isupports(); } sample::~sample() { } ns_impl_isupports1(sample, nsisupports); ns_generic_factory_constructor(sample); static const nsmodulecomponentinfo components[] = { { "pretty class name", sample_cid, "@company.com/sample", sampleconstructor } }; ns_impl_nsgetmodule(
nssamplemodule, components) string classes in xpcom strings are usually thought of as linear sequences of characters.
Detailed XPCOM hashtable guide
nsthashtable<...> <nsuint32hashkey, pruint32> <ns(c)stringhashkey, pruint32> <nsidhashkey, pruint32> <nsisupportshashkey, pruint32> interface (nsisupports) nsinterfacehashtable <nsuint32hashkey, nsisupports> <ns(c)stringhashkey, nsisupports> <nsidhashkey, nsisupports> <nsisupportshashkey, nsisupports> class (
nsstring*) nsclasshashtable <nsuint32hashkey,
nsstring> <ns(c)stringhashkey,
nsstring> <nsidhashkey,
nsstring> <nsisupportshashkey,
nsstring> complex (structures, etc.) nsthashtable<...> pldhash the pldhash implementation is a fairly low-level implementation, written in c.
...this can be done using nsthashtable<
nssomehashkey>.
How to build a binary XPCOM component using Visual Studio
they could look like this: h file: #ifndef __specialthing_impl_h__ #define __specialthing_impl_h__ #include "comp.h" #include "
nsstringapi.h" #define specialthing_contractid "@starkravingfinkle.org/specialthing;1" #define specialthing_classname "specialthing" #define specialthing_cid { 0x245626, 0x5cc1, 0x11db, { 0x96, 0x73, 0x0, 0xe0, 0x81, 0x61, 0x16, 0x5f } } class cspecialthing : public ispecialthing { public: ns_decl_isupports ns_decl_ispecialthing cspecialthing(); private: ~cspecialthing(); protected: /* addi...
...tional members */
nsstring mname; }; #endif cpp file: #include "comp-impl.h" ns_impl_isupports1(cspecialthing, ispecialthing) cspecialthing::cspecialthing() { /* member initializers and constructor code */ mname.assign(l"default name"); } cspecialthing::~cspecialthing() { /* destructor code */ } /* attribute astring name; */ ns_imethodimp cspecialthing::getname(nsastring & aname) { aname.assign(mname); return ns_ok; } ns_imethodimp cspecialthing::setname(const nsastring & aname) { mname.assign(aname); return ns_ok; } /* long add (in long a, in long b); */ ns_imethodimp cspecialthing::add(print32 a, print32 b, print32 *_retval) { *_retval = a + b; return ns_ok; } lastly, we need to create the module implementation.
NS_InitXPCOM3
#include "nsxpcom.h" nsresult ns_initxpcom3( nsiservicemanager** aresult, nsifile* abindirectory, nsidirectoryserviceprovider* aappfilelocationprovider,
nsstaticmoduleinfo const* astaticmodules, pruint32 astaticmodulecount ); parameters aresult [out] the resulting xpcom service manager.
... astaticmodules [in] an array of
nsstaticmoduleinfo objects.
NS ConvertASCIItoUTF16 external
rs stripwhitespace trim defaultcomparator compare equals operator< operator<= operator== operator>= operator> operator!= equalsliteral lowercaseequalsliteral find rfind findchar rfindchar appendint tointeger base classes
nsstring_external data members no public members.
...thods constructors void ns_convertasciitoutf16_external(const nsacstring&) - source parameters nsacstring& astr void ns_convertasciitoutf16_external(const char*, pruint32) - source parameters char* adata pruint32 alength get prunichar* get() const - source operator=
nsstring_external& operator=(const
nsstring_external&) - source parameters
nsstring_external& astring nsastring& operator=(const nsastring&) - source parameters nsastring& astring nsastring& operator=(const prunichar*) - source parameters prunichar* aptr nsastring& operator=(prunichar) - source ...
NS ConvertUTF8toUTF16 external
rs stripwhitespace trim defaultcomparator compare equals operator< operator<= operator== operator>= operator> operator!= equalsliteral lowercaseequalsliteral find rfind findchar rfindchar appendint tointeger base classes
nsstring_external data members no public members.
...methods constructors void ns_convertutf8toutf16_external(const nsacstring&) - source parameters nsacstring& astr void ns_convertutf8toutf16_external(const char*, pruint32) - source parameters char* adata pruint32 alength get prunichar* get() const - source operator=
nsstring_external& operator=(const
nsstring_external&) - source parameters
nsstring_external& astring nsastring& operator=(const nsastring&) - source parameters nsastring& astring nsastring& operator=(const prunichar*) - source parameters prunichar* aptr nsastring& operator=(prunichar) - source ...
PromiseFlatString (External)
rs stripwhitespace trim defaultcomparator compare equals operator< operator<= operator== operator>= operator> operator!= equalsliteral lowercaseequalsliteral find rfind findchar rfindchar appendint tointeger base classes
nsstringcontainer data members no public members.
... methods get prunichar* get() const - source operator=
nsstring_external& operator=(const
nsstring_external&) - source parameters
nsstring_external& astring nsastring& operator=(const nsastring&) - source parameters nsastring& astring nsastring& operator=(const prunichar*) - source parameters prunichar* aptr nsastring& operator=(prunichar) - source parameters prunichar achar adopt void adopt(const prunichar*, pruint32) - source parameters prunichar* adata pruint32 alength beginreading pruint32 beginreading(const prunichar**, const prunichar**) con...
nsAutoString (External)
rs stripwhitespace trim defaultcomparator compare equals operator< operator<= operator== operator>= operator> operator!= equalsliteral lowercaseequalsliteral find rfind findchar rfindchar appendint tointeger base classes
nsstringcontainer data members no public members.
... methods get prunichar* get() const - source operator=
nsstring_external& operator=(const
nsstring_external&) - source parameters
nsstring_external& astring nsastring& operator=(const nsastring&) - source parameters nsastring& astring nsastring& operator=(const prunichar*) - source parameters prunichar* aptr nsastring& operator=(prunichar) - source parameters prunichar achar adopt void adopt(const prunichar*, pruint32) - source parameters prunichar* adata pruint32 alength beginreading pruint32 beginreading(const prunichar**, const prunichar**) con...
nsDependentString external
rs stripwhitespace trim defaultcomparator compare equals operator< operator<= operator== operator>= operator> operator!= equalsliteral lowercaseequalsliteral find rfind findchar rfindchar appendint tointeger base classes
nsstring_external data members no public members.
... void nsdependentstring_external(const prunichar*, pruint32) - source parameters prunichar* adata pruint32 alength rebind void rebind(const prunichar*, pruint32) - source parameters prunichar* adata pruint32 alength get prunichar* get() const - source operator=
nsstring_external& operator=(const
nsstring_external&) - source parameters
nsstring_external& astring nsastring& operator=(const nsastring&) - source parameters nsastring& astring nsastring& operator=(const prunichar*) - source parameters prunichar* aptr nsastring& operator=(prunichar) - source ...
IAccessibleTableCell
1.0 66 introduced gecko 1.9.2 inherits from: iunknown last changed in gecko 1.9.2 (firefox 3.6 / thunderbird 3.1 / fennec 1.0) method overview [propget] hresult columnextent([out] long ncolum
nsspanned ); [propget] hresult columnheadercells([out, size_is(, ncolumnheadercells,)] iunknown cellaccessibles, [out] long ncolumnheadercells ); [propget] hresult columnindex([out] long columnindex ); [propget] hresult isselected([out] boolean isselected ); [propget] hresult rowcolumnextents([out] long row, [out] long column, [out] long rowextents, [out] long columnextents, [out] boolean isselected ); [propget] hresult rowextent([out]...
...[propget] hresult columnextent( [out] long ncolum
nsspanned ); parameters ncolum
nsspanned returns the 1 based column extent of the specified cell.
nsIDOMWindowUtils
pruint32 comparecanvases( in nsidomhtmlcanvaselement acanvas1, in nsidomhtmlcanvaselement acanvas2, out unsigned long amaxdifference ); parameters acanvas1 acanvas2 amaxdifference return value computeanimationdistance() method for testing
nsstyleanimation::computedistance.
... returns the distance between the two values as reported by
nsstyleanimation::computedistance for the given element and property.
nsISHistory
note: a listener object must implement nsishistorylistener and
nssupportsweakreference.
...note: a listener object must implement nsishistorylistener and
nssupportsweakreference.
nsIScriptableInputStream
the
nsscriptableinputstream component implements this interface.
...tream;1", "nsiscriptableinputstream", "init"); var blah = { data: '', onstartrequest: function (arequest, acontext) { this.data = ''; }, ondataavailable: function(request, context, inputstream, offset, count) { var scriptstream = new scriptableinputstream(inputstream); this.data += scriptstream.read(count); scriptstream.close(); } }; see also
nsscriptableinputstream nsiinputstream ...
nsISupportsWeakReference
remarks the xpcom glue library provides
nssupportsweakreference, a canonical implementation of nsisupportsweakreference.
... see also nsiweakreference
nssupportsweakreference ...
nsIXPConnect
inherits from: nsisupports last changed in gecko 2.0 (firefox 4 / thunderbird 3.3 / seamonkey 2.1) to access the xpconnect service, use code like this: nsresult rv; nscomptr<nsixpconnect> xpconnect = do_getservice(nsixpconnect::getcid(), &rv); if (ns_succeeded(rv)) { /* use the object */ } method overview void addjsholder(in voidptr aholder, in
nsscriptobjecttracerptr atracer); native code only!
... void addjsholder( in voidptr aholder, in
nsscriptobjecttracerptr atracer ); parameters aholder the object that hold the js objects that should be rooted.
NS_StringAppendData
#include "
nsstringapi.h" nsresult ns_stringappenddata( nsastring& astring, const prunichar* adata, pruint32 adatalength = pr_uint32_max ); parameters astring [in] a nsastring instance to be modified.
... example code
nsstringcontainer str; ns_stringcontainerinit(str); ns_stringsetdata(str, l"hello"); ns_stringappenddata(str, l" world"); const prunichar* data; ns_stringgetdata(str, &data); // data now points to the string: l"hello world" ns_stringcontainerfinish(str); history this function was frozen for mozilla 1.7.
NS_StringContainerFinish
« xpcom api reference summary the ns_stringcontainerfinish function releases any memory allocated by a
nsstringcontainer instance.
... #include "
nsstringapi.h" void ns_stringcontainerfinish(
nsstringcontainer& astring ); parameters astring [in] a
nsstringcontainer instance that is no longer needed.
NS_StringCutData
#include "
nsstringapi.h" nsresult ns_stringcutdata( nsastring& astring, pruint32 acutstart, pruint32 acutlength ); parameters astring [in] a nsastring instance to be modified.
... example code
nsstringcontainer str; ns_stringcontainerinit(str); ns_stringsetdata(str, l"hello world"); // remove " world" portion of string ns_stringcutdata(str, 5, pr_uint32_max); const prunichar* data; ns_stringgetdata(str, &data); // data now ponts to the string: l"hello" ns_stringcontainerfinish(str); history this function was frozen for mozilla 1.7.
NS_StringInsertData
#include "
nsstringapi.h" nsresult ns_stringinsertdata( nsacstring& astring, pruint32 aoffset, const prunichar* adata, pruint32 adatalength = pr_uint32_max ); parameters astring [in] a nsacstring instance to be modified.
... example code
nsstringcontainer str; ns_stringcontainerinit(str); ns_stringsetdata(str, l"hello"); ns_stringinsertdata(str, 5, l" world"); const prunichar* data; ns_stringgetdata(str, &data); // data now points to the string: l"hello world" ns_stringcontainerfinish(str); history this function was frozen for mozilla 1.7.
NS_StringSetData
#include "
nsstringapi.h" nsresult ns_stringsetdata( nsastring& astring, const prunichar* adata, pruint32 adatalength = pr_uint32_max ); parameters astring [in] a nsastring instance to modify.
... example code
nsstringcontainer str; rv = ns_stringcontainerinit(str); if (ns_succeeded(rv)) { rv = ns_stringsetdata(str, "hello world"); if (ns_succeeded(rv)) { // now, pass |str| to some function expecting a |const nsastring&| parameter.
XPCOM string functions
this is a low-level api.ns_stringclonedatathe ns_stringclonedata function returns a null-terminated, heap allocated copy of the string's internal buffer.ns_stringcontainerfinishthe ns_stringcontainerfinish function releases any memory allocated by a
nsstringcontainer instance.
... this is a low-level api.ns_stringcontainerinitthe ns_stringcontainerinit function initializes a
nsstringcontainer instance for use as a nsastring.
Weak reference
just roll in
nssupportsweakreference, a mix-in class that does all the work, and adjust your queryinterface accordingly, e.g., //...
... #include "nsweakreference.h" class nsfoo : public nsifoo, ..., public
nssupportsweakreference { ...
XPCOM tasks
p3
nsstringtokenizer probably belongs in the parser.
... p2 classes that parallel standard library classes should have compatible apis, i.e., nsdeque bug 18505
nsstring nsavltree nshashtable our various array classes in some cases, this might initially be provided by additional interfaces.
font-family - CSS: Cascading Style Sheets
it also applies to ::first-letter and ::first-line.inheritedyescomputed valueas specifiedanimation typediscrete formal syntax [ <family-name> | <generic-family> ]#where <family-name> = <string> | <custom-ident>+<generic-family> = serif | sans-serif | cursive | fantasy | monospace examples some common font families .serif { font-family: times, times new roman, georgia, serif; } .sa
nsserif { font-family: verdana, arial, helvetica, sans-serif; } .monospace { font-family: lucida console, courier, monospace; } .cursive { font-family: cursive; } .fantasy { font-family: fantasy; } .emoji { font-family: emoji; } .math { font-family: math; } .fangsong { font-family: fangsong; } <div class="serif"> this is an example of a serif font.
... </div> <div class="sa
nsserif"> this is an example of a sans-serif font.
Creating custom Firefox extensions with the Mozilla build system - Archive of obsolete content
1 module = myextension library_name = myadvanced use_static_libs = 1 xpi_name = myextension defines += xpcom_glue shared_library_libs = \ $(dist)/lib/$(lib_prefix)myintricate_s.$(lib_suffix) \ $(dist)/lib/$(lib_prefix)mymultifarious_s.$(lib_suffix) \ $(dist)/lib/$(lib_prefix)xpcomglue_s.$(lib_suffix) \ $(dist)/lib/$(lib_prefix)xul.$(lib_suffix) \ $(dist)/lib/$(lib_prefix)
nss3.$(lib_suffix) \ $(null) cppsrcs = \ advanced.cpp \ $(null) include $(topsrcdir)/config/rules.mk local_includes += \ -i$(srcdir)/../intricate/src \ -i$(srcdir)/../multifarious/src \ $(null) the makefile in the advanced/ directory should list the intricate/, multifarious/ and build/ directories in its dirs variable.
Index of archived content - Archive of obsolete content
marin build system documentation tamarin releases tamarin-central rev 703:2cee46be9ce0 tamarin roadmap tamarin build documentation tamarin mercurial commit hook the download manager schema the life of an html http request the new
nsstring class implementation (1999) tracevis transforming xml with xslt:mozilla xslt transforming xml with xslt:the netscape xslt treehydra treehydra build instructions treehydra manual tuning pageload urischeme uris and urls uriloader using...
Nanojit - Archive of obsolete content
lins *rec_ins = out.i
nsskip(sizeof(guardrecord) + sizeof(sideexit)); guardrecord *guard = (guardrecord *) rec_ins->payload(); memset(guard, 0, sizeof(*guard)); sideexit *exit = (sideexit *)(guard + 1); guard->exit = exit; guard->exit->target = f; f->lastins = out.insguard(lir_loop, out.insimm(1), rec_ins); // compile the fragment.
String Rosetta Stone - Archive of obsolete content
find a substring
nsstring findinreadable(const nsastring& pattern, nsastring::const_iterator start, nsastring::const_iterator end,
nsstringcomparator& acomparator = nsdefaultstringcomparator()) std::string size_type find(const basic_string& s, size_type pos = 0) const size_type find(const chart* s, size_type pos, size_type n) const size_type find(const chart* s, size_type pos = 0) const size_type find(chart c, size_type pos = 0) const qstring int qstring::indexof ( const qstring & str, int from = 0, qt::casesensitivity cs = qt::casesensitive ) const format a printf style string
nsstring appendprintf() std::string n/a qstring qstring & qstring::sprintf ( const char * cformat, ...
ContextMenus - Archive of obsolete content
<script> function showhidedeleteitem() { var deleteitem = document.getelementbyid("delete"); var rows = document.getelementbyid("rows"); deleteitem.hidden = (rows.childnodes.length == 0); } </script> <menupopup id="i
nssel-menu" onpopupshowing="showhidedeleteitem()"> <menuitem label="insert"/> <menuitem id="delete" label="delete"/> </menupopup> in this example, the showhidedeleteitem function is called when the popupshowing event is fired.
Using LDAP XPCOM with XULRunner - Archive of obsolete content
ra_dso_ldopts += \ $(dist)/lib/$(lib_prefix)xpcomglue_s.$(lib_suffix) \ $(xpcom_frozen_ldopts) \ $(nspr_libs) \ $(null) include $(topsrcdir)/config/rules.mk defines += -dmoz_dll_prefix=\"$(dll_prefix)\" ldapstubloader.cpp: // copyright (c) 2005 benjamin smedberg <benjamin@smedbergs.us> #include "nscore.h" #include "nsmodule.h" #include "prlink.h" #include "nsilocalfile.h" #include "
nsstringapi.h" #include "nscomptr.h" static char const *const kdependentlibraries[] = { #ifdef ns_win32 moz_dll_prefix "nsldap32v50" moz_dll_suffix, moz_dll_prefix "nsldappr32v50" moz_dll_suffix, #endif //ns_win32 #ifdef ns_unix moz_dll_prefix "ldap50" moz_dll_suffix, moz_dll_prefix "prldap50" moz_dll_suffix, #endif //ns_unix nsnull }; // component.dll on windows, libcomponent.dll on linu...
2006-10-06 - Archive of obsolete content
as well as any protocols that you have implemented and are not in the list of protocols
nsscriptsecuritymanager::checkloaduri feed: consensus is that it should be allowed and treated as an ordinary link.
2006-09-29 - Archive of obsolete content
*/ virtual
nssize computesize(nscoord aavailwidth, nscoord amargin, nscoord aborder, nscoord apadding, prbool ashrinkwrap) = 0; details can be located at refactoring some of nshtmlreflowstate.
Table Reflow Internals - Archive of obsolete content
a continuation may also need to be continued continuations are linked together by previnflow and nextinflow pointers pagination illustration
nssimplepagesequence nspageframe nspagecontentframe areaframe (html) blockframe (body) nstableouterframe nstableouterframe blockframe (body) areaframe (html) nspagecontentframe continued nspageframe continued intro to paginated reflow the page sequence starts with one page and reflows it.
Gecko FAQ - Gecko Redirect 1
th content model style system (handles css, etc.) javascript runtime (spidermonkey) image library networking library (necko) platform-specific graphics rendering and widget sets for win32, x, and mac user preferences library mozilla plug-in api (npapi) to support the navigator plug-in interface open java interface (oji), with sun java 1.2 jvm rdf back end font library security library (
nss) original document information author(s): angus other contributors: ekrock, vidur, hidday, drunclear copyright information: portions of this content are © 1998–2006 by individual mozilla.org contributors; content available under a creative commons license ...
MDN Web Docs Glossary: Definitions of Web-related terms
nat native navigation directive netscape navigator network throttling nntp node node (dom) node (networking) node.js non-normative normative null nullish value number o object object reference oop opengl ope
nssl opera browser operand operator origin ota owasp p p2p pac packet page load time page prediction parameter parent object parse parser pdf perceived performance percent-encoding php pixel placeho...
Chrome registration
example chrome manifest content necko jar:comm.jar!/content/necko/ locale necko en-us jar:en-us.jar!/locale/necko/ content xbl-marquee jar:comm.jar!/content/xbl-marquee/ content pip
nss jar:pip
nss.jar!/content/pip
nss/ locale pip
nss en-us jar:en-us.jar!/locale/pip
nss/ # firefox-only overlay chrome://browser/content/pageinfo.xul chrome://pippki/content/pageinfooverlay.xul application={ec8030f7-c20a-464f-9b0e-13a3a9e97384} # seamonkey-only overlay chrome://navigator/content/pageinfo.xul chrome://pippki/content/pageinfooverlay.xul...
Simple Sunbird build
ubuntu linux: sudo apt-get build-dep sunbird sudo apt-get install mercurial libasound2-dev libcurl4-ope
nssl-dev libnotify-dev libiw-dev autoconf2.13 cvs fedora linux: sudo yum groupinstall 'development tools' 'development libraries' 'gnome software development' sudo yum install mercurial autoconf213 glibc-static libstdc++-static yasm wireless-tools-devel mesa-libgl-devel mac: install xcode tools.
Interface Compatibility
jsapi, nspr,
nss, and other libraries which are currently shipped as separate shared libraries may be integrated into libxul, and extension authors should avoid linking against them.
IME handling guide
the values are integer, 0: none, 1: dotted, 2: dashed, 3: solid, 4: double, 5: wavy (the values same as ns_style_text_decoration_style_* defined in
nsstyleconsts.h.
IPDL Tutorial
the built-in simple types include the c++ integer types (bool, char, int, double) and xpcom string types (
nsstring, nscstring).
Localization technical reviews
string lengths in pip
nss.properties there are some character limits in the security/manager/chrome/pip
nss/pip
nss.properties file that you should be aware of.
Investigating leaks using DMD heap scan mode
secondly, you may need to comment out the call to moz_crash("
nss_shutdown failed"); in xpcom/build/xpcominit.cpp, as this also seems to trigger when shutdown is extremely slow.
TraceMalloc
nstokenallocator 17 110007 60 388260 43 278253 15.36 nsimagegtk 476 2197708 341 2366564 -135 168856 9.32 nsmemcacherecord 843 45767 2328 124767 1485 79000 4.36 nstextnode 209 11704 1614 90384 1405 78680 4.34 htmlattributesimpl 482 14288 2824 88400 2342 74112 4.09
nsscanner 58 76824 94 146300 36 69476 3.83
nsscripterror 253 25070 842 91548 589 66478 3.67 nshtmldocument.mreferrer 177 21550 691 85460 514 63910 3.53 nshtmlvalue 139 7846 1215 68734 1076 60888 3.36 htmlcontentsink 6 4816 12 57782 6 52966 2.92 ...
ui.SpellCheckerUnderlineStyle
type:integer default value:5 exists by default: no application support: gecko 1.9.2 (firefox 3.6 / thunderbird 3.1 / fennec 1.0) status: active; last updated 2012-02-22 introduction: pushed to nightly on 2009-04-03 bugs: bug 338209 values the values are defined in
nsstyleconsts.h.
NSPR release procedure
note: for
nss, the script equivalent to nspr's repackage.sh is /u/robobld/bin/sbsinit/
nss/push/buildbindist.sh in the "svbuild" source tree.
PR_AttachThread
description you use pr_attachthread when you want to use
nss functions on the native thread that was not created with nspr.
NSPR
mailing list newsgroup rss feed related topics necko,
nss ...
CERT_FindCertByIssuerAndSN
>data; issuersn.derissuer.len = caname->len; issuersn.serialnumber.data = authoritykeyid->authcertserialnumber.data; issuersn.serialnumber.len = authoritykeyid->authcertserialnumber.len; issuercert = cert_findcertbyissuerandsn(cert->dbhandle, &issuersn); if ( issuercert == null ) { port_seterror (sec_error_unknown_issuer); } see also occurrences of cert_findcertbyissuerandsn in the current
nss source code (generated by lxr).
Deprecated SSL functions
function name/documentation source code replacement in
nss 3.2 ssl_enable mxr ssl_optionset ssl_enablecipher mxr ssl_cipherprefsetdefault ssl_enabledefault mxr ssl_optionsetdefault ssl_redohandshake mxr ssl_rehandshake ssl_setpolicy mxr ssl_cipherpolicyset ...
PKCS11
pkcs #11 information for implementors of cryptographic modules: implementing pkcs11 for
nss pkcs11 faq using the jar installation manager to install a pkcs #11 cryptographic module pkcs #11 conformance testing ...
FC_CloseSession
a user may call fc_closesession without logging into the token (to assume the
nss user role).
FC_CopyObject
a user must log into the token (to assume the
nss user role) before copying a secret or private key object.
FC_CreateObject
a user must log into the token (to assume the
nss user role) before calling fc_createobject.
FC_Decrypt
a user must log into the token (to assume the
nss user role) before calling fc_decrypt.
FC_DecryptDigestUpdate
a user must log into the token (to assume the
nss user role) before calling fc_decryptdigestupdate.
FC_DecryptFinal
a user must log into the token (to assume the
nss user role) before calling fc_decryptfinal.
FC_DecryptInit
a user must log into the token (to assume the
nss user role) before calling fc_decryptinit.
FC_DecryptUpdate
a user must log into the token (to assume the
nss user role) before calling fc_decryptupdate.
FC_WrapKey
a user must log into the token (to assume the
nss user role) before calling fc_wrapkey.
NSC_Login
the
nss cryptographic module doesn't allow the so to log in if the normal user's pin is already initialized.
ssltyp.html
upgraded documentation may be found in the current
nss reference selected ssl types and structures chapter 3 selected ssl types and structures this chapter describes some of the most important types and structures used with the functions described in the rest of this document, and how to manage the memory used for them.
modutil-tasks.html
nss security tools: modutil tasks newsgroup: mozilla.dev.tech.crypto task list the jar installation script is very fragile with respect to platform definitions (especially version numbers).
Necko Interfaces Overview
scheme, host, path, ...) per protocol implementation necko provides uri impl's for common uri formats (see
nsstandardurl,
nssimpleuri) nsichannel : nsirequest represents a logical connection to the resource identified by a nsiuri per protocol implementation single use (ie.
The JavaScript Runtime
string java.lang.charsequence (java.lang.string or org.mozilla.javascript.co
nsstring) object org.mozilla.javascript.scriptable in addition, ecma refers to objects that implement [[call]] as functions.
64-bit Compatibility
luckily there is an alias that will choose the right opcode for you - lir_ldp: struct object { void *data; }; lir->insload(lir_ldp, objins, ins->insimm(offsetof(object, data))); when you use lirwriter::i
nsstore, the correct size is chosen for you automatically, based on the size of the input operands.
Using RAII classes in Mozilla
in particular, a class derived from a class using these macros does not use moz_guard_object_notifier_init or moz_decl_use_guard_object_notifier, but instead uses either moz_guard_object_notifier_param_to_parent or moz_guard_object_notifier_only_param_to_parent:
nsspecialautoscriptblocker::
nsspecialautoscriptblocker(moz_guard_object_notifier_param_in_impl) : nsautoscriptblocker(moz_guard_object_notifier_only_param_to_parent) { } note that a few of these macros aren't actually implemented yet, but they can be implemented when needed.
Signing Mozilla apps for Mac OS X
you can find it by running this command in the terminal: ope
nssl x509 -text -noout -inform der -in devloperid_application.cer | grep subject putting it all together, you'll wind up using a command similar to the one below to sign your app.
Places Developer Guide
however, firefox developers can take advantage of several helper apis that are browser-specific: fuel - a collection of wrapper apis for easing access to a number of firefox utilities and services nsiplacestransactio
nsservice - a firefox service for modifying bookmarks in a transactional manner, providing facilities for undo/redo places utilities for javascript - accessors and helper functions for firefox and extensions creating bookmarks, folders and other items creating a bookmark // create an nsiuri for the url to be bookmarked.
Places utilities for JavaScript
bookmarks nsinavbookmarksservice history nsinavhistoryservice globalhistory nsibrowserhistory livemarks nsilivemarkservice annotations nsiannotationservice favicons nsifaviconservice microsummaries nsimicrosummaryservice tagging nsitaggingservice rdf nsirdfservice ptm nsiplacestransactio
nsservice clipboard nsiclipboard urifixup nsiurifixup special places these are essentially references to the id's of special folders within places.
XPCOM guide
mozilla::services namespacethe services c++ namespace offers an easy and efficient alternative for obtaining a service as compared to the indirect xpcom approach: getservice(), callgetservice(), etc methods are expensive and should be avoided when possible.receiving startup notificatio
nssometimes it's necessary for xpcom components to receive notifications as to the progress of the application's startup process, so they can start new services at appropriate times, for example.xpcom array guidemozilla has many array classes because each array is optimized for a particular usage pattern.
Standard XPCOM components
nsobserverservicethe xpcom observer service.
nsscriptableinputstreama component implementing nsiscriptableinputstream.
nsACString
#include "
nsstringapi.h" class nsacstring { ...
nsAString
#include "
nsstringapi.h" class nsastring { ...
nsAString (External)
<map id="classes" name="classes"> <area alt="" coords="963,6,1045,54" href="http://developer.mozilla.org/en/nsastring_(external)" shape="rect" title="nsastring_(external)"> <area alt="" coords="939,102,1069,150" href="http://developer.mozilla.org/en/
nsstringcontainer_(external)" shape="rect" title="
nsstringcontainer_(external)"> <area alt="" coords="548,198,676,246" href="http://developer.mozilla.org/en/
nsstring_external" shape="rect" title="
nsstring_external"> <area alt="" coords="700,198,913,246" href="http://developer.mozilla.org/en/nsdependentsubstring_external" shape="rect" title="nsdependentsubstring_external"> <area alt="" coords="937,198...
nsCString
names:
nsstring for wide characters nscstring for narrow characters this class is also known as nsaflat[c]string, where "flat" is used to denote a null-terminated string.
nsDependentSubstring external
r> operator!= equalsliteral lowercaseequalsliteral find(const nsastring&, print32 (*) find(const nsastring&, pruint32, print32 (*) find rfind(const nsastring&, print32 (*) rfind(const nsastring&, print32, print32 (*) rfind findchar rfindchar appendint tointeger base classes
nsstringcontainer data members no public members.
nsEmbedString
#include "nsembedstring.h" // or: #include "
nsstringglue.h" if inside gecko class nsembedstring : public nsastring { ...
XPCOM glue classes
this is done using the functions addref() and release(), which respectively modify a variable of type nsautorefcnt, which basically is a wrapper around a count of the number of references refering to the class.
nsstringclass declaration
nsstring externalclass declaration
nsstringcontainer (external)class declaration
nssupportsweakreferenceinherit from this c++ class to add canonical support for nsisupportsweakreference.nsxpidlcstringclass declarationnsxpidlstringclass declarationpromiseflatcstring (external)class declarationpromiseflatstring (external)class declaration ...
nsICryptoHMAC
these values map onto the values defined in mozilla/security/
nss/lib/softoken/pkcs11t.h and are switched to ckm_*_hmac constant.
nsICryptoHash
the values map directly onto the values defined in mozilla/security/
nss/lib/cryptohi/hasht.h.
nsIDocShell
historypurged() notification that entries have been removed from the beginning of a
nsshistory which has this as its rootdocshell.
nsIDragSession
targetsize
nssize sets the current width and height of the drag target area.
nsILoginManagerCrypto
note: the current implemention of this inferface simply uses
nss/psm's "secret decoder ring" service.
nsIPropertyBag
to do this use nsipropertybag: services.sysinfo.getproperty("version"); //output 5.1 services.sysinfo.getproperty("name"); //output windows_nt services.sysinfo.getproperty("arch"); //output x86 services.sysinfo.getproperty("haswindowstouchinterface"); //outputs false or true if windows touch is there consult the uxp repo (//github.com/realityripple/uxp/blob/master/xpcom/base/
nssysteminfo.cpp) for the properties supported.
XPCOM Interface Reference
ntrollernsicontrollersnsiconverterinputstreamnsiconverteroutputstreamnsicookiensicookie2nsicookieacceptdialognsicookieconsentnsicookiemanagernsicookiemanager2nsicookiepermissionnsicookiepromptservicensicookieservicensicookiestoragensicrashreporternsicryptohmacnsicryptohashnsicurrentcharsetlistenernsicyclecollectorlistenernsidbchangelistenernsidbfolderinfonsidnslistenernsidnsrecordnsidnsrequestnsid
nsservicensidomcanvasrenderingcontext2dnsidomchromewindownsidomclientrectnsidomdesktopnotificationnsidomdesktopnotificationcenternsidomelementnsidomeventnsidomeventgroupnsidomeventlistenernsidomeventtargetnsidomfilensidomfileerrornsidomfileexceptionnsidomfilelistnsidomfilereadernsidomfontfacensidomfontfacelistnsidomgeogeolocationnsidomgeopositionnsidomgeopositionaddressnsidomgeopositioncallbacknsidom...
XPCOM Interface Reference by grouping
nsifilespec nsifilestreams nsifileutilities nsifileview memory nsimemory network channel nsichannel nsichanneleventsink nsirequest nsirequestobserver nsiresumablechannel nsid
nsservice nsiftpchannel nsiftpeventsink nsihttpchannel nsihttpchannelinternal nsihttpheadervisitor nsiidnservice nsiprotocolhandler nsiprotocolproxycallback nsiprotocolproxyfilter nsiprotocolproxyservice nsiproxyinfo preferences nsiiniparser nsiiniparserfactory nsiprefbr...
NS_CStringAppendData
#include "
nsstringapi.h" nsresult ns_cstringappenddata( nsacstring& astring, const char* adata, pruint32 adatalength = pr_uint32_max ); parameters astring [in] a nsacstring instance to be modified.
NS_CStringCloneData
#include "
nsstringapi.h" char* ns_cstringclonedata( const nsacstring& astring ); parameters astring [in] a nsacstring instance whose data is to be cloned.
NS_CStringContainerFinish
#include "
nsstringapi.h" void ns_cstringcontainerfinish( nscstringcontainer& astring ); parameters astring [in] a nscstringcontainer instance that is no longer needed.
NS_CStringContainerInit
#include "
nsstringapi.h" nsresult ns_cstringcontainerinit( nscstringcontainer& astring ); parameters astring [in] a nscstringcontainer instance to be initialized.
NS_CStringContainerInit2
#include "
nsstringapi.h" nsresult ns_cstringcontainerinit2( nscstringcontainer& acontainer, const char* adata = nsnull, pruint32 adatalength = pr_uint32_max, pruint32 aflags = 0 ); parameters acontainer [in] the nscstringcontainer instance to initialize.
NS_CStringCopy
#include "
nsstringapi.h" nsresult ns_cstringcopy( nsacstring& adeststring, const nsacstring& asrcstring ); parameters adeststring [in] a nsacstring instance to be modified.
NS_CStringCutData
#include "
nsstringapi.h" nsresult ns_cstringcutdata( nsacstring& astring, pruint32 acutstart, pruint32 acutlength ); parameters astring [in] a nsacstring instance to be modified.
NS_CStringGetData
#include "
nsstringapi.h" pruint32 ns_cstringgetdata( const nsacstring& astring, const char** adata, prbool* aterminated = nsnull ); parameters astring [in] a nsacstring instance to inspect.
NS_CStringGetMutableData
#include "
nsstringapi.h" pruint32 ns_cstringgetmutabledata( nsacstring& astring, pruint32 adatalength, char** adata ); parameters astring [in] a nsacstring instance to modify.
NS_CStringInsertData
#include "
nsstringapi.h" nsresult ns_cstringinsertdata( nsacstring& astring, pruint32 aoffset, const char* adata, pruint32 adatalength = pr_uint32_max ); parameters astring [in] a nsacstring instance to be modified.
NS_CStringSetData
#include "
nsstringapi.h" nsresult ns_cstringsetdata( nsacstring& astring, const char* adata, pruint32 adatalength = pr_uint32_max ); parameters astring [in] a nsacstring instance to modify.
NS_CStringSetDataRange
#include "
nsstringapi.h" nsresult ns_cstringsetdatarange( nsacstring& astring, pruint32 acutstart, pruint32 acutlength, const char* adata, pruint32 adatalength = pr_uint32_max ); parameters astring [in] a nsacstring instance to modify.
NS_CStringToUTF16
#include "
nsstringapi.h" nsresult ns_cstringtoutf16( const nsacstring& asrc, nscstringencoding asrcencoding, nsastring& adest ); parameters asrc [in] a nsacstring instance containing the source string to be converted.
NS_StringCloneData
#include "
nsstringapi.h" prunichar* ns_stringclonedata( const nsastring& astring ); parameters astring [in] a nsastring instance whose data is to be cloned.
NS_StringCopy
#include "
nsstringapi.h" nsresult ns_stringcopy( nsastring& adeststring, const nsastring& asrcstring ); parameters adeststring [in] a nsastring instance to be modified.
NS_StringGetData
#include "
nsstringapi.h" pruint32 ns_stringgetdata( const nsastring& astring, const prunichar** adata, prbool* aterminated ); parameters astring [in] a nsastring instance to inspect.
NS_StringSetDataRange
#include "
nsstringapi.h" nsresult ns_stringsetdatarange( nsastring& astring, pruint32 acutstart, pruint32 acutlength, const prunichar* adata, pruint32 adatalength = pr_uint32_max ); parameters astring [in] a nsastring instance to modify.
NS_UTF16ToCString
#include "
nsstringapi.h" nsresult ns_utf16tocstring( const nsastring& asrc, nscstringencoding adestencoding, nsacstring& adest ); parameters asrc [in] a nsastring instance containing the source utf-16 string to be converted.
XPCOM reference
for example, to request the 'show all threads' view use the constant:
nsstaticmoduleinfothis data structure is used by ns_initxpcom3 to specify static xpcom modules.standard xpcom componentsthere are a number of components provided in the standard implementation of xpcom; these are as follows.xpcom glue classesthese "glue" classes are provided to make it easier to use xpcom from c++ code.xpcom interface referencethis is a reference to the xpcom interfaces provided by t...
Using the clipboard
const
nssupportsstring = components.constructor("@mozilla.org/supports-string;1", "nsisupportsstring"); function supportsstring(str) { // create an instance of the supports-string class var res =
nssupportsstring(); // store the javascript string that we want to wrap in the new nsisupportsstring object res.data = str; return res; } // create a constructor for the built-in transferable...
ctypes
lib
nss3.dylib for
nss3 on os x.) string libraryname( name ); parameters name the name of the library.
How to - Firefox Developer Tools
access debugging in add-onsbreaking on exceptionsdebug eval sourcesdisable breakpointsexamine, modify, and watch variableshighlight and inspect dom nodesignore a sourceopen the debuggerpretty-print a minified filesearchset a breakpointset a conditional breakpointset watch expressio
nsstep through codeuse a source mapuse watchpoints ...
Index - Web APIs
3308 rtcicecandidatepairstats.retransmissio
nssent the rtcicecandidatepairstats dictionary's retransmissio
nssent property indicates the total number of stun connectivity check request retransmissions that have been sent so far on the pair of candidates.
Strict-Transport-Security - HTTP
information regarding the hsts preload list in chrome : https://www.chromium.org/hsts consultation of the firefox hsts preload list :
nsstspreloadlist.inc examples all present and future subdomains will be https for a max-age of 1 year.
Web app manifests
click each one for more information about it: background_colorcategoriesdescriptiondirdisplayiarc_rating_idiconslangnameorientationprefer_related_applicationsrelated_applicatio
nsscopescreenshotsserviceworkershort_nameshortcutsstart_urltheme_color example manifest { "name": "hackerweb", "short_name": "hackerweb", "start_url": ".", "display": "standalone", "background_color": "#fff", "description": "a simply readable hacker news app.", "icons": [{ "src": "images/touch/homescreen48.png", "sizes": "48x48", "type": "image/png" }, { "src": "imag...
Subresource Integrity - Web security
tools for generating sri hashes you can generate sri hashes from the command-line with ope
nssl using a command invocation such as this: cat filename.js | ope
nssl dgst -sha384 -binary | ope
nssl base64 -a or with shasum using a command invocation such as this: shasum -b -a 384 filename.js | awk '{ print $1 }' | xxd -r -p | base64 notes: the pipe-through-xxd step takes the hexadecimal output from shasum and converts it to binary.