[Swan-dev] [cryptography] Announcing Mozilla::PKIX, a New Certificate Verification Library (fwd)

Paul Wouters paul at nohats.ca
Thu Apr 10 18:43:22 EEST 2014


On Thu, 10 Apr 2014, Lennart Sorensen wrote:

>> Libreswan already depends on NSS for crypto, not openssl.
>
> Well openswan didn't.  We haven't upgraded yet.
>
> I would highly suggest reconsidering the use of libnss.

And use 15 year old cryptographic code that has seen no audit?

And having to extend that old code that only supports AES/3DES and
MD5/SHA1 with newer algorithms to support SHA2, SHA3, AES-GCM, AES-CCM,
AES-CTR, and IPsec suite B Elliptic Curves?

And than who will pay to audit/certify that code?

We had to switch to a library to do this work. As the codebase already
supported using NSS instead of our old code, we opted to continue
that path.

The same is true for the X.509 support required, and adding to the code
that deals with ASN.1/X.509 parsing of the above mentioned new crypto.

And this is true not only for the userland, but also applies to KLIPS
versus NETKEY/XFRM.

Now, we only use a very small portion of NSS, and perhaps we can talk to
the NSS people about factoring that out into a separate smaller library.

We understand the pain of having to add NSS to embedded platforms. But
there is really no alternative. The only switching that is possible
would be from NSS to openssl. It would make life easier on embedded
platforms that already need openssl. But for us it adds the overhead
of all the certificate loading/parsing code as openssl does not have
the same concept as the NSS DB for a "store" of cryptographic information.

Paul


More information about the Swan-dev mailing list