NSS 3.16.1 release notes


Network Security Services (NSS) 3.16.1 is a patch release for NSS 3.16. The bug fixes in NSS 3.16.1 are described in the “Bugs Fixed” section below.

Distribution Information

The HG tag is NSS_3_16_1_RTM. NSS 3.16.1 requires NSPR 4.10.5 or newer.

NSS 3.16.1 source distributions are available on ftp.mozilla.org for secure HTTPS download:

New in NSS 3.16.1

New Functionality

  • Added the “ECC” flag for modutil to select the module used for elliptic curve cryptography (ECC) operations.

New Functions

  • in pk11pub.h

    • PK11_ExportDERPrivateKeyInfo and PK11_ExportPrivKeyInfo - exports a private key in a DER-encoded ASN.1 PrivateKeyInfo type or a SECKEYPrivateKeyInfo structure. Only RSA private keys are supported now.

  • in secmod.h

    • SECMOD_InternalToPubMechFlags - converts from NSS-internal to public representation of mechanism flags.

New Types

  • in sslt.h

    • ssl_padding_xtn - the value of this enum constant changed from the experimental value 35655 to the IANA-assigned value 21. .

New Macros

  • in secmod.h

    • PUBLIC_MECH_ECC_FLAG - a public mechanism flag for elliptic curve cryptography (ECC) operations.

  • in utilmodt.h

    • SECMOD_ECC_FLAG - an NSS-internal mechanism flag for elliptic curve cryptography (ECC) operations. This macro has the same numeric value as PUBLIC_MECH_ECC_FLAG.

Notable Changes in NSS 3.16.1