Closed Bug 358219 Opened 19 years ago Closed 8 years ago

Support AES in CFB mode

Categories

(NSS :: Libraries, enhancement)

Product:
NSS
Component:
Libraries
Version:
3.11
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: allan, Unassigned)

Details

I would like to see NSS support AES in CFB mode, at least CFB128, which is rather straight forward to support. I have it running outside NSS, and will look at getting into NSS.
Status: NEW → ASSIGNED
Severity: normal → enhancement
What standard protocol (e.g. SSL, CMS, etc.) will make use of this?
(In reply to comment #1) > What standard protocol (e.g. SSL, CMS, etc.) will make use of this? SNMP: http://www.rfc-archive.org/getrfc.php?rfc=3826
What SNMP implementation uses NSS? What products use it?
NSS can be used as a general-purpose crypto library. Using NIST's AES Validation List as a competitive analysis tool, I found that many crypto modules, including OpenSSL and RSA BSAFE Crypto-C, support AES in CFB mode. On the other hand, there are no PKCS #11 mechanisms for AES in CFB mode, which suggests there is not much demand for this AES mode.
(In reply to comment #3) > What SNMP implementation uses NSS? What products use it? I have no idea about that. Your Google Search is as good as mine :) RFC3826 is exactly what I need for my purposes. What is the underlying question behind all these questions?
Allan, are you using NSS to implement RFC 3826 for SNMP? To add support of AES in CFB mode to NSS properly, we need to go through a beauraucratic process of adding new "mechanisms" for AES in CFB mode to the PKCS #11 standard. So, as I suggested in the newsgroup, in the interim you can implement the CFB mode yourself using the ECB mode as a primitive. This should be straightforward.
(In reply to comment #6) > Allan, are you using NSS to implement RFC 3826 for SNMP? No. > To add support of AES in CFB mode to NSS properly, we > need to go through a beauraucratic process of adding > new "mechanisms" for AES in CFB mode to the PKCS #11 standard. Ah, hence all these questions. It's not really a big deal for me, I just thought it would be a plus for NSS, and a fun addition for me to do. But if it is an uphill battle, I'll leave it here. > So, as I suggested in the newsgroup, in the interim you > can implement the CFB mode yourself using the ECB mode as > a primitive. This should be straightforward. I know. I also replied in the same newsgroup, that I've had that working for some time :)
I got across the similar problem trying to use JSS/NSS as crypto provider in my JAVA0-based management application that supports SNMPv3 (including, but not limited to RFC3826). I also had to implemented a workaround, similar to what Alan did - in my case, in form of the additional JCA crypto provider, that sits on top of the JSS crypto provider and implements AES/CFB in terms of AES/ECB (delegating basic AES encryption to JSS/NSS and actually performing only proper XOR's for encrypted blocks). However I wonder whether there are any plans to add native implementation of AES/CFB to NSS library? AFAIK SNMPv3 is very common today, and it's commonly used with AES/CFB encryption - so it would be really nice if NSS/JSS could natively support this cipher.
I have started the aptly-described "bureaucratic process of adding new "mechanisms" for AES in CFB mode to the PKCS #11 standard."
Has there been any action on this? It appears that there are now PKCS#11 identifiers for CFB modes, CKM_AES_CFB8, CKM_AES_CFB64, and CKM_AES_CFB128. This would be helpful for WebCrypto. https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#aes-cfb
Richard: no, I don't know of any work on this bug.
Is this related to the AES-CFB that webkit implemented for WebCrypto and that is now available in the Safari Preview 25? https://bugs.webkit.org/show_bug.cgi?id=168344 https://webkit.org/blog/7432/release-notes-for-safari-technology-preview-25/
AES-CFB isn't part of webcrypto (not sure why webkit implements it). While it made it into PK11 by now I don't think we should _add_ support for AES-CFB in 2017. If there's a need for this somewhere, re-open.
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.