81295 – Adopt Mac OS X crypto API instead of using Mozilla's

Issue 81295 - Adopt Mac OS X crypto API instead of using Mozilla's

Summary: Adopt Mac OS X crypto API instead of using Mozilla's

Status:	CLOSED WONT_FIX

Alias:	None

Product:	General
Classification:	Code
Component:	code (show other issues)
Version:	current
Hardware:	Mac Mac OS X, all

Importance:	P3 Trivial (vote)
Target Milestone:	---
Assignee:	joachim.lingner
QA Contact:	issues@framework

URL:
Keywords:	aqua

Duplicates (1):	77589 (view as issue list)
Depends on:
Blocks:

Reported:	2007-09-05 14:53 UTC by jogi
Modified:	2013-08-07 15:31 UTC (History)
CC List:	2 users (show)

See Also:
Issue Type:	FEATURE
Latest Confirmation in:	---
Developer Difficulty:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description jogi 2007-09-05 14:53:44 UTC

To avoid dependencies to other libs and to get a better system integration (like
Win32) use the Mac OS X crypto API instead of the one from Mozilla (-> xmlsecurity).

MT, would you please write down which steps need to be done to get this work
done in Cocoa? Thx!

Comment 1 jogi 2007-09-05 14:55:34 UTC

adding keyword

Comment 2 jogi 2007-09-05 14:56:48 UTC

MT, please send the issue then to user 'macport' Thx.

Comment 3 philipp.lohmann 2007-09-07 10:31:07 UTC

mt told me that the system specific integration on Win32 is currently achieved
by libxmlsec itself which is compiled differently to support Windows' on API. A
similar approach for MacOSX would be possible, however the version of libxmlsec
we currently have is quite old; we'd need to switch to a newer version and port
up all our patches that we apply to libxmlsec before compiling it.

Comment 4 malte_timmermann 2007-11-14 13:25:01 UTC

JL...

Comment 5 stephan_schaefer 2007-11-16 15:52:43 UTC

*** Issue 77589 has been marked as a duplicate of this issue. ***

Comment 6 kai.sommerfeld 2007-12-06 15:30:16 UTC

jsi: Sorry, no time to implement this for 3.0. => 3.x

Comment 7 joachim.lingner 2008-05-08 13:43:59 UTC

Comment 8 joachim.lingner 2009-07-22 10:03:23 UTC

These are actually two things here.
1. Dependency on NSS libs (Mozilla)
2. System integration.

#1. I think it is absolutely ligitimate to use NSS (Mozilla) libs rather then
those from MacOS. The MacOS security lib does NOT make clear what standards it
follows when for example verifying a certificate. 

Also the libxmlsec library (external) which actual creates the XML signature
does not support MacOS. Replacing it will be a huge effort. Keeping in mind that
the legal value of our signature is more than  questionable, this effort is not
justified.

#2. I agree that one should be able to use the system's certificate store. If
this is what you intended please submit a separate issue.

Comment 9 joachim.lingner 2009-07-22 10:04:14 UTC