[xmlsec] MS Crypto API support

Aleksey Sanin aleksey@aleksey.com
Tue, 08 Apr 2003 08:20:07 -0700


>Copied the files to a mscrypto directory and renamed all SKELETON to
>MSCRYPTO and Skeleton to MSCrypto (perl -pi.bak -e "s/Skeleton/MSCrypto/g"
>files... makes that very easy)
>
:) You also need to replace skeleton --> mscrypto and SKELETON -> 
MSCRYPTO as well :)

>Added to xmlsec/crypto.h the MSCRYPTO definitions and includes. (for the
>symbols as your are mentioning) and changed the Makefile.msvc to support
>the MSCRYPTO components. (as well as the jsfile to mention existence of
>this)
>  
>
Good!

>At this moment I am a bit stuck with undeclared identifiers for
>xmlSecMSCryptoTransformHmacSha1Id (and 2 others like that) although they
>are part of the symbols.h file in the mscrypto directory....
>
There is only a mapping  in symbols.h. You need to create these 
transforms by yourself.
This is exactly what xmlsec-crypto library is supposed to do. Please 
check the OpenSSL/GnuTLS/NSS
code for examples. I'll try to write some documentation in next couple 
days, hope this will help.

>I would be happy to contribute the code to the project and I don't think
>that my company will make an issue of that. (I'll check to be on the safe
>side, but it is just a formality)
>
Good, very good news! A lot of people have asked about MSCrypto support.

>What is the preferred way to add it to the library ?
>  
>
I am planing to do a 1.0 release very soon and I would prefer to limit 
the checkins to the main tree
right now. Probably before checking in new crypto library it would be 
nice to create basic infrastructure
for MSCrypto support (seems you already very close with it) and few 
simple transforms similar to
what was implemented for NSS and GnuTLS (sha1, hmac, des, aes transforms 
and keys). For now
I would like to review the code before checking in so just send me 
patches against the current CVS trunk
(cvs -z3 diff -u -N will do but you need to add all new files first).

>In the mean time I will take some time to get these failures out of the
>way (I prefer to work on linux as it is more clear what you are doing....)
>and add the first support as you suggest.
>  
>
The only thing you need is to implement MS Crypto for Linux :) :) :)


Aleksey