Difference between revisions of "OS X Keychain integration"

From CDOT Wiki
Jump to: navigation, search
(Project Leader(s))
(Code Pages)
 
(53 intermediate revisions by 4 users not shown)
Line 5: Line 5:
 
== Project Description ==
 
== Project Description ==
  
The [http://developer.mozilla.org Mozilla Developer Center] would like to add a CSS guide to its set of major documents, covering at least the top 100 CSS properties in use on the web today.  This data can be obtained through tools .  It should include numerous examples, and a fair number of small tutorial/how-to sections for different common tasks or requests from web authors.
+
The goal of this project is to enable Firefox to use the Keychain service available in Mac OS X in order to store saved passwords for consistency and ease of use.
  
Reference: [http://developer.mozilla.org/en/docs/CSS_Reference CSS Reference]
+
Related links:  
 +
;[http://developer.apple.com/documentation/Security/Reference/keychainservices/index.html#//apple_ref/doc/uid/TP30000898 Keychain Services Reference]
 +
;[http://www.apple.com/macosx/features/security/ Mac OS X Security]
 +
;[https://bugzilla.mozilla.org/show_bug.cgi?id=106400 BugZilla Reference]
 +
;http://wiki.mozilla.org/Firefox:Password_Manager
  
 
== Project Leader(s) ==
 
== Project Leader(s) ==
  
;[[User:Davenrathh|Dave Bertenshaw]]
 
;[[User:philly|Philip Vitorino]]
 
 
;[[User:moe|Mohammad Tirtashi]]
 
;[[User:moe|Mohammad Tirtashi]]
 +
;[[User:Pcvitori|Philip Vitorino]]
  
Name(s) of primary people working on the project.  If you want to join a project as leader, discuss with other leaders first.  Include links to personal pages within wiki
+
== Project Contributor(s) ==
 +
N/A
 +
 
 +
== Project Details ==
 +
 
 +
:How to approach the problem:
 +
:# Analyze the existing code for Keychain support in the Camino browser.
 +
:# Review the existing Keychain support code in the Firefox codebase which was originally added by Apple.
 +
:# Understand how wallet works and how passwords are stored in Firefox. Thereby learning how to interject our Keychain piece in the middle.
 +
:# Clarify our objective in terms of what our main focus will be in this project. ie (Full keychain support w/o wallet, keychain support + wallet at its side, etc...)
 +
 
 +
== Project News ==
 +
 
 +
* '''September 16, 2006''' - Dave is looking into getting Mac hardware access for this, and should know soonAlso, you want to ping '''mento''' for this, not '''stuart'''.  '''mento''' is in #seneca.
 +
 
 +
:I have tried to contact stuart on irc who idles both #seneca and #camino. I think he will be the go to guy if we have any questions in regards to OS X related Mozilla stuff. He should be able to point us to the right direction.
 +
 
 +
* '''September 22, 2006''' - Moe and Phil ventured through the firefox code and found some implementations of the osx keychain that were disabled. We enabled those options and Moe will recompile the code over night so we can further our tests tomorrow.
 +
 
 +
* '''September 23, 2006''' - Moe tested his newly built firefox with the osx options enabled, but nothing happened. Both Phil and Moe then continued to look through the firefox code and located various instances of logic towards Apple's keychain.
 +
 
 +
* '''September 30, 2006''' - We have been informed by one of the Camino team members that they are no longer supporting keychain manager in their next version of Camino. As far as this project is concerned we have decided to also follow their move into avoiding the keychain manager and use  keychain service calls for our purpose.
 +
 
 +
* '''September 30, 2006''' - Phil continued looking through existing Firefox code to further understand the current wallet and existing keychain implementations. The following data files were found and analyised:
 +
** [http://lxr.mozilla.org/mozilla1.8.0/source/browser/components/shell/src/nsMacShellService.cpp#403 nsMacShellServer.cpp#403]
 +
** [http://lxr.mozilla.org/mozilla1.8.0/source/extensions/wallet/src/wallet.cpp wallet.cpp] - Used for Sea Monkey
 +
** [http://lxr.mozilla.org/mozilla1.8.0/source/extensions/wallet/src/singsign.h singsign.h] - Used for Sea Monkey
 +
** [http://lxr.mozilla.org/mozilla1.8.0/source/extensions/wallet/src/singsign.cpp singsign.cpp] - Used for Sea Monkey
 +
** [http://lxr.mozilla.org/mozilla1.8.0/source/toolkit/locales/en-US/chrome/passwordmgr/passwordmgr.properties#43 passwordmgr.properties#43] - GUI Starting point properties for the current wallet. I am currently following these values:
 +
<pre>
 +
42 rememberButtonText = &Remember
 +
43 notNowButtonText = &Not Now
 +
44 neverForSiteButtonText = Ne&ver for This Site
 +
</pre>
 +
 
 +
* '''October 7th, 2006''' - Moe and Phil ventured through the nsPasswordManager.cpp file and tried to decipher its contents. We then began setting up our svn that Andrew created for us.
 +
 
 +
* '''October 14th, 2006''' - We located an application (http://homepage.mac.com/agerson/examples/keychain/) today that utilizes the various features of Apple’s keychain API. This application allowed us to understand how the API works, even though it’s coded in objective-c. We then created a branch of our Mozilla 1.5.0.7 trunk and created our keychain integration files.
 +
:*Keychain.cpp
 +
:*Keychain.h
 +
 
 +
:Let the coding begin!
 +
 
 +
* '''October 21st, 2006''' - We began writing simple code to create and retrieve keychain items. Before we implement test code into our Firefox build, we decided to create the C files on there own first, then integrate later. Our main goals today are:
 +
:# Create keychain items
 +
:# Retrieve keychain items
 +
:# Output to standard output.
 +
 
 +
:Bug Fix: That application we found contained a bug that would prevent it from saving the keychain item description to Apple's keychain. Using our newbie objective-c skills, we located and fixed the problem.
 +
 
 +
:* We added the method '''createKeychainItem()''', which creates a keychain item based on the passed in parameters.
 +
:* Began writing logic to retrieve the username and password in the keychain item.
 +
 
 +
* '''November 11th, 2006''' - The following events occurred today:
 +
:* Moe determined that two functions within the keychain reference API already create and retrieve internet passwords. The functions for saving and retriving a keychain item were created.   
 +
:* Phil began locating a starting point to fork their objects into the FF code: [http://lxr.mozilla.org/mozilla1.8/source/toolkit/components/satchel/src/nsFormFillController.cpp#519 nsFormFillController.cpp]
 +
:* After working on MAC1 for more then 15 minutes, the screen froze. After three more tries with no success, all work had to be moved onto MAC2. Currently, MAC2 has a issue with its display that is VERY distracting to the user. The desktop background had to be changed to black to somewhat resolve the issue.
 +
:* A problem occurred when the intel build from Moe's mac was placed on MAC2 (G4). Moe had to reinstall xcode so that universal binaries could be supported.
 +
 
 +
* '''November 21st, 2006''' - Currently waiting for assistance on implementing our keychain code into the Mozilla tree. There is an issue that also affects our project regarding the usage of Security.framework and protypes.h. Bug [https://bugzilla.mozilla.org/show_bug.cgi?id=360583 #360583] is currently investigating this issue.
 +
 
 +
* '''December 3rd, 2006''' - Phil decided to implement our working code on friday into the current Firefox build. Thanks to MAC1 crashing, a network cable missing from MAC2, and the orange Firefox build for Mac OS X, I didnt accomplish anything.
  
== Project Contributor(s) ==
+
* '''December 8th, 2006''' - Both MAC1 and MAC2 have been fixed. Myself and Moe began hacking our Keychain code into the Mozilla tree, through the nsPasswordManager.cpp file. This file is primarily used by Firefox to record and retrieve passwords from a flat file system. As we were implementing the code, we realized that FF wont build unless the security framework was included into the build process. Venturing into IRC produced the following results:
 +
:* We have to include the '''-framework Security''' into the build process where ever we are linking in the tree.
 +
:* We were unsuccessful with our first attempt at building Firefox, with the our keychain code:
 +
<pre>
 +
c++ -o nsPasswordManager.o -c  -DMOZILLA_INTERNAL_API -DOSTYPE=\"Darwin8.8.2\" -DOSARCH=\"Darwin\" -DBUILD_ID=0000000000 
 +
-I../../../../dist/include/necko
 +
-I../../../../dist/include/xpcom -I../../../../dist/include/string -I../../../../dist/include/windowwatcher
 +
-I../../../../dist/include/uriloader
 +
-I../../../../dist/include/pref -I../../../../dist/include/intl -I../../../../dist/include/dom
 +
-I../../../../dist/include/content
 +
-I../../../../dist/include/layout -I../../../../dist/include/widget -I../../../../dist/include/autocomplete
 +
-I../../../../dist/include/pipnss
 +
-I../../../../dist/include/unicharutil -I../../../../dist/include  -I../../../../dist/include/passwordmgr
 +
-I../../../../dist/include/nspr  -DMOZ_PNG_READ
 +
-DMOZ_PNG_WRITE  -I../../../../dist/sdk/include    -mdynamic-no-pic  -fno-rtti -fno-exceptions -Wall -Wconversion -Wpointer-arith -Wcast-align
 +
-Woverloaded-virtual -Wsynth -Wno-ctor-dtor-privacy -Wno-non-virtual-dtor -Wno-long-long -fpascal-strings -no-cpp-precomp -fno-common -fshort-wchar
 +
-I/Developer/Headers/FlatCarbon -pipe  -DNDEBUG -DTRIMMED -O  -DMOZILLA_CLIENT -include ../../../../mozilla-config.h -Wp,-MD,.deps/nsPasswordManager.pp
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp
 +
In file included from /Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:39:
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:52:28: error:
 +
CoreFoundation.h: No such file or directory
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:53:22: error:
 +
Security.h: No such file or directory
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:146: error:
 +
'SecProtocolType' has not been declared
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:146: error:
 +
'SecAuthenticationType' has not been declared
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:151: error:
 +
'SecProtocolType' has not been declared
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:151: error:
 +
'SecAuthenticationType' has not been declared
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:159: error:
 +
ISO C++ forbids declaration of 'keychain' with no type
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:159: error:
 +
expected ';' before '*' token
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:
 +
In destructor 'virtual
 +
nsPasswordManager::~nsPasswordManager()':
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:225: error:
 +
'inst' was not declared in this scope
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:
 +
In member function 'int nsPasswordManager::ChangeInternetPassword(OpaqueSecKeychainItemRef*, int, const char*, int, const void*)':
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2125: error:
 +
'kSecAccountItemAttr' was not declared in this scope
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2128: error:
 +
'SecKeychainItemModifyAttributesAndData' was not declared in this scope
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2132: error:
 +
'SecKeychainItemModifyAttributesAndData' was not declared in this scope
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp: At global scope:
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2144: error:
 +
'SecProtocolType' has not been declared
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2144: error:
 +
'SecAuthenticationType' has not been declared
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:
 +
In member function 'int nsPasswordManager::RetrieveInternetPassword(OpaqueSecKeychainRef*, int, const char*,
 +
int, const char*, int, const char*,
 +
int, int, int, UInt32*, void**, OpaqueSecKeychainItemRef**)':
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2149: error:
 +
'SecKeychainFindInternetPassword' was not declared in this scope
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp: At global scope:
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2162: error:
 +
'SecProtocolType' has not been declared
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2164: error:
 +
'SecAuthenticationType' has not been declared
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp: In member
 +
function 'int nsPasswordManager::AddInternetPassword(OpaqueSecKeychainRef*, int, const char*, int, const char*, int,
 +
const char*, int, const char*, int, int, int, int, const void*, OpaqueSecKeychainItemRef**)':
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2171: error:
 +
'SecKeychainAddInternetPassword' was not declared in this scope
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:
 +
In static member function 'static nsPasswordManager* nsPasswordManager::getInstance()':
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2177: error:
 +
'inst' was not declared in this scope
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2180: error:
 +
'inst' was not declared in this scope
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp: At global scope:
 +
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2184: error:
 +
'nsPasswordManager* nsPasswordManager::inst' is not a static member of 'class nsPasswordManager'
 +
make[6]: *** [nsPasswordManager.o] Error 1
 +
make[5]: *** [libs] Error 2
 +
make[4]: *** [libs] Error 2
 +
make[3]: *** [libs_tier_toolkit] Error 2
 +
make[2]: *** [tier_toolkit] Error 2
 +
make[1]: *** [default] Error 2
 +
make: *** [build] Error 2
 +
</pre>
 +
:* Our custom keychain class is now fully commented and available for online viewing. A test main is provided as well as the Xcode project for those who are interesting in compiling the code.
 +
:* The following chat was recorded, discussing a new MoCo involvement in the OS X Keychain integration project:
 +
<pre>
 +
20:29 <dolske> ping?
 +
20:31 <dolske> I saw to mention you're working on adding a build flag, and adding the "os x security
 +
              framework"?
 +
20:33 <philly> yeah
 +
20:34 <philly> whats up?
 +
20:36 <dolske> What exactly does the latter (OS X) part mean?
 +
20:37 <philly> im working on a project that will add os x keychain support to firefox
 +
20:37 <philly> were trying to get the security framework
 +
20:37 <dolske> ah, that's what I suspected. :-)
 +
20:37 <philly> into the build.
 +
20:38 <dolske> One of the new MoCo guys was startign to look at that too, and I'm starting to whack
 +
              passwordmgr with a big stick.
 +
20:39 <philly> yeah.. thats basically what were doing
 +
20:39 <philly> we have working code that add's and retreives keychain items from the keychain manager
 +
20:41 <philly> we have had working code for a while now, but dont know the moz tree well enough to
 +
              implement the code.
 +
20:41 <philly> so its a lot of trial and error
 +
20:41 <dolske> You may want to ping Collin Barrett (cbarrett) so you're not duplicating work.
 +
20:41 <philly> will do
 +
20:42 <dolske> Although I think he's not actually starting for a couple of weeks, so I don't know how
 +
              much he's around.
 +
20:43 <philly> i'll give me a shout as soon as i see him.. thanks for the info
 +
20:43 <philly> s/me/him/
 +
20:43 <dolske> Looks like timber@lava.net is his current email.
 +
20:44 <dolske> Also... Did you get the build flag added? I'm about to do the same, and was wondering
 +
              what was involved. :-)
 +
20:45 <philly> we located flag: -framework Security
 +
20:46 <philly> there could be more
 +
20:47 <dolske> Oh, I thought you were looking at a --enable-moz-foo type flag.
 +
20:47 <philly> yeah.. we dont know if we found the right one
 +
20:48 <philly> i was talking to some of the camino guys about flags
 +
20:48 <dolske> ah.
 +
20:49 <philly> im not sure if those flags are apart of the camino build though.. it appears they know
 +
              nothing about the ff build process
 +
20:49 <philly> im a student at seneca college btw.. we have a project page for this
 +
20:49 <dolske> heh, that seems to be a common problem. :-)
 +
20:50 <philly> http://zenit.senecac.on.ca/wiki/index.php/OS_X_Keychain_integration
 +
20:50 <dolske> ah, cool.
 +
20:51 <dolske> oh, Camino already supports Keychain? Hmpf.
 +
20:51 <philly> yeah.. but its not using the latest security framework from apple
 +
20:51 <dolske> ...but they're dropping it? hmm.
 +
20:51 <philly> so they're gonna pull it out
 +
20:51 <philly> otherwise
 +
20:51 <philly> we would be copying some code.. :)
 +
20:51 <dolske> ah, "why" was my next question.
 +
20:52 <dolske> I wonder if they can't use a newer framework because they want to support older OS X
 +
              versions?
 +
20:53 <philly> hmm.. i never thought of that
 +
20:53 <dolske> I think FF3 will currently require 10.2 (with 10.3 recommended)
 +
20:56 <philly> yeah.. i think 10.2 is the base for the latest framework
 +
20:56 <philly> there is also a patch that you have to apply
 +
20:57 <philly> bug 360583
 +
21:12 -!- dolske [dolske@moz-46636307.office.mozilla.org ] has quit [Quit: dolske]
 +
</pre>
  
Name(s) of people casually working on the project, or who have contributed significant help.  Include links to personal pages within wiki
+
==Project Download==
  
NOTE: only Project Leader(s) should add names here.  You '''can’t''' add your own name to the Contributor list.
+
Currently, our latest developments into the integration of Apple's Keychain manager into Firefox can be downloaded by a zipped file or through svn.
  
== Project Details ==
+
===Archive===
 +
This file contains the:
 +
:*C++ code that was written to save and retrieve items from the Keychain Manager in OS X.
 +
:*Xcode project file ready to be compiled.
 +
:*A patch is also included depicting our latest efforts in integrating the code into the Mozilla Tree.
  
Provides more depth than the Project Description. This is the place for technical discussions, project specs, or other details. If this gets very long, you might consider breaking this part into multiple pages and linking to them.
+
::[http://mo3b.com/keychain.zip Download archive]
 +
::[http://mo3b.com/keychain/ View the source online]
  
== Project News ==
+
==== Code Pages ====
  
This is where your regular updates will go. In these you should discuss the status or your work, your interactions with other members of the community (e.g., Seneca and Mozilla), problems you have encountered, etc.
+
*[[OS_X_Keychain_integration_Keychain.h|keychain.h]]
 +
*[[OS_X_Keychain_integration_Keychain.cpp|keychain.cpp]]
 +
*[[OS_X_Keychain_integration_Keychain_main.cpp|main.cpp]]
 +
*[[OS_X_Keychain_integration_osxkeychain.patch|osxkeychain.patch ]]
  
Put detailed technical information into the Project Details page (i.e., update it as you go), and save this section for news about participation in the project.
+
===SVN===
 +
The repository contains a snapshot of the latest Mozilla tree (captured on Dec 5th, 2006). Use the following command to download our latest code efforts.
 +
<pre>
 +
svn co svn://cdot.senecac.on.ca/osxkeychain/trunk/
 +
</pre>

Latest revision as of 21:04, 8 February 2007

Project Name

OS X Keychain

Project Description

The goal of this project is to enable Firefox to use the Keychain service available in Mac OS X in order to store saved passwords for consistency and ease of use.

Related links:

Keychain Services Reference
Mac OS X Security
BugZilla Reference
http://wiki.mozilla.org/Firefox:Password_Manager

Project Leader(s)

Mohammad Tirtashi
Philip Vitorino

Project Contributor(s)

N/A

Project Details

How to approach the problem:
  1. Analyze the existing code for Keychain support in the Camino browser.
  2. Review the existing Keychain support code in the Firefox codebase which was originally added by Apple.
  3. Understand how wallet works and how passwords are stored in Firefox. Thereby learning how to interject our Keychain piece in the middle.
  4. Clarify our objective in terms of what our main focus will be in this project. ie (Full keychain support w/o wallet, keychain support + wallet at its side, etc...)

Project News

  • September 16, 2006 - Dave is looking into getting Mac hardware access for this, and should know soon. Also, you want to ping mento for this, not stuart. mento is in #seneca.
I have tried to contact stuart on irc who idles both #seneca and #camino. I think he will be the go to guy if we have any questions in regards to OS X related Mozilla stuff. He should be able to point us to the right direction.
  • September 22, 2006 - Moe and Phil ventured through the firefox code and found some implementations of the osx keychain that were disabled. We enabled those options and Moe will recompile the code over night so we can further our tests tomorrow.
  • September 23, 2006 - Moe tested his newly built firefox with the osx options enabled, but nothing happened. Both Phil and Moe then continued to look through the firefox code and located various instances of logic towards Apple's keychain.
  • September 30, 2006 - We have been informed by one of the Camino team members that they are no longer supporting keychain manager in their next version of Camino. As far as this project is concerned we have decided to also follow their move into avoiding the keychain manager and use keychain service calls for our purpose.
  • September 30, 2006 - Phil continued looking through existing Firefox code to further understand the current wallet and existing keychain implementations. The following data files were found and analyised:
42 rememberButtonText = &Remember
43 notNowButtonText = &Not Now
44 neverForSiteButtonText = Ne&ver for This Site
  • October 7th, 2006 - Moe and Phil ventured through the nsPasswordManager.cpp file and tried to decipher its contents. We then began setting up our svn that Andrew created for us.
  • October 14th, 2006 - We located an application (http://homepage.mac.com/agerson/examples/keychain/) today that utilizes the various features of Apple’s keychain API. This application allowed us to understand how the API works, even though it’s coded in objective-c. We then created a branch of our Mozilla 1.5.0.7 trunk and created our keychain integration files.
  • Keychain.cpp
  • Keychain.h
Let the coding begin!
  • October 21st, 2006 - We began writing simple code to create and retrieve keychain items. Before we implement test code into our Firefox build, we decided to create the C files on there own first, then integrate later. Our main goals today are:
  1. Create keychain items
  2. Retrieve keychain items
  3. Output to standard output.
Bug Fix: That application we found contained a bug that would prevent it from saving the keychain item description to Apple's keychain. Using our newbie objective-c skills, we located and fixed the problem.
  • We added the method createKeychainItem(), which creates a keychain item based on the passed in parameters.
  • Began writing logic to retrieve the username and password in the keychain item.
  • November 11th, 2006 - The following events occurred today:
  • Moe determined that two functions within the keychain reference API already create and retrieve internet passwords. The functions for saving and retriving a keychain item were created.
  • Phil began locating a starting point to fork their objects into the FF code: nsFormFillController.cpp
  • After working on MAC1 for more then 15 minutes, the screen froze. After three more tries with no success, all work had to be moved onto MAC2. Currently, MAC2 has a issue with its display that is VERY distracting to the user. The desktop background had to be changed to black to somewhat resolve the issue.
  • A problem occurred when the intel build from Moe's mac was placed on MAC2 (G4). Moe had to reinstall xcode so that universal binaries could be supported.
  • November 21st, 2006 - Currently waiting for assistance on implementing our keychain code into the Mozilla tree. There is an issue that also affects our project regarding the usage of Security.framework and protypes.h. Bug #360583 is currently investigating this issue.
  • December 3rd, 2006 - Phil decided to implement our working code on friday into the current Firefox build. Thanks to MAC1 crashing, a network cable missing from MAC2, and the orange Firefox build for Mac OS X, I didnt accomplish anything.
  • December 8th, 2006 - Both MAC1 and MAC2 have been fixed. Myself and Moe began hacking our Keychain code into the Mozilla tree, through the nsPasswordManager.cpp file. This file is primarily used by Firefox to record and retrieve passwords from a flat file system. As we were implementing the code, we realized that FF wont build unless the security framework was included into the build process. Venturing into IRC produced the following results:
  • We have to include the -framework Security into the build process where ever we are linking in the tree.
  • We were unsuccessful with our first attempt at building Firefox, with the our keychain code:
c++ -o nsPasswordManager.o -c  -DMOZILLA_INTERNAL_API -DOSTYPE=\"Darwin8.8.2\" -DOSARCH=\"Darwin\" -DBUILD_ID=0000000000  
-I../../../../dist/include/necko
-I../../../../dist/include/xpcom -I../../../../dist/include/string -I../../../../dist/include/windowwatcher 
-I../../../../dist/include/uriloader 
-I../../../../dist/include/pref -I../../../../dist/include/intl -I../../../../dist/include/dom 
-I../../../../dist/include/content 
-I../../../../dist/include/layout -I../../../../dist/include/widget -I../../../../dist/include/autocomplete 
-I../../../../dist/include/pipnss 
-I../../../../dist/include/unicharutil -I../../../../dist/include   -I../../../../dist/include/passwordmgr 
-I../../../../dist/include/nspr  -DMOZ_PNG_READ 
-DMOZ_PNG_WRITE  -I../../../../dist/sdk/include    -mdynamic-no-pic   -fno-rtti -fno-exceptions -Wall -Wconversion -Wpointer-arith -Wcast-align 
-Woverloaded-virtual -Wsynth -Wno-ctor-dtor-privacy -Wno-non-virtual-dtor -Wno-long-long -fpascal-strings -no-cpp-precomp -fno-common -fshort-wchar 
-I/Developer/Headers/FlatCarbon -pipe  -DNDEBUG -DTRIMMED -O   -DMOZILLA_CLIENT -include ../../../../mozilla-config.h -Wp,-MD,.deps/nsPasswordManager.pp 
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp
In file included from /Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:39:
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:52:28: error: 
CoreFoundation.h: No such file or directory
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:53:22: error:
Security.h: No such file or directory
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:146: error: 
'SecProtocolType' has not been declared
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:146: error: 
'SecAuthenticationType' has not been declared
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:151: error: 
'SecProtocolType' has not been declared
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:151: error: 
'SecAuthenticationType' has not been declared
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:159: error: 
ISO C++ forbids declaration of 'keychain' with no type
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.h:159: error: 
expected ';' before '*' token
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp: 
In destructor 'virtual
 nsPasswordManager::~nsPasswordManager()':
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:225: error: 
'inst' was not declared in this scope
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp: 
In member function 'int nsPasswordManager::ChangeInternetPassword(OpaqueSecKeychainItemRef*, int, const char*, int, const void*)':
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2125: error: 
'kSecAccountItemAttr' was not declared in this scope
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2128: error: 
'SecKeychainItemModifyAttributesAndData' was not declared in this scope
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2132: error: 
'SecKeychainItemModifyAttributesAndData' was not declared in this scope
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp: At global scope:
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2144: error: 
'SecProtocolType' has not been declared
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2144: error: 
'SecAuthenticationType' has not been declared
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp: 
In member function 'int nsPasswordManager::RetrieveInternetPassword(OpaqueSecKeychainRef*, int, const char*, 
int, const char*, int, const char*,
 int, int, int, UInt32*, void**, OpaqueSecKeychainItemRef**)':
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2149: error: 
'SecKeychainFindInternetPassword' was not declared in this scope
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp: At global scope:
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2162: error: 
'SecProtocolType' has not been declared
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2164: error: 
'SecAuthenticationType' has not been declared
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp: In member 
function 'int nsPasswordManager::AddInternetPassword(OpaqueSecKeychainRef*, int, const char*, int, const char*, int, 
const char*, int, const char*, int, int, int, int, const void*, OpaqueSecKeychainItemRef**)':
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2171: error: 
'SecKeychainAddInternetPassword' was not declared in this scope
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp: 
In static member function 'static nsPasswordManager* nsPasswordManager::getInstance()':
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2177: error: 
'inst' was not declared in this scope
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2180: error: 
'inst' was not declared in this scope
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp: At global scope:
/Users/philly/keychain/osxkeychain/trunk/mozilla/toolkit/components/passwordmgr/base/nsPasswordManager.cpp:2184: error: 
'nsPasswordManager* nsPasswordManager::inst' is not a static member of 'class nsPasswordManager'
make[6]: *** [nsPasswordManager.o] Error 1
make[5]: *** [libs] Error 2
make[4]: *** [libs] Error 2
make[3]: *** [libs_tier_toolkit] Error 2
make[2]: *** [tier_toolkit] Error 2
make[1]: *** [default] Error 2
make: *** [build] Error 2
  • Our custom keychain class is now fully commented and available for online viewing. A test main is provided as well as the Xcode project for those who are interesting in compiling the code.
  • The following chat was recorded, discussing a new MoCo involvement in the OS X Keychain integration project:
20:29 <dolske> ping?
20:31 <dolske> I saw to mention you're working on adding a build flag, and adding the "os x security
               framework"?
20:33 <philly> yeah
20:34 <philly> whats up?
20:36 <dolske> What exactly does the latter (OS X) part mean?
20:37 <philly> im working on a project that will add os x keychain support to firefox
20:37 <philly> were trying to get the security framework
20:37 <dolske> ah, that's what I suspected. :-)
20:37 <philly> into the build.
20:38 <dolske> One of the new MoCo guys was startign to look at that too, and I'm starting to whack
               passwordmgr with a big stick.
20:39 <philly> yeah.. thats basically what were doing
20:39 <philly> we have working code that add's and retreives keychain items from the keychain manager
20:41 <philly> we have had working code for a while now, but dont know the moz tree well enough to
               implement the code.
20:41 <philly> so its a lot of trial and error
20:41 <dolske> You may want to ping Collin Barrett (cbarrett) so you're not duplicating work.
20:41 <philly> will do
20:42 <dolske> Although I think he's not actually starting for a couple of weeks, so I don't know how
               much he's around.
20:43 <philly> i'll give me a shout as soon as i see him.. thanks for the info
20:43 <philly> s/me/him/
20:43 <dolske> Looks like timber@lava.net is his current email.
20:44 <dolske> Also... Did you get the build flag added? I'm about to do the same, and was wondering
               what was involved. :-)
20:45 <philly> we located flag: -framework Security
20:46 <philly> there could be more
20:47 <dolske> Oh, I thought you were looking at a --enable-moz-foo type flag.
20:47 <philly> yeah.. we dont know if we found the right one
20:48 <philly> i was talking to some of the camino guys about flags
20:48 <dolske> ah.
20:49 <philly> im not sure if those flags are apart of the camino build though.. it appears they know
               nothing about the ff build process
20:49 <philly> im a student at seneca college btw.. we have a project page for this
20:49 <dolske> heh, that seems to be a common problem. :-)
20:50 <philly> http://zenit.senecac.on.ca/wiki/index.php/OS_X_Keychain_integration
20:50 <dolske> ah, cool.
20:51 <dolske> oh, Camino already supports Keychain? Hmpf.
20:51 <philly> yeah.. but its not using the latest security framework from apple
20:51 <dolske> ...but they're dropping it? hmm.
20:51 <philly> so they're gonna pull it out
20:51 <philly> otherwise
20:51 <philly> we would be copying some code.. :)
20:51 <dolske> ah, "why" was my next question.
20:52 <dolske> I wonder if they can't use a newer framework because they want to support older OS X
               versions?
20:53 <philly> hmm.. i never thought of that
20:53 <dolske> I think FF3 will currently require 10.2 (with 10.3 recommended)
20:56 <philly> yeah.. i think 10.2 is the base for the latest framework
20:56 <philly> there is also a patch that you have to apply
20:57 <philly> bug 360583
21:12 -!- dolske [dolske@moz-46636307.office.mozilla.org ] has quit [Quit: dolske]

Project Download

Currently, our latest developments into the integration of Apple's Keychain manager into Firefox can be downloaded by a zipped file or through svn.

Archive

This file contains the:

  • C++ code that was written to save and retrieve items from the Keychain Manager in OS X.
  • Xcode project file ready to be compiled.
  • A patch is also included depicting our latest efforts in integrating the code into the Mozilla Tree.
Download archive
View the source online

Code Pages

SVN

The repository contains a snapshot of the latest Mozilla tree (captured on Dec 5th, 2006). Use the following command to download our latest code efforts.

svn co svn://cdot.senecac.on.ca/osxkeychain/trunk/