Skip to content

std.crypto.Certificate.Bundle: find system-installed root certificates on macOS #14169

New issue
New issue
Closed
#14325
Closed
std.crypto.Certificate.Bundle: find system-installed root certificates on macOS#14169
#14325
Labels
contributor friendlyThis issue is limited in scope and/or knowledge of Zig internals.enhancementSolving this issue will likely involve adding new logic or components to the codebase.os-macosstandard libraryThis issue involves writing Zig code for the standard library.
Milestone
 
0.11.0
@andrewrk

Description

@andrewrk
andrewrk
opened on Jan 3, 2023

Extracted from #13980.

This code needs to be expanded to find the root certificates on macOS:

zig/lib/std/crypto/Certificate/Bundle.zig

Lines 57 to 68 in c9ef277

pub fn rescan(cb: *Bundle, gpa: Allocator) !void {
switch (builtin.os.tag) {
.linux => return rescanLinux(cb, gpa),
.windows => {
// TODO
},
.macos => {
// TODO
},
else => {},
}
}

Hint: this is typically done with a framework on macOS but we cannot depend on frameworks in the zig standard library. Perhaps this implementation can rely on a child process for now, like this:

/usr/bin/security find-certificate -a -p /System/Library/Keychains/SystemRootCertificates.keychain

However, ideally there would be no child process execution like this.

Related:

Metadata

Metadata

Assignees

No one assigned

    Labels

    contributor friendlyThis issue is limited in scope and/or knowledge of Zig internals.enhancementSolving this issue will likely involve adding new logic or components to the codebase.os-macosstandard libraryThis issue involves writing Zig code for the standard library.

    Type

    No type

    Projects

    Package Manager

    Status

    Uncategorized

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions