• Home
  • History
  • Annotate
  • only in this directory
NameDateSize

..27-May-2015211

.callH A D07-Oct-2014993

.com.apple.timemachine.supportedH A D07-Oct-20140

asl/H07-Oct-20143

certificates/H24-Oct-201411

CircleJoinRequested/H07-Oct-201416

CloudKeychainProxy/H07-Oct-20146

codesign_wrapper/H07-Oct-201411

Default-568h@2x.pngH A D16-Jun-201418.2 KiB

evroots.hH A D16-Jun-2014881.3 KiB

iCloudStat/H07-Oct-20144

Keychain/H07-Oct-201445

Keychain_114x114.pngH A D16-Jun-201416.7 KiB

Keychain_144x144.pngH A D16-Jun-201422.2 KiB

Keychain_57x57.pngH A D16-Jun-20147.9 KiB

Keychain_72x72.pngH A D16-Jun-20149.8 KiB

KeychainSyncAccountNotification/H07-Oct-20147

libsecurity_smime/H07-Oct-20148

ntlm/H07-Oct-20146

OTAPKIAssetTool/H07-Oct-20147

READMEH A D18-Jun-2014919

README.genanchorsH A D16-Jun-2014631

README.keychainH A D16-Jun-20141.4 KiB

refs.txtH A D24-Oct-20140

resources/H07-Oct-201410

sbrH A D16-Jun-2014865

secdtests/H07-Oct-20145

sectask/H07-Oct-20146

SecureObjectSync-Info.plistH A D16-Jun-2014750

SecureObjectSync.expH A D16-Jun-201434

Security/H07-Oct-201453

Security-Info.plistH A D23-Jul-2014776

Security.exp-inH A D03-Jul-20144 KiB

Security.xcodeproj/H24-Oct-20145

securityd/H07-Oct-201415

SecurityTests/H24-Oct-201427

SecurityTool/H07-Oct-201475

SharedWebCredentialViewService/H07-Oct-201414

spiralsink114.pngH A D16-Jun-201424.2 KiB

spiralsink57.pngH A D16-Jun-20147.8 KiB

sslViewer/H07-Oct-201418

SyncTest/H07-Oct-20145

TODOH A D16-Jun-201410.9 KiB

WHITEPAPERH A D16-Jun-20146.1 KiB

README

1Update June 17, 2014
2
3Here lie the iOS and OS X versions of Security, including securityd and SecurityTool for OS X.
4
5-----------
6
7
8              Projects in Security
9               Last update Dec 1 2005
10
11
12Standalone crypto libs
13----------------------
14
15libCert/
16	Library to parse and verify X509 certificates. Uses libgRSA,
17	libDER, libMD5, and libSHA1. 
18
19libDER/
20	DER decoding library, ROM_capable, no malloc. 
21
22libGiants/
23	General purpose ROM-capable giantIntegers package. No malloc. 
24	Performs unsigned arithmetic ONLY as of Nov. 28 2005. 
25		
26libgRSA/
27	Full ROM-capable RSA package based on libGiants. 
28	Provided to Mike Smith and Chris Aycock 8/23/05.
29	Converted to unsigned libGiants circa 11/30/05.
30
31libScripts/
32	Scripts to build and test all of these libraries. 
33
34====
35
36To regenerate strings file run:
37genstrings -o resources/English.lproj -s SecString sec/Security/SecFrameworkStrings.h
38in the top level dir.
39

README.genanchors

1# Build the genanchors target against the Base SDK.
2
3# Run the following commands:
4
5rm -rf resources/roots
6svn export svn+ssh://src.apple.com/svn/security/tla/trunk/security_certificates/roots resources/roots
7svn cat svn+ssh://src.apple.com/svn/security/tla/trunk/security_certificates/buildEVRoots | awk '
8BEGIN {s = 0}
9/# ------------------------------------------------------------------------------/ { s = 1 }
10/EOF/ {s = 0}
11{ if(s == 1) { print }}' > resources/evroot.config
12~/build/Debug/genanchors -a resources/roots -e resources/evroot.config -a resources/roots > evroots.h
13
14#Then commit the new evroots.h and evroot.config
15

README.keychain

1Starting in 4.0 the keychain will be using content protection
2
3We will define 4 new classes for the keychain:
4
5Ak = non_exportable, uid_protection|pin_protection
6Ck = wrap_on_lock|unwrap_on_lock|non_exportable, uid_protection|pin_protection
7Dk = non_exportable, uid_protection
8Ek = wrap_on_lock|unwrap_on_lock|non_exportable, uid_protection|pin_protection
9
10A new attribute will be added to all keychain items allowing a caller
11to specify the content protection level.
12Caller will have a choice or class Ak, Ck, Dk or Ek protection for the
13items data.
14
15Consider whether or not to allow SecItemUpdate to change the protection class.
16
17Backup will no longer directly backup the keychain file, instead a new
18SecKeychainMigrate() SPI will be added which takes a keybag and a password and
19returns a keychain blob in which class A and C items are protected by the
20provided keybags A and C keys, and the class E key protected items will not
21migrate.
22
23Restore will pass the keychain file from an old backup or keychain blob
24returned by the new SPI and the backup keybag and password to securityd so
25items can be migrated back into the system keychain db.  Class E items in the
26backup set will only get restored if they are decryptable (restore is to same
27device) otherwise they are discarded during the restore.
28
29
30Implementors notes:
31Migrate will take a db file needing to be upgraded or a keychain blob
32needing to be migrated into the system security domain.
33