darling-corecrypto icon indicating copy to clipboard operation
darling-corecrypto copied to clipboard

Published 20 hours ago verified publisher icon darlinghq

is darling-corecrypto already included in main darlingHQ

Open paianoa opened this issue 4 years ago • 6 comments

Sorry, not clear if darling-corecrypto is already included in main darlingHQ. I'm having problems with crypto functions while using darling and I landend here.

paianoa avatar Mar 20 '21 20:03 paianoa

It is included. You need to be more specific.

LubosD avatar Mar 20 '21 20:03 LubosD

Thank you LibosD. I'm trying to generate a new keychain with the following command:

security create-keychain -p password build.keychain

Once I launch the command the following message appears instantly:

DARLING CRYPTO STUB: const struct ccmode_ecb *ccdes3_ecb_encrypt_mode(void)

I left it running for hours and then I decided to kill the execution with CTRL+C. Basically nothing happened and content of ~/Library/Keychains is the the following:

-r--r--r-- 1 root root 0 Mar 21 11:48 .flF0366243 -rw-r--r-- 1 root root 0 Mar 21 11:49 build.keychain-db -rw-r--r-- 1 root root 0 Mar 21 11:49 build.keychain-db.amkrtempjt1OmL

3 files with 0 bytes.

I tried to build a new keychain because the system one doesn't seem to exist in darling. In fact even if the following command security list-keychains returns: "/Library/Keychains/System.keychain"

the System.keychain file doesn't exist on the file system.

Is there any specific issue with keychains in darling or am I missing something about that?

Thank you.

paianoa avatar Mar 21 '21 11:03 paianoa

Well, the "specific issue with keychains" is just that our corecrypto is not complete. As you saw above, ccdes3_ecb_encrypt_mode is a stub, but the Security framework (the one that actually deals with keychains) needs that to do something with the keychain.

In addition, the security command probably hung forever because securityd (the daemon that actually manages keychains) probably crashed after calling that stubbed function and the security command was left waiting forever for a reply from a dead daemon.

facekapow avatar Mar 21 '21 14:03 facekapow

Thank you facekapow for the clarification.

Is there any plan to complete the corecrypto implementaton with that functionalities? I'm testing darling because the ultimate goal of the company I'm working for, is to find an alternative way to sign IPA applications without relying on a MacOS. According to what you said above I can conclude this is not possible at the moment with darling.

paianoa avatar Mar 21 '21 16:03 paianoa

Are you, perhaps, looking to contribute the missing implementation? :slightly_smiling_face:

bugaevc avatar Mar 21 '21 16:03 bugaevc

Please check my PR: #9.

This replaces the stubs with proper DES functions but does not fully solve this problem yet, there seems to be some bugs related to securityd itself.

trungnt2910 avatar Nov 06 '21 10:11 trungnt2910