apple-platform-rs icon indicating copy to clipboard operation
apple-platform-rs copied to clipboard

Published 20 hours ago verified publisher icon indygreg

Implement decryption for macOS keychain keys

Open indygreg opened this issue 2 years ago • 0 comments

We have support for performing cryptographic signing using keys stored in macOS keychains. But we don't have support for decryption (needed for remote signing) because the Rust bindings to SecurityFramework.framework don't appear to have the APIs we need.

We'll likely need to teach the security-framework crate about the missing APIs in order to implement decryption.

As a workaround, you can export private keys from keychain to a PFX/.p12 file. This is probably less secure. But it will unblock using remote code signing with the keys.

indygreg avatar Apr 25 '22 01:04 indygreg