search

darlinghq / darling-corecrypto

CoreCrypto reimplementation under GPL-3
http://www.darlinghq.org
GNU General Public License v3.0
23 stars 9 forks source link

is darling-corecrypto already included in main darlingHQ #8

Open paianoa opened 3 years ago

paianoa commented 3 years ago

Sorry, not clear if darling-corecrypto is already included in main darlingHQ. I'm having problems with crypto functions while using darling and I landend here.

LubosD commented 3 years ago

It is included. You need to be more specific.

paianoa commented 3 years ago

Thank you LibosD. I'm trying to generate a new keychain with the following command:

security create-keychain -p password build.keychain

Once I launch the command the following message appears instantly:

DARLING CRYPTO STUB: const struct ccmode_ecb *ccdes3_ecb_encrypt_mode(void)

I left it running for hours and then I decided to kill the execution with CTRL+C. Basically nothing happened and content of ~/Library/Keychains is the the following:

-r--r--r-- 1 root root 0 Mar 21 11:48 .flF0366243 -rw-r--r-- 1 root root 0 Mar 21 11:49 build.keychain-db -rw-r--r-- 1 root root 0 Mar 21 11:49 build.keychain-db.amkrtempjt1OmL

3 files with 0 bytes.

I tried to build a new keychain because the system one doesn't seem to exist in darling. In fact even if the following command security list-keychains returns: "/Library/Keychains/System.keychain"

the System.keychain file doesn't exist on the file system.

Is there any specific issue with keychains in darling or am I missing something about that?

Thank you.

facekapow commented 3 years ago

Well, the "specific issue with keychains" is just that our corecrypto is not complete. As you saw above, ccdes3_ecb_encrypt_mode is a stub, but the Security framework (the one that actually deals with keychains) needs that to do something with the keychain.

In addition, the security command probably hung forever because securityd (the daemon that actually manages keychains) probably crashed after calling that stubbed function and the security command was left waiting forever for a reply from a dead daemon.

paianoa commented 3 years ago

Thank you facekapow for the clarification.

Is there any plan to complete the corecrypto implementaton with that functionalities? I'm testing darling because the ultimate goal of the company I'm working for, is to find an alternative way to sign IPA applications without relying on a MacOS. According to what you said above I can conclude this is not possible at the moment with darling.

bugaevc commented 3 years ago

Are you, perhaps, looking to contribute the missing implementation? :slightly_smiling_face:

trungnt2910 commented 2 years ago

Please check my PR: #9.

This replaces the stubs with proper DES functions but does not fully solve this problem yet, there seems to be some bugs related to securityd itself.