Apple opens cryptographic libraries to developers in bid to encourage more security
Apple has opened its Security Framework and Common Crypto libraries to developers, hoping to foster tighter levels of security in third-party apps.
The Security Framework is used in iOS and OS X for managing keys, certificates, and trust policies, including storing the first two in the platforms' keychains. Common Crypto is tied to functions like symmetric encryption, hash-based message authentication codes, and digests. The pair both depend on a shared library known as corecrypto.
"Although corecrypto does not directly provide programming interfaces for developers and should not be used by iOS or OS X apps, the source code is available to allow for verification of its security characteristics and correct functioning," Apple said.
The company is typically slow to publish the source code for open-source components in its software. It has yet to do so for OS X El Capitan for instance, and while its Swift programming language is due to become open-source, that will only happen sometime before the end of 2015.