Apple opens cryptographic libraries to developers in bid to encourage more security

article thumbnail

Apple has opened its Security Framework and Common Crypto libraries to developers, hoping to foster tighter levels of security in third-party apps.

The Security Framework is used in iOS and OS X for managing keys, certificates, and trust policies, including storing the first two in the platforms' keychains. Common Crypto is tied to functions like symmetric encryption, hash-based message authentication codes, and digests. The pair both depend on a shared library known as corecrypto.

"Although corecrypto does not directly provide programming interfaces for developers and should not be used by iOS or OS X apps, the source code is available to allow for verification of its security characteristics and correct functioning," Apple said.

The company is typically slow to publish the source code for open-source components in its software. It has yet to do so for OS X El Capitan for instance, and while its Swift programming language is due to become open-source, that will only happen sometime before the end of 2015.

Security though is an important issue for Apple in light of growing privacy and malware threats. The company previously marketed its devices as virtually immune to malware, but both iOS and OS X have come under increasing levels of attack.


Latest News