OS Security Package

From Symbian Developer Community

The OS Security package resides in the OS layer and provides cryptography services to the layers above including applications written on the OS.

The package contains many varied security related functionality as is described below in terms of collections which groups related components under one entity.

Collections

The contentmgmt collection is composed of components that provide a unified content access inteface for consumers such as media players. The Content Access Framework component provides a framework and APIs for unified access to various DRM protected content and also to unprotected content. Many DRM schemes can be plugged into the framework to provide support to industry standard content protection mechanisms. A default F32-based agent is provided that enables the consumers to seamlessly access unprotected content as well.

The crypto collection contains the software implementation of many standard cryptography algorithms for data encryption/decryption, hashing, digital signing, verification and also a random number generator. The collection contains two components mainly to differentiate the binary variant created by each of them. The weak crypto component generates binaries that restrict key sizes to less than or equal to 56 bits for symmetric keys and less than or equal to 1024 bits for asymmetric keys. The strong crypto component generates binaries that have no such restriction. Note that both variant are built out of common source code.

The cryptomgmtlibs collection mainly provides a framework for facilitating the implementation of cryptographic tokens and their storage. Examples of such tokens are certificates, keys and authentication objects. It also contains miscellaneous other components such as documentation, test framework and common utilitarian functions. The collection also contains the documentation of the entire security package, and a test framework which is used for developing test suites and running all security integration tests and other common utilitarian functions among which is a generic implementation of client server framework which can be used for developing client server code.

The cryptoservices collection contains the token definitions for certificates and keys and also libraries that implement the parsing of X.509 and WTLS certificates. It also contains the implementation of the file-based certificate and key stores and an instance of the file-based store specifically created for storing native software installer trusted root certificates. An unified interface is exposed for accessing all the certificate and key stores present on the device and implemented using the crypto token framework. Many of the relevant PKCS standards are implemented here.

The securityanddataprivacytools collection contains the configuration files related to many other components of the security package and it also contains the certapp tool. The securityconfig component provides a single place for customizable settings related to all of the security package. The certapp is a PC-based tool used to provision and configure the file-based certificate stores.

News

• 12/June/2009 - Symbian BoD approves EPLing the security package making it the first package going through the formal process from SFL to EPL
• 19/July/2009 - OS Security package released under EPL!

Package Backlog

The package backlog located here contains the planned feature contributions to the package as well as potential future work items.

Related Packages

Security Services - Security services package contains key/device lock and certificate related security components.

DRM - DRM package provides services for usage rights management of DRM-protected content, decrypting the DRM-protected content, centralized error handling for DRM-related errors and UI for DRM-specific settings.

Key APIs

Working with the Package

Contacts

Community

Sign in to comment…