From fd95771feddb43280efc62c335af5ca9a1e9ee20 Mon Sep 17 00:00:00 2001
From: Max Goedjen <max.goedjen@gmail.com>
Date: Fri, 26 Sep 2025 00:19:32 -0700
Subject: [PATCH] Dump

---
 Sources/Packages/Sources/Brief/Updater.swift  |  10 +-
 .../CertificateKit/CertificateMigrator.swift  |  91 ++++++
 .../SSHProtocolKit/OpenSSHCertificate.swift   |  18 +-
 Sources/SecretAgent/AppDelegate.swift         |   3 +
 Sources/Secretive.xcodeproj/project.pbxproj   | 261 ------------------
 .../xcshareddata/xcschemes/Secretive.xcscheme |   2 +-
 Sources/Secretive/App.swift                   |   4 +-
 7 files changed, 103 insertions(+), 286 deletions(-)
 create mode 100644 Sources/Packages/Sources/CertificateKit/CertificateMigrator.swift

diff --git a/Sources/Packages/Sources/Brief/Updater.swift b/Sources/Packages/Sources/Brief/Updater.swift
index 12be1ee..7e71fe8 100644
--- a/Sources/Packages/Sources/Brief/Updater.swift
+++ b/Sources/Packages/Sources/Brief/Updater.swift
@@ -75,14 +75,14 @@ extension Updater {
                 .reversed()
                 .filter({ !$0.prerelease })
                 .first(where: { $0.minimumOSVersion <= osVersion }) else { return }
-        guard !userIgnored(release: release) else { return }
-        guard !release.prerelease else { return }
-        let latestVersion = SemVer(release.name)
-        if latestVersion > currentVersion {
+//        guard !userIgnored(release: release) else { return }
+//        guard !release.prerelease else { return }
+//        let latestVersion = SemVer(release.name)
+//        if latestVersion > currentVersion {
             await MainActor.run {
                 state.update = release
             }
-        }
+//        }
     }
 
     /// Checks whether the user has ignored a release.
diff --git a/Sources/Packages/Sources/CertificateKit/CertificateMigrator.swift b/Sources/Packages/Sources/CertificateKit/CertificateMigrator.swift
new file mode 100644
index 0000000..ecde163
--- /dev/null
+++ b/Sources/Packages/Sources/CertificateKit/CertificateMigrator.swift
@@ -0,0 +1,91 @@
+import Foundation
+import Security
+import CryptoTokenKit
+import CryptoKit
+import os
+import SSHProtocolKit
+
+public struct CertificateKitMigrator {
+
+    private let logger = Logger(subsystem: "com.maxgoedjen.secretive.migration", category: "CertificateKitMigrator")
+    let directory: URL
+
+    /// Initializes a PublicKeyFileStoreController.
+    public init(homeDirectory: URL) {
+        directory = homeDirectory.appending(component: "PublicKeys")
+    }
+
+    @MainActor public func migrate() throws {
+        let fileCerts = try FileManager.default
+            .contentsOfDirectory(atPath: directory.path())
+            .filter { $0.hasSuffix("-cert.pub") }
+        Task {
+            for path in fileCerts {
+                let url = directory.appending(component: path)
+                let data = try! Data(contentsOf: url)
+//                let parser = try! await XPCCertificateParser()
+                let parser = OpenSSHCertificateParser()
+                let cert = try! await parser.parse(data: data)
+                print(cert)
+//                let secret = storeList.allSecrets.first { secret in
+//                    secret.name == cert.name
+//                }
+//                guard let secret = secret ?? storeList.allSecrets.first else { return }
+//                print(cert.data.formatted(.hex()))
+//                certificateStore.saveCertificate(cert.data, for: secret)
+                print(cert)
+            }
+
+        }
+
+//        let privateAttributes = KeychainDictionary([
+//            kSecClass: kSecClassKey,
+//            kSecAttrKeyType: Constants.oldKeyType,
+//            kSecAttrApplicationTag: SecureEnclave.Store.Constants.keyTag,
+//            kSecAttrKeyClass: kSecAttrKeyClassPrivate,
+//            kSecReturnRef: true,
+//            kSecMatchLimit: kSecMatchLimitAll,
+//            kSecReturnAttributes: true
+//        ])
+//        var privateUntyped: CFTypeRef?
+//        unsafe SecItemCopyMatching(privateAttributes, &privateUntyped)
+//        guard let privateTyped = privateUntyped as? [[CFString: Any]] else { return }
+//        let migratedPublicKeys = Set(store.secrets.map(\.publicKey))
+//        var migratedAny = false
+//        for key in privateTyped {
+//            let name = key[kSecAttrLabel] as? String ?? String(localized: .unnamedSecret)
+//            let id = key[kSecAttrApplicationLabel] as! Data
+//            guard !id.contains(Constants.migrationMagicNumber) else {
+//                logger.log("Skipping \(name), already migrated.")
+//                continue
+//            }
+//            let ref = key[kSecValueRef] as! SecKey
+//            let attributes = SecKeyCopyAttributes(ref) as! [CFString: Any]
+//            let tokenObjectID = unsafe attributes[Constants.tokenObjectID] as! Data
+//            let accessControl = attributes[kSecAttrAccessControl] as! SecAccessControl
+//            // Best guess.
+//            let auth: AuthenticationRequirement = String(describing: accessControl)
+//                .contains("DeviceOwnerAuthentication") ? .presenceRequired : .unknown
+//            do {
+//                let parsed = try CryptoKit.SecureEnclave.P256.Signing.PrivateKey(dataRepresentation: tokenObjectID)
+//                let secret = Secret(id: UUID().uuidString, name: name, publicKey: parsed.publicKey.x963Representation, attributes: Attributes(keyType: .init(algorithm: .ecdsa, size: 256), authentication: auth))
+//                guard !migratedPublicKeys.contains(parsed.publicKey.x963Representation) else {
+//                    logger.log("Skipping \(name), public key already present. Marking as migrated.")
+//                    markMigrated(secret: secret, oldID: id)
+//                    continue
+//                }
+//                logger.log("Migrating \(name).")
+//                try store.saveKey(tokenObjectID, name: name, attributes: secret.attributes)
+//                logger.log("Migrated \(name).")
+//                markMigrated(secret: secret, oldID: id)
+//                migratedAny = true
+//            } catch {
+//                logger.error("Failed to migrate \(name): \(error.localizedDescription).")
+//            }
+//        }
+//        if migratedAny {
+//            store.reloadSecrets()
+//        }
+    }
+
+}
diff --git a/Sources/Packages/Sources/SSHProtocolKit/OpenSSHCertificate.swift b/Sources/Packages/Sources/SSHProtocolKit/OpenSSHCertificate.swift
index 0f3a7c1..cb4c222 100644
--- a/Sources/Packages/Sources/SSHProtocolKit/OpenSSHCertificate.swift
+++ b/Sources/Packages/Sources/SSHProtocolKit/OpenSSHCertificate.swift
@@ -77,16 +77,7 @@ public struct OpenSSHCertificateParser: OpenSSHCertificateParserProtocol, Sendab
             }
             let validAfter = try dataParser.readNextBytes(as: UInt64.self, convertEndianness: true)
             let validBefore = try dataParser.readNextBytes(as: UInt64.self, convertEndianness: true)
-            let validityRange = Date(timeIntervalSince1970: TimeInterval(validAfter))..<Date(timeIntervalSince1970: TimeInterval(validBefore
-                                                                                                                                ))
-            let criticalOptionsReader = try dataParser.readNextChunkAsSubReader()
-            let extensionsReader = try dataParser.readNextChunkAsSubReader()
-            _ = try dataParser.readNextChunk() // reserved
-            let signatureKey = try dataParser.readNextChunk()
-            let signature = try dataParser.readNextChunk()
-
-            print(pkw(data: signatureKey), pkw(data: publicKey), pkw(data: signature))
-
+            let validityRange = Date(timeIntervalSince1970: TimeInterval(validAfter))..<Date(timeIntervalSince1970: TimeInterval(validBefore))
 
             return OpenSSHCertificate(
                 type: type,
@@ -103,13 +94,6 @@ public struct OpenSSHCertificateParser: OpenSSHCertificateParserProtocol, Sendab
         }
     }
 
-    func pkw(data: Data) -> String {
-        let base64 = Data(SHA256.hash(data: data)).base64EncodedString()
-        let paddingRange = base64.index(base64.endIndex, offsetBy: -2)..<base64.endIndex
-        let cleaned = base64.replacingOccurrences(of: "=", with: "", range: paddingRange)
-        return "SHA256:\(cleaned)"
-    }
-
 }
 
 public enum OpenSSHCertificateError: Error, Codable {
diff --git a/Sources/SecretAgent/AppDelegate.swift b/Sources/SecretAgent/AppDelegate.swift
index 0a4b85b..d2fbf06 100644
--- a/Sources/SecretAgent/AppDelegate.swift
+++ b/Sources/SecretAgent/AppDelegate.swift
@@ -7,6 +7,7 @@ import SecretAgentKit
 import Brief
 import Observation
 import SSHProtocolKit
+import CertificateKit
 
 @main
 class AppDelegate: NSObject, NSApplicationDelegate {
@@ -16,6 +17,8 @@ class AppDelegate: NSObject, NSApplicationDelegate {
         let cryptoKit = SecureEnclave.Store()
         let migrator = SecureEnclave.CryptoKitMigrator()
         try? migrator.migrate(to: cryptoKit)
+        let certsMigrator = CertificateKitMigrator(homeDirectory: URL.homeDirectory)
+        try? certsMigrator.migrate()
         list.add(store: cryptoKit)
         list.add(store: SmartCard.Store())
         return list
diff --git a/Sources/Secretive.xcodeproj/project.pbxproj b/Sources/Secretive.xcodeproj/project.pbxproj
index 3a2381f..af65f63 100644
--- a/Sources/Secretive.xcodeproj/project.pbxproj
+++ b/Sources/Secretive.xcodeproj/project.pbxproj
@@ -1168,48 +1168,6 @@
 			};
 			name = Debug;
 		};
-		50692D212E6FDB880043C7BB /* Test */ = {
-			isa = XCBuildConfiguration;
-			buildSettings = {
-				CLANG_CXX_LANGUAGE_STANDARD = "gnu++20";
-				CODE_SIGN_ENTITLEMENTS = SecretiveUpdater/SecretiveUpdater.entitlements;
-				CODE_SIGN_STYLE = Automatic;
-				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 1;
-				ENABLE_APP_SANDBOX = YES;
-				ENABLE_ENHANCED_SECURITY = YES;
-				ENABLE_HARDENED_RUNTIME = YES;
-				ENABLE_INCOMING_NETWORK_CONNECTIONS = NO;
-				ENABLE_OUTGOING_NETWORK_CONNECTIONS = YES;
-				ENABLE_POINTER_AUTHENTICATION = YES;
-				ENABLE_RESOURCE_ACCESS_AUDIO_INPUT = NO;
-				ENABLE_RESOURCE_ACCESS_BLUETOOTH = NO;
-				ENABLE_RESOURCE_ACCESS_CALENDARS = NO;
-				ENABLE_RESOURCE_ACCESS_CAMERA = NO;
-				ENABLE_RESOURCE_ACCESS_CONTACTS = NO;
-				ENABLE_RESOURCE_ACCESS_LOCATION = NO;
-				ENABLE_RESOURCE_ACCESS_PRINTING = NO;
-				ENABLE_RESOURCE_ACCESS_USB = NO;
-				GCC_C_LANGUAGE_STANDARD = gnu17;
-				GENERATE_INFOPLIST_FILE = YES;
-				INFOPLIST_FILE = SecretiveUpdater/Info.plist;
-				INFOPLIST_KEY_CFBundleDisplayName = SecretiveUpdater;
-				INFOPLIST_KEY_NSHumanReadableCopyright = "Copyright © 2025 Max Goedjen. All rights reserved.";
-				LOCALIZATION_PREFERS_STRING_CATALOGS = YES;
-				MACOSX_DEPLOYMENT_TARGET = 14.0;
-				MARKETING_VERSION = 1.0;
-				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretiveUpdater;
-				PRODUCT_NAME = "$(TARGET_NAME)";
-				REGISTER_APP_GROUPS = YES;
-				SKIP_INSTALL = YES;
-				STRING_CATALOG_GENERATE_SYMBOLS = YES;
-				SWIFT_APPROACHABLE_CONCURRENCY = YES;
-				SWIFT_EMIT_LOC_STRINGS = YES;
-				SWIFT_UPCOMING_FEATURE_MEMBER_IMPORT_VISIBILITY = YES;
-				SWIFT_VERSION = 5.0;
-			};
-			name = Test;
-		};
 		50692D222E6FDB880043C7BB /* Release */ = {
 			isa = XCBuildConfiguration;
 			buildSettings = {
@@ -1291,38 +1249,6 @@
 			};
 			name = Debug;
 		};
-		50692E5F2E6FF9D20043C7BB /* Test */ = {
-			isa = XCBuildConfiguration;
-			buildSettings = {
-				CLANG_CXX_LANGUAGE_STANDARD = "gnu++20";
-				CODE_SIGN_ENTITLEMENTS = SecretAgentInputParser/SecretAgentInputParser.entitlements;
-				CODE_SIGN_STYLE = Automatic;
-				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 1;
-				ENABLE_APP_SANDBOX = YES;
-				ENABLE_ENHANCED_SECURITY = YES;
-				ENABLE_HARDENED_RUNTIME = YES;
-				ENABLE_POINTER_AUTHENTICATION = YES;
-				GCC_C_LANGUAGE_STANDARD = gnu17;
-				GENERATE_INFOPLIST_FILE = YES;
-				INFOPLIST_FILE = SecretAgentInputParser/Info.plist;
-				INFOPLIST_KEY_CFBundleDisplayName = SecretAgentInputParser;
-				INFOPLIST_KEY_NSHumanReadableCopyright = "Copyright © 2025 Max Goedjen. All rights reserved.";
-				LOCALIZATION_PREFERS_STRING_CATALOGS = YES;
-				MACOSX_DEPLOYMENT_TARGET = 14.0;
-				MARKETING_VERSION = 1.0;
-				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgentInputParser;
-				PRODUCT_NAME = "$(TARGET_NAME)";
-				REGISTER_APP_GROUPS = YES;
-				SKIP_INSTALL = YES;
-				STRING_CATALOG_GENERATE_SYMBOLS = YES;
-				SWIFT_APPROACHABLE_CONCURRENCY = YES;
-				SWIFT_EMIT_LOC_STRINGS = YES;
-				SWIFT_UPCOMING_FEATURE_MEMBER_IMPORT_VISIBILITY = YES;
-				SWIFT_VERSION = 5.0;
-			};
-			name = Test;
-		};
 		50692E602E6FF9D20043C7BB /* Release */ = {
 			isa = XCBuildConfiguration;
 			buildSettings = {
@@ -1359,155 +1285,6 @@
 			};
 			name = Release;
 		};
-		508A5914241EF1A00069DC07 /* Test */ = {
-			isa = XCBuildConfiguration;
-			baseConfigurationReference = 508A58AB241E121B0069DC07 /* Config.xcconfig */;
-			buildSettings = {
-				ALWAYS_SEARCH_USER_PATHS = NO;
-				ASSETCATALOG_COMPILER_GENERATE_SWIFT_ASSET_SYMBOL_EXTENSIONS = YES;
-				CLANG_ANALYZER_LOCALIZABILITY_NONLOCALIZED = YES;
-				CLANG_ANALYZER_NONNULL = YES;
-				CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE;
-				CLANG_CXX_LANGUAGE_STANDARD = "gnu++14";
-				CLANG_CXX_LIBRARY = "libc++";
-				CLANG_ENABLE_MODULES = YES;
-				CLANG_ENABLE_OBJC_ARC = YES;
-				CLANG_ENABLE_OBJC_WEAK = YES;
-				CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES;
-				CLANG_WARN_BOOL_CONVERSION = YES;
-				CLANG_WARN_COMMA = YES;
-				CLANG_WARN_CONSTANT_CONVERSION = YES;
-				CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES;
-				CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR;
-				CLANG_WARN_DOCUMENTATION_COMMENTS = YES;
-				CLANG_WARN_EMPTY_BODY = YES;
-				CLANG_WARN_ENUM_CONVERSION = YES;
-				CLANG_WARN_INFINITE_RECURSION = YES;
-				CLANG_WARN_INT_CONVERSION = YES;
-				CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES;
-				CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES;
-				CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
-				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
-				CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
-				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
-				CLANG_WARN_STRICT_PROTOTYPES = YES;
-				CLANG_WARN_SUSPICIOUS_MOVE = YES;
-				CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE;
-				CLANG_WARN_UNREACHABLE_CODE = YES;
-				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
-				COPY_PHASE_STRIP = NO;
-				DEAD_CODE_STRIPPING = YES;
-				DEBUG_INFORMATION_FORMAT = dwarf;
-				ENABLE_ENHANCED_SECURITY = YES;
-				ENABLE_POINTER_AUTHENTICATION = YES;
-				ENABLE_STRICT_OBJC_MSGSEND = YES;
-				ENABLE_TESTABILITY = YES;
-				ENABLE_USER_SCRIPT_SANDBOXING = YES;
-				GCC_C_LANGUAGE_STANDARD = gnu11;
-				GCC_DYNAMIC_NO_PIC = NO;
-				GCC_NO_COMMON_BLOCKS = YES;
-				GCC_OPTIMIZATION_LEVEL = 0;
-				GCC_PREPROCESSOR_DEFINITIONS = (
-					"DEBUG=1",
-					"$(inherited)",
-				);
-				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
-				GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR;
-				GCC_WARN_UNDECLARED_SELECTOR = YES;
-				GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
-				GCC_WARN_UNUSED_FUNCTION = YES;
-				GCC_WARN_UNUSED_VARIABLE = YES;
-				MACOSX_DEPLOYMENT_TARGET = 15.0;
-				MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE;
-				MTL_FAST_MATH = YES;
-				ONLY_ACTIVE_ARCH = YES;
-				OTHER_SWIFT_FLAGS = "";
-				SDKROOT = macosx;
-				STRING_CATALOG_GENERATE_SYMBOLS = YES;
-				STRIP_INSTALLED_PRODUCT = NO;
-				STRIP_SWIFT_SYMBOLS = NO;
-				SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG;
-				SWIFT_EMIT_LOC_STRINGS = YES;
-				SWIFT_OPTIMIZATION_LEVEL = "-Onone";
-				SWIFT_STRICT_MEMORY_SAFETY = YES;
-				SWIFT_TREAT_WARNINGS_AS_ERRORS = YES;
-				SWIFT_VERSION = 6.0;
-			};
-			name = Test;
-		};
-		508A5915241EF1A00069DC07 /* Test */ = {
-			isa = XCBuildConfiguration;
-			buildSettings = {
-				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
-				CODE_SIGN_ENTITLEMENTS = Secretive/Secretive.entitlements;
-				CODE_SIGN_STYLE = Manual;
-				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 1;
-				DEAD_CODE_STRIPPING = YES;
-				DEVELOPMENT_ASSET_PATHS = "\"Secretive/Preview Content\"";
-				ENABLE_APP_SANDBOX = YES;
-				ENABLE_ENHANCED_SECURITY = YES;
-				ENABLE_HARDENED_RUNTIME = NO;
-				ENABLE_INCOMING_NETWORK_CONNECTIONS = NO;
-				ENABLE_OUTGOING_NETWORK_CONNECTIONS = NO;
-				ENABLE_POINTER_AUTHENTICATION = YES;
-				ENABLE_PREVIEWS = YES;
-				ENABLE_RESOURCE_ACCESS_AUDIO_INPUT = NO;
-				ENABLE_RESOURCE_ACCESS_BLUETOOTH = NO;
-				ENABLE_RESOURCE_ACCESS_CALENDARS = NO;
-				ENABLE_RESOURCE_ACCESS_CAMERA = NO;
-				ENABLE_RESOURCE_ACCESS_CONTACTS = NO;
-				ENABLE_RESOURCE_ACCESS_LOCATION = NO;
-				ENABLE_RESOURCE_ACCESS_PRINTING = NO;
-				ENABLE_RESOURCE_ACCESS_USB = NO;
-				INFOPLIST_FILE = Secretive/Info.plist;
-				LD_RUNPATH_SEARCH_PATHS = (
-					"$(inherited)",
-					"@executable_path/../Frameworks",
-				);
-				MACOSX_DEPLOYMENT_TARGET = 14.0;
-				MARKETING_VERSION = 1;
-				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host;
-				PRODUCT_NAME = "$(TARGET_NAME)";
-			};
-			name = Test;
-		};
-		508A5917241EF1A00069DC07 /* Test */ = {
-			isa = XCBuildConfiguration;
-			buildSettings = {
-				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
-				CODE_SIGN_ENTITLEMENTS = SecretAgent/SecretAgent.entitlements;
-				CODE_SIGN_STYLE = Manual;
-				COMBINE_HIDPI_IMAGES = YES;
-				DEAD_CODE_STRIPPING = YES;
-				DEVELOPMENT_ASSET_PATHS = "\"SecretAgent/Preview Content\"";
-				ENABLE_APP_SANDBOX = YES;
-				ENABLE_ENHANCED_SECURITY = YES;
-				ENABLE_HARDENED_RUNTIME = YES;
-				ENABLE_INCOMING_NETWORK_CONNECTIONS = NO;
-				ENABLE_OUTGOING_NETWORK_CONNECTIONS = NO;
-				ENABLE_POINTER_AUTHENTICATION = YES;
-				ENABLE_PREVIEWS = YES;
-				ENABLE_RESOURCE_ACCESS_AUDIO_INPUT = NO;
-				ENABLE_RESOURCE_ACCESS_BLUETOOTH = NO;
-				ENABLE_RESOURCE_ACCESS_CALENDARS = NO;
-				ENABLE_RESOURCE_ACCESS_CAMERA = NO;
-				ENABLE_RESOURCE_ACCESS_CONTACTS = NO;
-				ENABLE_RESOURCE_ACCESS_LOCATION = NO;
-				ENABLE_RESOURCE_ACCESS_PRINTING = NO;
-				ENABLE_RESOURCE_ACCESS_USB = NO;
-				INFOPLIST_FILE = SecretAgent/Info.plist;
-				LD_RUNPATH_SEARCH_PATHS = (
-					"$(inherited)",
-					"@executable_path/../Frameworks",
-				);
-				MACOSX_DEPLOYMENT_TARGET = 14.0;
-				MARKETING_VERSION = 1;
-				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;
-				PRODUCT_NAME = "$(TARGET_NAME)";
-			};
-			name = Test;
-		};
 		50A3B79B24026B7600D209EA /* Debug */ = {
 			isa = XCBuildConfiguration;
 			buildSettings = {
@@ -1619,38 +1396,6 @@
 			};
 			name = Debug;
 		};
-		50E4C4DD2E77C4B300C73783 /* Test */ = {
-			isa = XCBuildConfiguration;
-			buildSettings = {
-				CLANG_CXX_LANGUAGE_STANDARD = "gnu++20";
-				CODE_SIGN_ENTITLEMENTS = SecretiveCertificateParser/SecretiveCertificateParser.entitlements;
-				CODE_SIGN_STYLE = Automatic;
-				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 1;
-				ENABLE_APP_SANDBOX = YES;
-				ENABLE_ENHANCED_SECURITY = YES;
-				ENABLE_HARDENED_RUNTIME = YES;
-				ENABLE_POINTER_AUTHENTICATION = YES;
-				GCC_C_LANGUAGE_STANDARD = gnu17;
-				GENERATE_INFOPLIST_FILE = YES;
-				INFOPLIST_FILE = SecretiveCertificateParser/Info.plist;
-				INFOPLIST_KEY_CFBundleDisplayName = SecretiveCertificateParser;
-				INFOPLIST_KEY_NSHumanReadableCopyright = "Copyright © 2025 Max Goedjen. All rights reserved.";
-				LOCALIZATION_PREFERS_STRING_CATALOGS = YES;
-				MACOSX_DEPLOYMENT_TARGET = 26.0;
-				MARKETING_VERSION = 1.0;
-				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretiveCertificateParser;
-				PRODUCT_NAME = "$(TARGET_NAME)";
-				REGISTER_APP_GROUPS = YES;
-				SKIP_INSTALL = YES;
-				STRING_CATALOG_GENERATE_SYMBOLS = YES;
-				SWIFT_APPROACHABLE_CONCURRENCY = YES;
-				SWIFT_EMIT_LOC_STRINGS = YES;
-				SWIFT_UPCOMING_FEATURE_MEMBER_IMPORT_VISIBILITY = YES;
-				SWIFT_VERSION = 5.0;
-			};
-			name = Test;
-		};
 		50E4C4DE2E77C4B300C73783 /* Release */ = {
 			isa = XCBuildConfiguration;
 			buildSettings = {
@@ -1693,7 +1438,6 @@
 			isa = XCConfigurationList;
 			buildConfigurations = (
 				50617D9B23FCE48E0099B055 /* Debug */,
-				508A5914241EF1A00069DC07 /* Test */,
 				50617D9C23FCE48E0099B055 /* Release */,
 			);
 			defaultConfigurationIsVisible = 0;
@@ -1703,7 +1447,6 @@
 			isa = XCConfigurationList;
 			buildConfigurations = (
 				50617D9E23FCE48E0099B055 /* Debug */,
-				508A5915241EF1A00069DC07 /* Test */,
 				50617D9F23FCE48E0099B055 /* Release */,
 			);
 			defaultConfigurationIsVisible = 0;
@@ -1713,7 +1456,6 @@
 			isa = XCConfigurationList;
 			buildConfigurations = (
 				50692D202E6FDB880043C7BB /* Debug */,
-				50692D212E6FDB880043C7BB /* Test */,
 				50692D222E6FDB880043C7BB /* Release */,
 			);
 			defaultConfigurationIsVisible = 0;
@@ -1723,7 +1465,6 @@
 			isa = XCConfigurationList;
 			buildConfigurations = (
 				50692E5E2E6FF9D20043C7BB /* Debug */,
-				50692E5F2E6FF9D20043C7BB /* Test */,
 				50692E602E6FF9D20043C7BB /* Release */,
 			);
 			defaultConfigurationIsVisible = 0;
@@ -1733,7 +1474,6 @@
 			isa = XCConfigurationList;
 			buildConfigurations = (
 				50A3B79B24026B7600D209EA /* Debug */,
-				508A5917241EF1A00069DC07 /* Test */,
 				50A3B79C24026B7600D209EA /* Release */,
 			);
 			defaultConfigurationIsVisible = 0;
@@ -1743,7 +1483,6 @@
 			isa = XCConfigurationList;
 			buildConfigurations = (
 				50E4C4DC2E77C4B300C73783 /* Debug */,
-				50E4C4DD2E77C4B300C73783 /* Test */,
 				50E4C4DE2E77C4B300C73783 /* Release */,
 			);
 			defaultConfigurationIsVisible = 0;
diff --git a/Sources/Secretive.xcodeproj/xcshareddata/xcschemes/Secretive.xcscheme b/Sources/Secretive.xcodeproj/xcshareddata/xcschemes/Secretive.xcscheme
index 24a14c8..0d206d1 100644
--- a/Sources/Secretive.xcodeproj/xcshareddata/xcschemes/Secretive.xcscheme
+++ b/Sources/Secretive.xcodeproj/xcshareddata/xcschemes/Secretive.xcscheme
@@ -23,7 +23,7 @@
       </BuildActionEntries>
    </BuildAction>
    <TestAction
-      buildConfiguration = "Test"
+      buildConfiguration = "Debug"
       selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
       selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
       shouldUseLaunchSchemeArgsEnv = "YES">
diff --git a/Sources/Secretive/App.swift b/Sources/Secretive/App.swift
index 5143a78..57cda44 100644
--- a/Sources/Secretive/App.swift
+++ b/Sources/Secretive/App.swift
@@ -116,8 +116,8 @@ extension EnvironmentValues {
     @MainActor fileprivate static let _secretStoreList: SecretStoreList = {
         let list = SecretStoreList()
         let cryptoKit = SecureEnclave.Store()
-        let migrator = SecureEnclave.CryptoKitMigrator()
-        try? migrator.migrate(to: cryptoKit)
+        let cryptoKitMigrator = SecureEnclave.CryptoKitMigrator()
+        try? cryptoKitMigrator.migrate(to: cryptoKit)
         list.add(store: cryptoKit)
         list.add(store: SmartCard.Store())
         return list