sneak/secret
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
816f53f819
secret/internal/macse
History
sneak 816f53f819 Replace shell-based keychain implementation with keybase/go-keychain library 
- Replaced exec.Command calls to /usr/bin/security with native keybase/go-keychain API
- Added comprehensive test suite for keychain operations
- Fixed binary data storage in tests using hex encoding
- Updated macse tests to skip with explanation about ADE requirements
- All tests passing with CGO_ENABLED=1
2025-07-21 15:58:41 +02:00
..
enclave_test.go Replace shell-based keychain implementation with keybase/go-keychain library 2025-07-21 15:58:41 +02:00
enclave.go Replace shell-based keychain implementation with keybase/go-keychain library 2025-07-21 15:58:41 +02:00
README.md docs 2025-07-15 19:01:29 +02:00

README.md

secure enclave

akrotiri:~/dev/secret/internal/macse$ CGO_ENABLED=1 go test ./...
--- FAIL: TestEnclaveKeyEncryption (0.04s)
    enclave_test.go:16: Failed to create enclave key: failed to create enclave key: error code -34018
--- FAIL: TestEnclaveKeyPersistence (0.01s)
    enclave_test.go:52: Failed to create enclave key: failed to create enclave key: error code -34018

This works with temporary keys. When you try to use persistent keys, you get the above error, because to persist keys in the SE you must have the appropriate entitlements from Apple, which is only possible with an Apple Developer Program paid membership (which requires doxxing yourself, and paying them).

So this is a dead end for now.