Security Library

Security Library is used by various applications, other libraries, daemons and services to perform the basis of security related functions.

Background
On iOS and Apple Silicon devices, the Security library is backed by the CryptoTokenKit Library or CTK which directly communicates with the AppleKeyStore user client in the kernel. CTK directly communicates with SEPOS via kernel. This means all cryptographic and encryption functions are handled by SEPOS itself. Security framework is partially open source.
 * Location: /System/Library/Frameworks/Security.framework (Located in Dev:Dyld_shared_cache)

Overview

 * SecKeyCreateRandomKey: creates a randomized keypair based on the input attributes(enum _kSecAttrKeyType) by calling SecKeyGeneratePair. A list of key types are _kSecAttrKeyTypeEC, _kSecAttrKeyTypeECSECPrimeRandom, _kSecAttrKeyTypeECSECPrimeRandomPKA, _kSecAttrKeyTypeRSA, and _kSecAttrKeyTypeSecureEnclaveAttestation. PKA Seems to be used as a software generated key as opposed to SEP hardware generating other types.
 * SecKeyCreateAttestation: Takes in a user or system cert (UCRT/SCRT) along with a key. It attests the key with the user or system cert. CTK is called here for the attestation.