First open source bits of Symbian hit the tubes: OS Security package

Symbian is in the process of going open source, using the Eclipse Public License, in chunks known as packages. I have no idea how many packages make up the complete Symbian OS, but the first one to officially go open source is the OS Security package. You have to register, free account, on developer.symbian.org to get access to the files. Hopefully we’ll see more packages going open source by the end of this year, and Symbian reaching their goal of going 100% open source in the first half of 2010.

Full description of the OS Security package, in case you don’t want to make an account on developer.symbian.org, after the jump.

[Via: Symbian Security Blog]

The OS Security package resides in the OS layer and provides cryptography services to the layers above including applications written on the OS.

The package contains many varied security related functionality as is described below in terms of collections which groups related components under one entity.

The contentmgmt collection is composed of components that provide a unified content access inteface for consumers such as media players. The Content Access Framework component provides a framework and APIs for unified access to various DRM protected content and also to unprotected content. Many DRM schemes can be plugged into the framework to provide support to industry standard content protection mechanisms. A default F32-based agent is provided that enables the consumers to seamlessly access unprotected content as well.

This crypto collection contains the software implementation of many standard cryptography algorithms for data encryption/decryption, hashing, digital signing, verification and also a random number generator. The collection contains two components mainly to differentiate the binary variant created by each of them. The weak crypto component generates binaries that restrict key sizes to less than or equal to 56 bits for symmetric keys and less than or equal to 1024 bits for asymmetric keys. The strong crypto component generates binaries that have no such restriction. Note that both variant are built out of common source code.

The cryptomgmtlibs collection mainly provides a framework for facilitating the implementation of cryptographic tokens and their storage. Examples of such tokens are certificates, keys and authentication objects. It also contains miscellaneous other components such as documentation, test framework and common utilitarian functions. The collection also contains the documentation of the entire security package, and a test framework which is used for developing test suites and running all security integration tests and other common utilitarian functions among which is a generic implementation of client server framework which can be used for developing client server code.

The cryptoservices collection contains the token definitions for certificates and keys and also libraries that implement the parsing of X.509 and WTLS certificates. It also contains the implementation of the file-based certificate and key stores and an instance of the file-based store specifically created for storing native software installer trusted root certificates. An unified interface is exposed for accessing all the certificate and key stores present on the device and implemented using the crypto token framework. Many of the relevant PKCS standards are implemented here.

The securityanddataprivacytools collection contains the configuration files related to many other components of the security package and it also contains the certapp tool. The securityconfig component provides a single place for customizable settings related to all of the security package. The certapp is a PC-based tool used to provision and configure the file-based certificate stores.