feat: migrate from Cedar to SpiceDB authorization system

This is a major architectural change that replaces the Cedar policy-based
authorization system with SpiceDB's relation-based authorization.

Key changes:

- Migrate from Rust to Go implementation
- Replace Cedar policies with SpiceDB schema and relationships
- Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks
- Update build system and dependencies for Go ecosystem
- Maintain Envoy integration for external authorization

This change enables more flexible permission modeling through SpiceDB's
Google Zanzibar inspired relation-based system, supporting complex
hierarchical permissions that were difficult to express in Cedar.

Breaking change: Existing Cedar policies and Rust-based configuration
will no longer work and need to be migrated to SpiceDB schema.

24 files changed, 0 insertions, 2131 deletions

diff --git a/vendor/security-framework-sys/src/access.rs b/vendor/security-framework-sys/src/access.rs
deleted file mode 100644
index c759f78d..00000000
--- a/vendor/security-framework-sys/src/access.rs
+++ /dev/null
@@ -1,5 +0,0 @@
-use core_foundation_sys::base::CFTypeID;
-
-extern "C" {
-    pub fn SecAccessGetTypeID() -> CFTypeID;
-}
diff --git a/vendor/security-framework-sys/src/access_control.rs b/vendor/security-framework-sys/src/access_control.rs
deleted file mode 100644
index e5e18d6f..00000000
--- a/vendor/security-framework-sys/src/access_control.rs
+++ /dev/null
@@ -1,46 +0,0 @@
-use core_foundation_sys::base::CFOptionFlags;
-use core_foundation_sys::base::{CFAllocatorRef, CFTypeID, CFTypeRef};
-use core_foundation_sys::error::CFErrorRef;
-use core_foundation_sys::string::CFStringRef;
-
-use crate::base::SecAccessControlRef;
-
-mod access_control_flags {
-    use super::CFOptionFlags;
-
-    pub const kSecAccessControlUserPresence: CFOptionFlags = 1 << 0;
-    #[cfg(feature = "OSX_10_13")]
-    pub const kSecAccessControlBiometryAny: CFOptionFlags = 1 << 1;
-    #[cfg(feature = "OSX_10_13")]
-    pub const kSecAccessControlBiometryCurrentSet: CFOptionFlags = 1 << 3;
-    pub const kSecAccessControlDevicePasscode: CFOptionFlags = 1 << 4;
-    #[cfg(feature = "OSX_10_15")]
-    pub const kSecAccessControlWatch: CFOptionFlags = 1 << 5;
-    pub const kSecAccessControlOr: CFOptionFlags = 1 << 14;
-    pub const kSecAccessControlAnd: CFOptionFlags = 1 << 15;
-    pub const kSecAccessControlPrivateKeyUsage: CFOptionFlags = 1 << 30;
-    pub const kSecAccessControlApplicationPassword: CFOptionFlags = 1 << 31;
-}
-
-pub use access_control_flags::*;
-
-extern "C" {
-    pub static kSecAttrAccessibleWhenUnlocked: CFStringRef;
-    pub static kSecAttrAccessibleAfterFirstUnlock: CFStringRef;
-    pub static kSecAttrAccessibleAlways: CFStringRef;
-    pub static kSecAttrAccessibleWhenUnlockedThisDeviceOnly: CFStringRef;
-    pub static kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly: CFStringRef;
-    pub static kSecAttrAccessibleAlwaysThisDeviceOnly: CFStringRef;
-    pub static kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly: CFStringRef;
-}
-
-extern "C" {
-    pub fn SecAccessControlGetTypeID() -> CFTypeID;
-
-    pub fn SecAccessControlCreateWithFlags(
-        allocator: CFAllocatorRef,
-        protection: CFTypeRef,
-        flags: CFOptionFlags,
-        error: *mut CFErrorRef,
-    ) -> SecAccessControlRef;
-}
diff --git a/vendor/security-framework-sys/src/authorization.rs b/vendor/security-framework-sys/src/authorization.rs
deleted file mode 100644
index 07f9a3e0..00000000
--- a/vendor/security-framework-sys/src/authorization.rs
+++ /dev/null
@@ -1,145 +0,0 @@
-use core_foundation_sys::base::CFTypeRef;
-use core_foundation_sys::base::OSStatus;
-use core_foundation_sys::bundle::CFBundleRef;
-use core_foundation_sys::dictionary::CFDictionaryRef;
-use core_foundation_sys::string::CFStringRef;
-use std::os::raw::{c_char, c_void};
-
-pub const errAuthorizationSuccess: OSStatus = 0;
-pub const errAuthorizationInvalidSet: OSStatus = -60001;
-pub const errAuthorizationInvalidRef: OSStatus = -60002;
-pub const errAuthorizationInvalidTag: OSStatus = -60003;
-pub const errAuthorizationInvalidPointer: OSStatus = -60004;
-pub const errAuthorizationDenied: OSStatus = -60005;
-pub const errAuthorizationCanceled: OSStatus = -60006;
-pub const errAuthorizationInteractionNotAllowed: OSStatus = -60007;
-pub const errAuthorizationInternal: OSStatus = -60008;
-pub const errAuthorizationExternalizeNotAllowed: OSStatus = -60009;
-pub const errAuthorizationInternalizeNotAllowed: OSStatus = -60010;
-pub const errAuthorizationInvalidFlags: OSStatus = -60011;
-pub const errAuthorizationToolExecuteFailure: OSStatus = -60031;
-pub const errAuthorizationToolEnvironmentError: OSStatus = -60032;
-pub const errAuthorizationBadAddress: OSStatus = -60033;
-
-pub type AuthorizationFlags = u32;
-pub const kAuthorizationFlagDefaults: AuthorizationFlags = 0;
-pub const kAuthorizationFlagInteractionAllowed: AuthorizationFlags = 1;
-pub const kAuthorizationFlagExtendRights: AuthorizationFlags = 2;
-pub const kAuthorizationFlagPartialRights: AuthorizationFlags = 4;
-pub const kAuthorizationFlagDestroyRights: AuthorizationFlags = 8;
-pub const kAuthorizationFlagPreAuthorize: AuthorizationFlags = 16;
-
-pub type AuthorizationRef = *mut c_void;
-pub type AuthorizationString = *const c_char;
-
-#[repr(C)]
-#[derive(Copy, Clone, Debug)]
-pub struct AuthorizationItem {
-    pub name: AuthorizationString,
-    pub valueLength: usize,
-    pub value: *mut c_void,
-    pub flags: u32,
-}
-
-#[repr(C)]
-#[derive(Copy, Clone, Debug)]
-pub struct AuthorizationItemSet {
-    pub count: u32,
-    pub items: *mut AuthorizationItem,
-}
-
-pub const kAuthorizationExternalFormLength: usize = 32;
-
-#[repr(C)]
-#[derive(Copy, Clone, Debug)]
-pub struct AuthorizationExternalForm {
-    pub bytes: [c_char; kAuthorizationExternalFormLength],
-}
-
-pub type AuthorizationRights = AuthorizationItemSet;
-pub type AuthorizationEnvironment = AuthorizationItemSet;
-
-pub type AuthorizationAsyncCallback =
-    unsafe extern "C" fn(err: OSStatus, blockAuthorizedRights: *mut AuthorizationRights);
-
-extern "C" {
-    pub fn AuthorizationCreate(
-        rights: *const AuthorizationRights,
-        environment: *const AuthorizationEnvironment,
-        flags: AuthorizationFlags,
-        authorization: *mut AuthorizationRef,
-    ) -> OSStatus;
-
-    pub fn AuthorizationFree(
-        authorization: AuthorizationRef,
-        flags: AuthorizationFlags,
-    ) -> OSStatus;
-
-    pub fn AuthorizationCopyRights(
-        authorization: AuthorizationRef,
-        rights: *const AuthorizationRights,
-        environment: *const AuthorizationEnvironment,
-        flags: AuthorizationFlags,
-        authorizedRights: *mut *mut AuthorizationRights,
-    ) -> OSStatus;
-
-    pub fn AuthorizationCopyRightsAsync(
-        authorization: AuthorizationRef,
-        rights: *const AuthorizationRights,
-        environment: *const AuthorizationEnvironment,
-        flags: AuthorizationFlags,
-        callbackBlock: AuthorizationAsyncCallback,
-    );
-
-    pub fn AuthorizationCopyInfo(
-        authorization: AuthorizationRef,
-        tag: AuthorizationString,
-        info: *mut *mut AuthorizationItemSet,
-    ) -> OSStatus;
-
-    pub fn AuthorizationMakeExternalForm(
-        authorization: AuthorizationRef,
-        extForm: *mut AuthorizationExternalForm,
-    ) -> OSStatus;
-
-    pub fn AuthorizationCreateFromExternalForm(
-        extForm: *const AuthorizationExternalForm,
-        authorization: *mut AuthorizationRef,
-    ) -> OSStatus;
-
-    pub fn AuthorizationFreeItemSet(set: *mut AuthorizationItemSet) -> OSStatus;
-
-    pub fn AuthorizationRightGet(
-        rightName: *const c_char,
-        rightDefinition: *mut CFDictionaryRef,
-    ) -> OSStatus;
-
-    pub fn AuthorizationRightSet(
-        authorization: AuthorizationRef,
-        rightName: *const c_char,
-        rightDefinition: CFTypeRef,
-        descriptionKey: CFStringRef,
-        bundle: CFBundleRef,
-        localeTableName: CFStringRef,
-    ) -> OSStatus;
-
-    pub fn AuthorizationRightRemove(
-        authorization: AuthorizationRef,
-        rightName: *const c_char,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn AuthorizationExecuteWithPrivileges(
-        authorization: AuthorizationRef,
-        pathToTool: *const c_char,
-        options: AuthorizationFlags,
-        arguments: *const *mut c_char,
-        communicationsPipe: *mut *mut libc::FILE,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn AuthorizationCopyPrivilegedReference(
-        authorization: *mut AuthorizationRef,
-        flags: AuthorizationFlags,
-    ) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/base.rs b/vendor/security-framework-sys/src/base.rs
deleted file mode 100644
index fafc57cc..00000000
--- a/vendor/security-framework-sys/src/base.rs
+++ /dev/null
@@ -1,68 +0,0 @@
-use core_foundation_sys::base::OSStatus;
-use core_foundation_sys::string::CFStringRef;
-use std::os::raw::c_void;
-
-pub enum OpaqueSecKeychainRef {}
-pub type SecKeychainRef = *mut OpaqueSecKeychainRef;
-
-pub enum OpaqueSecKeychainItemRef {}
-pub type SecKeychainItemRef = *mut OpaqueSecKeychainItemRef;
-
-// OSType from MacTypes.h
-pub type SecKeychainAttrType = u32;
-
-#[repr(C)]
-#[derive(Copy, Clone)]
-pub struct SecKeychainAttribute {
-    pub tag: SecKeychainAttrType,
-    pub length: u32,
-    pub data: *mut c_void,
-}
-
-#[repr(C)]
-#[derive(Copy, Clone)]
-pub struct SecKeychainAttributeList {
-    pub count: u32,
-    pub attr: *mut SecKeychainAttribute,
-}
-
-pub enum OpaqueSecCertificateRef {}
-pub type SecCertificateRef = *mut OpaqueSecCertificateRef;
-
-pub enum OpaqueSecAccessRef {}
-pub type SecAccessRef = *mut OpaqueSecAccessRef;
-
-pub enum OpaqueSecAccessControlRef {}
-pub type SecAccessControlRef = *mut OpaqueSecAccessControlRef;
-
-pub enum OpaqueSecKeyRef {}
-pub type SecKeyRef = *mut OpaqueSecKeyRef;
-
-pub enum OpaqueSecIdentityRef {}
-pub type SecIdentityRef = *mut OpaqueSecIdentityRef;
-
-pub enum OpaqueSecPolicyRef {}
-pub type SecPolicyRef = *mut OpaqueSecPolicyRef;
-
-pub const errSecSuccess: OSStatus = 0;
-pub const errSecUnimplemented: OSStatus = -4;
-pub const errSecIO: OSStatus = -36;
-pub const errSecParam: OSStatus = -50;
-pub const errSecBadReq: OSStatus = -909;
-pub const errSecNoTrustSettings: OSStatus = -25263;
-pub const errSecAuthFailed: OSStatus = -25293;
-pub const errSecDuplicateItem: OSStatus = -25299;
-pub const errSecItemNotFound: OSStatus = -25300;
-pub const errSecCreateChainFailed: OSStatus = -25318;
-pub const errSecConversionError: OSStatus = -67594;
-pub const errSecHostNameMismatch: OSStatus = -67602;
-pub const errSecInvalidExtendedKeyUsage: OSStatus = -67609;
-pub const errSecTrustSettingDeny: OSStatus = -67654;
-pub const errSecCertificateRevoked: OSStatus = -67820;
-pub const errSecNotTrusted: OSStatus = -67843;
-pub const errSecInternalComponent: OSStatus = -2070;
-
-extern "C" {
-    // this is available on iOS 11.3+, MacOS 10.3+
-    pub fn SecCopyErrorMessageString(status: OSStatus, reserved: *mut c_void) -> CFStringRef;
-}
diff --git a/vendor/security-framework-sys/src/certificate.rs b/vendor/security-framework-sys/src/certificate.rs
deleted file mode 100644
index 4d38ca2a..00000000
--- a/vendor/security-framework-sys/src/certificate.rs
+++ /dev/null
@@ -1,101 +0,0 @@
-use core_foundation_sys::array::CFArrayRef;
-use core_foundation_sys::base::{CFAllocatorRef, CFTypeID, OSStatus};
-use core_foundation_sys::data::CFDataRef;
-#[cfg(target_os = "macos")]
-use core_foundation_sys::dictionary::CFDictionaryRef;
-#[cfg(any(target_os = "macos", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-use core_foundation_sys::error::CFErrorRef;
-use core_foundation_sys::string::CFStringRef;
-
-use crate::base::SecCertificateRef;
-use crate::base::SecKeyRef;
-use crate::base::SecKeychainRef;
-
-extern "C" {
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyKeyType: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyKeyLabel: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyKeyLocalizedLabel: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyKeyValue: CFStringRef;
-
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeWarning: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeSuccess: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeSection: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeData: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeString: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeURL: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeDate: CFStringRef;
-
-    // certificate policies
-    pub static kSecPolicyAppleX509Basic: CFStringRef;
-    pub static kSecPolicyAppleSSL: CFStringRef;
-    pub static kSecPolicyAppleSMIME: CFStringRef;
-    pub static kSecPolicyAppleEAP: CFStringRef;
-    pub static kSecPolicyAppleIPsec: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPolicyApplePKINITClient: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPolicyApplePKINITServer: CFStringRef;
-    pub static kSecPolicyAppleCodeSigning: CFStringRef;
-    pub static kSecPolicyMacAppStoreReceipt: CFStringRef;
-    pub static kSecPolicyAppleIDValidation: CFStringRef;
-    pub static kSecPolicyAppleTimeStamping: CFStringRef;
-    pub static kSecPolicyAppleRevocation: CFStringRef;
-    pub static kSecPolicyApplePassbookSigning: CFStringRef;
-    pub static kSecPolicyApplePayIssuerEncryption: CFStringRef;
-
-    pub fn SecCertificateGetTypeID() -> CFTypeID;
-    pub fn SecCertificateCreateWithData(
-        allocator: CFAllocatorRef,
-        data: CFDataRef,
-    ) -> SecCertificateRef;
-    pub fn SecCertificateAddToKeychain(
-        certificate: SecCertificateRef,
-        keychain: SecKeychainRef,
-    ) -> OSStatus;
-    pub fn SecCertificateCopyData(certificate: SecCertificateRef) -> CFDataRef;
-    pub fn SecCertificateCopySubjectSummary(certificate: SecCertificateRef) -> CFStringRef;
-    pub fn SecCertificateCopyCommonName(
-        certificate: SecCertificateRef,
-        common_name: *mut CFStringRef,
-    ) -> OSStatus;
-    pub fn SecCertificateCopyEmailAddresses(
-        certificate: SecCertificateRef,
-        email_addresses: *mut CFArrayRef,
-    ) -> OSStatus;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecCertificateCopyNormalizedIssuerSequence(certificate: SecCertificateRef) -> CFDataRef;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecCertificateCopyNormalizedSubjectSequence(certificate: SecCertificateRef)
-        -> CFDataRef;
-    #[cfg(target_os = "macos")]
-    #[cfg_attr(target_arch = "aarch64", link_name = "SecCertificateCopyPublicKey$LEGACYMAC")]
-    #[deprecated(note = "Deprecated by Apple. May not work any more. Use SecCertificateCopyKey")]
-    pub fn SecCertificateCopyPublicKey(
-        certificate: SecCertificateRef,
-        key: *mut SecKeyRef,
-    ) -> OSStatus;
-    #[cfg(any(feature = "OSX_10_14", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecCertificateCopyKey(certificate: SecCertificateRef) -> SecKeyRef;
-    #[cfg(any(feature = "OSX_10_13", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecCertificateCopySerialNumberData(
-        certificate: SecCertificateRef,
-        error: *mut CFErrorRef,
-    ) -> CFDataRef;
-    #[cfg(target_os = "macos")]
-    pub fn SecCertificateCopyValues(
-        certificate: SecCertificateRef,
-        keys: CFArrayRef,
-        error: *mut CFErrorRef,
-    ) -> CFDictionaryRef;
-}
diff --git a/vendor/security-framework-sys/src/certificate_oids.rs b/vendor/security-framework-sys/src/certificate_oids.rs
deleted file mode 100644
index 7f6b854d..00000000
--- a/vendor/security-framework-sys/src/certificate_oids.rs
+++ /dev/null
@@ -1,5 +0,0 @@
-use core_foundation_sys::string::CFStringRef;
-
-extern "C" {
-    pub static kSecOIDX509V1SignatureAlgorithm: CFStringRef;
-}
diff --git a/vendor/security-framework-sys/src/cipher_suite.rs b/vendor/security-framework-sys/src/cipher_suite.rs
deleted file mode 100644
index 9782a0e5..00000000
--- a/vendor/security-framework-sys/src/cipher_suite.rs
+++ /dev/null
@@ -1,219 +0,0 @@
-#[cfg(not(target_os = "macos"))]
-pub type SSLCipherSuite = u16;
-
-#[cfg(all(target_os = "macos", target_arch = "aarch64"))]
-pub type SSLCipherSuite = u16;
-
-#[cfg(all(target_os = "macos", not(target_arch = "aarch64")))]
-pub type SSLCipherSuite = u32;
-
-pub const SSL_NULL_WITH_NULL_NULL: SSLCipherSuite = 0x0000;
-pub const SSL_RSA_WITH_NULL_MD5: SSLCipherSuite = 0x0001;
-pub const SSL_RSA_WITH_NULL_SHA: SSLCipherSuite = 0x0002;
-pub const SSL_RSA_EXPORT_WITH_RC4_40_MD5: SSLCipherSuite = 0x0003;
-pub const SSL_RSA_WITH_RC4_128_MD5: SSLCipherSuite = 0x0004;
-pub const SSL_RSA_WITH_RC4_128_SHA: SSLCipherSuite = 0x0005;
-pub const SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5: SSLCipherSuite = 0x0006;
-pub const SSL_RSA_WITH_IDEA_CBC_SHA: SSLCipherSuite = 0x0007;
-pub const SSL_RSA_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x0008;
-pub const SSL_RSA_WITH_DES_CBC_SHA: SSLCipherSuite = 0x0009;
-pub const SSL_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x000A;
-pub const SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x000B;
-pub const SSL_DH_DSS_WITH_DES_CBC_SHA: SSLCipherSuite = 0x000C;
-pub const SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x000D;
-pub const SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x000E;
-pub const SSL_DH_RSA_WITH_DES_CBC_SHA: SSLCipherSuite = 0x000F;
-pub const SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0010;
-pub const SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x0011;
-pub const SSL_DHE_DSS_WITH_DES_CBC_SHA: SSLCipherSuite = 0x0012;
-pub const SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0013;
-pub const SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x0014;
-pub const SSL_DHE_RSA_WITH_DES_CBC_SHA: SSLCipherSuite = 0x0015;
-pub const SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0016;
-pub const SSL_DH_anon_EXPORT_WITH_RC4_40_MD5: SSLCipherSuite = 0x0017;
-pub const SSL_DH_anon_WITH_RC4_128_MD5: SSLCipherSuite = 0x0018;
-pub const SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x0019;
-pub const SSL_DH_anon_WITH_DES_CBC_SHA: SSLCipherSuite = 0x001A;
-pub const SSL_DH_anon_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x001B;
-pub const SSL_FORTEZZA_DMS_WITH_NULL_SHA: SSLCipherSuite = 0x001C;
-pub const SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA: SSLCipherSuite = 0x001D;
-
-// TLS addenda using AES, per RFC 3268
-pub const TLS_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x002F;
-pub const TLS_DH_DSS_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0030;
-pub const TLS_DH_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0031;
-pub const TLS_DHE_DSS_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0032;
-pub const TLS_DHE_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0033;
-pub const TLS_DH_anon_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0034;
-pub const TLS_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0035;
-pub const TLS_DH_DSS_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0036;
-pub const TLS_DH_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0037;
-pub const TLS_DHE_DSS_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0038;
-pub const TLS_DHE_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0039;
-pub const TLS_DH_anon_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x003A;
-
-// ECDSA addenda, RFC 4492
-pub const TLS_ECDH_ECDSA_WITH_NULL_SHA: SSLCipherSuite = 0xC001;
-pub const TLS_ECDH_ECDSA_WITH_RC4_128_SHA: SSLCipherSuite = 0xC002;
-pub const TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC003;
-pub const TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC004;
-pub const TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC005;
-pub const TLS_ECDHE_ECDSA_WITH_NULL_SHA: SSLCipherSuite = 0xC006;
-pub const TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: SSLCipherSuite = 0xC007;
-pub const TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC008;
-pub const TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC009;
-pub const TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC00A;
-pub const TLS_ECDH_RSA_WITH_NULL_SHA: SSLCipherSuite = 0xC00B;
-pub const TLS_ECDH_RSA_WITH_RC4_128_SHA: SSLCipherSuite = 0xC00C;
-pub const TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC00D;
-pub const TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC00E;
-pub const TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC00F;
-pub const TLS_ECDHE_RSA_WITH_NULL_SHA: SSLCipherSuite = 0xC010;
-pub const TLS_ECDHE_RSA_WITH_RC4_128_SHA: SSLCipherSuite = 0xC011;
-pub const TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC012;
-pub const TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC013;
-pub const TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC014;
-pub const TLS_ECDH_anon_WITH_NULL_SHA: SSLCipherSuite = 0xC015;
-pub const TLS_ECDH_anon_WITH_RC4_128_SHA: SSLCipherSuite = 0xC016;
-pub const TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC017;
-pub const TLS_ECDH_anon_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC018;
-pub const TLS_ECDH_anon_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC019;
-
-// TLS 1.2 addenda, RFC 5246
-
-// Initial state.
-pub const TLS_NULL_WITH_NULL_NULL: SSLCipherSuite = 0x0000;
-
-// Server provided RSA certificate for key exchange.
-pub const TLS_RSA_WITH_NULL_MD5: SSLCipherSuite = 0x0001;
-pub const TLS_RSA_WITH_NULL_SHA: SSLCipherSuite = 0x0002;
-pub const TLS_RSA_WITH_RC4_128_MD5: SSLCipherSuite = 0x0004;
-pub const TLS_RSA_WITH_RC4_128_SHA: SSLCipherSuite = 0x0005;
-pub const TLS_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x000A;
-// pub const TLS_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x002F;
-// pub const TLS_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0035;
-pub const TLS_RSA_WITH_NULL_SHA256: SSLCipherSuite = 0x003B;
-pub const TLS_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x003C;
-pub const TLS_RSA_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x003D;
-
-// Server-authenticated (and optionally client-authenticated) Diffie-Hellman.
-pub const TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x000D;
-pub const TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0010;
-pub const TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0013;
-pub const TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0016;
-// pub const TLS_DH_DSS_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0030;
-// pub const TLS_DH_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0031;
-// pub const TLS_DHE_DSS_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0032;
-// pub const TLS_DHE_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0033;
-// pub const TLS_DH_DSS_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0036;
-// pub const TLS_DH_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0037;
-// pub const TLS_DHE_DSS_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0038;
-// pub const TLS_DHE_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0039;
-pub const TLS_DH_DSS_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x003E;
-pub const TLS_DH_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x003F;
-pub const TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x0040;
-pub const TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x0067;
-pub const TLS_DH_DSS_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x0068;
-pub const TLS_DH_RSA_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x0069;
-pub const TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x006A;
-pub const TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x006B;
-
-// Completely anonymous Diffie-Hellman
-pub const TLS_DH_anon_WITH_RC4_128_MD5: SSLCipherSuite = 0x0018;
-pub const TLS_DH_anon_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x001B;
-// pub const TLS_DH_anon_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0034;
-// pub const TLS_DH_anon_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x003A;
-pub const TLS_DH_anon_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x006C;
-pub const TLS_DH_anon_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x006D;
-
-// Addendum from RFC 4279, TLS PSK
-
-pub const TLS_PSK_WITH_RC4_128_SHA: SSLCipherSuite = 0x008A;
-pub const TLS_PSK_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x008B;
-pub const TLS_PSK_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x008C;
-pub const TLS_PSK_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x008D;
-pub const TLS_DHE_PSK_WITH_RC4_128_SHA: SSLCipherSuite = 0x008E;
-pub const TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x008F;
-pub const TLS_DHE_PSK_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0090;
-pub const TLS_DHE_PSK_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0091;
-pub const TLS_RSA_PSK_WITH_RC4_128_SHA: SSLCipherSuite = 0x0092;
-pub const TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0093;
-pub const TLS_RSA_PSK_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0094;
-pub const TLS_RSA_PSK_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0095;
-
-// RFC 4785 - Pre-Shared Key (PSK) Ciphersuites with NULL Encryption
-
-pub const TLS_PSK_WITH_NULL_SHA: SSLCipherSuite = 0x002C;
-pub const TLS_DHE_PSK_WITH_NULL_SHA: SSLCipherSuite = 0x002D;
-pub const TLS_RSA_PSK_WITH_NULL_SHA: SSLCipherSuite = 0x002E;
-
-// Addenda from rfc 5288 AES Galois Counter Mode (GCM) Cipher Suites
-// for TLS.
-pub const TLS_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x009C;
-pub const TLS_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x009D;
-pub const TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x009E;
-pub const TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x009F;
-pub const TLS_DH_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A0;
-pub const TLS_DH_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A1;
-pub const TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A2;
-pub const TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A3;
-pub const TLS_DH_DSS_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A4;
-pub const TLS_DH_DSS_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A5;
-pub const TLS_DH_anon_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A6;
-pub const TLS_DH_anon_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A7;
-
-// RFC 5487 - PSK with SHA-256/384 and AES GCM
-pub const TLS_PSK_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A8;
-pub const TLS_PSK_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A9;
-pub const TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00AA;
-pub const TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00AB;
-pub const TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00AC;
-pub const TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00AD;
-
-pub const TLS_PSK_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x00AE;
-pub const TLS_PSK_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0x00AF;
-pub const TLS_PSK_WITH_NULL_SHA256: SSLCipherSuite = 0x00B0;
-pub const TLS_PSK_WITH_NULL_SHA384: SSLCipherSuite = 0x00B1;
-
-pub const TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x00B2;
-pub const TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0x00B3;
-pub const TLS_DHE_PSK_WITH_NULL_SHA256: SSLCipherSuite = 0x00B4;
-pub const TLS_DHE_PSK_WITH_NULL_SHA384: SSLCipherSuite = 0x00B5;
-
-pub const TLS_RSA_PSK_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x00B6;
-pub const TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0x00B7;
-pub const TLS_RSA_PSK_WITH_NULL_SHA256: SSLCipherSuite = 0x00B8;
-pub const TLS_RSA_PSK_WITH_NULL_SHA384: SSLCipherSuite = 0x00B9;
-
-// Addenda from rfc 5289  Elliptic Curve Cipher Suites with
-// HMAC SHA-256/384.
-pub const TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0xC023;
-pub const TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0xC024;
-pub const TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0xC025;
-pub const TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0xC026;
-pub const TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0xC027;
-pub const TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0xC028;
-pub const TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0xC029;
-pub const TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0xC02A;
-
-// Addenda from rfc 5289  Elliptic Curve Cipher Suites with
-// SHA-256/384 and AES Galois Counter Mode (GCM)
-pub const TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0xC02B;
-pub const TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0xC02C;
-pub const TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0xC02D;
-pub const TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0xC02E;
-pub const TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0xC02F;
-pub const TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0xC030;
-pub const TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0xC031;
-pub const TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0xC032;
-
-// RFC 5746 - Secure Renegotiation
-pub const TLS_EMPTY_RENEGOTIATION_INFO_SCSV: SSLCipherSuite = 0x00FF;
-// Tags for SSL 2 cipher kinds which are not specified
-// for SSL 3.
-//
-pub const SSL_RSA_WITH_RC2_CBC_MD5: SSLCipherSuite = 0xFF80;
-pub const SSL_RSA_WITH_IDEA_CBC_MD5: SSLCipherSuite = 0xFF81;
-pub const SSL_RSA_WITH_DES_CBC_MD5: SSLCipherSuite = 0xFF82;
-pub const SSL_RSA_WITH_3DES_EDE_CBC_MD5: SSLCipherSuite = 0xFF83;
-pub const SSL_NO_SUCH_CIPHERSUITE: SSLCipherSuite = 0xFFFF;
diff --git a/vendor/security-framework-sys/src/cms.rs b/vendor/security-framework-sys/src/cms.rs
deleted file mode 100644
index 6da3702e..00000000
--- a/vendor/security-framework-sys/src/cms.rs
+++ /dev/null
@@ -1,250 +0,0 @@
-//! Cryptographic Message Syntax support
-
-use std::os::raw::c_void;
-
-use core_foundation_sys::array::CFArrayRef;
-use core_foundation_sys::base::{Boolean, CFTypeID, CFTypeRef, OSStatus};
-use core_foundation_sys::data::CFDataRef;
-use core_foundation_sys::date::CFAbsoluteTime;
-use core_foundation_sys::string::CFStringRef;
-
-use crate::base::SecCertificateRef;
-use crate::trust::SecTrustRef;
-
-pub enum OpaqueCMSEncoderRef {}
-pub type CMSEncoderRef = *mut OpaqueCMSEncoderRef;
-
-pub enum OpaqueCMSDecoderRef {}
-pub type CMSDecoderRef = *mut OpaqueCMSEncoderRef;
-
-#[repr(i32)]
-#[derive(Copy, Clone, Eq, PartialEq, Debug)]
-pub enum CMSSignerStatus {
-    kCMSSignerUnsigned = 0,
-    kCMSSignerValid = 1,
-    kCMSSignerNeedsDetachedContent = 2,
-    kCMSSignerInvalidSignature = 3,
-    kCMSSignerInvalidCert = 4,
-    kCMSSignerInvalidIndex = 5,
-}
-
-pub type CMSSignedAttributes = u32;
-pub const kCMSAttrNone: CMSSignedAttributes = 0x0000;
-pub const kCMSAttrSmimeCapabilities: CMSSignedAttributes = 0x0001;
-pub const kCMSAttrSmimeEncryptionKeyPrefs: CMSSignedAttributes = 0x0002;
-pub const kCMSAttrSmimeMSEncryptionKeyPrefs: CMSSignedAttributes = 0x0004;
-pub const kCMSAttrSigningTime: CMSSignedAttributes = 0x0008;
-pub const kCMSAttrAppleCodesigningHashAgility: CMSSignedAttributes = 0x0010;
-pub const kCMSAttrAppleCodesigningHashAgilityV2: CMSSignedAttributes = 0x0020;
-pub const kCMSAttrAppleExpirationTime: CMSSignedAttributes = 0x0040;
-
-#[repr(i32)]
-#[derive(Copy, Clone, Eq, PartialEq, Debug)]
-pub enum CMSCertificateChainMode {
-    kCMSCertificateNone = 0,
-    kCMSCertificateSignerOnly = 1,
-    kCMSCertificateChain = 2,
-    kCMSCertificateChainWithRoot = 3,
-    kCMSCertificateChainWithRootOrFail = 4,
-}
-
-extern "C" {
-
-    // CMS decoder
-
-    pub fn CMSDecoderGetTypeID() -> CFTypeID;
-
-    pub fn CMSDecoderCreate(output: *mut CMSDecoderRef) -> OSStatus;
-
-    pub fn CMSDecoderUpdateMessage(
-        decoder: CMSDecoderRef,
-        msg_bytes: *const c_void,
-        msg_bytes_len: usize,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderFinalizeMessage(decoder: CMSDecoderRef) -> OSStatus;
-
-    pub fn CMSDecoderSetDetachedContent(
-        decoder: CMSDecoderRef,
-        detached_content: CFDataRef,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopyDetachedContent(
-        decoder: CMSDecoderRef,
-        detached_content_out: *mut CFDataRef,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderGetNumSigners(
-        decoder: CMSDecoderRef,
-        num_signers_out: *mut usize,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerStatus(
-        decoder: CMSDecoderRef,
-        signer_index: usize,
-        policy_or_array: CFTypeRef,
-        evaluate_sec_trust: Boolean,
-        signer_status_out: *mut CMSSignerStatus,
-        sec_trust_out: *mut SecTrustRef,
-        cert_verify_result_code_out: *mut OSStatus,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerEmailAddress(
-        decoder: CMSDecoderRef,
-        signer_index: usize,
-        signer_email_address_out: *mut CFStringRef,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerCert(
-        decoder: CMSDecoderRef,
-        signer_index: usize,
-        signer_cert_out: *mut SecCertificateRef,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderIsContentEncrypted(
-        decoder: CMSDecoderRef,
-        is_encrypted_out: *mut Boolean,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopyEncapsulatedContentType(
-        decoder: CMSDecoderRef,
-        content_type_out: *mut CFDataRef,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopyAllCerts(decoder: CMSDecoderRef, certs_out: *mut CFArrayRef) -> OSStatus;
-
-    pub fn CMSDecoderCopyContent(decoder: CMSDecoderRef, content_out: *mut CFDataRef) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerSigningTime(
-        decoder: CMSDecoderRef,
-        signer_index: usize,
-        sign_time_out: *mut CFAbsoluteTime,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerTimestamp(
-        decoder: CMSDecoderRef,
-        signer_index: usize,
-        timestamp: *mut CFAbsoluteTime,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerTimestampWithPolicy(
-        decoder: CMSDecoderRef,
-        timestamp_policy: CFTypeRef,
-        signer_index: usize,
-        timestamp: *mut CFAbsoluteTime,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerTimestampCertificates(
-        decoder: CMSDecoderRef,
-        signer_index: usize,
-        certificate_refs: *mut CFArrayRef,
-    ) -> OSStatus;
-
-    // CMS encoder
-
-    pub static kCMSEncoderDigestAlgorithmSHA1: CFStringRef;
-    pub static kCMSEncoderDigestAlgorithmSHA256: CFStringRef;
-
-    pub fn CMSEncoderGetTypeID() -> CFTypeID;
-
-    pub fn CMSEncoderCreate(encoder_out: *mut CMSEncoderRef) -> OSStatus;
-
-    pub fn CMSEncoderSetSignerAlgorithm(
-        encoder: CMSEncoderRef,
-        digest_alogrithm: CFStringRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderAddSigners(encoder: CMSEncoderRef, signer_or_array: CFTypeRef) -> OSStatus;
-
-    pub fn CMSEncoderCopySigners(encoder: CMSEncoderRef, signers_out: *mut CFArrayRef) -> OSStatus;
-
-    pub fn CMSEncoderAddRecipients(
-        encoder: CMSEncoderRef,
-        recipient_or_array: CFTypeRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderCopyRecipients(
-        encoder: CMSEncoderRef,
-        recipients_out: *mut CFArrayRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderSetHasDetachedContent(
-        encoder: CMSEncoderRef,
-        detached_content: Boolean,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderGetHasDetachedContent(
-        encoder: CMSEncoderRef,
-        detached_content_out: *mut Boolean,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderSetEncapsulatedContentTypeOID(
-        encoder: CMSEncoderRef,
-        content_type_oid: CFTypeRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderCopyEncapsulatedContentType(
-        encoder: CMSEncoderRef,
-        content_type_out: *mut CFDataRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderAddSupportingCerts(
-        encoder: CMSEncoderRef,
-        cert_or_array: CFTypeRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderCopySupportingCerts(
-        encoder: CMSEncoderRef,
-        certs_out: *mut CFArrayRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderAddSignedAttributes(
-        encoder: CMSEncoderRef,
-        signed_attributes: CMSSignedAttributes,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderSetCertificateChainMode(
-        encoder: CMSEncoderRef,
-        chain_mode: CMSCertificateChainMode,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderGetCertificateChainMode(
-        encoder: CMSEncoderRef,
-        chain_mode_out: *mut CMSCertificateChainMode,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderUpdateContent(
-        encoder: CMSEncoderRef,
-        content: *const c_void,
-        content_len: usize,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderCopyEncodedContent(
-        encoder: CMSEncoderRef,
-        encoded_content_out: *mut CFDataRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncodeContent(
-        signers: CFTypeRef,
-        recipients: CFTypeRef,
-        content_type_oid: CFTypeRef,
-        detached_content: Boolean,
-        signed_attributes: CMSSignedAttributes,
-        content: *const c_void,
-        content_len: usize,
-        encoded_content_out: *mut CFDataRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderCopySignerTimestamp(
-        encoder: CMSEncoderRef,
-        signer_index: usize,
-        timestamp: *mut CFAbsoluteTime,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderCopySignerTimestampWithPolicy(
-        encoder: CMSEncoderRef,
-        timestamp_policy: CFTypeRef,
-        signer_index: usize,
-        timestamp: *mut CFAbsoluteTime,
-    ) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/code_signing.rs b/vendor/security-framework-sys/src/code_signing.rs
deleted file mode 100644
index bd4abc76..00000000
--- a/vendor/security-framework-sys/src/code_signing.rs
+++ /dev/null
@@ -1,96 +0,0 @@
-use core_foundation_sys::base::CFTypeID;
-use core_foundation_sys::base::OSStatus;
-use core_foundation_sys::dictionary::CFDictionaryRef;
-use core_foundation_sys::string::CFStringRef;
-use core_foundation_sys::url::CFURLRef;
-
-pub enum OpaqueSecRequirementRef {}
-pub type SecRequirementRef = *mut OpaqueSecRequirementRef;
-
-pub enum OpaqueSecCodeRef {}
-pub type SecCodeRef = *mut OpaqueSecCodeRef;
-
-pub enum OpaqueSecStaticCodeRef {}
-pub type SecStaticCodeRef = *mut OpaqueSecStaticCodeRef;
-
-pub type SecCSFlags = u32;
-pub const kSecCSCheckAllArchitectures: SecCSFlags = 1 << 0;
-pub const kSecCSDoNotValidateExecutable: SecCSFlags = 1 << 1;
-pub const kSecCSDoNotValidateResources: SecCSFlags = 1 << 2;
-pub const kSecCSBasicValidateOnly: SecCSFlags =
-    kSecCSDoNotValidateExecutable | kSecCSDoNotValidateResources;
-pub const kSecCSCheckNestedCode: SecCSFlags = 1 << 3;
-pub const kSecCSStrictValidate: SecCSFlags = 1 << 4;
-pub const kSecCSFullReport: SecCSFlags = 1 << 5;
-pub const kSecCSCheckGatekeeperArchitectures: SecCSFlags = (1 << 6) | kSecCSCheckAllArchitectures;
-pub const kSecCSRestrictSymlinks: SecCSFlags = 1 << 7;
-pub const kSecCSRestrictToAppLike: SecCSFlags = 1 << 8;
-pub const kSecCSRestrictSidebandData: SecCSFlags = 1 << 9;
-pub const kSecCSUseSoftwareSigningCert: SecCSFlags = 1 << 10;
-pub const kSecCSValidatePEH: SecCSFlags = 1 << 11;
-pub const kSecCSSingleThreaded: SecCSFlags = 1 << 12;
-// 13 - 15 are unused
-// This is only available in macOS 11.3:
-// pub const kSecCSAllowNetworkAccess: SecCSFlags = 1 << 16;
-// 17 - 25 are unused
-pub const kSecCSQuickCheck: SecCSFlags = 1 << 26;
-pub const kSecCSCheckTrustedAnchors: SecCSFlags = 1 << 27;
-pub const kSecCSReportProgress: SecCSFlags = 1 << 28;
-pub const kSecCSNoNetworkAccess: SecCSFlags = 1 << 29;
-pub const kSecCSEnforceRevocationChecks: SecCSFlags = 1 << 30;
-pub const kSecCSConsiderExpiration: SecCSFlags = 1 << 31;
-
-extern "C" {
-    pub static kSecGuestAttributeArchitecture: CFStringRef;
-    pub static kSecGuestAttributeAudit: CFStringRef;
-    pub static kSecGuestAttributeCanonical: CFStringRef;
-    pub static kSecGuestAttributeDynamicCode: CFStringRef;
-    pub static kSecGuestAttributeDynamicCodeInfoPlist: CFStringRef;
-    pub static kSecGuestAttributeHash: CFStringRef;
-    pub static kSecGuestAttributeMachPort: CFStringRef;
-    pub static kSecGuestAttributePid: CFStringRef;
-    pub static kSecGuestAttributeSubarchitecture: CFStringRef;
-
-    pub fn SecCodeGetTypeID() -> CFTypeID;
-    pub fn SecStaticCodeGetTypeID() -> CFTypeID;
-    pub fn SecRequirementGetTypeID() -> CFTypeID;
-
-    pub fn SecCodeCheckValidity(
-        code: SecCodeRef,
-        flags: SecCSFlags,
-        requirement: SecRequirementRef,
-    ) -> OSStatus;
-
-    pub fn SecCodeCopyGuestWithAttributes(
-        host: SecCodeRef,
-        attrs: CFDictionaryRef,
-        flags: SecCSFlags,
-        guest: *mut SecCodeRef,
-    ) -> OSStatus;
-
-    pub fn SecCodeCopyPath(
-        code: SecStaticCodeRef,
-        flags: SecCSFlags,
-        path: *mut CFURLRef,
-    ) -> OSStatus;
-
-    pub fn SecCodeCopySelf(flags: SecCSFlags, out: *mut SecCodeRef) -> OSStatus;
-
-    pub fn SecRequirementCreateWithString(
-        text: CFStringRef,
-        flags: SecCSFlags,
-        requirement: *mut SecRequirementRef,
-    ) -> OSStatus;
-
-    pub fn SecStaticCodeCheckValidity(
-        code: SecStaticCodeRef,
-        flags: SecCSFlags,
-        requirement: SecRequirementRef,
-    ) -> OSStatus;
-
-    pub fn SecStaticCodeCreateWithPath(
-        path: CFURLRef,
-        flags: SecCSFlags,
-        code: *mut SecStaticCodeRef,
-    ) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/digest_transform.rs b/vendor/security-framework-sys/src/digest_transform.rs
deleted file mode 100644
index fdcf6ee2..00000000
--- a/vendor/security-framework-sys/src/digest_transform.rs
+++ /dev/null
@@ -1,28 +0,0 @@
-use core_foundation_sys::base::{CFIndex, CFTypeRef};
-use core_foundation_sys::error::CFErrorRef;
-use core_foundation_sys::string::CFStringRef;
-
-use crate::transform::SecTransformRef;
-
-extern "C" {
-    pub static kSecDigestHMACKeyAttribute: CFStringRef;
-    pub static kSecDigestHMACMD5: CFStringRef;
-    pub static kSecDigestHMACSHA1: CFStringRef;
-    pub static kSecDigestHMACSHA2: CFStringRef;
-    pub static kSecDigestLengthAttribute: CFStringRef;
-    pub static kSecDigestMD2: CFStringRef;
-    pub static kSecDigestMD4: CFStringRef;
-    pub static kSecDigestMD5: CFStringRef;
-    pub static kSecDigestSHA1: CFStringRef;
-    pub static kSecDigestSHA2: CFStringRef;
-    pub static kSecDigestTypeAttribute: CFStringRef;
-
-    pub fn SecDigestTransformCreate(
-        digestType: CFTypeRef,
-        digestLength: CFIndex,
-        error: *mut CFErrorRef,
-    ) -> SecTransformRef;
-
-// this symbol is apparently missing in 10.13.3?
-// pub fn SecDigestTransformGetTypeID() -> CFTypeID;
-}
diff --git a/vendor/security-framework-sys/src/encrypt_transform.rs b/vendor/security-framework-sys/src/encrypt_transform.rs
deleted file mode 100644
index 85330527..00000000
--- a/vendor/security-framework-sys/src/encrypt_transform.rs
+++ /dev/null
@@ -1,29 +0,0 @@
-use core_foundation_sys::error::CFErrorRef;
-use core_foundation_sys::string::CFStringRef;
-
-use crate::base::SecKeyRef;
-use crate::transform::SecTransformRef;
-
-extern "C" {
-    pub static kSecEncryptionMode: CFStringRef;
-    pub static kSecEncryptKey: CFStringRef;
-    pub static kSecIVKey: CFStringRef;
-    pub static kSecModeCBCKey: CFStringRef;
-    pub static kSecModeCFBKey: CFStringRef;
-    pub static kSecModeECBKey: CFStringRef;
-    pub static kSecModeNoneKey: CFStringRef;
-    pub static kSecModeOFBKey: CFStringRef;
-    pub static kSecPaddingKey: CFStringRef;
-    pub static kSecPaddingNoneKey: CFStringRef;
-    pub static kSecPaddingOAEPKey: CFStringRef;
-    pub static kSecPaddingPKCS1Key: CFStringRef;
-    pub static kSecPaddingPKCS5Key: CFStringRef;
-    pub static kSecPaddingPKCS7Key: CFStringRef;
-
-    pub fn SecDecryptTransformCreate(keyRef: SecKeyRef, error: *mut CFErrorRef) -> SecTransformRef;
-    // this symbol is apparently missing in 10.13.3?
-    // pub fn SecDecryptTransformGetTypeID() -> CFTypeID;
-    pub fn SecEncryptTransformCreate(keyRef: SecKeyRef, error: *mut CFErrorRef) -> SecTransformRef;
-// this symbol is apparently missing in 10.13.3?
-// pub fn SecEncryptTransformGetTypeID() -> CFTypeID;
-}
diff --git a/vendor/security-framework-sys/src/identity.rs b/vendor/security-framework-sys/src/identity.rs
deleted file mode 100644
index 6d8295ec..00000000
--- a/vendor/security-framework-sys/src/identity.rs
+++ /dev/null
@@ -1,21 +0,0 @@
-#[cfg(target_os = "macos")]
-use core_foundation_sys::base::CFTypeRef;
-use core_foundation_sys::base::{CFTypeID, OSStatus};
-
-use crate::base::{SecCertificateRef, SecIdentityRef, SecKeyRef};
-
-extern "C" {
-    pub fn SecIdentityGetTypeID() -> CFTypeID;
-    pub fn SecIdentityCopyCertificate(
-        identity: SecIdentityRef,
-        certificate_ref: *mut SecCertificateRef,
-    ) -> OSStatus;
-    pub fn SecIdentityCopyPrivateKey(identity: SecIdentityRef, key_ref: *mut SecKeyRef)
-        -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SecIdentityCreateWithCertificate(
-        keychain_or_Array: CFTypeRef,
-        certificate_ref: SecCertificateRef,
-        identity_ref: *mut SecIdentityRef,
-    ) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/import_export.rs b/vendor/security-framework-sys/src/import_export.rs
deleted file mode 100644
index cd32f571..00000000
--- a/vendor/security-framework-sys/src/import_export.rs
+++ /dev/null
@@ -1,86 +0,0 @@
-use core_foundation_sys::array::CFArrayRef;
-#[cfg(target_os = "macos")]
-use core_foundation_sys::base::CFTypeRef;
-use core_foundation_sys::base::OSStatus;
-use core_foundation_sys::data::CFDataRef;
-use core_foundation_sys::dictionary::CFDictionaryRef;
-use core_foundation_sys::string::CFStringRef;
-#[cfg(target_os = "macos")]
-use std::os::raw::c_uint;
-
-#[cfg(target_os = "macos")]
-use crate::base::{SecAccessRef, SecKeychainRef};
-
-#[cfg(target_os = "macos")]
-pub type SecExternalFormat = u32;
-#[cfg(target_os = "macos")]
-pub type SecExternalItemType = u32;
-#[cfg(target_os = "macos")]
-pub type SecItemImportExportFlags = u32;
-#[cfg(target_os = "macos")]
-pub type SecKeyImportExportFlags = u32;
-
-#[cfg(target_os = "macos")]
-pub const kSecKeyImportOnlyOne: SecKeyImportExportFlags = 1;
-#[cfg(target_os = "macos")]
-pub const kSecKeySecurePassphrase: SecKeyImportExportFlags = 2;
-#[cfg(target_os = "macos")]
-pub const kSecKeyNoAccessControl: SecKeyImportExportFlags = 4;
-
-#[cfg(target_os = "macos")]
-pub const SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION: c_uint = 0;
-
-#[repr(C)]
-#[derive(Copy, Clone)]
-#[cfg(target_os = "macos")]
-pub struct SecItemImportExportKeyParameters {
-    pub version: c_uint,
-    pub flags: SecKeyImportExportFlags,
-    pub passphrase: CFTypeRef,
-    pub alertTitle: CFStringRef,
-    pub alertPrompt: CFStringRef,
-    pub accessRef: SecAccessRef,
-    pub keyUsage: CFArrayRef,
-    pub keyAttributes: CFArrayRef,
-}
-
-extern "C" {
-    #[cfg(target_os = "macos")]
-    pub fn SecItemImport(
-        importedData: CFDataRef,
-        fileNameOrExtension: CFStringRef,
-        inputFormat: *mut SecExternalFormat,
-        itemType: *mut SecExternalItemType,
-        flags: SecItemImportExportFlags,
-        keyParams: *const SecItemImportExportKeyParameters,
-        importKeychain: SecKeychainRef,
-        outItems: *mut CFArrayRef,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecItemExport(
-        secItemOrArray: CFTypeRef,
-        outputFormat: SecExternalFormat,
-        flags: SecItemImportExportFlags,
-        keyParams: *const SecItemImportExportKeyParameters,
-        exportedData: *mut CFDataRef,
-    ) -> OSStatus;
-
-    pub static kSecImportExportPassphrase: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecImportExportKeychain: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecImportExportAccess: CFStringRef;
-
-    pub static kSecImportItemLabel: CFStringRef;
-    pub static kSecImportItemKeyID: CFStringRef;
-    pub static kSecImportItemTrust: CFStringRef;
-    pub static kSecImportItemCertChain: CFStringRef;
-    pub static kSecImportItemIdentity: CFStringRef;
-
-    pub fn SecPKCS12Import(
-        pkcs12_data: CFDataRef,
-        options: CFDictionaryRef,
-        items: *mut CFArrayRef,
-    ) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/item.rs b/vendor/security-framework-sys/src/item.rs
deleted file mode 100644
index 5427bc99..00000000
--- a/vendor/security-framework-sys/src/item.rs
+++ /dev/null
@@ -1,93 +0,0 @@
-use core_foundation_sys::string::CFStringRef;
-
-extern "C" {
-    pub static kSecClass: CFStringRef;
-    pub static kSecClassInternetPassword: CFStringRef;
-    pub static kSecClassGenericPassword: CFStringRef;
-    pub static kSecClassCertificate: CFStringRef;
-    pub static kSecClassKey: CFStringRef;
-    pub static kSecClassIdentity: CFStringRef;
-
-    pub static kSecMatchLimit: CFStringRef;
-    pub static kSecMatchLimitAll: CFStringRef;
-
-    pub static kSecMatchTrustedOnly: CFStringRef;
-    pub static kSecMatchCaseInsensitive: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecMatchSubjectWholeString: CFStringRef;
-
-    pub static kSecReturnData: CFStringRef;
-    pub static kSecReturnAttributes: CFStringRef;
-    pub static kSecReturnRef: CFStringRef;
-    pub static kSecReturnPersistentRef: CFStringRef;
-
-    pub static kSecMatchSearchList: CFStringRef;
-
-    pub static kSecAttrApplicationLabel: CFStringRef;
-    pub static kSecAttrKeyType: CFStringRef;
-    pub static kSecAttrLabel: CFStringRef;
-    pub static kSecAttrIsPermanent: CFStringRef;
-    pub static kSecAttrPublicKeyHash: CFStringRef;
-    pub static kSecAttrSerialNumber: CFStringRef;
-    pub static kSecPrivateKeyAttrs: CFStringRef;
-    pub static kSecPublicKeyAttrs: CFStringRef;
-
-    pub static kSecAttrKeyClass: CFStringRef;
-    pub static kSecAttrKeyClassPublic: CFStringRef;
-    pub static kSecAttrKeyClassPrivate: CFStringRef;
-    pub static kSecAttrKeyClassSymmetric: CFStringRef;
-
-    pub static kSecUseKeychain: CFStringRef;
-    #[cfg(any(feature = "OSX_10_15", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecUseDataProtectionKeychain: CFStringRef;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecAttrTokenID: CFStringRef;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecAttrTokenIDSecureEnclave: CFStringRef;
-    #[cfg(any(feature = "OSX_10_13", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecUseAuthenticationContext: CFStringRef;
-    #[cfg(any(feature = "OSX_10_13", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecAttrSynchronizable: CFStringRef;
-
-    pub static kSecAttrKeySizeInBits: CFStringRef;
-
-    pub static kSecAttrKeyTypeECSECPrimeRandom: CFStringRef;
-    pub static kSecAttrKeyTypeRSA: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyTypeDSA: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyTypeAES: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyTypeDES: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyType3DES: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyTypeRC4: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyTypeRC2: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyTypeCAST: CFStringRef;
-    pub static kSecAttrKeyTypeEC: CFStringRef;
-
-    pub static kSecAttrAccessGroup: CFStringRef;
-    pub static kSecAttrAccessGroupToken: CFStringRef;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecKeyKeyExchangeParameterRequestedSize: CFStringRef;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecKeyKeyExchangeParameterSharedInfo: CFStringRef;
-
-    pub static kSecAttrAuthenticationType: CFStringRef;
-    pub static kSecAttrComment: CFStringRef;
-    pub static kSecAttrDescription: CFStringRef;
-    pub static kSecAttrPath: CFStringRef;
-    pub static kSecAttrPort: CFStringRef;
-    pub static kSecAttrProtocol: CFStringRef;
-    pub static kSecAttrSecurityDomain: CFStringRef;
-    pub static kSecAttrServer: CFStringRef;
-    pub static kSecAttrService: CFStringRef;
-    pub static kSecAttrAccessControl: CFStringRef;
-    pub static kSecAttrAccount: CFStringRef;
-    pub static kSecValueData: CFStringRef;
-    pub static kSecValueRef: CFStringRef;
-}
diff --git a/vendor/security-framework-sys/src/key.rs b/vendor/security-framework-sys/src/key.rs
deleted file mode 100644
index a40a3036..00000000
--- a/vendor/security-framework-sys/src/key.rs
+++ /dev/null
@@ -1,219 +0,0 @@
-use core_foundation_sys::base::CFTypeID;
-use core_foundation_sys::data::CFDataRef;
-use core_foundation_sys::dictionary::CFDictionaryRef;
-use core_foundation_sys::error::CFErrorRef;
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-use core_foundation_sys::string::CFStringRef;
-
-use crate::base::SecKeyRef;
-
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub type SecKeyAlgorithm = CFStringRef;
-
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub type SecKeyOperationType = u32;
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub const kSecKeyOperationTypeSign: SecKeyOperationType = 0;
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub const kSecKeyOperationTypeVerify: SecKeyOperationType = 1;
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub const kSecKeyOperationTypeEncrypt: SecKeyOperationType = 2;
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub const kSecKeyOperationTypeDecrypt: SecKeyOperationType = 3;
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub const kSecKeyOperationTypeKeyExchange: SecKeyOperationType = 4;
-
-extern "C" {
-    pub fn SecKeyGetTypeID() -> CFTypeID;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCreateRandomKey(parameters: CFDictionaryRef, error: *mut CFErrorRef) -> SecKeyRef;
-
-    #[cfg(any(feature = "OSX_10_13", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCreateWithData(
-        keyData: CFDataRef,
-        attributes: CFDictionaryRef,
-        error: *mut CFErrorRef,
-    ) -> SecKeyRef;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecKeyCreateFromData(
-        parameters: CFDictionaryRef,
-        keyData: CFDataRef,
-        error: *mut CFErrorRef,
-    ) -> SecKeyRef;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCopyExternalRepresentation(key: SecKeyRef, error: *mut CFErrorRef) -> CFDataRef;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCopyAttributes(key: SecKeyRef) -> CFDictionaryRef;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCopyPublicKey(key: SecKeyRef) -> SecKeyRef;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCreateSignature(
-        key: SecKeyRef,
-        algorithm: SecKeyAlgorithm,
-        dataToSign: CFDataRef,
-        error: *mut CFErrorRef,
-    ) -> CFDataRef;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyVerifySignature(
-        key: SecKeyRef,
-        algorithm: SecKeyAlgorithm,
-        signedData: CFDataRef,
-        signature: CFDataRef,
-        error: *mut CFErrorRef,
-    ) -> core_foundation_sys::base::Boolean;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCreateEncryptedData(
-        key: SecKeyRef,
-        algorithm: SecKeyAlgorithm,
-        plaintext: CFDataRef,
-        error: *mut CFErrorRef,
-    ) -> CFDataRef;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCreateDecryptedData(
-        key: SecKeyRef,
-        algorithm: SecKeyAlgorithm,
-        ciphertext: CFDataRef,
-        error: *mut CFErrorRef,
-    ) -> CFDataRef;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyIsAlgorithmSupported(
-        key: SecKeyRef,
-        operation: SecKeyOperationType,
-        algorithm: SecKeyAlgorithm,
-    ) -> core_foundation_sys::base::Boolean;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCopyKeyExchangeResult(
-        privateKey: SecKeyRef,
-        algorithm: SecKeyAlgorithm,
-        publicKey: SecKeyRef,
-        parameters: CFDictionaryRef,
-        error: *mut CFErrorRef,
-    ) -> CFDataRef;
-}
-
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-macro_rules! names {
-    ($( $(# $meta:literal )* $i:ident => $x:ident),*) => {
-        extern "C" {
-            $($(#[cfg(feature = $meta)])* pub static $x: SecKeyAlgorithm;)*
-        }
-
-        #[non_exhaustive]
-        #[derive(Copy, Clone)]
-        pub enum Algorithm {
-            $( $(#[cfg(feature = $meta)])* $i, )*
-        }
-
-        impl From<Algorithm> for SecKeyAlgorithm {
-            fn from(m: Algorithm) -> Self {
-                unsafe { match m {
-                    $( $(#[cfg(feature = $meta)])* Algorithm::$i => $x, )*
-                } }
-            }
-        }
-    }
-}
-
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-names! {
-    ECIESEncryptionStandardX963SHA1AESGCM => kSecKeyAlgorithmECIESEncryptionStandardX963SHA1AESGCM,
-    ECIESEncryptionStandardX963SHA224AESGCM => kSecKeyAlgorithmECIESEncryptionStandardX963SHA224AESGCM,
-    ECIESEncryptionStandardX963SHA256AESGCM => kSecKeyAlgorithmECIESEncryptionStandardX963SHA256AESGCM,
-    ECIESEncryptionStandardX963SHA384AESGCM => kSecKeyAlgorithmECIESEncryptionStandardX963SHA384AESGCM,
-    ECIESEncryptionStandardX963SHA512AESGCM => kSecKeyAlgorithmECIESEncryptionStandardX963SHA512AESGCM,
-
-    ECIESEncryptionStandardVariableIVX963SHA224AESGCM => kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA224AESGCM,
-    ECIESEncryptionStandardVariableIVX963SHA256AESGCM => kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA256AESGCM,
-    ECIESEncryptionStandardVariableIVX963SHA384AESGCM => kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA384AESGCM,
-    ECIESEncryptionStandardVariableIVX963SHA512AESGCM => kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA512AESGCM,
-
-    ECIESEncryptionCofactorVariableIVX963SHA224AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA224AESGCM,
-    ECIESEncryptionCofactorVariableIVX963SHA256AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA256AESGCM,
-    ECIESEncryptionCofactorVariableIVX963SHA384AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA384AESGCM,
-    ECIESEncryptionCofactorVariableIVX963SHA512AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA512AESGCM,
-
-    #"OSX_10_13" ECIESEncryptionCofactorX963SHA1AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorX963SHA1AESGCM,
-    #"OSX_10_13" ECIESEncryptionCofactorX963SHA224AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorX963SHA224AESGCM,
-    #"OSX_10_13" ECIESEncryptionCofactorX963SHA256AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorX963SHA256AESGCM,
-    #"OSX_10_13" ECIESEncryptionCofactorX963SHA384AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorX963SHA384AESGCM,
-    #"OSX_10_13" ECIESEncryptionCofactorX963SHA512AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorX963SHA512AESGCM,
-
-    ECDSASignatureRFC4754 => kSecKeyAlgorithmECDSASignatureRFC4754,
-
-    ECDSASignatureDigestX962 => kSecKeyAlgorithmECDSASignatureDigestX962,
-    ECDSASignatureDigestX962SHA1 => kSecKeyAlgorithmECDSASignatureDigestX962SHA1,
-    ECDSASignatureDigestX962SHA224 => kSecKeyAlgorithmECDSASignatureDigestX962SHA224,
-    ECDSASignatureDigestX962SHA256 => kSecKeyAlgorithmECDSASignatureDigestX962SHA256,
-    ECDSASignatureDigestX962SHA384 => kSecKeyAlgorithmECDSASignatureDigestX962SHA384,
-    ECDSASignatureDigestX962SHA512 => kSecKeyAlgorithmECDSASignatureDigestX962SHA512,
-
-    ECDSASignatureMessageX962SHA1 => kSecKeyAlgorithmECDSASignatureMessageX962SHA1,
-    ECDSASignatureMessageX962SHA224 => kSecKeyAlgorithmECDSASignatureMessageX962SHA224,
-    ECDSASignatureMessageX962SHA256 => kSecKeyAlgorithmECDSASignatureMessageX962SHA256,
-    ECDSASignatureMessageX962SHA384 => kSecKeyAlgorithmECDSASignatureMessageX962SHA384,
-    ECDSASignatureMessageX962SHA512 => kSecKeyAlgorithmECDSASignatureMessageX962SHA512,
-
-    ECDHKeyExchangeCofactor => kSecKeyAlgorithmECDHKeyExchangeCofactor,
-    ECDHKeyExchangeStandard => kSecKeyAlgorithmECDHKeyExchangeStandard,
-    ECDHKeyExchangeCofactorX963SHA1 => kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA1,
-    ECDHKeyExchangeStandardX963SHA1 => kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA1,
-    ECDHKeyExchangeCofactorX963SHA224 => kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA224,
-    ECDHKeyExchangeCofactorX963SHA256 => kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA256,
-    ECDHKeyExchangeCofactorX963SHA384 => kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA384,
-    ECDHKeyExchangeCofactorX963SHA512 => kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA512,
-    ECDHKeyExchangeStandardX963SHA224 => kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA224,
-    ECDHKeyExchangeStandardX963SHA256 => kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA256,
-    ECDHKeyExchangeStandardX963SHA384 => kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA384,
-    ECDHKeyExchangeStandardX963SHA512 => kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA512,
-
-    RSAEncryptionRaw => kSecKeyAlgorithmRSAEncryptionRaw,
-    RSAEncryptionPKCS1 => kSecKeyAlgorithmRSAEncryptionPKCS1,
-
-    RSAEncryptionOAEPSHA1 => kSecKeyAlgorithmRSAEncryptionOAEPSHA1,
-    RSAEncryptionOAEPSHA224 => kSecKeyAlgorithmRSAEncryptionOAEPSHA224,
-    RSAEncryptionOAEPSHA256 => kSecKeyAlgorithmRSAEncryptionOAEPSHA256,
-    RSAEncryptionOAEPSHA384 => kSecKeyAlgorithmRSAEncryptionOAEPSHA384,
-    RSAEncryptionOAEPSHA512 => kSecKeyAlgorithmRSAEncryptionOAEPSHA512,
-
-    RSAEncryptionOAEPSHA1AESGCM => kSecKeyAlgorithmRSAEncryptionOAEPSHA1AESGCM,
-    RSAEncryptionOAEPSHA224AESGCM => kSecKeyAlgorithmRSAEncryptionOAEPSHA224AESGCM,
-    RSAEncryptionOAEPSHA256AESGCM => kSecKeyAlgorithmRSAEncryptionOAEPSHA256AESGCM,
-    RSAEncryptionOAEPSHA384AESGCM => kSecKeyAlgorithmRSAEncryptionOAEPSHA384AESGCM,
-    RSAEncryptionOAEPSHA512AESGCM => kSecKeyAlgorithmRSAEncryptionOAEPSHA512AESGCM,
-
-    RSASignatureRaw => kSecKeyAlgorithmRSASignatureRaw,
-
-    RSASignatureDigestPKCS1v15Raw => kSecKeyAlgorithmRSASignatureDigestPKCS1v15Raw,
-    RSASignatureDigestPKCS1v15SHA1 => kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA1,
-    RSASignatureDigestPKCS1v15SHA224 => kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA224,
-    RSASignatureDigestPKCS1v15SHA256 => kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA256,
-    RSASignatureDigestPKCS1v15SHA384 => kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA384,
-    RSASignatureDigestPKCS1v15SHA512 => kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA512,
-
-    RSASignatureMessagePKCS1v15SHA1 => kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA1,
-    RSASignatureMessagePKCS1v15SHA224 => kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA224,
-    RSASignatureMessagePKCS1v15SHA256 => kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA256,
-    RSASignatureMessagePKCS1v15SHA384 => kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA384,
-    RSASignatureMessagePKCS1v15SHA512 => kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA512,
-
-    RSASignatureDigestPSSSHA1 => kSecKeyAlgorithmRSASignatureDigestPSSSHA1,
-    RSASignatureDigestPSSSHA224 => kSecKeyAlgorithmRSASignatureDigestPSSSHA224,
-    RSASignatureDigestPSSSHA256 => kSecKeyAlgorithmRSASignatureDigestPSSSHA256,
-    RSASignatureDigestPSSSHA384 => kSecKeyAlgorithmRSASignatureDigestPSSSHA384,
-    RSASignatureDigestPSSSHA512 => kSecKeyAlgorithmRSASignatureDigestPSSSHA512,
-
-    RSASignatureMessagePSSSHA1 => kSecKeyAlgorithmRSASignatureMessagePSSSHA1,
-    RSASignatureMessagePSSSHA224 => kSecKeyAlgorithmRSASignatureMessagePSSSHA224,
-    RSASignatureMessagePSSSHA256 => kSecKeyAlgorithmRSASignatureMessagePSSSHA256,
-    RSASignatureMessagePSSSHA384 => kSecKeyAlgorithmRSASignatureMessagePSSSHA384,
-    RSASignatureMessagePSSSHA512 => kSecKeyAlgorithmRSASignatureMessagePSSSHA512
-}
diff --git a/vendor/security-framework-sys/src/keychain.rs b/vendor/security-framework-sys/src/keychain.rs
deleted file mode 100644
index 1413e3aa..00000000
--- a/vendor/security-framework-sys/src/keychain.rs
+++ /dev/null
@@ -1,194 +0,0 @@
-#[cfg(target_os = "macos")]
-use core_foundation_sys::base::CFTypeRef;
-use core_foundation_sys::base::{Boolean, CFTypeID, OSStatus};
-use std::os::raw::{c_char, c_uint, c_void};
-
-#[cfg(target_os = "macos")]
-use crate::base::SecKeychainItemRef;
-use crate::base::{SecAccessRef, SecKeychainRef};
-
-pub const SEC_KEYCHAIN_SETTINGS_VERS1: c_uint = 1;
-
-#[repr(C)]
-pub struct SecKeychainSettings {
-    pub version: c_uint,
-    pub lockOnSleep: Boolean,
-    pub useLockInterval: Boolean,
-    pub lockInterval: c_uint,
-}
-
-/// Like Apple's headers, it assumes Little Endian,
-/// as there are no supported Big Endian machines any more :(
-macro_rules! char_lit {
-    ($e:expr) => {
-        ($e[3] as u32) + (($e[2] as u32) << 8) + (($e[1] as u32) << 16) + (($e[0] as u32) << 24)
-    };
-}
-
-macro_rules! char_lit_swapped {
-    ($e:expr) => {
-        ($e[0] as u32) + (($e[1] as u32) << 8) + (($e[2] as u32) << 16) + (($e[3] as u32) << 24)
-    };
-}
-
-#[repr(u32)]
-#[derive(Copy, Clone, Eq, PartialEq, Debug)]
-#[allow(clippy::upper_case_acronyms)]
-pub enum SecProtocolType {
-    FTP = char_lit!(b"ftp "),
-    FTPAccount = char_lit!(b"ftpa"),
-    HTTP = char_lit!(b"http"),
-    IRC = char_lit!(b"irc "),
-    NNTP = char_lit!(b"nntp"),
-    POP3 = char_lit!(b"pop3"),
-    SMTP = char_lit!(b"smtp"),
-    SOCKS = char_lit!(b"sox "),
-    IMAP = char_lit!(b"imap"),
-    LDAP = char_lit!(b"ldap"),
-    AppleTalk = char_lit!(b"atlk"),
-    AFP = char_lit!(b"afp "),
-    Telnet = char_lit!(b"teln"),
-    SSH = char_lit!(b"ssh "),
-    FTPS = char_lit!(b"ftps"),
-    HTTPS = char_lit!(b"htps"),
-    HTTPProxy = char_lit!(b"htpx"),
-    HTTPSProxy = char_lit!(b"htsx"),
-    FTPProxy = char_lit!(b"ftpx"),
-    CIFS = char_lit!(b"cifs"),
-    SMB = char_lit!(b"smb "),
-    RTSP = char_lit!(b"rtsp"),
-    RTSPProxy = char_lit!(b"rtsx"),
-    DAAP = char_lit!(b"daap"),
-    EPPC = char_lit!(b"eppc"),
-    IPP = char_lit!(b"ipp "),
-    NNTPS = char_lit!(b"ntps"),
-    LDAPS = char_lit!(b"ldps"),
-    TelnetS = char_lit!(b"tels"),
-    IMAPS = char_lit!(b"imps"),
-    IRCS = char_lit!(b"ircs"),
-    POP3S = char_lit!(b"pops"),
-    CVSpserver = char_lit!(b"cvsp"),
-    SVN = char_lit!(b"svn "),
-    Any = 0,
-}
-
-#[repr(u32)]
-#[derive(Copy, Clone, Eq, PartialEq, Debug)]
-#[allow(clippy::upper_case_acronyms)]
-pub enum SecAuthenticationType {
-    // [sic] Apple has got two related enums each with a different endianness!
-    NTLM = char_lit_swapped!(b"ntlm"),
-    MSN = char_lit_swapped!(b"msna"),
-    DPA = char_lit_swapped!(b"dpaa"),
-    RPA = char_lit_swapped!(b"rpaa"),
-    HTTPBasic = char_lit_swapped!(b"http"),
-    HTTPDigest = char_lit_swapped!(b"httd"),
-    HTMLForm = char_lit_swapped!(b"form"),
-    Default = char_lit_swapped!(b"dflt"),
-    Any = 0,
-}
-
-#[repr(i32)]
-#[derive(Copy, Clone, Eq, PartialEq, Debug)]
-pub enum SecPreferencesDomain {
-    User = 0,
-    System = 1,
-    Common = 2,
-    Dynamic = 3,
-}
-
-extern "C" {
-    pub fn SecKeychainGetTypeID() -> CFTypeID;
-    pub fn SecKeychainCopyDefault(keychain: *mut SecKeychainRef) -> OSStatus;
-    pub fn SecKeychainCopyDomainDefault(
-        domain: SecPreferencesDomain,
-        keychain: *mut SecKeychainRef,
-    ) -> OSStatus;
-    pub fn SecKeychainCreate(
-        pathName: *const c_char,
-        passwordLength: c_uint,
-        password: *const c_void,
-        promptUser: Boolean,
-        initialAccess: SecAccessRef,
-        keychain: *mut SecKeychainRef,
-    ) -> OSStatus;
-    pub fn SecKeychainOpen(pathName: *const c_char, keychain: *mut SecKeychainRef) -> OSStatus;
-    pub fn SecKeychainUnlock(
-        keychain: SecKeychainRef,
-        passwordLength: c_uint,
-        password: *const c_void,
-        usePassword: Boolean,
-    ) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SecKeychainFindGenericPassword(
-        keychainOrArray: CFTypeRef,
-        serviceNameLength: u32,
-        serviceName: *const c_char,
-        accountNameLength: u32,
-        accountName: *const c_char,
-        passwordLength: *mut u32,
-        passwordData: *mut *mut c_void,
-        itemRef: *mut SecKeychainItemRef,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecKeychainFindInternetPassword(
-        keychainOrArray: CFTypeRef,
-        serverNameLength: u32,
-        serverName: *const c_char,
-        securityDomainLength: u32,
-        securityDomain: *const c_char,
-        accountNameLength: u32,
-        accountName: *const c_char,
-        pathLength: u32,
-        path: *const c_char,
-        port: u16,
-        protocol: SecProtocolType,
-        authenticationType: SecAuthenticationType,
-        passwordLength: *mut u32,
-        passwordData: *mut *mut c_void,
-        itemRef: *mut SecKeychainItemRef,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecKeychainAddGenericPassword(
-        keychain: SecKeychainRef,
-        serviceNameLength: u32,
-        serviceName: *const c_char,
-        accountNameLength: u32,
-        accountName: *const c_char,
-        passwordLength: u32,
-        passwordData: *const c_void,
-        itemRef: *mut SecKeychainItemRef,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecKeychainAddInternetPassword(
-        keychain: SecKeychainRef,
-        serverNameLength: u32,
-        serverName: *const c_char,
-        securityDomainLength: u32,
-        securityDomain: *const c_char,
-        accountNameLength: u32,
-        accountName: *const c_char,
-        pathLength: u32,
-        path: *const c_char,
-        port: u16,
-        protocol: SecProtocolType,
-        authenticationType: SecAuthenticationType,
-        passwordLength: u32,
-        passwordData: *const c_void,
-        itemRef: *mut SecKeychainItemRef,
-    ) -> OSStatus;
-
-    pub fn SecKeychainSetSettings(
-        keychain: SecKeychainRef,
-        newSettings: *const SecKeychainSettings,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecKeychainGetUserInteractionAllowed(state: *mut Boolean) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecKeychainSetUserInteractionAllowed(state: Boolean) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/keychain_item.rs b/vendor/security-framework-sys/src/keychain_item.rs
deleted file mode 100644
index 9b41f100..00000000
--- a/vendor/security-framework-sys/src/keychain_item.rs
+++ /dev/null
@@ -1,37 +0,0 @@
-use crate::base::{SecKeychainAttributeList, SecKeychainItemRef};
-use core_foundation_sys::base::{CFTypeID, CFTypeRef, OSStatus};
-use core_foundation_sys::dictionary::CFDictionaryRef;
-use std::os::raw::c_void;
-
-extern "C" {
-
-    /// Returns the unique identifier of the opaque type to which a keychain item object belongs.
-    pub fn SecKeychainItemGetTypeID() -> CFTypeID;
-
-    /// Adds one or more items to a keychain.
-    pub fn SecItemAdd(attributes: CFDictionaryRef, result: *mut CFTypeRef) -> OSStatus;
-
-    /// Returns one or more keychain items that match a search query, or copies attributes of specific keychain items.
-    pub fn SecItemCopyMatching(query: CFDictionaryRef, result: *mut CFTypeRef) -> OSStatus;
-
-    /// Modifies items that match a search query.
-    pub fn SecItemUpdate(query: CFDictionaryRef, attributesToUpdate: CFDictionaryRef) -> OSStatus;
-
-    /// Deletes items that match a search query.
-    pub fn SecItemDelete(query: CFDictionaryRef) -> OSStatus;
-
-    /// # Legacy API
-    pub fn SecKeychainItemModifyAttributesAndData(
-        itemRef: SecKeychainItemRef,
-        attrList: *const SecKeychainAttributeList,
-        length: u32,
-        data: *const c_void,
-    ) -> OSStatus;
-
-    pub fn SecKeychainItemFreeContent(
-        attrList: *mut SecKeychainAttributeList,
-        data: *mut c_void,
-    ) -> OSStatus;
-
-    pub fn SecKeychainItemDelete(itemRef: SecKeychainItemRef) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/lib.rs b/vendor/security-framework-sys/src/lib.rs
deleted file mode 100644
index f4be4d75..00000000
--- a/vendor/security-framework-sys/src/lib.rs
+++ /dev/null
@@ -1,41 +0,0 @@
-#![allow(bad_style)]
-
-#[cfg_attr(
-    any(target_os = "macos", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"),
-    link(name = "Security", kind = "framework")
-)]
-extern "C" {}
-
-#[cfg(target_os = "macos")]
-pub mod access;
-pub mod access_control;
-#[cfg(target_os = "macos")]
-pub mod authorization;
-pub mod base;
-#[cfg(any(target_os = "macos", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub mod certificate;
-#[cfg(target_os = "macos")]
-pub mod certificate_oids;
-pub mod cipher_suite;
-#[cfg(target_os = "macos")]
-pub mod cms;
-#[cfg(target_os = "macos")]
-pub mod code_signing;
-#[cfg(target_os = "macos")]
-pub mod digest_transform;
-#[cfg(target_os = "macos")]
-pub mod encrypt_transform;
-pub mod identity;
-pub mod import_export;
-pub mod item;
-pub mod key;
-pub mod keychain;
-pub mod keychain_item;
-pub mod policy;
-pub mod random;
-pub mod secure_transport;
-#[cfg(target_os = "macos")]
-pub mod transform;
-pub mod trust;
-#[cfg(target_os = "macos")]
-pub mod trust_settings;
diff --git a/vendor/security-framework-sys/src/policy.rs b/vendor/security-framework-sys/src/policy.rs
deleted file mode 100644
index b30fa72f..00000000
--- a/vendor/security-framework-sys/src/policy.rs
+++ /dev/null
@@ -1,25 +0,0 @@
-use core_foundation_sys::base::CFOptionFlags;
-use core_foundation_sys::base::{Boolean, CFTypeID};
-use core_foundation_sys::string::CFStringRef;
-
-use crate::base::SecPolicyRef;
-
-mod revocation_flags {
-    use super::CFOptionFlags;
-
-    pub const kSecRevocationOCSPMethod: CFOptionFlags = 1 << 0;
-    pub const kSecRevocationCRLMethod: CFOptionFlags = 1 << 1;
-    pub const kSecRevocationPreferCRL: CFOptionFlags = 1 << 2;
-    pub const kSecRevocationRequirePositiveResponse: CFOptionFlags = 1 << 3;
-    pub const kSecRevocationNetworkAccessDisabled: CFOptionFlags = 1 << 4;
-    pub const kSecRevocationUseAnyAvailableMethod: CFOptionFlags = kSecRevocationOCSPMethod | kSecRevocationCRLMethod;
-}
-
-pub use revocation_flags::*;
-
-extern "C" {
-    pub fn SecPolicyCreateSSL(server: Boolean, hostname: CFStringRef) -> SecPolicyRef;
-    pub fn SecPolicyCreateRevocation(revocationFlags: CFOptionFlags) -> SecPolicyRef;
-    pub fn SecPolicyGetTypeID() -> CFTypeID;
-    pub fn SecPolicyCreateBasicX509() -> SecPolicyRef;
-}
diff --git a/vendor/security-framework-sys/src/random.rs b/vendor/security-framework-sys/src/random.rs
deleted file mode 100644
index 6ec9c985..00000000
--- a/vendor/security-framework-sys/src/random.rs
+++ /dev/null
@@ -1,10 +0,0 @@
-use std::os::raw::{c_int, c_void};
-
-pub enum __SecRandom {}
-pub type SecRandomRef = *const __SecRandom;
-
-extern "C" {
-    pub static kSecRandomDefault: SecRandomRef;
-
-    pub fn SecRandomCopyBytes(rnd: SecRandomRef, count: usize, bytes: *mut c_void) -> c_int;
-}
diff --git a/vendor/security-framework-sys/src/secure_transport.rs b/vendor/security-framework-sys/src/secure_transport.rs
deleted file mode 100644
index 19f3300b..00000000
--- a/vendor/security-framework-sys/src/secure_transport.rs
+++ /dev/null
@@ -1,278 +0,0 @@
-use core_foundation_sys::array::CFArrayRef;
-use core_foundation_sys::base::CFAllocatorRef;
-#[cfg(target_os = "macos")]
-use core_foundation_sys::base::CFTypeRef;
-use core_foundation_sys::base::{Boolean, OSStatus};
-use std::os::raw::{c_char, c_int, c_void};
-
-use crate::cipher_suite::SSLCipherSuite;
-use crate::trust::SecTrustRef;
-
-pub enum SSLContext {}
-pub type SSLContextRef = *mut SSLContext;
-
-pub type SSLConnectionRef = *const c_void;
-
-pub type SSLProtocol = c_int;
-pub const kSSLProtocolUnknown: SSLProtocol = 0;
-pub const kSSLProtocol3: SSLProtocol = 2;
-pub const kTLSProtocol1: SSLProtocol = 4;
-pub const kTLSProtocol11: SSLProtocol = 7;
-pub const kTLSProtocol12: SSLProtocol = 8;
-pub const kDTLSProtocol1: SSLProtocol = 9;
-pub const kTLSProtocol13: SSLProtocol = 10;
-pub const kSSLProtocol2: SSLProtocol = 1;
-pub const kSSLProtocol3Only: SSLProtocol = 3;
-pub const kTLSProtocol1Only: SSLProtocol = 5;
-pub const kSSLProtocolAll: SSLProtocol = 6;
-
-pub type SSLSessionOption = c_int;
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionBreakOnServerAuth: SSLSessionOption = 0;
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionBreakOnCertRequested: SSLSessionOption = 1;
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionBreakOnClientAuth: SSLSessionOption = 2;
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionFalseStart: SSLSessionOption = 3;
-pub const kSSLSessionOptionSendOneByteRecord: SSLSessionOption = 4;
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionAllowServerIdentityChange: SSLSessionOption = 5;
-#[cfg(target_os = "macos")]
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionFallback: SSLSessionOption = 6;
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionBreakOnClientHello: SSLSessionOption = 7;
-
-pub type SSLSessionState = c_int;
-pub const kSSLIdle: SSLSessionState = 0;
-pub const kSSLHandshake: SSLSessionState = 1;
-pub const kSSLConnected: SSLSessionState = 2;
-pub const kSSLClosed: SSLSessionState = 3;
-pub const kSSLAborted: SSLSessionState = 4;
-
-pub type SSLReadFunc = unsafe extern "C" fn(
-    connection: SSLConnectionRef,
-    data: *mut c_void,
-    dataLength: *mut usize,
-) -> OSStatus;
-
-pub type SSLWriteFunc = unsafe extern "C" fn(
-    connection: SSLConnectionRef,
-    data: *const c_void,
-    dataLength: *mut usize,
-) -> OSStatus;
-
-pub type SSLProtocolSide = c_int;
-pub const kSSLServerSide: SSLProtocolSide = 0;
-pub const kSSLClientSide: SSLProtocolSide = 1;
-
-pub type SSLConnectionType = c_int;
-pub const kSSLStreamType: SSLConnectionType = 0;
-pub const kSSLDatagramType: SSLConnectionType = 1;
-
-pub const errSSLProtocol: OSStatus = -9800;
-pub const errSSLNegotiation: OSStatus = -9801;
-pub const errSSLFatalAlert: OSStatus = -9802;
-pub const errSSLWouldBlock: OSStatus = -9803;
-pub const errSSLSessionNotFound: OSStatus = -9804;
-pub const errSSLClosedGraceful: OSStatus = -9805;
-pub const errSSLClosedAbort: OSStatus = -9806;
-pub const errSSLXCertChainInvalid: OSStatus = -9807;
-pub const errSSLBadCert: OSStatus = -9808;
-pub const errSSLCrypto: OSStatus = -9809;
-pub const errSSLInternal: OSStatus = -9810;
-pub const errSSLModuleAttach: OSStatus = -9811;
-pub const errSSLUnknownRootCert: OSStatus = -9812;
-pub const errSSLNoRootCert: OSStatus = -9813;
-pub const errSSLCertExpired: OSStatus = -9814;
-pub const errSSLCertNotYetValid: OSStatus = -9815;
-pub const errSSLClosedNoNotify: OSStatus = -9816;
-pub const errSSLBufferOverflow: OSStatus = -9817;
-pub const errSSLBadCipherSuite: OSStatus = -9818;
-pub const errSSLPeerUnexpectedMsg: OSStatus = -9819;
-pub const errSSLPeerBadRecordMac: OSStatus = -9820;
-pub const errSSLPeerDecryptionFail: OSStatus = -9821;
-pub const errSSLPeerRecordOverflow: OSStatus = -9822;
-pub const errSSLPeerDecompressFail: OSStatus = -9823;
-pub const errSSLPeerHandshakeFail: OSStatus = -9824;
-pub const errSSLPeerBadCert: OSStatus = -9825;
-pub const errSSLPeerUnsupportedCert: OSStatus = -9826;
-pub const errSSLPeerCertRevoked: OSStatus = -9827;
-pub const errSSLPeerCertExpired: OSStatus = -9828;
-pub const errSSLPeerCertUnknown: OSStatus = -9829;
-pub const errSSLIllegalParam: OSStatus = -9830;
-pub const errSSLPeerUnknownCA: OSStatus = -9831;
-pub const errSSLPeerAccessDenied: OSStatus = -9832;
-pub const errSSLPeerDecodeError: OSStatus = -9833;
-pub const errSSLPeerDecryptError: OSStatus = -9834;
-pub const errSSLPeerExportRestriction: OSStatus = -9835;
-pub const errSSLPeerProtocolVersion: OSStatus = -9836;
-pub const errSSLPeerInsufficientSecurity: OSStatus = -9837;
-pub const errSSLPeerInternalError: OSStatus = -9838;
-pub const errSSLPeerUserCancelled: OSStatus = -9839;
-pub const errSSLPeerNoRenegotiation: OSStatus = -9840;
-pub const errSSLPeerAuthCompleted: OSStatus = -9841;
-pub const errSSLClientCertRequested: OSStatus = -9842;
-pub const errSSLHostNameMismatch: OSStatus = -9843;
-pub const errSSLConnectionRefused: OSStatus = -9844;
-pub const errSSLDecryptionFail: OSStatus = -9845;
-pub const errSSLBadRecordMac: OSStatus = -9846;
-pub const errSSLRecordOverflow: OSStatus = -9847;
-pub const errSSLBadConfiguration: OSStatus = -9848;
-pub const errSSLClientHelloReceived: OSStatus = -9851;
-
-pub type SSLAuthenticate = c_int;
-pub const kNeverAuthenticate: SSLAuthenticate = 0;
-pub const kAlwaysAuthenticate: SSLAuthenticate = 1;
-pub const kTryAuthenticate: SSLAuthenticate = 2;
-
-pub type SSLClientCertificateState = c_int;
-pub const kSSLClientCertNone: SSLClientCertificateState = 0;
-pub const kSSLClientCertRequested: SSLClientCertificateState = 1;
-pub const kSSLClientCertSent: SSLClientCertificateState = 2;
-pub const kSSLClientCertRejected: SSLClientCertificateState = 3;
-
-extern "C" {
-    pub fn SSLContextGetTypeID() -> ::core_foundation_sys::base::CFTypeID;
-    pub fn SSLCreateContext(
-        alloc: CFAllocatorRef,
-        protocolSide: SSLProtocolSide,
-        connectionType: SSLConnectionType,
-    ) -> SSLContextRef;
-    #[cfg(target_os = "macos")]
-    pub fn SSLNewContext(isServer: Boolean, contextPtr: *mut SSLContextRef) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SSLDisposeContext(context: SSLContextRef) -> OSStatus;
-    pub fn SSLSetConnection(context: SSLContextRef, connection: SSLConnectionRef) -> OSStatus;
-    pub fn SSLGetConnection(context: SSLContextRef, connection: *mut SSLConnectionRef) -> OSStatus;
-    pub fn SSLSetIOFuncs(
-        context: SSLContextRef,
-        read: SSLReadFunc,
-        write: SSLWriteFunc,
-    ) -> OSStatus;
-    pub fn SSLHandshake(context: SSLContextRef) -> OSStatus;
-    pub fn SSLClose(context: SSLContextRef) -> OSStatus;
-    pub fn SSLRead(
-        context: SSLContextRef,
-        data: *mut c_void,
-        dataLen: usize,
-        processed: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLWrite(
-        context: SSLContextRef,
-        data: *const c_void,
-        dataLen: usize,
-        processed: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLSetPeerDomainName(
-        context: SSLContextRef,
-        peerName: *const c_char,
-        peerNameLen: usize,
-    ) -> OSStatus;
-    pub fn SSLGetPeerDomainNameLength(context: SSLContextRef, peerNameLen: *mut usize) -> OSStatus;
-    pub fn SSLGetPeerDomainName(
-        context: SSLContextRef,
-        peerName: *mut c_char,
-        peerNameLen: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLSetCertificate(context: SSLContextRef, certRefs: CFArrayRef) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SSLSetCertificateAuthorities(
-        context: SSLContextRef,
-        certificateOrArray: CFTypeRef,
-        replaceExisting: Boolean,
-    ) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SSLCopyCertificateAuthorities(
-        context: SSLContextRef,
-        certificates: *mut CFArrayRef,
-    ) -> OSStatus;
-    pub fn SSLSetSessionOption(
-        context: SSLContextRef,
-        option: SSLSessionOption,
-        value: Boolean,
-    ) -> OSStatus;
-    pub fn SSLGetSessionOption(
-        context: SSLContextRef,
-        option: SSLSessionOption,
-        value: *mut Boolean,
-    ) -> OSStatus;
-    pub fn SSLCopyPeerTrust(context: SSLContextRef, trust: *mut SecTrustRef) -> OSStatus;
-    pub fn SSLGetSessionState(context: SSLContextRef, state: *mut SSLSessionState) -> OSStatus;
-    pub fn SSLGetSupportedCiphers(
-        context: SSLContextRef,
-        ciphers: *mut SSLCipherSuite,
-        numCiphers: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLGetNumberSupportedCiphers(
-        context: SSLContextRef,
-        numCiphers: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLGetEnabledCiphers(
-        context: SSLContextRef,
-        ciphers: *mut SSLCipherSuite,
-        numCiphers: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLGetNumberEnabledCiphers(context: SSLContextRef, numCiphers: *mut usize) -> OSStatus;
-    pub fn SSLSetEnabledCiphers(
-        context: SSLContextRef,
-        ciphers: *const SSLCipherSuite,
-        numCiphers: usize,
-    ) -> OSStatus;
-    pub fn SSLGetNegotiatedCipher(context: SSLContextRef, cipher: *mut SSLCipherSuite) -> OSStatus;
-    pub fn SSLSetClientSideAuthenticate(context: SSLContextRef, auth: SSLAuthenticate) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SSLSetDiffieHellmanParams(
-        context: SSLContextRef,
-        dhParams: *const c_void,
-        dhParamsLen: usize,
-    ) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SSLGetDiffieHellmanParams(
-        context: SSLContextRef,
-        dhParams: *mut *const c_void,
-        dhParamsLen: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLSetPeerID(
-        context: SSLContextRef,
-        peerID: *const c_void,
-        peerIDLen: usize,
-    ) -> OSStatus;
-    pub fn SSLGetPeerID(
-        context: SSLContextRef,
-        peerID: *mut *const c_void,
-        peerIDLen: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLGetBufferedReadSize(context: SSLContextRef, bufSize: *mut usize) -> OSStatus;
-    pub fn SSLGetClientCertificateState(
-        context: SSLContextRef,
-        clientState: *mut SSLClientCertificateState,
-    ) -> OSStatus;
-    pub fn SSLGetNegotiatedProtocolVersion(
-        context: SSLContextRef,
-        protocol: *mut SSLProtocol,
-    ) -> OSStatus;
-    pub fn SSLGetProtocolVersionMax(
-        context: SSLContextRef,
-        maxVersion: *mut SSLProtocol,
-    ) -> OSStatus;
-    pub fn SSLGetProtocolVersionMin(
-        context: SSLContextRef,
-        minVersion: *mut SSLProtocol,
-    ) -> OSStatus;
-    pub fn SSLSetProtocolVersionMax(context: SSLContextRef, maxVersion: SSLProtocol) -> OSStatus;
-    pub fn SSLSetProtocolVersionMin(context: SSLContextRef, minVersion: SSLProtocol) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SSLSetProtocolVersionEnabled(
-        context: SSLContextRef,
-        protocol: SSLProtocol,
-        enable: Boolean,
-    ) -> OSStatus;
-    #[cfg(feature = "OSX_10_13")]
-    pub fn SSLSetALPNProtocols(context: SSLContextRef, protocols: CFArrayRef) -> OSStatus;
-    #[cfg(feature = "OSX_10_13")]
-    pub fn SSLCopyALPNProtocols(context: SSLContextRef, protocols: *mut CFArrayRef) -> OSStatus;
-    #[cfg(feature = "OSX_10_13")]
-    pub fn SSLSetSessionTicketsEnabled(context: SSLContextRef, enabled: Boolean) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/transform.rs b/vendor/security-framework-sys/src/transform.rs
deleted file mode 100644
index a4a14f84..00000000
--- a/vendor/security-framework-sys/src/transform.rs
+++ /dev/null
@@ -1,23 +0,0 @@
-use core_foundation_sys::base::{Boolean, CFTypeID, CFTypeRef};
-use core_foundation_sys::error::CFErrorRef;
-use core_foundation_sys::string::CFStringRef;
-
-pub type SecTransformRef = CFTypeRef;
-
-extern "C" {
-    pub static kSecTransformInputAttributeName: CFStringRef;
-
-    pub fn SecTransformGetTypeID() -> CFTypeID;
-
-    pub fn SecTransformSetAttribute(
-        transformRef: SecTransformRef,
-        key: CFStringRef,
-        value: CFTypeRef,
-        error: *mut CFErrorRef,
-    ) -> Boolean;
-
-    pub fn SecTransformExecute(
-        transformRef: SecTransformRef,
-        errorRef: *mut CFErrorRef,
-    ) -> CFTypeRef;
-}
diff --git a/vendor/security-framework-sys/src/trust.rs b/vendor/security-framework-sys/src/trust.rs
deleted file mode 100644
index 363e1eec..00000000
--- a/vendor/security-framework-sys/src/trust.rs
+++ /dev/null
@@ -1,77 +0,0 @@
-use crate::base::SecCertificateRef;
-use crate::base::SecKeyRef;
-use core_foundation_sys::array::CFArrayRef;
-use core_foundation_sys::base::{Boolean, CFIndex, CFTypeID, CFTypeRef, OSStatus};
-use core_foundation_sys::date::CFDateRef;
-#[cfg(any(feature = "OSX_10_13", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-use core_foundation_sys::error::CFErrorRef;
-
-pub type SecTrustResultType = u32;
-
-pub const kSecTrustResultInvalid: SecTrustResultType = 0;
-pub const kSecTrustResultProceed: SecTrustResultType = 1;
-pub const kSecTrustResultDeny: SecTrustResultType = 3;
-pub const kSecTrustResultUnspecified: SecTrustResultType = 4;
-pub const kSecTrustResultRecoverableTrustFailure: SecTrustResultType = 5;
-pub const kSecTrustResultFatalTrustFailure: SecTrustResultType = 6;
-pub const kSecTrustResultOtherError: SecTrustResultType = 7;
-
-#[cfg(target_os = "macos")]
-mod flags {
-    pub type SecTrustOptionFlags = u32;
-
-    pub const kSecTrustOptionAllowExpired: SecTrustOptionFlags = 0x0000_0001;
-    pub const kSecTrustOptionLeafIsCA: SecTrustOptionFlags = 0x0000_0002;
-    pub const kSecTrustOptionFetchIssuerFromNet: SecTrustOptionFlags = 0x0000_0004;
-    pub const kSecTrustOptionAllowExpiredRoot: SecTrustOptionFlags = 0x0000_0008;
-    pub const kSecTrustOptionRequireRevPerCert: SecTrustOptionFlags = 0x0000_0010;
-    pub const kSecTrustOptionUseTrustSettings: SecTrustOptionFlags = 0x0000_0020;
-    pub const kSecTrustOptionImplicitAnchors: SecTrustOptionFlags = 0x0000_0040;
-}
-
-#[cfg(target_os = "macos")]
-pub use flags::*;
-
-pub enum __SecTrust {}
-
-pub type SecTrustRef = *mut __SecTrust;
-
-extern "C" {
-    pub fn SecTrustGetTypeID() -> CFTypeID;
-    pub fn SecTrustGetCertificateCount(trust: SecTrustRef) -> CFIndex;
-    #[deprecated(note = "deprecated by Apple")]
-    pub fn SecTrustGetCertificateAtIndex(trust: SecTrustRef, ix: CFIndex) -> SecCertificateRef;
-    pub fn SecTrustSetVerifyDate(trust: SecTrustRef, verifyDate: CFDateRef) -> OSStatus;
-    pub fn SecTrustSetAnchorCertificates(
-        trust: SecTrustRef,
-        anchorCertificates: CFArrayRef,
-    ) -> OSStatus;
-    pub fn SecTrustSetAnchorCertificatesOnly(
-        trust: SecTrustRef,
-        anchorCertificatesOnly: Boolean,
-    ) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SecTrustCopyAnchorCertificates(anchors: *mut CFArrayRef) -> OSStatus;
-    #[deprecated(note = "deprecated by Apple")]
-    pub fn SecTrustEvaluate(trust: SecTrustRef, result: *mut SecTrustResultType) -> OSStatus;
-    // it should have been OSX_10_14, but due to back-compat it can't rely on the newer feature flag
-    #[cfg(any(feature = "OSX_10_13", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecTrustEvaluateWithError(trust: SecTrustRef, error: *mut CFErrorRef) -> bool;
-    pub fn SecTrustCreateWithCertificates(
-        certificates: CFTypeRef,
-        policies: CFTypeRef,
-        trust: *mut SecTrustRef,
-    ) -> OSStatus;
-    pub fn SecTrustSetPolicies(trust: SecTrustRef, policies: CFTypeRef) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SecTrustSetOptions(trust: SecTrustRef, options: SecTrustOptionFlags) -> OSStatus;
-    pub fn SecTrustGetNetworkFetchAllowed(trust: SecTrustRef, allowFetch: *mut Boolean) -> OSStatus;
-    pub fn SecTrustSetNetworkFetchAllowed(trust: SecTrustRef, allowFetch: Boolean) -> OSStatus;
-    pub fn SecTrustSetOCSPResponse(trust: SecTrustRef, responseData: CFTypeRef) -> OSStatus;
-    #[cfg(any(feature = "OSX_10_14", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecTrustSetSignedCertificateTimestamps(
-        trust: SecTrustRef,
-        sctArray: CFArrayRef,
-    ) -> OSStatus;
-    pub fn SecTrustCopyPublicKey(trust: SecTrustRef) -> SecKeyRef;
-}
diff --git a/vendor/security-framework-sys/src/trust_settings.rs b/vendor/security-framework-sys/src/trust_settings.rs
deleted file mode 100644
index fad20a18..00000000
--- a/vendor/security-framework-sys/src/trust_settings.rs
+++ /dev/null
@@ -1,35 +0,0 @@
-use crate::base::SecCertificateRef;
-use core_foundation_sys::array::CFArrayRef;
-use core_foundation_sys::base::CFTypeRef;
-use core_foundation_sys::base::OSStatus;
-
-pub type SecTrustSettingsDomain = u32;
-
-pub const kSecTrustSettingsDomainUser: SecTrustSettingsDomain = 0;
-pub const kSecTrustSettingsDomainAdmin: SecTrustSettingsDomain = 1;
-pub const kSecTrustSettingsDomainSystem: SecTrustSettingsDomain = 2;
-
-pub type SecTrustSettingsResult = u32;
-
-pub const kSecTrustSettingsResultInvalid: SecTrustSettingsResult = 0;
-pub const kSecTrustSettingsResultTrustRoot: SecTrustSettingsResult = 1;
-pub const kSecTrustSettingsResultTrustAsRoot: SecTrustSettingsResult = 2;
-pub const kSecTrustSettingsResultDeny: SecTrustSettingsResult = 3;
-pub const kSecTrustSettingsResultUnspecified: SecTrustSettingsResult = 4;
-
-extern "C" {
-    pub fn SecTrustSettingsCopyCertificates(
-        domain: SecTrustSettingsDomain,
-        certsOut: *mut CFArrayRef,
-    ) -> OSStatus;
-    pub fn SecTrustSettingsCopyTrustSettings(
-        certificateRef: SecCertificateRef,
-        domain: SecTrustSettingsDomain,
-        trustSettings: *mut CFArrayRef,
-    ) -> OSStatus;
-    pub fn SecTrustSettingsSetTrustSettings(
-        certificateRef: SecCertificateRef,
-        domain: SecTrustSettingsDomain,
-        trustSettingsDictOrArray: CFTypeRef,
-    ) -> OSStatus;
-}