feat: migrate from Cedar to SpiceDB authorization system

This is a major architectural change that replaces the Cedar policy-based
authorization system with SpiceDB's relation-based authorization.

Key changes:

- Migrate from Rust to Go implementation
- Replace Cedar policies with SpiceDB schema and relationships
- Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks
- Update build system and dependencies for Go ecosystem
- Maintain Envoy integration for external authorization

This change enables more flexible permission modeling through SpiceDB's
Google Zanzibar inspired relation-based system, supporting complex
hierarchical permissions that were difficult to express in Cedar.

Breaking change: Existing Cedar policies and Rust-based configuration
will no longer work and need to be migrated to SpiceDB schema.

30 files changed, 0 insertions, 2490 deletions

diff --git a/vendor/security-framework-sys/.cargo-checksum.json b/vendor/security-framework-sys/.cargo-checksum.json
deleted file mode 100644
index 585dc8d2..00000000
--- a/vendor/security-framework-sys/.cargo-checksum.json
+++ /dev/null
@@ -1 +0,0 @@
-{"files":{"Cargo.lock":"7e5f2a9832bec75a8fb7dda29a6d38ad3e867d73c49c5f4bf85d57f8b6cc35b6","Cargo.toml":"bf93948847509e287019c26d5175bede5f0b9390668f4a1b4f109218d7be7dbc","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"91e934255ba3b2f21103d68c5581c23ef34aa95c4628e4405b8c901935e11c69","README.md":"ff1d022f35ff76531a361ad421ba7ee61ce186dc6516f72fc819ec4b2a5567a4","src/access.rs":"5a3793ee3b77360f183404c1543111d6e96f5a0728f7ebdf3f6112594d9c4deb","src/access_control.rs":"29ec7695eb5d1022707cb3f34b91170bfde91e40e2a37cf0cccaea7921a681f6","src/authorization.rs":"82823dc5a60a7cd23bd5ee551685dd2fdc3744ab6563d838a9def393b4bba235","src/base.rs":"4668b229fae9530d5fece1766749f4d75eb49955eab35490a2ea14edd067d8d6","src/certificate.rs":"a0acea4a6ad2d7aef2cd58af9c1af14522fa991feb67028115b42d6e4a29de36","src/certificate_oids.rs":"67f6b691925133c2501e0be31aea514b3ef0e9d382281cb283bd9aa6614dc580","src/cipher_suite.rs":"d86cad8b3e48240642595b2e1518d36ecffd0fc5bcb09fbff22d6b211cde93da","src/cms.rs":"22b7edb116011f4e550851200e78f87e47fa0ab9cb26dfd9a620e4f062f6649d","src/code_signing.rs":"1120f85df71179a2261afcbbd4cf6d0c0c18c164f9b6d2c1f912fb58194ed23a","src/digest_transform.rs":"230c1ca843df534de6d5ea33d623781c0e5fac6063f472b727b118a5abea99d2","src/encrypt_transform.rs":"0992ad3ac4da00e31bc3fc481ec94e35b37f2816903872bfe9a7ef0e7547c318","src/identity.rs":"90d90db56ae650113bdb09743882b62cd426bca50be5ac2fb99e9375a932d91b","src/import_export.rs":"4efb4c41581ccdc16411e2b3a068a02a0b0ef68ebf689014240e4916ebab768e","src/item.rs":"59b186ee697627a59eb7b39e0155bec7037e1a2719cc5f37e93459d6bfbfa36f","src/key.rs":"35f87ad5c521dd1622e49280f7a339c0846cffea67dcbbd9d68550ea9d51d4a0","src/keychain.rs":"b1c1a5d5bab31e3658b4bcfa501d8e96f15cb76f38e15d1b86ed1edfc728b992","src/keychain_item.rs":"ac7be52b5e055f934379048623c0d68cd5e24a0cf9436fa0dcd9d66c2a0598ec","src/lib.rs":"8ec3f949e76326069e6f20084b19135fd02fc919a3ff596453a8a510d3b20c15","src/policy.rs":"0253dcc97d392439918ee6fe2cd6dbc0a3c5814d6156c15097fe12b177774007","src/random.rs":"4a9104ef3644d870d50cf3239bf690cd448225fc267214538c4f5bdb1e669052","src/secure_transport.rs":"aafb643e30902c4c2e5ca3bc75b34b798fb27faa5283accb28aecfe2b674e1eb","src/transform.rs":"4768b1f14ad8e72c696c5c68bfddc7cc39caa223caf081c1ff119feeddc9733f","src/trust.rs":"598c46f06525a5308e5464096d92590219b9c9995ad04a6da384740c5045170d","src/trust_settings.rs":"21b89cbf485be9c40fd0418553167bfa75a00a7bfc697df558dc4fd86a692239"},"package":"49db231d56a190491cb4aeda9527f1ad45345af50b0851622a7adb8c03b01c32"}
\ No newline at end of file
diff --git a/vendor/security-framework-sys/Cargo.lock b/vendor/security-framework-sys/Cargo.lock
deleted file mode 100644
index 186996c1..00000000
--- a/vendor/security-framework-sys/Cargo.lock
+++ /dev/null
@@ -1,23 +0,0 @@
-# This file is automatically @generated by Cargo.
-# It is not intended for manual editing.
-version = 3
-
-[[package]]
-name = "core-foundation-sys"
-version = "0.8.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b"
-
-[[package]]
-name = "libc"
-version = "0.2.169"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b5aba8db14291edd000dfcc4d620c7ebfb122c613afb886ca8803fa4e128a20a"
-
-[[package]]
-name = "security-framework-sys"
-version = "2.14.0"
-dependencies = [
- "core-foundation-sys",
- "libc",
-]
diff --git a/vendor/security-framework-sys/Cargo.toml b/vendor/security-framework-sys/Cargo.toml
deleted file mode 100644
index db5e37e4..00000000
--- a/vendor/security-framework-sys/Cargo.toml
+++ /dev/null
@@ -1,92 +0,0 @@
-# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
-#
-# When uploading crates to the registry Cargo will automatically
-# "normalize" Cargo.toml files for maximal compatibility
-# with all versions of Cargo and also rewrite `path` dependencies
-# to registry (e.g., crates.io) dependencies.
-#
-# If you are reading this file be aware that the original Cargo.toml
-# will likely look very different (and much more reasonable).
-# See Cargo.toml.orig for the original contents.
-
-[package]
-edition = "2021"
-rust-version = "1.65"
-name = "security-framework-sys"
-version = "2.14.0"
-authors = [
-    "Steven Fackler <sfackler@gmail.com>",
-    "Kornel <kornel@geekhood.net>",
-]
-build = false
-autolib = false
-autobins = false
-autoexamples = false
-autotests = false
-autobenches = false
-description = "Apple `Security.framework` low-level FFI bindings"
-homepage = "https://lib.rs/crates/security-framework-sys"
-readme = "README.md"
-keywords = [
-    "ffi",
-    "iOS",
-    "TLS",
-    "SSL",
-    "crypto",
-]
-categories = [
-    "os::macos-apis",
-    "external-ffi-bindings",
-]
-license = "MIT OR Apache-2.0"
-repository = "https://github.com/kornelski/rust-security-framework"
-
-[package.metadata.docs.rs]
-targets = [
-    "x86_64-apple-darwin",
-    "aarch64-apple-ios",
-]
-
-[lib]
-name = "security_framework_sys"
-path = "src/lib.rs"
-
-[dependencies.core-foundation-sys]
-version = "0.8.6"
-
-[dependencies.libc]
-version = "0.2.150"
-
-[features]
-OSX_10_10 = ["OSX_10_9"]
-OSX_10_11 = ["OSX_10_10"]
-OSX_10_12 = ["OSX_10_11"]
-OSX_10_13 = ["OSX_10_12"]
-OSX_10_14 = ["OSX_10_13"]
-OSX_10_15 = ["OSX_10_14"]
-OSX_10_9 = []
-default = ["OSX_10_12"]
-
-[badges.maintenance]
-status = "looking-for-maintainer"
-
-[lints.clippy]
-cast_possible_truncation = "allow"
-cast_possible_wrap = "allow"
-cast_sign_loss = "allow"
-if_not_else = "allow"
-inline_always = "allow"
-items_after_statements = "allow"
-iter_not_returning_iterator = "allow"
-map_unwrap_or = "allow"
-missing_errors_doc = "allow"
-missing_panics_doc = "allow"
-module_name_repetitions = "allow"
-redundant_closure_for_method_calls = "allow"
-similar_names = "allow"
-unnested_or_patterns = "allow"
-wildcard_imports = "allow"
-
-[lints.clippy.pedantic]
-level = "warn"
-priority = -100
diff --git a/vendor/security-framework-sys/LICENSE-APACHE b/vendor/security-framework-sys/LICENSE-APACHE
deleted file mode 100644
index 16fe87b0..00000000
--- a/vendor/security-framework-sys/LICENSE-APACHE
+++ /dev/null
@@ -1,201 +0,0 @@
-                              Apache License
-                        Version 2.0, January 2004
-                     http://www.apache.org/licenses/
-
-TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-1. Definitions.
-
-   "License" shall mean the terms and conditions for use, reproduction,
-   and distribution as defined by Sections 1 through 9 of this document.
-
-   "Licensor" shall mean the copyright owner or entity authorized by
-   the copyright owner that is granting the License.
-
-   "Legal Entity" shall mean the union of the acting entity and all
-   other entities that control, are controlled by, or are under common
-   control with that entity. For the purposes of this definition,
-   "control" means (i) the power, direct or indirect, to cause the
-   direction or management of such entity, whether by contract or
-   otherwise, or (ii) ownership of fifty percent (50%) or more of the
-   outstanding shares, or (iii) beneficial ownership of such entity.
-
-   "You" (or "Your") shall mean an individual or Legal Entity
-   exercising permissions granted by this License.
-
-   "Source" form shall mean the preferred form for making modifications,
-   including but not limited to software source code, documentation
-   source, and configuration files.
-
-   "Object" form shall mean any form resulting from mechanical
-   transformation or translation of a Source form, including but
-   not limited to compiled object code, generated documentation,
-   and conversions to other media types.
-
-   "Work" shall mean the work of authorship, whether in Source or
-   Object form, made available under the License, as indicated by a
-   copyright notice that is included in or attached to the work
-   (an example is provided in the Appendix below).
-
-   "Derivative Works" shall mean any work, whether in Source or Object
-   form, that is based on (or derived from) the Work and for which the
-   editorial revisions, annotations, elaborations, or other modifications
-   represent, as a whole, an original work of authorship. For the purposes
-   of this License, Derivative Works shall not include works that remain
-   separable from, or merely link (or bind by name) to the interfaces of,
-   the Work and Derivative Works thereof.
-
-   "Contribution" shall mean any work of authorship, including
-   the original version of the Work and any modifications or additions
-   to that Work or Derivative Works thereof, that is intentionally
-   submitted to Licensor for inclusion in the Work by the copyright owner
-   or by an individual or Legal Entity authorized to submit on behalf of
-   the copyright owner. For the purposes of this definition, "submitted"
-   means any form of electronic, verbal, or written communication sent
-   to the Licensor or its representatives, including but not limited to
-   communication on electronic mailing lists, source code control systems,
-   and issue tracking systems that are managed by, or on behalf of, the
-   Licensor for the purpose of discussing and improving the Work, but
-   excluding communication that is conspicuously marked or otherwise
-   designated in writing by the copyright owner as "Not a Contribution."
-
-   "Contributor" shall mean Licensor and any individual or Legal Entity
-   on behalf of whom a Contribution has been received by Licensor and
-   subsequently incorporated within the Work.
-
-2. Grant of Copyright License. Subject to the terms and conditions of
-   this License, each Contributor hereby grants to You a perpetual,
-   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-   copyright license to reproduce, prepare Derivative Works of,
-   publicly display, publicly perform, sublicense, and distribute the
-   Work and such Derivative Works in Source or Object form.
-
-3. Grant of Patent License. Subject to the terms and conditions of
-   this License, each Contributor hereby grants to You a perpetual,
-   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-   (except as stated in this section) patent license to make, have made,
-   use, offer to sell, sell, import, and otherwise transfer the Work,
-   where such license applies only to those patent claims licensable
-   by such Contributor that are necessarily infringed by their
-   Contribution(s) alone or by combination of their Contribution(s)
-   with the Work to which such Contribution(s) was submitted. If You
-   institute patent litigation against any entity (including a
-   cross-claim or counterclaim in a lawsuit) alleging that the Work
-   or a Contribution incorporated within the Work constitutes direct
-   or contributory patent infringement, then any patent licenses
-   granted to You under this License for that Work shall terminate
-   as of the date such litigation is filed.
-
-4. Redistribution. You may reproduce and distribute copies of the
-   Work or Derivative Works thereof in any medium, with or without
-   modifications, and in Source or Object form, provided that You
-   meet the following conditions:
-
-   (a) You must give any other recipients of the Work or
-       Derivative Works a copy of this License; and
-
-   (b) You must cause any modified files to carry prominent notices
-       stating that You changed the files; and
-
-   (c) You must retain, in the Source form of any Derivative Works
-       that You distribute, all copyright, patent, trademark, and
-       attribution notices from the Source form of the Work,
-       excluding those notices that do not pertain to any part of
-       the Derivative Works; and
-
-   (d) If the Work includes a "NOTICE" text file as part of its
-       distribution, then any Derivative Works that You distribute must
-       include a readable copy of the attribution notices contained
-       within such NOTICE file, excluding those notices that do not
-       pertain to any part of the Derivative Works, in at least one
-       of the following places: within a NOTICE text file distributed
-       as part of the Derivative Works; within the Source form or
-       documentation, if provided along with the Derivative Works; or,
-       within a display generated by the Derivative Works, if and
-       wherever such third-party notices normally appear. The contents
-       of the NOTICE file are for informational purposes only and
-       do not modify the License. You may add Your own attribution
-       notices within Derivative Works that You distribute, alongside
-       or as an addendum to the NOTICE text from the Work, provided
-       that such additional attribution notices cannot be construed
-       as modifying the License.
-
-   You may add Your own copyright statement to Your modifications and
-   may provide additional or different license terms and conditions
-   for use, reproduction, or distribution of Your modifications, or
-   for any such Derivative Works as a whole, provided Your use,
-   reproduction, and distribution of the Work otherwise complies with
-   the conditions stated in this License.
-
-5. Submission of Contributions. Unless You explicitly state otherwise,
-   any Contribution intentionally submitted for inclusion in the Work
-   by You to the Licensor shall be under the terms and conditions of
-   this License, without any additional terms or conditions.
-   Notwithstanding the above, nothing herein shall supersede or modify
-   the terms of any separate license agreement you may have executed
-   with Licensor regarding such Contributions.
-
-6. Trademarks. This License does not grant permission to use the trade
-   names, trademarks, service marks, or product names of the Licensor,
-   except as required for reasonable and customary use in describing the
-   origin of the Work and reproducing the content of the NOTICE file.
-
-7. Disclaimer of Warranty. Unless required by applicable law or
-   agreed to in writing, Licensor provides the Work (and each
-   Contributor provides its Contributions) on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-   implied, including, without limitation, any warranties or conditions
-   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-   PARTICULAR PURPOSE. You are solely responsible for determining the
-   appropriateness of using or redistributing the Work and assume any
-   risks associated with Your exercise of permissions under this License.
-
-8. Limitation of Liability. In no event and under no legal theory,
-   whether in tort (including negligence), contract, or otherwise,
-   unless required by applicable law (such as deliberate and grossly
-   negligent acts) or agreed to in writing, shall any Contributor be
-   liable to You for damages, including any direct, indirect, special,
-   incidental, or consequential damages of any character arising as a
-   result of this License or out of the use or inability to use the
-   Work (including but not limited to damages for loss of goodwill,
-   work stoppage, computer failure or malfunction, or any and all
-   other commercial damages or losses), even if such Contributor
-   has been advised of the possibility of such damages.
-
-9. Accepting Warranty or Additional Liability. While redistributing
-   the Work or Derivative Works thereof, You may choose to offer,
-   and charge a fee for, acceptance of support, warranty, indemnity,
-   or other liability obligations and/or rights consistent with this
-   License. However, in accepting such obligations, You may act only
-   on Your own behalf and on Your sole responsibility, not on behalf
-   of any other Contributor, and only if You agree to indemnify,
-   defend, and hold each Contributor harmless for any liability
-   incurred by, or claims asserted against, such Contributor by reason
-   of your accepting any such warranty or additional liability.
-
-END OF TERMS AND CONDITIONS
-
-APPENDIX: How to apply the Apache License to your work.
-
-   To apply the Apache License to your work, attach the following
-   boilerplate notice, with the fields enclosed by brackets "[]"
-   replaced with your own identifying information. (Don't include
-   the brackets!)  The text should be enclosed in the appropriate
-   comment syntax for the file format. We also recommend that a
-   file or class name and description of purpose be included on the
-   same "printed page" as the copyright notice for easier
-   identification within third-party archives.
-
-Copyright [yyyy] [name of copyright owner]
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-	http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
diff --git a/vendor/security-framework-sys/LICENSE-MIT b/vendor/security-framework-sys/LICENSE-MIT
deleted file mode 100644
index 755eccdb..00000000
--- a/vendor/security-framework-sys/LICENSE-MIT
+++ /dev/null
@@ -1,20 +0,0 @@
-The MIT License (MIT)
-
-Copyright (c) 2015 Steven Fackler
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of
-this software and associated documentation files (the "Software"), to deal in
-the Software without restriction, including without limitation the rights to
-use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
-the Software, and to permit persons to whom the Software is furnished to do so,
-subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
-FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
-COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
-IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/vendor/security-framework-sys/README.md b/vendor/security-framework-sys/README.md
deleted file mode 100644
index 0da3780d..00000000
--- a/vendor/security-framework-sys/README.md
+++ /dev/null
@@ -1,22 +0,0 @@
-# macOS/iOS Security framework for Rust
-
-[![Latest Version](https://img.shields.io/crates/v/security-framework.svg)](https://lib.rs/crates/security-framework)
-
-[Documentation](https://docs.rs/security-framework)
-
-Bindings to the Apple's `Security.framework`. Allows use of TLS and Keychain from Rust.
-
-## License
-
-Licensed under either of
- * Apache License, Version 2.0 ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0)
- * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT)
-
-at your option.
-
-### Contribution
-
-Unless you explicitly state otherwise, any contribution intentionally submitted
-for inclusion in the work by you shall be dual licensed as above, without any
-additional terms or conditions.
-
diff --git a/vendor/security-framework-sys/src/access.rs b/vendor/security-framework-sys/src/access.rs
deleted file mode 100644
index c759f78d..00000000
--- a/vendor/security-framework-sys/src/access.rs
+++ /dev/null
@@ -1,5 +0,0 @@
-use core_foundation_sys::base::CFTypeID;
-
-extern "C" {
-    pub fn SecAccessGetTypeID() -> CFTypeID;
-}
diff --git a/vendor/security-framework-sys/src/access_control.rs b/vendor/security-framework-sys/src/access_control.rs
deleted file mode 100644
index e5e18d6f..00000000
--- a/vendor/security-framework-sys/src/access_control.rs
+++ /dev/null
@@ -1,46 +0,0 @@
-use core_foundation_sys::base::CFOptionFlags;
-use core_foundation_sys::base::{CFAllocatorRef, CFTypeID, CFTypeRef};
-use core_foundation_sys::error::CFErrorRef;
-use core_foundation_sys::string::CFStringRef;
-
-use crate::base::SecAccessControlRef;
-
-mod access_control_flags {
-    use super::CFOptionFlags;
-
-    pub const kSecAccessControlUserPresence: CFOptionFlags = 1 << 0;
-    #[cfg(feature = "OSX_10_13")]
-    pub const kSecAccessControlBiometryAny: CFOptionFlags = 1 << 1;
-    #[cfg(feature = "OSX_10_13")]
-    pub const kSecAccessControlBiometryCurrentSet: CFOptionFlags = 1 << 3;
-    pub const kSecAccessControlDevicePasscode: CFOptionFlags = 1 << 4;
-    #[cfg(feature = "OSX_10_15")]
-    pub const kSecAccessControlWatch: CFOptionFlags = 1 << 5;
-    pub const kSecAccessControlOr: CFOptionFlags = 1 << 14;
-    pub const kSecAccessControlAnd: CFOptionFlags = 1 << 15;
-    pub const kSecAccessControlPrivateKeyUsage: CFOptionFlags = 1 << 30;
-    pub const kSecAccessControlApplicationPassword: CFOptionFlags = 1 << 31;
-}
-
-pub use access_control_flags::*;
-
-extern "C" {
-    pub static kSecAttrAccessibleWhenUnlocked: CFStringRef;
-    pub static kSecAttrAccessibleAfterFirstUnlock: CFStringRef;
-    pub static kSecAttrAccessibleAlways: CFStringRef;
-    pub static kSecAttrAccessibleWhenUnlockedThisDeviceOnly: CFStringRef;
-    pub static kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly: CFStringRef;
-    pub static kSecAttrAccessibleAlwaysThisDeviceOnly: CFStringRef;
-    pub static kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly: CFStringRef;
-}
-
-extern "C" {
-    pub fn SecAccessControlGetTypeID() -> CFTypeID;
-
-    pub fn SecAccessControlCreateWithFlags(
-        allocator: CFAllocatorRef,
-        protection: CFTypeRef,
-        flags: CFOptionFlags,
-        error: *mut CFErrorRef,
-    ) -> SecAccessControlRef;
-}
diff --git a/vendor/security-framework-sys/src/authorization.rs b/vendor/security-framework-sys/src/authorization.rs
deleted file mode 100644
index 07f9a3e0..00000000
--- a/vendor/security-framework-sys/src/authorization.rs
+++ /dev/null
@@ -1,145 +0,0 @@
-use core_foundation_sys::base::CFTypeRef;
-use core_foundation_sys::base::OSStatus;
-use core_foundation_sys::bundle::CFBundleRef;
-use core_foundation_sys::dictionary::CFDictionaryRef;
-use core_foundation_sys::string::CFStringRef;
-use std::os::raw::{c_char, c_void};
-
-pub const errAuthorizationSuccess: OSStatus = 0;
-pub const errAuthorizationInvalidSet: OSStatus = -60001;
-pub const errAuthorizationInvalidRef: OSStatus = -60002;
-pub const errAuthorizationInvalidTag: OSStatus = -60003;
-pub const errAuthorizationInvalidPointer: OSStatus = -60004;
-pub const errAuthorizationDenied: OSStatus = -60005;
-pub const errAuthorizationCanceled: OSStatus = -60006;
-pub const errAuthorizationInteractionNotAllowed: OSStatus = -60007;
-pub const errAuthorizationInternal: OSStatus = -60008;
-pub const errAuthorizationExternalizeNotAllowed: OSStatus = -60009;
-pub const errAuthorizationInternalizeNotAllowed: OSStatus = -60010;
-pub const errAuthorizationInvalidFlags: OSStatus = -60011;
-pub const errAuthorizationToolExecuteFailure: OSStatus = -60031;
-pub const errAuthorizationToolEnvironmentError: OSStatus = -60032;
-pub const errAuthorizationBadAddress: OSStatus = -60033;
-
-pub type AuthorizationFlags = u32;
-pub const kAuthorizationFlagDefaults: AuthorizationFlags = 0;
-pub const kAuthorizationFlagInteractionAllowed: AuthorizationFlags = 1;
-pub const kAuthorizationFlagExtendRights: AuthorizationFlags = 2;
-pub const kAuthorizationFlagPartialRights: AuthorizationFlags = 4;
-pub const kAuthorizationFlagDestroyRights: AuthorizationFlags = 8;
-pub const kAuthorizationFlagPreAuthorize: AuthorizationFlags = 16;
-
-pub type AuthorizationRef = *mut c_void;
-pub type AuthorizationString = *const c_char;
-
-#[repr(C)]
-#[derive(Copy, Clone, Debug)]
-pub struct AuthorizationItem {
-    pub name: AuthorizationString,
-    pub valueLength: usize,
-    pub value: *mut c_void,
-    pub flags: u32,
-}
-
-#[repr(C)]
-#[derive(Copy, Clone, Debug)]
-pub struct AuthorizationItemSet {
-    pub count: u32,
-    pub items: *mut AuthorizationItem,
-}
-
-pub const kAuthorizationExternalFormLength: usize = 32;
-
-#[repr(C)]
-#[derive(Copy, Clone, Debug)]
-pub struct AuthorizationExternalForm {
-    pub bytes: [c_char; kAuthorizationExternalFormLength],
-}
-
-pub type AuthorizationRights = AuthorizationItemSet;
-pub type AuthorizationEnvironment = AuthorizationItemSet;
-
-pub type AuthorizationAsyncCallback =
-    unsafe extern "C" fn(err: OSStatus, blockAuthorizedRights: *mut AuthorizationRights);
-
-extern "C" {
-    pub fn AuthorizationCreate(
-        rights: *const AuthorizationRights,
-        environment: *const AuthorizationEnvironment,
-        flags: AuthorizationFlags,
-        authorization: *mut AuthorizationRef,
-    ) -> OSStatus;
-
-    pub fn AuthorizationFree(
-        authorization: AuthorizationRef,
-        flags: AuthorizationFlags,
-    ) -> OSStatus;
-
-    pub fn AuthorizationCopyRights(
-        authorization: AuthorizationRef,
-        rights: *const AuthorizationRights,
-        environment: *const AuthorizationEnvironment,
-        flags: AuthorizationFlags,
-        authorizedRights: *mut *mut AuthorizationRights,
-    ) -> OSStatus;
-
-    pub fn AuthorizationCopyRightsAsync(
-        authorization: AuthorizationRef,
-        rights: *const AuthorizationRights,
-        environment: *const AuthorizationEnvironment,
-        flags: AuthorizationFlags,
-        callbackBlock: AuthorizationAsyncCallback,
-    );
-
-    pub fn AuthorizationCopyInfo(
-        authorization: AuthorizationRef,
-        tag: AuthorizationString,
-        info: *mut *mut AuthorizationItemSet,
-    ) -> OSStatus;
-
-    pub fn AuthorizationMakeExternalForm(
-        authorization: AuthorizationRef,
-        extForm: *mut AuthorizationExternalForm,
-    ) -> OSStatus;
-
-    pub fn AuthorizationCreateFromExternalForm(
-        extForm: *const AuthorizationExternalForm,
-        authorization: *mut AuthorizationRef,
-    ) -> OSStatus;
-
-    pub fn AuthorizationFreeItemSet(set: *mut AuthorizationItemSet) -> OSStatus;
-
-    pub fn AuthorizationRightGet(
-        rightName: *const c_char,
-        rightDefinition: *mut CFDictionaryRef,
-    ) -> OSStatus;
-
-    pub fn AuthorizationRightSet(
-        authorization: AuthorizationRef,
-        rightName: *const c_char,
-        rightDefinition: CFTypeRef,
-        descriptionKey: CFStringRef,
-        bundle: CFBundleRef,
-        localeTableName: CFStringRef,
-    ) -> OSStatus;
-
-    pub fn AuthorizationRightRemove(
-        authorization: AuthorizationRef,
-        rightName: *const c_char,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn AuthorizationExecuteWithPrivileges(
-        authorization: AuthorizationRef,
-        pathToTool: *const c_char,
-        options: AuthorizationFlags,
-        arguments: *const *mut c_char,
-        communicationsPipe: *mut *mut libc::FILE,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn AuthorizationCopyPrivilegedReference(
-        authorization: *mut AuthorizationRef,
-        flags: AuthorizationFlags,
-    ) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/base.rs b/vendor/security-framework-sys/src/base.rs
deleted file mode 100644
index fafc57cc..00000000
--- a/vendor/security-framework-sys/src/base.rs
+++ /dev/null
@@ -1,68 +0,0 @@
-use core_foundation_sys::base::OSStatus;
-use core_foundation_sys::string::CFStringRef;
-use std::os::raw::c_void;
-
-pub enum OpaqueSecKeychainRef {}
-pub type SecKeychainRef = *mut OpaqueSecKeychainRef;
-
-pub enum OpaqueSecKeychainItemRef {}
-pub type SecKeychainItemRef = *mut OpaqueSecKeychainItemRef;
-
-// OSType from MacTypes.h
-pub type SecKeychainAttrType = u32;
-
-#[repr(C)]
-#[derive(Copy, Clone)]
-pub struct SecKeychainAttribute {
-    pub tag: SecKeychainAttrType,
-    pub length: u32,
-    pub data: *mut c_void,
-}
-
-#[repr(C)]
-#[derive(Copy, Clone)]
-pub struct SecKeychainAttributeList {
-    pub count: u32,
-    pub attr: *mut SecKeychainAttribute,
-}
-
-pub enum OpaqueSecCertificateRef {}
-pub type SecCertificateRef = *mut OpaqueSecCertificateRef;
-
-pub enum OpaqueSecAccessRef {}
-pub type SecAccessRef = *mut OpaqueSecAccessRef;
-
-pub enum OpaqueSecAccessControlRef {}
-pub type SecAccessControlRef = *mut OpaqueSecAccessControlRef;
-
-pub enum OpaqueSecKeyRef {}
-pub type SecKeyRef = *mut OpaqueSecKeyRef;
-
-pub enum OpaqueSecIdentityRef {}
-pub type SecIdentityRef = *mut OpaqueSecIdentityRef;
-
-pub enum OpaqueSecPolicyRef {}
-pub type SecPolicyRef = *mut OpaqueSecPolicyRef;
-
-pub const errSecSuccess: OSStatus = 0;
-pub const errSecUnimplemented: OSStatus = -4;
-pub const errSecIO: OSStatus = -36;
-pub const errSecParam: OSStatus = -50;
-pub const errSecBadReq: OSStatus = -909;
-pub const errSecNoTrustSettings: OSStatus = -25263;
-pub const errSecAuthFailed: OSStatus = -25293;
-pub const errSecDuplicateItem: OSStatus = -25299;
-pub const errSecItemNotFound: OSStatus = -25300;
-pub const errSecCreateChainFailed: OSStatus = -25318;
-pub const errSecConversionError: OSStatus = -67594;
-pub const errSecHostNameMismatch: OSStatus = -67602;
-pub const errSecInvalidExtendedKeyUsage: OSStatus = -67609;
-pub const errSecTrustSettingDeny: OSStatus = -67654;
-pub const errSecCertificateRevoked: OSStatus = -67820;
-pub const errSecNotTrusted: OSStatus = -67843;
-pub const errSecInternalComponent: OSStatus = -2070;
-
-extern "C" {
-    // this is available on iOS 11.3+, MacOS 10.3+
-    pub fn SecCopyErrorMessageString(status: OSStatus, reserved: *mut c_void) -> CFStringRef;
-}
diff --git a/vendor/security-framework-sys/src/certificate.rs b/vendor/security-framework-sys/src/certificate.rs
deleted file mode 100644
index 4d38ca2a..00000000
--- a/vendor/security-framework-sys/src/certificate.rs
+++ /dev/null
@@ -1,101 +0,0 @@
-use core_foundation_sys::array::CFArrayRef;
-use core_foundation_sys::base::{CFAllocatorRef, CFTypeID, OSStatus};
-use core_foundation_sys::data::CFDataRef;
-#[cfg(target_os = "macos")]
-use core_foundation_sys::dictionary::CFDictionaryRef;
-#[cfg(any(target_os = "macos", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-use core_foundation_sys::error::CFErrorRef;
-use core_foundation_sys::string::CFStringRef;
-
-use crate::base::SecCertificateRef;
-use crate::base::SecKeyRef;
-use crate::base::SecKeychainRef;
-
-extern "C" {
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyKeyType: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyKeyLabel: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyKeyLocalizedLabel: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyKeyValue: CFStringRef;
-
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeWarning: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeSuccess: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeSection: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeData: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeString: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeURL: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPropertyTypeDate: CFStringRef;
-
-    // certificate policies
-    pub static kSecPolicyAppleX509Basic: CFStringRef;
-    pub static kSecPolicyAppleSSL: CFStringRef;
-    pub static kSecPolicyAppleSMIME: CFStringRef;
-    pub static kSecPolicyAppleEAP: CFStringRef;
-    pub static kSecPolicyAppleIPsec: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPolicyApplePKINITClient: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecPolicyApplePKINITServer: CFStringRef;
-    pub static kSecPolicyAppleCodeSigning: CFStringRef;
-    pub static kSecPolicyMacAppStoreReceipt: CFStringRef;
-    pub static kSecPolicyAppleIDValidation: CFStringRef;
-    pub static kSecPolicyAppleTimeStamping: CFStringRef;
-    pub static kSecPolicyAppleRevocation: CFStringRef;
-    pub static kSecPolicyApplePassbookSigning: CFStringRef;
-    pub static kSecPolicyApplePayIssuerEncryption: CFStringRef;
-
-    pub fn SecCertificateGetTypeID() -> CFTypeID;
-    pub fn SecCertificateCreateWithData(
-        allocator: CFAllocatorRef,
-        data: CFDataRef,
-    ) -> SecCertificateRef;
-    pub fn SecCertificateAddToKeychain(
-        certificate: SecCertificateRef,
-        keychain: SecKeychainRef,
-    ) -> OSStatus;
-    pub fn SecCertificateCopyData(certificate: SecCertificateRef) -> CFDataRef;
-    pub fn SecCertificateCopySubjectSummary(certificate: SecCertificateRef) -> CFStringRef;
-    pub fn SecCertificateCopyCommonName(
-        certificate: SecCertificateRef,
-        common_name: *mut CFStringRef,
-    ) -> OSStatus;
-    pub fn SecCertificateCopyEmailAddresses(
-        certificate: SecCertificateRef,
-        email_addresses: *mut CFArrayRef,
-    ) -> OSStatus;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecCertificateCopyNormalizedIssuerSequence(certificate: SecCertificateRef) -> CFDataRef;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecCertificateCopyNormalizedSubjectSequence(certificate: SecCertificateRef)
-        -> CFDataRef;
-    #[cfg(target_os = "macos")]
-    #[cfg_attr(target_arch = "aarch64", link_name = "SecCertificateCopyPublicKey$LEGACYMAC")]
-    #[deprecated(note = "Deprecated by Apple. May not work any more. Use SecCertificateCopyKey")]
-    pub fn SecCertificateCopyPublicKey(
-        certificate: SecCertificateRef,
-        key: *mut SecKeyRef,
-    ) -> OSStatus;
-    #[cfg(any(feature = "OSX_10_14", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecCertificateCopyKey(certificate: SecCertificateRef) -> SecKeyRef;
-    #[cfg(any(feature = "OSX_10_13", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecCertificateCopySerialNumberData(
-        certificate: SecCertificateRef,
-        error: *mut CFErrorRef,
-    ) -> CFDataRef;
-    #[cfg(target_os = "macos")]
-    pub fn SecCertificateCopyValues(
-        certificate: SecCertificateRef,
-        keys: CFArrayRef,
-        error: *mut CFErrorRef,
-    ) -> CFDictionaryRef;
-}
diff --git a/vendor/security-framework-sys/src/certificate_oids.rs b/vendor/security-framework-sys/src/certificate_oids.rs
deleted file mode 100644
index 7f6b854d..00000000
--- a/vendor/security-framework-sys/src/certificate_oids.rs
+++ /dev/null
@@ -1,5 +0,0 @@
-use core_foundation_sys::string::CFStringRef;
-
-extern "C" {
-    pub static kSecOIDX509V1SignatureAlgorithm: CFStringRef;
-}
diff --git a/vendor/security-framework-sys/src/cipher_suite.rs b/vendor/security-framework-sys/src/cipher_suite.rs
deleted file mode 100644
index 9782a0e5..00000000
--- a/vendor/security-framework-sys/src/cipher_suite.rs
+++ /dev/null
@@ -1,219 +0,0 @@
-#[cfg(not(target_os = "macos"))]
-pub type SSLCipherSuite = u16;
-
-#[cfg(all(target_os = "macos", target_arch = "aarch64"))]
-pub type SSLCipherSuite = u16;
-
-#[cfg(all(target_os = "macos", not(target_arch = "aarch64")))]
-pub type SSLCipherSuite = u32;
-
-pub const SSL_NULL_WITH_NULL_NULL: SSLCipherSuite = 0x0000;
-pub const SSL_RSA_WITH_NULL_MD5: SSLCipherSuite = 0x0001;
-pub const SSL_RSA_WITH_NULL_SHA: SSLCipherSuite = 0x0002;
-pub const SSL_RSA_EXPORT_WITH_RC4_40_MD5: SSLCipherSuite = 0x0003;
-pub const SSL_RSA_WITH_RC4_128_MD5: SSLCipherSuite = 0x0004;
-pub const SSL_RSA_WITH_RC4_128_SHA: SSLCipherSuite = 0x0005;
-pub const SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5: SSLCipherSuite = 0x0006;
-pub const SSL_RSA_WITH_IDEA_CBC_SHA: SSLCipherSuite = 0x0007;
-pub const SSL_RSA_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x0008;
-pub const SSL_RSA_WITH_DES_CBC_SHA: SSLCipherSuite = 0x0009;
-pub const SSL_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x000A;
-pub const SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x000B;
-pub const SSL_DH_DSS_WITH_DES_CBC_SHA: SSLCipherSuite = 0x000C;
-pub const SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x000D;
-pub const SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x000E;
-pub const SSL_DH_RSA_WITH_DES_CBC_SHA: SSLCipherSuite = 0x000F;
-pub const SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0010;
-pub const SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x0011;
-pub const SSL_DHE_DSS_WITH_DES_CBC_SHA: SSLCipherSuite = 0x0012;
-pub const SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0013;
-pub const SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x0014;
-pub const SSL_DHE_RSA_WITH_DES_CBC_SHA: SSLCipherSuite = 0x0015;
-pub const SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0016;
-pub const SSL_DH_anon_EXPORT_WITH_RC4_40_MD5: SSLCipherSuite = 0x0017;
-pub const SSL_DH_anon_WITH_RC4_128_MD5: SSLCipherSuite = 0x0018;
-pub const SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x0019;
-pub const SSL_DH_anon_WITH_DES_CBC_SHA: SSLCipherSuite = 0x001A;
-pub const SSL_DH_anon_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x001B;
-pub const SSL_FORTEZZA_DMS_WITH_NULL_SHA: SSLCipherSuite = 0x001C;
-pub const SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA: SSLCipherSuite = 0x001D;
-
-// TLS addenda using AES, per RFC 3268
-pub const TLS_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x002F;
-pub const TLS_DH_DSS_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0030;
-pub const TLS_DH_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0031;
-pub const TLS_DHE_DSS_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0032;
-pub const TLS_DHE_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0033;
-pub const TLS_DH_anon_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0034;
-pub const TLS_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0035;
-pub const TLS_DH_DSS_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0036;
-pub const TLS_DH_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0037;
-pub const TLS_DHE_DSS_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0038;
-pub const TLS_DHE_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0039;
-pub const TLS_DH_anon_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x003A;
-
-// ECDSA addenda, RFC 4492
-pub const TLS_ECDH_ECDSA_WITH_NULL_SHA: SSLCipherSuite = 0xC001;
-pub const TLS_ECDH_ECDSA_WITH_RC4_128_SHA: SSLCipherSuite = 0xC002;
-pub const TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC003;
-pub const TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC004;
-pub const TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC005;
-pub const TLS_ECDHE_ECDSA_WITH_NULL_SHA: SSLCipherSuite = 0xC006;
-pub const TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: SSLCipherSuite = 0xC007;
-pub const TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC008;
-pub const TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC009;
-pub const TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC00A;
-pub const TLS_ECDH_RSA_WITH_NULL_SHA: SSLCipherSuite = 0xC00B;
-pub const TLS_ECDH_RSA_WITH_RC4_128_SHA: SSLCipherSuite = 0xC00C;
-pub const TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC00D;
-pub const TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC00E;
-pub const TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC00F;
-pub const TLS_ECDHE_RSA_WITH_NULL_SHA: SSLCipherSuite = 0xC010;
-pub const TLS_ECDHE_RSA_WITH_RC4_128_SHA: SSLCipherSuite = 0xC011;
-pub const TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC012;
-pub const TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC013;
-pub const TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC014;
-pub const TLS_ECDH_anon_WITH_NULL_SHA: SSLCipherSuite = 0xC015;
-pub const TLS_ECDH_anon_WITH_RC4_128_SHA: SSLCipherSuite = 0xC016;
-pub const TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC017;
-pub const TLS_ECDH_anon_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC018;
-pub const TLS_ECDH_anon_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC019;
-
-// TLS 1.2 addenda, RFC 5246
-
-// Initial state.
-pub const TLS_NULL_WITH_NULL_NULL: SSLCipherSuite = 0x0000;
-
-// Server provided RSA certificate for key exchange.
-pub const TLS_RSA_WITH_NULL_MD5: SSLCipherSuite = 0x0001;
-pub const TLS_RSA_WITH_NULL_SHA: SSLCipherSuite = 0x0002;
-pub const TLS_RSA_WITH_RC4_128_MD5: SSLCipherSuite = 0x0004;
-pub const TLS_RSA_WITH_RC4_128_SHA: SSLCipherSuite = 0x0005;
-pub const TLS_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x000A;
-// pub const TLS_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x002F;
-// pub const TLS_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0035;
-pub const TLS_RSA_WITH_NULL_SHA256: SSLCipherSuite = 0x003B;
-pub const TLS_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x003C;
-pub const TLS_RSA_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x003D;
-
-// Server-authenticated (and optionally client-authenticated) Diffie-Hellman.
-pub const TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x000D;
-pub const TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0010;
-pub const TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0013;
-pub const TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0016;
-// pub const TLS_DH_DSS_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0030;
-// pub const TLS_DH_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0031;
-// pub const TLS_DHE_DSS_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0032;
-// pub const TLS_DHE_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0033;
-// pub const TLS_DH_DSS_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0036;
-// pub const TLS_DH_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0037;
-// pub const TLS_DHE_DSS_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0038;
-// pub const TLS_DHE_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0039;
-pub const TLS_DH_DSS_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x003E;
-pub const TLS_DH_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x003F;
-pub const TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x0040;
-pub const TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x0067;
-pub const TLS_DH_DSS_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x0068;
-pub const TLS_DH_RSA_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x0069;
-pub const TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x006A;
-pub const TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x006B;
-
-// Completely anonymous Diffie-Hellman
-pub const TLS_DH_anon_WITH_RC4_128_MD5: SSLCipherSuite = 0x0018;
-pub const TLS_DH_anon_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x001B;
-// pub const TLS_DH_anon_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0034;
-// pub const TLS_DH_anon_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x003A;
-pub const TLS_DH_anon_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x006C;
-pub const TLS_DH_anon_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x006D;
-
-// Addendum from RFC 4279, TLS PSK
-
-pub const TLS_PSK_WITH_RC4_128_SHA: SSLCipherSuite = 0x008A;
-pub const TLS_PSK_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x008B;
-pub const TLS_PSK_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x008C;
-pub const TLS_PSK_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x008D;
-pub const TLS_DHE_PSK_WITH_RC4_128_SHA: SSLCipherSuite = 0x008E;
-pub const TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x008F;
-pub const TLS_DHE_PSK_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0090;
-pub const TLS_DHE_PSK_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0091;
-pub const TLS_RSA_PSK_WITH_RC4_128_SHA: SSLCipherSuite = 0x0092;
-pub const TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0093;
-pub const TLS_RSA_PSK_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0094;
-pub const TLS_RSA_PSK_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0095;
-
-// RFC 4785 - Pre-Shared Key (PSK) Ciphersuites with NULL Encryption
-
-pub const TLS_PSK_WITH_NULL_SHA: SSLCipherSuite = 0x002C;
-pub const TLS_DHE_PSK_WITH_NULL_SHA: SSLCipherSuite = 0x002D;
-pub const TLS_RSA_PSK_WITH_NULL_SHA: SSLCipherSuite = 0x002E;
-
-// Addenda from rfc 5288 AES Galois Counter Mode (GCM) Cipher Suites
-// for TLS.
-pub const TLS_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x009C;
-pub const TLS_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x009D;
-pub const TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x009E;
-pub const TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x009F;
-pub const TLS_DH_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A0;
-pub const TLS_DH_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A1;
-pub const TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A2;
-pub const TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A3;
-pub const TLS_DH_DSS_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A4;
-pub const TLS_DH_DSS_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A5;
-pub const TLS_DH_anon_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A6;
-pub const TLS_DH_anon_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A7;
-
-// RFC 5487 - PSK with SHA-256/384 and AES GCM
-pub const TLS_PSK_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A8;
-pub const TLS_PSK_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A9;
-pub const TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00AA;
-pub const TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00AB;
-pub const TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00AC;
-pub const TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00AD;
-
-pub const TLS_PSK_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x00AE;
-pub const TLS_PSK_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0x00AF;
-pub const TLS_PSK_WITH_NULL_SHA256: SSLCipherSuite = 0x00B0;
-pub const TLS_PSK_WITH_NULL_SHA384: SSLCipherSuite = 0x00B1;
-
-pub const TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x00B2;
-pub const TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0x00B3;
-pub const TLS_DHE_PSK_WITH_NULL_SHA256: SSLCipherSuite = 0x00B4;
-pub const TLS_DHE_PSK_WITH_NULL_SHA384: SSLCipherSuite = 0x00B5;
-
-pub const TLS_RSA_PSK_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x00B6;
-pub const TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0x00B7;
-pub const TLS_RSA_PSK_WITH_NULL_SHA256: SSLCipherSuite = 0x00B8;
-pub const TLS_RSA_PSK_WITH_NULL_SHA384: SSLCipherSuite = 0x00B9;
-
-// Addenda from rfc 5289  Elliptic Curve Cipher Suites with
-// HMAC SHA-256/384.
-pub const TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0xC023;
-pub const TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0xC024;
-pub const TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0xC025;
-pub const TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0xC026;
-pub const TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0xC027;
-pub const TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0xC028;
-pub const TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0xC029;
-pub const TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0xC02A;
-
-// Addenda from rfc 5289  Elliptic Curve Cipher Suites with
-// SHA-256/384 and AES Galois Counter Mode (GCM)
-pub const TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0xC02B;
-pub const TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0xC02C;
-pub const TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0xC02D;
-pub const TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0xC02E;
-pub const TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0xC02F;
-pub const TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0xC030;
-pub const TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0xC031;
-pub const TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0xC032;
-
-// RFC 5746 - Secure Renegotiation
-pub const TLS_EMPTY_RENEGOTIATION_INFO_SCSV: SSLCipherSuite = 0x00FF;
-// Tags for SSL 2 cipher kinds which are not specified
-// for SSL 3.
-//
-pub const SSL_RSA_WITH_RC2_CBC_MD5: SSLCipherSuite = 0xFF80;
-pub const SSL_RSA_WITH_IDEA_CBC_MD5: SSLCipherSuite = 0xFF81;
-pub const SSL_RSA_WITH_DES_CBC_MD5: SSLCipherSuite = 0xFF82;
-pub const SSL_RSA_WITH_3DES_EDE_CBC_MD5: SSLCipherSuite = 0xFF83;
-pub const SSL_NO_SUCH_CIPHERSUITE: SSLCipherSuite = 0xFFFF;
diff --git a/vendor/security-framework-sys/src/cms.rs b/vendor/security-framework-sys/src/cms.rs
deleted file mode 100644
index 6da3702e..00000000
--- a/vendor/security-framework-sys/src/cms.rs
+++ /dev/null
@@ -1,250 +0,0 @@
-//! Cryptographic Message Syntax support
-
-use std::os::raw::c_void;
-
-use core_foundation_sys::array::CFArrayRef;
-use core_foundation_sys::base::{Boolean, CFTypeID, CFTypeRef, OSStatus};
-use core_foundation_sys::data::CFDataRef;
-use core_foundation_sys::date::CFAbsoluteTime;
-use core_foundation_sys::string::CFStringRef;
-
-use crate::base::SecCertificateRef;
-use crate::trust::SecTrustRef;
-
-pub enum OpaqueCMSEncoderRef {}
-pub type CMSEncoderRef = *mut OpaqueCMSEncoderRef;
-
-pub enum OpaqueCMSDecoderRef {}
-pub type CMSDecoderRef = *mut OpaqueCMSEncoderRef;
-
-#[repr(i32)]
-#[derive(Copy, Clone, Eq, PartialEq, Debug)]
-pub enum CMSSignerStatus {
-    kCMSSignerUnsigned = 0,
-    kCMSSignerValid = 1,
-    kCMSSignerNeedsDetachedContent = 2,
-    kCMSSignerInvalidSignature = 3,
-    kCMSSignerInvalidCert = 4,
-    kCMSSignerInvalidIndex = 5,
-}
-
-pub type CMSSignedAttributes = u32;
-pub const kCMSAttrNone: CMSSignedAttributes = 0x0000;
-pub const kCMSAttrSmimeCapabilities: CMSSignedAttributes = 0x0001;
-pub const kCMSAttrSmimeEncryptionKeyPrefs: CMSSignedAttributes = 0x0002;
-pub const kCMSAttrSmimeMSEncryptionKeyPrefs: CMSSignedAttributes = 0x0004;
-pub const kCMSAttrSigningTime: CMSSignedAttributes = 0x0008;
-pub const kCMSAttrAppleCodesigningHashAgility: CMSSignedAttributes = 0x0010;
-pub const kCMSAttrAppleCodesigningHashAgilityV2: CMSSignedAttributes = 0x0020;
-pub const kCMSAttrAppleExpirationTime: CMSSignedAttributes = 0x0040;
-
-#[repr(i32)]
-#[derive(Copy, Clone, Eq, PartialEq, Debug)]
-pub enum CMSCertificateChainMode {
-    kCMSCertificateNone = 0,
-    kCMSCertificateSignerOnly = 1,
-    kCMSCertificateChain = 2,
-    kCMSCertificateChainWithRoot = 3,
-    kCMSCertificateChainWithRootOrFail = 4,
-}
-
-extern "C" {
-
-    // CMS decoder
-
-    pub fn CMSDecoderGetTypeID() -> CFTypeID;
-
-    pub fn CMSDecoderCreate(output: *mut CMSDecoderRef) -> OSStatus;
-
-    pub fn CMSDecoderUpdateMessage(
-        decoder: CMSDecoderRef,
-        msg_bytes: *const c_void,
-        msg_bytes_len: usize,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderFinalizeMessage(decoder: CMSDecoderRef) -> OSStatus;
-
-    pub fn CMSDecoderSetDetachedContent(
-        decoder: CMSDecoderRef,
-        detached_content: CFDataRef,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopyDetachedContent(
-        decoder: CMSDecoderRef,
-        detached_content_out: *mut CFDataRef,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderGetNumSigners(
-        decoder: CMSDecoderRef,
-        num_signers_out: *mut usize,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerStatus(
-        decoder: CMSDecoderRef,
-        signer_index: usize,
-        policy_or_array: CFTypeRef,
-        evaluate_sec_trust: Boolean,
-        signer_status_out: *mut CMSSignerStatus,
-        sec_trust_out: *mut SecTrustRef,
-        cert_verify_result_code_out: *mut OSStatus,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerEmailAddress(
-        decoder: CMSDecoderRef,
-        signer_index: usize,
-        signer_email_address_out: *mut CFStringRef,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerCert(
-        decoder: CMSDecoderRef,
-        signer_index: usize,
-        signer_cert_out: *mut SecCertificateRef,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderIsContentEncrypted(
-        decoder: CMSDecoderRef,
-        is_encrypted_out: *mut Boolean,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopyEncapsulatedContentType(
-        decoder: CMSDecoderRef,
-        content_type_out: *mut CFDataRef,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopyAllCerts(decoder: CMSDecoderRef, certs_out: *mut CFArrayRef) -> OSStatus;
-
-    pub fn CMSDecoderCopyContent(decoder: CMSDecoderRef, content_out: *mut CFDataRef) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerSigningTime(
-        decoder: CMSDecoderRef,
-        signer_index: usize,
-        sign_time_out: *mut CFAbsoluteTime,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerTimestamp(
-        decoder: CMSDecoderRef,
-        signer_index: usize,
-        timestamp: *mut CFAbsoluteTime,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerTimestampWithPolicy(
-        decoder: CMSDecoderRef,
-        timestamp_policy: CFTypeRef,
-        signer_index: usize,
-        timestamp: *mut CFAbsoluteTime,
-    ) -> OSStatus;
-
-    pub fn CMSDecoderCopySignerTimestampCertificates(
-        decoder: CMSDecoderRef,
-        signer_index: usize,
-        certificate_refs: *mut CFArrayRef,
-    ) -> OSStatus;
-
-    // CMS encoder
-
-    pub static kCMSEncoderDigestAlgorithmSHA1: CFStringRef;
-    pub static kCMSEncoderDigestAlgorithmSHA256: CFStringRef;
-
-    pub fn CMSEncoderGetTypeID() -> CFTypeID;
-
-    pub fn CMSEncoderCreate(encoder_out: *mut CMSEncoderRef) -> OSStatus;
-
-    pub fn CMSEncoderSetSignerAlgorithm(
-        encoder: CMSEncoderRef,
-        digest_alogrithm: CFStringRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderAddSigners(encoder: CMSEncoderRef, signer_or_array: CFTypeRef) -> OSStatus;
-
-    pub fn CMSEncoderCopySigners(encoder: CMSEncoderRef, signers_out: *mut CFArrayRef) -> OSStatus;
-
-    pub fn CMSEncoderAddRecipients(
-        encoder: CMSEncoderRef,
-        recipient_or_array: CFTypeRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderCopyRecipients(
-        encoder: CMSEncoderRef,
-        recipients_out: *mut CFArrayRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderSetHasDetachedContent(
-        encoder: CMSEncoderRef,
-        detached_content: Boolean,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderGetHasDetachedContent(
-        encoder: CMSEncoderRef,
-        detached_content_out: *mut Boolean,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderSetEncapsulatedContentTypeOID(
-        encoder: CMSEncoderRef,
-        content_type_oid: CFTypeRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderCopyEncapsulatedContentType(
-        encoder: CMSEncoderRef,
-        content_type_out: *mut CFDataRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderAddSupportingCerts(
-        encoder: CMSEncoderRef,
-        cert_or_array: CFTypeRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderCopySupportingCerts(
-        encoder: CMSEncoderRef,
-        certs_out: *mut CFArrayRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderAddSignedAttributes(
-        encoder: CMSEncoderRef,
-        signed_attributes: CMSSignedAttributes,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderSetCertificateChainMode(
-        encoder: CMSEncoderRef,
-        chain_mode: CMSCertificateChainMode,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderGetCertificateChainMode(
-        encoder: CMSEncoderRef,
-        chain_mode_out: *mut CMSCertificateChainMode,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderUpdateContent(
-        encoder: CMSEncoderRef,
-        content: *const c_void,
-        content_len: usize,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderCopyEncodedContent(
-        encoder: CMSEncoderRef,
-        encoded_content_out: *mut CFDataRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncodeContent(
-        signers: CFTypeRef,
-        recipients: CFTypeRef,
-        content_type_oid: CFTypeRef,
-        detached_content: Boolean,
-        signed_attributes: CMSSignedAttributes,
-        content: *const c_void,
-        content_len: usize,
-        encoded_content_out: *mut CFDataRef,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderCopySignerTimestamp(
-        encoder: CMSEncoderRef,
-        signer_index: usize,
-        timestamp: *mut CFAbsoluteTime,
-    ) -> OSStatus;
-
-    pub fn CMSEncoderCopySignerTimestampWithPolicy(
-        encoder: CMSEncoderRef,
-        timestamp_policy: CFTypeRef,
-        signer_index: usize,
-        timestamp: *mut CFAbsoluteTime,
-    ) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/code_signing.rs b/vendor/security-framework-sys/src/code_signing.rs
deleted file mode 100644
index bd4abc76..00000000
--- a/vendor/security-framework-sys/src/code_signing.rs
+++ /dev/null
@@ -1,96 +0,0 @@
-use core_foundation_sys::base::CFTypeID;
-use core_foundation_sys::base::OSStatus;
-use core_foundation_sys::dictionary::CFDictionaryRef;
-use core_foundation_sys::string::CFStringRef;
-use core_foundation_sys::url::CFURLRef;
-
-pub enum OpaqueSecRequirementRef {}
-pub type SecRequirementRef = *mut OpaqueSecRequirementRef;
-
-pub enum OpaqueSecCodeRef {}
-pub type SecCodeRef = *mut OpaqueSecCodeRef;
-
-pub enum OpaqueSecStaticCodeRef {}
-pub type SecStaticCodeRef = *mut OpaqueSecStaticCodeRef;
-
-pub type SecCSFlags = u32;
-pub const kSecCSCheckAllArchitectures: SecCSFlags = 1 << 0;
-pub const kSecCSDoNotValidateExecutable: SecCSFlags = 1 << 1;
-pub const kSecCSDoNotValidateResources: SecCSFlags = 1 << 2;
-pub const kSecCSBasicValidateOnly: SecCSFlags =
-    kSecCSDoNotValidateExecutable | kSecCSDoNotValidateResources;
-pub const kSecCSCheckNestedCode: SecCSFlags = 1 << 3;
-pub const kSecCSStrictValidate: SecCSFlags = 1 << 4;
-pub const kSecCSFullReport: SecCSFlags = 1 << 5;
-pub const kSecCSCheckGatekeeperArchitectures: SecCSFlags = (1 << 6) | kSecCSCheckAllArchitectures;
-pub const kSecCSRestrictSymlinks: SecCSFlags = 1 << 7;
-pub const kSecCSRestrictToAppLike: SecCSFlags = 1 << 8;
-pub const kSecCSRestrictSidebandData: SecCSFlags = 1 << 9;
-pub const kSecCSUseSoftwareSigningCert: SecCSFlags = 1 << 10;
-pub const kSecCSValidatePEH: SecCSFlags = 1 << 11;
-pub const kSecCSSingleThreaded: SecCSFlags = 1 << 12;
-// 13 - 15 are unused
-// This is only available in macOS 11.3:
-// pub const kSecCSAllowNetworkAccess: SecCSFlags = 1 << 16;
-// 17 - 25 are unused
-pub const kSecCSQuickCheck: SecCSFlags = 1 << 26;
-pub const kSecCSCheckTrustedAnchors: SecCSFlags = 1 << 27;
-pub const kSecCSReportProgress: SecCSFlags = 1 << 28;
-pub const kSecCSNoNetworkAccess: SecCSFlags = 1 << 29;
-pub const kSecCSEnforceRevocationChecks: SecCSFlags = 1 << 30;
-pub const kSecCSConsiderExpiration: SecCSFlags = 1 << 31;
-
-extern "C" {
-    pub static kSecGuestAttributeArchitecture: CFStringRef;
-    pub static kSecGuestAttributeAudit: CFStringRef;
-    pub static kSecGuestAttributeCanonical: CFStringRef;
-    pub static kSecGuestAttributeDynamicCode: CFStringRef;
-    pub static kSecGuestAttributeDynamicCodeInfoPlist: CFStringRef;
-    pub static kSecGuestAttributeHash: CFStringRef;
-    pub static kSecGuestAttributeMachPort: CFStringRef;
-    pub static kSecGuestAttributePid: CFStringRef;
-    pub static kSecGuestAttributeSubarchitecture: CFStringRef;
-
-    pub fn SecCodeGetTypeID() -> CFTypeID;
-    pub fn SecStaticCodeGetTypeID() -> CFTypeID;
-    pub fn SecRequirementGetTypeID() -> CFTypeID;
-
-    pub fn SecCodeCheckValidity(
-        code: SecCodeRef,
-        flags: SecCSFlags,
-        requirement: SecRequirementRef,
-    ) -> OSStatus;
-
-    pub fn SecCodeCopyGuestWithAttributes(
-        host: SecCodeRef,
-        attrs: CFDictionaryRef,
-        flags: SecCSFlags,
-        guest: *mut SecCodeRef,
-    ) -> OSStatus;
-
-    pub fn SecCodeCopyPath(
-        code: SecStaticCodeRef,
-        flags: SecCSFlags,
-        path: *mut CFURLRef,
-    ) -> OSStatus;
-
-    pub fn SecCodeCopySelf(flags: SecCSFlags, out: *mut SecCodeRef) -> OSStatus;
-
-    pub fn SecRequirementCreateWithString(
-        text: CFStringRef,
-        flags: SecCSFlags,
-        requirement: *mut SecRequirementRef,
-    ) -> OSStatus;
-
-    pub fn SecStaticCodeCheckValidity(
-        code: SecStaticCodeRef,
-        flags: SecCSFlags,
-        requirement: SecRequirementRef,
-    ) -> OSStatus;
-
-    pub fn SecStaticCodeCreateWithPath(
-        path: CFURLRef,
-        flags: SecCSFlags,
-        code: *mut SecStaticCodeRef,
-    ) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/digest_transform.rs b/vendor/security-framework-sys/src/digest_transform.rs
deleted file mode 100644
index fdcf6ee2..00000000
--- a/vendor/security-framework-sys/src/digest_transform.rs
+++ /dev/null
@@ -1,28 +0,0 @@
-use core_foundation_sys::base::{CFIndex, CFTypeRef};
-use core_foundation_sys::error::CFErrorRef;
-use core_foundation_sys::string::CFStringRef;
-
-use crate::transform::SecTransformRef;
-
-extern "C" {
-    pub static kSecDigestHMACKeyAttribute: CFStringRef;
-    pub static kSecDigestHMACMD5: CFStringRef;
-    pub static kSecDigestHMACSHA1: CFStringRef;
-    pub static kSecDigestHMACSHA2: CFStringRef;
-    pub static kSecDigestLengthAttribute: CFStringRef;
-    pub static kSecDigestMD2: CFStringRef;
-    pub static kSecDigestMD4: CFStringRef;
-    pub static kSecDigestMD5: CFStringRef;
-    pub static kSecDigestSHA1: CFStringRef;
-    pub static kSecDigestSHA2: CFStringRef;
-    pub static kSecDigestTypeAttribute: CFStringRef;
-
-    pub fn SecDigestTransformCreate(
-        digestType: CFTypeRef,
-        digestLength: CFIndex,
-        error: *mut CFErrorRef,
-    ) -> SecTransformRef;
-
-// this symbol is apparently missing in 10.13.3?
-// pub fn SecDigestTransformGetTypeID() -> CFTypeID;
-}
diff --git a/vendor/security-framework-sys/src/encrypt_transform.rs b/vendor/security-framework-sys/src/encrypt_transform.rs
deleted file mode 100644
index 85330527..00000000
--- a/vendor/security-framework-sys/src/encrypt_transform.rs
+++ /dev/null
@@ -1,29 +0,0 @@
-use core_foundation_sys::error::CFErrorRef;
-use core_foundation_sys::string::CFStringRef;
-
-use crate::base::SecKeyRef;
-use crate::transform::SecTransformRef;
-
-extern "C" {
-    pub static kSecEncryptionMode: CFStringRef;
-    pub static kSecEncryptKey: CFStringRef;
-    pub static kSecIVKey: CFStringRef;
-    pub static kSecModeCBCKey: CFStringRef;
-    pub static kSecModeCFBKey: CFStringRef;
-    pub static kSecModeECBKey: CFStringRef;
-    pub static kSecModeNoneKey: CFStringRef;
-    pub static kSecModeOFBKey: CFStringRef;
-    pub static kSecPaddingKey: CFStringRef;
-    pub static kSecPaddingNoneKey: CFStringRef;
-    pub static kSecPaddingOAEPKey: CFStringRef;
-    pub static kSecPaddingPKCS1Key: CFStringRef;
-    pub static kSecPaddingPKCS5Key: CFStringRef;
-    pub static kSecPaddingPKCS7Key: CFStringRef;
-
-    pub fn SecDecryptTransformCreate(keyRef: SecKeyRef, error: *mut CFErrorRef) -> SecTransformRef;
-    // this symbol is apparently missing in 10.13.3?
-    // pub fn SecDecryptTransformGetTypeID() -> CFTypeID;
-    pub fn SecEncryptTransformCreate(keyRef: SecKeyRef, error: *mut CFErrorRef) -> SecTransformRef;
-// this symbol is apparently missing in 10.13.3?
-// pub fn SecEncryptTransformGetTypeID() -> CFTypeID;
-}
diff --git a/vendor/security-framework-sys/src/identity.rs b/vendor/security-framework-sys/src/identity.rs
deleted file mode 100644
index 6d8295ec..00000000
--- a/vendor/security-framework-sys/src/identity.rs
+++ /dev/null
@@ -1,21 +0,0 @@
-#[cfg(target_os = "macos")]
-use core_foundation_sys::base::CFTypeRef;
-use core_foundation_sys::base::{CFTypeID, OSStatus};
-
-use crate::base::{SecCertificateRef, SecIdentityRef, SecKeyRef};
-
-extern "C" {
-    pub fn SecIdentityGetTypeID() -> CFTypeID;
-    pub fn SecIdentityCopyCertificate(
-        identity: SecIdentityRef,
-        certificate_ref: *mut SecCertificateRef,
-    ) -> OSStatus;
-    pub fn SecIdentityCopyPrivateKey(identity: SecIdentityRef, key_ref: *mut SecKeyRef)
-        -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SecIdentityCreateWithCertificate(
-        keychain_or_Array: CFTypeRef,
-        certificate_ref: SecCertificateRef,
-        identity_ref: *mut SecIdentityRef,
-    ) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/import_export.rs b/vendor/security-framework-sys/src/import_export.rs
deleted file mode 100644
index cd32f571..00000000
--- a/vendor/security-framework-sys/src/import_export.rs
+++ /dev/null
@@ -1,86 +0,0 @@
-use core_foundation_sys::array::CFArrayRef;
-#[cfg(target_os = "macos")]
-use core_foundation_sys::base::CFTypeRef;
-use core_foundation_sys::base::OSStatus;
-use core_foundation_sys::data::CFDataRef;
-use core_foundation_sys::dictionary::CFDictionaryRef;
-use core_foundation_sys::string::CFStringRef;
-#[cfg(target_os = "macos")]
-use std::os::raw::c_uint;
-
-#[cfg(target_os = "macos")]
-use crate::base::{SecAccessRef, SecKeychainRef};
-
-#[cfg(target_os = "macos")]
-pub type SecExternalFormat = u32;
-#[cfg(target_os = "macos")]
-pub type SecExternalItemType = u32;
-#[cfg(target_os = "macos")]
-pub type SecItemImportExportFlags = u32;
-#[cfg(target_os = "macos")]
-pub type SecKeyImportExportFlags = u32;
-
-#[cfg(target_os = "macos")]
-pub const kSecKeyImportOnlyOne: SecKeyImportExportFlags = 1;
-#[cfg(target_os = "macos")]
-pub const kSecKeySecurePassphrase: SecKeyImportExportFlags = 2;
-#[cfg(target_os = "macos")]
-pub const kSecKeyNoAccessControl: SecKeyImportExportFlags = 4;
-
-#[cfg(target_os = "macos")]
-pub const SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION: c_uint = 0;
-
-#[repr(C)]
-#[derive(Copy, Clone)]
-#[cfg(target_os = "macos")]
-pub struct SecItemImportExportKeyParameters {
-    pub version: c_uint,
-    pub flags: SecKeyImportExportFlags,
-    pub passphrase: CFTypeRef,
-    pub alertTitle: CFStringRef,
-    pub alertPrompt: CFStringRef,
-    pub accessRef: SecAccessRef,
-    pub keyUsage: CFArrayRef,
-    pub keyAttributes: CFArrayRef,
-}
-
-extern "C" {
-    #[cfg(target_os = "macos")]
-    pub fn SecItemImport(
-        importedData: CFDataRef,
-        fileNameOrExtension: CFStringRef,
-        inputFormat: *mut SecExternalFormat,
-        itemType: *mut SecExternalItemType,
-        flags: SecItemImportExportFlags,
-        keyParams: *const SecItemImportExportKeyParameters,
-        importKeychain: SecKeychainRef,
-        outItems: *mut CFArrayRef,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecItemExport(
-        secItemOrArray: CFTypeRef,
-        outputFormat: SecExternalFormat,
-        flags: SecItemImportExportFlags,
-        keyParams: *const SecItemImportExportKeyParameters,
-        exportedData: *mut CFDataRef,
-    ) -> OSStatus;
-
-    pub static kSecImportExportPassphrase: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecImportExportKeychain: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecImportExportAccess: CFStringRef;
-
-    pub static kSecImportItemLabel: CFStringRef;
-    pub static kSecImportItemKeyID: CFStringRef;
-    pub static kSecImportItemTrust: CFStringRef;
-    pub static kSecImportItemCertChain: CFStringRef;
-    pub static kSecImportItemIdentity: CFStringRef;
-
-    pub fn SecPKCS12Import(
-        pkcs12_data: CFDataRef,
-        options: CFDictionaryRef,
-        items: *mut CFArrayRef,
-    ) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/item.rs b/vendor/security-framework-sys/src/item.rs
deleted file mode 100644
index 5427bc99..00000000
--- a/vendor/security-framework-sys/src/item.rs
+++ /dev/null
@@ -1,93 +0,0 @@
-use core_foundation_sys::string::CFStringRef;
-
-extern "C" {
-    pub static kSecClass: CFStringRef;
-    pub static kSecClassInternetPassword: CFStringRef;
-    pub static kSecClassGenericPassword: CFStringRef;
-    pub static kSecClassCertificate: CFStringRef;
-    pub static kSecClassKey: CFStringRef;
-    pub static kSecClassIdentity: CFStringRef;
-
-    pub static kSecMatchLimit: CFStringRef;
-    pub static kSecMatchLimitAll: CFStringRef;
-
-    pub static kSecMatchTrustedOnly: CFStringRef;
-    pub static kSecMatchCaseInsensitive: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecMatchSubjectWholeString: CFStringRef;
-
-    pub static kSecReturnData: CFStringRef;
-    pub static kSecReturnAttributes: CFStringRef;
-    pub static kSecReturnRef: CFStringRef;
-    pub static kSecReturnPersistentRef: CFStringRef;
-
-    pub static kSecMatchSearchList: CFStringRef;
-
-    pub static kSecAttrApplicationLabel: CFStringRef;
-    pub static kSecAttrKeyType: CFStringRef;
-    pub static kSecAttrLabel: CFStringRef;
-    pub static kSecAttrIsPermanent: CFStringRef;
-    pub static kSecAttrPublicKeyHash: CFStringRef;
-    pub static kSecAttrSerialNumber: CFStringRef;
-    pub static kSecPrivateKeyAttrs: CFStringRef;
-    pub static kSecPublicKeyAttrs: CFStringRef;
-
-    pub static kSecAttrKeyClass: CFStringRef;
-    pub static kSecAttrKeyClassPublic: CFStringRef;
-    pub static kSecAttrKeyClassPrivate: CFStringRef;
-    pub static kSecAttrKeyClassSymmetric: CFStringRef;
-
-    pub static kSecUseKeychain: CFStringRef;
-    #[cfg(any(feature = "OSX_10_15", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecUseDataProtectionKeychain: CFStringRef;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecAttrTokenID: CFStringRef;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecAttrTokenIDSecureEnclave: CFStringRef;
-    #[cfg(any(feature = "OSX_10_13", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecUseAuthenticationContext: CFStringRef;
-    #[cfg(any(feature = "OSX_10_13", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecAttrSynchronizable: CFStringRef;
-
-    pub static kSecAttrKeySizeInBits: CFStringRef;
-
-    pub static kSecAttrKeyTypeECSECPrimeRandom: CFStringRef;
-    pub static kSecAttrKeyTypeRSA: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyTypeDSA: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyTypeAES: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyTypeDES: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyType3DES: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyTypeRC4: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyTypeRC2: CFStringRef;
-    #[cfg(target_os = "macos")]
-    pub static kSecAttrKeyTypeCAST: CFStringRef;
-    pub static kSecAttrKeyTypeEC: CFStringRef;
-
-    pub static kSecAttrAccessGroup: CFStringRef;
-    pub static kSecAttrAccessGroupToken: CFStringRef;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecKeyKeyExchangeParameterRequestedSize: CFStringRef;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub static kSecKeyKeyExchangeParameterSharedInfo: CFStringRef;
-
-    pub static kSecAttrAuthenticationType: CFStringRef;
-    pub static kSecAttrComment: CFStringRef;
-    pub static kSecAttrDescription: CFStringRef;
-    pub static kSecAttrPath: CFStringRef;
-    pub static kSecAttrPort: CFStringRef;
-    pub static kSecAttrProtocol: CFStringRef;
-    pub static kSecAttrSecurityDomain: CFStringRef;
-    pub static kSecAttrServer: CFStringRef;
-    pub static kSecAttrService: CFStringRef;
-    pub static kSecAttrAccessControl: CFStringRef;
-    pub static kSecAttrAccount: CFStringRef;
-    pub static kSecValueData: CFStringRef;
-    pub static kSecValueRef: CFStringRef;
-}
diff --git a/vendor/security-framework-sys/src/key.rs b/vendor/security-framework-sys/src/key.rs
deleted file mode 100644
index a40a3036..00000000
--- a/vendor/security-framework-sys/src/key.rs
+++ /dev/null
@@ -1,219 +0,0 @@
-use core_foundation_sys::base::CFTypeID;
-use core_foundation_sys::data::CFDataRef;
-use core_foundation_sys::dictionary::CFDictionaryRef;
-use core_foundation_sys::error::CFErrorRef;
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-use core_foundation_sys::string::CFStringRef;
-
-use crate::base::SecKeyRef;
-
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub type SecKeyAlgorithm = CFStringRef;
-
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub type SecKeyOperationType = u32;
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub const kSecKeyOperationTypeSign: SecKeyOperationType = 0;
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub const kSecKeyOperationTypeVerify: SecKeyOperationType = 1;
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub const kSecKeyOperationTypeEncrypt: SecKeyOperationType = 2;
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub const kSecKeyOperationTypeDecrypt: SecKeyOperationType = 3;
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub const kSecKeyOperationTypeKeyExchange: SecKeyOperationType = 4;
-
-extern "C" {
-    pub fn SecKeyGetTypeID() -> CFTypeID;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCreateRandomKey(parameters: CFDictionaryRef, error: *mut CFErrorRef) -> SecKeyRef;
-
-    #[cfg(any(feature = "OSX_10_13", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCreateWithData(
-        keyData: CFDataRef,
-        attributes: CFDictionaryRef,
-        error: *mut CFErrorRef,
-    ) -> SecKeyRef;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecKeyCreateFromData(
-        parameters: CFDictionaryRef,
-        keyData: CFDataRef,
-        error: *mut CFErrorRef,
-    ) -> SecKeyRef;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCopyExternalRepresentation(key: SecKeyRef, error: *mut CFErrorRef) -> CFDataRef;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCopyAttributes(key: SecKeyRef) -> CFDictionaryRef;
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCopyPublicKey(key: SecKeyRef) -> SecKeyRef;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCreateSignature(
-        key: SecKeyRef,
-        algorithm: SecKeyAlgorithm,
-        dataToSign: CFDataRef,
-        error: *mut CFErrorRef,
-    ) -> CFDataRef;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyVerifySignature(
-        key: SecKeyRef,
-        algorithm: SecKeyAlgorithm,
-        signedData: CFDataRef,
-        signature: CFDataRef,
-        error: *mut CFErrorRef,
-    ) -> core_foundation_sys::base::Boolean;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCreateEncryptedData(
-        key: SecKeyRef,
-        algorithm: SecKeyAlgorithm,
-        plaintext: CFDataRef,
-        error: *mut CFErrorRef,
-    ) -> CFDataRef;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCreateDecryptedData(
-        key: SecKeyRef,
-        algorithm: SecKeyAlgorithm,
-        ciphertext: CFDataRef,
-        error: *mut CFErrorRef,
-    ) -> CFDataRef;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyIsAlgorithmSupported(
-        key: SecKeyRef,
-        operation: SecKeyOperationType,
-        algorithm: SecKeyAlgorithm,
-    ) -> core_foundation_sys::base::Boolean;
-
-    #[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecKeyCopyKeyExchangeResult(
-        privateKey: SecKeyRef,
-        algorithm: SecKeyAlgorithm,
-        publicKey: SecKeyRef,
-        parameters: CFDictionaryRef,
-        error: *mut CFErrorRef,
-    ) -> CFDataRef;
-}
-
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-macro_rules! names {
-    ($( $(# $meta:literal )* $i:ident => $x:ident),*) => {
-        extern "C" {
-            $($(#[cfg(feature = $meta)])* pub static $x: SecKeyAlgorithm;)*
-        }
-
-        #[non_exhaustive]
-        #[derive(Copy, Clone)]
-        pub enum Algorithm {
-            $( $(#[cfg(feature = $meta)])* $i, )*
-        }
-
-        impl From<Algorithm> for SecKeyAlgorithm {
-            fn from(m: Algorithm) -> Self {
-                unsafe { match m {
-                    $( $(#[cfg(feature = $meta)])* Algorithm::$i => $x, )*
-                } }
-            }
-        }
-    }
-}
-
-#[cfg(any(feature = "OSX_10_12", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-names! {
-    ECIESEncryptionStandardX963SHA1AESGCM => kSecKeyAlgorithmECIESEncryptionStandardX963SHA1AESGCM,
-    ECIESEncryptionStandardX963SHA224AESGCM => kSecKeyAlgorithmECIESEncryptionStandardX963SHA224AESGCM,
-    ECIESEncryptionStandardX963SHA256AESGCM => kSecKeyAlgorithmECIESEncryptionStandardX963SHA256AESGCM,
-    ECIESEncryptionStandardX963SHA384AESGCM => kSecKeyAlgorithmECIESEncryptionStandardX963SHA384AESGCM,
-    ECIESEncryptionStandardX963SHA512AESGCM => kSecKeyAlgorithmECIESEncryptionStandardX963SHA512AESGCM,
-
-    ECIESEncryptionStandardVariableIVX963SHA224AESGCM => kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA224AESGCM,
-    ECIESEncryptionStandardVariableIVX963SHA256AESGCM => kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA256AESGCM,
-    ECIESEncryptionStandardVariableIVX963SHA384AESGCM => kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA384AESGCM,
-    ECIESEncryptionStandardVariableIVX963SHA512AESGCM => kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA512AESGCM,
-
-    ECIESEncryptionCofactorVariableIVX963SHA224AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA224AESGCM,
-    ECIESEncryptionCofactorVariableIVX963SHA256AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA256AESGCM,
-    ECIESEncryptionCofactorVariableIVX963SHA384AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA384AESGCM,
-    ECIESEncryptionCofactorVariableIVX963SHA512AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorVariableIVX963SHA512AESGCM,
-
-    #"OSX_10_13" ECIESEncryptionCofactorX963SHA1AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorX963SHA1AESGCM,
-    #"OSX_10_13" ECIESEncryptionCofactorX963SHA224AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorX963SHA224AESGCM,
-    #"OSX_10_13" ECIESEncryptionCofactorX963SHA256AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorX963SHA256AESGCM,
-    #"OSX_10_13" ECIESEncryptionCofactorX963SHA384AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorX963SHA384AESGCM,
-    #"OSX_10_13" ECIESEncryptionCofactorX963SHA512AESGCM => kSecKeyAlgorithmECIESEncryptionCofactorX963SHA512AESGCM,
-
-    ECDSASignatureRFC4754 => kSecKeyAlgorithmECDSASignatureRFC4754,
-
-    ECDSASignatureDigestX962 => kSecKeyAlgorithmECDSASignatureDigestX962,
-    ECDSASignatureDigestX962SHA1 => kSecKeyAlgorithmECDSASignatureDigestX962SHA1,
-    ECDSASignatureDigestX962SHA224 => kSecKeyAlgorithmECDSASignatureDigestX962SHA224,
-    ECDSASignatureDigestX962SHA256 => kSecKeyAlgorithmECDSASignatureDigestX962SHA256,
-    ECDSASignatureDigestX962SHA384 => kSecKeyAlgorithmECDSASignatureDigestX962SHA384,
-    ECDSASignatureDigestX962SHA512 => kSecKeyAlgorithmECDSASignatureDigestX962SHA512,
-
-    ECDSASignatureMessageX962SHA1 => kSecKeyAlgorithmECDSASignatureMessageX962SHA1,
-    ECDSASignatureMessageX962SHA224 => kSecKeyAlgorithmECDSASignatureMessageX962SHA224,
-    ECDSASignatureMessageX962SHA256 => kSecKeyAlgorithmECDSASignatureMessageX962SHA256,
-    ECDSASignatureMessageX962SHA384 => kSecKeyAlgorithmECDSASignatureMessageX962SHA384,
-    ECDSASignatureMessageX962SHA512 => kSecKeyAlgorithmECDSASignatureMessageX962SHA512,
-
-    ECDHKeyExchangeCofactor => kSecKeyAlgorithmECDHKeyExchangeCofactor,
-    ECDHKeyExchangeStandard => kSecKeyAlgorithmECDHKeyExchangeStandard,
-    ECDHKeyExchangeCofactorX963SHA1 => kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA1,
-    ECDHKeyExchangeStandardX963SHA1 => kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA1,
-    ECDHKeyExchangeCofactorX963SHA224 => kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA224,
-    ECDHKeyExchangeCofactorX963SHA256 => kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA256,
-    ECDHKeyExchangeCofactorX963SHA384 => kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA384,
-    ECDHKeyExchangeCofactorX963SHA512 => kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA512,
-    ECDHKeyExchangeStandardX963SHA224 => kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA224,
-    ECDHKeyExchangeStandardX963SHA256 => kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA256,
-    ECDHKeyExchangeStandardX963SHA384 => kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA384,
-    ECDHKeyExchangeStandardX963SHA512 => kSecKeyAlgorithmECDHKeyExchangeStandardX963SHA512,
-
-    RSAEncryptionRaw => kSecKeyAlgorithmRSAEncryptionRaw,
-    RSAEncryptionPKCS1 => kSecKeyAlgorithmRSAEncryptionPKCS1,
-
-    RSAEncryptionOAEPSHA1 => kSecKeyAlgorithmRSAEncryptionOAEPSHA1,
-    RSAEncryptionOAEPSHA224 => kSecKeyAlgorithmRSAEncryptionOAEPSHA224,
-    RSAEncryptionOAEPSHA256 => kSecKeyAlgorithmRSAEncryptionOAEPSHA256,
-    RSAEncryptionOAEPSHA384 => kSecKeyAlgorithmRSAEncryptionOAEPSHA384,
-    RSAEncryptionOAEPSHA512 => kSecKeyAlgorithmRSAEncryptionOAEPSHA512,
-
-    RSAEncryptionOAEPSHA1AESGCM => kSecKeyAlgorithmRSAEncryptionOAEPSHA1AESGCM,
-    RSAEncryptionOAEPSHA224AESGCM => kSecKeyAlgorithmRSAEncryptionOAEPSHA224AESGCM,
-    RSAEncryptionOAEPSHA256AESGCM => kSecKeyAlgorithmRSAEncryptionOAEPSHA256AESGCM,
-    RSAEncryptionOAEPSHA384AESGCM => kSecKeyAlgorithmRSAEncryptionOAEPSHA384AESGCM,
-    RSAEncryptionOAEPSHA512AESGCM => kSecKeyAlgorithmRSAEncryptionOAEPSHA512AESGCM,
-
-    RSASignatureRaw => kSecKeyAlgorithmRSASignatureRaw,
-
-    RSASignatureDigestPKCS1v15Raw => kSecKeyAlgorithmRSASignatureDigestPKCS1v15Raw,
-    RSASignatureDigestPKCS1v15SHA1 => kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA1,
-    RSASignatureDigestPKCS1v15SHA224 => kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA224,
-    RSASignatureDigestPKCS1v15SHA256 => kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA256,
-    RSASignatureDigestPKCS1v15SHA384 => kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA384,
-    RSASignatureDigestPKCS1v15SHA512 => kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA512,
-
-    RSASignatureMessagePKCS1v15SHA1 => kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA1,
-    RSASignatureMessagePKCS1v15SHA224 => kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA224,
-    RSASignatureMessagePKCS1v15SHA256 => kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA256,
-    RSASignatureMessagePKCS1v15SHA384 => kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA384,
-    RSASignatureMessagePKCS1v15SHA512 => kSecKeyAlgorithmRSASignatureMessagePKCS1v15SHA512,
-
-    RSASignatureDigestPSSSHA1 => kSecKeyAlgorithmRSASignatureDigestPSSSHA1,
-    RSASignatureDigestPSSSHA224 => kSecKeyAlgorithmRSASignatureDigestPSSSHA224,
-    RSASignatureDigestPSSSHA256 => kSecKeyAlgorithmRSASignatureDigestPSSSHA256,
-    RSASignatureDigestPSSSHA384 => kSecKeyAlgorithmRSASignatureDigestPSSSHA384,
-    RSASignatureDigestPSSSHA512 => kSecKeyAlgorithmRSASignatureDigestPSSSHA512,
-
-    RSASignatureMessagePSSSHA1 => kSecKeyAlgorithmRSASignatureMessagePSSSHA1,
-    RSASignatureMessagePSSSHA224 => kSecKeyAlgorithmRSASignatureMessagePSSSHA224,
-    RSASignatureMessagePSSSHA256 => kSecKeyAlgorithmRSASignatureMessagePSSSHA256,
-    RSASignatureMessagePSSSHA384 => kSecKeyAlgorithmRSASignatureMessagePSSSHA384,
-    RSASignatureMessagePSSSHA512 => kSecKeyAlgorithmRSASignatureMessagePSSSHA512
-}
diff --git a/vendor/security-framework-sys/src/keychain.rs b/vendor/security-framework-sys/src/keychain.rs
deleted file mode 100644
index 1413e3aa..00000000
--- a/vendor/security-framework-sys/src/keychain.rs
+++ /dev/null
@@ -1,194 +0,0 @@
-#[cfg(target_os = "macos")]
-use core_foundation_sys::base::CFTypeRef;
-use core_foundation_sys::base::{Boolean, CFTypeID, OSStatus};
-use std::os::raw::{c_char, c_uint, c_void};
-
-#[cfg(target_os = "macos")]
-use crate::base::SecKeychainItemRef;
-use crate::base::{SecAccessRef, SecKeychainRef};
-
-pub const SEC_KEYCHAIN_SETTINGS_VERS1: c_uint = 1;
-
-#[repr(C)]
-pub struct SecKeychainSettings {
-    pub version: c_uint,
-    pub lockOnSleep: Boolean,
-    pub useLockInterval: Boolean,
-    pub lockInterval: c_uint,
-}
-
-/// Like Apple's headers, it assumes Little Endian,
-/// as there are no supported Big Endian machines any more :(
-macro_rules! char_lit {
-    ($e:expr) => {
-        ($e[3] as u32) + (($e[2] as u32) << 8) + (($e[1] as u32) << 16) + (($e[0] as u32) << 24)
-    };
-}
-
-macro_rules! char_lit_swapped {
-    ($e:expr) => {
-        ($e[0] as u32) + (($e[1] as u32) << 8) + (($e[2] as u32) << 16) + (($e[3] as u32) << 24)
-    };
-}
-
-#[repr(u32)]
-#[derive(Copy, Clone, Eq, PartialEq, Debug)]
-#[allow(clippy::upper_case_acronyms)]
-pub enum SecProtocolType {
-    FTP = char_lit!(b"ftp "),
-    FTPAccount = char_lit!(b"ftpa"),
-    HTTP = char_lit!(b"http"),
-    IRC = char_lit!(b"irc "),
-    NNTP = char_lit!(b"nntp"),
-    POP3 = char_lit!(b"pop3"),
-    SMTP = char_lit!(b"smtp"),
-    SOCKS = char_lit!(b"sox "),
-    IMAP = char_lit!(b"imap"),
-    LDAP = char_lit!(b"ldap"),
-    AppleTalk = char_lit!(b"atlk"),
-    AFP = char_lit!(b"afp "),
-    Telnet = char_lit!(b"teln"),
-    SSH = char_lit!(b"ssh "),
-    FTPS = char_lit!(b"ftps"),
-    HTTPS = char_lit!(b"htps"),
-    HTTPProxy = char_lit!(b"htpx"),
-    HTTPSProxy = char_lit!(b"htsx"),
-    FTPProxy = char_lit!(b"ftpx"),
-    CIFS = char_lit!(b"cifs"),
-    SMB = char_lit!(b"smb "),
-    RTSP = char_lit!(b"rtsp"),
-    RTSPProxy = char_lit!(b"rtsx"),
-    DAAP = char_lit!(b"daap"),
-    EPPC = char_lit!(b"eppc"),
-    IPP = char_lit!(b"ipp "),
-    NNTPS = char_lit!(b"ntps"),
-    LDAPS = char_lit!(b"ldps"),
-    TelnetS = char_lit!(b"tels"),
-    IMAPS = char_lit!(b"imps"),
-    IRCS = char_lit!(b"ircs"),
-    POP3S = char_lit!(b"pops"),
-    CVSpserver = char_lit!(b"cvsp"),
-    SVN = char_lit!(b"svn "),
-    Any = 0,
-}
-
-#[repr(u32)]
-#[derive(Copy, Clone, Eq, PartialEq, Debug)]
-#[allow(clippy::upper_case_acronyms)]
-pub enum SecAuthenticationType {
-    // [sic] Apple has got two related enums each with a different endianness!
-    NTLM = char_lit_swapped!(b"ntlm"),
-    MSN = char_lit_swapped!(b"msna"),
-    DPA = char_lit_swapped!(b"dpaa"),
-    RPA = char_lit_swapped!(b"rpaa"),
-    HTTPBasic = char_lit_swapped!(b"http"),
-    HTTPDigest = char_lit_swapped!(b"httd"),
-    HTMLForm = char_lit_swapped!(b"form"),
-    Default = char_lit_swapped!(b"dflt"),
-    Any = 0,
-}
-
-#[repr(i32)]
-#[derive(Copy, Clone, Eq, PartialEq, Debug)]
-pub enum SecPreferencesDomain {
-    User = 0,
-    System = 1,
-    Common = 2,
-    Dynamic = 3,
-}
-
-extern "C" {
-    pub fn SecKeychainGetTypeID() -> CFTypeID;
-    pub fn SecKeychainCopyDefault(keychain: *mut SecKeychainRef) -> OSStatus;
-    pub fn SecKeychainCopyDomainDefault(
-        domain: SecPreferencesDomain,
-        keychain: *mut SecKeychainRef,
-    ) -> OSStatus;
-    pub fn SecKeychainCreate(
-        pathName: *const c_char,
-        passwordLength: c_uint,
-        password: *const c_void,
-        promptUser: Boolean,
-        initialAccess: SecAccessRef,
-        keychain: *mut SecKeychainRef,
-    ) -> OSStatus;
-    pub fn SecKeychainOpen(pathName: *const c_char, keychain: *mut SecKeychainRef) -> OSStatus;
-    pub fn SecKeychainUnlock(
-        keychain: SecKeychainRef,
-        passwordLength: c_uint,
-        password: *const c_void,
-        usePassword: Boolean,
-    ) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SecKeychainFindGenericPassword(
-        keychainOrArray: CFTypeRef,
-        serviceNameLength: u32,
-        serviceName: *const c_char,
-        accountNameLength: u32,
-        accountName: *const c_char,
-        passwordLength: *mut u32,
-        passwordData: *mut *mut c_void,
-        itemRef: *mut SecKeychainItemRef,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecKeychainFindInternetPassword(
-        keychainOrArray: CFTypeRef,
-        serverNameLength: u32,
-        serverName: *const c_char,
-        securityDomainLength: u32,
-        securityDomain: *const c_char,
-        accountNameLength: u32,
-        accountName: *const c_char,
-        pathLength: u32,
-        path: *const c_char,
-        port: u16,
-        protocol: SecProtocolType,
-        authenticationType: SecAuthenticationType,
-        passwordLength: *mut u32,
-        passwordData: *mut *mut c_void,
-        itemRef: *mut SecKeychainItemRef,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecKeychainAddGenericPassword(
-        keychain: SecKeychainRef,
-        serviceNameLength: u32,
-        serviceName: *const c_char,
-        accountNameLength: u32,
-        accountName: *const c_char,
-        passwordLength: u32,
-        passwordData: *const c_void,
-        itemRef: *mut SecKeychainItemRef,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecKeychainAddInternetPassword(
-        keychain: SecKeychainRef,
-        serverNameLength: u32,
-        serverName: *const c_char,
-        securityDomainLength: u32,
-        securityDomain: *const c_char,
-        accountNameLength: u32,
-        accountName: *const c_char,
-        pathLength: u32,
-        path: *const c_char,
-        port: u16,
-        protocol: SecProtocolType,
-        authenticationType: SecAuthenticationType,
-        passwordLength: u32,
-        passwordData: *const c_void,
-        itemRef: *mut SecKeychainItemRef,
-    ) -> OSStatus;
-
-    pub fn SecKeychainSetSettings(
-        keychain: SecKeychainRef,
-        newSettings: *const SecKeychainSettings,
-    ) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecKeychainGetUserInteractionAllowed(state: *mut Boolean) -> OSStatus;
-
-    #[cfg(target_os = "macos")]
-    pub fn SecKeychainSetUserInteractionAllowed(state: Boolean) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/keychain_item.rs b/vendor/security-framework-sys/src/keychain_item.rs
deleted file mode 100644
index 9b41f100..00000000
--- a/vendor/security-framework-sys/src/keychain_item.rs
+++ /dev/null
@@ -1,37 +0,0 @@
-use crate::base::{SecKeychainAttributeList, SecKeychainItemRef};
-use core_foundation_sys::base::{CFTypeID, CFTypeRef, OSStatus};
-use core_foundation_sys::dictionary::CFDictionaryRef;
-use std::os::raw::c_void;
-
-extern "C" {
-
-    /// Returns the unique identifier of the opaque type to which a keychain item object belongs.
-    pub fn SecKeychainItemGetTypeID() -> CFTypeID;
-
-    /// Adds one or more items to a keychain.
-    pub fn SecItemAdd(attributes: CFDictionaryRef, result: *mut CFTypeRef) -> OSStatus;
-
-    /// Returns one or more keychain items that match a search query, or copies attributes of specific keychain items.
-    pub fn SecItemCopyMatching(query: CFDictionaryRef, result: *mut CFTypeRef) -> OSStatus;
-
-    /// Modifies items that match a search query.
-    pub fn SecItemUpdate(query: CFDictionaryRef, attributesToUpdate: CFDictionaryRef) -> OSStatus;
-
-    /// Deletes items that match a search query.
-    pub fn SecItemDelete(query: CFDictionaryRef) -> OSStatus;
-
-    /// # Legacy API
-    pub fn SecKeychainItemModifyAttributesAndData(
-        itemRef: SecKeychainItemRef,
-        attrList: *const SecKeychainAttributeList,
-        length: u32,
-        data: *const c_void,
-    ) -> OSStatus;
-
-    pub fn SecKeychainItemFreeContent(
-        attrList: *mut SecKeychainAttributeList,
-        data: *mut c_void,
-    ) -> OSStatus;
-
-    pub fn SecKeychainItemDelete(itemRef: SecKeychainItemRef) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/lib.rs b/vendor/security-framework-sys/src/lib.rs
deleted file mode 100644
index f4be4d75..00000000
--- a/vendor/security-framework-sys/src/lib.rs
+++ /dev/null
@@ -1,41 +0,0 @@
-#![allow(bad_style)]
-
-#[cfg_attr(
-    any(target_os = "macos", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"),
-    link(name = "Security", kind = "framework")
-)]
-extern "C" {}
-
-#[cfg(target_os = "macos")]
-pub mod access;
-pub mod access_control;
-#[cfg(target_os = "macos")]
-pub mod authorization;
-pub mod base;
-#[cfg(any(target_os = "macos", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-pub mod certificate;
-#[cfg(target_os = "macos")]
-pub mod certificate_oids;
-pub mod cipher_suite;
-#[cfg(target_os = "macos")]
-pub mod cms;
-#[cfg(target_os = "macos")]
-pub mod code_signing;
-#[cfg(target_os = "macos")]
-pub mod digest_transform;
-#[cfg(target_os = "macos")]
-pub mod encrypt_transform;
-pub mod identity;
-pub mod import_export;
-pub mod item;
-pub mod key;
-pub mod keychain;
-pub mod keychain_item;
-pub mod policy;
-pub mod random;
-pub mod secure_transport;
-#[cfg(target_os = "macos")]
-pub mod transform;
-pub mod trust;
-#[cfg(target_os = "macos")]
-pub mod trust_settings;
diff --git a/vendor/security-framework-sys/src/policy.rs b/vendor/security-framework-sys/src/policy.rs
deleted file mode 100644
index b30fa72f..00000000
--- a/vendor/security-framework-sys/src/policy.rs
+++ /dev/null
@@ -1,25 +0,0 @@
-use core_foundation_sys::base::CFOptionFlags;
-use core_foundation_sys::base::{Boolean, CFTypeID};
-use core_foundation_sys::string::CFStringRef;
-
-use crate::base::SecPolicyRef;
-
-mod revocation_flags {
-    use super::CFOptionFlags;
-
-    pub const kSecRevocationOCSPMethod: CFOptionFlags = 1 << 0;
-    pub const kSecRevocationCRLMethod: CFOptionFlags = 1 << 1;
-    pub const kSecRevocationPreferCRL: CFOptionFlags = 1 << 2;
-    pub const kSecRevocationRequirePositiveResponse: CFOptionFlags = 1 << 3;
-    pub const kSecRevocationNetworkAccessDisabled: CFOptionFlags = 1 << 4;
-    pub const kSecRevocationUseAnyAvailableMethod: CFOptionFlags = kSecRevocationOCSPMethod | kSecRevocationCRLMethod;
-}
-
-pub use revocation_flags::*;
-
-extern "C" {
-    pub fn SecPolicyCreateSSL(server: Boolean, hostname: CFStringRef) -> SecPolicyRef;
-    pub fn SecPolicyCreateRevocation(revocationFlags: CFOptionFlags) -> SecPolicyRef;
-    pub fn SecPolicyGetTypeID() -> CFTypeID;
-    pub fn SecPolicyCreateBasicX509() -> SecPolicyRef;
-}
diff --git a/vendor/security-framework-sys/src/random.rs b/vendor/security-framework-sys/src/random.rs
deleted file mode 100644
index 6ec9c985..00000000
--- a/vendor/security-framework-sys/src/random.rs
+++ /dev/null
@@ -1,10 +0,0 @@
-use std::os::raw::{c_int, c_void};
-
-pub enum __SecRandom {}
-pub type SecRandomRef = *const __SecRandom;
-
-extern "C" {
-    pub static kSecRandomDefault: SecRandomRef;
-
-    pub fn SecRandomCopyBytes(rnd: SecRandomRef, count: usize, bytes: *mut c_void) -> c_int;
-}
diff --git a/vendor/security-framework-sys/src/secure_transport.rs b/vendor/security-framework-sys/src/secure_transport.rs
deleted file mode 100644
index 19f3300b..00000000
--- a/vendor/security-framework-sys/src/secure_transport.rs
+++ /dev/null
@@ -1,278 +0,0 @@
-use core_foundation_sys::array::CFArrayRef;
-use core_foundation_sys::base::CFAllocatorRef;
-#[cfg(target_os = "macos")]
-use core_foundation_sys::base::CFTypeRef;
-use core_foundation_sys::base::{Boolean, OSStatus};
-use std::os::raw::{c_char, c_int, c_void};
-
-use crate::cipher_suite::SSLCipherSuite;
-use crate::trust::SecTrustRef;
-
-pub enum SSLContext {}
-pub type SSLContextRef = *mut SSLContext;
-
-pub type SSLConnectionRef = *const c_void;
-
-pub type SSLProtocol = c_int;
-pub const kSSLProtocolUnknown: SSLProtocol = 0;
-pub const kSSLProtocol3: SSLProtocol = 2;
-pub const kTLSProtocol1: SSLProtocol = 4;
-pub const kTLSProtocol11: SSLProtocol = 7;
-pub const kTLSProtocol12: SSLProtocol = 8;
-pub const kDTLSProtocol1: SSLProtocol = 9;
-pub const kTLSProtocol13: SSLProtocol = 10;
-pub const kSSLProtocol2: SSLProtocol = 1;
-pub const kSSLProtocol3Only: SSLProtocol = 3;
-pub const kTLSProtocol1Only: SSLProtocol = 5;
-pub const kSSLProtocolAll: SSLProtocol = 6;
-
-pub type SSLSessionOption = c_int;
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionBreakOnServerAuth: SSLSessionOption = 0;
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionBreakOnCertRequested: SSLSessionOption = 1;
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionBreakOnClientAuth: SSLSessionOption = 2;
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionFalseStart: SSLSessionOption = 3;
-pub const kSSLSessionOptionSendOneByteRecord: SSLSessionOption = 4;
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionAllowServerIdentityChange: SSLSessionOption = 5;
-#[cfg(target_os = "macos")]
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionFallback: SSLSessionOption = 6;
-#[deprecated(note = "deprecated by Apple")]
-pub const kSSLSessionOptionBreakOnClientHello: SSLSessionOption = 7;
-
-pub type SSLSessionState = c_int;
-pub const kSSLIdle: SSLSessionState = 0;
-pub const kSSLHandshake: SSLSessionState = 1;
-pub const kSSLConnected: SSLSessionState = 2;
-pub const kSSLClosed: SSLSessionState = 3;
-pub const kSSLAborted: SSLSessionState = 4;
-
-pub type SSLReadFunc = unsafe extern "C" fn(
-    connection: SSLConnectionRef,
-    data: *mut c_void,
-    dataLength: *mut usize,
-) -> OSStatus;
-
-pub type SSLWriteFunc = unsafe extern "C" fn(
-    connection: SSLConnectionRef,
-    data: *const c_void,
-    dataLength: *mut usize,
-) -> OSStatus;
-
-pub type SSLProtocolSide = c_int;
-pub const kSSLServerSide: SSLProtocolSide = 0;
-pub const kSSLClientSide: SSLProtocolSide = 1;
-
-pub type SSLConnectionType = c_int;
-pub const kSSLStreamType: SSLConnectionType = 0;
-pub const kSSLDatagramType: SSLConnectionType = 1;
-
-pub const errSSLProtocol: OSStatus = -9800;
-pub const errSSLNegotiation: OSStatus = -9801;
-pub const errSSLFatalAlert: OSStatus = -9802;
-pub const errSSLWouldBlock: OSStatus = -9803;
-pub const errSSLSessionNotFound: OSStatus = -9804;
-pub const errSSLClosedGraceful: OSStatus = -9805;
-pub const errSSLClosedAbort: OSStatus = -9806;
-pub const errSSLXCertChainInvalid: OSStatus = -9807;
-pub const errSSLBadCert: OSStatus = -9808;
-pub const errSSLCrypto: OSStatus = -9809;
-pub const errSSLInternal: OSStatus = -9810;
-pub const errSSLModuleAttach: OSStatus = -9811;
-pub const errSSLUnknownRootCert: OSStatus = -9812;
-pub const errSSLNoRootCert: OSStatus = -9813;
-pub const errSSLCertExpired: OSStatus = -9814;
-pub const errSSLCertNotYetValid: OSStatus = -9815;
-pub const errSSLClosedNoNotify: OSStatus = -9816;
-pub const errSSLBufferOverflow: OSStatus = -9817;
-pub const errSSLBadCipherSuite: OSStatus = -9818;
-pub const errSSLPeerUnexpectedMsg: OSStatus = -9819;
-pub const errSSLPeerBadRecordMac: OSStatus = -9820;
-pub const errSSLPeerDecryptionFail: OSStatus = -9821;
-pub const errSSLPeerRecordOverflow: OSStatus = -9822;
-pub const errSSLPeerDecompressFail: OSStatus = -9823;
-pub const errSSLPeerHandshakeFail: OSStatus = -9824;
-pub const errSSLPeerBadCert: OSStatus = -9825;
-pub const errSSLPeerUnsupportedCert: OSStatus = -9826;
-pub const errSSLPeerCertRevoked: OSStatus = -9827;
-pub const errSSLPeerCertExpired: OSStatus = -9828;
-pub const errSSLPeerCertUnknown: OSStatus = -9829;
-pub const errSSLIllegalParam: OSStatus = -9830;
-pub const errSSLPeerUnknownCA: OSStatus = -9831;
-pub const errSSLPeerAccessDenied: OSStatus = -9832;
-pub const errSSLPeerDecodeError: OSStatus = -9833;
-pub const errSSLPeerDecryptError: OSStatus = -9834;
-pub const errSSLPeerExportRestriction: OSStatus = -9835;
-pub const errSSLPeerProtocolVersion: OSStatus = -9836;
-pub const errSSLPeerInsufficientSecurity: OSStatus = -9837;
-pub const errSSLPeerInternalError: OSStatus = -9838;
-pub const errSSLPeerUserCancelled: OSStatus = -9839;
-pub const errSSLPeerNoRenegotiation: OSStatus = -9840;
-pub const errSSLPeerAuthCompleted: OSStatus = -9841;
-pub const errSSLClientCertRequested: OSStatus = -9842;
-pub const errSSLHostNameMismatch: OSStatus = -9843;
-pub const errSSLConnectionRefused: OSStatus = -9844;
-pub const errSSLDecryptionFail: OSStatus = -9845;
-pub const errSSLBadRecordMac: OSStatus = -9846;
-pub const errSSLRecordOverflow: OSStatus = -9847;
-pub const errSSLBadConfiguration: OSStatus = -9848;
-pub const errSSLClientHelloReceived: OSStatus = -9851;
-
-pub type SSLAuthenticate = c_int;
-pub const kNeverAuthenticate: SSLAuthenticate = 0;
-pub const kAlwaysAuthenticate: SSLAuthenticate = 1;
-pub const kTryAuthenticate: SSLAuthenticate = 2;
-
-pub type SSLClientCertificateState = c_int;
-pub const kSSLClientCertNone: SSLClientCertificateState = 0;
-pub const kSSLClientCertRequested: SSLClientCertificateState = 1;
-pub const kSSLClientCertSent: SSLClientCertificateState = 2;
-pub const kSSLClientCertRejected: SSLClientCertificateState = 3;
-
-extern "C" {
-    pub fn SSLContextGetTypeID() -> ::core_foundation_sys::base::CFTypeID;
-    pub fn SSLCreateContext(
-        alloc: CFAllocatorRef,
-        protocolSide: SSLProtocolSide,
-        connectionType: SSLConnectionType,
-    ) -> SSLContextRef;
-    #[cfg(target_os = "macos")]
-    pub fn SSLNewContext(isServer: Boolean, contextPtr: *mut SSLContextRef) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SSLDisposeContext(context: SSLContextRef) -> OSStatus;
-    pub fn SSLSetConnection(context: SSLContextRef, connection: SSLConnectionRef) -> OSStatus;
-    pub fn SSLGetConnection(context: SSLContextRef, connection: *mut SSLConnectionRef) -> OSStatus;
-    pub fn SSLSetIOFuncs(
-        context: SSLContextRef,
-        read: SSLReadFunc,
-        write: SSLWriteFunc,
-    ) -> OSStatus;
-    pub fn SSLHandshake(context: SSLContextRef) -> OSStatus;
-    pub fn SSLClose(context: SSLContextRef) -> OSStatus;
-    pub fn SSLRead(
-        context: SSLContextRef,
-        data: *mut c_void,
-        dataLen: usize,
-        processed: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLWrite(
-        context: SSLContextRef,
-        data: *const c_void,
-        dataLen: usize,
-        processed: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLSetPeerDomainName(
-        context: SSLContextRef,
-        peerName: *const c_char,
-        peerNameLen: usize,
-    ) -> OSStatus;
-    pub fn SSLGetPeerDomainNameLength(context: SSLContextRef, peerNameLen: *mut usize) -> OSStatus;
-    pub fn SSLGetPeerDomainName(
-        context: SSLContextRef,
-        peerName: *mut c_char,
-        peerNameLen: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLSetCertificate(context: SSLContextRef, certRefs: CFArrayRef) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SSLSetCertificateAuthorities(
-        context: SSLContextRef,
-        certificateOrArray: CFTypeRef,
-        replaceExisting: Boolean,
-    ) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SSLCopyCertificateAuthorities(
-        context: SSLContextRef,
-        certificates: *mut CFArrayRef,
-    ) -> OSStatus;
-    pub fn SSLSetSessionOption(
-        context: SSLContextRef,
-        option: SSLSessionOption,
-        value: Boolean,
-    ) -> OSStatus;
-    pub fn SSLGetSessionOption(
-        context: SSLContextRef,
-        option: SSLSessionOption,
-        value: *mut Boolean,
-    ) -> OSStatus;
-    pub fn SSLCopyPeerTrust(context: SSLContextRef, trust: *mut SecTrustRef) -> OSStatus;
-    pub fn SSLGetSessionState(context: SSLContextRef, state: *mut SSLSessionState) -> OSStatus;
-    pub fn SSLGetSupportedCiphers(
-        context: SSLContextRef,
-        ciphers: *mut SSLCipherSuite,
-        numCiphers: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLGetNumberSupportedCiphers(
-        context: SSLContextRef,
-        numCiphers: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLGetEnabledCiphers(
-        context: SSLContextRef,
-        ciphers: *mut SSLCipherSuite,
-        numCiphers: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLGetNumberEnabledCiphers(context: SSLContextRef, numCiphers: *mut usize) -> OSStatus;
-    pub fn SSLSetEnabledCiphers(
-        context: SSLContextRef,
-        ciphers: *const SSLCipherSuite,
-        numCiphers: usize,
-    ) -> OSStatus;
-    pub fn SSLGetNegotiatedCipher(context: SSLContextRef, cipher: *mut SSLCipherSuite) -> OSStatus;
-    pub fn SSLSetClientSideAuthenticate(context: SSLContextRef, auth: SSLAuthenticate) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SSLSetDiffieHellmanParams(
-        context: SSLContextRef,
-        dhParams: *const c_void,
-        dhParamsLen: usize,
-    ) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SSLGetDiffieHellmanParams(
-        context: SSLContextRef,
-        dhParams: *mut *const c_void,
-        dhParamsLen: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLSetPeerID(
-        context: SSLContextRef,
-        peerID: *const c_void,
-        peerIDLen: usize,
-    ) -> OSStatus;
-    pub fn SSLGetPeerID(
-        context: SSLContextRef,
-        peerID: *mut *const c_void,
-        peerIDLen: *mut usize,
-    ) -> OSStatus;
-    pub fn SSLGetBufferedReadSize(context: SSLContextRef, bufSize: *mut usize) -> OSStatus;
-    pub fn SSLGetClientCertificateState(
-        context: SSLContextRef,
-        clientState: *mut SSLClientCertificateState,
-    ) -> OSStatus;
-    pub fn SSLGetNegotiatedProtocolVersion(
-        context: SSLContextRef,
-        protocol: *mut SSLProtocol,
-    ) -> OSStatus;
-    pub fn SSLGetProtocolVersionMax(
-        context: SSLContextRef,
-        maxVersion: *mut SSLProtocol,
-    ) -> OSStatus;
-    pub fn SSLGetProtocolVersionMin(
-        context: SSLContextRef,
-        minVersion: *mut SSLProtocol,
-    ) -> OSStatus;
-    pub fn SSLSetProtocolVersionMax(context: SSLContextRef, maxVersion: SSLProtocol) -> OSStatus;
-    pub fn SSLSetProtocolVersionMin(context: SSLContextRef, minVersion: SSLProtocol) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SSLSetProtocolVersionEnabled(
-        context: SSLContextRef,
-        protocol: SSLProtocol,
-        enable: Boolean,
-    ) -> OSStatus;
-    #[cfg(feature = "OSX_10_13")]
-    pub fn SSLSetALPNProtocols(context: SSLContextRef, protocols: CFArrayRef) -> OSStatus;
-    #[cfg(feature = "OSX_10_13")]
-    pub fn SSLCopyALPNProtocols(context: SSLContextRef, protocols: *mut CFArrayRef) -> OSStatus;
-    #[cfg(feature = "OSX_10_13")]
-    pub fn SSLSetSessionTicketsEnabled(context: SSLContextRef, enabled: Boolean) -> OSStatus;
-}
diff --git a/vendor/security-framework-sys/src/transform.rs b/vendor/security-framework-sys/src/transform.rs
deleted file mode 100644
index a4a14f84..00000000
--- a/vendor/security-framework-sys/src/transform.rs
+++ /dev/null
@@ -1,23 +0,0 @@
-use core_foundation_sys::base::{Boolean, CFTypeID, CFTypeRef};
-use core_foundation_sys::error::CFErrorRef;
-use core_foundation_sys::string::CFStringRef;
-
-pub type SecTransformRef = CFTypeRef;
-
-extern "C" {
-    pub static kSecTransformInputAttributeName: CFStringRef;
-
-    pub fn SecTransformGetTypeID() -> CFTypeID;
-
-    pub fn SecTransformSetAttribute(
-        transformRef: SecTransformRef,
-        key: CFStringRef,
-        value: CFTypeRef,
-        error: *mut CFErrorRef,
-    ) -> Boolean;
-
-    pub fn SecTransformExecute(
-        transformRef: SecTransformRef,
-        errorRef: *mut CFErrorRef,
-    ) -> CFTypeRef;
-}
diff --git a/vendor/security-framework-sys/src/trust.rs b/vendor/security-framework-sys/src/trust.rs
deleted file mode 100644
index 363e1eec..00000000
--- a/vendor/security-framework-sys/src/trust.rs
+++ /dev/null
@@ -1,77 +0,0 @@
-use crate::base::SecCertificateRef;
-use crate::base::SecKeyRef;
-use core_foundation_sys::array::CFArrayRef;
-use core_foundation_sys::base::{Boolean, CFIndex, CFTypeID, CFTypeRef, OSStatus};
-use core_foundation_sys::date::CFDateRef;
-#[cfg(any(feature = "OSX_10_13", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-use core_foundation_sys::error::CFErrorRef;
-
-pub type SecTrustResultType = u32;
-
-pub const kSecTrustResultInvalid: SecTrustResultType = 0;
-pub const kSecTrustResultProceed: SecTrustResultType = 1;
-pub const kSecTrustResultDeny: SecTrustResultType = 3;
-pub const kSecTrustResultUnspecified: SecTrustResultType = 4;
-pub const kSecTrustResultRecoverableTrustFailure: SecTrustResultType = 5;
-pub const kSecTrustResultFatalTrustFailure: SecTrustResultType = 6;
-pub const kSecTrustResultOtherError: SecTrustResultType = 7;
-
-#[cfg(target_os = "macos")]
-mod flags {
-    pub type SecTrustOptionFlags = u32;
-
-    pub const kSecTrustOptionAllowExpired: SecTrustOptionFlags = 0x0000_0001;
-    pub const kSecTrustOptionLeafIsCA: SecTrustOptionFlags = 0x0000_0002;
-    pub const kSecTrustOptionFetchIssuerFromNet: SecTrustOptionFlags = 0x0000_0004;
-    pub const kSecTrustOptionAllowExpiredRoot: SecTrustOptionFlags = 0x0000_0008;
-    pub const kSecTrustOptionRequireRevPerCert: SecTrustOptionFlags = 0x0000_0010;
-    pub const kSecTrustOptionUseTrustSettings: SecTrustOptionFlags = 0x0000_0020;
-    pub const kSecTrustOptionImplicitAnchors: SecTrustOptionFlags = 0x0000_0040;
-}
-
-#[cfg(target_os = "macos")]
-pub use flags::*;
-
-pub enum __SecTrust {}
-
-pub type SecTrustRef = *mut __SecTrust;
-
-extern "C" {
-    pub fn SecTrustGetTypeID() -> CFTypeID;
-    pub fn SecTrustGetCertificateCount(trust: SecTrustRef) -> CFIndex;
-    #[deprecated(note = "deprecated by Apple")]
-    pub fn SecTrustGetCertificateAtIndex(trust: SecTrustRef, ix: CFIndex) -> SecCertificateRef;
-    pub fn SecTrustSetVerifyDate(trust: SecTrustRef, verifyDate: CFDateRef) -> OSStatus;
-    pub fn SecTrustSetAnchorCertificates(
-        trust: SecTrustRef,
-        anchorCertificates: CFArrayRef,
-    ) -> OSStatus;
-    pub fn SecTrustSetAnchorCertificatesOnly(
-        trust: SecTrustRef,
-        anchorCertificatesOnly: Boolean,
-    ) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SecTrustCopyAnchorCertificates(anchors: *mut CFArrayRef) -> OSStatus;
-    #[deprecated(note = "deprecated by Apple")]
-    pub fn SecTrustEvaluate(trust: SecTrustRef, result: *mut SecTrustResultType) -> OSStatus;
-    // it should have been OSX_10_14, but due to back-compat it can't rely on the newer feature flag
-    #[cfg(any(feature = "OSX_10_13", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecTrustEvaluateWithError(trust: SecTrustRef, error: *mut CFErrorRef) -> bool;
-    pub fn SecTrustCreateWithCertificates(
-        certificates: CFTypeRef,
-        policies: CFTypeRef,
-        trust: *mut SecTrustRef,
-    ) -> OSStatus;
-    pub fn SecTrustSetPolicies(trust: SecTrustRef, policies: CFTypeRef) -> OSStatus;
-    #[cfg(target_os = "macos")]
-    pub fn SecTrustSetOptions(trust: SecTrustRef, options: SecTrustOptionFlags) -> OSStatus;
-    pub fn SecTrustGetNetworkFetchAllowed(trust: SecTrustRef, allowFetch: *mut Boolean) -> OSStatus;
-    pub fn SecTrustSetNetworkFetchAllowed(trust: SecTrustRef, allowFetch: Boolean) -> OSStatus;
-    pub fn SecTrustSetOCSPResponse(trust: SecTrustRef, responseData: CFTypeRef) -> OSStatus;
-    #[cfg(any(feature = "OSX_10_14", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
-    pub fn SecTrustSetSignedCertificateTimestamps(
-        trust: SecTrustRef,
-        sctArray: CFArrayRef,
-    ) -> OSStatus;
-    pub fn SecTrustCopyPublicKey(trust: SecTrustRef) -> SecKeyRef;
-}
diff --git a/vendor/security-framework-sys/src/trust_settings.rs b/vendor/security-framework-sys/src/trust_settings.rs
deleted file mode 100644
index fad20a18..00000000
--- a/vendor/security-framework-sys/src/trust_settings.rs
+++ /dev/null
@@ -1,35 +0,0 @@
-use crate::base::SecCertificateRef;
-use core_foundation_sys::array::CFArrayRef;
-use core_foundation_sys::base::CFTypeRef;
-use core_foundation_sys::base::OSStatus;
-
-pub type SecTrustSettingsDomain = u32;
-
-pub const kSecTrustSettingsDomainUser: SecTrustSettingsDomain = 0;
-pub const kSecTrustSettingsDomainAdmin: SecTrustSettingsDomain = 1;
-pub const kSecTrustSettingsDomainSystem: SecTrustSettingsDomain = 2;
-
-pub type SecTrustSettingsResult = u32;
-
-pub const kSecTrustSettingsResultInvalid: SecTrustSettingsResult = 0;
-pub const kSecTrustSettingsResultTrustRoot: SecTrustSettingsResult = 1;
-pub const kSecTrustSettingsResultTrustAsRoot: SecTrustSettingsResult = 2;
-pub const kSecTrustSettingsResultDeny: SecTrustSettingsResult = 3;
-pub const kSecTrustSettingsResultUnspecified: SecTrustSettingsResult = 4;
-
-extern "C" {
-    pub fn SecTrustSettingsCopyCertificates(
-        domain: SecTrustSettingsDomain,
-        certsOut: *mut CFArrayRef,
-    ) -> OSStatus;
-    pub fn SecTrustSettingsCopyTrustSettings(
-        certificateRef: SecCertificateRef,
-        domain: SecTrustSettingsDomain,
-        trustSettings: *mut CFArrayRef,
-    ) -> OSStatus;
-    pub fn SecTrustSettingsSetTrustSettings(
-        certificateRef: SecCertificateRef,
-        domain: SecTrustSettingsDomain,
-        trustSettingsDictOrArray: CFTypeRef,
-    ) -> OSStatus;
-}