MYKeyPair-iPhone.m
author Jens Alfke <jens@mooseyard.com>
Tue Jun 09 23:58:03 2009 -0700 (2009-06-09)
changeset 24 6856e071d25a
parent 1 60e4cbbb5128
permissions -rw-r--r--
* More work on iPhone compatibility.
* Restored the signature-verification code to MYCertInfo, which I'd removed earlier. I now need it to verify self-signed certs, since the Security framework won't do it for me.
* Merged MYCertificate-iPhone.m into MYCertificate.m since there's more shared code now.
snej@0
     1
//
snej@0
     2
//  MYKeyPair-iPhone.m
snej@0
     3
//  MYNetwork-iPhone
snej@0
     4
//
snej@0
     5
//  Created by Jens Alfke on 3/22/09.
snej@0
     6
//  Copyright 2009 Jens Alfke. All rights reserved.
snej@0
     7
//
snej@0
     8
snej@0
     9
snej@0
    10
#import "MYKeyPair.h"
snej@0
    11
#import "MYCrypto_Private.h"
snej@1
    12
#import <CommonCrypto/CommonDigest.h>
snej@1
    13
snej@0
    14
snej@2
    15
#if MYCRYPTO_USE_IPHONE_API
snej@0
    16
snej@0
    17
snej@0
    18
@implementation MYKeyPair
snej@0
    19
snej@0
    20
snej@2
    21
+ (MYKeyPair*) _generateRSAKeyPairOfSize: (unsigned)keySize inKeychain: (MYKeychain*)keychain {
snej@0
    22
    Assert( keySize == 512 || keySize == 1024 || keySize == 2048, @"Unsupported key size %u", keySize );
snej@0
    23
    SecKeyRef pubKey=NULL, privKey=NULL;
snej@0
    24
    OSStatus err;
snej@0
    25
    NSDictionary *pubKeyAttrs = $dict({(id)kSecAttrIsPermanent, $true});
snej@0
    26
    NSDictionary *privKeyAttrs = $dict({(id)kSecAttrIsPermanent, $true});
snej@0
    27
    NSDictionary *keyAttrs = $dict( {(id)kSecAttrKeyType, (id)kSecAttrKeyTypeRSA},
snej@0
    28
                                    {(id)kSecAttrKeySizeInBits, $object(keySize)},
snej@0
    29
                                    {(id)kSecPublicKeyAttrs, pubKeyAttrs},
snej@0
    30
                                    {(id)kSecPrivateKeyAttrs, privKeyAttrs} );
snej@0
    31
    err = SecKeyGeneratePair((CFDictionaryRef)keyAttrs,&pubKey,&privKey);
snej@0
    32
    if (err) {
snej@0
    33
        Warn(@"Failed to create key-pair: %i", err);
snej@0
    34
        return nil;
snej@0
    35
    } else
snej@0
    36
        return [[[self alloc] initWithPublicKeyRef: pubKey privateKeyRef: privKey] autorelease];
snej@0
    37
}
snej@0
    38
snej@0
    39
- (id) initWithPublicKeyRef: (SecKeyRef)publicKey privateKeyRef: (SecKeyRef)privateKey {
snej@0
    40
    self = [super initWithKeyRef: publicKey];
snej@0
    41
    if (self) {
snej@0
    42
        NSParameterAssert(privateKey);
snej@0
    43
        _privateKey = (SecKeyRef) CFRetain(privateKey);
snej@0
    44
    }
snej@0
    45
    return self;
snej@0
    46
}
snej@0
    47
snej@0
    48
snej@0
    49
- (NSArray*) _itemList {
snej@0
    50
    return $array((id)_privateKey,(id)self.keyRef);
snej@0
    51
}
snej@0
    52
snej@0
    53
snej@1
    54
- (SecKeyRef) privateKeyRef {
snej@1
    55
    return _privateKey;
snej@1
    56
}
snej@0
    57
snej@0
    58
snej@0
    59
- (NSData*) decryptData: (NSData*)data {
snej@0
    60
    return _crypt(_privateKey,data,kCCDecrypt);
snej@0
    61
}
snej@0
    62
    
snej@0
    63
snej@0
    64
- (NSData*) signData: (NSData*)data {
snej@0
    65
    Assert(data);
snej@0
    66
    uint8_t digest[CC_SHA1_DIGEST_LENGTH];
snej@0
    67
    CC_SHA1(data.bytes,data.length, digest);
snej@0
    68
snej@0
    69
    size_t sigLen = 1024;
snej@0
    70
    uint8_t sigBuf[sigLen];
snej@0
    71
    OSStatus err = SecKeyRawSign(_privateKey, kSecPaddingPKCS1SHA1,
snej@0
    72
                                   digest,sizeof(digest), //data.bytes, data.length,
snej@0
    73
                                   sigBuf, &sigLen);
snej@0
    74
    if(err) {
snej@0
    75
        Warn(@"SecKeyRawSign failed: %i",err);
snej@0
    76
        return nil;
snej@0
    77
    } else
snej@0
    78
        return [NSData dataWithBytes: sigBuf length: sigLen];
snej@0
    79
}
snej@0
    80
snej@0
    81
snej@0
    82
@end
snej@0
    83
snej@0
    84
snej@2
    85
#endif MYCRYPTO_USE_IPHONE_API