snej@0
|
1 |
//
|
snej@0
|
2 |
// MYKeyPair-iPhone.m
|
snej@0
|
3 |
// MYNetwork-iPhone
|
snej@0
|
4 |
//
|
snej@0
|
5 |
// Created by Jens Alfke on 3/22/09.
|
snej@0
|
6 |
// Copyright 2009 Jens Alfke. All rights reserved.
|
snej@0
|
7 |
//
|
snej@0
|
8 |
|
snej@0
|
9 |
|
snej@0
|
10 |
#import "MYKeyPair.h"
|
snej@0
|
11 |
#import "MYCrypto_Private.h"
|
snej@1
|
12 |
#import <CommonCrypto/CommonDigest.h>
|
snej@1
|
13 |
|
snej@0
|
14 |
|
snej@2
|
15 |
#if MYCRYPTO_USE_IPHONE_API
|
snej@0
|
16 |
|
snej@0
|
17 |
|
snej@0
|
18 |
@implementation MYKeyPair
|
snej@0
|
19 |
|
snej@0
|
20 |
|
snej@2
|
21 |
+ (MYKeyPair*) _generateRSAKeyPairOfSize: (unsigned)keySize inKeychain: (MYKeychain*)keychain {
|
snej@0
|
22 |
Assert( keySize == 512 || keySize == 1024 || keySize == 2048, @"Unsupported key size %u", keySize );
|
snej@0
|
23 |
SecKeyRef pubKey=NULL, privKey=NULL;
|
snej@0
|
24 |
OSStatus err;
|
snej@0
|
25 |
NSDictionary *pubKeyAttrs = $dict({(id)kSecAttrIsPermanent, $true});
|
snej@0
|
26 |
NSDictionary *privKeyAttrs = $dict({(id)kSecAttrIsPermanent, $true});
|
snej@0
|
27 |
NSDictionary *keyAttrs = $dict( {(id)kSecAttrKeyType, (id)kSecAttrKeyTypeRSA},
|
snej@0
|
28 |
{(id)kSecAttrKeySizeInBits, $object(keySize)},
|
snej@0
|
29 |
{(id)kSecPublicKeyAttrs, pubKeyAttrs},
|
snej@0
|
30 |
{(id)kSecPrivateKeyAttrs, privKeyAttrs} );
|
snej@0
|
31 |
err = SecKeyGeneratePair((CFDictionaryRef)keyAttrs,&pubKey,&privKey);
|
snej@0
|
32 |
if (err) {
|
snej@0
|
33 |
Warn(@"Failed to create key-pair: %i", err);
|
snej@0
|
34 |
return nil;
|
snej@0
|
35 |
} else
|
snej@0
|
36 |
return [[[self alloc] initWithPublicKeyRef: pubKey privateKeyRef: privKey] autorelease];
|
snej@0
|
37 |
}
|
snej@0
|
38 |
|
snej@0
|
39 |
- (id) initWithPublicKeyRef: (SecKeyRef)publicKey privateKeyRef: (SecKeyRef)privateKey {
|
snej@0
|
40 |
self = [super initWithKeyRef: publicKey];
|
snej@0
|
41 |
if (self) {
|
snej@0
|
42 |
NSParameterAssert(privateKey);
|
snej@0
|
43 |
_privateKey = (SecKeyRef) CFRetain(privateKey);
|
snej@0
|
44 |
}
|
snej@0
|
45 |
return self;
|
snej@0
|
46 |
}
|
snej@0
|
47 |
|
snej@0
|
48 |
|
snej@0
|
49 |
- (NSArray*) _itemList {
|
snej@0
|
50 |
return $array((id)_privateKey,(id)self.keyRef);
|
snej@0
|
51 |
}
|
snej@0
|
52 |
|
snej@0
|
53 |
|
snej@1
|
54 |
- (SecKeyRef) privateKeyRef {
|
snej@1
|
55 |
return _privateKey;
|
snej@1
|
56 |
}
|
snej@0
|
57 |
|
snej@0
|
58 |
|
snej@0
|
59 |
- (NSData*) decryptData: (NSData*)data {
|
snej@0
|
60 |
return _crypt(_privateKey,data,kCCDecrypt);
|
snej@0
|
61 |
}
|
snej@0
|
62 |
|
snej@0
|
63 |
|
snej@0
|
64 |
- (NSData*) signData: (NSData*)data {
|
snej@0
|
65 |
Assert(data);
|
snej@0
|
66 |
uint8_t digest[CC_SHA1_DIGEST_LENGTH];
|
snej@0
|
67 |
CC_SHA1(data.bytes,data.length, digest);
|
snej@0
|
68 |
|
snej@0
|
69 |
size_t sigLen = 1024;
|
snej@0
|
70 |
uint8_t sigBuf[sigLen];
|
snej@0
|
71 |
OSStatus err = SecKeyRawSign(_privateKey, kSecPaddingPKCS1SHA1,
|
snej@0
|
72 |
digest,sizeof(digest), //data.bytes, data.length,
|
snej@0
|
73 |
sigBuf, &sigLen);
|
snej@0
|
74 |
if(err) {
|
snej@0
|
75 |
Warn(@"SecKeyRawSign failed: %i",err);
|
snej@0
|
76 |
return nil;
|
snej@0
|
77 |
} else
|
snej@0
|
78 |
return [NSData dataWithBytes: sigBuf length: sigLen];
|
snej@0
|
79 |
}
|
snej@0
|
80 |
|
snej@0
|
81 |
|
snej@0
|
82 |
@end
|
snej@0
|
83 |
|
snej@0
|
84 |
|
snej@2
|
85 |
#endif MYCRYPTO_USE_IPHONE_API
|