|
snej@0
|
1 |
//
|
|
snej@0
|
2 |
// MYSymmetricKey.h
|
|
snej@0
|
3 |
// MYCrypto
|
|
snej@0
|
4 |
//
|
|
snej@0
|
5 |
// Created by Jens Alfke on 4/2/09.
|
|
snej@0
|
6 |
// Copyright 2009 Jens Alfke. All rights reserved.
|
|
snej@0
|
7 |
//
|
|
snej@0
|
8 |
|
|
snej@0
|
9 |
#import "MYKey.h"
|
|
snej@0
|
10 |
#import <CommonCrypto/CommonCryptor.h>
|
|
snej@0
|
11 |
|
|
snej@0
|
12 |
|
|
snej@0
|
13 |
@interface MYSymmetricKey : MYKey <MYEncryption, MYDecryption>
|
|
snej@12
|
14 |
{
|
|
snej@12
|
15 |
#if !MYCRYPTO_USE_IPHONE_API
|
|
snej@12
|
16 |
CSSM_KEY *_ownedCSSMKey;
|
|
snej@12
|
17 |
#endif
|
|
snej@12
|
18 |
}
|
|
snej@0
|
19 |
|
|
snej@1
|
20 |
/** Initializes a symmetric key from the given key data and algorithm. */
|
|
snej@1
|
21 |
- (id) initWithKeyData: (NSData*)keyData
|
|
snej@1
|
22 |
algorithm: (CCAlgorithm)algorithm;
|
|
snej@1
|
23 |
|
|
snej@1
|
24 |
/** Randomly generates a new symmetric key, using the given algorithm and key-size in bits.
|
|
snej@1
|
25 |
The key is not added to any keychain; if you want to keep the key persistently, use
|
|
snej@1
|
26 |
the method of the same name in the MYKeychain class. */
|
|
snej@0
|
27 |
+ (MYSymmetricKey*) generateSymmetricKeyOfSize: (unsigned)keySizeInBits
|
|
snej@0
|
28 |
algorithm: (CCAlgorithm)algorithm;
|
|
snej@0
|
29 |
|
|
snej@12
|
30 |
/** Converts a passphrase into a symmetric key.
|
|
snej@12
|
31 |
The same passphrase (and salt) will always return the same key, so you can use this method
|
|
snej@12
|
32 |
to encrypt and decrypt data using a user-entered passphrase, without having to store the key
|
|
snej@12
|
33 |
itself in the keychain.
|
|
snej@12
|
34 |
@param alertTitle A title for the alert (this seems to be ignored by the OS).
|
|
snej@12
|
35 |
@param prompt A prompt string displayed in the alert.
|
|
snej@12
|
36 |
@param creating Is a new passphrase being created? If YES, the user will have to enter the
|
|
snej@12
|
37 |
passphrase twice, to check for errors, and the nifty passphrase-strength meter will be
|
|
snej@12
|
38 |
displayed. If NO, there's only one text-field, and an option to display its contents in
|
|
snej@12
|
39 |
the clear.
|
|
snej@12
|
40 |
@param salt An arbitrary value whose data will be mixed in with the passphrase before
|
|
snej@12
|
41 |
hashing, to perturb the resulting bits. The purpose of this is to make it harder for
|
|
snej@12
|
42 |
an attacker to brute-force the key using a precompiled list of digests of common
|
|
snej@12
|
43 |
passwords. Changing the salt changes the key, so you need to pass the same value when
|
|
snej@12
|
44 |
re-deriving the key as you did when first generating it. */
|
|
snej@12
|
45 |
+ (MYSymmetricKey*) generateFromUserPassphraseWithAlertTitle: (NSString*)alertTitle
|
|
snej@12
|
46 |
alertPrompt: (NSString*)prompt
|
|
snej@12
|
47 |
creating: (BOOL)creating
|
|
snej@12
|
48 |
salt: (id)saltObj;
|
|
snej@12
|
49 |
|
|
snej@1
|
50 |
/** The key's algorithm. */
|
|
snej@0
|
51 |
@property (readonly) CCAlgorithm algorithm;
|
|
snej@0
|
52 |
|
|
snej@2
|
53 |
/** The key's size/length, in bits. */
|
|
snej@2
|
54 |
@property (readonly) unsigned keySizeInBits;
|
|
snej@2
|
55 |
|
|
snej@13
|
56 |
- (NSData*) exportWrappedKeyWithPassphrasePrompt: (NSString*)prompt;
|
|
snej@13
|
57 |
|
|
snej@12
|
58 |
|
|
snej@12
|
59 |
/** A utility that prompts for a passphrase, using the Security agent's nice modal panel,
|
|
snej@12
|
60 |
and returns the raw passphrase as a string.
|
|
snej@12
|
61 |
@param alertTitle A title for the alert (this seems to be ignored by the OS).
|
|
snej@12
|
62 |
@param prompt A prompt string displayed in the alert.
|
|
snej@12
|
63 |
@param creating Is a new passphrase being created?
|
|
snej@12
|
64 |
(See description in +generateFromUserPassphrase... method.) */
|
|
snej@12
|
65 |
+ (NSString*) promptForPassphraseWithAlertTitle: (NSString*)alertTitle
|
|
snej@12
|
66 |
alertPrompt: (NSString*)prompt
|
|
snej@12
|
67 |
creating: (BOOL)creating;
|
|
snej@12
|
68 |
|
|
snej@0
|
69 |
@end
|