1.1 --- a/MYKeyPair.h Tue Apr 07 10:56:58 2009 -0700
1.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000
1.3 @@ -1,81 +0,0 @@
1.4 -//
1.5 -// KeyPair.h
1.6 -// MYCrypto
1.7 -//
1.8 -// Created by Jens Alfke on 3/21/09.
1.9 -// Copyright 2009 Jens Alfke. All rights reserved.
1.10 -//
1.11 -
1.12 -#import "MYPublicKey.h"
1.13 -
1.14 -
1.15 -/** A key-pair consisting of a public and a private key.
1.16 - Can be used for signing and decrypting, as well as the inherited encrypting/verifying.
1.17 - Instances are generated by MYKeychain objects. */
1.18 -@interface MYKeyPair : MYPublicKey <MYDecryption>
1.19 -{
1.20 - @private
1.21 - SecKeyRef _privateKey;
1.22 -}
1.23 -
1.24 -/** Decrypts data that was encrypted using the public key.
1.25 - See the description of -[MYPublicKey encryptData:] for warnings and caveats.
1.26 - This method is usually used only to decrypt a symmetric session key, which then decrypts the
1.27 - rest of the data. */
1.28 -- (NSData*) decryptData: (NSData*)data;
1.29 -
1.30 -/** Generates a signature of data, using the private key.
1.31 - (What's actually signed using RSA is the SHA-256 digest of the data.)
1.32 - The resulting signature can be verified using the matching MYPublicKey's
1.33 - verifySignature:ofData: method. */
1.34 -- (NSData*) signData: (NSData*)data;
1.35 -
1.36 -
1.37 -/** @name Mac-Only
1.38 - * Functionality not available on iPhone.
1.39 - */
1.40 -//@{
1.41 -#if !TARGET_OS_IPHONE
1.42 -
1.43 -/** Exports the private key as a data blob, so that it can be stored as a backup, or transferred
1.44 - to another computer. Since the key is sensitive, it must be exported in encrypted form
1.45 - using a user-chosen passphrase. This method will display a standard alert panel, run by
1.46 - the Security agent, that prompts the user to enter a new passphrase for encrypting the key.
1.47 - The same passphrase must be re-entered when importing the key from the data blob.
1.48 - (This is a convenient shorthand for the full exportPrivateKeyInFormat... method.
1.49 - It uses OpenSSL format, wrapped with PEM, and a default title and prompt for the alert.) */
1.50 -- (NSData*) exportPrivateKey;
1.51 -
1.52 -/** Exports the private key as a data blob, so that it can be stored as a backup, or transferred
1.53 - to another computer. Since the key is sensitive, it must be exported in encrypted form
1.54 - using a user-chosen passphrase. This method will display a standard alert panel, run by
1.55 - the Security agent, that prompts the user to enter a new passphrase for encrypting the key.
1.56 - The same passphrase must be re-entered when importing the key from the data blob.
1.57 - @param format The data format: kSecFormatOpenSSL, kSecFormatSSH, kSecFormatBSAFE or kSecFormatSSHv2.
1.58 - @param withPEM YES if the data should be encoded in PEM format, which converts into short lines
1.59 - of printable ASCII characters, suitable for sending in email.
1.60 - @param alertTitle An optional title for the alert panel. (Currently ignored by the OS?)
1.61 - @param prompt An optional prompt message to display in the alert panel. */
1.62 -- (NSData*) exportPrivateKeyInFormat: (SecExternalFormat)format
1.63 - withPEM: (BOOL)withPEM
1.64 - alertTitle: (NSString*)alertTitle
1.65 - alertPrompt: (NSString*)prompt;
1.66 -
1.67 -#endif
1.68 -//@}
1.69 -
1.70 -
1.71 -/** @name Expert
1.72 - * Advanced functionality.
1.73 - */
1.74 -//@{
1.75 -
1.76 -/** Creates a MYKeyPair object from existing Keychain key references. */
1.77 -- (id) initWithPublicKeyRef: (SecKeyRef)publicKey privateKeyRef: (SecKeyRef)privateKey;
1.78 -
1.79 -/** The underlying Keychain key reference for the private key. */
1.80 -@property (readonly) SecKeyRef privateKeyRef;
1.81 -
1.82 -//@}
1.83 -
1.84 -@end