1.1 --- a/MYPrivateKey.m Sun Apr 12 22:02:20 2009 -0700
1.2 +++ b/MYPrivateKey.m Sun Apr 19 00:01:41 2009 -0700
1.3 @@ -153,7 +153,7 @@
1.4 CSSM_ALGID_RSA,
1.5 keySize,
1.6 0LL,
1.7 - CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_VERIFY, // public key
1.8 + CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_VERIFY | CSSM_KEYUSE_WRAP, // public key
1.9 CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_PERMANENT,
1.10 CSSM_KEYUSE_ANY, // private key
1.11 CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_PERMANENT | CSSM_KEYATTR_SENSITIVE,
1.12 @@ -213,7 +213,7 @@
1.13 }
1.14
1.15
1.16 -- (NSData*) decryptData: (NSData*)data {
1.17 +- (NSData*) rawDecryptData: (NSData*)data {
1.18 return [self _crypt: data operation: NO];
1.19 }
1.20
1.21 @@ -300,6 +300,64 @@
1.22 return nil;
1.23 }
1.24
1.25 -#endif TARGET_OS_IPHONE
1.26 +
1.27 +- (MYSymmetricKey*) unwrapSessionKey: (NSData*)wrappedData
1.28 + withAlgorithm: (CCAlgorithm)algorithm
1.29 + sizeInBits: (unsigned)sizeInBits
1.30 +{
1.31 + // First create a wrapped-key structure from the data:
1.32 + CSSM_WRAP_KEY wrappedKey = {
1.33 + .KeyHeader = {
1.34 + .BlobType = CSSM_KEYBLOB_WRAPPED,
1.35 + .Format = CSSM_KEYBLOB_RAW_FORMAT_PKCS3,
1.36 + .AlgorithmId = CSSMFromCCAlgorithm(algorithm),
1.37 + .KeyClass = CSSM_KEYCLASS_SESSION_KEY,
1.38 + .LogicalKeySizeInBits = sizeInBits,
1.39 + .KeyAttr = CSSM_KEYATTR_EXTRACTABLE,
1.40 + .KeyUsage = CSSM_KEYUSE_ANY,
1.41 + .WrapAlgorithmId = self.cssmAlgorithm,
1.42 + },
1.43 + .KeyData = {
1.44 + .Data = (void*)wrappedData.bytes,
1.45 + .Length = wrappedData.length
1.46 + }
1.47 + };
1.48 +
1.49 + const CSSM_ACCESS_CREDENTIALS* credentials;
1.50 + credentials = [self cssmCredentialsForOperation: CSSM_ACL_AUTHORIZATION_IMPORT_WRAPPED
1.51 + type: kSecCredentialTypeDefault error: nil];
1.52 + CSSM_CSP_HANDLE cspHandle = self.cssmCSPHandle;
1.53 + CSSM_CC_HANDLE ctx;
1.54 + if (!checkcssm(CSSM_CSP_CreateAsymmetricContext(cspHandle,
1.55 + self.cssmAlgorithm,
1.56 + credentials,
1.57 + self.cssmKey,
1.58 + CSSM_PADDING_PKCS1,
1.59 + &ctx),
1.60 + @"CSSM_CSP_CreateAsymmetricContext"))
1.61 + return nil;
1.62 +
1.63 + // Now unwrap the key:
1.64 + MYSymmetricKey *result = nil;
1.65 + CSSM_KEY *unwrappedKey = calloc(1,sizeof(CSSM_KEY));
1.66 + CSSM_DATA desc = {};
1.67 + if (checkcssm(CSSM_UnwrapKey(ctx,
1.68 + self.cssmKey,
1.69 + &wrappedKey,
1.70 + wrappedKey.KeyHeader.KeyUsage,
1.71 + wrappedKey.KeyHeader.KeyAttr,
1.72 + NULL, NULL,
1.73 + unwrappedKey,
1.74 + &desc),
1.75 + @"CSSM_UnwrapKey")) {
1.76 + result = [[[MYSymmetricKey alloc] _initWithCSSMKey: unwrappedKey] autorelease];
1.77 + }
1.78 + // Finally, delete the context
1.79 + CSSM_DeleteContext(ctx);
1.80 + return result;
1.81 +}
1.82 +
1.83 +
1.84 +#endif !TARGET_OS_IPHONE
1.85
1.86 @end