1.1 --- a/MYKeychain.h Sat Apr 04 22:56:13 2009 -0700
1.2 +++ b/MYKeychain.h Tue Apr 07 10:56:58 2009 -0700
1.3 @@ -7,6 +7,7 @@
1.4 //
1.5
1.6 #import <Foundation/Foundation.h>
1.7 +#import "MYCryptoConfig.h"
1.8 @class MYSymmetricKey, MYPublicKey, MYKeyPair, MYCertificate, MYSHA1Digest;
1.9
1.10
1.11 @@ -15,7 +16,7 @@
1.12 @interface MYKeychain : NSObject
1.13 {
1.14 @private
1.15 -#if !TARGET_OS_IPHONE || TARGET_IPHONE_SIMULATOR
1.16 +#if !MYCRYPTO_USE_IPHONE_API
1.17 SecKeychainRef _keychain;
1.18 #endif
1.19 }
1.20 @@ -40,6 +41,10 @@
1.21
1.22 #pragma mark PUBLIC KEYS:
1.23
1.24 +/** Imports a public key into the keychain, given its external representation
1.25 + (as generated by -[MYPublicKey keyData].) */
1.26 +- (MYPublicKey*) importPublicKey: (NSData*)keyData;
1.27 +
1.28 /** Looks up an existing public key with the given digest.
1.29 Returns nil if there is no such key in the keychain.
1.30 (This method does not look for keys embedded in certificates, only 'bare' keys.) */
1.31 @@ -49,11 +54,10 @@
1.32 (This method does not find keys embedded in certificates, only 'bare' keys.) */
1.33 - (NSEnumerator*) enumeratePublicKeys;
1.34
1.35 -/** Imports a public key into the keychain, given its external representation
1.36 - (as generated by -[MYPublicKey keyData].) */
1.37 -- (MYPublicKey*) importPublicKey: (NSData*)keyData;
1.38 +#pragma mark CERTIFICATES:
1.39
1.40 -#pragma mark CERTIFICATES:
1.41 +/** Imports a certificate into the keychain, given its external representation. */
1.42 +- (MYCertificate*) importCertificate: (NSData*)data;
1.43
1.44 /** Looks up an existing certificate with the given public-key digest.
1.45 Returns nil if there is no such certificate in the keychain.
1.46 @@ -63,20 +67,8 @@
1.47 /** Enumerates all certificates in the keychain. */
1.48 - (NSEnumerator*) enumerateCertificates;
1.49
1.50 -/** Imports a certificate into the keychain, given its external representation. */
1.51 -- (MYCertificate*) importCertificate: (NSData*)data;
1.52 -
1.53 #pragma mark KEY-PAIRS:
1.54
1.55 -/** Looks up an existing key-pair whose public key has the given digest.
1.56 - Returns nil if there is no such key-pair in the keychain.
1.57 - (This method does not look for public keys embedded in certificates, only 'bare' keys.) */
1.58 -- (MYKeyPair*) keyPairWithDigest: (MYSHA1Digest*)pubKeyDigest;
1.59 -
1.60 -/** Enumerates all key-pairs in the keychain.
1.61 - (This method does not find keys embedded in certificates, only 'bare' keys.) */
1.62 -- (NSEnumerator*) enumerateKeyPairs;
1.63 -
1.64 /** Generates a new RSA key-pair and adds both keys to the keychain.
1.65 This is very slow -- it may take seconds, depending on the key size, CPU speed,
1.66 and other random factors. You may want to start some kind of progress indicator before
1.67 @@ -87,19 +79,63 @@
1.68 to stay secure for years; or you could use 4096 if you're extremely paranoid. */
1.69 - (MYKeyPair*) generateRSAKeyPairOfSize: (unsigned)keySize;
1.70
1.71 -@end
1.72 +/** Looks up an existing key-pair whose public key has the given digest.
1.73 + Returns nil if there is no such key-pair in the keychain.
1.74 + (This method does not look for public keys embedded in certificates, only 'bare' keys.) */
1.75 +- (MYKeyPair*) keyPairWithDigest: (MYSHA1Digest*)pubKeyDigest;
1.76
1.77 -
1.78 +/** Enumerates all key-pairs in the keychain.
1.79 + (This method does not find keys embedded in certificates, only 'bare' keys.) */
1.80 +- (NSEnumerator*) enumerateKeyPairs;
1.81
1.82
1.83 #pragma mark -
1.84 #pragma mark METHODS NOT SUPPORTED ON IPHONE:
1.85
1.86
1.87 +/** @name Mac-Only
1.88 + * Functionality not available on iPhone.
1.89 + */
1.90 +//@{
1.91 #if !TARGET_OS_IPHONE
1.92
1.93 -/** Keychain functionality that's not supported on iPhone. */
1.94 -@interface MYKeychain (MacOnly)
1.95 +/** Enumerates all public keys in the keychain that have the given alias string. */
1.96 +- (NSEnumerator*) symmetricKeysWithAlias: (NSString*)alias;
1.97 +
1.98 +/** Enumerates all public keys in the keychain that have the given alias string. */
1.99 +- (NSEnumerator*) publicKeysWithAlias: (NSString*)alias;
1.100 +
1.101 +/** Imports a key-pair into the keychain, given the external representations
1.102 + of both the public and private keys.
1.103 + Since the private key data is wrapped (encrypted), the Security agent will prompt the user to enter
1.104 + the passphrase. */
1.105 +- (MYKeyPair*) importPublicKey: (NSData*)pubKeyData
1.106 + privateKey: (NSData*)privKeyData;
1.107 +
1.108 +/** Imports a key-pair into the keychain, given the external representations
1.109 + of both the public and private keys.
1.110 + Since the private key data is wrapped (encrypted), the Security agent will prompt the user to enter
1.111 + the passphrase. You can specify the title and prompt message for this alert panel. */
1.112 +- (MYKeyPair*) importPublicKey: (NSData*)pubKeyData
1.113 + privateKey: (NSData*)privKeyData
1.114 + alertTitle: (NSString*)title
1.115 + alertPrompt: (NSString*)prompt;
1.116 +
1.117 +/** Imports a certificate into the keychain, given its external representation. */
1.118 +- (MYCertificate*) importCertificate: (NSData*)data
1.119 + type: (CSSM_CERT_TYPE) type
1.120 + encoding: (CSSM_CERT_ENCODING) encoding;
1.121 +
1.122 +//@}
1.123 +#endif
1.124 +
1.125 +
1.126 +
1.127 +/** @name Expert (Mac-Only)
1.128 + * Advanced functionality, not available on iPhone.
1.129 + */
1.130 +//@{
1.131 +#if !TARGET_OS_IPHONE
1.132
1.133 /** Creates a MYKeychain for an existing SecKeychainRef. */
1.134 - (id) initWithKeychainRef: (SecKeychainRef)keychainRef;
1.135 @@ -131,35 +167,8 @@
1.136 /** The underlying CSSM storage handle; used when calling CSSM APIs. */
1.137 @property (readonly) CSSM_CSP_HANDLE CSPHandle;
1.138
1.139 -
1.140 -/** Enumerates all public keys in the keychain that have the given alias string. */
1.141 -- (NSEnumerator*) symmetricKeysWithAlias: (NSString*)alias;
1.142 -
1.143 -/** Enumerates all public keys in the keychain that have the given alias string. */
1.144 -- (NSEnumerator*) publicKeysWithAlias: (NSString*)alias;
1.145 -
1.146 -
1.147 -/** Imports a certificate into the keychain, given its external representation. */
1.148 -- (MYCertificate*) importCertificate: (NSData*)data
1.149 - type: (CSSM_CERT_TYPE) type
1.150 - encoding: (CSSM_CERT_ENCODING) encoding;
1.151 -
1.152 -/** Imports a key-pair into the keychain, given the external representations
1.153 - of both the public and private keys.
1.154 - Since the private key data is wrapped (encrypted), the Security agent will prompt the user to enter
1.155 - the passphrase. */
1.156 -- (MYKeyPair*) importPublicKey: (NSData*)pubKeyData
1.157 - privateKey: (NSData*)privKeyData;
1.158 -
1.159 -/** Imports a key-pair into the keychain, given the external representations
1.160 - of both the public and private keys.
1.161 - Since the private key data is wrapped (encrypted), the Security agent will prompt the user to enter
1.162 - the passphrase. You can specify the title and prompt message for this alert panel. */
1.163 -- (MYKeyPair*) importPublicKey: (NSData*)pubKeyData
1.164 - privateKey: (NSData*)privKeyData
1.165 - alertTitle: (NSString*)title
1.166 - alertPrompt: (NSString*)prompt;
1.167 +#endif
1.168 +//@}
1.169
1.170 @end
1.171
1.172 -#endif