1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/MYSymmetricKey-iPhone.m Sat Apr 18 18:12:06 2009 -0700
1.3 @@ -0,0 +1,173 @@
1.4 +//
1.5 +// MYSymmetricKey-iPhone.m
1.6 +// MYCrypto
1.7 +//
1.8 +// Created by Jens Alfke on 4/17/09.
1.9 +// Copyright 2009 Jens Alfke. All rights reserved.
1.10 +//
1.11 +
1.12 +#import "MYSymmetricKey.h"
1.13 +#import "MYCryptor.h"
1.14 +#import "MYCrypto_Private.h"
1.15 +
1.16 +#if MYCRYPTO_USE_IPHONE_API
1.17 +
1.18 +
1.19 +typedef uint32_t CSSM_ALGORITHMS;
1.20 +enum {
1.21 +// Taken from cssmtype.h in OS X 10.5 SDK:
1.22 + CSSM_ALGID_NONE = 0x00000000L,
1.23 + CSSM_ALGID_DES = CSSM_ALGID_NONE + 14,
1.24 + CSSM_ALGID_3DES_3KEY_EDE = CSSM_ALGID_NONE + 17,
1.25 + CSSM_ALGID_3DES_3KEY = CSSM_ALGID_3DES_3KEY_EDE,
1.26 + CSSM_ALGID_RC4 = CSSM_ALGID_NONE + 25,
1.27 + CSSM_ALGID_CAST = CSSM_ALGID_NONE + 27,
1.28 + CSSM_ALGID_VENDOR_DEFINED = CSSM_ALGID_NONE + 0x80000000L,
1.29 + CSSM_ALGID_AES
1.30 +};
1.31 +
1.32 +static const CSSM_ALGORITHMS kCSSMAlgorithms[] = {
1.33 +CSSM_ALGID_AES, CSSM_ALGID_DES, CSSM_ALGID_3DES_3KEY, CSSM_ALGID_CAST, CSSM_ALGID_RC4
1.34 +};
1.35 +
1.36 +static const char *kCCAlgorithmNames[] = {"AES", "DES", "DES^3", "CAST", "RC4"};
1.37 +
1.38 +
1.39 +@implementation MYSymmetricKey
1.40 +
1.41 +
1.42 +- (id) _initWithKeyData: (NSData*)keyData
1.43 + algorithm: (CCAlgorithm)algorithm
1.44 + inKeychain: (MYKeychain*)keychain
1.45 +{
1.46 + Assert(algorithm <= kCCAlgorithmRC4);
1.47 + Assert(keyData);
1.48 + NSNumber *keySizeInBits = [NSNumber numberWithUnsignedInt: keyData.length * 8];
1.49 + NSDictionary *keyAttrs = $dict( {(id)kSecClass, (id)kSecClassKey},
1.50 + //{(id)kSecAttrKeyClass, (id)kSecAttrKeyClassSymmetric},
1.51 + {(id)kSecAttrKeyType, [NSNumber numberWithUnsignedInt: kCSSMAlgorithms[algorithm]]},
1.52 + {(id)kSecAttrKeySizeInBits, keySizeInBits},
1.53 + {(id)kSecAttrEffectiveKeySize, keySizeInBits},
1.54 + {(id)kSecAttrIsPermanent, keychain ?$true :$false},
1.55 + {(id)kSecAttrCanEncrypt, $true},
1.56 + {(id)kSecAttrCanDecrypt, $true},
1.57 + {(id)kSecAttrCanWrap, $false},
1.58 + {(id)kSecAttrCanUnwrap, $false},
1.59 + {(id)kSecAttrCanDerive, $false},
1.60 + {(id)kSecAttrCanSign, $false},
1.61 + {(id)kSecAttrCanVerify, $false},
1.62 + {(id)kSecValueData, keyData},
1.63 + {(id)kSecReturnPersistentRef, $true});
1.64 + SecKeyRef keyRef = NULL;
1.65 + if (!check(SecItemAdd((CFDictionaryRef)keyAttrs, (CFTypeRef*)&keyRef), @"SecItemAdd")) {
1.66 + [self release];
1.67 + return nil;
1.68 + }
1.69 + Assert(keyRef, @"SecItemAdd didn't return anything");
1.70 + self = [self initWithKeyRef: keyRef];
1.71 + CFRelease(keyRef);
1.72 + return self;
1.73 +}
1.74 +
1.75 +- (id) initWithKeyData: (NSData*)keyData
1.76 + algorithm: (CCAlgorithm)algorithm
1.77 +{
1.78 + return [self _initWithKeyData: keyData algorithm: algorithm inKeychain: nil];
1.79 +}
1.80 +
1.81 ++ (MYSymmetricKey*) _generateSymmetricKeyOfSize: (unsigned)keySizeInBits
1.82 + algorithm: (CCAlgorithm)algorithm
1.83 + inKeychain: (MYKeychain*)keychain
1.84 +{
1.85 + return [[[self alloc] _initWithKeyData: [MYCryptor randomKeyOfLength: keySizeInBits]
1.86 + algorithm: algorithm
1.87 + inKeychain: keychain]
1.88 + autorelease];
1.89 +}
1.90 +
1.91 ++ (MYSymmetricKey*) generateSymmetricKeyOfSize: (unsigned)keySizeInBits
1.92 + algorithm: (CCAlgorithm)algorithm {
1.93 + return [self _generateSymmetricKeyOfSize: keySizeInBits
1.94 + algorithm: algorithm
1.95 + inKeychain: nil];
1.96 +}
1.97 +
1.98 +
1.99 +- (SecExternalItemType) keyType {
1.100 + return kSecAttrKeyClassSymmetric;
1.101 +}
1.102 +
1.103 +- (CCAlgorithm) algorithm {
1.104 + CSSM_ALGORITHMS cssmAlg;
1.105 + id keyType = [self _attribute: kSecAttrKeyType];
1.106 + Assert(keyType!=nil, @"Key has no kSecAttrKeyType");
1.107 + cssmAlg = [keyType unsignedIntValue];
1.108 + switch(cssmAlg) {
1.109 + case CSSM_ALGID_AES:
1.110 + return kCCAlgorithmAES128;
1.111 + case CSSM_ALGID_DES:
1.112 + return kCCAlgorithmDES;
1.113 + case CSSM_ALGID_3DES_3KEY:
1.114 + return kCCAlgorithm3DES;
1.115 + case CSSM_ALGID_CAST:
1.116 + return kCCAlgorithmCAST;
1.117 + case CSSM_ALGID_RC4:
1.118 + return kCCAlgorithmRC4;
1.119 + default:
1.120 + Warn(@"CSSM_ALGORITHMS #%u doesn't map to any CCAlgorithm", cssmAlg);
1.121 + return (CCAlgorithm)-1;
1.122 + }
1.123 +}
1.124 +
1.125 +- (const char*) algorithmName {
1.126 + CCAlgorithm a = self.algorithm;
1.127 + if (a >= 0 && a <= kCCAlgorithmRC4)
1.128 + return kCCAlgorithmNames[a];
1.129 + else
1.130 + return "???";
1.131 +}
1.132 +
1.133 +- (unsigned) keySizeInBits {
1.134 + id keySize = [self _attribute: kSecAttrKeySizeInBits];
1.135 + Assert(keySize!=nil, @"Key has no kSecAttrKeySizeInBits");
1.136 + return [keySize unsignedIntValue];
1.137 +}
1.138 +
1.139 +
1.140 +- (NSString*) description {
1.141 + return $sprintf(@"%@[%u-bit %s]", [self class], self.keySizeInBits, self.algorithmName);
1.142 +}
1.143 +
1.144 +
1.145 +- (NSData*) _cryptData: (NSData*)data operation: (CCOperation)op options: (CCOptions)options
1.146 +{
1.147 + NSData *keyData = self.keyData;
1.148 + Assert(keyData, @"Couldn't get key data");
1.149 + NSMutableData *output = [NSMutableData dataWithLength: data.length + 256];
1.150 + size_t bytesWritten = 0;
1.151 + CCCryptorStatus status = CCCrypt(op, self.algorithm, options,
1.152 + keyData.bytes, keyData.length, NULL,
1.153 + data.bytes, data.length, output.mutableBytes, output.length,
1.154 + &bytesWritten);
1.155 + if (status) {
1.156 + Warn(@"MYSymmetricKey: CCCrypt returned error %i",status);
1.157 + return nil;
1.158 + }
1.159 + output.length = bytesWritten;
1.160 + return output;
1.161 +}
1.162 +
1.163 +- (NSData*) encryptData: (NSData*)data {
1.164 + return [self _cryptData: data operation: kCCEncrypt options: kCCOptionPKCS7Padding];
1.165 +}
1.166 +
1.167 +
1.168 +- (NSData*) decryptData: (NSData*)data {
1.169 + return [self _cryptData: data operation: kCCDecrypt options: kCCOptionPKCS7Padding];
1.170 +}
1.171 +
1.172 +
1.173 +@end
1.174 +
1.175 +
1.176 +#endif MYCRYPTO_USE_IPHONE_API