MercurialMYCrypto / file revision
summary | shortlog | changelog | graph | tags | branches | files | changeset | file | latest | revisions | annotate | diff | raw
MYCertificateInfo.h
author Jens Alfke <jens@mooseyard.com>
Sat Jun 06 15:36:35 2009 -0700 (2009-06-06)
changeset 22 058394513f33
parent 21 2c300b15b381
child 24 6856e071d25a
permissions -rw-r--r--
Added a few comments. That is all. 
     1 //

     2 //  MYCertificateInfo.h

     3 //  MYCrypto

     4 //

     5 //  Created by Jens Alfke on 6/2/09.

     6 //  Copyright 2009 Jens Alfke. All rights reserved.

     7 //

     8 

     9 #import <Foundation/Foundation.h>

    10 @class MYCertificateName, MYCertificate, MYIdentity, MYPublicKey, MYPrivateKey, MYOID;

    11 

    12 /** A parsed X.509 certificate; provides access to the names and metadata. */

    13 @interface MYCertificateInfo : NSObject 

    14 {

    15     @private

    16     NSArray *_root;

    17 }

    18 

    19 /** Initialize by parsing X.509 certificate data.

    20     (More commonly you'll get an instance via MYCertificate's 'info' property.) */

    21 - (id) initWithCertificateData: (NSData*)data error: (NSError**)outError;

    22 

    23 /** The date/time at which the certificate first becomes valid. */

    24 @property (retain, readonly) NSDate *validFrom;

    25 

    26 /** The date/time at which the certificate expires. */

    27 @property (retain, readonly) NSDate *validTo;

    28 

    29 /** Information about the identity of the owner of this certificate. */

    30 @property (readonly) MYCertificateName *subject;

    31 

    32 /** Information about the identity that signed/authorized this certificate. */

    33 @property (readonly) MYCertificateName *issuer;

    34 

    35 /** Returns YES if the issuer is the same as the subject. (Aka a "self-signed" certificate.) */

    36 @property (readonly) BOOL isRoot;

    37 

    38 @end

    39 

    40 

    41 

    42 /** A mutable, unsigned certificate that can be filled out and then signed by the issuer.

    43     Used to generate an identity certificate for a key-pair. */

    44 @interface MYCertificateRequest : MYCertificateInfo

    45 {

    46     @private

    47     MYPublicKey *_publicKey;

    48 }

    49 

    50 /** Initializes a blank instance which can be used to create a new certificate.

    51     The certificate will not contain anything yet other than the public key.

    52     The desired attributes should be set, and then the -selfSignWithPrivateKey:error method called. */

    53 - (id) initWithPublicKey: (MYPublicKey*)pubKey;

    54 

    55 /** The date/time at which the certificate first becomes valid. Settable. */

    56 @property (retain) NSDate *validFrom;

    57 

    58 /** The date/time at which the certificate expires. Settable */

    59 @property (retain) NSDate *validTo;

    60 

    61 /** Encodes the certificate request in X.509 format -- this is NOT a certificate!

    62     It has to be sent to a Certificate Authority to be signed.

    63     If you want to generate a self-signed certificate, use one of the self-signing methods instead. */

    64 - (NSData*) requestData: (NSError**)outError;

    65 

    66 /** Signs the certificate using the given private key, which must be the counterpart of the

    67     public key stored in the certificate, and returns the encoded certificate data.

    68     The subject attributes will be copied to the issuer attributes.

    69     If no valid date range has been set yet, it will be set to a range of one year starting from

    70     the current time.

    71     A unique serial number based on the current time will be set. */

    72 - (NSData*) selfSignWithPrivateKey: (MYPrivateKey*)privateKey error: (NSError**)outError;

    73 

    74 /** Signs the certificate using the given private key, which must be the counterpart of the

    75     public key stored in the certificate; adds the certificate to the keychain;

    76     and returns a MYIdentity representing the paired certificate and private key. */

    77 - (MYIdentity*) createSelfSignedIdentityWithPrivateKey: (MYPrivateKey*)privateKey

    78                                                  error: (NSError**)outError;

    79 @end

    80 

    81 

    82 

    83 /** An X.509 Name structure, describing the subject or issuer of a certificate.

    84     The properties are settable only if this instance belongs to a MYCertificateRequest;

    85     otherwise trying to set them will raise an exception. */

    86 @interface MYCertificateName : NSObject

    87 {

    88     @private

    89     NSArray *_components;

    90 }

    91 

    92 /** The "common name" (nickname, whatever). */

    93 @property (copy) NSString *commonName;

    94 

    95 /** The given/first name. */

    96 @property (copy) NSString *givenName;

    97 

    98 /** The surname / last name / family name. */

    99 @property (copy) NSString *surname;

   100 

   101 /** A description. */

   102 @property (copy) NSString *nameDescription;

   103 

   104 /** The raw email address. */

   105 @property (copy) NSString *emailAddress;

   106 

   107 /** Lower-level accessor that returns the value associated with the given OID. */

   108 - (NSString*) stringForOID: (MYOID*)oid;

   109 

   110 /** Lower-level accessor that sets the value associated with the given OID. */

   111 - (void) setString: (NSString*)value forOID: (MYOID*)oid;

   112 

   113 @end
MYCrypto