snej@0: // snej@0: // MYCertificate.h snej@0: // MYCrypto snej@0: // snej@0: // Created by Jens Alfke on 3/26/09. snej@0: // Copyright 2009 Jens Alfke. All rights reserved. snej@0: // snej@0: snej@0: #import "MYKeychainItem.h" snej@0: snej@0: #if !TARGET_OS_IPHONE snej@0: #import snej@0: #endif snej@0: jens@16: @class MYPublicKey, MYIdentity; snej@0: snej@0: snej@0: /** An X.509 certificate. */ snej@0: @interface MYCertificate : MYKeychainItem { snej@1: @private snej@0: SecCertificateRef _certificateRef; snej@0: } snej@0: snej@0: /** Creates a MYCertificate object for an existing Keychain certificate reference. */ snej@8: + (MYCertificate*) certificateWithCertificateRef: (SecCertificateRef)certificateRef; snej@8: snej@8: /** Initializes a MYCertificate object for an existing Keychain certificate reference. */ snej@0: - (id) initWithCertificateRef: (SecCertificateRef)certificateRef; snej@0: snej@0: /** Creates a MYCertificate object from exported key data, but does not add it to any keychain. */ snej@0: - (id) initWithCertificateData: (NSData*)data; snej@0: snej@8: /** Checks whether two MYCertificate objects have bit-for-bit identical certificate data. */ snej@8: - (BOOL)isEqualToCertificate:(MYCertificate*)cert; snej@8: snej@1: /** The Keychain object reference for this certificate. */ snej@0: @property (readonly) SecCertificateRef certificateRef; snej@0: snej@0: /** The certificate's data. */ snej@0: @property (readonly) NSData *certificateData; snej@0: snej@0: /** The certificate's public key. */ snej@0: @property (readonly) MYPublicKey *publicKey; snej@0: snej@1: /** The name of the subject (owner) of the certificate. */ snej@0: @property (readonly) NSString *commonName; snej@1: snej@2: snej@2: /** @name Mac-Only snej@2: * Functionality not available on iPhone. snej@2: */ snej@2: //@{ snej@1: #if !TARGET_OS_IPHONE snej@2: snej@2: /** Creates a MYCertificate object from exported key data, but does not add it to any keychain. */ snej@2: - (id) initWithCertificateData: (NSData*)data snej@2: type: (CSSM_CERT_TYPE) type snej@2: encoding: (CSSM_CERT_ENCODING) encoding; snej@2: jens@16: /** The Identity (if any) that this Certificate is part of. */ jens@16: @property (readonly) MYIdentity *identity; jens@16: snej@1: /** The list (if any) of the subject's email addresses. */ snej@0: @property (readonly) NSArray *emailAddresses; snej@0: snej@0: /** Finds the current 'preferred' certificate for the given name string. */ snej@0: + (MYCertificate*) preferredCertificateForName: (NSString*)name; snej@0: snej@0: /** Associates the receiver as the preferred certificate for the given name string. */ snej@0: - (BOOL) setPreferredCertificateForName: (NSString*)name; snej@2: snej@0: #endif snej@2: //@} snej@0: snej@8: snej@8: /** @name Expert snej@8: */ snej@8: //@{ snej@8: #if !TARGET_OS_IPHONE snej@8: snej@8: + (SecPolicyRef) X509Policy; snej@8: + (SecPolicyRef) SSLPolicy; snej@8: + (SecPolicyRef) SMIMEPolicy; snej@8: - (CSSM_CERT_TYPE) certificateType; snej@8: - (NSArray*) trustSettings; snej@8: - (BOOL) setUserTrust: (SecTrustUserSetting)trustSetting; snej@8: snej@8: #endif snej@8: //@} snej@8: snej@0: @end snej@8: snej@8: snej@8: NSString* MYPolicyGetName( SecPolicyRef policy ); snej@8: NSString* MYTrustDescribe( SecTrustRef trust ); snej@8: NSString* MYTrustResultDescribe( SecTrustResultType result );