|
snej@0
|
1 |
//
|
|
snej@0
|
2 |
// KeyPair.h
|
|
snej@0
|
3 |
// MYCrypto
|
|
snej@0
|
4 |
//
|
|
snej@0
|
5 |
// Created by Jens Alfke on 3/21/09.
|
|
snej@0
|
6 |
// Copyright 2009 Jens Alfke. All rights reserved.
|
|
snej@0
|
7 |
//
|
|
snej@0
|
8 |
|
|
snej@0
|
9 |
#import "MYPublicKey.h"
|
|
snej@0
|
10 |
|
|
snej@0
|
11 |
|
|
snej@0
|
12 |
/** A key-pair consisting of a public and a private key.
|
|
snej@0
|
13 |
Can be used for signing and decrypting, as well as the inherited encrypting/verifying. */
|
|
snej@0
|
14 |
@interface MYKeyPair : MYPublicKey <MYDecryption>
|
|
snej@0
|
15 |
{
|
|
snej@0
|
16 |
SecKeyRef _privateKey;
|
|
snej@0
|
17 |
}
|
|
snej@0
|
18 |
|
|
snej@0
|
19 |
/** Creates a MYKeyPair object from existing Keychain key references. */
|
|
snej@0
|
20 |
- (id) initWithPublicKeyRef: (SecKeyRef)publicKey privateKeyRef: (SecKeyRef)privateKey;
|
|
snej@0
|
21 |
|
|
snej@0
|
22 |
#if !TARGET_OS_IPHONE
|
|
snej@0
|
23 |
/** Exports the private key as a data blob, so that it can be stored as a backup, or transferred
|
|
snej@0
|
24 |
to another computer. Since the key is sensitive, it must be exported in encrypted form
|
|
snej@0
|
25 |
using a user-chosen passphrase. This method will display a standard alert panel, run by
|
|
snej@0
|
26 |
the Security agent, that prompts the user to enter a new passphrase for encrypting the key.
|
|
snej@0
|
27 |
The same passphrase must be re-entered when importing the key from the data blob.
|
|
snej@0
|
28 |
@param format The data format: kSecFormatOpenSSL, kSecFormatSSH, kSecFormatBSAFE or kSecFormatSSHv2.
|
|
snej@0
|
29 |
@param withPEM YES if the data should be encoded in PEM format, which converts into short lines
|
|
snej@0
|
30 |
of printable ASCII characters, suitable for sending in email.
|
|
snej@0
|
31 |
@param alertTitle An optional title for the alert panel. (Currently ignored by the OS?)
|
|
snej@0
|
32 |
@param prompt An optional prompt message to display in the alert panel. */
|
|
snej@0
|
33 |
- (NSData*) exportPrivateKeyInFormat: (SecExternalFormat)format
|
|
snej@0
|
34 |
withPEM: (BOOL)withPEM
|
|
snej@0
|
35 |
alertTitle: (NSString*)title
|
|
snej@0
|
36 |
alertPrompt: (NSString*)prompt;
|
|
snej@0
|
37 |
|
|
snej@0
|
38 |
/** A convenient shorthand for the full exportPrivateKeyInFormat... method.
|
|
snej@0
|
39 |
Uses OpenSSL format, wrapped with PEM, and default title and prompt for the alert. */
|
|
snej@0
|
40 |
- (NSData*) exportPrivateKey;
|
|
snej@0
|
41 |
#endif
|
|
snej@0
|
42 |
|
|
snej@0
|
43 |
/** The underlying Keychain key reference for the private key. */
|
|
snej@0
|
44 |
@property (readonly) SecKeyRef privateKeyRef;
|
|
snej@0
|
45 |
|
|
snej@0
|
46 |
/** Decrypts data that was encrypted using the public key. */
|
|
snej@0
|
47 |
- (NSData*) decryptData: (NSData*)data;
|
|
snej@0
|
48 |
|
|
snej@0
|
49 |
/** Generates a signature of data, using the private key.
|
|
snej@0
|
50 |
The resulting signature can be verified using the matching MYPublicKey's
|
|
snej@0
|
51 |
verifySignature:ofData: method. */
|
|
snej@0
|
52 |
- (NSData*) signData: (NSData*)data;
|
|
snej@0
|
53 |
|
|
snej@0
|
54 |
@end
|