MercurialMYCrypto / diff
summary | shortlog | changelog | graph | tags | branches | files | changeset | file | latest | revisions | annotate | diff | raw
MYPublicKey.h
changeset 0 0a6527af039b
child 1 60e4cbbb5128 
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/MYPublicKey.h	Sat Apr 04 20:42:03 2009 -0700
     1.3 @@ -0,0 +1,51 @@
     1.4 +//
     1.5 +//  MYPublicKey.h
     1.6 +//  MYCrypto
     1.7 +//
     1.8 +//  Created by Jens Alfke on 3/25/09.
     1.9 +//  Copyright 2009 Jens Alfke. All rights reserved.
    1.10 +//
    1.11 +
    1.12 +#import "MYKey.h"
    1.13 +@class MYSHA1Digest;
    1.14 +
    1.15 +#if !TARGET_OS_IPHONE
    1.16 +#import <Security/SecKey.h>
    1.17 +#endif
    1.18 +
    1.19 +
    1.20 +/** Error domain for CSSM (low-level crypto) errors */
    1.21 +extern NSString* const MYCSSMErrorDomain;
    1.22 +
    1.23 +
    1.24 +/** A public key, which can be used for encrypting data and verifying signatures. */
    1.25 +@interface MYPublicKey : MYKey <MYEncryption>
    1.26 +{
    1.27 +    MYSHA1Digest *_digest;
    1.28 +}
    1.29 +
    1.30 +/** The public key's SHA-1 digest. This is a convenient short (20-byte) identifier for the key. */
    1.31 +@property (readonly) MYSHA1Digest *publicKeyDigest;
    1.32 +
    1.33 +/** Returns the receiver as a MYPublicKey.
    1.34 +    If the receiver already is a MYPublicKey, this just returns self.
    1.35 +    If it's a MYKeyPair, it returns a new MYPublicKey containing just the public key. */
    1.36 +@property (readonly) MYPublicKey *asPublicKey;
    1.37 +
    1.38 +/** Encrypts a short piece of data using this key, returning the raw encrypted result.
    1.39 +    RSA can encrypt only <i>short</i> pieces of data, smaller than the key size in bits; this
    1.40 +    method will fail and return nil if the data is too long.
    1.41 +    RSA encryption is also much slower than regular symmetric-key encryption, so the correct
    1.42 +    way to encrypt a large block of data using a public key is to first generate a random
    1.43 +    symmetric key, called the "session key" (using a Cryptor), encrypt that session key with the 
    1.44 +    public key, and then encrypt your data with the session key. Send the encrypted session key
    1.45 +    and the encrypted data. */
    1.46 +- (NSData*) encryptData: (NSData*)data;
    1.47 +
    1.48 +/** Verifies the signature of a block of data. If the result is YES, you can be assured that
    1.49 +    the signature was generated from the data using this key's matching private key.
    1.50 +    If the result is NO, something is wrong: either the data or the signature was modified,
    1.51 +    or the signature was generated by a different private key. */
    1.52 +- (BOOL) verifySignature: (NSData*)signature ofData: (NSData*)data;
    1.53 +    
    1.54 +@end
MYCrypto