1.1 --- a/MYKey.h Sat Apr 04 22:56:13 2009 -0700
1.2 +++ b/MYKey.h Wed Apr 08 16:30:52 2009 -0700
1.3 @@ -28,6 +28,7 @@
1.4 /** Abstract superclass for keys.
1.5 Concrete subclasses are MYSymmetricKey and MYPublicKey. */
1.6 @interface MYKey : MYKeychainItem
1.7 +{ }
1.8
1.9 /** The key's raw data. */
1.10 @property (readonly) NSData *keyData;
1.11 @@ -42,17 +43,32 @@
1.12 that it can be read and modified by any other app that can access this key. */
1.13 @property (copy) NSString *alias;
1.14
1.15 +
1.16 +/** @name Mac-Only
1.17 + * Functionality not available on iPhone.
1.18 + */
1.19 +//@{
1.20 #if !TARGET_OS_IPHONE
1.21 +
1.22 /** The user-visible comment (kSecKeyApplicationTag) associated with this key in the Keychain.
1.23 - The user can edit this, so don't expect it to be immutable. */
1.24 + The user can edit this, so don't expect it to be immutable. */
1.25 @property (copy) NSString *comment;
1.26 +
1.27 +/** Converts the key into a data blob in one of several standard formats, suitable for storing in
1.28 + a file or sending over the network.
1.29 + @param format The data format: kSecFormatOpenSSL, kSecFormatSSH, kSecFormatBSAFE or kSecFormatSSHv2.
1.30 + @param withPEM YES if the data should be encoded in PEM format, which converts into short lines
1.31 + of printable ASCII characters, suitable for sending in email. */
1.32 +- (NSData*) exportKeyInFormat: (SecExternalFormat)format withPEM: (BOOL)withPEM;
1.33 +
1.34 #endif
1.35 +//@}
1.36
1.37 -@end
1.38
1.39 -
1.40 -
1.41 -@interface MYKey (Expert)
1.42 +/** @name Expert
1.43 + * Advanced methods.
1.44 + */
1.45 +//@{
1.46
1.47 /** Creates a MYKey object for an existing Keychain key reference.
1.48 This is abstract -- must be called on a MYSymmetricKey or MYPublicKey, as appropriate. */
1.49 @@ -65,12 +81,26 @@
1.50 /** The underlying CSSM_KEY structure; used with low-level crypto APIs. */
1.51 @property (readonly) const struct cssm_key* cssmKey;
1.52
1.53 -/** Converts the key into a data blob in one of several standard formats, suitable for storing in
1.54 - a file or sending over the network.
1.55 - @param format The data format: kSecFormatOpenSSL, kSecFormatSSH, kSecFormatBSAFE or kSecFormatSSHv2.
1.56 - @param withPEM YES if the data should be encoded in PEM format, which converts into short lines
1.57 - of printable ASCII characters, suitable for sending in email. */
1.58 -- (NSData*) exportKeyInFormat: (SecExternalFormat)format withPEM: (BOOL)withPEM;
1.59 +/** The underlying CSSM_CSP_HANDLE structure; used with low-level crypto APIs. */
1.60 +@property (readonly) intptr_t /*CSSM_CSP_HANDLE*/ cssmCSPHandle;
1.61 +
1.62 +/** Gets CSSM authorization credentials for a specified operation, such as
1.63 + CSSM_ACL_AUTHORIZATION_ENCRYPT. This pointer is necessary for creating some CSSM operation
1.64 + contexts.
1.65 + @param operation The type of operation you are going to perform (see the enum values in
1.66 + cssmType.h.)
1.67 + @param type Specifies whether the operation should be allowed to present a UI. You'll usually
1.68 + want to pass kSecCredentialTypeDefault.
1.69 + @param outError Will be set to point to an NSError on failure, or nil on success.
1.70 + Pass nil if you don't care about the specific error.
1.71 + @return The access credentials, or NULL on failure.
1.72 + This pointer is valid for as long as you have a reference
1.73 + to the key object. Do not free or delete it. */
1.74 +- (const CSSM_ACCESS_CREDENTIALS*) cssmCredentialsForOperation: (CSSM_ACL_AUTHORIZATION_TAG)operation
1.75 + type: (SecCredentialType)type
1.76 + error: (NSError**)outError;
1.77 +
1.78 #endif
1.79 +//@}
1.80
1.81 @end