MercurialMYCrypto / diff
summary | shortlog | changelog | graph | tags | branches | files | changeset | file | latest | revisions | annotate | diff | raw
MYParsedCertificate.h
changeset 21 2c300b15b381
parent 20 df9da0f6b358
child 22 058394513f33 
     1.1 --- a/MYParsedCertificate.h	Fri Jun 05 08:57:18 2009 -0700
     1.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.3 @@ -1,110 +0,0 @@
     1.4 -//
     1.5 -//  MYParsedCertificate.h
     1.6 -//  MYCrypto
     1.7 -//
     1.8 -//  Created by Jens Alfke on 6/2/09.
     1.9 -//  Copyright 2009 Jens Alfke. All rights reserved.
    1.10 -//
    1.11 -
    1.12 -#import <Foundation/Foundation.h>
    1.13 -@class MYCertificateName, MYCertificate, MYPublicKey, MYPrivateKey, MYOID;
    1.14 -
    1.15 -/** A parsed X.509 certificate. Can be used to get more info about an existing cert,
    1.16 -    to modify and regenerate a self-signed cert, or to create a new self-signed cert. */
    1.17 -@interface MYParsedCertificate : NSObject 
    1.18 -{
    1.19 -    @private
    1.20 -    NSData *_data;
    1.21 -    NSArray *_root;
    1.22 -    MYCertificate *_issuerCertificate;
    1.23 -}
    1.24 -
    1.25 -/** Initializes an instance by parsing an existing X.509 certificate's data. */
    1.26 -- (id) initWithCertificateData: (NSData*)data error: (NSError**)outError;
    1.27 -
    1.28 -/** The raw data of the certificate. */
    1.29 -@property (readonly) NSData* certificateData;
    1.30 -
    1.31 -/** The date/time at which the certificate first becomes valid. */
    1.32 -@property (retain) NSDate *validFrom;
    1.33 -
    1.34 -/** The date/time at which the certificate expires. */
    1.35 -@property (retain) NSDate *validTo;
    1.36 -
    1.37 -/** Information about the identity of the owner of this certificate. */
    1.38 -@property (readonly) MYCertificateName *subject;
    1.39 -
    1.40 -/** Information about the identity that signed/authorized this certificate. */
    1.41 -@property (readonly) MYCertificateName *issuer;
    1.42 -
    1.43 -/** Returns YES if the issuer is the same as the subject. (Aka a "self-signed" certificate.) */
    1.44 -@property (readonly) BOOL isRoot;
    1.45 -
    1.46 -/** The public key of the subject of the certificate. */
    1.47 -@property (readonly) MYPublicKey *subjectPublicKey;
    1.48 -
    1.49 -/** Associates the certificate to its issuer.
    1.50 -    If the cert is not self-signed, you must manually set this property before validating. */
    1.51 -@property (retain) MYCertificate* issuerCertificate;
    1.52 -
    1.53 -/** Checks that the issuer's signature is valid and hasn't been tampered with.
    1.54 -    If the certificate is root/self-signed, the subjectPublicKey is used to check the signature;
    1.55 -    otherwise, the issuer property needs to have been set and its publicKey will be used. */
    1.56 -- (BOOL) validateSignature;
    1.57 -
    1.58 -
    1.59 -// Generating certificates:
    1.60 -
    1.61 -/** Initializes a blank instance which can be used to create a new certificate.
    1.62 -    The certificate will not contain anything yet other than the public key.
    1.63 -    The desired attributes should be set, and then the -selfSignWithPrivateKey:error method called. */
    1.64 -- (id) initWithPublicKey: (MYPublicKey*)pubKey;
    1.65 -
    1.66 -/** Has the certificate been signed yet? */
    1.67 -@property (readonly) BOOL isSigned;
    1.68 -
    1.69 -/** Signs the certificate using the given private key, which must be the counterpart of the
    1.70 -    public key stored in the certificate.
    1.71 -    The subject attributes will be copied to the issuer attributes.
    1.72 -    If no valid date range has been set yet, it will be set to a range of one year starting from
    1.73 -    the current time.
    1.74 -    A unique serial number based on the current time will be set.
    1.75 -    After this method returns successfully, access the certificateData property to get the
    1.76 -    encoded certificate. */
    1.77 -- (BOOL) selfSignWithPrivateKey: (MYPrivateKey*)privateKey error: (NSError**)outError;
    1.78 -
    1.79 -@end
    1.80 -
    1.81 -
    1.82 -
    1.83 -/** An X.509 Name structure, describing the subject or issuer of a certificate.
    1.84 -    Changing a property value of an instance associated with an already-signed certificate will
    1.85 -    raise an exception. */
    1.86 -@interface MYCertificateName : NSObject
    1.87 -{
    1.88 -    @private
    1.89 -    NSArray *_components;
    1.90 -}
    1.91 -
    1.92 -/** The "common name" (nickname, whatever). */
    1.93 -@property (copy) NSString *commonName;
    1.94 -
    1.95 -/** The given/first name. */
    1.96 -@property (copy) NSString *givenName;
    1.97 -
    1.98 -/** The surname / last name / family name. */
    1.99 -@property (copy) NSString *surname;
   1.100 -
   1.101 -/** A description. */
   1.102 -@property (copy) NSString *nameDescription;
   1.103 -
   1.104 -/** The raw email address. */
   1.105 -@property (copy) NSString *emailAddress;
   1.106 -
   1.107 -/** Lower-level accessor that returns the value associated with the given OID. */
   1.108 -- (NSString*) stringForOID: (MYOID*)oid;
   1.109 -
   1.110 -/** Lower-level accessor that sets the value associated with the given OID. */
   1.111 -- (void) setString: (NSString*)value forOID: (MYOID*)oid;
   1.112 -
   1.113 -@end
MYCrypto