1.1 --- a/MYKey.m Tue Apr 07 10:56:58 2009 -0700
1.2 +++ b/MYKey.m Thu Apr 09 22:47:11 2009 -0700
1.3 @@ -115,11 +115,6 @@
1.4 }
1.5
1.6
1.7 -@end
1.8 -
1.9 -
1.10 -
1.11 -
1.12 #pragma mark -
1.13 #pragma mark UTILITY FUNCTIONS:
1.14
1.15 @@ -152,9 +147,109 @@
1.16 SecKeyRef key = (SecKeyRef)CFRetain(CFArrayGetValueAtIndex(items,0));
1.17 CFRelease(items);
1.18 return key; // caller must CFRelease
1.19 -}
1.20 +}
1.21
1.22
1.23 +- (MYSHA1Digest*) _keyDigest {
1.24 + MYSHA1Digest *digest = nil;
1.25 + CSSM_DATA *keyDigest = NULL;
1.26 + CSSM_CC_HANDLE context = [self _createPassThroughContext];
1.27 + if (context) {
1.28 + if (checkcssm(CSSM_CSP_PassThrough(context, CSSM_APPLECSP_KEYDIGEST, NULL, (void**)&keyDigest),
1.29 + @"CSSM_CSP_PassThrough")) {
1.30 + if (keyDigest && keyDigest->Data) {
1.31 + digest = [[[MYSHA1Digest alloc] initWithRawDigest: keyDigest->Data
1.32 + length: keyDigest->Length] autorelease];
1.33 + }
1.34 + } else {
1.35 + SecKeyRef keyRef = self.keyRef;
1.36 + // Note - CSSM_CSP_PassThrough fails on a couple of private keys I've seen; it seems to
1.37 + // be ones that are either expired or don't have a matching public key at all (?)
1.38 + Warn(@"Failed to get digest of SecKeyRef %p (name='%@' appTag='%@')",
1.39 + keyRef,
1.40 + self.name,
1.41 + self.comment);
1.42 + NSData *digestData = [[self class] _getAttribute: kSecKeyLabel
1.43 + ofItem: (SecKeychainItemRef)keyRef];
1.44 + if (digestData) {
1.45 + digest = (MYSHA1Digest*) [MYSHA1Digest digestFromDigestData: digestData];
1.46 + if (!digest)
1.47 + Warn(@"Digest property of key %p was invalid SHA-1: %@", keyRef,digestData);
1.48 + }
1.49 + }
1.50 + CSSM_DeleteContext(context);
1.51 + }
1.52 + return digest;
1.53 +}
1.54 +
1.55 +
1.56 +/** Asymmetric encryption/decryption; used by MYPublicKey and MYPrivateKey. */
1.57 +- (NSData*) _crypt: (NSData*)data operation: (BOOL)operation {
1.58 + CAssert(data);
1.59 + const CSSM_ACCESS_CREDENTIALS *credentials;
1.60 + credentials = [self cssmCredentialsForOperation: (operation ?CSSM_ACL_AUTHORIZATION_ENCRYPT
1.61 + :CSSM_ACL_AUTHORIZATION_DECRYPT)
1.62 + type: kSecCredentialTypeDefault
1.63 + error: nil];
1.64 + if (!credentials)
1.65 + return nil;
1.66 +
1.67 + CSSM_CC_HANDLE ccHandle;
1.68 + if (!checkcssm(CSSM_CSP_CreateAsymmetricContext(self.cssmCSPHandle,
1.69 + CSSM_ALGID_RSA,
1.70 + credentials,
1.71 + self.cssmKey,
1.72 + CSSM_PADDING_PKCS1,
1.73 + &ccHandle),
1.74 + @"CSSM_CSP_CreateAsymmetricContext"))
1.75 + return nil;
1.76 +
1.77 + CSSM_DATA original = {data.length, (void*)data.bytes};
1.78 + CSSM_DATA result = {};
1.79 + size_t outputLength;
1.80 + BOOL ok;
1.81 + if (operation)
1.82 + ok = checkcssm(CSSM_EncryptData(ccHandle, &original, 1, &result, 1, &outputLength, &result),
1.83 + @"CSSM_EncryptData");
1.84 + else
1.85 + ok = checkcssm(CSSM_DecryptData(ccHandle, &original, 1, &result, 1, &outputLength, &result),
1.86 + @"CSSM_DecryptData");
1.87 + CSSM_DeleteContext(ccHandle);
1.88 + return ok ?[NSData dataWithBytesNoCopy: result.Data length: outputLength freeWhenDone: YES] :nil;
1.89 +}
1.90 +
1.91 +
1.92 +- (CSSM_CC_HANDLE) _createSignatureContext: (CSSM_ALGORITHMS)algorithm {
1.93 + const CSSM_ACCESS_CREDENTIALS *credentials;
1.94 + credentials = [self cssmCredentialsForOperation: CSSM_ACL_AUTHORIZATION_SIGN
1.95 + type: kSecCredentialTypeDefault
1.96 + error: nil];
1.97 + if (credentials) {
1.98 + CSSM_CC_HANDLE ccHandle = 0;
1.99 + if (checkcssm(CSSM_CSP_CreateSignatureContext(self.cssmCSPHandle,
1.100 + algorithm,
1.101 + credentials,
1.102 + self.cssmKey,
1.103 + &ccHandle),
1.104 + @"CSSM_CSP_CreateSignatureContext") )
1.105 + return ccHandle;
1.106 + }
1.107 + return 0;
1.108 +}
1.109 +
1.110 +- (CSSM_CC_HANDLE) _createPassThroughContext
1.111 +{
1.112 + CSSM_CC_HANDLE ccHandle = 0;
1.113 + if (checkcssm(CSSM_CSP_CreatePassThroughContext(self.cssmCSPHandle, self.cssmKey, &ccHandle),
1.114 + @"CSSM_CSP_CreatePassThroughContext") )
1.115 + return ccHandle;
1.116 + else
1.117 + return 0;
1.118 +}
1.119 +
1.120 +
1.121 +@end
1.122 +
1.123 #endif MYCRYPTO_USE_IPHONE_API
1.124
1.125