1.1 --- a/MYParsedCertificate.h Thu Jun 04 18:36:30 2009 -0700
1.2 +++ b/MYParsedCertificate.h Fri Jun 05 08:57:18 2009 -0700
1.3 @@ -7,16 +7,16 @@
1.4 //
1.5
1.6 #import <Foundation/Foundation.h>
1.7 -@class MYCertificate, MYPublicKey, MYPrivateKey, MYOID;
1.8 +@class MYCertificateName, MYCertificate, MYPublicKey, MYPrivateKey, MYOID;
1.9
1.10 /** A parsed X.509 certificate. Can be used to get more info about an existing cert,
1.11 - or to modify a self-signed cert and regenerate it. */
1.12 + to modify and regenerate a self-signed cert, or to create a new self-signed cert. */
1.13 @interface MYParsedCertificate : NSObject
1.14 {
1.15 @private
1.16 NSData *_data;
1.17 NSArray *_root;
1.18 - MYCertificate *_issuer;
1.19 + MYCertificate *_issuerCertificate;
1.20 }
1.21
1.22 /** Initializes an instance by parsing an existing X.509 certificate's data. */
1.23 @@ -31,30 +31,21 @@
1.24 /** The date/time at which the certificate expires. */
1.25 @property (retain) NSDate *validTo;
1.26
1.27 -/** The "common name" (nickname, whatever) of the subject/owner of the certificate. */
1.28 -@property (copy) NSString *commonName;
1.29 +/** Information about the identity of the owner of this certificate. */
1.30 +@property (readonly) MYCertificateName *subject;
1.31
1.32 -/** The given/first name of the subject/owner of the certificate. */
1.33 -@property (copy) NSString *givenName;
1.34 +/** Information about the identity that signed/authorized this certificate. */
1.35 +@property (readonly) MYCertificateName *issuer;
1.36
1.37 -/** The surname / last name / family name of the subject/owner of the certificate. */
1.38 -@property (copy) NSString *surname;
1.39 -
1.40 -/** A description of the subject/owner of the certificate. */
1.41 -@property (copy) NSString *description;
1.42 -
1.43 -/** The raw email address of the subject of the certificate. */
1.44 -@property (copy) NSString *emailAddress;
1.45 +/** Returns YES if the issuer is the same as the subject. (Aka a "self-signed" certificate.) */
1.46 +@property (readonly) BOOL isRoot;
1.47
1.48 /** The public key of the subject of the certificate. */
1.49 @property (readonly) MYPublicKey *subjectPublicKey;
1.50
1.51 -/** Returns YES if the issuer is the same as the subject. (Aka a "self-signed" certificate.) */
1.52 -@property (readonly) BOOL isRoot;
1.53 -
1.54 /** Associates the certificate to its issuer.
1.55 If the cert is not self-signed, you must manually set this property before validating. */
1.56 -@property (retain) MYCertificate* issuer;
1.57 +@property (retain) MYCertificate* issuerCertificate;
1.58
1.59 /** Checks that the issuer's signature is valid and hasn't been tampered with.
1.60 If the certificate is root/self-signed, the subjectPublicKey is used to check the signature;
1.61 @@ -83,3 +74,37 @@
1.62 - (BOOL) selfSignWithPrivateKey: (MYPrivateKey*)privateKey error: (NSError**)outError;
1.63
1.64 @end
1.65 +
1.66 +
1.67 +
1.68 +/** An X.509 Name structure, describing the subject or issuer of a certificate.
1.69 + Changing a property value of an instance associated with an already-signed certificate will
1.70 + raise an exception. */
1.71 +@interface MYCertificateName : NSObject
1.72 +{
1.73 + @private
1.74 + NSArray *_components;
1.75 +}
1.76 +
1.77 +/** The "common name" (nickname, whatever). */
1.78 +@property (copy) NSString *commonName;
1.79 +
1.80 +/** The given/first name. */
1.81 +@property (copy) NSString *givenName;
1.82 +
1.83 +/** The surname / last name / family name. */
1.84 +@property (copy) NSString *surname;
1.85 +
1.86 +/** A description. */
1.87 +@property (copy) NSString *nameDescription;
1.88 +
1.89 +/** The raw email address. */
1.90 +@property (copy) NSString *emailAddress;
1.91 +
1.92 +/** Lower-level accessor that returns the value associated with the given OID. */
1.93 +- (NSString*) stringForOID: (MYOID*)oid;
1.94 +
1.95 +/** Lower-level accessor that sets the value associated with the given OID. */
1.96 +- (void) setString: (NSString*)value forOID: (MYOID*)oid;
1.97 +
1.98 +@end