Added a few comments. That is all.
5 // Created by Jens Alfke on 3/31/09.
6 // Copyright 2009 Jens Alfke. All rights reserved.
9 #import "MYCrypto_Private.h"
11 #import "MYIdentity.h"
14 #if MYCRYPTO_USE_IPHONE_API
17 @interface MYKeyEnumerator : NSEnumerator
24 - (id) initWithQuery: (NSMutableDictionary*)query;
25 + (id) firstItemWithQuery: (NSMutableDictionary*)query;
30 @implementation MYKeychain
33 + (MYKeychain*) allKeychains
35 // iPhone only has a single keychain.
36 return [self defaultKeychain];
39 + (MYKeychain*) defaultKeychain
41 static MYKeychain *sDefaultKeychain;
43 if (!sDefaultKeychain) {
44 sDefaultKeychain = [[self alloc] init];
47 return sDefaultKeychain;
51 - (id) copyWithZone: (NSZone*)zone {
52 // It's not necessary to make copies of Keychain objects. This makes it more efficient
53 // to use instances as NSDictionary keys or store them in NSSets.
60 #pragma mark SEARCHING:
63 - (MYPublicKey*) publicKeyWithDigest: (MYSHA1Digest*)pubKeyDigest {
64 return [MYKeyEnumerator firstItemWithQuery:
65 $mdict({(id)kSecClass, (id)kSecClassKey},
66 {(id)kSecAttrPublicKeyHash, pubKeyDigest.asData},
67 {(id)kSecReturnRef, $true})];
70 - (NSEnumerator*) enumeratePublicKeys {
71 NSMutableDictionary *query = $mdict({(id)kSecClass, (id)kSecClassKey},
72 {(id)kSecAttrKeyClass, (id)kSecAttrKeyClassPublic},
73 {(id)kSecMatchLimit, (id)kSecMatchLimitAll},
74 {(id)kSecReturnRef, $true});
75 return [[[MYKeyEnumerator alloc] initWithQuery: query] autorelease];
79 - (MYPrivateKey*) privateKeyWithDigest: (MYSHA1Digest*)pubKeyDigest {
80 return [MYKeyEnumerator firstItemWithQuery:
81 $mdict({(id)kSecClass, (id)kSecClassKey},
82 {(id)kSecAttrKeyClass, (id)kSecAttrKeyClassPrivate},
83 {(id)kSecAttrPublicKeyHash, pubKeyDigest.asData},
84 {(id)kSecReturnRef, $true})];
87 - (NSEnumerator*) enumeratePrivateKeys {
88 NSMutableDictionary *query = $mdict({(id)kSecClass, (id)kSecClassKey},
89 {(id)kSecAttrKeyClass, (id)kSecAttrKeyClassPrivate},
90 {(id)kSecMatchLimit, (id)kSecMatchLimitAll},
91 {(id)kSecReturnRef, $true});
92 return [[[MYKeyEnumerator alloc] initWithQuery: query] autorelease];
95 - (MYCertificate*) certificateWithDigest: (MYSHA1Digest*)pubKeyDigest {
96 return [MYKeyEnumerator firstItemWithQuery:
97 $mdict({(id)kSecClass, (id)kSecClassCertificate},
98 {(id)kSecAttrPublicKeyHash, pubKeyDigest.asData},
99 {(id)kSecReturnRef, $true})];
102 - (NSEnumerator*) enumerateCertificates {
103 NSMutableDictionary *query = $mdict({(id)kSecClass, (id)kSecClassCertificate},
104 {(id)kSecMatchLimit, (id)kSecMatchLimitAll},
105 {(id)kSecReturnRef, $true});
106 return [[[MYKeyEnumerator alloc] initWithQuery: query] autorelease];
109 - (MYIdentity*) identityWithDigest: (MYSHA1Digest*)pubKeyDigest {
110 return [MYKeyEnumerator firstItemWithQuery:
111 $mdict({(id)kSecClass, (id)kSecClassIdentity},
112 {(id)kSecAttrPublicKeyHash, pubKeyDigest.asData},
113 {(id)kSecReturnRef, $true})];
116 - (NSEnumerator*) enumerateIdentities {
117 NSMutableDictionary *query = $mdict({(id)kSecClass, (id)kSecClassIdentity},
118 {(id)kSecMatchLimit, (id)kSecMatchLimitAll},
119 {(id)kSecReturnRef, $true});
120 return [[[MYKeyEnumerator alloc] initWithQuery: query] autorelease];
123 - (NSEnumerator*) enumerateSymmetricKeys {
124 NSMutableDictionary *query = $mdict({(id)kSecClass, (id)kSecClassKey},
125 {(id)kSecAttrKeyClass, (id)kSecAttrKeyClassSymmetric},
126 {(id)kSecMatchLimit, (id)kSecMatchLimitAll},
127 {(id)kSecReturnRef, $true});
128 return [[[MYKeyEnumerator alloc] initWithQuery: query] autorelease];
131 - (NSEnumerator*) symmetricKeysWithAlias: (NSString*)alias {
132 NSMutableDictionary *query = $mdict({(id)kSecClass, (id)kSecClassKey},
133 {(id)kSecAttrKeyClass, (id)kSecAttrKeyClassSymmetric},
134 {(id)kSecAttrApplicationTag, alias},
135 {(id)kSecMatchLimit, (id)kSecMatchLimitAll},
136 {(id)kSecReturnRef, $true});
137 return [[[MYKeyEnumerator alloc] initWithQuery: query] autorelease];
145 - (MYPublicKey*) importPublicKey: (NSData*)keyData {
146 return [[[MYPublicKey alloc] _initWithKeyData: keyData
151 - (MYCertificate*) importCertificate: (NSData*)data
154 NSDictionary *info = $dict( {(id)kSecClass, (id)kSecClassCertificate},
155 {(id)kSecValueData, data},
156 {(id)kSecReturnRef, $true} );
157 SecCertificateRef cert;
158 if (!check(SecItemAdd((CFDictionaryRef)info, (CFTypeRef*)&cert), @"SecItemAdd"))
160 return [[[MYCertificate alloc] initWithCertificateRef: cert] autorelease];
165 #pragma mark GENERATION:
168 - (MYSymmetricKey*) generateSymmetricKeyOfSize: (unsigned)keySizeInBits
169 algorithm: (CCAlgorithm)algorithm
171 return [MYSymmetricKey _generateSymmetricKeyOfSize: keySizeInBits
172 algorithm: algorithm inKeychain: self];
175 - (MYPrivateKey*) generateRSAKeyPairOfSize: (unsigned)keySize {
176 return [MYPrivateKey _generateRSAKeyPairOfSize: keySize inKeychain: self];
185 @implementation MYKeyEnumerator
187 - (id) initWithQuery: (NSMutableDictionary*)query {
190 if (![query objectForKey: (id)kSecMatchLimit])
191 [query setObject: (id)kSecMatchLimitAll forKey: (id)kSecMatchLimit];
192 OSStatus err = SecItemCopyMatching((CFDictionaryRef)query, (CFTypeRef*)&_results);
193 if (err && err != errSecItemNotFound) {
194 check(err,@"SecItemCopyMatching");
198 if (_results) CFRetain(_results);
199 _itemClass = (CFTypeRef)[query objectForKey: (id)kSecClass];
200 if (_itemClass == kSecClassKey)
201 _itemClass = (CFTypeRef)[query objectForKey: (id)kSecAttrKeyClass];
202 if (_itemClass) CFRetain(_itemClass);
207 + (id) firstItemWithQuery: (NSMutableDictionary*)query {
208 MYKeyEnumerator *e = [[self alloc] initWithQuery: query];
209 MYKeychainItem *item = e.nextObject;
216 if (_itemClass) CFRelease(_itemClass);
217 if (_results) CFRelease(_results);
225 MYKeychainItem *next = nil;
226 while (next==nil && _index < CFArrayGetCount(_results)) {
227 CFTypeRef found = CFArrayGetValueAtIndex(_results, _index++);
228 if (_itemClass == kSecAttrKeyClassPrivate) {
229 next = [[MYPrivateKey alloc] initWithKeyRef: (SecKeyRef)found];
230 } else if (_itemClass == kSecAttrKeyClassPublic) {
231 next = [[[MYPublicKey alloc] initWithKeyRef: (SecKeyRef)found] autorelease];
232 } else if (_itemClass == kSecAttrKeyClassSymmetric) {
233 next = [[[MYSymmetricKey alloc] initWithKeyRef: (SecKeyRef)found] autorelease];
234 } else if (_itemClass == kSecClassCertificate) {
235 next = [[[MYCertificate alloc] initWithCertificateRef: (SecCertificateRef)found] autorelease];
236 } else if (_itemClass == kSecClassIdentity) {
237 next = [[[MYIdentity alloc] initWithIdentityRef: (SecIdentityRef)found] autorelease];
247 #endif MYCRYPTO_USE_IPHONE_API
251 Copyright (c) 2009, Jens Alfke <jens@mooseyard.com>. All rights reserved.
253 Redistribution and use in source and binary forms, with or without modification, are permitted
254 provided that the following conditions are met:
256 * Redistributions of source code must retain the above copyright notice, this list of conditions
257 and the following disclaimer.
258 * Redistributions in binary form must reproduce the above copyright notice, this list of conditions
259 and the following disclaimer in the documentation and/or other materials provided with the
262 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR
263 IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
264 FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRI-
265 BUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
266 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
267 PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
268 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
269 THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.