MercurialMYCrypto / file revision
summary | shortlog | changelog | graph | tags | branches | files | changeset | file | latest | revisions | annotate | diff | raw
MYKeyPair-iPhone.m
author Jens Alfke <jens@mooseyard.com>
Tue Jun 09 23:58:03 2009 -0700 (2009-06-09)
changeset 24 6856e071d25a
parent 1 60e4cbbb5128
permissions -rw-r--r--
* More work on iPhone compatibility.
* Restored the signature-verification code to MYCertInfo, which I'd removed earlier. I now need it to verify self-signed certs, since the Security framework won't do it for me.
* Merged MYCertificate-iPhone.m into MYCertificate.m since there's more shared code now. 
     1 //

     2 //  MYKeyPair-iPhone.m

     3 //  MYNetwork-iPhone

     4 //

     5 //  Created by Jens Alfke on 3/22/09.

     6 //  Copyright 2009 Jens Alfke. All rights reserved.

     7 //

     8 

     9 

    10 #import "MYKeyPair.h"

    11 #import "MYCrypto_Private.h"

    12 #import <CommonCrypto/CommonDigest.h>

    13 

    14 

    15 #if MYCRYPTO_USE_IPHONE_API

    16 

    17 

    18 @implementation MYKeyPair

    19 

    20 

    21 + (MYKeyPair*) _generateRSAKeyPairOfSize: (unsigned)keySize inKeychain: (MYKeychain*)keychain {

    22     Assert( keySize == 512 || keySize == 1024 || keySize == 2048, @"Unsupported key size %u", keySize );

    23     SecKeyRef pubKey=NULL, privKey=NULL;

    24     OSStatus err;

    25     NSDictionary *pubKeyAttrs = $dict({(id)kSecAttrIsPermanent, $true});

    26     NSDictionary *privKeyAttrs = $dict({(id)kSecAttrIsPermanent, $true});

    27     NSDictionary *keyAttrs = $dict( {(id)kSecAttrKeyType, (id)kSecAttrKeyTypeRSA},

    28                                     {(id)kSecAttrKeySizeInBits, $object(keySize)},

    29                                     {(id)kSecPublicKeyAttrs, pubKeyAttrs},

    30                                     {(id)kSecPrivateKeyAttrs, privKeyAttrs} );

    31     err = SecKeyGeneratePair((CFDictionaryRef)keyAttrs,&pubKey,&privKey);

    32     if (err) {

    33         Warn(@"Failed to create key-pair: %i", err);

    34         return nil;

    35     } else

    36         return [[[self alloc] initWithPublicKeyRef: pubKey privateKeyRef: privKey] autorelease];

    37 }

    38 

    39 - (id) initWithPublicKeyRef: (SecKeyRef)publicKey privateKeyRef: (SecKeyRef)privateKey {

    40     self = [super initWithKeyRef: publicKey];

    41     if (self) {

    42         NSParameterAssert(privateKey);

    43         _privateKey = (SecKeyRef) CFRetain(privateKey);

    44     }

    45     return self;

    46 }

    47 

    48 

    49 - (NSArray*) _itemList {

    50     return $array((id)_privateKey,(id)self.keyRef);

    51 }

    52 

    53 

    54 - (SecKeyRef) privateKeyRef {

    55     return _privateKey;

    56 }

    57 

    58 

    59 - (NSData*) decryptData: (NSData*)data {

    60     return _crypt(_privateKey,data,kCCDecrypt);

    61 }

    62     

    63 

    64 - (NSData*) signData: (NSData*)data {

    65     Assert(data);

    66     uint8_t digest[CC_SHA1_DIGEST_LENGTH];

    67     CC_SHA1(data.bytes,data.length, digest);

    68 

    69     size_t sigLen = 1024;

    70     uint8_t sigBuf[sigLen];

    71     OSStatus err = SecKeyRawSign(_privateKey, kSecPaddingPKCS1SHA1,

    72                                    digest,sizeof(digest), //data.bytes, data.length,

    73                                    sigBuf, &sigLen);

    74     if(err) {

    75         Warn(@"SecKeyRawSign failed: %i",err);

    76         return nil;

    77     } else

    78         return [NSData dataWithBytes: sigBuf length: sigLen];

    79 }

    80 

    81 

    82 @end

    83 

    84 

    85 #endif MYCRYPTO_USE_IPHONE_API
MYCrypto