5 // Created by Jens Alfke on 3/31/09.
6 // Copyright 2009 Jens Alfke. All rights reserved.
9 #import "MYCrypto_Private.h"
12 #if MYCRYPTO_USE_IPHONE_API
15 @interface MYKeyEnumerator : NSEnumerator
22 - (id) initWithQuery: (NSMutableDictionary*)query;
23 + (id) firstItemWithQuery: (NSMutableDictionary*)query;
28 @implementation MYKeychain
31 + (MYKeychain*) allKeychains
33 // iPhone only has a single keychain.
34 return [self defaultKeychain];
37 + (MYKeychain*) defaultKeychain
39 static MYKeychain *sDefaultKeychain;
41 if (!sDefaultKeychain) {
42 sDefaultKeychain = [[self alloc] init];
45 return sDefaultKeychain;
49 - (id) copyWithZone: (NSZone*)zone {
50 // It's not necessary to make copies of Keychain objects. This makes it more efficient
51 // to use instances as NSDictionary keys or store them in NSSets.
58 #pragma mark SEARCHING:
61 - (MYPublicKey*) publicKeyWithDigest: (MYSHA1Digest*)pubKeyDigest {
62 return [MYKeyEnumerator firstItemWithQuery:
63 $mdict({(id)kSecClass, (id)kSecClassKey},
64 {(id)kSecAttrPublicKeyHash, pubKeyDigest.asData},
65 {(id)kSecReturnRef, $true})];
68 - (NSEnumerator*) enumeratePublicKeys {
69 NSMutableDictionary *query = $mdict({(id)kSecClass, (id)kSecClassKey},
70 {(id)kSecAttrKeyClass, (id)kSecAttrKeyClassPublic},
71 {(id)kSecMatchLimit, (id)kSecMatchLimitAll},
72 {(id)kSecReturnRef, $true});
73 return [[[MYKeyEnumerator alloc] initWithQuery: query] autorelease];
77 - (MYPrivateKey*) privateKeyWithDigest: (MYSHA1Digest*)pubKeyDigest {
78 return [MYKeyEnumerator firstItemWithQuery:
79 $mdict({(id)kSecClass, (id)kSecClassKey},
80 {(id)kSecAttrKeyClass, (id)kSecAttrKeyClassPrivate},
81 {(id)kSecAttrPublicKeyHash, pubKeyDigest.asData},
82 {(id)kSecReturnRef, $true})];
85 - (NSEnumerator*) enumeratePrivateKeys {
86 NSMutableDictionary *query = $mdict({(id)kSecClass, (id)kSecClassKey},
87 {(id)kSecAttrKeyClass, (id)kSecAttrKeyClassPrivate},
88 {(id)kSecMatchLimit, (id)kSecMatchLimitAll},
89 {(id)kSecReturnRef, $true});
90 return [[[MYKeyEnumerator alloc] initWithQuery: query] autorelease];
93 - (MYCertificate*) certificateWithDigest: (MYSHA1Digest*)pubKeyDigest {
94 return [MYKeyEnumerator firstItemWithQuery:
95 $mdict({(id)kSecClass, (id)kSecClassCertificate},
96 {(id)kSecAttrPublicKeyHash, pubKeyDigest.asData},
97 {(id)kSecReturnRef, $true})];
100 - (NSEnumerator*) enumerateCertificates {
101 NSMutableDictionary *query = $mdict({(id)kSecClass, (id)kSecClassCertificate},
102 {(id)kSecMatchLimit, (id)kSecMatchLimitAll},
103 {(id)kSecReturnRef, $true});
104 return [[[MYKeyEnumerator alloc] initWithQuery: query] autorelease];
107 - (NSEnumerator*) enumerateSymmetricKeys {
108 NSMutableDictionary *query = $mdict({(id)kSecClass, (id)kSecClassKey},
109 {(id)kSecAttrKeyClass, (id)kSecAttrKeyClassSymmetric},
110 {(id)kSecMatchLimit, (id)kSecMatchLimitAll},
111 {(id)kSecReturnRef, $true});
112 return [[[MYKeyEnumerator alloc] initWithQuery: query] autorelease];
115 - (NSEnumerator*) symmetricKeysWithAlias: (NSString*)alias {
116 NSMutableDictionary *query = $mdict({(id)kSecClass, (id)kSecClassKey},
117 {(id)kSecAttrKeyClass, (id)kSecAttrKeyClassSymmetric},
118 {(id)kSecAttrApplicationTag, alias},
119 {(id)kSecMatchLimit, (id)kSecMatchLimitAll},
120 {(id)kSecReturnRef, $true});
121 return [[[MYKeyEnumerator alloc] initWithQuery: query] autorelease];
129 - (MYPublicKey*) importPublicKey: (NSData*)keyData {
130 return [[[MYPublicKey alloc] _initWithKeyData: keyData
135 - (MYCertificate*) importCertificate: (NSData*)data
138 NSDictionary *info = $dict( {(id)kSecClass, (id)kSecClassCertificate},
139 {(id)kSecValueData, data},
140 {(id)kSecReturnRef, $true} );
141 SecCertificateRef cert;
142 if (!check(SecItemAdd((CFDictionaryRef)info, (CFTypeRef*)&cert), @"SecItemAdd"))
144 return [[[MYCertificate alloc] initWithCertificateRef: cert] autorelease];
149 #pragma mark GENERATION:
152 - (MYSymmetricKey*) generateSymmetricKeyOfSize: (unsigned)keySizeInBits
153 algorithm: (CCAlgorithm)algorithm
155 return [MYSymmetricKey _generateSymmetricKeyOfSize: keySizeInBits
156 algorithm: algorithm inKeychain: self];
159 - (MYPrivateKey*) generateRSAKeyPairOfSize: (unsigned)keySize {
160 return [MYPrivateKey _generateRSAKeyPairOfSize: keySize inKeychain: self];
170 @implementation MYKeyEnumerator
172 - (id) initWithQuery: (NSMutableDictionary*)query {
175 if (![query objectForKey: (id)kSecMatchLimit])
176 [query setObject: (id)kSecMatchLimitAll forKey: (id)kSecMatchLimit];
177 OSStatus err = SecItemCopyMatching((CFDictionaryRef)query, (CFTypeRef*)&_results);
178 if (err && err != errSecItemNotFound) {
179 check(err,@"SecItemCopyMatching");
183 if (_results) CFRetain(_results);
184 _itemClass = (CFTypeRef)[query objectForKey: (id)kSecClass];
185 if (_itemClass == kSecClassKey)
186 _itemClass = (CFTypeRef)[query objectForKey: (id)kSecAttrKeyClass];
187 if (_itemClass) CFRetain(_itemClass);
192 + (id) firstItemWithQuery: (NSMutableDictionary*)query {
193 MYKeyEnumerator *e = [[self alloc] initWithQuery: query];
194 MYKeychainItem *item = e.nextObject;
201 if (_itemClass) CFRelease(_itemClass);
202 if (_results) CFRelease(_results);
210 MYKeychainItem *next = nil;
211 while (next==nil && _index < CFArrayGetCount(_results)) {
212 CFTypeRef found = CFArrayGetValueAtIndex(_results, _index++);
213 if (_itemClass == kSecAttrKeyClassPrivate) {
214 next = [[MYPrivateKey alloc] initWithKeyRef: (SecKeyRef)found];
215 } else if (_itemClass == kSecAttrKeyClassPublic) {
216 next = [[[MYPublicKey alloc] initWithKeyRef: (SecKeyRef)found] autorelease];
217 } else if (_itemClass == kSecAttrKeyClassSymmetric) {
218 next = [[[MYSymmetricKey alloc] initWithKeyRef: (SecKeyRef)found] autorelease];
219 } else if (_itemClass == kSecClassCertificate) {
220 next = [[[MYCertificate alloc] initWithCertificateRef: (SecCertificateRef)found] autorelease];
230 #endif MYCRYPTO_USE_IPHONE_API
234 Copyright (c) 2009, Jens Alfke <jens@mooseyard.com>. All rights reserved.
236 Redistribution and use in source and binary forms, with or without modification, are permitted
237 provided that the following conditions are met:
239 * Redistributions of source code must retain the above copyright notice, this list of conditions
240 and the following disclaimer.
241 * Redistributions in binary form must reproduce the above copyright notice, this list of conditions
242 and the following disclaimer in the documentation and/or other materials provided with the
245 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR
246 IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
247 FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRI-
248 BUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
249 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
250 PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
251 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
252 THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.