snej@0: // snej@0: // KeyPair.h snej@0: // MYCrypto snej@0: // snej@0: // Created by Jens Alfke on 3/21/09. snej@0: // Copyright 2009 Jens Alfke. All rights reserved. snej@0: // snej@0: snej@0: #import "MYPublicKey.h" snej@0: snej@0: snej@0: /** A key-pair consisting of a public and a private key. snej@0: Can be used for signing and decrypting, as well as the inherited encrypting/verifying. */ snej@0: @interface MYKeyPair : MYPublicKey snej@0: { snej@0: SecKeyRef _privateKey; snej@0: } snej@0: snej@0: /** Creates a MYKeyPair object from existing Keychain key references. */ snej@0: - (id) initWithPublicKeyRef: (SecKeyRef)publicKey privateKeyRef: (SecKeyRef)privateKey; snej@0: snej@0: #if !TARGET_OS_IPHONE snej@0: /** Exports the private key as a data blob, so that it can be stored as a backup, or transferred snej@0: to another computer. Since the key is sensitive, it must be exported in encrypted form snej@0: using a user-chosen passphrase. This method will display a standard alert panel, run by snej@0: the Security agent, that prompts the user to enter a new passphrase for encrypting the key. snej@0: The same passphrase must be re-entered when importing the key from the data blob. snej@0: @param format The data format: kSecFormatOpenSSL, kSecFormatSSH, kSecFormatBSAFE or kSecFormatSSHv2. snej@0: @param withPEM YES if the data should be encoded in PEM format, which converts into short lines snej@0: of printable ASCII characters, suitable for sending in email. snej@0: @param alertTitle An optional title for the alert panel. (Currently ignored by the OS?) snej@0: @param prompt An optional prompt message to display in the alert panel. */ snej@0: - (NSData*) exportPrivateKeyInFormat: (SecExternalFormat)format snej@0: withPEM: (BOOL)withPEM snej@0: alertTitle: (NSString*)title snej@0: alertPrompt: (NSString*)prompt; snej@0: snej@0: /** A convenient shorthand for the full exportPrivateKeyInFormat... method. snej@0: Uses OpenSSL format, wrapped with PEM, and default title and prompt for the alert. */ snej@0: - (NSData*) exportPrivateKey; snej@0: #endif snej@0: snej@0: /** The underlying Keychain key reference for the private key. */ snej@0: @property (readonly) SecKeyRef privateKeyRef; snej@0: snej@0: /** Decrypts data that was encrypted using the public key. */ snej@0: - (NSData*) decryptData: (NSData*)data; snej@0: snej@0: /** Generates a signature of data, using the private key. snej@0: The resulting signature can be verified using the matching MYPublicKey's snej@0: verifySignature:ofData: method. */ snej@0: - (NSData*) signData: (NSData*)data; snej@0: snej@0: @end