snej@0: // snej@0: // MYPublicKey.h snej@0: // MYCrypto snej@0: // snej@0: // Created by Jens Alfke on 3/25/09. snej@0: // Copyright 2009 Jens Alfke. All rights reserved. snej@0: // snej@0: snej@0: #import "MYKey.h" snej@0: @class MYSHA1Digest; snej@0: snej@0: #if !TARGET_OS_IPHONE snej@0: #import snej@0: #endif snej@0: snej@0: snej@1: /** A public key, which can be used for encrypting data and verifying signatures. snej@3: MYPublicKeys are created as part of generating a key-pair, snej@3: or by being imported from data into a MYKeychain. */ snej@0: @interface MYPublicKey : MYKey snej@0: { snej@1: @private snej@0: MYSHA1Digest *_digest; snej@0: } snej@0: snej@0: /** The public key's SHA-1 digest. This is a convenient short (20-byte) identifier for the key. */ snej@0: @property (readonly) MYSHA1Digest *publicKeyDigest; snej@0: snej@0: /** Encrypts a short piece of data using this key, returning the raw encrypted result. snej@1: An RSA key can encrypt only blocks smaller than its own key size; this snej@0: method will fail and return nil if the data is too long. snej@0: RSA encryption is also much slower than regular symmetric-key encryption, so the correct snej@0: way to encrypt a large block of data using a public key is to first generate a random snej@0: symmetric key, called the "session key" (using a Cryptor), encrypt that session key with the snej@0: public key, and then encrypt your data with the session key. Send the encrypted session key snej@0: and the encrypted data. */ snej@0: - (NSData*) encryptData: (NSData*)data; snej@0: snej@0: /** Verifies the signature of a block of data. If the result is YES, you can be assured that snej@1: the signature was generated from the data by using this key's matching private key. snej@0: If the result is NO, something is wrong: either the data or the signature was modified, snej@1: or the signature was generated by a different private key. snej@1: (What's actually verified using RSA is the SHA-256 digest of the data.) */ snej@0: - (BOOL) verifySignature: (NSData*)signature ofData: (NSData*)data; snej@0: snej@0: @end