snej@12: // snej@12: // MYSymmetricKey-iPhone.m snej@12: // MYCrypto snej@12: // snej@12: // Created by Jens Alfke on 4/17/09. snej@12: // Copyright 2009 Jens Alfke. All rights reserved. snej@12: // snej@12: snej@12: #import "MYSymmetricKey.h" snej@12: #import "MYCryptor.h" snej@12: #import "MYCrypto_Private.h" snej@12: snej@12: #if MYCRYPTO_USE_IPHONE_API snej@12: snej@12: snej@12: typedef uint32_t CSSM_ALGORITHMS; snej@12: enum { snej@12: // Taken from cssmtype.h in OS X 10.5 SDK: snej@12: CSSM_ALGID_NONE = 0x00000000L, snej@12: CSSM_ALGID_DES = CSSM_ALGID_NONE + 14, snej@12: CSSM_ALGID_3DES_3KEY_EDE = CSSM_ALGID_NONE + 17, snej@12: CSSM_ALGID_3DES_3KEY = CSSM_ALGID_3DES_3KEY_EDE, snej@12: CSSM_ALGID_RC4 = CSSM_ALGID_NONE + 25, snej@12: CSSM_ALGID_CAST = CSSM_ALGID_NONE + 27, snej@12: CSSM_ALGID_VENDOR_DEFINED = CSSM_ALGID_NONE + 0x80000000L, snej@12: CSSM_ALGID_AES snej@12: }; snej@12: snej@12: static const CSSM_ALGORITHMS kCSSMAlgorithms[] = { snej@12: CSSM_ALGID_AES, CSSM_ALGID_DES, CSSM_ALGID_3DES_3KEY, CSSM_ALGID_CAST, CSSM_ALGID_RC4 snej@12: }; snej@12: snej@12: static const char *kCCAlgorithmNames[] = {"AES", "DES", "DES^3", "CAST", "RC4"}; snej@12: snej@12: snej@12: @implementation MYSymmetricKey snej@12: snej@12: snej@12: - (id) _initWithKeyData: (NSData*)keyData snej@12: algorithm: (CCAlgorithm)algorithm snej@12: inKeychain: (MYKeychain*)keychain snej@12: { snej@12: Assert(algorithm <= kCCAlgorithmRC4); snej@12: Assert(keyData); snej@12: NSNumber *keySizeInBits = [NSNumber numberWithUnsignedInt: keyData.length * 8]; snej@12: NSDictionary *keyAttrs = $dict( {(id)kSecClass, (id)kSecClassKey}, snej@12: //{(id)kSecAttrKeyClass, (id)kSecAttrKeyClassSymmetric}, snej@12: {(id)kSecAttrKeyType, [NSNumber numberWithUnsignedInt: kCSSMAlgorithms[algorithm]]}, snej@12: {(id)kSecAttrKeySizeInBits, keySizeInBits}, snej@12: {(id)kSecAttrEffectiveKeySize, keySizeInBits}, snej@12: {(id)kSecAttrIsPermanent, keychain ?$true :$false}, snej@12: {(id)kSecAttrCanEncrypt, $true}, snej@12: {(id)kSecAttrCanDecrypt, $true}, snej@12: {(id)kSecAttrCanWrap, $false}, snej@12: {(id)kSecAttrCanUnwrap, $false}, snej@12: {(id)kSecAttrCanDerive, $false}, snej@12: {(id)kSecAttrCanSign, $false}, snej@12: {(id)kSecAttrCanVerify, $false}, snej@12: {(id)kSecValueData, keyData}, snej@12: {(id)kSecReturnPersistentRef, $true}); snej@12: SecKeyRef keyRef = NULL; snej@12: if (!check(SecItemAdd((CFDictionaryRef)keyAttrs, (CFTypeRef*)&keyRef), @"SecItemAdd")) { snej@12: [self release]; snej@12: return nil; snej@12: } snej@12: Assert(keyRef, @"SecItemAdd didn't return anything"); snej@12: self = [self initWithKeyRef: keyRef]; snej@12: CFRelease(keyRef); snej@12: return self; snej@12: } snej@12: snej@12: - (id) initWithKeyData: (NSData*)keyData snej@12: algorithm: (CCAlgorithm)algorithm snej@12: { snej@12: return [self _initWithKeyData: keyData algorithm: algorithm inKeychain: nil]; snej@12: } snej@12: snej@12: + (MYSymmetricKey*) _generateSymmetricKeyOfSize: (unsigned)keySizeInBits snej@12: algorithm: (CCAlgorithm)algorithm snej@12: inKeychain: (MYKeychain*)keychain snej@12: { snej@12: return [[[self alloc] _initWithKeyData: [MYCryptor randomKeyOfLength: keySizeInBits] snej@12: algorithm: algorithm snej@12: inKeychain: keychain] snej@12: autorelease]; snej@12: } snej@12: snej@12: + (MYSymmetricKey*) generateSymmetricKeyOfSize: (unsigned)keySizeInBits snej@12: algorithm: (CCAlgorithm)algorithm { snej@12: return [self _generateSymmetricKeyOfSize: keySizeInBits snej@12: algorithm: algorithm snej@12: inKeychain: nil]; snej@12: } snej@12: snej@12: snej@12: - (SecExternalItemType) keyType { snej@12: return kSecAttrKeyClassSymmetric; snej@12: } snej@12: snej@12: - (CCAlgorithm) algorithm { snej@12: CSSM_ALGORITHMS cssmAlg; snej@12: id keyType = [self _attribute: kSecAttrKeyType]; snej@12: Assert(keyType!=nil, @"Key has no kSecAttrKeyType"); snej@12: cssmAlg = [keyType unsignedIntValue]; snej@12: switch(cssmAlg) { snej@12: case CSSM_ALGID_AES: snej@12: return kCCAlgorithmAES128; snej@12: case CSSM_ALGID_DES: snej@12: return kCCAlgorithmDES; snej@12: case CSSM_ALGID_3DES_3KEY: snej@12: return kCCAlgorithm3DES; snej@12: case CSSM_ALGID_CAST: snej@12: return kCCAlgorithmCAST; snej@12: case CSSM_ALGID_RC4: snej@12: return kCCAlgorithmRC4; snej@12: default: snej@12: Warn(@"CSSM_ALGORITHMS #%u doesn't map to any CCAlgorithm", cssmAlg); snej@12: return (CCAlgorithm)-1; snej@12: } snej@12: } snej@12: snej@12: - (const char*) algorithmName { snej@12: CCAlgorithm a = self.algorithm; snej@12: if (a >= 0 && a <= kCCAlgorithmRC4) snej@12: return kCCAlgorithmNames[a]; snej@12: else snej@12: return "???"; snej@12: } snej@12: snej@12: - (unsigned) keySizeInBits { snej@12: id keySize = [self _attribute: kSecAttrKeySizeInBits]; snej@12: Assert(keySize!=nil, @"Key has no kSecAttrKeySizeInBits"); snej@12: return [keySize unsignedIntValue]; snej@12: } snej@12: snej@12: snej@12: - (NSString*) description { snej@12: return $sprintf(@"%@[%u-bit %s]", [self class], self.keySizeInBits, self.algorithmName); snej@12: } snej@12: snej@12: snej@12: - (NSData*) _cryptData: (NSData*)data operation: (CCOperation)op options: (CCOptions)options snej@12: { snej@12: NSData *keyData = self.keyData; snej@12: Assert(keyData, @"Couldn't get key data"); snej@12: NSMutableData *output = [NSMutableData dataWithLength: data.length + 256]; snej@12: size_t bytesWritten = 0; snej@12: CCCryptorStatus status = CCCrypt(op, self.algorithm, options, snej@12: keyData.bytes, keyData.length, NULL, snej@12: data.bytes, data.length, output.mutableBytes, output.length, snej@12: &bytesWritten); snej@12: if (status) { snej@12: Warn(@"MYSymmetricKey: CCCrypt returned error %i",status); snej@12: return nil; snej@12: } snej@12: output.length = bytesWritten; snej@12: return output; snej@12: } snej@12: snej@12: - (NSData*) encryptData: (NSData*)data { snej@12: return [self _cryptData: data operation: kCCEncrypt options: kCCOptionPKCS7Padding]; snej@12: } snej@12: snej@12: snej@12: - (NSData*) decryptData: (NSData*)data { snej@12: return [self _cryptData: data operation: kCCDecrypt options: kCCOptionPKCS7Padding]; snej@12: } snej@12: snej@12: snej@12: @end snej@12: snej@12: snej@12: #endif MYCRYPTO_USE_IPHONE_API snej@14: snej@14: snej@14: snej@14: /* snej@14: Copyright (c) 2009, Jens Alfke . All rights reserved. snej@14: snej@14: Redistribution and use in source and binary forms, with or without modification, are permitted snej@14: provided that the following conditions are met: snej@14: snej@14: * Redistributions of source code must retain the above copyright notice, this list of conditions snej@14: and the following disclaimer. snej@14: * Redistributions in binary form must reproduce the above copyright notice, this list of conditions snej@14: and the following disclaimer in the documentation and/or other materials provided with the snej@14: distribution. snej@14: snej@14: THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR snej@14: IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND snej@14: FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRI- snej@14: BUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES snej@14: (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR snej@14: PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN snej@14: CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF snej@14: THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. snej@14: */