* The build process runs Doxygen only if it's installed (i.e. on the shell search path).
authorsnej@snej.local
Tue Apr 14 18:34:52 2009 -0700 (2009-04-14)
changeset 113568d5fd4b6a
parent 10 993161972183
child 12 e4c971be4079
* The build process runs Doxygen only if it's installed (i.e. on the shell search path).
* Added instructions to the README on setting up a named Source Tree for MYUtilities.
* Changed the RSA key size in MYCryptoTest to 2048 and made it a named constant.
MYCrypto.xcodeproj/project.pbxproj
MYCryptoTest.m
README.textile
     1.1 --- a/MYCrypto.xcodeproj/project.pbxproj	Sun Apr 12 22:16:38 2009 -0700
     1.2 +++ b/MYCrypto.xcodeproj/project.pbxproj	Tue Apr 14 18:34:52 2009 -0700
     1.3 @@ -289,8 +289,8 @@
     1.4  			outputPaths = (
     1.5  			);
     1.6  			runOnlyForDeploymentPostprocessing = 0;
     1.7 -			shellPath = /bin/csh;
     1.8 -			shellScript = "doxygen |& sed s/Warning/warning/\n";
     1.9 +			shellPath = /bin/sh;
    1.10 +			shellScript = "if [ `which doxygen` ]; then\n  doxygen 2>&1 | sed s/Warning/warning/\nfi\n";
    1.11  			showEnvVarsInLog = 0;
    1.12  		};
    1.13  /* End PBXShellScriptBuildPhase section */
     2.1 --- a/MYCryptoTest.m	Sun Apr 12 22:16:38 2009 -0700
     2.2 +++ b/MYCryptoTest.m	Tue Apr 14 18:34:52 2009 -0700
     2.3 @@ -17,6 +17,9 @@
     2.4  
     2.5  #if DEBUG
     2.6  
     2.7 +
     2.8 +#define kTestCaseRSAKeySize 2048
     2.9 +
    2.10  #pragma mark -
    2.11  #pragma mark KEYCHAIN:
    2.12  
    2.13 @@ -224,7 +227,7 @@
    2.14      RequireTestCase(MYKeychain);
    2.15      
    2.16      Log(@"Generating key pair...");
    2.17 -    MYPrivateKey *pair = [[MYKeychain defaultKeychain] generateRSAKeyPairOfSize: 512];
    2.18 +    MYPrivateKey *pair = [[MYKeychain defaultKeychain] generateRSAKeyPairOfSize: kTestCaseRSAKeySize];
    2.19      MYPublicKey *publicKey = pair.publicKey;
    2.20      Log(@"...created { %@ , %@ }.", pair, publicKey);
    2.21      
    2.22 @@ -284,7 +287,7 @@
    2.23  static void testKeyPairExportWithPrompt(BOOL withPrompt) {
    2.24      MYKeychain *keychain = [MYKeychain allKeychains];
    2.25      Log(@"Generating key pair...");
    2.26 -    MYPrivateKey *pair = [keychain generateRSAKeyPairOfSize: 512];
    2.27 +    MYPrivateKey *pair = [keychain generateRSAKeyPairOfSize: kTestCaseRSAKeySize];
    2.28      CAssert(pair);
    2.29      CAssert(pair.keyRef);
    2.30      CAssert(pair.publicKey.keyRef);
    2.31 @@ -292,7 +295,7 @@
    2.32      
    2.33      @try{
    2.34          NSData *pubKeyData = pair.publicKey.keyData;
    2.35 -        CAssert(pubKeyData.length >= 512/8);
    2.36 +        CAssert(pubKeyData.length >= kTestCaseRSAKeySize/8);
    2.37          [pair setName: @"Test KeyPair Label"];
    2.38          CAssertEqual(pair.name, @"Test KeyPair Label");
    2.39  #if !TARGET_OS_IPHONE
     3.1 --- a/README.textile	Sun Apr 12 22:16:38 2009 -0700
     3.2 +++ b/README.textile	Tue Apr 14 18:34:52 2009 -0700
     3.3 @@ -34,13 +34,27 @@
     3.4  h3. How To Get It
     3.5  
     3.6  * "Download the current source code":http://mooseyard.com/hg/hgwebdir.cgi/MYCrypto/archive/tip.zip
     3.7 -* To check out the source code using "Mercurial":http://selenic.com/mercurial/:<br>
     3.8 +* or to check out the source code using "Mercurial":http://selenic.com/mercurial/:<br>
     3.9  @hg clone http://mooseyard.com/hg/hgwebdir.cgi/MYCrypto/ MYCrypto@
    3.10  * As described above, you'll also need to download or check out MYUtilities and put it in a directory next to MYCrypto.
    3.11 +* To file or view bug reports, visit "the project tracker page":http://mooseyard.lighthouseapp.com/projects/29227/home.
    3.12  * Or if you're just looking:
    3.13  ** "Browse the source code":http://mooseyard.com/hg/hgwebdir.cgi/MYCrypto/file/tip
    3.14  ** "Browse the class documentation":Documentation/html/hierarchy.html
    3.15  
    3.16 +h3. How To Build It
    3.17 +
    3.18 +With Xcode, of course. But before the _first_ time you build MYCrypto.xcode, you'll need to tell Xcode where the MYUtilities sources are. You do this by setting up a named 'Source Tree':
    3.19 +
    3.20 +# Open Xcode's Preferences panel
    3.21 +# Click the "Source Trees" icon at the top
    3.22 +# Click the "+" button to add a new item to the list
    3.23 +# Fill in the Setting Name as "@MYUtilities@", the Display Name also as "@MYUtilities@", and the Path as the absolute filesystem path to where you downloaded MYUtilities to. _Do not use a "~" in this path!_ The compiler won't understand it and will give you errors.
    3.24 +
    3.25 +Now you're golden. From now on you can just open MYCrypto.xcode and press the Build button.
    3.26 +
    3.27 +(So far, the MYCrypto project doesn't build anything that's useful to you, like a framework ... just a tiny program that runs the unit-tests. You can add the source files to your own projects to use them.)
    3.28 +
    3.29  h2. Overview
    3.30  
    3.31  The class hierarchy of MYCrypto looks like this:
    3.32 @@ -63,6 +77,65 @@
    3.33  
    3.34  (_Italicized_ classes are abstract.)
    3.35  
    3.36 +h2. Examples
    3.37 +
    3.38 +h3. Creating an RSA key-pair
    3.39 +
    3.40 +<pre>
    3.41 +MYPrivateKey *keyPair = [[MYKeychain defaultKeychain] generateRSAKeyPairOfSize: 2048];
    3.42 +</pre>
    3.43 +
    3.44 +h3. Creating a self-signed identity certificate:
    3.45 +
    3.46 +<pre>
    3.47 +NSDictionary *attrs = [NSDictionary dictionaryWithObjectsAndKeys:
    3.48 +		@"alice", @"Common Name",
    3.49 +		@"Alice", @"Given Name",
    3.50 +		@"Lidell", @"Surname",
    3.51 +		nil];
    3.52 +MYIdentity *ident = [keyPair createSelfSignedIdentityWithAttributes: attrs];
    3.53 +
    3.54 +NSData *certData = ident.certificateData;
    3.55 +</pre>
    3.56 +
    3.57 +h3. Signing and encrypting a message:
    3.58 +
    3.59 +<pre>
    3.60 +NSData *cleartext = [@"Attack at dawn" dataUsingEncoding: NSUTF8StringEncoding];
    3.61 +MYEncoder *encoder = [[MYEncoder alloc] init];
    3.62 +[encoder addSigner: ident];
    3.63 +[encoder addRecipient: bob];
    3.64 +[encoder addRecipient: carla];
    3.65 +[encoder addData: cleartext];
    3.66 +[encoder finish];
    3.67 +NSData *ciphertext = encoder.encodedData;
    3.68 +
    3.69 +sendMessage(ciphertext);
    3.70 +</pre>
    3.71 +
    3.72 +h3. Verifying and decoding a message:
    3.73 +
    3.74 +<pre>
    3.75 +NSData *ciphertext = receiveMessage();
    3.76 +NSError *error;
    3.77 +MYDecoder *decoder = [[MYDecoder alloc] initWithData: ciphertext error: &error];
    3.78 +if (!decoder)
    3.79 +    return NO;
    3.80 +
    3.81 +if (!decoder.isSigned)
    3.82 +    return NO;
    3.83 +decoder.policy = [MYCertificate X509Policy];
    3.84 +NSMutableArray *signerCerts = [NSMutableArray array];
    3.85 +for (MYSigner *signer in decoder.signers) {
    3.86 +    if (signer.status != kCMSSignerValid) {
    3.87 +        return NO;
    3.88 +    [signerCerts addObject: signer.certificate];
    3.89 +}
    3.90 +
    3.91 +NSData *plaintext = decoder.content;
    3.92 +processMessage(plaintext, signerCerts);
    3.93 +</pre>
    3.94 +
    3.95  h2. Current Limitations
    3.96  
    3.97  h3. First off, the biggest caveat of all: