* The build process runs Doxygen only if it's installed (i.e. on the shell search path).
* Added instructions to the README on setting up a named Source Tree for MYUtilities.
* Changed the RSA key size in MYCryptoTest to 2048 and made it a named constant.
1.1 --- a/MYCrypto.xcodeproj/project.pbxproj Sun Apr 12 22:16:38 2009 -0700
1.2 +++ b/MYCrypto.xcodeproj/project.pbxproj Tue Apr 14 18:34:52 2009 -0700
1.3 @@ -289,8 +289,8 @@
1.4 outputPaths = (
1.5 );
1.6 runOnlyForDeploymentPostprocessing = 0;
1.7 - shellPath = /bin/csh;
1.8 - shellScript = "doxygen |& sed s/Warning/warning/\n";
1.9 + shellPath = /bin/sh;
1.10 + shellScript = "if [ `which doxygen` ]; then\n doxygen 2>&1 | sed s/Warning/warning/\nfi\n";
1.11 showEnvVarsInLog = 0;
1.12 };
1.13 /* End PBXShellScriptBuildPhase section */
2.1 --- a/MYCryptoTest.m Sun Apr 12 22:16:38 2009 -0700
2.2 +++ b/MYCryptoTest.m Tue Apr 14 18:34:52 2009 -0700
2.3 @@ -17,6 +17,9 @@
2.4
2.5 #if DEBUG
2.6
2.7 +
2.8 +#define kTestCaseRSAKeySize 2048
2.9 +
2.10 #pragma mark -
2.11 #pragma mark KEYCHAIN:
2.12
2.13 @@ -224,7 +227,7 @@
2.14 RequireTestCase(MYKeychain);
2.15
2.16 Log(@"Generating key pair...");
2.17 - MYPrivateKey *pair = [[MYKeychain defaultKeychain] generateRSAKeyPairOfSize: 512];
2.18 + MYPrivateKey *pair = [[MYKeychain defaultKeychain] generateRSAKeyPairOfSize: kTestCaseRSAKeySize];
2.19 MYPublicKey *publicKey = pair.publicKey;
2.20 Log(@"...created { %@ , %@ }.", pair, publicKey);
2.21
2.22 @@ -284,7 +287,7 @@
2.23 static void testKeyPairExportWithPrompt(BOOL withPrompt) {
2.24 MYKeychain *keychain = [MYKeychain allKeychains];
2.25 Log(@"Generating key pair...");
2.26 - MYPrivateKey *pair = [keychain generateRSAKeyPairOfSize: 512];
2.27 + MYPrivateKey *pair = [keychain generateRSAKeyPairOfSize: kTestCaseRSAKeySize];
2.28 CAssert(pair);
2.29 CAssert(pair.keyRef);
2.30 CAssert(pair.publicKey.keyRef);
2.31 @@ -292,7 +295,7 @@
2.32
2.33 @try{
2.34 NSData *pubKeyData = pair.publicKey.keyData;
2.35 - CAssert(pubKeyData.length >= 512/8);
2.36 + CAssert(pubKeyData.length >= kTestCaseRSAKeySize/8);
2.37 [pair setName: @"Test KeyPair Label"];
2.38 CAssertEqual(pair.name, @"Test KeyPair Label");
2.39 #if !TARGET_OS_IPHONE
3.1 --- a/README.textile Sun Apr 12 22:16:38 2009 -0700
3.2 +++ b/README.textile Tue Apr 14 18:34:52 2009 -0700
3.3 @@ -34,13 +34,27 @@
3.4 h3. How To Get It
3.5
3.6 * "Download the current source code":http://mooseyard.com/hg/hgwebdir.cgi/MYCrypto/archive/tip.zip
3.7 -* To check out the source code using "Mercurial":http://selenic.com/mercurial/:<br>
3.8 +* or to check out the source code using "Mercurial":http://selenic.com/mercurial/:<br>
3.9 @hg clone http://mooseyard.com/hg/hgwebdir.cgi/MYCrypto/ MYCrypto@
3.10 * As described above, you'll also need to download or check out MYUtilities and put it in a directory next to MYCrypto.
3.11 +* To file or view bug reports, visit "the project tracker page":http://mooseyard.lighthouseapp.com/projects/29227/home.
3.12 * Or if you're just looking:
3.13 ** "Browse the source code":http://mooseyard.com/hg/hgwebdir.cgi/MYCrypto/file/tip
3.14 ** "Browse the class documentation":Documentation/html/hierarchy.html
3.15
3.16 +h3. How To Build It
3.17 +
3.18 +With Xcode, of course. But before the _first_ time you build MYCrypto.xcode, you'll need to tell Xcode where the MYUtilities sources are. You do this by setting up a named 'Source Tree':
3.19 +
3.20 +# Open Xcode's Preferences panel
3.21 +# Click the "Source Trees" icon at the top
3.22 +# Click the "+" button to add a new item to the list
3.23 +# Fill in the Setting Name as "@MYUtilities@", the Display Name also as "@MYUtilities@", and the Path as the absolute filesystem path to where you downloaded MYUtilities to. _Do not use a "~" in this path!_ The compiler won't understand it and will give you errors.
3.24 +
3.25 +Now you're golden. From now on you can just open MYCrypto.xcode and press the Build button.
3.26 +
3.27 +(So far, the MYCrypto project doesn't build anything that's useful to you, like a framework ... just a tiny program that runs the unit-tests. You can add the source files to your own projects to use them.)
3.28 +
3.29 h2. Overview
3.30
3.31 The class hierarchy of MYCrypto looks like this:
3.32 @@ -63,6 +77,65 @@
3.33
3.34 (_Italicized_ classes are abstract.)
3.35
3.36 +h2. Examples
3.37 +
3.38 +h3. Creating an RSA key-pair
3.39 +
3.40 +<pre>
3.41 +MYPrivateKey *keyPair = [[MYKeychain defaultKeychain] generateRSAKeyPairOfSize: 2048];
3.42 +</pre>
3.43 +
3.44 +h3. Creating a self-signed identity certificate:
3.45 +
3.46 +<pre>
3.47 +NSDictionary *attrs = [NSDictionary dictionaryWithObjectsAndKeys:
3.48 + @"alice", @"Common Name",
3.49 + @"Alice", @"Given Name",
3.50 + @"Lidell", @"Surname",
3.51 + nil];
3.52 +MYIdentity *ident = [keyPair createSelfSignedIdentityWithAttributes: attrs];
3.53 +
3.54 +NSData *certData = ident.certificateData;
3.55 +</pre>
3.56 +
3.57 +h3. Signing and encrypting a message:
3.58 +
3.59 +<pre>
3.60 +NSData *cleartext = [@"Attack at dawn" dataUsingEncoding: NSUTF8StringEncoding];
3.61 +MYEncoder *encoder = [[MYEncoder alloc] init];
3.62 +[encoder addSigner: ident];
3.63 +[encoder addRecipient: bob];
3.64 +[encoder addRecipient: carla];
3.65 +[encoder addData: cleartext];
3.66 +[encoder finish];
3.67 +NSData *ciphertext = encoder.encodedData;
3.68 +
3.69 +sendMessage(ciphertext);
3.70 +</pre>
3.71 +
3.72 +h3. Verifying and decoding a message:
3.73 +
3.74 +<pre>
3.75 +NSData *ciphertext = receiveMessage();
3.76 +NSError *error;
3.77 +MYDecoder *decoder = [[MYDecoder alloc] initWithData: ciphertext error: &error];
3.78 +if (!decoder)
3.79 + return NO;
3.80 +
3.81 +if (!decoder.isSigned)
3.82 + return NO;
3.83 +decoder.policy = [MYCertificate X509Policy];
3.84 +NSMutableArray *signerCerts = [NSMutableArray array];
3.85 +for (MYSigner *signer in decoder.signers) {
3.86 + if (signer.status != kCMSSignerValid) {
3.87 + return NO;
3.88 + [signerCerts addObject: signer.certificate];
3.89 +}
3.90 +
3.91 +NSData *plaintext = decoder.content;
3.92 +processMessage(plaintext, signerCerts);
3.93 +</pre>
3.94 +
3.95 h2. Current Limitations
3.96
3.97 h3. First off, the biggest caveat of all: