1.1 --- a/MYCrypto.xcodeproj/project.pbxproj Sun Apr 12 22:02:20 2009 -0700
1.2 +++ b/MYCrypto.xcodeproj/project.pbxproj Sun Apr 12 22:16:14 2009 -0700
1.3 @@ -156,9 +156,9 @@
1.4 27A42D400F858ED80063D362 /* MYSymmetricKey.h */,
1.5 27A42D410F858ED80063D362 /* MYSymmetricKey.m */,
1.6 27AAD97B0F892A0D0064DD7C /* MYCryptoConfig.h */,
1.7 - 27EAF0390F8B2D700091AF95 /* README.textile */,
1.8 27059D750F8FA23100A8422F /* MYCrypto+Cocoa.h */,
1.9 27059D760F8FA23100A8422F /* MYCrypto+Cocoa.m */,
1.10 + 27EAF0390F8B2D700091AF95 /* README.textile */,
1.11 );
1.12 name = Source;
1.13 sourceTree = "<group>";
2.1 --- a/MYDecoder.h Sun Apr 12 22:02:20 2009 -0700
2.2 +++ b/MYDecoder.h Sun Apr 12 22:16:14 2009 -0700
2.3 @@ -132,9 +132,8 @@
2.4 /** Returns the SecTrustRef that was used to verify the certificate.
2.5 You can use this object to get more detailed information about how the verification was done.
2.6 If you set the parent decoder's policy property, then that SecPolicy will be used to evaluate
2.7 - trust; otherwise you'll need to do it yourself using the SecTrust object.
2.8 - You must CFRelease the result when you're finished with it. */
2.9 -- (SecTrustRef) trust;
2.10 + trust; otherwise you'll need to do it yourself using the SecTrust object. */
2.11 +@property (readonly) SecTrustRef trust;
2.12
2.13 /** The result of certificate verification, as a CSSM_RESULT code;
2.14 * a nonzero value indicates an error.
3.1 --- a/README.textile Sun Apr 12 22:02:20 2009 -0700
3.2 +++ b/README.textile Sun Apr 12 22:16:14 2009 -0700
3.3 @@ -1,6 +1,6 @@
3.4 h1=. MYCrypto
3.5
3.6 -p=. Version 0.1 -- 9 April 2009
3.7 +p=. Version 0.2 -- 12 April 2009
3.8
3.9 p=. By "Jens Alfke":mailto:jens@mooseyard.com <br>
3.10 Based in part on code by Wade Tregaskis, <br>
3.11 @@ -19,6 +19,7 @@
3.12 * Identity certificates (for use with SSL and CMS)
3.13 * Cryptographic digests/hashes (effectively-unique IDs for data)
3.14 * The Keychain (a secure, encrypted storage system for keys and passwords)
3.15 +* Cryptographic Message Syntax [CMS] for signing/encrypting data
3.16
3.17 It's open source, released under a friendly BSD license.
3.18
3.19 @@ -56,6 +57,9 @@
3.20 ** "MYSHA1Digest":Documentation/html/interfaceMYSHA1Digest.html
3.21 ** "MYSHA256Digest":Documentation/html/interfaceMYSHA256Digest.html
3.22 * "MYCryptor":Documentation/html/interfaceMYCryptor.html
3.23 +* "MYEncoder":Documentation/html/interfaceMYEncoder.html
3.24 +* "MYDecoder":Documentation/html/interfaceMYDecoder.html
3.25 +* "MYSigner":Documentation/html/interfaceMYSigner.html
3.26
3.27 (_Italicized_ classes are abstract.)
3.28
3.29 @@ -63,9 +67,9 @@
3.30
3.31 h3. First off, the biggest caveat of all:
3.32
3.33 -* *MYCrypto 0.1 is new code and has not yet been used in any real projects. Expect bugs.* (I'm talking about my wrapper/glue code. The underlying cryptographic functionality provided by the OS is robust.)
3.34 +* *MYCrypto 0.2 is new code and has not yet been used in any real projects. Expect bugs.* (I'm talking about my wrapper/glue code. The underlying cryptographic functionality provided by the OS is robust.)
3.35
3.36 -h3. Further issues with the 0.1 release:
3.37 +h3. Further issues with the 0.2 release:
3.38
3.39 * *MYCrypto does not yet work on the iPhone.* It currently builds, but runs into problems at runtime. I'm currently trying to figure these out. (The iPhone OS Security APIs are very different from the Mac OS X ones, and I'm much less familiar with them.) However, it does work in the iPhone Simulator, which uses the OS X APIs.
3.40 * Exporting symmetric keys in wrapped (encrypted) form will fail. Currently they can be exported only as raw key data.
3.41 @@ -74,7 +78,6 @@
3.42 h3. Current API limitations, to be remedied in the future:
3.43
3.44 * No API for accessing passwords; fortunately there are several other utility libraries that provide this. And if your code is doing cryptographic operations, it probably needs to store the keys themselves, not passwords.
3.45 -* No bulk data encryption/decryption using public/private keys. MYKeyPair only does raw RSA crypto, which is slow and limited to small chunks of data.
3.46 * No evaluation of trust in certificates (i.e. SecTrust and related APIs.)
3.47 * Error reporting is too limited. Most methods indicate an error by returning nil, NULL or NO, but don't provide the standard "out" NSError parameter to provide more information. Expect the API to be refactored in the near future to remedy this.
3.48