Wiki

Clone wiki

MYCrypto / Examples

Examples of Using MYCrypto

Creating an RSA key-pair:

MYPrivateKey *keyPair = [[MYKeychain defaultKeychain] generateRSAKeyPairOfSize: 2048];

Creating a self-signed identity certificate:

MYCertificateRequest *pcert = [[MYCertificateRequest alloc] initWithPublicKey: keyPair.publicKey];
MYCertificateName *subject = pcert.subject;
subject.commonName = @"J.R. 'Bob' Dobbs";
subject.emailAddress = @"bob@subgenius.org";
pcert.keyUsage = kKeyUsageDigitalSignature | kKeyUsageDataEncipherment;
MYIdentity *identity = [pcert createSelfSignedIdentityWithPrivateKey: keyPair error: &error];

Signing and encrypting a message:

NSData *cleartext = [@"Attack at dawn" dataUsingEncoding: NSUTF8StringEncoding];
MYEncoder *encoder = [[MYEncoder alloc] init];
[encoder addSigner: ident];
[encoder addRecipient: bob];
[encoder addRecipient: carla];
[encoder addData: cleartext];
[encoder finish];
NSData *ciphertext = encoder.encodedData;

sendMessage(ciphertext);

Verifying and decoding a message:

NSData *ciphertext = receiveMessage();
NSError *error;
MYDecoder *decoder = [[MYDecoder alloc] initWithData: ciphertext error: &error];
if (!decoder)
    return NO;

if (!decoder.isSigned)
    return NO;
decoder.policy = [MYCertificate X509Policy];
NSMutableArray *signerCerts = [NSMutableArray array];
for (MYSigner *signer in decoder.signers) {
    if (signer.status != kCMSSignerValid) {
        return NO;
    [signerCerts addObject: signer.certificate];
}

NSData *plaintext = decoder.content;
processMessage(plaintext, signerCerts);

Updated