Last active
December 27, 2015 09:39
-
-
Save julianwa/7304893 to your computer and use it in GitHub Desktop.
Asmmetric keypair generation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- (void)generateKeyPair:(NSUInteger)keySize { | |
OSStatus sanityCheck = noErr; | |
publicKeyRef = NULL; | |
privateKeyRef = NULL; | |
LOGGING_FACILITY1( keySize == 512 || keySize == 1024 || keySize == 2048, @"%d is an invalid and unsupported key size.", keySize ); | |
// First delete current keys. | |
[self deleteAsymmetricKeys]; | |
// Container dictionaries. | |
NSMutableDictionary * privateKeyAttr = [[NSMutableDictionary alloc] init]; | |
NSMutableDictionary * publicKeyAttr = [[NSMutableDictionary alloc] init]; | |
NSMutableDictionary * keyPairAttr = [[NSMutableDictionary alloc] init]; | |
// Set top level dictionary for the keypair. | |
[keyPairAttr setObject:(id)kSecAttrKeyTypeRSA forKey:(id)kSecAttrKeyType]; | |
[keyPairAttr setObject:[NSNumber numberWithUnsignedInteger:keySize] forKey:(id)kSecAttrKeySizeInBits]; | |
// Set the private key dictionary. | |
[privateKeyAttr setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecAttrIsPermanent]; | |
[privateKeyAttr setObject:privateTag forKey:(id)kSecAttrApplicationTag]; | |
// See SecKey.h to set other flag values. | |
// Set the public key dictionary. | |
[publicKeyAttr setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecAttrIsPermanent]; | |
[publicKeyAttr setObject:publicTag forKey:(id)kSecAttrApplicationTag]; | |
// See SecKey.h to set other flag values. | |
// Set attributes to top level dictionary. | |
[keyPairAttr setObject:privateKeyAttr forKey:(id)kSecPrivateKeyAttrs]; | |
[keyPairAttr setObject:publicKeyAttr forKey:(id)kSecPublicKeyAttrs]; | |
// SecKeyGeneratePair returns the SecKeyRefs just for educational purposes. | |
sanityCheck = SecKeyGeneratePair((CFDictionaryRef)keyPairAttr, &publicKeyRef, &privateKeyRef); | |
LOGGING_FACILITY( sanityCheck == noErr && publicKeyRef != NULL && privateKeyRef != NULL, @"Something really bad went wrong with generating the key pair." ); | |
[privateKeyAttr release]; | |
[publicKeyAttr release]; | |
[keyPairAttr release]; | |
} | |
- (void)deleteAsymmetricKeys { | |
OSStatus sanityCheck = noErr; | |
NSMutableDictionary * queryPublicKey = [[NSMutableDictionary alloc] init]; | |
NSMutableDictionary * queryPrivateKey = [[NSMutableDictionary alloc] init]; | |
// Set the public key query dictionary. | |
[queryPublicKey setObject:(id)kSecClassKey forKey:(id)kSecClass]; | |
[queryPublicKey setObject:publicTag forKey:(id)kSecAttrApplicationTag]; | |
[queryPublicKey setObject:(id)kSecAttrKeyTypeRSA forKey:(id)kSecAttrKeyType]; | |
// Set the private key query dictionary. | |
[queryPrivateKey setObject:(id)kSecClassKey forKey:(id)kSecClass]; | |
[queryPrivateKey setObject:privateTag forKey:(id)kSecAttrApplicationTag]; | |
[queryPrivateKey setObject:(id)kSecAttrKeyTypeRSA forKey:(id)kSecAttrKeyType]; | |
// Delete the private key. | |
sanityCheck = SecItemDelete((CFDictionaryRef)queryPrivateKey); | |
LOGGING_FACILITY1( sanityCheck == noErr || sanityCheck == errSecItemNotFound, @"Error removing private key, OSStatus == %d.", sanityCheck ); | |
// Delete the public key. | |
sanityCheck = SecItemDelete((CFDictionaryRef)queryPublicKey); | |
LOGGING_FACILITY1( sanityCheck == noErr || sanityCheck == errSecItemNotFound, @"Error removing public key, OSStatus == %d.", sanityCheck ); | |
[queryPrivateKey release]; | |
[queryPublicKey release]; | |
if (publicKeyRef) CFRelease(publicKeyRef); | |
if (privateKeyRef) CFRelease(privateKeyRef); | |
} | |
- (SecKeyRef)getPublicKeyRef { | |
OSStatus sanityCheck = noErr; | |
SecKeyRef publicKeyReference = NULL; | |
if (publicKeyRef == NULL) { | |
NSMutableDictionary * queryPublicKey = [[NSMutableDictionary alloc] init]; | |
// Set the public key query dictionary. | |
[queryPublicKey setObject:(id)kSecClassKey forKey:(id)kSecClass]; | |
[queryPublicKey setObject:publicTag forKey:(id)kSecAttrApplicationTag]; | |
[queryPublicKey setObject:(id)kSecAttrKeyTypeRSA forKey:(id)kSecAttrKeyType]; | |
[queryPublicKey setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecReturnRef]; | |
// Get the key. | |
sanityCheck = SecItemCopyMatching((CFDictionaryRef)queryPublicKey, (CFTypeRef *)&publicKeyReference); | |
if (sanityCheck != noErr) | |
{ | |
publicKeyReference = NULL; | |
} | |
[queryPublicKey release]; | |
} else { | |
publicKeyReference = publicKeyRef; | |
} | |
return publicKeyReference; | |
} | |
- (SecKeyRef)getPrivateKeyRef { | |
OSStatus sanityCheck = noErr; | |
SecKeyRef privateKeyReference = NULL; | |
if (privateKeyRef == NULL) { | |
NSMutableDictionary * queryPrivateKey = [[NSMutableDictionary alloc] init]; | |
// Set the private key query dictionary. | |
[queryPrivateKey setObject:(id)kSecClassKey forKey:(id)kSecClass]; | |
[queryPrivateKey setObject:privateTag forKey:(id)kSecAttrApplicationTag]; | |
[queryPrivateKey setObject:(id)kSecAttrKeyTypeRSA forKey:(id)kSecAttrKeyType]; | |
[queryPrivateKey setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecReturnRef]; | |
// Get the key. | |
sanityCheck = SecItemCopyMatching((CFDictionaryRef)queryPrivateKey, (CFTypeRef *)&privateKeyReference); | |
if (sanityCheck != noErr) | |
{ | |
privateKeyReference = NULL; | |
} | |
[queryPrivateKey release]; | |
} else { | |
privateKeyReference = privateKeyRef; | |
} | |
return privateKeyReference; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment