Thought Palace

I’ve got a new open-source Mac/iPhone library out … but it’s early days and it’s not really ready for use yet. I’m hoping some smart folks [that’s you] will want to help implement missing bits, or at least find bugs.

It’s called MYCrypto and it’s a high-level cryptography API, with object-oriented interfaces to:

• Symmmetric cryptography (session keys and password-based encryption)
• Asymmetric cryptography (public and private keys; digital signatures)
• X.509 identity certificates (for use with SSL, S/MIME and CMS)
• Cryptographic digests/hashes (effectively-unique IDs for data)
• The Keychain (a secure, encrypted storage system for keys and passwords)
• Cryptographic Message Syntax [CMS] for signing/encrypting data

MYCrypto is really “just a wrapper” around the system Keychain, CDSA/CSSM, and CommonCrypto APIs. But if you’ve tried to use any of these, you know that Keychain is rather complex and confusing, CSSM is incredibly opaque and nearly undocumented, and CommonCrypto is easy but limited.

What’s worse, the Keychain APIs are quite different on iPhone OS, and CSSM isn’t available at all. (Unless you’re running in the simulator, where for some reason you get the Mac OS, not iPhone, Keychain APIs, just to make it harder to test your apps.)

So with MYCrypto I’ve used lots of #ifdefs, and gleaned bits of arcane SecKeychain and CSSM sample code from Apple and from the comprehensive-but-huge third-party Keychain.framework, and tried to shovel the lot under a pretty, object-oriented rug.

What can you do with MYCrypto?

• Encrypt files, with the keys securely stored in the Keychain. You can use randomly-generated symmetric keys and never have to bother the user with making up a password.

• Encrypt data the user stores on the network (i.e. on iDisk or a WebDAV server), either using direct symmetric keys, or passwords to make it easy to retrieve the data from another computer.

• Generate your own (i.e. your users’ own) identity certificates. Self-signed certs are free and instant and don’t require dealing with Verisign or Thawte.

• Use these certs to make secure peer-to-peer SSL connections (perhaps using my MYNetwork library.)

• Sign anything using your identity, to prove that you wrote it.

• Encrypt anything, for delivery to the holders of particular certificates, without having to pre-arrange passwords or keys, or make a direct connection to them.

Examples

[Sorry about the line-spacing in these. My Textile processor is old and cranky.]

Creating an RSA key-pair

Use MYKeychain to create a MYPrivateKey and MYPublicKey:

MYPrivateKey *keyPair = [[MYKeychain defaultKeychain] generateRSAKeyPairOfSize: 2048];

MYPublicKey publicKey = keyPair.publicKey;

Creating a self-signed identity certificate:

Use MYIdentity:

NSDictionary *attrs = [NSDictionary dictionaryWithObjectsAndKeys:

@”alice”, @”Common Name”,

@”Alice”, @”Given Name”,

@”Lidell”, @”Surname”,

nil];

MYIdentity *ident = [keyPair createSelfSignedIdentityWithAttributes: attrs];


	
NSData *certData = ident.certificateData;

Signing and encrypting a message:

Use MYEncoder:

NSData *cleartext = [@”Attack at dawn” dataUsingEncoding: NSUTF8StringEncoding];

MYEncoder *encoder = [[MYEncoder alloc] init];

[encoder addSigner: ident];

[encoder addRecipient: bob];

[encoder addRecipient: carla];

[encoder addData: cleartext];

[encoder finish];

NSData *ciphertext = encoder.encodedData;


	
sendMessage(ciphertext);

Verifying and decoding a message:

Use MYDecoder:

NSData *ciphertext = receiveMessage();

NSError *error;

MYDecoder *decoder = [[MYDecoder alloc] initWithData: ciphertext error: &error];

if (!decoder)

return NO;


	
if (!decoder.isSigned)

return NO;

decoder.policy = [MYCertificate X509Policy];

NSMutableArray *signerCerts = [NSMutableArray array];

for (MYSigner *signer in decoder.signers) {

if (signer.status != kCMSSignerValid) {

return NO;

[signerCerts addObject: signer.certificate];

}

	
NSData *plaintext = decoder.content;

processMessage(plaintext, signerCerts);

I did say “alpha”…

What, it’s not finished yet? You can read the details on the project home page, but the important gotchas are:

• MYCrypto 0.2 is new code and has not yet been used in any real projects. Expect bugs. (I’m talking about my wrapper/glue code. The underlying cryptographic functionality provided by the OS is robust.) Please try it out, and report any issues you find.

• MYCrypto does not yet work on the iPhone. It currently builds, but runs into problems at runtime. I’m currently trying to figure these out. The iPhone OS Security APIs are very different from the Mac OS X ones, and I’m much less familiar with them. This is an area where you could really help out, if you’ve used the Keychain APIs on iPhone before.

If that doesn’t scare you off, then go browse the documentation or the source code, or just download it …