MYCryptor Class Reference

Symmetric encryption: a streaming interface for encrypting/decrypting data. More...

List of all members.

Public Member Functions

(id) - initEncryptorWithKey:algorithm:
 Creates a MYCryptor configured to encrypt data.
(id) - initDecryptorWithKey:algorithm:
 Creates a MYCryptor configured to decrypt data.
(BOOL) - addData:
 Adds input data.
(BOOL) - finish
 Finishes up the encryption/decryption and flushes the remaining bytes of output.

Static Public Member Functions

(NSData *) + randomKeyOfLength:
 Returns a randomly-generated symmetric key of the desired length (in bits).
(NSData *) + keyOfLength:fromPassphrase:salt:
 Converts a passphrase into a symmetric key of the desired length (in bits).

Properties

NSData * key
 The encryption/decryption key; same as the 'key' parameter to the initializer.
CCAlgorithm algorithm
 The cipher to use; initial value is the 'algorithm' parameter to the initializer.
CCOptions options
 Block-mode cipher options; you can set flags to enable PKCS7 padding or ECB mode (default is CBC.
NSOutputStream * outputStream
 Setting this property tells the cryptor to send its output to the stream, instead of accumulating it in the outputData property.
NSError * error
 The error state, if any, of this cryptor.
NSData * outputData
 The output of the cryptor.

Detailed Description

Symmetric encryption: a streaming interface for encrypting/decrypting data.

This is a simple Cocoa wrapper for CommonCrypto/commonCryptor.h. It will probably be merged into, or integrated with, MYSymmetricKey.


Member Function Documentation

- (BOOL) addData: (NSData*)  data  

Adds input data.

Returns:
YES if the operation succeeded, NO if it failed.
- (BOOL) finish  

Finishes up the encryption/decryption and flushes the remaining bytes of output.

After this is called, you cannot add any more bytes of data.

Returns:
YES if the operation succeeded, NO if it failed.
- (id) initDecryptorWithKey: (NSData*)  key
algorithm: (CCAlgorithm)  algorithm 

Creates a MYCryptor configured to decrypt data.

- (id) initEncryptorWithKey: (NSData*)  key
algorithm: (CCAlgorithm)  algorithm 

Creates a MYCryptor configured to encrypt data.

+ (NSData *) keyOfLength: (size_t)  lengthInBits
fromPassphrase: (NSString*)  passphrase
salt: (id)  salt 

Converts a passphrase into a symmetric key of the desired length (in bits).

The same passphrase (and salt) will always return the same key, so you can use this method to encrypt and decrypt data using a user-entered passphrase, without having to store the key itself in the keychain.

Parameters:
lengthInBits The length of the desired key, in bits (not bytes).
passphrase The user-entered passphrase.
salt An arbitrary value whose description will be appended to the passphrase before hashing, to perturb the resulting bits. The purpose of this is to make it harder for an attacker to brute-force the key using a precompiled list of digests of common passwords. Changing the salt changes the key, so you need to pass the same value when re-deriving the key as you did when first generating it.
+ (NSData *) randomKeyOfLength: (size_t)  lengthInBits  

Returns a randomly-generated symmetric key of the desired length (in bits).

Parameters:
lengthInBits The length of the desired key, in bits (not bytes).

Property Documentation

- (CCAlgorithm) algorithm [read, write, assign]

The cipher to use; initial value is the 'algorithm' parameter to the initializer.

You can change this before the first call to -addData:, but not after.

- (NSError*) error [read, retain]

The error state, if any, of this cryptor.

After -addData: or -finish: returns NO, check this property.

- (NSData*) key [read, assign]

The encryption/decryption key; same as the 'key' parameter to the initializer.

- (CCOptions) options [read, write, assign]

Block-mode cipher options; you can set flags to enable PKCS7 padding or ECB mode (default is CBC.

) You can change this before the first call to -addData:, but not after.

- (NSData *) outputData [read, assign]

The output of the cryptor.

Accessing this property implicitly calls -finish, so don't do it until you've added all of the input. (And don't add any more input afterwards.) This property will be nil if the outputStream property has been set.

- (NSOutputStream*) outputStream [read, write, retain]

Setting this property tells the cryptor to send its output to the stream, instead of accumulating it in the outputData property.

You can change this before the first call to -addData:, but not after.


The documentation for this class was generated from the following files:
Generated on Sun Apr 17 12:23:58 2011 for MYCrypto by  doxygen 1.6.3