A public key, which can be used for encrypting data and verifying signatures. More...

Inherits MYKey.

## Public Member Functions | |

(NSData *) | - rawEncryptData: |

Encrypts a short piece of data using this key, returning the raw encrypted result. | |

(BOOL) | - verifySignature:ofData: |

Verifies the signature of a block of data. | |

(BOOL) | - setValue:ofAttribute: |

(CSSM_WRAP_KEY *) | - _unwrappedCSSMKey |

Expert | |

(id) | - initWithModulus:exponent: |

Initializes a public key directly from its raw RSA modulus and exponent. | |

(BOOL) | - getModulus:exponent: |

Retrieves the raw RSA modulus and exponent, which together uniquely specify the key. | |

(BOOL) | - verifySignature:ofData:withAlgorithm: |

Verifies a signature, using the specified signature algorithm, for example CSSM_ALGID_SHA1WithRSA, CSSM_ALGID_SHA256WithRSA or CSSM_ALGID_MD5WithRSA. | |

(NSData *) | - wrapSessionKey: |

Encrypts a session key using this public key. | |

## Properties | |

MYSHA1Digest * | publicKeyDigest |

The public key's SHA-1 digest. | |

MYCertificate * | certificate |

A public key, which can be used for encrypting data and verifying signatures.

MYPublicKeys are created as part of generating a key-pair, or by being imported from data into a MYKeychain.

- (BOOL) getModulus: | (NSData**) | outModulus |
||

exponent: | (unsigned*) | outExponent | ||

Retrieves the raw RSA modulus and exponent, which together uniquely specify the key.

The length of the modulus is the size, in bits, of the key: for example, a 2048-bit key has 256 bytes of modulus data.

**Parameters:**-
*outModulus*On return, will contain the modulus: a very large positive integer represented as a blob of unsigned big-endian data. *outExponent*On return, will contain the exponent: a prime number, often 17 or 65537.

- (id) initWithModulus: | (NSData*) | modulus |
||

exponent: | (unsigned) | exponent | ||

Initializes a public key directly from its raw RSA modulus and exponent.

These numbers must come from an existing key-pair generated by the RSA algorithm; you CANNOT just pass in random data and create a working key! (To create a new key pair, call -[MYKeychain generateRSAKeyPairOfSize:].)

**Parameters:**-
*modulus*RSA modulus, a very large integer represented as a blob of big-endian data. *exponent*RSA exponent, a prime number, commonly 17 or 65537.

- (NSData *) rawEncryptData: | (NSData*) | data |

Encrypts a short piece of data using this key, returning the raw encrypted result.

An RSA key can encrypt only blocks smaller than its own key size; this method will fail and return nil if the data is too long. RSA encryption is also much slower than regular symmetric-key encryption, so the correct way to encrypt a large block of data using a public key is to first generate a random symmetric key, called the "session key" (using a Cryptor), encrypt that session key with the public key, and then encrypt your data with the session key. Send the encrypted session key and the encrypted data.

- (BOOL) verifySignature: | (NSData*) | signature |
||

ofData: | (NSData*) | data | ||

Verifies the signature of a block of data.

If the result is YES, you can be assured that the signature was generated from the data by using this key's matching private key. If the result is NO, something is wrong: either the data or the signature was modified, or the signature was generated by a different private key. (What's actually verified using RSA is the SHA-1 digest of the data.)

- (BOOL) verifySignature: | (NSData*) | signature |
||

ofData: | (NSData*) | data |
||

withAlgorithm: | (CSSM_ALGORITHMS) | algorithm | ||

Verifies a signature, using the specified signature algorithm, for example CSSM_ALGID_SHA1WithRSA, CSSM_ALGID_SHA256WithRSA or CSSM_ALGID_MD5WithRSA.

- (NSData *) wrapSessionKey: | (MYSymmetricKey*) | sessionKey |

Encrypts a session key using this public key.

The holder of the private key can then unwrap the session key from this data.

**Parameters:**-
*sessionKey*The symmetric session key to wrap/encrypt

**Returns:**- The encrypted data representing the session key

- (MYSHA1Digest *) publicKeyDigest` [read, assign]` |

The public key's SHA-1 digest.

This is a convenient short (20-byte) identifier for the key.

The documentation for this class was generated from the following files:

- MYPublicKey.h
- MYPublicKey.m

Generated on Sun Apr 17 12:23:58 2011 for MYCrypto by 1.6.3