First commit

RNCryptor · Mar 16, 2012 · 1b2a229 · 1b2a229
1 parent dbddd6e
commit 1b2a229
Show file tree

Hide file tree

Showing 7 changed files with 590 additions and 42 deletions.
diff --git a/RNCrypt.xcodeproj/project.pbxproj b/RNCrypt.xcodeproj/project.pbxproj
@@ -8,13 +8,16 @@
 
 /* Begin PBXBuildFile section */
 		FB7564F41512D3C4007B806B /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = FB7564F31512D3C4007B806B /* Foundation.framework */; };
-		FB7564FA1512D3C4007B806B /* RNCrypt.m in Sources */ = {isa = PBXBuildFile; fileRef = FB7564F91512D3C4007B806B /* RNCrypt.m */; };
 		FB7565021512D3C4007B806B /* SenTestingKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = FB7565011512D3C4007B806B /* SenTestingKit.framework */; };
 		FB7565041512D3C4007B806B /* UIKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = FB7565031512D3C4007B806B /* UIKit.framework */; };
 		FB7565051512D3C4007B806B /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = FB7564F31512D3C4007B806B /* Foundation.framework */; };
 		FB7565081512D3C4007B806B /* libRNCrypt.a in Frameworks */ = {isa = PBXBuildFile; fileRef = FB7564F01512D3C4007B806B /* libRNCrypt.a */; };
 		FB75650E1512D3C4007B806B /* InfoPlist.strings in Resources */ = {isa = PBXBuildFile; fileRef = FB75650C1512D3C4007B806B /* InfoPlist.strings */; };
 		FB7565111512D3C5007B806B /* RNCryptTests.m in Sources */ = {isa = PBXBuildFile; fileRef = FB7565101512D3C5007B806B /* RNCryptTests.m */; };
+		FB75651D1512D3E9007B806B /* RNCryptManager.m in Sources */ = {isa = PBXBuildFile; fileRef = FB75651B1512D3E9007B806B /* RNCryptManager.m */; };
+		FB75651E1512D3E9007B806B /* RNCryptManager.m in Sources */ = {isa = PBXBuildFile; fileRef = FB75651B1512D3E9007B806B /* RNCryptManager.m */; };
+		FB75651F1512D7F8007B806B /* RNCryptManager.h in Headers */ = {isa = PBXBuildFile; fileRef = FB75651A1512D3E9007B806B /* RNCryptManager.h */; settings = {ATTRIBUTES = (Public, ); }; };
+		FB7565241512D9BE007B806B /* Security.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = FB7565221512D9A8007B806B /* Security.framework */; };
 /* End PBXBuildFile section */
 
 /* Begin PBXContainerItemProxy section */
@@ -30,16 +33,17 @@
 /* Begin PBXFileReference section */
 		FB7564F01512D3C4007B806B /* libRNCrypt.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libRNCrypt.a; sourceTree = BUILT_PRODUCTS_DIR; };
 		FB7564F31512D3C4007B806B /* Foundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Foundation.framework; path = System/Library/Frameworks/Foundation.framework; sourceTree = SDKROOT; };
-		FB7564F71512D3C4007B806B /* RNCrypt-Prefix.pch */ = {isa = PBXFileReference; path = "RNCrypt-Prefix.pch"; sourceTree = "<group>"; };
-		FB7564F81512D3C4007B806B /* RNCrypt.h */ = {isa = PBXFileReference; path = RNCrypt.h; sourceTree = "<group>"; };
-		FB7564F91512D3C4007B806B /* RNCrypt.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = RNCrypt.m; sourceTree = "<group>"; };
+		FB7564F71512D3C4007B806B /* RNCrypt-Prefix.pch */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "RNCrypt-Prefix.pch"; sourceTree = "<group>"; };
 		FB7565001512D3C4007B806B /* RNCryptTests.octest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = RNCryptTests.octest; sourceTree = BUILT_PRODUCTS_DIR; };
 		FB7565011512D3C4007B806B /* SenTestingKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = SenTestingKit.framework; path = Library/Frameworks/SenTestingKit.framework; sourceTree = DEVELOPER_DIR; };
 		FB7565031512D3C4007B806B /* UIKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = UIKit.framework; path = Library/Frameworks/UIKit.framework; sourceTree = DEVELOPER_DIR; };
-		FB75650B1512D3C4007B806B /* RNCryptTests-Info.plist */ = {isa = PBXFileReference; path = "RNCryptTests-Info.plist"; sourceTree = "<group>"; };
+		FB75650B1512D3C4007B806B /* RNCryptTests-Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = "RNCryptTests-Info.plist"; sourceTree = "<group>"; };
 		FB75650D1512D3C4007B806B /* en */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = en; path = en.lproj/InfoPlist.strings; sourceTree = "<group>"; };
-		FB75650F1512D3C4007B806B /* RNCryptTests.h */ = {isa = PBXFileReference; path = RNCryptTests.h; sourceTree = "<group>"; };
+		FB75650F1512D3C4007B806B /* RNCryptTests.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = RNCryptTests.h; sourceTree = "<group>"; };
 		FB7565101512D3C5007B806B /* RNCryptTests.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = RNCryptTests.m; sourceTree = "<group>"; };
+		FB75651A1512D3E9007B806B /* RNCryptManager.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = RNCryptManager.h; sourceTree = "<group>"; };
+		FB75651B1512D3E9007B806B /* RNCryptManager.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = RNCryptManager.m; sourceTree = "<group>"; };
+		FB7565221512D9A8007B806B /* Security.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Security.framework; path = System/Library/Frameworks/Security.framework; sourceTree = SDKROOT; };
 /* End PBXFileReference section */
 
 /* Begin PBXFrameworksBuildPhase section */
@@ -59,6 +63,7 @@
 				FB7565041512D3C4007B806B /* UIKit.framework in Frameworks */,
 				FB7565051512D3C4007B806B /* Foundation.framework in Frameworks */,
 				FB7565081512D3C4007B806B /* libRNCrypt.a in Frameworks */,
+				FB7565241512D9BE007B806B /* Security.framework in Frameworks */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -68,6 +73,7 @@
 		FB7564E51512D3C4007B806B = {
 			isa = PBXGroup;
 			children = (
+				FB7565221512D9A8007B806B /* Security.framework */,
 				FB7564F51512D3C4007B806B /* RNCrypt */,
 				FB7565091512D3C4007B806B /* RNCryptTests */,
 				FB7564F21512D3C4007B806B /* Frameworks */,
@@ -97,8 +103,8 @@
 		FB7564F51512D3C4007B806B /* RNCrypt */ = {
 			isa = PBXGroup;
 			children = (
-				FB7564F81512D3C4007B806B /* RNCrypt.h */,
-				FB7564F91512D3C4007B806B /* RNCrypt.m */,
+				FB75651A1512D3E9007B806B /* RNCryptManager.h */,
+				FB75651B1512D3E9007B806B /* RNCryptManager.m */,
 				FB7564F61512D3C4007B806B /* Supporting Files */,
 			);
 			path = RNCrypt;
@@ -138,6 +144,7 @@
 			isa = PBXHeadersBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
+				FB75651F1512D7F8007B806B /* RNCryptManager.h in Headers */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -186,7 +193,9 @@
 		FB7564E71512D3C4007B806B /* Project object */ = {
 			isa = PBXProject;
 			attributes = {
+				CLASSPREFIX = RN;
 				LastUpgradeCheck = 0430;
+				ORGANIZATIONNAME = "Rob Napier";
 			};
 			buildConfigurationList = FB7564EA1512D3C4007B806B /* Build configuration list for PBXProject "RNCrypt" */;
 			compatibilityVersion = "Xcode 3.2";
@@ -238,7 +247,7 @@
 			isa = PBXSourcesBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
-				FB7564FA1512D3C4007B806B /* RNCrypt.m in Sources */,
+				FB75651D1512D3E9007B806B /* RNCryptManager.m in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -247,6 +256,7 @@
 			buildActionMask = 2147483647;
 			files = (
 				FB7565111512D3C5007B806B /* RNCryptTests.m in Sources */,
+				FB75651E1512D3E9007B806B /* RNCryptManager.m in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -387,6 +397,7 @@
 				FB7565161512D3C5007B806B /* Release */,
 			);
 			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Release;
 		};
 		FB7565171512D3C5007B806B /* Build configuration list for PBXNativeTarget "RNCryptTests" */ = {
 			isa = XCConfigurationList;
@@ -395,6 +406,7 @@
 				FB7565191512D3C5007B806B /* Release */,
 			);
 			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Release;
 		};
 /* End XCConfigurationList section */
 	};

diff --git a/RNCrypt/RNCrypt.h b/RNCrypt/RNCrypt.h
diff --git a/RNCrypt/RNCrypt.m b/RNCrypt/RNCrypt.m
diff --git a/RNCrypt/RNCryptManager.h b/RNCrypt/RNCryptManager.h
@@ -0,0 +1,113 @@
+//
+//  RNCryptManager.h
+//
+//  Copyright (c) 2012 Rob Napier
+//
+//  This code is licensed under the MIT License:
+//
+//  Permission is hereby granted, free of charge, to any person obtaining a 
+//  copy of this software and associated documentation files (the "Software"),
+//  to deal in the Software without restriction, including without limitation
+//  the rights to use, copy, modify, merge, publish, distribute, sublicense,
+//  and/or sell copies of the Software, and to permit persons to whom the
+//  Software is furnished to do so, subject to the following conditions:
+//  
+//  The above copyright notice and this permission notice shall be included in
+//  all copies or substantial portions of the Software.
+//
+//  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
+//  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+//  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+//  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+//  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+//  FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+//  DEALINGS IN THE SOFTWARE.
+//
+
+#import <Foundation/Foundation.h>
+#import <CommonCrypto/CommonCryptor.h>
+#import <CommonCrypto/CommonKeyDerivation.h>
+
+extern NSString * const kRNCryptManagerErrorDomain;
+
+/** AES Encrypter/Decrypter for Mac and iOS.
+ 
+ Provides an easy-to-use, Objective-C interface to the AES functionality of
+ CommonCrypto. Simplifies correct handling of password stretching (PBKDF2),
+ salting, and IV. For more information on these terms, see "Properly encrypting
+ with AES with CommonCrypto" http://robnapier.net/blog/aes-commoncrypto-564
+ 
+ Requires Security.framework.
+ */
+
+
+@interface RNCryptManager : NSObject
+
+///---------------------------------------------------------------------------------------
+/// @name Encrypt/Decrypt In Memory
+///---------------------------------------------------------------------------------------
+
+/** Encrypts data against a password, with a randomly generated IV and salt
+  
+ @param data The data to encrypt
+ @param password A password. Generally this is human-provided. An AES key will be generated from this.
+ @param iv Out parameter set to the randomly generated IV. This may not be `NULL`.
+ @param salt Out parameter set to the randomly generated salt. This may not be `NULL`.
+ @param error Out parameter used if an error occurs. May be `NULL` if no error is required.
+ @return Returns the encrypted data, or `nil` if there is an error.
+ */
+
++ (NSData *)encryptedDataForData:(NSData *)data
+                        password:(NSString *)password
+                              iv:(NSData **)iv
+                            salt:(NSData **)salt
+                           error:(NSError **)error;
+
+/** Decrypts data using a password, IV and salt
+ 
+ @param data The data to decrypt
+ @param password A password. Generally this is human-provided. An AES key will be generated from this using the same algorithm as in the encrypt methods.
+ @param iv The IV (generally provided by encrypt methods)
+ @param salt The salt (generally provided by encrypt methods)
+ @param error Out parameter used if an error occurs. May be `NULL` if no error is required.
+ @return Returns the decrypted data, or `nil` if there is an error.
+ */
+
++ (NSData *)decryptedDataForData:(NSData *)data
+                        password:(NSString *)password 
+                              iv:(NSData *)iv
+                            salt:(NSData *)salt
+                           error:(NSError **)error;
+
+///---------------------------------------------------------------------------------------
+/// @name Encrypt/Decrypt with NSStream
+///---------------------------------------------------------------------------------------
+
+/** Encrypts stream against a password, with a randomly generated IV and salt. IV and salt will be prepended to resulting stream.
+ 
+ @param fromStream The stream to encrypt
+ @param toStream The stream to write encrypted data to
+ @param password A password. Generally this is human-provided. An AES key will be generated from this.
+ @param error Out parameter used if an error occurs. May be `NULL` if no error is required.
+ @return Returns `YES` if successful. Return `NO` and sets `error` if there is an error.
+ */
+
++ (BOOL)encryptFromStream:(NSInputStream *)fromStream
+                 toStream:(NSOutputStream *)toStream
+                 password:(NSString *)password
+                    error:(NSError **)error;
+
+/** Decrypts data using a password. IV and salt must be at the beginning of the stream, as provided by encryptFromStream:toStream:password:error:.
+ 
+ @param fromStream The stream to decrypt
+ @param toStream The stream to write decrypted data to
+ @param password A password. Generally this is human-provided. An AES key will be generated from this using the same algorithm as in the encrypt methods.
+ @param error Out parameter used if an error occurs. May be `NULL` if no error is required.
+ @return Returns `YES` if successful. Return `NO` and sets `error` if there is an error.
+ */
++ (BOOL)decryptFromStream:(NSInputStream *)fromStream
+                 toStream:(NSOutputStream *)toStream
+                 password:(NSString *)password
+                    error:(NSError **)error;
+
+@end