CFHipsterRef Low-Level Programming on iOS & Mac OS X
Introduction
1. Kernel
2. Objective-C Runtime
- 2.1. libobjc
- 2.2. Message Sending
- 2.3. Metaprogramming with Properties
- 2.4. Associated Objects
- 2.5. Dynamically Adding a Method
- 2.6. Method Swizzling
- 2.7. Dynamically Creating a Class
3. Clang
- 3.1. libclang
- 3.2. Translation Units
- 3.3. AST
- 3.4. Tokens
- 3.5. Diagnostics
- 3.6. Fix-Its
- 3.7. Clang CLI
- 3.8. Static Analyzer
4. OSAtomic
5. Grand Central Dispatch
6. Inter-Process Communication
7. Core Services
8. ImageIO
- 8.1. Supported Image Types
- 8.2. Writing to a File
- 8.3. Reading from a File
- 8.4. Incrementally Reading an Image
- 8.5. Image Metadata
9. Accelerate
- 9.1. Benchmarking Performance
- 9.2. vecLib
- 9.3. vImage
10. Security
- 10.1. Keychain Services
- 10.2. Cryptographic Message Syntax
- 10.3. Certificate, Key, and Trust Services
- 10.4. Security Transform Services
- 10.5. Randomization Services
- 10.6. CommonCrypto
11. System Configuration
- 11.1. Determining Network Reachability Synchronously
- 11.2. Determining Network Reachability Asynchronously
12. International Components for Unicode
13. Dictionary Services
14. Xcode Toolchain
15. Third-Party Tools
16. CocoaPods

CFHipsterRef Low-Level Programming on iOS & Mac OS X

Cryptographic Message Syntax

Cryptographic Message Syntax is the IETF’s standard for public key encryption and digital signatures for S/MIME messages. Apple’s Cryptographic Message Syntax Services in the Security framework provide APIs that implement these industry standard algorithms.

Messages can either be signed, encrypted, or both, by any number of signers or recipients. To sign a message is to allow the recipient to verify its sender. To encrypt a message is to ensure that it kept secret from everyone but the recipients, who alone are able to decrypt the message’s content. These two operations are orthogonal, but cryptographically related.

Encoding a Message

NSData *data;
SecCertificateRef certificateRef;
CMSEncoderRef encoder;
CMSEncoderCreate(&encoder);

// Encrypt
CMSEncoderUpdateContent(encoder, [data bytes], [data length]);
CMSEncoderAddRecipients(encoder, certificateRef);

// Sign
SecIdentityRef identityRef = nil;
SecIdentityCreateWithCertificate(nil, certificateRef, &identityRef);
CMSEncoderUpdateContent(encoder, [data bytes], [data length]);
CMSEncoderAddSigners(encoder, identityRef);
CFRelease(identityRef);
CMSEncoderUpdateContent(encoder, [data bytes], [data length]);

MSEncoderAddSignedAttributes(encoder, kCMSAttrSmimeCapabilities);
CFDataRef encryptedDataRef;
CMSEncoderCopyEncodedContent(encoder, &encryptedDataRef);
NSData *encryptedData = [NSData dataWithData:(__bridge NSData *)􏰀encryptedDataRef];
CFRelease(encoder);

Decoding a Message

CMSDecoderRef decoder;
CMSDecoderCreate(&decoder);
CMSDecoderUpdateMessage(decoder, [encryptedData bytes], [encryptedData length]);� ;
CMSDecoderFinalizeMessage(decoder);

CFDataRef decryptedDataRef;
CMSDecoderCopyContent(decoder, &decryptedDataRef);
NSData *decryptedData = [NSData dataWithData:(__bridge NSData *)􏰀decryptedDataRef];

CFRelease(decryptedDataRef);
CFRelease(decoder);