FZAKeyManager Class Reference

Inherits from	NSObject
Declared in	FZAKeyManager.h

Overview

FZAKeyManager is an abstract class for creating and managing encryption keys.

This class should be inherited to provide cryptographic storage appropriate to the platform on which the library is running.

Tasks

– hasKey
Report on whether the key manager already has a key to use.
– clearPasswordAndSalt
Clear existing key chain items for password and salt.
– randomDataOfLength:
Create some random data.
– keyFromPassword:salt:
Generate a key from a password.
– storeKeyDerivedFromPassword:salt:error:
Set a new key derived from a password supplied by the user.
– key
Retrieve and return the key from cryptographic storage.
+ newKeyManager
Return a new subclass of this class, appropriate to the current platform.

Class Methods

newKeyManager

Return a new subclass of this class, appropriate to the current platform.

+ (FZAKeyManager *)newKeyManager

Declared In

FZAKeyManager.h

Instance Methods

clearPasswordAndSalt

Clear existing key chain items for password and salt.

- (void)clearPasswordAndSalt

Declared In

FZAKeyManager.h

hasKey

Report on whether the key manager already has a key to use.

- (BOOL)hasKey

Declared In

FZAKeyManager.h

key

Retrieve and return the key from cryptographic storage.

- (NSData *)key

Discussion

This method must be overridden by subclasses.

Declared In

FZAKeyManager.h

keyFromPassword:salt:

Generate a key from a password.

- (NSData *)keyFromPassword:(NSString *)password salt:(NSData *)salt

Parameters

password: The string to use as the password.

salt: The salt data to use.

Return Value

A data key.

Discussion

This function is repeatable, in that the same password and salt always creates the same key. The key derived from the password is only stored on the local device, where the target data is already available in the clear – it never appears in the sync folder.

Declared In

FZAKeyManager.h

randomDataOfLength:

Create some random data.

- (NSData *)randomDataOfLength:(NSInteger)length

Parameters

length: The number of bytes of randomness needed.

Return Value

The random data.

Discussion

This method must be overridden by subclasses.

Declared In

FZAKeyManager.h

storeKeyDerivedFromPassword:salt:error:

Set a new key derived from a password supplied by the user.

- (BOOL)storeKeyDerivedFromPassword:(NSString *)password salt:(NSData *)salt error:(NSError **)error

Parameters

password: The string to use as the password.

salt: Some random data fed into the key derivation function.

error: Any error that occurs.

Return Value

YES if the key was stored succcessfully, NO if not (error will be set).

Discussion

This key gets stored into whatever cryptographic storage is available on the target platform.

This method must be overridden by subclasses.

Declared In

FZAKeyManager.h