{"id":13466035,"url":"https://github.com/Kitura/BlueRSA","last_synced_at":"2025-03-25T21:31:09.385Z","repository":{"id":54126330,"uuid":"79181143","full_name":"Kitura/BlueRSA","owner":"Kitura","description":"RSA public/private key encryption, private key signing and public key verification in Swift using the Swift Package Manager. Works on iOS, macOS, and Linux (work in progress).","archived":false,"fork":false,"pushed_at":"2024-03-12T14:51:32.000Z","size":337,"stargazers_count":131,"open_issues_count":19,"forks_count":56,"subscribers_count":21,"default_branch":"master","last_synced_at":"2024-08-16T15:30:42.523Z","etag":null,"topics":["linux","macos","rsa-cryptography","rsa-key","rsa-signature","swift"],"latest_commit_sha":null,"homepage":"","language":"Swift","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Kitura.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-01-17T02:45:31.000Z","updated_at":"2024-07-11T12:32:36.000Z","dependencies_parsed_at":"2024-07-31T15:12:24.255Z","dependency_job_id":null,"html_url":"https://github.com/Kitura/BlueRSA","commit_stats":{"total_commits":231,"total_committers":17,"mean_commits":"13.588235294117647","dds":0.6536796536796536,"last_synced_commit":"440f78db26d8bb073f29590f1c7bd31004da09ae"},"previous_names":["ibm-swift/bluersa"],"tags_count":58,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kitura%2FBlueRSA","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kitura%2FBlueRSA/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kitura%2FBlueRSA/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kitura%2FBlueRSA/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Kitura","download_url":"https://codeload.github.com/Kitura/BlueRSA/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":222091807,"owners_count":16929710,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["linux","macos","rsa-cryptography","rsa-key","rsa-signature","swift"],"created_at":"2024-07-31T15:00:38.302Z","updated_at":"2025-03-25T21:31:09.378Z","avatar_url":"https://github.com/Kitura.png","language":"Swift","readme":"\u003cp align=\"center\"\u003e\n    \u003ca href=\"https://www.kitura.io/packages.html#all\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/docs-kitura.io-1FBCE4.svg\" alt=\"APIDoc\"\u003e\n    \u003c/a\u003e\n\u003c/p\u003e\n\n[![](https://img.shields.io/endpoint?url=https%3A%2F%2Fswiftpackageindex.com%2Fapi%2Fpackages%2FKitura%2FBlueRSA%2Fbadge%3Ftype%3Dswift-versions)](https://swiftpackageindex.com/Kitura/BlueRSA)\n[![](https://img.shields.io/endpoint?url=https%3A%2F%2Fswiftpackageindex.com%2Fapi%2Fpackages%2FKitura%2FBlueRSA%2Fbadge%3Ftype%3Dplatforms)](https://swiftpackageindex.com/Kitura/BlueRSA)\n[![License](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n\n\n# BlueRSA\n\nSwift cross-platform RSA wrapper library for RSA encryption and signing. Works on supported Apple platforms (using Security framework).  Linux (using OpenSSL) is working but is still somewhat of a work in progress.\n\n## Contents\n\n* CryptorRSA: Utility functions for RSA encryption and signing. Pure Swift\n\n## Prerequisites\n\n### Swift\n\n* Swift Open Source `swift-4.0.0-RELEASE` toolchain (**Minimum REQUIRED for latest release**)\n* Swift Open Source `swift-5.2-RELEASE` toolchain (**Recommended**)\n* Swift toolchain included in *Xcode Version 10.0 (10A255) or higher*.\n\n### macOS\n\n* macOS 11.5.0 (*Big Sur*) or higher\n* Xcode Version 12.0 (9A325) or higher using the included toolchain (**Minimum REQUIRED for latest release**).\n* Xcode Version 13.4.1 (13F100) or higher using the included toolchain (**Recommended**).\n\n### iOS\n\n* iOS 14.5 or higher\n* Xcode Version 9.0 (9A325) or higher using the included toolchain (**Minimum REQUIRED for latest release**).\n* Xcode Version 13.4.1 (13F100) or higher using the included toolchain (**Recommended**).\n\n### Linux\n\n* Ubuntu 16.04 (or 16.10 but only tested on 16.04) and 18.04.\n* One of the Swift Open Source toolchain listed above.\n* OpenSSL is provided by the distribution.  **Note:** 1.0.x, 1.1.x and later releases of OpenSSL are supported.\n* The appropriate **libssl-dev** package is required to be installed when building.\n\n\n## Build\n\nTo build CryptorRSA from the command line:\n\n```\n% cd \u003cpath-to-clone\u003e\n% swift build\n```\n\n## Testing\n\nTo run the supplied unit tests for **CryptorRSA** from the command line:\n\n```\n% cd \u003cpath-to-clone\u003e\n% swift build\n% swift test\n\n```\n\n## Using CryptorRSA\n\n### Including in your project\n\n#### Swift Package Manager\n\nTo include BlueRSA into a Swift Package Manager package, add it to the `dependencies` attribute defined in your `Package.swift` file. You can select the version using the `majorVersion` and `minor` parameters. For example:\n```\n\tdependencies: [\n\t\t.package(url: \"https://github.com/Kitura/BlueRSA\", majorVersion: \u003cmajorVersion\u003e, minor: \u003cminor\u003e)\n\t]\n```\n\n#### Carthage\n\nTo include BlueRSA in a project using Carthage, add a line to your `Cartfile` with the GitHub organization and project names and version. For example:\n```\n\tgithub \"Kitura/BlueRSA\" ~\u003e \u003cmajorVersion\u003e.\u003cminor\u003e\n```\n\n### Before starting\n\nThe first you need to do is import the CryptorRSA framework.  This is done by the following:\n\n```\nimport CryptorRSA\n```\n\n### Data Types\n\nBlueRSA supports the following *major* data types:\n\n* Key Handling\n\t- `CryptorRSA.PublicKey` - Represents an RSA Public Key.\n\t- `CryptorRSA.PrivateKey` - Represents an RSA Private Key.\n\n* Data Handling\n\t- `CryptorRSA.EncryptedData` - Represents encrypted data.\n\t- `CryptorRSA.PlaintextData` - Represents plaintext or decrypted data.\n\t- `CryptorRSA.SignedData` - Represents signed data.\n\n### Key Handling\n\n**BlueRSA** provides seven (7) functions each for creating public and private keys from data. They are as follows (where *createXXXX* is either `createPublicKey` or `createPrivateKey` depending on what you're trying to create):\n\n- `CryptorRSA.createXXXX(with data: Data) throws` - This creates either a private or public key containing the data provided. *It is assumed that the data being provided is in the proper format.*\n- `CryptorRSA.createXXXX(withBase64 base64String: String) throws` - This creates either a private or public key using the `Base64 encoded String` provided.\n- `CryptorRSA.createXXXX(withPEM pemString: String) throws` - This creates either a private or public key using the `PEM encoded String` provided.\n- `CryptorRSA.createXXXX(withPEMNamed pemName: String, onPath path: String) throws` - This creates either a private or public key using the `PEM encoded file` pointed at by the `pemName` and located on the path specified by `path` provided.\n- `CryptorRSA.createXXXX(withDERNamed derName: String, onPath path: String) throws` - This creates either a private or public key using the `DER encoded file` pointed at by the `derName` and located on the path specified by `path` provided.\n- `CryptorRSA.createXXXX(withPEMNamed pemName: String, in bundle: Bundle = Bundle.main) throws` - This creates either a private or public key using the `PEM encoded file` pointed at by the `pemName` and located in the `Bundle` specified by `bundle` provided. By default this API will look in the `main` bundle. **Note: Apple Platforms Only**\n- `CryptorRSA.createXXXX(withDERNamed derName: String, in bundle: Bundle = Bundle.main) throws` - This creates either a private or public key using the `DER encoded file` pointed at by the `derName` and located in the `Bundle` specified by `bundle` provided. By default this API will look in the `main` bundle. **Note: Apple Platforms Only**\n\nAdditionally, there are three APIs for creating a *public key* by extracting the key from a PEM formatted certificate:  They are:\n\n- `CryptorRSA.createPublicKey(extractingFrom data: Data) throws` - This creates either a public key by extracting from the `PEM encoded certificate` pointed at by the `data`.\n- `CryptorRSA.createPublicKey(extractingFrom certName: String, onPath path: String) throws` - This creates a public key by extracting from the `PEM encoded certificate` pointed at by the `certName` and located on the path specified by `path` provided.\n- `CryptorRSA.createPublicKey(extractingFrom certName: String, in bundle: Bundle = Bundle.main) throws` - This creates a public key using the `PEM encoded certificate` pointed at by the `derName` and located in the `Bundle` specified by `bundle` provided. By default this API will look in the `main` bundle. **Note: Apple Platforms Only**\n\n\n**Example**\n\nThe following example illustrates creating a public key given PEM encoded file located on a certain path. *Note: Exception handling omitted for brevity.\n\n```\nimport Foundation\nimport CryptorRSA\n\n...\n\nlet keyName = ...\nlet keyPath = ...\n\nlet publicKey = try CryptorRSA.createPublicKey(withPEMNamed: keyName, onPath: keyPath)\n\n...\n\n\u003cDo something with the key...\u003e\n\n```\n\n### Data Encryption and Decryption Handling\n\n**BlueRSA** provides functions for the creation of each of the three (3) data handling types:\n\n**Plaintext Data Handling and Signing**\n\nThere are two class level functions for creating a `PlaintextData` object. These are:\n\n- `CryptorRSA.createPlaintext(with data: Data) -\u003e PlaintextData` - This function creates a `PlaintextData` containing the specified `data`.\n- `CryptorRSA.createPlaintext(with string: String, using encoding: String.Encoding) throws -\u003e PlaintextData` - This function creates a `PlaintextData` object using the `string` encoded with the specified `encoding` as the data.\n\nOnce the `PlaintextData` object is created, there are two instance functions that can be used to manipulate the contained data.  These are:\n\n- `encrypted(with key: PublicKey, algorithm: Data.Algorithm) throws -\u003e EncryptedData?` - This function allows you to encrypt containing data using the public `key` and `algorithm` specified.  This function returns an optional `EncryptedData` object containing the encryped data.\n- `signed(with key: PrivateKey, algorithm: Data.Algorithm) throws -\u003e SignedData?` - This function allows you to sign the contained data using the private `key` and `algorithm` specified.  This function returns an optional `SignedData` object containing the signature of the signed data.\n\n**Example**\n\n- *Encryption*: **Note:** Exception handling omitted for brevity.\n\n```\nimport Foundation\nimport CryptorRSA\n\n...\n\nlet keyName = ...\nlet keyPath = ...\n\nlet myData: Data = \u003c... Data to be encrypted ...\u003e\n\nlet publicKey = try CryptorRSA.createPublicKey(withPEMNamed: keyName, onPath: keyPath)\nlet myPlaintext = CryptorRSA.createPlaintext(with: myData)\nlet encryptedData = try myPlaintext.encrypted(with: publicKey, algorithm: .sha1)\n\n...\n\n\u003c Do something with the encrypted data...\u003e\n\n```\n\n- *Signing*: **Note:** Exception handling omitted for brevity.\n\n```\nimport Foundation\nimport CryptorRSA\n\n...\n\nlet keyName = ...\nlet keyPath = ...\n\nlet myData: Data = \u003c... Data to be signed ...\u003e\n\nlet privateKey = try CryptorRSA.createPrivateKey(withPEMNamed: keyName, onPath: keyPath)\nlet myPlaintext = CryptorRSA.createPlaintext(with: myData)\nlet signedData = try myPlaintext.signed(with: privateKey, algorithm: .sha1)\n\n...\n\n\u003c Do something with the signed data...\u003e\n\n```\n**Encrypted Data Handling**\n\nThere are two class level functions for creating a `EncryptedData` object. These are:\n\n- `CryptorRSA.createEncrypted(with data: Data) -\u003e EncryptedData` - This function creates a `EncryptedData` containing the specified encrypted `data`.\n- `CryptorRSA.createEncrypted(with base64String: String) throws -\u003e EncryptedData` - This function creates a `EncrpytedData` using the *Base64* representation of already encrypted data.\n\nOnce the `EncryptedData` object is created, there is an instance function that can be used to decrypt the enclosed data:\n\n- `decrypted(with key: PrivateKey, algorithm: Data.Algorithm) throws -\u003e DecryptedData?` - This function allows you to decrypt containing data using the public `key` and `algorithm` specified.  This function returns an optional `DecryptedData` object containing the encryped data.\n\nBlueRSA currently supports `OAEP` padding, which is the recommended padding algorithm. \n\n**Example**\n\n- *Decryption*: **Note**: Exception handling omitted for brevity.\n\n```\nimport Foundation\nimport CryptorRSA\n\n...\n\nlet keyName = ...\nlet keyPath = ...\nlet publicKey = try CryptorRSA.createPublicKey(withPEMNamed: keyName, onPath: keyPath)\n\nlet pkeyName = ...\nlet pkeyPath = ...\nlet privateKey = try CryptorRSA.createPrivateKey(withPEMNamed: pkeyName, onPath: pkeyPath)\n\nlet myData: Data = \u003c... Data to be encrypted ...\u003e\n\nlet myPlaintext = CryptorRSA.createPlaintext(with: myData)\nlet encryptedData = try myPlaintext.encrypted(with: publicKey, algorithm: .sha1)\n\nlet decryptedData = try encryptedData.decrypted(with: privateKey, algorithm: .sha1)\n\n...\n\n\u003c Do something with the decrypted data...\u003e\n\n\n```\n\n\n### Signature Verification Handling\n\nThere is a single class level function that can be used to create a `SignedData` object. It is:\n\n- `CryptorRSA.createSigned(with data: Data) -\u003e SignedData` - This function creates a `SignedData` containing the specified signed `data`.\n\nOnce created or obtained `PlaintextData` and `SignedData`, there is an instance function which can be used to verify the signature contained therein:\n\n- `verify(with key: PublicKey, signature: SignedData, algorithm: Data.Algorithm) throws -\u003e Bool` - This function is used to verify, using the public `key` and `algorithm`, the `signature`.  Returns true if the signature is valid, false otherwise.\n\n- *Verifying*: **Note:** Exception handling omitted for brevity.\n\n```\nimport Foundation\nimport CryptorRSA\n\n...\n\nlet keyName = ...\nlet keyPath = ...\nlet publicKey = try CryptorRSA.createPublicKey(withPEMNamed: keyName, onPath: keyPath)\n\nlet pkeyName = ...\nlet pkeyPath = ...\nlet privateKey = try CryptorRSA.createPrivateKey(withPEMNamed: pkeyName, onPath: pkeyPath)\n\nlet myData: Data = \u003c... Data to be signed ...\u003e\n\nlet myPlaintext = CryptorRSA.createPlaintext(with: myData)\nlet signedData = try myPlaintext.signed(with: privateKey, algorithm: .sha1)\n\nif try myPlaintext.verify(with: publicKey, signature: signedData, algorithm: .sha1) {\n\n\tprint(\"Signature verified\")\n\n} else {\n\n\tprint(\"Signature Verification Failed\")\n}\n\n```\n\n### Data Type Utility Functions\n\nAll three of the data handling types have two common utility instance functions.  These are:\n\n- `digest(using algorithm: Data.Algorithm) throws -\u003e Data` - This function returns a `Data` object containing a digest constructed using the specified `algorithm`.\n- `string(using encoding: String.Encoding) throws -\u003e String` - This functions returns a `String` representation of the data using the specified `encoding`.\n\n## Community\n\nWe love to talk server-side Swift and Kitura. Join our [Slack](http://swift-at-ibm-slack.mybluemix.net/) to meet the team!\n\n## License\n\nThis library is licensed under Apache 2.0. Full license text is available in [LICENSE](https://github.com/Kitura/BlueRSA/blob/master/LICENSE).\n","funding_links":[],"categories":["Libs","Security [🔝](#readme)","Swift"],"sub_categories":["Security"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FKitura%2FBlueRSA","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FKitura%2FBlueRSA","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FKitura%2FBlueRSA/lists"}