{"id":21921228,"url":"https://github.com/alexaubry/ServerCrypto","last_synced_at":"2025-07-21T20:31:08.249Z","repository":{"id":63902020,"uuid":"104220354","full_name":"alexaubry/ServerCrypto","owner":"alexaubry","description":"Easy Cryptography for Server-Side Swift","archived":false,"fork":false,"pushed_at":"2018-08-02T22:21:42.000Z","size":145,"stargazers_count":11,"open_issues_count":1,"forks_count":3,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-07-19T11:06:38.149Z","etag":null,"topics":["cryptography","ecdsa","hash","hmac","rsa","server-side-swift","signature-verification"],"latest_commit_sha":null,"homepage":"","language":"Swift","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/alexaubry.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-09-20T13:39:57.000Z","updated_at":"2022-01-09T20:32:44.000Z","dependencies_parsed_at":"2023-01-14T13:00:46.653Z","dependency_job_id":null,"html_url":"https://github.com/alexaubry/ServerCrypto","commit_stats":null,"previous_names":["alexaubry/servercrypto"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/alexaubry/ServerCrypto","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexaubry%2FServerCrypto","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexaubry%2FServerCrypto/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexaubry%2FServerCrypto/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexaubry%2FServerCrypto/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/alexaubry","download_url":"https://codeload.github.com/alexaubry/ServerCrypto/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexaubry%2FServerCrypto/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266375054,"owners_count":23919511,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-21T11:47:31.412Z","response_time":64,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptography","ecdsa","hash","hmac","rsa","server-side-swift","signature-verification"],"created_at":"2024-11-28T20:19:54.783Z","updated_at":"2025-07-21T20:31:07.884Z","avatar_url":"https://github.com/alexaubry.png","language":"Swift","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ServerCrypto\n\n[![Build Status](https://travis-ci.org/alexaubry/ServerCrypto.svg?branch=master)](https://travis-ci.org/alexaubry/ServerCrypto)\n[![Requires Swift 4.0](https://img.shields.io/badge/Swift-4.0-ee4f37.svg)]()\n[![Supports macOS and Linux](https://img.shields.io/badge/os-linux%20%7C%20macOS-lightgrey.svg)]()\n\nServerCrypto is a library that makes server-side cryptography easy in Swift.\n\n## Installation\n\nTo use ServerCrypto in your project, add this line to your `Package.swift`:\n\n~~~swift\n.package(url: \"https://github.com/alexaubry/ServerCrypto\", from: \"1.0.0\")\n~~~\n\nMake sure you have OpenSSL installed before using the library.\n\nOn macOS, you need to provide the following flags to build or test from the command line:\n\n~~~bash\nswift build -Xswiftc -I/usr/local/opt/openssl/include -Xlinker -L/usr/local/opt/openssl/lib\n~~~\n\n## Features\n\n- [Hashing](#hashing)\n- [HMAC Signature](#hmac-signature)\n- [HMAC Verification](#hmac-verification)\n- [Asymmetric Signature](#asymmetric-signature)\n- [Asymmetric Signature Verification](#asymmetric-signature-verification)\n\n## Hashing\n\nTo compute the hash of a sequence of bytes, you use an instance of `Hasher`.\n\n`Hasher` can generate hashes for `Data`, `[UInt8]` ; and any type than conforms to the `Bytes` protocols.\n\nThe following hashing algorithms are supported:\n\n~~~\n.md4 .md5 .sha1 .sha224 .sha256 .sha384 .sha512 .ripeMd160\n~~~\n\n#### Example\n\nTo compute the SHA-256 hash of a String, write the following code:\n\n~~~swift\nimport Hash\n\nlet hasher = Hasher.sha256\n\nlet messageData = \"Hello world\".data(using: .utf8)!\nlet hashData = try hasher.makeHash(for: messageData) // Returns a Data object\nlet hashHexString = hashData.hexString\n~~~\n\n## HMAC Signature\n\nTo create an HMAC signature, you need:\n\n- A message digest / hashing algorithm\n- A key with a password\n- A message to sign\n\nYou use an instance of `Signer` to generate an HMAC signature. Any type supported by [`Hasher`](#hashing) is also supported by `Signer`.\n\n#### Example\n\nTo compute the SHA-256 HMAC of a String, you need to follow these steps:\n\n**1-** Create an HMAC key with a password\n\n~~~swift\nimport Signature\n\nlet key = try HMACKey(password: \"secret\")\n~~~\n\n**2-** Create an HMAC signer\n\n~~~swift\nlet signer = Signer.hmac(key)\n~~~\n\n**3-** Get the HMAC for the message\n\n~~~swift\nlet messageData = \"Hello world\".data(using: .utf8)!\nlet hmacData = signer.sign(messageData, with: .sha256) // Returns a Data object\nlet hmacHexString = hmacData.hexString\n~~~\n\n## HMAC Verification\n\nTo verify that an HMAC signature is valid for the message you expect, you need:\n\n- A message digest / hashing algorithm\n- A key with an expected password\n- An expected message\n- A signature to verify\n\nYou use an instance of `Signer` to verify an HMAC signature. The signature must be a `Data` object. The expected message can be any type supported by [`Hasher`](#hashing).\n\n#### Example\n\nTo verify the SHA-256 HMAC of a String, you need to follow these steps:\n\n**1-** Create an HMAC key with the expected password\n\n~~~swift\nimport Signature\n\nlet key = try HMACKey(password: \"secret\")\n~~~\n\n**2-** Create an HMAC signer\n\n~~~swift\nlet signer = Signer.hmac(key)\n~~~\n\n**3-** Verify the HMAC for the message\n\n~~~swift\nlet hmacData = ...\nlet messageData = \"Hello world\".data(using: .utf8)!\nlet isValid = signer.verify(signature: hmacData, for: messageData, with: .sha256) // Returns a Bool\n~~~\n\n## Asymmetric Signature\n\nSignature.framework can generate signatures using private keys and algorithms like RSA and ECDSA.\n\nTo create a signature, you need:\n\n- A message digest / hashing algorithm\n- A private PEM-encoded key\n- A message to sign\n\nYou use an instance of `Signer` to generate a signature. Any type supported by [`Hasher`](#hashing) is also supported by `Signer`.\n\n#### Example\n\nTo compute the SHA-256 ECDSA signature of a String, you need to follow these steps:\n\n**1-** Load a private key from a PEM file:\n\n~~~swift\nimport Signature\n\nlet privateKey = try AsymmetricKey.makePrivateKey(readingPEMAtPath: \"path/to/public/key.pem\", passphrase: \"...\")\n~~~\n\nYou can also load a PEM key from memory using `AsymmetricKey.makePrivateKey(readingPEMData: Data,passphrase: String?)`.\n\n**2-** Create an asymmetric signer\n\n~~~swift\nlet signer = Signer.asymmetric(privateKey)\n~~~\n\n**3-** Get the signature for the message\n\n~~~swift\nlet messageData = \"Hello world\".data(using: .utf8)!\nlet hmacData = signer.sign(messageData, with: .sha256) // Returns a Data object\nlet hmacHexString = hmacData.hexString\n~~~\n\n## Asymmetric Signature Verification\n\nTo verify that a signature is valid for the message you expect, you need:\n\n- A message digest / hashing algorithm\n- The public key associated with the expected private key\n- An expected message\n- A signature to verify\n\nYou use an instance of `Signer` to verify a signature. The signature must be a `Data` object. The expected message can be any type supported by [`Hasher`](#hashing).\n\n#### Example\n\nTo verify that a SHA-256 ECDSA signature of a String is valid for the public key, you need to follow these steps:\n\n**1-** Load the public key from a PEM file\n\n~~~swift\nimport Signature\n\nlet publicKey = try AsymmetricKey.makePublicKey(readingPEMAtPath: \"path/to/private/key.pem\")\n~~~\n\nYou can also load the key from memory using `AsymmetricKey.makePublicKey(readingPEMData: Data)`.\n\n**2-** Create an asymmetric signer\n\n~~~swift\nlet signer = Signer.asymmetric(publicKey)\n~~~\n\n**3-** Verify the signatrure for the message\n\n~~~swift\nlet hmacData = ...\nlet messageData = \"Hello world\".data(using: .utf8)!\nlet isValid = signer.verify(signature: hmacData, for: messageData, with: .sha256) // Returns a Bool\n~~~\n\n## Author\n\nAlexis Aubry, me@alexaubry.fr\n\nYou can find me on Twitter : [@_alexaubry](https://twitter.com/_alexaubry)\n\n## License\n\nServerCrypto is available under the MIT License. See the [LICENSE](LICENSE) file for more info.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falexaubry%2FServerCrypto","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falexaubry%2FServerCrypto","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falexaubry%2FServerCrypto/lists"}