{"id":13995621,"url":"https://github.com/kryptco/swift-pgp","last_synced_at":"2025-07-22T22:31:26.806Z","repository":{"id":51187558,"uuid":"91335607","full_name":"kryptco/swift-pgp","owner":"kryptco","description":"A pure Swift library for parsing and creating PGP RFC 4880 public keys, user ids, and signatures.","archived":true,"fork":false,"pushed_at":"2019-06-18T18:15:14.000Z","size":108,"stargazers_count":68,"open_issues_count":1,"forks_count":17,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-11-29T18:40:38.038Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://krypt.co","language":"Swift","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kryptco.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-05-15T12:32:27.000Z","updated_at":"2024-10-07T09:10:54.000Z","dependencies_parsed_at":"2022-08-30T08:40:19.681Z","dependency_job_id":null,"html_url":"https://github.com/kryptco/swift-pgp","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/kryptco/swift-pgp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kryptco%2Fswift-pgp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kryptco%2Fswift-pgp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kryptco%2Fswift-pgp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kryptco%2Fswift-pgp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kryptco","download_url":"https://codeload.github.com/kryptco/swift-pgp/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kryptco%2Fswift-pgp/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266585784,"owners_count":23952163,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-22T02:00:09.085Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-09T14:03:30.862Z","updated_at":"2025-07-22T22:31:26.524Z","avatar_url":"https://github.com/kryptco.png","language":"Swift","funding_links":[],"categories":["Swift"],"sub_categories":[],"readme":"# swift-pgp\nA pure\u003csup\u003e1\u003c/sup\u003e Swift library for parsing and creating PGP [RFC 4880](https://tools.ietf.org/html/rfc4880)  public keys, user ids, and signatures. This library is designed to be public-key-cryptography-implementation-agnostic. That is, you can use swift-pgp with any public-key crypto implementation you choose, provided it is either an RSA or Ed25519 cryptosystem.\n\n\u003e **1**. Except for SHA hash functions from CommonCrypto.\n\n# Created For Krypton Core\n\u003ca href=\"https://krypt.co\"\u003e\u003cimg src=\"https://krypt.co/static/dist/img/krypton_core_logo.svg\" width=\"200\"/\u003e \u003c/a\u003e\n\nThis library was created for __Krypton__. \nFor more information, check out [krypt.co](https://krypt.co).\n\n# Supported Features\nCurrently, swift-pgp only signatures for certifications and binary documents, but it's abstracted to support the full RFC 4880 spec, see the next section for whats in the pipeline.\n\n- Public Keys: parse and create PGP public keys\n    - [x] RSA\n    - [x] Ed25519 (via ext. [eddsa draft](https://tools.ietf.org/html/draft-koch-eddsa-for-openpgp-00))\n    \n- Signatures: parse and create PGP Signatures\n    - [x] Certify Public Key \u003c\u003e User ID binding (aka Certification Signatures)\n    - [x] Binary Documents \n\n - ASCII Armor: parse and create ASCII armored PGP messages\n\n# Coming Soon\nThe next phase of swift-pgp is to support formatting PGP encrypted messages. This will add support for parsing and creating structures like:\n\n- [ ] Symmetric-Key Encrypted Session Keys\n- [ ] Symmetrically Encrypted Data\n \n# Installing\n1. `git submodule init; git submodule add git@github.com:kryptco/swift-pgp\n2. Drag PGPFormat.xcodeproj/ to your project (don't check copy files, they're already there)\n3. Add `CommonCrypto` to your project:\n\nGo to Build Phases and add this `run script` phase:\n\n```bash\nmodulesDirectory=$DERIVED_FILES_DIR/modules\nmodulesMap=$modulesDirectory/module.modulemap\nmodulesMapTemp=$modulesDirectory/module.modulemap.tmp\n\nmkdir -p \"$modulesDirectory\"\n\ncat \u003e \"$modulesMapTemp\" \u003c\u003c MAP\nmodule CommonCrypto [system] {\n    header \"$SDKROOT/usr/include/CommonCrypto/CommonCrypto.h\"\n    export *\n}\nMAP\n\ndiff \"$modulesMapTemp\" \"$modulesMap\" \u003e/dev/null 2\u003e/dev/null\nif [[ $? != 0 ]] ; then\nmv \"$modulesMapTemp\" \"$modulesMap\"\nelse\nrm \"$modulesMapTemp\"\nfi\n```\n\u003cimg width=\"959\" alt=\"screen shot 2017-08-31 at 11 55 25 am\" src=\"https://user-images.githubusercontent.com/356333/29932834-722f707e-8e43-11e7-848e-49b9eb3cc8e6.png\"\u003e\n\n\n# How to use swift-pgp\nCreate signatures with swift-pgp by utilizing the `Signable` interface. The `Signable` interface is what makes the swift-pgp library public-key-cryptography-implementation-agnostic.\n\n```swift\n    /**\n        Represents a structure that can be signed\n    */\n    public protocol Signable {\n        var signature:Signature { get set }\n        func signableData() throws -\u003e Data\n    }\n```\n\nThe `Signable` interface is extended to provide two useful functions\n - `func dataToHash() throws -\u003e Data`\n - `mutating func set(hash:Data, signedHash:Data) throws`\n \nThis lets you initialize a signable, extract the data that needs to be hashed via `dataToHash()`, hash it, sign it, and then set the hash and signature via `set(hash:Data, signedHash:Data)`. The `dataToHash()` function can also be used to extract the data that needs to be hashed to verify signatures.\n\nCurrently, there are only two types of Signables: `SignedPublicKeyIdentity` and `SignedBinaryDocument`.\n\n# Examples\nBelow are a few examples for creating certification and binary document signatures.\n\n## `SignedPublicKeyIdentity`\nA Public Key \u003c\u003e User ID binding certification.\n\n```swift\n// initialize a public key\nlet publicKeyData = RSAPublicKey(modulus: ..., exponent: ...)\nlet publicKey = try PublicKey(create: .rsaSignOnly, publicKeyData: publicKeyData, date: Date())\n\n// initialize a user id\nlet userID = UserID(name: \"Alex Grinman\", email: \"hello@krypt.co\")\n\n// initialize the signed public key\nvar signedPublicKey = try SignedPublicKeyIdentity(publicKey: publicKey, userID: userID, hashAlgorithm: .sha512)\n\n// extract the data to hash and sign, sign it, and set it on the signedPublicKey\nlet dataToHash = try signedPublicKey.dataToHash()\nlet hash = H(dataToHash) // where H is your chosen (i.e. sha512) hash implementation\nlet signatureData = X(dataToHash) // where X is your chosen RSA sign implementation\n\ntry signedPublicKey.set(hash: hash, signedHash: signatureData)\n\n// get the ASCII armored message\nlet asciiMessage = try signedPublicKey.armoredMessage(blockType: .publicKey, comment: \"created with swift-pgp\")\n```\n\n\n\u003e **Multiple UserIDs** often certifications need to say that several User IDs are binded to a public key. swift-pgp provides a helper struct for this called `SignedPublicKeyIdentities` that is initialized with an list of `SignedPublicKeyIdentity`s.\n\n## `SignedBinaryDocument`\nA signature for a binary document.\n\n```swift\n// the bytes of the document being signed, i.e. 0xDEADBEEF\nlet binaryData = Data(bytes: [0xDE, 0xAD, 0xBE, 0xEF])\n\nvar signedBinary = SignedBinaryDocument(binary: binaryData, publicKeyAlgorithm: .rsaSignOnly, hashAlgorithm: .sha512)\n\n// extract the data to hash and sign, sign it, and set it on the signedPublicKey\nlet dataToHash = try signedBinary.dataToHash()\nlet hash = H(dataToHash) // where H is your chosen (i.e. sha512) hash implementation\nlet signatureData = X(dataToHash) // where X is your chosen RSA sign implementation\n\n// compile the signed public key packets\ntry signedBinary.set(hash: hash, signedHash: signatureData)\n\n// return ascii armored signature\nlet asciiMessage = try signedBinary.set(blockType: .signature, comment: \"created with swift-pgp\")\n```\n\n# License\nWe are currently deciding on a license for swift-pgp.\nFor now, the code is released under All Rights Reserved.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkryptco%2Fswift-pgp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkryptco%2Fswift-pgp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkryptco%2Fswift-pgp/lists"}