https://github.com/netreconlab/parsecertificateauthority
Send CSR's and retreive certificates to/from ca-server's from your own Swift based client and server apps.
https://github.com/netreconlab/parsecertificateauthority
certificate-authority certificate-signing-request csr hacktoberfest parse-cloud-code parse-server server-side-swift swift
Last synced: 6 months ago
JSON representation
Send CSR's and retreive certificates to/from ca-server's from your own Swift based client and server apps.
- Host: GitHub
- URL: https://github.com/netreconlab/parsecertificateauthority
- Owner: netreconlab
- License: apache-2.0
- Created: 2023-01-27T18:12:57.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-11-18T18:00:42.000Z (11 months ago)
- Last Synced: 2025-04-13T15:41:39.400Z (6 months ago)
- Topics: certificate-authority, certificate-signing-request, csr, hacktoberfest, parse-cloud-code, parse-server, server-side-swift, swift
- Language: Swift
- Homepage: https://swiftpackageindex.com/netreconlab/ParseCertificateAuthority/main/documentation/parsecertificateauthority
- Size: 2.41 MB
- Stars: 2
- Watchers: 1
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# ParseCertificateAuthority
[](https://swiftpackageindex.com/netreconlab/ParseCertificateAuthority/documentation)
[](https://netreconlab.github.io/ParseCertificateAuthority/release/tutorials/parsecertificateauthority/)
[](https://github.com/netreconlab/ParseCertificateAuthority/actions?query=workflow%3Aci+branch%3Amain)
[](https://github.com/netreconlab/ParseCertificateAuthority/actions/workflows/release.yml)
[](https://codecov.io/gh/netreconlab/ParseCertificateAuthority)
[](https://github.com/netreconlab/ParseCertificateAuthority/blob/main/LICENSE)
[](https://swiftpackageindex.com/netreconlab/ParseCertificateAuthority)
[](https://swiftpackageindex.com/netreconlab/ParseCertificateAuthority)
---
Send CSR's and retreive certificates to/from `ca-server`'s from your own Swift based client and server apps. `Certificatable` allows any object to support certificates while `ParseCertificatable` allows any [ParseObject](https://netreconlab.github.io/Parse-Swift/release/documentation/parseswift/parseobject) from [Parse-Swift](https://github.com/netreconlab/Parse-Swift). `ParseCertificateAuthority` helps developers add an extra layer of security to their apps by making it easy to enable certificate pinning, authentication/verification, encrypting/decrypting, and secure device-to-device offline communication with key/certificate exchange.
## `ParseCertificateAuthority` is Designed to Work With `ca-server`
- [ca-server](https://github.com/netreconlab/ParseCertificateAuthority) - A certificate authority(CA) that can turn CSR's into certificates
- [CertificateSigningRequest](https://github.com/cbaker6/CertificateSigningRequest) - Generate CSR's on Swift clients and servers that can later be signed by `ca-server`
- [Parse-Swift](https://github.com/netreconlab/Parse-Swift) - Write Parse client apps in Swift. When coupled with [ParseCertificateAuthority](https://github.com/netreconlab/ParseCertificateAuthority) and [CertificateSigningRequest](https://github.com/cbaker6/CertificateSigningRequest), provides the complete client-side stack for generating CSR's, sending/receiving certificates to/from `ca-server`
- [ParseServerSwift](https://github.com/netreconlab/parse-server-swift) - Write Parse Server Cloud Code apps in Swift. When coupled with [ParseCertificateAuthority](https://github.com/netreconlab/ParseCertificateAuthority), [CertificateSigningRequest](https://github.com/cbaker6/CertificateSigningRequest), and [Parse-Swift](https://github.com/netreconlab/Parse-Swift) provides the complete server-side stack for generating CSR's, sending/receiving certificates to/from `ca-server`
## Adding `ParseCertificateAuthority` to Your App
Setup a Vapor project by following the [directions](https://www.kodeco.com/11555468-getting-started-with-server-side-swift-with-vapor-4) for installing and setting up your project on macOS or linux.
In your `Package.swift` file add `ParseCertificateAuthority` to `dependencies`:
```swift
// swift-tools-version:5.5.2
import PackageDescription
let package = Package(
name: "YOUR_PROJECT_NAME",
dependencies: [
.package(url: "https://github.com/netreconlab/ParseCertificateAuthority", .upToNextMajor(from: "0.1.0")),
]
)
```
## Configure `ParseCertificateAuthority`
```swift
import ParseCertificateAuthority
// Innitialize ParseCertificateAuthority
let caConfiguration = try ParseCertificateAuthorityConfiguration(caURLString: "http://certificate-authority:3000", // The url for `ca-server`.
caRootCertificatePath: "/ca_certificate", // The root certificate path on `ca-server`.
caCertificatesPath: "/certificates/", // The certificates path on `ca-server`.
caUsersPath: "/appusers/") // The user path on `ca-server`.
initialize(configuration: caConfiguration)
```
## Choosing an `Object` or `ParseObject` Model to Conform to `Certificatable` or `ParseCertificatable`
Below is an example of conforming to `ParseCertificatable` if you are using `Parse-Swift`. If you are not using `Parse-Swift`, the process is similar except you conform to `Certificatable` and use the relevant methods. At least one of your `ParseObject` models need to conform to `ParseCertificatable`. A good candidate is a model that already conforms to `ParseInstallatiion` as this is unique per installation on each device.
```swift
// Conform to `ParseCertificatable`. If not using Parse-Swift, conform to `Certificatable` instead.
struct Installation: ParseInstallation, ParseCertificatable {
var rootCertificate: String?
var certificate: String?
var csr: String?
var certificateId: String? {
installationId
}
...
}
```
## Creating a New Certificate From a CSR
Once you have a CSR from a package like [CertificateSigningRequest](https://github.com/cbaker6/CertificateSigningRequest), you can create an account for the current `ParseUser` automatically and send the CSR to a [ca-server](https://github.com/netreconlab/ParseCertificateAuthority) by doing the following:
```swift
do {
let user = User.current // Some user type that conforms to `ParseUser`.
var installation = Installation.current
let (certificate, rootCertificate) = try await installation.getCertificates(user)
if installation.certificate != certificate || installation.rootCertificate != rootCertificate {
installation.certificate = certificate
installation.rootCertificate = rootCertificate
try await installation.save()
// Notify the user their object has been updated with the certificates
}
} catch {
// Handle error
}
```
## Requesting a New Certificate Be Generated for an Existing CSR
Creating a new certificate for a CSR can be useful when a certificate has expired. To generage a new certificate, do the following:
```swift
do {
let user = User.current // Some user type that conforms to `ParseUser`.
var installation = Installation.current
let (certificate, rootCertificate) = try await installation.requestNewCertificates(user)
guard let certificate = certificate,
let rootCertificate = rootCertificate else {
let error = ParseError(code: .otherCause,
message: "Could not get new certificates")
return
}
installation.certificate = certificate
installation.rootCertificate = rootCertificate
try await installation.save()
// Notify the user their object has been updated with the certificates
} catch {
// Handle error
}
```