Public key RSA encryption in Swift.
SwiftyRSA is used in the Scoop iOS app to encrypt driver license numbers before submitting them to Checkr through our API.
With Cocoapods:
pod 'SwiftyRSA'
With Carthage:
github "TakeScoop/SwiftyRSA"
The swift-2.3
branch is built out of SwiftRSA 0.4.0 and is not actively maintained. If you'd like to use the latest features of SwiftyRSA, please use swift 3.0.
pod 'SwiftyRSA', :git => '[email protected]:TakeScoop/SwiftyRSA.git', :branch => 'swift-2.3'
let publicKey = try PublicKey(pemNamed: "public")
let clear = try ClearMessage(string: "Clear Text", using: .utf8)
let encrypted = try clear.encrypted(with: publicKey, padding: .PKCS1)
// Then you can use:
let data = encrypted.data
let base64String = encrypted.base64String
let privateKey = try PrivateKey(pemNamed: "private")
let encrypted = try EncryptedMessage(base64Encoded: "AAA===")
let clear = try encrypted.decrypted(with: privateKey, padding: .PKCS1)
// Then you can use:
let data = clear.data
let base64String = clear.base64String
let string = clear.string(using: .utf8)
let publicKey = try PublicKey(derNamed: "public")
let privateKey = try PublicKey(derNamed: "private")
let publicKey = try PublicKey(pemNamed: "public")
let privateKey = try PublicKey(pemNamed: "private")
let publicKey = try PublicKey(pemEncoded: str)
let privateKey = try PrivateKey(pemEncoded: str)
let publicKey = try PublicKey(base64Encoded: base64String)
let publicKey = try PublicKey(data: data)
let str = "Clear Text"
let clear = try ClearMessage(string: str, using: .utf8)
let encrypted = try clear.encrypted(with: publicKey, padding: .PKCS1)
let data = encrypted.data
let base64String = encrypted.base64Encoded
let encrypted = try EncryptedMessage(base64Encoded: base64String)
let clear = try encrypted.decrypted(with: privateKey, padding: .PKCS1)
let data = clear.data
let base64String = clear.base64Encoded
let string = try clear.string(using: .utf8)
SwiftyRSA can sign data with a private key. SwiftyRSA will calculate a SHA digest of the supplied String
/Data
and use this to generate the digital signature.
let clear = try ClearMessage(string: "Clear Text", using: .utf8)
let signature = clear.signed(with: privateKey, digestType: .sha1)
let data = signature.data
let base64String = signature.base64String
SwiftyRSA can verify digital signatures with a public key. SwiftyRSA will calculate a digest of the supplied String
/Data
and use this to verify the digital signature.
let signature = try Signature(base64Encoded: "AAA===")
let isSuccessful = try clear.verify(with: publicKey, signature: signature, digestType: .sha1)
Use ssh-keygen
to generate a PEM public key and a PEM private key. SwiftyRSA also supports DER public keys.
$ ssh-keygen -t rsa -f ~/mykey -N ''
$ cat ~/mykey > ~/private.pem
$ ssh-keygen -f ~/mykey.pub -e -m pem > ~/public.pem
Your keys are now in ~/public.pem
and ~/private.pem
. Don't forget to move ~/mykey
and ~/mykey.pub
to a secure place.
When encrypting using a public key:
- If the key is in PEM format, get rid of meta data and convert to NSData
- Strip the ASN.1 data from the public key header (otherwise the keychain won't accept it)
- Add the public key to the app keychain, with a random tag
- Get a reference on the key using the key tag
- Convert clear text to NSData using UTF8
- Encrypt data with
SecKeyEncrypt
using the key reference - Convert the resulting data to base64 and return it
- Delete public key from keychain using tag
When decrypting using a private key:
- Get rid of PEM meta data and convert to NSData
- Add the private key to the app keychain, with a random tag
- Get a reference on the key using the key tag
- Convert encrypted text to NSData from base64 string
- Decrypt data with
SecKeyDecrypt
using the key reference - Convert the resulting data to String using UTF8
- Delete private key from keychain using tag
- http://blog.flirble.org/2011/01/05/rsa-public-key-openssl-ios/
- https://github.com/lancy/RSADemo
- https://github.com/btnguyen2k/swift-rsautils
This project is copyrighted under the MIT license. Complete license can be found here: https://github.com/TakeScoop/SwiftyRSA/blob/master/LICENSE