A framework for the JOSE standards JWS, JWE, and JWK written in Swift.

Last update: May 12, 2022

JOSESwift


JOSESwift is a modular and extensible framework for the JOSE standards JWS, JWE, and JWK written in Swift.

CircleCI

πŸ’‘ Please note that this implementation of the JOSE standards is not fully complete yet. For example, there is only a limited set of supported algorithms available at the moment. Moreover we currently only support compact serialization of JOSE types. If you are missing a specific feature, algorithm, or serialization, feel free to submit a pull request.

Contents

Features

  • JWS: Digitally signing and verifying arbitrary data using the JWS standard.
  • JWE: Encrypting and decrypting arbitrary data using the JWE standard.
  • JWK: Encoding and decoding cryptographic keys.

If you are missing a specific feature, algorithm, or serialization, feel free to submit a pull request.

Cryptographic Algorithms

πŸ” JWS πŸ” JWE πŸ”‘ JWK
Digital Signatures and MACs Key Management Content Encryption Keys
HS256 βœ… RSA1_5 βœ… A128CBC-HS256 βœ… RSA βœ…
HS384 βœ… RSA-OAEP βœ… A192CBC-HS384 EC βœ…
HS512 βœ… RSA-OAEP-256 βœ… A256CBC-HS512 βœ… oct βœ…
RS256 βœ… A128KW βœ… A128GCM
RS384 βœ… A192KW βœ… A192GCM
RS512 βœ… A256KW βœ… A256GCM
ES256 βœ… dir βœ…
ES384 βœ… ECDH-ES
ES512 βœ… ECDH-ES+A128KW
PS256 βœ… ECDH-ES+A192KW
PS384 βœ… ECDH-ES+A256KW
PS512 βœ… A128GCMKW
A192GCMKW
A256GCMKW
PBES2-HS256+A128KW
PBES2-HS384+A192KW
PBES2-HS512+A256KW

Serializations

For interchangeability JOSESwift currently supports compact serialization for JWS and for JWE.

Compact Serialization JSON Serialization
βœ…

Compression Algorithms

JOSESwift supports the DEFLATE compression algorithm for JWE.

Installation

JOSESwift integrates nicely into your iOS and macOS projects. We support the following package managers:

CocoaPods

To integrate JOSESwift into your Xcode project, include it in your Podfile:

source 'https://github.com/CocoaPods/Specs.git'
platform :ios, '10.0'
use_frameworks!

target '<Your Target Name>' do
    pod 'JOSESwift', '~> 2.3'
end

Then install it by running pod install. More documentation on using CocoaPods can be found here.

Carthage

To integrate JOSESwift in your Xcode project, include it in your Cartfile:

github "airsidemobile/JOSESwift" ~> 2.3

Then build it by running carthage update and drag the built framework into your Xcode project. More documentation on using Carthage can be found here.

Swift Package Manager

To integrate JOSESwift in your Xcode project as a Swift package, follow Apple's article on how to add package dependencies to your app.

Alternatively, when using Swift Package Manager manually include the following dependency in your Package.swift file. See Apple's documentation for more details on specifying dependency version requirements.

.package(url: "https://github.com/airsidemobile/JOSESwift.git", from: "2.3.0")

Usage

JOSESwift covers three functional aspects:

  1. JWS: Digital Signatures
  2. JWE: Encryption and Decryption
  3. JWK: Representing Keys

JWS: Digital Signatures

A JWS encapsulates and secures data using a digital signature which can be verified by the receiver of the JWS.

Signing Data

In order to construct a JWS we need to provide the following parts:

  1. Header
  2. Payload
  3. Signer
Header
let header = JWSHeader(algorithm: .RS512)

Optionally you can set addtitional parameters:

header.kid = "2018-10-08"

header.typ = "JWS"
Payload
let message = "Summer β›±, Sun β˜€οΈ, Cactus 🌡".data(using: .utf8)!

let payload = Payload(message)
Signer

The signer algorithm must match the header algorithm.

let privateKey: SecKey = /* ... */

let signer = Signer(signingAlgorithm: .RS512, privateKey: privateKey)!
Serializing

The JWS compact serialization is a URL-safe string that can easily be transmitted to a third party using a method of your choice.

guard let jws = try? JWS(header: header, payload: payload, signer: signer) else { ... }

print(jws.compactSerializedString) // ey (...) J9.U3 (...) LU.na (...) 1A

More details about constructing a JWS can be found in the wiki.

Verifying Data

let publicKey: SecKey = /* ... */

let serialization = "ey (..) n0.HK (..) pQ.yS (..) PA.AK (..) Jx.hB (..) 7w"
do {
    let jws = try JWS(compactSerialization: serialization)
    let verifier = Verifier(verifyingAlgorithm: .RS512, publicKey: publicKey)!
    let payload = try jws.validate(using: verifier).payload
    let message = String(data: payload.data(), encoding: .utf8)!

    print(message) // Summer β›±, Sun β˜€οΈ, Cactus 🌡
}

More details about verifying an existing, serialized JWS can be found in the wiki.


JWE: Encryption and Decryption

A JWE encapsulates and secures data by encrypting it. It can be decrypted by the receiver of the JWE.

Encrypting Data

In order to construct a JWE we need to provide the following parts:

  1. Header
  2. Payload
  3. Encrypter
Header
let header = JWEHeader(keyManagementAlgorithm: .RSA1_5, contentEncryptionAlgorithm: .A256CBCHS512)

Optionally you can set addtitional parameters:

header.kid = "2018-10-08"

header.typ = "JWE"
Payload
let message = "Summer β›±, Sun β˜€οΈ, Cactus 🌡".data(using: .utf8)!

let payload = Payload(message)
Encrypter

The encrypter algorithms must match the header algorithms.

let publicKey: SecKey = /* ... */

let encrypter = Encrypter(keyManagementAlgorithm: .RSA1_5, contentEncryptionAlgorithm: .A256CBCHS512, encryptionKey: publicKey)!

Note that the type of the provided encryption key must match the specified key management algorithm as shown in the following table.

Key Management Algorithm Encryption Key Type
RSA1_5 SecKey
RSAOAEP SecKey
RSAOAEP256 SecKey
A128KW Data
A192KW Data
A256KW Data
direct Data
Serialization

The JWE compact serialization is a URL-safe string that can easily be transmitted to a third party using a method of your choice.

guard let jwe = try? JWE(header: header, payload: payload, encrypter: encrypter) else { ... }

print(jwe.compactSerializedString) // ey (..) n0.HK (..) pQ.yS (..) PA.AK (..) Jx.hB (..) 7w

More details about constructing a JWE can be found in the wiki.

Decrypting Data

let privateKey: SecKey = /* ... */

let serialization = "ey (..) n0.HK (..) pQ.yS (..) PA.AK (..) Jx.hB (..) 7w"
do {
    let jwe = try JWE(compactSerialization: serialization)
    let decrypter = Decrypter(keyManagementAlgorithm: .RSA1_5, contentEncryptionAlgorithm: .A256CBCHS512, decryptionKey: privateKey)!
    let payload = try jwe.decrypt(using: decrypter)
    let message = String(data: payload.data(), encoding: .utf8)!

    print(message) // Summer β›±, Sun β˜€οΈ, Cactus 🌡
}

More details about decrypting an existing, serialized JWE can be found in the wiki.

Note that the type of the provided decryption key must match the specified key management algorithm as shown in the following table.

Key Management Algorithm Decryption Key Type
RSA1_5 SecKey
RSAOAEP SecKey
RSAOAEP256 SecKey
A128KW Data
A192KW Data
A256KW Data
direct Data

JWK: Representing Keys

A JWK is a JSON data structure that represents a cryptographic key. You could use it, for instance, as the payload of a JWS or a JWE to transmit your public key to a server.

Encoding RSA Public Keys

let publicKey: SecKey = /* ... */

let jwk = try! RSAPublicKey(publicKey: publicKey)

let json = jwk.jsonString()! // {"kty":"RSA","n":"MHZ4L...uS2d3","e":"QVFBQg"}

More details about encoding RSA public keys can be found in the wiki.

Decoding RSA Public Keys

let json: Data = /* ... */

let jwk = try! RSAPublicKey(data: json)

let publicKey: SecKey = try! jwk.converted(to: SecKey.self)

More details about decoding RSA public keys can be found in the wiki.

⚠️ We currently ignore the key parameters "key_ops" and "x5c" when decoding. This is due to a bug in our decoding implementation. See #117 for details.

Security

JOSESwift uses Apple's Security framework and Apple’s CommonCrypto for cryptography.

For security disclosures or related matters, please contact [email protected].

See our security policy for more information.

Contributing

Contributions to the project are encouraged and more than welcome. πŸ€“

If you want to contribute, please submit a pull request. For feature requests, discussions, or bug reports, just open an issue.

See our contributing guidelines for more information.

Resources

You can find detailed information about the relevant JOSE standards in the respective RFCs:

Don’t forget to check our our wiki for more detailed documentation.

Contact

Feel free to contact the project maintainers at [email protected].

Credits

JOSESwift is maintained by Airside Mobile.

Project Authors and Maintainers

@carol-mohemian, @daniel-mohemian, @gigi-mohemian

Reviewers

@haeser, @michael-mohemian

Logo

The logo was designed by Ivan Leuzzi.

Thanks

To the following projects, which served us as reference and inspiration during development:

License

JOSESwift is licensed under the Apache License 2.0. See LICENSE for details.

GitHub

https://github.com/airsidemobile/JOSESwift
Comments
  • 1. Add Elliptic Curve variants for JWS and JWK utilities

    Hello Airside/Mohemian team,

    I needed EC algorithms for signing/verifying JWTs, and for decoding/encoding JWKs, so I thought it prudent to fork JOSESwift. The functionality for JWS and JWK should be complete and working, but I've yet to mirror your comprehensive test suite for RSA to the EC domain. I will be doing so over the coming weeks πŸ™‚

    Anecdotally, JWK decoding/encoding and JWS verification are working for ES256 public keys for the project I'm working on.

    This is a WIP, tell me if there's any issues with it. It would be good to see this eventually hit upstream so we can retarget to master.

    Cheers,

    Jarrod

    Reviewed by jarrodmoldrich at 2018-07-06 04:19
  • 2. WIP: Add RSAES-OAEP support

    Still working on it guys. Will also add tests but would be nice to get a quick review.

    Wondering about the Encrypter.swift and Decrypter.swift changes. If something else is needed there, can you point me to some documentation?

    Thanks

    Reviewed by garrefa at 2018-07-18 13:14
  • 3. RFC: A256-GCM

    Hey guys. Ill be working in closing the RSAES-OAEP PR today. Wanted to open this request for comments in order for us to start discussing what would be the best approach to add support to A256-GCM, Ill be offline tomorrow, flying to Brazil and would be nice if I have some ideas to read during the weekend. ;)

    Reviewed by garrefa at 2018-08-23 08:36
  • 4. JWS Signing with Secure Enclave keys

    Hello,

    I've tried to sign JWS ES256 with a key generated from the Secure Enclave (kSecAttrTokenID = kSecAttrTokenIDSecureEnclave).

    The signing fails inside EC.swift -> let status = SecKeyRawVerify(publicKey, .sigRaw, digest, digest.count, signatureBytes, curveType.signatureOctetLength).

    I've also tried changing the code a bit, with: SecKeyCreateSignature(privateKey, .ecdsaSignatureMessageX962SHA256, test as CFData, &error) instead. The signing passes, but the JWS is invalid.

    Do you have any suggestions regarding this issue?

    Thanks, Martin

    Reviewed by martinmitrevski at 2019-05-22 08:49
  • 5. Add asymmetric key algorithm RSA-OAEP-256 support

    Description

    • Added a more secure asymmetric key algorithm to support industry standard encryption: RSA-OAEP-256. RSA1_5 is deprecated and not recommended for use in securing sensitive data.
    • Documented all changes and provided external links to RFC pages.
    • Added a few helper methods to provide easier testing coverage.
    • refactored encryption and decryption unit tests to allow for future growth by allowing a developer to iterate over all the AsymmetricKeyAlgorithm enum cases.

    Incremented version number to 1.4.1

    Example Use (Swift String extension methods)

    JWE Encryption using an RSA public key

    func encrypt(with publicKey: SecKey) -> String? {
        let header = JWEHeader(algorithm: AsymmetricKeyAlgorithm.RSAOAEP256, encryptionAlgorithm: SymmetricKeyAlgorithm.A256CBCHS512)
    
        guard
            let messageData = self.data(using: String.Encoding.utf8),
            let encrypter = Encrypter(keyEncryptionAlgorithm: AsymmetricKeyAlgorithm.RSAOAEP256, encryptionKey: publicKey, contentEncyptionAlgorithm: SymmetricKeyAlgorithm.A256CBCHS512),
            let jwe = try? JWE(header: header, payload: Payload(messageData), encrypter: encrypter) else {
                    return nil
        }
        return jwe.compactSerializedString
    }
    

    JWE Decryption using an RSA private key

    func decrypt(privateKey: SecKey? = nil) -> String? {
        guard
            let privateKey = privateKey ?? CryptoEngineState.keyChainPrivateKey,
            let decrypter = Decrypter(keyDecryptionAlgorithm: AsymmetricKeyAlgorithm.RSAOAEP256, decryptionKey: privateKey, contentDecryptionAlgorithm: SymmetricKeyAlgorithm.A256CBCHS512),
            let jwe = try? JWE(compactSerialization: self) ,
            let payload = try? jwe.decrypt(using: decrypter),
            let decrypted = String(data: payload.data(), encoding: .utf8) else {
                return nil
        }
    
        return decrypted
    }
    

    Unit Tests

    Provided full unit test coverage for the new asymmetric RSA-OAEP-256 algorithm.

    Reviewed by stulevine at 2019-01-11 20:11
  • 6. Add setters for additional JOSEHeader parameters

    Fixes #109

    Description

    Add an additional argument for the kid parameter (defaults to nil) when initializing JWEHeader. So it can be called with a kid parameter or easily without. So this is not a breaking change.

    // With kid
    JWEHeader(algorithm: .RSA1_5, encryptionAlgorithm: .A256CBCHS512, keyIdentifier: "kid")
    
    // Without kid
    JWEHeader(algorithm: .RSA1_5, encryptionAlgorithm: .A256CBCHS512)
    

    The additional parameter gets set to the internal parameter dictionary, so when reading out the value of kid the value gets returned.

    let header = JWEHeader(algorithm: .RSA1_5, encryptionAlgorithm: .A256CBCHS512, keyIdentifier: "kid")
    print(header.kid) // "kid"
    

    Tests

    I added a test for this.

    Update Documentation

    I am not quite sure how the contribution-flow should look like for editing the Wiki as I can't put the changes of the Wiki here into this PR. So, I updated the README and added the keyIdentifier parameter when initializing the JWEHeader. But, I think, an extra information in the wiki would be nice. I opened a new issue #111 with updated content for the wiki, you can then use the content from there to update the wiki.

    Reviewed by fbernutz at 2018-10-02 08:11
  • 7. Add parsed JWK header parameter

    The JWS and JWE specifications dictate that the 'jwk' header parameter should be represented as a JWK (https://tools.ietf.org/html/rfc7515#section-4.1.3 & https://tools.ietf.org/html/rfc7516#section-4.1.5). The JWK representation is a JSON dictionary, and not a string, as currently implemented by JOSESwift.

    This pull request is a suggested solution. It is also a work in progress, as the implementation of the 'jwk' header getters is sub-optimal and a better approach may be more desirable.

    This pull request also does not provide test coverage, and short-circuits some tests in benefit of successful compilation.

    Reviewed by johanfylling at 2020-10-30 09:43
  • 8. A128KW, A192KW and A256KW encryption and decryption was added

    An algorithm for symmetric JWE key (A128KW, A192KW and A256KW) encryption and decryption was added. Marius (@mtamu) is the owner of this implementation.

    Reviewed by ramunasjurgilas at 2019-09-19 10:30
  • 9. Adding claim names

    Hello,

    Is it possible to include claim names https://tools.ietf.org/html/rfc7519#section-4.1 like:

    iss (issuer): Issuer of the JWT
    sub (subject): Subject of the JWT (the user)
    aud (audience): Recipient for which the JWT is intended
    exp (expiration time): Time after which the JWT expires
    nbf (not before time): Time before which the JWT must not be accepted for processing
    iat (issued at time): Time at which the JWT was issued; can be used to determine age of the JWT
    jti (JWT ID): Unique identifier; can be used to prevent the JWT from being replayed (allows a token to be used only once)
    

    on the payload? Is there a proposed way to do this? I see that that JWSHeader contains some exposed properties.

    Thanks.

    Reviewed by netgfx at 2021-03-01 13:12
  • 10. Add support for EC256 keys that are stored inside the Secure Enclave

    This PR changes the EC crypto implemenation to use SecKeyCreateSignature and SecKeyVerfiySignature for signature creation and verification and adds the required conversions to and from BER encoded ASN.1 format for the signatures. It also introduces negative tests for EC signature verification, to detect trivial false acceptances for the signature validation. This is important because the tests for the signing also rely on the validation implementation.

    See #155 for the discussion which lead to this PR.

    Please be thorough with the iOS side of the review, since I do not have that much experience as developer for iOS.

    Reviewed by mschwaig at 2019-06-07 14:48
  • 11. [117]

    Resolves #117.

    Implemented this today throughout the day. Submitting the pull request now, so I can continue implementing feedback tomorrow at work.

    • Allows encoding and decoding of [String] JWK parameters in addition to String parameters.

    Tell me what you think!


    ⚠️ This contains two API changes in JWS.swift (major release needed):

    subscript(parameter: String) -> String?
    // becomes
    subscript(parameter: String) -> Any?
    
    let parameters: [String: String]
    // becomes
    let parameters: [String: JWKParameterType]
    
    Reviewed by dnlggr at 2018-10-24 20:00
  • 12. is A128CBC-HS256 not available currently?

    I found the closed issue (#82) in 2019 for using A128CBC-HS256.

    But I think A128CBC-HS256 is deprecated now.

    Is there any way to use A128CBC-HS256 with JOSESwift?

    Reviewed by sil-ios at 2022-05-10 23:41
  • 13. Add support for JWS unencoded detached payloads

    Summary

    Add option to skip base64url encoding of payload in JWS. This results in a compact serialization with detached payload.

    Motivation for not encoding the payload is further described in RFC-7797 JSON Web Signature (JWS) Unencoded Payload Option.

    One example use case where unencoded payload is needed is implementing JsonWebSignature2020 for JSON-LD document proofs. In this case, JWS is used as a signature, and the document itself is not embedded in the JWS. This suite takes JSON-LD document & it's proof without signature, does some steps to normalize them, computes SHA-256 digests, concatenates them and forms a JWS from this result, without using base64url encoding. Finally, resulting JWS is added to the document proof segment, without payload. Verifying end can then reproduce the steps to create the payload for JWS and verify the signature.

    Changes

    • Add "b64" header parameter support to JWSHeader to enable unencoded payload
    • Replace asJOSESigningInput() with JWSSigningInput struct, which now contains the logic for signing input, controlled by "b64" header parameter
    • Add support for initializing JWS with detached payload, to enable verification of (unencoded) detached payloads

    Caveats

    • Due to Unencoded Payload Content Restrictions, compact serialization of JWS with "b64" header parameter always yields a serialization with a detached payload. This was a choice to limit the scope of the PR to get minimum viable support for unencoded payload option.

    Remarks

    Following tests were failing for me at master (d542b31):

    • testDecryptingAliceSecretWithBobKey()
    • testDecryptingBobSecretWithAliceKey()

    These test failures are not related to changes in this PR.

    Tests

    I found it a bit difficult to find a proper home for the unit tests of the added JWS functionality, so I chose to make a new test case class, JWSUnencodedPayloadTests, which was arbitrarily inherited from ECCryptoTestCase to get the required dependencies for signing & verifying.

    I think these unit tests should be agnostic of the signature algorithm, but I couldn't find an easy way to do so without doing some bigger refactoring. If there's a simple way to mock Signer, please let me know.

    Reviewed by visav-tietoevry at 2022-04-27 13:51
  • 14. Add ECDH support for JWE Key Management

    Add EC support for JWE Key Management

    ECDH-ES - Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using Concat KDF ECDH_ES_A128KW - ECDH-ES using Concat KDF and CEK wrapped with "A128KW" ECDH_ES_A192KW - ECDH-ES using Concat KDF and CEK wrapped with "A192KW" ECDH_ES_A256KW - ECDH-ES using Concat KDF and CEK wrapped with "A256KW"

    This pull request is a continuation of #245 which has been closed a while ago due to inactivity.

    Tests have been fixed, TODOs have been resolved.

    Reviewed by anthony-dedieu-ariadnext at 2022-01-28 15:49
  • 15. Support for library evolution

    Hi, We've been using JOSESwift for some time, and we want to start precompiling to save build time. I know that this repository doesn't provide binaries, but it would still be helpful for us if this project would be guaranteed to compile with BUILD_LIBRARY_FOR_DISTRIBUTION enabled. Otherwise we might have to diverge from your fork to make it compile. In practice this probably means creating tests that compile with this flag and check that the build succeeds. The same was done in GRDB.

    Reviewed by byohay at 2022-01-03 14:50
A simple wrapper for the iOS Keychain to allow you to use it in a similar fashion to User Defaults. Written in Swift.

SwiftKeychainWrapper A simple wrapper for the iOS / tvOS Keychain to allow you to use it in a similar fashion to User Defaults. Written in Swift. Prov

Jun 25, 2022
KeyClip is yet another Keychain library written in Swift.

KeyClip KeyClip is yet another Keychain library written in Swift. Features Multi Types ( String / NSDictionary / NSData ) Error Handling Settings ( kS

Feb 2, 2022
An iOS passcode lock with TouchID authentication written in Swift.
An iOS passcode lock with TouchID authentication written in Swift.

PasscodeLock A Swift implementation of passcode lock for iOS with TouchID authentication. Installation PasscodeLock requires Swift 2.0 and Xcode 7 Car

May 4, 2022
An iOS passcode lock with TouchID authentication written in Swift.
An iOS passcode lock with TouchID authentication written in Swift.

PasscodeLock A Swift implementation of passcode lock for iOS with TouchID authentication. Originally created by @yankodimitrov, hope you're doing well

May 9, 2022
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Jun 15, 2022
Swift framework wrapping CommonCrypto's SHA256 methods.

SHA256-Swift Swift framework wrapping CommonCrypto's SHA256 methods. This is experimental. Do not use this in a production system. Installation instru

Dec 15, 2021
Framework for biometric authentication (via TouchID) in your application
Framework for biometric authentication (via TouchID) in your application

Features Requirements Communication Installation Usage Intro Biometric authentication availability Feature enabled/disabled for biometric authenticati

Apr 24, 2022
A privacy-focused app using Apple's soon-to-be-released contact tracing framework.
A privacy-focused app using Apple's soon-to-be-released contact tracing framework.

A privacy-focused app using Apple's soon-to-be-released contact tracing framework.

Jun 15, 2022
Virgil Core SDK allows developers to get up and running with Virgil Cards Service API quickly and add end-to-end security to their new or existing digital solutions to become HIPAA and GDPR compliant and more.
Virgil Core SDK allows developers to get up and running with Virgil Cards Service API quickly and add end-to-end security to their new or existing digital solutions to become HIPAA and GDPR compliant and more.

Virgil Core SDK Objective-C/Swift Introduction | SDK Features | Installation | Configure SDK | Usage Examples | Docs | Support Introduction Virgil Sec

Aug 11, 2021
RSA public/private key encryption, private key signing and public key verification in Swift using the Swift Package Manager. Works on iOS, macOS, and Linux (work in progress).

BlueRSA Swift cross-platform RSA wrapper library for RSA encryption and signing. Works on supported Apple platforms (using Security framework). Linux

May 31, 2022
RSA public/private key encryption, private key signing and public key verification in Swift using the Swift Package Manager. Works on iOS, macOS, and Linux (work in progress).

BlueRSA Swift cross-platform RSA wrapper library for RSA encryption and signing. Works on supported Apple platforms (using Security framework). Linux

May 31, 2022
Safe and easy to use crypto for iOS and macOS

Swift-Sodium Swift-Sodium provides a safe and easy to use interface to perform common cryptographic operations on macOS, iOS, tvOS and watchOS. It lev

Jun 15, 2022
Native and encrypted password manager for iOS and macOS.
Native and encrypted password manager for iOS and macOS.

Open Sesame Native and encrypted password manager for iOS and macOS. What is it? OpenSesame is a free and powerful password manager that lets you mana

Jun 26, 2022
PGPro can encrypt and decrypt messages as well as manage all your OpenPGP keys. It is free, simple and lightweight. Everything stays on your device. PGPro is made in Switzerland.
PGPro can encrypt and decrypt messages as well as manage all your OpenPGP keys. It is free, simple and lightweight. Everything stays on your device. PGPro is made in Switzerland.

PGPro can encrypt and decrypt messages as well as manage all your OpenPGP keys. It is free, simple and lightweight. Everything stays on your device. P

Jun 24, 2022
Simple, secure password and data management for individuals and teams

Padloc Simple, secure password and data management for individuals and teams (formerly known as Padlock). This repo is split into multiple packages: P

Jun 20, 2022
A wrapper to make it really easy to deal with iOS, macOS, watchOS and Linux Keychain and store your user's credentials securely.

A wrapper (written only in Swift) to make it really easy to deal with iOS, macOS, watchOS and Linux Keychain and store your user's credentials securely.

Mar 29, 2022
CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift
CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift

CryptoSwift Crypto related functions and helpers for Swift implemented in Swift. (#PureSwift) Note: The master branch follows the latest currently rel

Jun 20, 2022
CCCryptor (AES encryption) wrappers for iOS and Mac in Swift. -- For ObjC, see RNCryptor/RNCryptor-objc

RNCryptor Cross-language AES Encryptor/Decryptor data format. The primary targets are Swift and Objective-C, but implementations are available in C, C

Jun 25, 2022
Simple and secure hashing in Swift with the SipHash algorithm

SipHash ⚠️ WARNING This package has been obsoleted by the Hasher type and the Hashable.hash(into:) requirement introduced in Swift 4.2. Using this pac

Apr 13, 2022