A framework for the JOSE standards JWS, JWE, and JWK written in Swift.

Overview

JOSESwift


JOSESwift is a modular and extensible framework for the JOSE standards JWS, JWE, and JWK written in Swift.

CircleCI

๐Ÿ’ก Please note that this implementation of the JOSE standards is not fully complete yet. For example, there is only a limited set of supported algorithms available at the moment. Moreover we currently only support compact serialization of JOSE types. If you are missing a specific feature, algorithm, or serialization, feel free to submit a pull request.

Contents

Features

  • JWS: Digitally signing and verifying arbitrary data using the JWS standard.
  • JWE: Encrypting and decrypting arbitrary data using the JWE standard.
  • JWK: Encoding and decoding cryptographic keys.

If you are missing a specific feature, algorithm, or serialization, feel free to submit a pull request.

Cryptographic Algorithms

๐Ÿ” JWS ๐Ÿ” JWE ๐Ÿ”‘ JWK
Digital Signatures and MACs Key Management Content Encryption Keys
HS256 โœ… RSA1_5 โœ… A128CBC-HS256 โœ… RSA โœ…
HS384 โœ… RSA-OAEP โœ… A192CBC-HS384 EC โœ…
HS512 โœ… RSA-OAEP-256 โœ… A256CBC-HS512 โœ… oct โœ…
RS256 โœ… A128KW โœ… A128GCM
RS384 โœ… A192KW โœ… A192GCM
RS512 โœ… A256KW โœ… A256GCM
ES256 โœ… dir โœ…
ES384 โœ… ECDH-ES
ES512 โœ… ECDH-ES+A128KW
PS256 โœ… ECDH-ES+A192KW
PS384 โœ… ECDH-ES+A256KW
PS512 โœ… A128GCMKW
A192GCMKW
A256GCMKW
PBES2-HS256+A128KW
PBES2-HS384+A192KW
PBES2-HS512+A256KW

Serializations

For interchangeability JOSESwift currently supports compact serialization for JWS and for JWE.

Compact Serialization JSON Serialization
โœ…

Compression Algorithms

JOSESwift supports the DEFLATE compression algorithm for JWE.

Installation

JOSESwift integrates nicely into your iOS and macOS projects. We support the following package managers:

CocoaPods

To integrate JOSESwift into your Xcode project, include it in your Podfile:

source 'https://github.com/CocoaPods/Specs.git'
platform :ios, '10.0'
use_frameworks!

target '<Your Target Name>' do
    pod 'JOSESwift', '~> 2.3'
end

Then install it by running pod install. More documentation on using CocoaPods can be found here.

Carthage

To integrate JOSESwift in your Xcode project, include it in your Cartfile:

github "airsidemobile/JOSESwift" ~> 2.3

Then build it by running carthage update and drag the built framework into your Xcode project. More documentation on using Carthage can be found here.

Swift Package Manager

To integrate JOSESwift in your Xcode project as a Swift package, follow Apple's article on how to add package dependencies to your app.

Alternatively, when using Swift Package Manager manually include the following dependency in your Package.swift file. See Apple's documentation for more details on specifying dependency version requirements.

.package(url: "https://github.com/airsidemobile/JOSESwift.git", from: "2.3.0")

Usage

JOSESwift covers three functional aspects:

  1. JWS: Digital Signatures
  2. JWE: Encryption and Decryption
  3. JWK: Representing Keys

JWS: Digital Signatures

A JWS encapsulates and secures data using a digital signature which can be verified by the receiver of the JWS.

Signing Data

In order to construct a JWS we need to provide the following parts:

  1. Header
  2. Payload
  3. Signer
Header
let header = JWSHeader(algorithm: .RS512)

Optionally you can set addtitional parameters:

header.kid = "2018-10-08"

header.typ = "JWS"
Payload
let message = "Summer โ›ฑ, Sun โ˜€๏ธ, Cactus ๐ŸŒต".data(using: .utf8)!

let payload = Payload(message)
Signer

The signer algorithm must match the header algorithm.

let privateKey: SecKey = /* ... */

let signer = Signer(signingAlgorithm: .RS512, privateKey: privateKey)!
Serializing

The JWS compact serialization is a URL-safe string that can easily be transmitted to a third party using a method of your choice.

guard let jws = try? JWS(header: header, payload: payload, signer: signer) else { ... }

print(jws.compactSerializedString) // ey (...) J9.U3 (...) LU.na (...) 1A

More details about constructing a JWS can be found in the wiki.

Verifying Data

let publicKey: SecKey = /* ... */

let serialization = "ey (..) n0.HK (..) pQ.yS (..) PA.AK (..) Jx.hB (..) 7w"
do {
    let jws = try JWS(compactSerialization: serialization)
    let verifier = Verifier(verifyingAlgorithm: .RS512, publicKey: publicKey)!
    let payload = try jws.validate(using: verifier).payload
    let message = String(data: payload.data(), encoding: .utf8)!

    print(message) // Summer โ›ฑ, Sun โ˜€๏ธ, Cactus ๐ŸŒต
}

More details about verifying an existing, serialized JWS can be found in the wiki.


JWE: Encryption and Decryption

A JWE encapsulates and secures data by encrypting it. It can be decrypted by the receiver of the JWE.

Encrypting Data

In order to construct a JWE we need to provide the following parts:

  1. Header
  2. Payload
  3. Encrypter
Header
let header = JWEHeader(keyManagementAlgorithm: .RSA1_5, contentEncryptionAlgorithm: .A256CBCHS512)

Optionally you can set addtitional parameters:

header.kid = "2018-10-08"

header.typ = "JWE"
Payload
let message = "Summer โ›ฑ, Sun โ˜€๏ธ, Cactus ๐ŸŒต".data(using: .utf8)!

let payload = Payload(message)
Encrypter

The encrypter algorithms must match the header algorithms.

let publicKey: SecKey = /* ... */

let encrypter = Encrypter(keyManagementAlgorithm: .RSA1_5, contentEncryptionAlgorithm: .A256CBCHS512, encryptionKey: publicKey)!

Note that the type of the provided encryption key must match the specified key management algorithm as shown in the following table.

Key Management Algorithm Encryption Key Type
RSA1_5 SecKey
RSAOAEP SecKey
RSAOAEP256 SecKey
A128KW Data
A192KW Data
A256KW Data
direct Data
Serialization

The JWE compact serialization is a URL-safe string that can easily be transmitted to a third party using a method of your choice.

guard let jwe = try? JWE(header: header, payload: payload, encrypter: encrypter) else { ... }

print(jwe.compactSerializedString) // ey (..) n0.HK (..) pQ.yS (..) PA.AK (..) Jx.hB (..) 7w

More details about constructing a JWE can be found in the wiki.

Decrypting Data

let privateKey: SecKey = /* ... */

let serialization = "ey (..) n0.HK (..) pQ.yS (..) PA.AK (..) Jx.hB (..) 7w"
do {
    let jwe = try JWE(compactSerialization: serialization)
    let decrypter = Decrypter(keyManagementAlgorithm: .RSA1_5, contentEncryptionAlgorithm: .A256CBCHS512, decryptionKey: privateKey)!
    let payload = try jwe.decrypt(using: decrypter)
    let message = String(data: payload.data(), encoding: .utf8)!

    print(message) // Summer โ›ฑ, Sun โ˜€๏ธ, Cactus ๐ŸŒต
}

More details about decrypting an existing, serialized JWE can be found in the wiki.

Note that the type of the provided decryption key must match the specified key management algorithm as shown in the following table.

Key Management Algorithm Decryption Key Type
RSA1_5 SecKey
RSAOAEP SecKey
RSAOAEP256 SecKey
A128KW Data
A192KW Data
A256KW Data
direct Data

JWK: Representing Keys

A JWK is a JSON data structure that represents a cryptographic key. You could use it, for instance, as the payload of a JWS or a JWE to transmit your public key to a server.

Encoding RSA Public Keys

let publicKey: SecKey = /* ... */

let jwk = try! RSAPublicKey(publicKey: publicKey)

let json = jwk.jsonString()! // {"kty":"RSA","n":"MHZ4L...uS2d3","e":"QVFBQg"}

More details about encoding RSA public keys can be found in the wiki.

Decoding RSA Public Keys

let json: Data = /* ... */

let jwk = try! RSAPublicKey(data: json)

let publicKey: SecKey = try! jwk.converted(to: SecKey.self)

More details about decoding RSA public keys can be found in the wiki.

โš ๏ธ We currently ignore the key parameters "key_ops" and "x5c" when decoding. This is due to a bug in our decoding implementation. See #117 for details.

Security

JOSESwift uses Apple's Security framework and Appleโ€™s CommonCrypto for cryptography.

For security disclosures or related matters, please contact [email protected].

See our security policy for more information.

Contributing

Contributions to the project are encouraged and more than welcome. ๐Ÿค“

If you want to contribute, please submit a pull request. For feature requests, discussions, or bug reports, just open an issue.

See our contributing guidelines for more information.

Resources

You can find detailed information about the relevant JOSE standards in the respective RFCs:

Donโ€™t forget to check our our wiki for more detailed documentation.

Contact

Feel free to contact the project maintainers at [email protected].

Credits

JOSESwift is maintained by Airside Mobile.

Project Authors and Maintainers

@carol-mohemian, @daniel-mohemian, @gigi-mohemian

Reviewers

@haeser, @michael-mohemian

Logo

The logo was designed by Ivan Leuzzi.

Thanks

To the following projects, which served us as reference and inspiration during development:

License

JOSESwift is licensed under the Apache License 2.0. See LICENSE for details.

Comments
  • Add Elliptic Curve variants for JWS and JWK utilities

    Add Elliptic Curve variants for JWS and JWK utilities

    Hello Airside/Mohemian team,

    I needed EC algorithms for signing/verifying JWTs, and for decoding/encoding JWKs, so I thought it prudent to fork JOSESwift. The functionality for JWS and JWK should be complete and working, but I've yet to mirror your comprehensive test suite for RSA to the EC domain. I will be doing so over the coming weeks ๐Ÿ™‚

    Anecdotally, JWK decoding/encoding and JWS verification are working for ES256 public keys for the project I'm working on.

    This is a WIP, tell me if there's any issues with it. It would be good to see this eventually hit upstream so we can retarget to master.

    Cheers,

    Jarrod

    opened by jarrodmoldrich 20
  • WIP: Add RSAES-OAEP support

    WIP: Add RSAES-OAEP support

    Still working on it guys. Will also add tests but would be nice to get a quick review.

    Wondering about the Encrypter.swift and Decrypter.swift changes. If something else is needed there, can you point me to some documentation?

    Thanks

    opened by garrefa 15
  • RFC: A256-GCM

    RFC: A256-GCM

    Hey guys. Ill be working in closing the RSAES-OAEP PR today. Wanted to open this request for comments in order for us to start discussing what would be the best approach to add support to A256-GCM, Ill be offline tomorrow, flying to Brazil and would be nice if I have some ideas to read during the weekend. ;)

    opened by garrefa 13
  • JWS Signing with Secure Enclave keys

    JWS Signing with Secure Enclave keys

    Hello,

    I've tried to sign JWS ES256 with a key generated from the Secure Enclave (kSecAttrTokenID = kSecAttrTokenIDSecureEnclave).

    The signing fails inside EC.swift -> let status = SecKeyRawVerify(publicKey, .sigRaw, digest, digest.count, signatureBytes, curveType.signatureOctetLength).

    I've also tried changing the code a bit, with: SecKeyCreateSignature(privateKey, .ecdsaSignatureMessageX962SHA256, test as CFData, &error) instead. The signing passes, but the JWS is invalid.

    Do you have any suggestions regarding this issue?

    Thanks, Martin

    bug help wanted 
    opened by martinmitrevski 10
  • Add asymmetric key algorithm RSA-OAEP-256 support

    Add asymmetric key algorithm RSA-OAEP-256 support

    Description

    • Added a more secure asymmetric key algorithm to support industry standard encryption: RSA-OAEP-256. RSA1_5 is deprecated and not recommended for use in securing sensitive data.
    • Documented all changes and provided external links to RFC pages.
    • Added a few helper methods to provide easier testing coverage.
    • refactored encryption and decryption unit tests to allow for future growth by allowing a developer to iterate over all the AsymmetricKeyAlgorithm enum cases.

    Incremented version number to 1.4.1

    Example Use (Swift String extension methods)

    JWE Encryption using an RSA public key

    func encrypt(with publicKey: SecKey) -> String? {
        let header = JWEHeader(algorithm: AsymmetricKeyAlgorithm.RSAOAEP256, encryptionAlgorithm: SymmetricKeyAlgorithm.A256CBCHS512)
    
        guard
            let messageData = self.data(using: String.Encoding.utf8),
            let encrypter = Encrypter(keyEncryptionAlgorithm: AsymmetricKeyAlgorithm.RSAOAEP256, encryptionKey: publicKey, contentEncyptionAlgorithm: SymmetricKeyAlgorithm.A256CBCHS512),
            let jwe = try? JWE(header: header, payload: Payload(messageData), encrypter: encrypter) else {
                    return nil
        }
        return jwe.compactSerializedString
    }
    

    JWE Decryption using an RSA private key

    func decrypt(privateKey: SecKey? = nil) -> String? {
        guard
            let privateKey = privateKey ?? CryptoEngineState.keyChainPrivateKey,
            let decrypter = Decrypter(keyDecryptionAlgorithm: AsymmetricKeyAlgorithm.RSAOAEP256, decryptionKey: privateKey, contentDecryptionAlgorithm: SymmetricKeyAlgorithm.A256CBCHS512),
            let jwe = try? JWE(compactSerialization: self) ,
            let payload = try? jwe.decrypt(using: decrypter),
            let decrypted = String(data: payload.data(), encoding: .utf8) else {
                return nil
        }
    
        return decrypted
    }
    

    Unit Tests

    Provided full unit test coverage for the new asymmetric RSA-OAEP-256 algorithm.

    opened by stulevine 10
  • Add setters for additional JOSEHeader parameters

    Add setters for additional JOSEHeader parameters

    Fixes #109

    Description

    Add an additional argument for the kid parameter (defaults to nil) when initializing JWEHeader. So it can be called with a kid parameter or easily without. So this is not a breaking change.

    // With kid
    JWEHeader(algorithm: .RSA1_5, encryptionAlgorithm: .A256CBCHS512, keyIdentifier: "kid")
    
    // Without kid
    JWEHeader(algorithm: .RSA1_5, encryptionAlgorithm: .A256CBCHS512)
    

    The additional parameter gets set to the internal parameter dictionary, so when reading out the value of kid the value gets returned.

    let header = JWEHeader(algorithm: .RSA1_5, encryptionAlgorithm: .A256CBCHS512, keyIdentifier: "kid")
    print(header.kid) // "kid"
    

    Tests

    I added a test for this.

    Update Documentation

    I am not quite sure how the contribution-flow should look like for editing the Wiki as I can't put the changes of the Wiki here into this PR. So, I updated the README and added the keyIdentifier parameter when initializing the JWEHeader. But, I think, an extra information in the wiki would be nice. I opened a new issue #111 with updated content for the wiki, you can then use the content from there to update the wiki.

    opened by fbernutz 10
  • Add parsed JWK header parameter

    Add parsed JWK header parameter

    The JWS and JWE specifications dictate that the 'jwk' header parameter should be represented as a JWK (https://tools.ietf.org/html/rfc7515#section-4.1.3 & https://tools.ietf.org/html/rfc7516#section-4.1.5). The JWK representation is a JSON dictionary, and not a string, as currently implemented by JOSESwift.

    This pull request is a suggested solution. It is also a work in progress, as the implementation of the 'jwk' header getters is sub-optimal and a better approach may be more desirable.

    This pull request also does not provide test coverage, and short-circuits some tests in benefit of successful compilation.

    opened by johanfylling 9
  • A128KW, A192KW and A256KW encryption and decryption was added

    A128KW, A192KW and A256KW encryption and decryption was added

    An algorithm for symmetric JWE key (A128KW, A192KW and A256KW) encryption and decryption was added. Marius (@mtamu) is the owner of this implementation.

    opened by ramunasjurgilas 8
  • Adding claim names

    Adding claim names

    Hello,

    Is it possible to include claim names https://tools.ietf.org/html/rfc7519#section-4.1 like:

    iss (issuer): Issuer of the JWT
    sub (subject): Subject of the JWT (the user)
    aud (audience): Recipient for which the JWT is intended
    exp (expiration time): Time after which the JWT expires
    nbf (not before time): Time before which the JWT must not be accepted for processing
    iat (issued at time): Time at which the JWT was issued; can be used to determine age of the JWT
    jti (JWT ID): Unique identifier; can be used to prevent the JWT from being replayed (allows a token to be used only once)
    

    on the payload? Is there a proposed way to do this? I see that that JWSHeader contains some exposed properties.

    Thanks.

    opened by netgfx 7
  • Add support for EC256 keys that are stored inside the Secure Enclave

    Add support for EC256 keys that are stored inside the Secure Enclave

    This PR changes the EC crypto implemenation to use SecKeyCreateSignature and SecKeyVerfiySignature for signature creation and verification and adds the required conversions to and from BER encoded ASN.1 format for the signatures. It also introduces negative tests for EC signature verification, to detect trivial false acceptances for the signature validation. This is important because the tests for the signing also rely on the validation implementation.

    See #155 for the discussion which lead to this PR.

    Please be thorough with the iOS side of the review, since I do not have that much experience as developer for iOS.

    opened by mschwaig 7
  • [117]

    [117]

    Resolves #117.

    Implemented this today throughout the day. Submitting the pull request now, so I can continue implementing feedback tomorrow at work.

    • Allows encoding and decoding of [String] JWK parameters in addition to String parameters.

    Tell me what you think!


    โš ๏ธ This contains two API changes in JWS.swift (major release needed):

    subscript(parameter: String) -> String?
    // becomes
    subscript(parameter: String) -> Any?
    
    let parameters: [String: String]
    // becomes
    let parameters: [String: JWKParameterType]
    
    opened by ghost 7
  • Private header parameters

    Private header parameters

    Summary

    Enable the use of private header parameters by exposing the parameters dictionary

    Private header parameters are currently not supported by JOSESwift. However, RFC-7516 describes their use. One way to support this is to publicly expose the parameters used by the JWEHeader and JWSHeader classes. This enables users of the library to extend the header classes with any custom parameters they require.

    Changes

    Makes the parameters dictionaries used by JWEHeader and JWSClasses public.

    Caveats

    There might be reasons we do not want to allow direct access and modification of the parameters variable on headers. In that case, a different implementation is needed to comply with RFC-7516. Any and all feedback is welcome.

    Tests

    The tests pass. No changes needed.

    opened by taavi224 0
  • Support for tvOS and Xcode 14.0.1

    Support for tvOS and Xcode 14.0.1

    Compilation fixes for tvOS and XCode 14.0.1

    Includes the change from https://github.com/airsidemobile/JOSESwift/pull/273, and updates for Xcode 14.0.1

    opened by mrstux 0
  • [JWE] Added support for `A256GCM` and `A128GCM`

    [JWE] Added support for `A256GCM` and `A128GCM`

    After considering the comments in #251, I've added support for content encryption using AES GCM according to JWE standard. As I've mentioned there, I increased the minimum iOS target to 13.0 because of CryptoKit.

    opened by tobihagemann 3
  • Custom Header Parameter Names

    Custom Header Parameter Names

    Currently, the header parameters are strictly defined and I couldn't find a way to extend them with custom ones.

    In JOSEHeader and its implementations, parameters can only be accessed internally so that you can't define custom parameters outside of this library.

    Would it make sense to make parameters public? Or any other idea how custom header parameter names can be accomplished?

    opened by tobihagemann 2
Releases(2.4.0)
  • 2.4.0(Apr 20, 2021)

    • Use timing safe byte comparison for AES CBC MAC checks (#259)
    • Add support for JWS HS256, HS384, and HS512 algorithms (#258)
    • Bump kramdown from 2.3.0 to 2.3.1 (#255)
    • Update SPM installation instructions (#252)
    • Automate publishing releases on GitHub (#249)
    Source code(tar.gz)
    Source code(zip)
  • 2.3.1(Dec 14, 2020)

  • 2.3.0(Nov 12, 2020)

  • 2.2.1(Jun 24, 2020)

  • 2.2.0(Jun 19, 2020)

  • 2.1.0(Feb 24, 2020)

    • Deprecated old encrypter and decrypter APIs (#216)
    • Added A128KW, A192KW, and A256KW algorithms (#211)
    • Changed internal JWE encryption and decryption flows (#210)
    • Changed CI to CircleCI (#205)
    • Dried up signing roundtrip tests (#198)
    • Added full Sonarqube analysis to pull requests (#201)
    • Updated Sonarqube lane to work with the Xcode 11 coverage report format (#193)
    Source code(tar.gz)
    Source code(zip)
  • 2.0.0(Nov 26, 2019)

    • Fixes copyright update in prepare lane (#191)
    • Updates travis build environment (#190)
    • Adds support for RSA PSS and RS384 signatures (#188)
    • Removes twitter handle from readme again (#187)
    • Removes .swift-version file (#185)
    • Adds Ivans twitter handle (#184)
    • Updates fastlane (#182)
    • Adds missing license headers and automate their yearly updates (#179)
    • Extends JOSESwift Errors with localAuthentication (#173)
    • Bumps swift version in podspec and version file (#167)
    • Bumps fastlane to resolve mini_magic dependency warning (#164)
    • Adds security policy (#159)
    • Adds simple Sonarqube setup (#158)
    Source code(tar.gz)
    Source code(zip)
  • 1.8.1(Jun 27, 2019)

    • Adds tests for conversion from ASN.1 encoded EC signatures to raw EC signatures (#160)
    • Adds support for EC256 keys that are stored inside the Secure Enclave (#156)
    • Changes swift version to Swift 5 (#154)
    • Adds pull request linting in Danger (#153)
    • Adds a SwiftLint build phase and fixes many violations (#151)
    Source code(tar.gz)
    Source code(zip)
  • 1.8.0(Mar 18, 2019)

  • 1.7.0(Feb 19, 2019)

  • 1.6.0(Jan 25, 2019)

  • 1.5.0(Jan 25, 2019)

    • Changes the way elliptic curve keys are decoded to work around #86 until #120 is merged (#137)
    • Adds a changelog (#136)
    • Changes travis to use builtin homebrew addon (#133)
    • Security: Change fastlane version to fix #129 (#130)
    • Adds support for elliptic curve algorithms for JWS and elliptic curve keys for JWK (#88)
    Source code(tar.gz)
    Source code(zip)
Owner
Airside Mobile, Inc.
Airside Mobile, Inc.
A simple wrapper for the iOS Keychain to allow you to use it in a similar fashion to User Defaults. Written in Swift.

SwiftKeychainWrapper A simple wrapper for the iOS / tvOS Keychain to allow you to use it in a similar fashion to User Defaults. Written in Swift. Prov

Jason 1.5k Dec 30, 2022
KeyClip is yet another Keychain library written in Swift.

KeyClip KeyClip is yet another Keychain library written in Swift. Features Multi Types ( String / NSDictionary / NSData ) Error Handling Settings ( kS

Shinichiro Aska 43 Nov 6, 2022
An iOS passcode lock with TouchID authentication written in Swift.

PasscodeLock A Swift implementation of passcode lock for iOS with TouchID authentication. Installation PasscodeLock requires Swift 2.0 and Xcode 7 Car

Yanko Dimitrov 679 Nov 26, 2022
An iOS passcode lock with TouchID authentication written in Swift.

PasscodeLock A Swift implementation of passcode lock for iOS with TouchID authentication. Originally created by @yankodimitrov, hope you're doing well

Serge Velikan 203 Dec 6, 2022
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Cossack Labs 1.6k Dec 30, 2022
Swift framework wrapping CommonCrypto's SHA256 methods.

SHA256-Swift Swift framework wrapping CommonCrypto's SHA256 methods. This is experimental. Do not use this in a production system. Installation instru

Cryptocoin for Swift 70 Dec 26, 2022
Framework for biometric authentication (via TouchID) in your application

Features Requirements Communication Installation Usage Intro Biometric authentication availability Feature enabled/disabled for biometric authenticati

Igor Vasilenko 29 Sep 16, 2022
A privacy-focused app using Apple's soon-to-be-released contact tracing framework.

A privacy-focused app using Apple's soon-to-be-released contact tracing framework.

Crunchy Bagel Pty Ltd 350 Oct 16, 2022
Virgil Core SDK allows developers to get up and running with Virgil Cards Service API quickly and add end-to-end security to their new or existing digital solutions to become HIPAA and GDPR compliant and more.

Virgil Core SDK Objective-C/Swift Introduction | SDK Features | Installation | Configure SDK | Usage Examples | Docs | Support Introduction Virgil Sec

Virgil Security, Inc. 27 Jul 26, 2022
RSA public/private key encryption, private key signing and public key verification in Swift using the Swift Package Manager. Works on iOS, macOS, and Linux (work in progress).

BlueRSA Swift cross-platform RSA wrapper library for RSA encryption and signing. Works on supported Apple platforms (using Security framework). Linux

Kitura 122 Dec 16, 2022
RSA public/private key encryption, private key signing and public key verification in Swift using the Swift Package Manager. Works on iOS, macOS, and Linux (work in progress).

BlueRSA Swift cross-platform RSA wrapper library for RSA encryption and signing. Works on supported Apple platforms (using Security framework). Linux

Kitura 122 Dec 16, 2022
Cloak Swift - a tool and Tuist plugin to encrypt secrets and then pass them in an obfuscated form into applications

This is Cloak Swift - a tool and Tuist plugin to encrypt secrets and then pass them in an obfuscated form into applications.

Andrew Lord 3 Nov 9, 2022
Safe and easy to use crypto for iOS and macOS

Swift-Sodium Swift-Sodium provides a safe and easy to use interface to perform common cryptographic operations on macOS, iOS, tvOS and watchOS. It lev

Frank Denis 483 Jan 5, 2023
Native and encrypted password manager for iOS and macOS.

Open Sesame Native and encrypted password manager for iOS and macOS. What is it? OpenSesame is a free and powerful password manager that lets you mana

OpenSesame 432 Jan 7, 2023
Simple, secure password and data management for individuals and teams

Padloc Simple, secure password and data management for individuals and teams (formerly known as Padlock). This repo is split into multiple packages: P

Padloc 2.1k Jan 8, 2023
PGPro can encrypt and decrypt messages as well as manage all your OpenPGP keys. It is free, simple and lightweight. Everything stays on your device. PGPro is made in Switzerland.

PGPro can encrypt and decrypt messages as well as manage all your OpenPGP keys. It is free, simple and lightweight. Everything stays on your device. P

Luca Nรคf 250 Jan 4, 2023
A wrapper to make it really easy to deal with iOS, macOS, watchOS and Linux Keychain and store your user's credentials securely.

A wrapper (written only in Swift) to make it really easy to deal with iOS, macOS, watchOS and Linux Keychain and store your user's credentials securely.

Ezequiel Aceto 2 Mar 29, 2022
CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift

CryptoSwift Crypto related functions and helpers for Swift implemented in Swift. (#PureSwift) Note: The master branch follows the latest currently rel

Marcin Krzyzanowski 9.4k Jan 5, 2023
CCCryptor (AES encryption) wrappers for iOS and Mac in Swift. -- For ObjC, see RNCryptor/RNCryptor-objc

RNCryptor Cross-language AES Encryptor/Decryptor data format. The primary targets are Swift and Objective-C, but implementations are available in C, C

null 3.3k Dec 30, 2022