SwCrypt

以 DER 格式创建公钥和私钥

let (privateKey, publicKey) = try! CC.RSA.generateKeyPair(2048)

将它们转换为 PEM 格式

let privateKeyPEM = try SwKeyConvert.PrivateKey.derToPKCS1PEM(privateKey)
let publicKeyPEM = SwKeyConvert.PublicKey.derToPKCS8PEM(publicKey)

或者从包含 PEM 数据的字符串中读取它们

let privateKeyDER = SwKeyConvert.PrivateKey.pemToPKCS1DER(privateKeyPEM)
let publicKeyDER = SwKeyConvert.PublicKey.pemToPKCS1DER(publicKeyPEM)

或者加密、解密私钥（OpenSSL 兼容）

try SwKeyConvert.PrivateKey.encryptPEM(privateKeyPEM, passphrase: "longpassword", mode: .aes256CBC)
try SwKeyConvert.PrivateKey.decryptPEM(privEncrypted, passphrase: "longpassword")

从DER格式的私钥中获取公钥

let publicKeyDER = try? CC.RSA.getPublicKeyFromPrivateKey(privateKeyDER!)

使用RSA加密和解密数据

try CC.RSA.encrypt(data, derKey: publicKey, tag: tag, padding: .oaep, digest: .sha1)
try CC.RSA.decrypt(data, derKey: privateKey, tag: tag, padding: .oaep, digest: .sha1)

使用RSA签名和验证数据

let sign = try? CC.RSA.sign(testMessage, derKey: privKey, padding: .pss, 
 digest: .sha256, saltLen: 16)
let verified = try? CC.RSA.verify(testMessage, derKey: pubKey, padding: .pss,
 digest: .sha256, saltLen: 16, signedData: sign!)

椭圆曲线函数

let keys = try? CC.EC.generateKeyPair(384)
let signed = try? CC.EC.signHash(keys!.0, hash: hash)
let verified = try? CC.EC.verifyHash(keys!.1, hash: hash, signedData: signed!)

let shared = try? CC.EC.computeSharedSecret(keys!.0, publicKey: partnerPubKey)

let privComponents = try? CC.EC.getPrivateKeyComponents(keys!.0)
let pubComponents = try? CC.EC.getPublicKeyComponents(keys!.1)

let pubKey = try? CC.EC.createFromData(keySize, x, y)
let pubKey = try? CC.EC.getPublicKeyFromPrivateKey(keys!.0)

Diffie-Hellman函数

let dh = try CC.DH.DH(dhParam: .rfc3526Group5)
let myPubKey = try dh.generateKey()
let commonKey = try dh.computeKey(partnerPubKey!)

使用对称加密算法加解密数据

try CC.crypt(.encrypt, blockMode: .cbc, algorithm: .aes, padding: .pkcs7Padding, data: data, key: aesKey, iv: iv)
try CC.crypt(.decrypt, blockMode: .cfb, algorithm: .aes, padding: .pkcs7Padding, data: data, key: aesKey, iv: iv)

使用对称认证加密算法加密解密数据

try CC.cryptAuth(.encrypt, blockMode: .gcm, algorithm: .aes, data: data, aData: aData, key: aesKey, iv: iv, tagLength: tagLength)
try CC.cryptAuth(.decrypt, blockMode: .ccm, algorithm: .aes, data: data, aData: aData, key: aesKey, iv: iv, tagLength: tagLength)

摘要函数

CC.digest(data, alg: .md5)
CC.digest(data, alg: .sha256)
CC.digest(data, alg: .sha512)

HMAC函数

CC.HMAC(data, alg: .sha512, key: key)

CMAC函数

CC.CMAC.AESCMAC(input, key: key)

CRC函数

let output = try? CC.CRC.crc(input, mode: .crc32)

密钥派生

CC.KeyDerivation.PBKDF2(password, salt: salt, prf: .sha256, rounds: 4096)

对称密钥包装

try CC.KeyWrap.SymmetricKeyWrap(CC.KeyWrap.rfc3394IV, kek: kek, rawKey: rawKey)
try CC.KeyWrap.SymmetricKeyUnwrap(CC.KeyWrap.rfc3394IV, kek: kek, wrappedKey: wrappedKey)

从密钥存储中插入、获取和删除密钥

try SwKeyStore.upsertKey(privateKeyPEM, keyTag: "priv", options: [kSecAttrAccessible:kSecAttrAccessibleWhenUnlockedThisDeviceOnly])
try SwKeyStore.getKey("priv")
try SwKeyStore.delKey("priv")

检查可用性

SwCrypt 使用 dlopen 和 dlsym 来加载 CommonCrypto 的函数，因为它们中的许多都不在公共头文件中可用。在使用它们之前，您必须检查其可用性。

let digestAvailable : Bool = CC.digestAvailable()
let ramdomAvailable : Bool = CC.randomAvailable(()
let hmacAvailable : Bool = CC.hmacAvailable()
let cryptorAvailable : Bool = CC.cryptorAvailable
let keyDerivationAvailable : Bool = CC.KeyDerivation.available()
let keyWrapAvailable : Bool = CC.KeyWrap.available()
let rsaAvailable : Bool = CC.RSA.available()
let dhAvailable : Bool = CC.DH.available()
let ecAvailable : Bool = CC.EC.available()
let crcAvailable : Bool = CC.CRC.available()
let cmacAvailable : Bool = CC.CMAC.available()
let gcmAvailable : Bool = CC.GCM.available()
let ccmAvailable : Bool = CC.CCM.available()

or all in one turn:
let ccAvailable : Bool = CC.available()

安装

只需将 SwCrypt.swift 复制到您的项目中，或者使用 Carthage 依赖项管理器。

CocoaPods

CocoaPods 是 Cocoa 项目的依赖项管理器。要使用 CocoaPods 安装 SwCrypt

1. 确保已经 安装了 CocoaPods。

2. 更新您的 Podfile 以包含以下内容

   pod 'SwCrypt'

3. 运行 pod install。

受启发于

• http://blog.flirble.org/2011/01/05/rsa-public-key-openssl-ios/
• https://github.com/lancy/RSADemo
• https://github.com/TakeScoop/SwiftyRSA
• https://github.com/henrinormak/Heimdall
• https://github.com/btnguyen2k/swift-rsautils

许可协议

本项目受 MIT 许可协议保护。