CryptoApi
Swift wrapper for privmx.NativeCryptoApiWrapper.
This class provides cryptographic functions such as key generation, encryption, and decryption, as well as signing data. It wraps the underlying C++ implementation for use in Swift.
Static Methods
create()
Creates a new `CryptoApi` instance.
public static func create(
) -> CryptoApi
| Type | Description |
|---|---|
CryptoApi | A new `CryptoApi` instance. |
Methods
signData(data:privateKey:)
Signs the given data using the specified private key. This method takes raw binary data and a WIF (Wallet Import Format) private key to generate a cryptographic signature. The resulting signature can be used to verify the authenticity and integrity of the signed data.
public func signData(
data: privmx.endpoint.core.Buffer,
privateKey: std.string
) throws -> privmx.endpoint.core.Buffer
| Name | Type | Description |
|---|---|---|
| data | privmx.endpoint.core.Buffer | The binary data to be signed, typically a message or a file. |
| privateKey | std.string | The WIF private key used to sign the data. |
| Type | Description |
|---|---|
privmx.endpoint.core.Buffer | The cryptographic signature as a binary buffer (`privmx.endpoint.core.Buffer`). |
verifySignature(data:signature:publicKey:)
Validate a signature of data using given key.
public func verifySignature(
data: privmx.endpoint.core.Buffer,
signature: privmx.endpoint.core.Buffer,
publicKey: std.string
) throws -> Bool
| Name | Type | Description |
|---|---|---|
| data | privmx.endpoint.core.Buffer | buffer containing the data signature of which is being verified. |
| signature | privmx.endpoint.core.Buffer | signature to be verified. |
| publicKey | std.string | public ECC key in BASE58DER format used to validate data. |
| Type | Description |
|---|---|
Bool | data validation result. |
generateKeySymmetric()
Generates a new symmetric key (AES-256) for encryption and decryption. Symmetric encryption uses the same key for both encryption and decryption, and AES-256 is a widely adopted standard for secure encryption. This method generates a 256-bit key which can be used for encrypting sensitive data. This is typically used when you need to secure data in transit or at rest. The same key will be required to decrypt the data that was encrypted with it.
public func generateKeySymmetric(
) throws -> privmx.endpoint.core.Buffer
| Type | Description |
|---|---|
privmx.endpoint.core.Buffer | A 256-bit symmetric key as a binary buffer (`privmx.endpoint.core.Buffer`). |
generatePrivateKey(randomSeed:)
Generates a new private key in WIF (Wallet Import Format). The private key can be used for various cryptographic operations such as signing data, generating public keys, and encrypting sensitive information. You can optionally provide a seed to generate a deterministic key, or omit the seed to generate a random key. Here it can be used for identifying and authorizing User (after previous adding its Public Key to PrivMX Bridge) Private keys are used in both asymmetric encryption and signing operations. This method is useful when you need a fresh key pair for a new user or system process. Private keys should be stored securely, ideally in an encrypted keystore or hardware security module (HSM).
public func generatePrivateKey(
randomSeed: std.string?
) throws -> std.string
| Name | Type | Description |
|---|---|---|
| randomSeed | std.string? | An optional seed to generate a deterministic private key. If `nil` is provided, a random key will be generated. |
| Type | Description |
|---|---|
std.string | The generated private key in WIF format. |
derivePrivateKey(password🧂)
Derives a private key from a given password and salt using a key derivation function. This method generates a private key based on a user-provided password and salt. The combination of the two ensures that the key is unique for each user and is always generated deterministically, and the salt prevents dictionary attacks. Useful in scenarios where users are authenticated via passwords, but cryptographic operations require a private key. By deriving the key from a password, you avoid directly storing or transferring the private key. Passwords should never be stored or transmitted in plain text. Ensure that the salt is unique and sufficiently random to prevent predictable key generation.
public func derivePrivateKey(
password: std.string,
salt: std.string
) throws -> std.string
| Name | Type | Description |
|---|---|---|
| password | std.string | The base string (usually a user password) used for deriving the key. |
| salt | std.string | The salt value that makes the derived key unique, even if the same password is used by multiple users. |
| Type | Description |
|---|---|
std.string | The derived private key in WIF format. |
derivePublicKey(privKey:)
Derives a public key from the given private key. In public-key cryptography, a public key is derived from a private key and can be shared publicly to allow others to verify signatures or encrypt messages for the private key holder. The private key remains secret. This function is used to generate a public key for a user or system after they have generated or provided a private key. Public keys have to be registered in PrivMX Bridge for encryption or verification. This should be done via Bridge REST API.
public func derivePublicKey(
privKey: std.string
) throws -> std.string
| Name | Type | Description |
|---|---|---|
| privKey | std.string | The WIF private key from which the public key will be derived. |
| Type | Description |
|---|---|
std.string | The derived public key in WIF format. |
encryptDataSymmetric(data:symmetricKey:)
Encrypts the given data using AES-256 symmetric encryption. This method encrypts the data using the provided symmetric key. Symmetric encryption is fast and suitable for large data volumes, such as files or communication payloads. This function is used to securely store or transmit data, ensuring that only those with the correct key can decrypt and access the original content.
public func encryptDataSymmetric(
data: privmx.endpoint.core.Buffer,
symmetricKey: privmx.endpoint.core.Buffer
) throws -> privmx.endpoint.core.Buffer
| Name | Type | Description |
|---|---|---|
| data | privmx.endpoint.core.Buffer | The data to be encrypted. |
| symmetricKey | privmx.endpoint.core.Buffer | The 256-bit key used for encryption (must be the same key used for decryption). |
| Type | Description |
|---|---|
privmx.endpoint.core.Buffer | The encrypted data as a binary buffer. |
decryptDataSymmetric(data:symmetricKey:)
Decrypts the given data using AES-256 symmetric encryption. This method decrypts data that was previously encrypted using the same symmetric key. If the correct key is not provided, the decryption will fail, resulting in corrupted or unreadable data. Decryption is used to retrieve the original content that was securely encrypted, ensuring the data’s confidentiality and integrity.
public func decryptDataSymmetric(
data: privmx.endpoint.core.Buffer,
symmetricKey: privmx.endpoint.core.Buffer
) throws -> privmx.endpoint.core.Buffer
| Name | Type | Description |
|---|---|---|
| data | privmx.endpoint.core.Buffer | The encrypted data to be decrypted. |
| symmetricKey | privmx.endpoint.core.Buffer | The 256-bit key that was used for encryption (must match the key used during encryption). |
| Type | Description |
|---|---|
privmx.endpoint.core.Buffer | The decrypted data as a binary buffer. |
convertPEMKeyToWIFKey(pemKey:)
Converts a PEM-formatted key to WIF (Wallet Import Format). This function converts keys that are in the PEM format, commonly used in SSL certificates and other cryptographic contexts, to WIF format, which is more commonly used in wallet and blockchain-based systems. Useful when migrating keys from a PEM-based system to a WIF-compatible system, such as moving from an SSL-based infrastructure to a blockchain-based system.
public func convertPEMKeyToWIFKey(
pemKey: std.string
)throws -> std.string
| Name | Type | Description |
|---|---|---|
| pemKey | std.string | The key in PEM format to be converted. |
| Type | Description |
|---|---|
std.string | The converted key in WIF format. |