Skip to main content
reference

CryptoApi

Swift wrapper for privmx.NativeCryptoApiWrapper. This class provides cryptographic functions such as key generation, encryption, and decryption, as well as signing data. It wraps the underlying C++ implementation for use in Swift.

Static Methods

create()

Creates a new `CryptoApi` instance.

public static func create(
) -> CryptoApi

TypeDescription
CryptoApi A new `CryptoApi` instance.

Methods

signData(data:privateKey:)

Signs the given data using the specified private key. This method takes raw binary data and a WIF (Wallet Import Format) private key to generate a cryptographic signature. The resulting signature can be used to verify the authenticity and integrity of the signed data.

public func signData(
data: privmx.endpoint.core.Buffer,
privateKey: std.string
) throws -> privmx.endpoint.core.Buffer

NameTypeDescription
dataprivmx.endpoint.core.BufferThe binary data to be signed, typically a message or a file.
privateKeystd.stringThe WIF private key used to sign the data.

TypeDescription
privmx.endpoint.core.Buffer The cryptographic signature as a binary buffer (`privmx.endpoint.core.Buffer`).

verifySignature(data:signature:publicKey:)

Validate a signature of data using given key.

public func verifySignature(
data: privmx.endpoint.core.Buffer,
signature: privmx.endpoint.core.Buffer,
publicKey: std.string
) throws -> Bool

NameTypeDescription
dataprivmx.endpoint.core.Bufferbuffer containing the data signature of which is being verified.
signatureprivmx.endpoint.core.Buffersignature to be verified.
publicKeystd.stringpublic ECC key in BASE58DER format used to validate data.

TypeDescription
Bool data validation result.

generateKeySymmetric()

Generates a new symmetric key (AES-256) for encryption and decryption. Symmetric encryption uses the same key for both encryption and decryption, and AES-256 is a widely adopted standard for secure encryption. This method generates a 256-bit key which can be used for encrypting sensitive data. This is typically used when you need to secure data in transit or at rest. The same key will be required to decrypt the data that was encrypted with it.

public func generateKeySymmetric(
) throws -> privmx.endpoint.core.Buffer

TypeDescription
privmx.endpoint.core.Buffer A 256-bit symmetric key as a binary buffer (`privmx.endpoint.core.Buffer`).

generatePrivateKey(randomSeed:)

Generates a new private key in WIF (Wallet Import Format). The private key can be used for various cryptographic operations such as signing data, generating public keys, and encrypting sensitive information. You can optionally provide a seed to generate a deterministic key, or omit the seed to generate a random key. Here it can be used for identifying and authorizing User (after previous adding its Public Key to PrivMX Bridge) Private keys are used in both asymmetric encryption and signing operations. This method is useful when you need a fresh key pair for a new user or system process. Private keys should be stored securely, ideally in an encrypted keystore or hardware security module (HSM).

public func generatePrivateKey(
randomSeed: std.string?
) throws -> std.string

NameTypeDescription
randomSeedstd.string?An optional seed to generate a deterministic private key. If `nil` is provided, a random key will be generated.

TypeDescription
std.string The generated private key in WIF format.

derivePrivateKey(password🧂)

Derives a private key from a given password and salt using a key derivation function. This method generates a private key based on a user-provided password and salt. The combination of the two ensures that the key is unique for each user and is always generated deterministically, and the salt prevents dictionary attacks. Useful in scenarios where users are authenticated via passwords, but cryptographic operations require a private key. By deriving the key from a password, you avoid directly storing or transferring the private key. Passwords should never be stored or transmitted in plain text. Ensure that the salt is unique and sufficiently random to prevent predictable key generation.

public func derivePrivateKey(
password: std.string,
salt: std.string
) throws -> std.string

NameTypeDescription
passwordstd.stringThe base string (usually a user password) used for deriving the key.
saltstd.stringThe salt value that makes the derived key unique, even if the same password is used by multiple users.

TypeDescription
std.string The derived private key in WIF format.

derivePublicKey(privKey:)

Derives a public key from the given private key. In public-key cryptography, a public key is derived from a private key and can be shared publicly to allow others to verify signatures or encrypt messages for the private key holder. The private key remains secret. This function is used to generate a public key for a user or system after they have generated or provided a private key. Public keys have to be registered in PrivMX Bridge for encryption or verification. This should be done via Bridge REST API.

public func derivePublicKey(
privKey: std.string
) throws -> std.string

NameTypeDescription
privKeystd.stringThe WIF private key from which the public key will be derived.

TypeDescription
std.string The derived public key in WIF format.

encryptDataSymmetric(data:symmetricKey:)

Encrypts the given data using AES-256 symmetric encryption. This method encrypts the data using the provided symmetric key. Symmetric encryption is fast and suitable for large data volumes, such as files or communication payloads. This function is used to securely store or transmit data, ensuring that only those with the correct key can decrypt and access the original content.

public func encryptDataSymmetric(
data: privmx.endpoint.core.Buffer,
symmetricKey: privmx.endpoint.core.Buffer
) throws -> privmx.endpoint.core.Buffer

NameTypeDescription
dataprivmx.endpoint.core.BufferThe data to be encrypted.
symmetricKeyprivmx.endpoint.core.BufferThe 256-bit key used for encryption (must be the same key used for decryption).

TypeDescription
privmx.endpoint.core.Buffer The encrypted data as a binary buffer.

decryptDataSymmetric(data:symmetricKey:)

Decrypts the given data using AES-256 symmetric encryption. This method decrypts data that was previously encrypted using the same symmetric key. If the correct key is not provided, the decryption will fail, resulting in corrupted or unreadable data. Decryption is used to retrieve the original content that was securely encrypted, ensuring the data’s confidentiality and integrity.

public func decryptDataSymmetric(
data: privmx.endpoint.core.Buffer,
symmetricKey: privmx.endpoint.core.Buffer
) throws -> privmx.endpoint.core.Buffer

NameTypeDescription
dataprivmx.endpoint.core.BufferThe encrypted data to be decrypted.
symmetricKeyprivmx.endpoint.core.BufferThe 256-bit key that was used for encryption (must match the key used during encryption).

TypeDescription
privmx.endpoint.core.Buffer The decrypted data as a binary buffer.

convertPEMKeyToWIFKey(pemKey:)

Converts a PEM-formatted key to WIF (Wallet Import Format). This function converts keys that are in the PEM format, commonly used in SSL certificates and other cryptographic contexts, to WIF format, which is more commonly used in wallet and blockchain-based systems. Useful when migrating keys from a PEM-based system to a WIF-compatible system, such as moving from an SSL-based infrastructure to a blockchain-based system.

public func convertPEMKeyToWIFKey(
pemKey: std.string
)throws -> std.string

NameTypeDescription
pemKeystd.stringThe key in PEM format to be converted.

TypeDescription
std.string The converted key in WIF format.