### Swift Package Dependency for libtor Source: https://docs.21.dev/data/documentation/openssl/choosinglibcryptovsopenssl Example of how a Swift package (`swift-tor`) can depend on `libcrypto` and `libssl` products from the `swift-openssl` package. This is common for C-based projects that need to link against a specific OpenSSL version. ```swift dependencies: [ .package(url: "https://github.com/21-DOT-DEV/swift-openssl.git", branch: "main"), .package(url: "https://github.com/21-DOT-DEV/swift-event.git", branch: "main"), ], targets: [ .target( name: "libtor", dependencies: [ .product(name: "libcrypto", package: "swift-openssl"), .product(name: "libssl", package: "swift-openssl"), .product(name: "libevent", package: "swift-event"), ], // ... ), ], ``` -------------------------------- ### SHA-256 Hashing and Runtime Version Source: https://docs.21.dev/data/documentation/openssl Demonstrates how to compute a SHA-256 hash for a string and retrieve the OpenSSL runtime version. Ensure the OpenSSL module is imported. ```swift let digest = SHA256.hash(string: "Hello, World!") print(digest.hexString) // dffd6021bb2bd5b0af676290809ec3a53191dd81c7f70a4b28688a362182986f print(SSL.versionString) // OpenSSL 3.6.2 ... ``` -------------------------------- ### Parse RSA Keys from PEM Format Source: https://docs.21.dev/data/documentation/openssl/gettingstarted This snippet demonstrates parsing RSA keys from PEM format. Note that signing and verification functionalities are not yet implemented in this MVP. Use `pemData` to round-trip the original bytes. ```swift ``` -------------------------------- ### OpenSSL Package Swift Products Source: https://docs.21.dev/data/documentation/openssl/choosinglibcryptovsopenssl Defines the three public library products available in the OpenSSL Swift package. Note the warning about API stability for pre-1.0 versions. ```swift products: [ // WARNING: These APIs should not be considered stable and may change at any time. .library(name: "libcrypto", targets: ["libcrypto"]), .library(name: "libssl", targets: ["libssl"]), .library(name: "OpenSSL", targets: ["OpenSSL"]) ], ``` -------------------------------- ### Audit Runtime OpenSSL Version Source: https://docs.21.dev/data/documentation/openssl/securityconsiderations Use `SSL.versionString` to report the statically compiled OpenSSL version at runtime. This is crucial for cross-referencing against OpenSSL security advisories before release builds. Run this check in a release-gate CI step to fail builds if the version is below the minimum acceptable patch level. ```swift import OpenSSL print(SSL.versionString) // OpenSSL 3.6.2 ... ``` -------------------------------- ### Add swift-openssl Package Dependency Source: https://docs.21.dev/data/documentation/openssl/gettingstarted Add the swift-openssl package as a Swift Package Manager dependency. Pin an exact version to avoid breaking changes due to the package being pre-1.0. ```swift .package(url: "https://github.com/21-DOT-DEV/swift-openssl.git", exact: "0.1.0"), ``` ```swift .target(name: "", dependencies: [ .product(name: "OpenSSL", package: "swift-openssl"), ]), ``` -------------------------------- ### Encode Data to Base64URL Source: https://docs.21.dev/data/documentation/openssl/gettingstarted Encode data into a Base64URL string using the `encode(_:)` method. This method never produces '+', '/', or '=', ensuring URL-safe output. ```swift let encoded = Base64URL.encode(data) print(encoded) // "a3a59327f7c30530341741334939764204152242271924128380000000000000" ``` -------------------------------- ### SHA256Digest Structure Source: https://docs.21.dev/data/documentation/openssl/sha256/sha256digest The SHA256Digest structure is a fixed-size wrapper for 32 bytes (256 bits) of SHA-256 hash output. It is typically generated by the `hash(data:)` or `hash(string:)` methods on the SHA256 type. Direct initialization using `init(rawValue:)` is less common but available for round-tripping digest values. ```APIDOC ## SHA256Digest ### Description A fixed-size SHA-256 digest produced by [`hash(data:)`](/documentation/OpenSSL/SHA256/hash(data:)) or [`hash(string:)`](/documentation/OpenSSL/SHA256/hash(string:)). ### Structure Definition ```swift struct SHA256Digest ``` ### Overview A `SHA256Digest` wraps exactly 32 raw bytes (256 bits) — the output length fixed by [FIPS PUB 180-4](https://csrc.nist.gov/publications/detail/fips/180/4/final) and carried verbatim from `SHA256_Final`’s `md` buffer. The byte order matches the C routine: index 0 holds the most significant output byte, index 31 the least, matching every published test vector (RFC 6234, NIST CAVP). Instances are typically produced by the `static` `hash(_:)` family on [`SHA256`](/documentation/OpenSSL/SHA256). Callers rarely need [`init(rawValue:)`](/documentation/OpenSSL/SHA256/SHA256Digest/init(rawValue:)) directly, but it exists for round-tripping a stored digest (e.g. one that was base64-decoded from a Nostr event ID) back into a typed value. Digests are value types: equality is bytewise, and `Sendable` conformance allows safe sharing across concurrency domains. > Note: `Equatable` on this type defers to `Data`’s built-in equality, which is **not** constant-time. Do not compare secret-derived digests with `==` on a side-channel-sensitive path; use a constant-time comparison primitive from your HMAC or AEAD layer instead. See . > SeeAlso: ``doc://OpenSSL/documentation/OpenSSL/SHA256/hash(data:)``, ``doc://OpenSSL/documentation/OpenSSL/SHA256/hash(string:)``, ``doc://OpenSSL/documentation/OpenSSL/SHA256/SHA256Digest/hexString`` ``` -------------------------------- ### SHA256 Hashing Source: https://docs.21.dev/data/documentation/openssl/sha256 The SHA256 enum provides static methods for hashing data. The primary entry points are `hash(data:)` and `hash(string:)`, both returning a SHA256Digest. ```APIDOC ## SHA256 Hashing ### Description Provides static methods for hashing data using the SHA-256 algorithm. The namespace is caseless and cannot be instantiated. ### Methods - `hash(data:)` - `hash(string:)` ### Returns - `SHA256Digest`: The resulting SHA-256 hash. ### See Also - `SHA256.SHA256Digest` ``` -------------------------------- ### Compute SHA-256 Digest from String Source: https://docs.21.dev/data/documentation/openssl/gettingstarted Use the `hash(string:)` method to compute the SHA-256 digest for UTF-8 strings. Be aware that Unicode normalization differences can alter the resulting digest. ```swift let digest = try SHA256.hash(string: "hello world") print(digest.hexString) // "b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9" ``` -------------------------------- ### Compute SHA-256 Digest from Data Source: https://docs.21.dev/data/documentation/openssl/gettingstarted Use the `hash(data:)` method to compute the SHA-256 digest for arbitrary bytes. This method is byte-exact and aligns with RFC 6234 test vectors. ```swift let digest = try SHA256.hash(data: data) print(digest.hexString) // "a3a59327f7c30530341741334939764204152242271924128380000000000000" ``` -------------------------------- ### RSA.PrivateKey Structure Source: https://docs.21.dev/data/documentation/openssl/rsa/privatekey Represents an RSA private key parsed from PEM text. It accepts input in PKCS#1 or PKCS#8 format and is a Sendable value type. ```APIDOC ## RSA.PrivateKey ### Description A typed container for an RSA private key parsed from PEM text. ### Overview `PrivateKey` accepts PEM input in either the traditional PKCS#1 form ([RFC 8017](https://datatracker.ietf.org/doc/html/rfc8017), `-----BEGIN RSA PRIVATE KEY-----`) or the PKCS#8 form ([RFC 5958](https://datatracker.ietf.org/doc/html/rfc5958), `-----BEGIN PRIVATE KEY-----`). Instances are `Sendable` value types: constructing one copies the PEM bytes into the struct, so the resulting value can be shared across actors and tasks safely. Today this type is primarily a typed wrapper for key material flowing through application code. It is produced by [`init(pemRepresentation:)`](/documentation/OpenSSL/RSA/PrivateKey/init(pemRepresentation:)) and round-tripped via [`pemData`](/documentation/OpenSSL/RSA/PrivateKey/pemData). > Warning: **Signing is not yet functional.** Key parsing validates the outer PEM frame, but `PrivateKey` cannot currently produce signatures — that path requires the OpenSSL provider layer (`OSSL_PROVIDER_load`, `EVP_PKEY_sign_init`), which is not integrated in this MVP. Any calling code that reaches `EVP_PKEY_sign` through a future API will fail until providers land. See for the complete gap list. > SeeAlso: ``doc://OpenSSL/documentation/OpenSSL/RSA/PublicKey``, ``doc://OpenSSL/documentation/OpenSSL/RSA/PrivateKey/pemData``, ``doc://OpenSSL/documentation/OpenSSL/RSA/PrivateKey/init(pemRepresentation:)`` ``` -------------------------------- ### RSA.PrivateKey Structure Definition Source: https://docs.21.dev/data/documentation/openssl/rsa/privatekey Defines the structure for a typed container of an RSA private key parsed from PEM text. ```swift struct PrivateKey ``` -------------------------------- ### Decode Base64URL String Source: https://docs.21.dev/data/documentation/openssl/gettingstarted Decode a Base64URL string into Data using the `decode(_:)` method. It accepts both padded and unpadded inputs and returns nil for malformed strings. ```swift let decoded = Base64URL.decode("a3a59327f7c30530341741334939764204152242271924128380000000000000") print(decoded! as NSData) // ``` -------------------------------- ### Base64URL Enum Declaration Source: https://docs.21.dev/data/documentation/openssl/base64url Declares the Base64URL enumeration, which serves as a namespace for URL-safe unpadded Base64 encoding operations. ```swift enum Base64URL ``` -------------------------------- ### RSA.PublicKey Structure Definition Source: https://docs.21.dev/data/documentation/openssl/rsa/publickey Defines the PublicKey structure for OpenSSL's RSA module. This structure is a typed container for RSA public keys parsed from PEM text. ```swift struct PublicKey ``` -------------------------------- ### SHA256Digest Structure Source: https://docs.21.dev/data/documentation/openssl/sha256/sha256digest Defines the structure for a SHA256 digest, which is a fixed-size 32-byte output. ```swift struct SHA256Digest ``` -------------------------------- ### OpenSSL SSL Enum Declaration Source: https://docs.21.dev/data/documentation/openssl/ssl Declares the SSL enumeration, which serves as a namespace for utility bindings. This enum is caseless and cannot be instantiated, with all members being static. ```swift enum SSL ``` -------------------------------- ### SHA256 Enum Definition Source: https://docs.21.dev/data/documentation/openssl/sha256 Defines the SHA256 namespace for the SHA-256 hashing algorithm. ```swift enum SHA256 ``` -------------------------------- ### OpenSSLError Enumeration Source: https://docs.21.dev/data/documentation/openssl/opensslerror The OpenSSLError enumeration serves as the single failure surface for the OpenSSL Swift module. Each case includes a human-readable String describing the specific failure, which is surfaced via `errorDescription` to Foundation's `LocalizedError`. ```APIDOC ## Enumeration: OpenSSLError ### Description The unified error type thrown by every `OpenSSL` Swift API. It provides a single failure surface for the module, with each case carrying a human-readable `String` describing the specific failure condition. ### Associated Values Instances are produced exclusively by the package's Swift code. Equality compares the case and the associated `String`. ### Future Cases Some cases are reserved for future API surface and are not produced by any code path shipping today. They are included to allow for non-breaking additions of corresponding operations later. - `signingFailed(_:)` - `verificationFailed(_:) - `invalidSignature(_:) ### See Also - `doc://OpenSSL/documentation/OpenSSL/RSA/PrivateKey/init(pemRepresentation:)` - `doc://OpenSSL/documentation/OpenSSL/SHA256/SHA256Digest/init(rawValue:)` - [Foundation `LocalizedError`](https://developer.apple.com/documentation/foundation/localizederror) ``` -------------------------------- ### OpenSSLError Enumeration Definition Source: https://docs.21.dev/data/documentation/openssl/opensslerror Defines the unified error type for all OpenSSL Swift APIs. Each case includes a human-readable string for error descriptions. ```swift enum OpenSSLError ``` -------------------------------- ### RSA Namespace Declaration Source: https://docs.21.dev/data/documentation/openssl/rsa Declares the RSA namespace, which groups RSA-related cryptographic types and operations within the OpenSSL framework. This is a caseless enum and cannot be instantiated. ```swift enum RSA ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.