RSA.PrivateKey

A typed container for an RSA private key parsed from PEM text.

struct PrivateKey

Mentioned In

Getting Started with OpenSSL in Swift

Overview

PrivateKey accepts PEM input in either the traditional PKCS#1 form (RFC 8017, -----BEGIN RSA PRIVATE KEY-----) or the PKCS#8 form (RFC 5958, -----BEGIN PRIVATE KEY-----). Instances are Sendable value types: constructing one copies the PEM bytes into the struct, so the resulting value can be shared across actors and tasks safely. The underlying C API that will eventually consume these values is documented in PEM_read_bio_PrivateKey(3).

Today this type is primarily a typed wrapper for key material flowing through application code. It is produced by init(pemRepresentation:) and round-tripped via pemData. Use it wherever your own APIs currently pass a String or Data blob representing a PEM private key — getting a typed value out of the system makes future signing integration a non-breaking change.

Warning

Signing is not yet functional. Key parsing validates the outer PEM frame, but PrivateKey cannot currently produce signatures — that path requires the OpenSSL provider layer (OSSL_PROVIDER_load, EVP_PKEY_sign_init), which is not integrated in this MVP. Any calling code that reaches EVP_PKEY_sign through a future API will fail until providers land. See Security Considerations for the complete gap list.

See Also

RSA.PublicKey, pemData, init(pemRepresentation:)

Topics

Initializers

init(pemRepresentation: String) throws
Parses an RSA private key from a PEM-encoded string.

Instance Properties

var pemData: Data
The original PEM bytes as supplied to init(pemRepresentation:).