RSA.PublicKey

A typed container for an RSA public key parsed from PEM text.

struct PublicKey

Mentioned In

Getting Started with OpenSSL in Swift

Overview

PublicKey accepts the SubjectPublicKeyInfo (SPKI) framing used almost universally in TLS certificates and JOSE key exchanges: -----BEGIN PUBLIC KEY-----, defined by RFC 5280 §4.1.2.7 and encoded in RFC 7468 PEM form. Unlike RSA.PrivateKey, the legacy PKCS#1 -----BEGIN RSA PUBLIC KEY----- framing is not accepted; callers holding a PKCS#1 public key must convert it to SPKI first (OpenSSL CLI: openssl rsa -RSAPublicKey_in -pubout).

Typical consumers: JWT verification pipelines (after the key has been extracted from a JWK), TLS pinning layers comparing against a known SPKI, and tooling that needs to round-trip a public key through storage without mutating it. The type is Sendable, so verification pipelines can cache instances across actor boundaries.

Warning

Verification is not yet functional. Frame validation succeeds, but PublicKey cannot currently verify signatures — that path requires the OpenSSL provider layer (EVP_PKEY_verify_init), which is not integrated in this MVP. See Security Considerations for the complete gap list.

See Also

RSA.PrivateKey, pemData, init(pemRepresentation:)

Topics

Initializers

init(pemRepresentation: String) throws
Parses an RSA public key from a PEM-encoded SPKI string.

Instance Properties

var pemData: Data
The original PEM bytes as supplied to init(pemRepresentation:).