What is Themis Server

Themis Server is a remote debugging server for Themis. It acts as an interactive emulator and is aimed at helping engineers understand Themis. It can come in handy if you're just starting out with Themis. Using the Themis Serer, you can avoid spending a lot of time and effort building your own client and server, making sure you get the keys right, etc. Using a simple 'remote party simulator' you can try out Secure Session and Secure Message in an interactive mode and use copying and pasting to test encryption/decryption of containers with Secure Cell.

The UI of Themis is gradually (albeit constantly) evolving. Don’t be surprised to find out that some buttons have moved around a little. The core functionality of Themis Server remains the same.

When would you need Themis Server?

  • When you want to try Themis without building a lot of code.
  • When you need to understand if you're using Themis the right way.
  • When you have problems in your code and are flexible enough to adapt it to talk to our server. Its log console and output could be used to test against the "canonic" implementation.

Getting started


When you visit themis.cossacklabs.com, you're going to see something like this:

The registration process is pretty straightforward — click the "Registration" button in the top menu, fill the form, and you're good to go. Return to the main page, login with your credentials and proceed.

Interface overview

There are a few sections in the screenshot above that might be useful to people who use Themis in their apps, or who would like to get a quick status overview of the project:

  • Get Themis button is where you can download the latest stable release, archived.
  • Themis documentation leads you to the place where you are reading this (Themis Wiki).
  • Latest news contains short one-liner announcements about Themis and Themis Server (anything long enough to be announced is usually a link to our Blog).
  • Releases contains a list of recent releases with release notes.
  • Commits is a list of recent commits to the main Themis repository.
  • Recent builds is the information on the latest build from our Continuous Integration system — whether it passes all tests or not. Most of the time you're likely to see just one line — “Success”, but if not, don't worry, somebody must be working on that problem already.

Top menu leads you to the three different features Themis Server has right now: - Interactive Simulator for Secure Session and Secure Message - Data Simulator: -- for Secure Cell, -- for Secure Message.

For every screen of Themis Server there is an "assistant" mode, which provides extra verbosity for any field:

Interactive simulator

The interactive simulator allows your code to connect to our server in real-time, and use debug console (appears at the bottom of the screen) to actually test it.

When you log in, Themis Server generates you a new JSON endpoint (an address to which you can talk via HTTP RESTful API), if there is no active session at the point. It also generates a server key.

The server can either generate a client keypair or pick the client public key you've entered. Currently, Themis Server only works with EC keys (for a number of reasons), but one can easily modify the key type in Themis just to test things.

Pasting keys:

Generating keys:

To talk to the server, you need to write a client application, which will: send encrypted test messages encoded in base64, decode received messages from base64, then decrypt them.

When the server successfully decodes a message, it will send back the same message in reverse, e.g. 'tset' for 'test'. Once you've successfully connected to the server, you'll see debug console at the bottom of the screen


In https://github.com/cossacklabs/themis/tree/master/docs/examples/Themis-server there are very simple examples for every language Themis supports. These examples are aimed at Themis server specifically: they are base64-friendly and have all the primitives to talk to the server API.

Moreover, for every language that Themis supports, there is an interactive snippet generator that generates the changing parts of the snippet code depending on the keys and the endpoint URL:


Data simulator

Data simulator allows you to copy/paste base64-encoded objects containing Secure Cell and Secure Message. It is used for debugging either of the following modes.

Secure Cell

Pick Secure Cell Mode in the 2nd level menu, input the parameters, and encrypt/decrypt messages. It's a pretty straightforward procedure.

Secure Message

Paste the client public key and generate (or regenerate) the server key and proceed. As you can see, sign mode only adds a signature to the message, without altering its contents.

Additional info

  • Themis Server was created to aid the debugging of Themis-based applications and learning Themis. It is not suitable for industrial use and can sometimes be down (most probably because we're working on improving it).
  • By giving us your proper e-mail, you won't get any spam from us. We're only sending out really important announcements relevant for every Themis user. If we can avoid disturbing you — we'll use other channels.
  • If you have any problems using Themis or Themis Server, let us know.