Swift Crypto is a new open-source library for Swift that aims to provide a common API for cryptographic operations on all supported platforms. On macOS, Swift Crypto leverage Apple's CryptoKit framework, while BoringSSL is used for all other platforms.
Swift Crypto is a new Swift package that brings the fantastic APIs of Apple CryptoKit to the wider Swift community. This will allow Swift developers, regardless of the platform on which they deploy their applications, to access these APIs for a common set of cryptographic operations.
Besides correctness, one of Swift Crypto main goals is being easy to use and safeguarding developers from common pitfalls they may incur into when using cryptographic functions. For example, this is how you would encrypt some data using AES GCM (PDF):
func encrypt(input: [UInt8]) throws -> Data {
let key = SymmetricKey(size: .bits256)
let sealedBox = try AES.GCM.seal(input, using: key)
return sealedBox.combined!
}
This syntax follows closely CryptoKit. As Apple engineer Cory Benfield remarks, this code is not only extremely easy, it also ensures correct use of a random nonce and ciphertext authentication. This is vital for AES GCM, since using the same nonce allows an attacker to easily forge a ciphertext. According to Benfield, other cryptographic libraries do not provide the same level of safeguards against incorrect usage.
A direct consequence of its goal of being easy to use in a correct way, Swift Crypto will not aim to include a large set of cryptographic primitives, since this would only make it harder for developers to choose the right primitive. Additionally, when deciding on any addition to the library, a key criteria will be whether an equivalent, safer, or more widely deployed primitive is already present.
Another major goal of Swift Crypto is ensuring it provides the same results on all supported platform. This is no trivial task, since, as mentioned, Swift Crypto uses two different underlying implementations of cryptographic primitives depending of the host platform. To this aim, Swift Crypto includes a shared test suite to ensure its BoringSSL-based implementation provides the same results as the CryptoKit-based implementation. As Benfield notes, this has required some major effort, even including a completely new implementation of some algorithms, and will continue to do so in the future.
It is important to note that while Swift Crypto adopts CryptoKit API, it will only implement it partially. Specifically, it will not include any primitives requiring specialized hardware only available on Apple platforms, such as Apple's Secure Enclave.
Swift Crypto requires Swift 5.1 and can be installed using the Swift Package Manager.