apple/swift-crypto apple/swift-crypto

  • Stars
    star
    1,441
  • Rank 32,667 (Top 0.7 %)
  • Language
    C
  • License
    Apache License 2.0
  • Created over 5 years ago
  • Updated 3 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
apple/swift-crypto
github

apple

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Open-source implementation of a substantial portion of the API of Apple CryptoKit suitable for use on Linux platforms.

Swift Crypto

Swift Crypto is an open-source implementation of a substantial portion of the API of Apple CryptoKit suitable for use on Linux platforms. It enables cross-platform or server applications with the advantages of CryptoKit.

Using Swift Crypto

Swift Crypto is available as a Swift Package Manager package. To use it, add the following dependency in your Package.swift:

// swift-crypto 1.x and 2.x are almost API compatible, so most clients should
// allow either
.package(url: "https://github.com/apple/swift-crypto.git", "1.0.0" ..< "3.0.0"),

and to your target, add Crypto to your dependencies. You can then import Crypto to get access to Swift Crypto's functionality.

Functionality

Swift Crypto exposes the portions of the CryptoKit API that do not rely on specialised hardware to any Swift application. It provides safe APIs that abstract over the complexity of many cryptographic primitives that need to be used in modern applications. These APIs encourage safe usages of the underlying primitives, follow cryptographic best practices, and should be the first choice for building applications that need to use cryptography.

The current features of Swift Crypto cover key exchange, key derivation, encryption and decryption, hashing, message authentication, and more.

For specific API documentation, please see our documentation.

Implementation

Swift Crypto compiles in two distinct modes depending on the platform for which it is being built.

When building Swift Crypto for use on an Apple platform where CryptoKit is already available, Swift Crypto compiles its entire API surface down to nothing and simply re-exports the API of CryptoKit. This means that when using Apple platforms Swift Crypto simply delegates all work to the core implementation of CryptoKit, as though Swift Crypto was not even there.

When building Swift Crypto for use on Linux, Swift Crypto builds substantially more code. In particular, we build:

  1. A vendored copy of BoringSSL's libcrypto.
  2. The common API of Swift Crypto and CryptoKit.
  3. The backing implementation of this common API, which calls into BoringSSL.

The API code, and some cryptographic primitives which are directly implemented in Swift, are exactly the same for both Apple CryptoKit and Swift Crypto. The backing BoringSSL-based implementation is unique to Swift Crypto.

Evolution

The vast majority of the Swift Crypto code is intended to remain in lockstep with the current version of Apple CryptoKit. For this reason, patches that extend the API of Swift Crypto will be evaluated cautiously. For any such extension there are two possible outcomes for adding the API.

Firstly, if the API is judged to be generally valuable and suitable for contribution to Apple CryptoKit, the API will be merged into a Staging namespace in Swift Crypto. This Staging namespace is a temporary home for any API that is expected to become available in Apple CryptoKit but that is not available today. This enables users to use the API soon after merging. When the API is generally available in CryptoKit the API will be deprecated in the Staging namespace and made available in the main Swift Crypto namespace.

Secondly, if the API is judged not to meet the criteria for acceptance in general CryptoKit but is sufficiently important to have available for server use-cases, it will be merged into a Server namespace. APIs are not expected to leave this namespace, as it indicates that they are not generally available but can only be accessed when using Swift Crypto.

Note that Swift Crypto does not intend to support all possible cryptographic primitives. Swift Crypto will focus on safe, modern cryptographic primitives that are broadly useful and that do not easily lend themselves to misuse. This means that some cryptographic algorithms may never be supported: for example, 3DES is highly unlikely to ever be supported by Swift Crypto due to the difficulty of safely deploying it and its legacy status. Please be aware when proposing the addition of new primitives to Swift Crypto that the proposal may be refused for this reason.

Code Organisation

Files in this repository are divided into two groups, based on whether they have a name that ends in _boring or are in a BoringSSL directory, or if they are not.

Files that meet the above criteria are specific to the Swift Crypto implementation. Changes to these files can be made fairly easily, so long as they meet the criteria below. If your file needs to import CCryptoBoringSSL or access a BoringSSL API, it needs to be marked this way.

Files that do not have the _boring suffix are part of the public API of CryptoKit. Changing these requires passing a higher bar, as any change in these files must be accompanied by a change in CryptoKit itself.

Contributing

Before contributing please read CONTRIBUTING.md, also make sure to read the two following sections.

Contributing new primitives

To contribute a new cryptographic primitive to Swift Crypto, you should address the following questions:

  1. What is the new primitive for?
  2. How widely is it deployed?
  3. Is it specified in any public specifications or used by any such specification?
  4. How easy is it to misuse?
  5. In what way does Swift Crypto fail to satisfy that use-case today?

In addition, new primitive implementations will only be accepted in cases where the implementation is thoroughly tested, including being tested with all currently available test vectors. If the Wycheproof project provides vectors for the algorithm those should be tested as well. It must be possible to ensure that we can appropriately regression test our implementations.

Contributing bug fixes

If you discover a bug with Swift Crypto, please report it via GitHub.

If you are interested in fixing a bug, feel free to open a pull request. Please also submit regression tests with bug fixes to ensure that they are not regressed in future.

If you have issues with CryptoKit, instead of Swift Crypto, please use Feedback Assistant to file those issues as you normally would.

Get started contributing

gyb

Some of the files in this project are autogenerated (metaprogramming) using the Swift Utils tools called gyb ("generate your boilerplate"). gyb is included in ./scripts/gyb.

gyb will generate some Foobar.swift Swift file from some Foobar.swift.gyb template file. You should not edit Foobar.swift directly, since all manual edits in that generated file will be overwritten the next time gyb is run.

You run gyb for a single file like so:

./scripts/gyb --line-directive "" Sources/Foobar.swift.gyb -o Sources/Foobar.swift

More conveniently you can run the bash script ./scripts/generate_boilerplate_files_with_gyb.sh to generate all Swift files from their corresponding gyb template.

If you add a new .gyb file, you should append a // MARK: - Generated file, do NOT edit warning inside it, e.g.

// MARK: - Generated file, do NOT edit
// any edits of this file WILL be overwritten and thus discarded
// see section `gyb` in `README` for details.

Security

If you believe you have identified a vulnerability in Swift Crypto, please report that vulnerability to Apple through the usual channel.

Swift versions

The most recent versions of Swift Crypto support Swift 5.6 and newer. The minimum Swift version supported by Swift Crypto releases are detailed below:

Swift Crypto Minimum Swift Version
2.0.0 ..< 2.1.0 5.2
2.1.0 ..< 2.2.0 5.4
2.2.0 ..< 2.4.2 5.5
2.4.2 ... 5.6

Compatibility

Swift Crypto follows SemVer 2.0.0. Our public API is the same as that of CryptoKit (except where we lack an implementation entirely), as well as everything in the Server and Staging namespaces. Any symbol beginning with an underscore, and any product beginning with an underscore, is not subject to semantic versioning: these APIs may change without warning. We do not maintain a stable ABI, as Swift Crypto is a source-only distribution.

What this means for you is that you should depend on Swift Crypto with a version range that covers everything from the minimum Swift Crypto version you require up to the next major version. In SwiftPM that can be easily done specifying for example from: "1.0.0" meaning that you support Swift Crypto in every version starting from 1.0.0 up to (excluding) 2.0.0. SemVer and Swift Crypto's Public API guarantees should result in a working program without having to worry about testing every single version for compatibility.

Swift Crypto 2.0.0 was released in September 2021. The only breaking change between Swift Crypto 2.0.0 and 1.0.0 was the addition of new cases in the CryptoKitError enumeration. For most users, then, it's safe to depend on either the 1.0.0 or 2.0.0 series of releases.

To do so, please use the following dependency in your Package.swift:

.package(url: "https://github.com/apple/swift-crypto.git", "1.0.0" ..< "3.0.0"),

Developing Swift Crypto on macOS

Swift Crypto normally defers to the OS implementation of CryptoKit on macOS. Naturally, this makes developing Swift Crypto on macOS tricky. To get Swift Crypto to build the open source implementation on macOS, in Package.swift, uncomment the line that reads: //.define("CRYPTO_IN_SWIFTPM_FORCE_BUILD_API"), as this will force Swift Crypto to build its public API.

More Repositories

1

swift

The Swift Programming Language
C++
66,491
star
2

ml-stable-diffusion

Stable Diffusion with Core ML on Apple Silicon
Python
16,831
star
3

swift-evolution

This maintains proposals for changes and user-visible enhancements to the Swift Programming Language.
Markdown
15,085
star
4

foundationdb

FoundationDB - the open source, distributed, transactional key-value store
C++
14,444
star
5

turicreate

Turi Create simplifies the development of custom machine learning models.
C++
11,197
star
6

darwin-xnu

The Darwin Kernel (mirror). This repository is a pure mirror and contributions are currently not accepted via pull-requests, please submit your contributions via https://developer.apple.com/bug-reporting/
C
10,558
star
7

pkl

A configuration as code language with rich validation and tooling.
Java
10,223
star
8

swift-package-manager

The Package Manager for the Swift Programming Language
Swift
9,637
star
9

ml-ferret

Python
8,415
star
10

swift-nio

Event-driven network application framework for high performance protocol servers & clients, non-blocking.
Swift
7,274
star
11

corenet

CoreNet: A library for training deep neural networks
Jupyter Notebook
6,968
star
12

swift-algorithms

Commonly used sequence and collection algorithms for Swift
Swift
5,885
star
13

swift-corelibs-foundation

The Foundation Project, providing core utilities, internationalization, and OS independence
C
5,269
star
14

swift-protobuf

Plugin and runtime library for using protobuf with Swift
Swift
4,561
star
15

coremltools

Core ML tools contain supporting tools for Core ML model conversion, editing, and validation.
Python
4,401
star
16

password-manager-resources

A place for creators and users of password managers to collaborate on resources to make password management better.
JavaScript
4,144
star
17

ml-mgie

Python
3,853
star
18

tensorflow_macos

TensorFlow for macOS 11.0+ accelerated using Apple's ML Compute framework.
Shell
3,672
star
19

swift-collections

Commonly used data structures for Swift
Swift
3,651
star
20

ml-depth-pro

Depth Pro: Sharp Monocular Metric Depth in Less Than a Second.
Python
3,436
star
21

swift-argument-parser

Straightforward, type-safe argument parsing for Swift
Swift
3,289
star
22

sourcekit-lsp

Language Server Protocol implementation for Swift and C-based languages
Swift
3,160
star
23

swift-syntax

A set of Swift libraries for parsing, inspecting, generating, and transforming Swift source code.
Swift
3,064
star
24

swift-log

A Logging API for Swift
Swift
2,931
star
25

swift-async-algorithms

Async Algorithms for Swift
Swift
2,895
star
26

swift-markdown

A Swift package for parsing, building, editing, and analyzing Markdown documents.
Swift
2,669
star
27

ml-ane-transformers

Reference implementation of the Transformer architecture optimized for Apple Neural Engine (ANE)
Python
2,527
star
28

swift-corelibs-libdispatch

The libdispatch Project, (a.k.a. Grand Central Dispatch), for concurrency on multicore hardware
C
2,467
star
29

HomeKitADK

C
2,456
star
30

swift-format

Formatting technology for Swift source code
Swift
2,341
star
31

swift-foundation

The Foundation project
Swift
2,302
star
32

homebrew-apple

Ruby
2,240
star
33

cups

Apple CUPS Sources
C
1,926
star
34

axlearn

An Extensible Deep Learning Library
Python
1,840
star
35

ml-fastvit

This repository contains the official implementation of the research paper, "FastViT: A Fast Hybrid Vision Transformer using Structural Reparameterization" ICCV 2023
Python
1,826
star
36

ml-cvnets

CVNets: A library for training computer vision networks
Python
1,777
star
37

sample-food-truck

SwiftUI sample code from WWDC22
Swift
1,738
star
38

swift-numerics

Advanced mathematical types and functions for Swift
Swift
1,669
star
39

swift-book

The Swift Programming Language book
Markdown
1,666
star
40

ml-4m

4M: Massively Multimodal Masked Modeling
Python
1,590
star
41

swift-testing

A modern, expressive testing package for Swift
Swift
1,582
star
42

ml-hypersim

Hypersim: A Photorealistic Synthetic Dataset for Holistic Indoor Scene Understanding
Python
1,495
star
43

swift-openapi-generator

Generate Swift client and server code from an OpenAPI document.
Swift
1,423
star
44

swift-docker

Docker Official Image packaging for Swift
Dockerfile
1,331
star
45

ml-neuman

Official repository of NeuMan: Neural Human Radiance Field from a Single Video (ECCV 2022)
Python
1,256
star
46

swift-system

Low-level system calls and types for Swift
Swift
1,166
star
47

swift-docc

Documentation compiler that produces rich API reference documentation and interactive tutorials for your Swift framework or package.
Swift
1,140
star
48

swift-corelibs-xctest

The XCTest Project, A Swift core library for providing unit test support
Swift
1,138
star
49

swift-llbuild

A low-level build system, used by Xcode and the Swift Package Manager
C++
1,072
star
50

swift-atomics

Low-level atomic operations for Swift
Swift
1,050
star
51

servicetalk

A networking framework that evolves with your application
Java
910
star
52

swift-http-types

Version-independent HTTP currency types for Swift
Swift
902
star
53

swift-llvm

LLVM
813
star
54

swift-driver

Swift compiler driver reimplementation in Swift
Swift
784
star
55

swift-protobuf-plugin

Moved to apple/swift-protobuf
755
star
56

unityplugins

C#
721
star
57

swift-embedded-examples

A collection of example projects using Embedded Swift
Swift
713
star
58

ml-mobileone

This repository contains the official implementation of the research paper, "An Improved One millisecond Mobile Backbone".
Swift
709
star
59

ml-aim

This repository provides the code and model checkpoints of the research paper: Scalable Pre-training of Large Autoregressive Image Models
Python
693
star
60

swift-lldb

This is the version of LLDB that supports the Swift programming language & REPL.
C++
674
star
61

swift-clang

C++
672
star
62

ml-gaudi

611
star
63

ml-mobileclip

This repository contains the official implementation of the research paper, "MobileCLIP: Fast Image-Text Models through Multi-Modal Reinforced Training" CVPR 2024
Python
605
star
64

swift-metrics

Metrics API for Swift
Swift
602
star
65

swift-distributed-actors

Peer-to-peer cluster implementation for Swift Distributed Actors
Swift
591
star
66

ARKitScenes

This repo accompanies the research paper, ARKitScenes - A Diverse Real-World Dataset for 3D Indoor Scene Understanding Using Mobile RGB-D Data and contains the data, scripts to visualize and process assets, and training code described in our paper.
Python
589
star
67

device-management

Device management schema data for MDM.
580
star
68

sample-backyard-birds

Swift
544
star
69

ml-facelit

Official repository of FaceLit: Neural 3D Relightable Faces (CVPR 2023)
Python
472
star
70

ccs-calendarserver

The Calendar and Contacts Server.
Python
470
star
71

swift-3-api-guidelines-review

Swift
455
star
72

swift-org-website

Swift.org website
SCSS
450
star
73

GCGC

Jupyter Notebook
438
star
74

ml-mdm

Train high-quality text-to-image diffusion models in a data & compute efficient manner
Python
433
star
75

swift-nio-http2

HTTP/2 support for SwiftNIO
Swift
405
star
76

swift-tools-support-core

Contains common infrastructural code for both SwiftPM and llbuild.
Swift
390
star
77

swift-nio-ssh

SwiftNIO SSH is a programmatic implementation of SSH using SwiftNIO
Swift
389
star
78

swift-playdate-examples

An Embedded Swift game running on Playdate by Panic
Swift
386
star
79

swift-nio-ssl

TLS Support for SwiftNIO, based on BoringSSL.
C
345
star
80

ml-gmpi

[ECCV 2022, Oral Presentation] Official PyTorch implementation of GMPI
Python
339
star
81

example-package-dealer

Example package for use with the Swift Package Manager
Swift
335
star
82

security-pcc

Private Cloud Compute (PCC)
Swift
334
star
83

swift-collections-benchmark

A benchmarking tool for Swift Collection algorithms
Swift
333
star
84

swift-homomorphic-encryption

Homomorphic Encryption library and applications in Swift
Swift
330
star
85

example-package-playingcard

Example package for use with the Swift Package Manager
Swift
323
star
86

indexstore-db

Index database library for use with sourcekit-lsp
C++
315
star
87

swift-docc-render

Web renderer for Swift-DocC documentation.
JavaScript
307
star
88

ml-hierarchical-confusion-matrix

Neo: Hierarchical Confusion Matrix Visualization (CHI 2022)
TypeScript
302
star
89

swift-docc-plugin

Swift Package Manager command plugin for Swift-DocC
Swift
301
star
90

swift-migration-guide

Markdown
294
star
91

ml-sigma-reparam

Python
292
star
92

pfl-research

Simulation framework for accelerating research in Private Federated Learning
Jupyter Notebook
289
star
93

ml-gsn

Python
284
star
94

swift-llbuild2

A fresh take on a low-level build system API.
Swift
281
star
95

swift-source-compat-suite

The infrastructure and project index comprising the Swift source compatibility suite.
Python
280
star
96

swift-xcode-playground-support

Logging and communication to allow Swift toolchains to communicate with Xcode.
Swift
279
star
97

sample-cloudkit-sharing

Swift
275
star
98

swift-experimental-string-processing

An early experimental general-purpose pattern matching engine for Swift.
Swift
270
star
99

swift-matter-examples

An Embedded Swift Matter application running on ESP32-C6
Swift
266
star
100

pkl-go

Pkl bindings for the Go programming language
Go
263
star