CryptoSwift - Crypto related functions and helpers for Swift implemented in Swift

Overview

Platform

Swift support CocoaPods Compatible Carthage compatible Accio supported Swift Package Manager compatible

Twitter

CryptoSwift

Crypto related functions and helpers for Swift implemented in Swift. (#PureSwift)

Note: The master branch follows the latest currently released version of Swift. If you need an earlier version for an older version of Swift, you can specify its version in your Podfile or use the code on the branch for that version. Older branches are unsupported. Check versions for details.


If you find the project useful, please support authors to keep it alive.


Requirements | Features | Contribution | Installation | Swift versions | How-to | Author | License | Changelog

Requirements

Good mood

Features

  • Easy to use
  • Convenient extensions for String and Data
  • Support for incremental updates (stream, ...)
  • iOS, Android, macOS, AppleTV, watchOS, Linux support

Hash (Digest)

MD5 | SHA1 | SHA224 | SHA256 | SHA384 | SHA512 | SHA3

Cyclic Redundancy Check (CRC)

CRC32 | CRC32C | CRC16

Cipher

AES-128, AES-192, AES-256 | ChaCha20 | Rabbit | Blowfish

Message authenticators

Poly1305 | HMAC (MD5, SHA1, SHA256) | CMAC | CBC-MAC

Cipher mode of operation

  • Electronic codebook (ECB)
  • Cipher-block chaining (CBC)
  • Propagating Cipher Block Chaining (PCBC)
  • Cipher feedback (CFB)
  • Output Feedback (OFB)
  • Counter Mode (CTR)
  • Galois/Counter Mode (GCM)
  • Counter with Cipher Block Chaining-Message Authentication Code (CCM)

Password-Based Key Derivation Function

  • PBKDF1 (Password-Based Key Derivation Function 1)
  • PBKDF2 (Password-Based Key Derivation Function 2)
  • HKDF (HMAC-based Extract-and-Expand Key Derivation Function)
  • Scrypt (The scrypt Password-Based Key Derivation Function)

Data padding

PKCS#5 | PKCS#7 | Zero padding | No padding

Authenticated Encryption with Associated Data (AEAD)

Why

Why? Because I can.

How do I get involved?

You want to help, great! Go ahead and fork our repo, make your changes and send us a pull request.

Contribution

Check out CONTRIBUTING.md for more information on how to help with CryptoSwift.

Installation

To install CryptoSwift, add it as a submodule to your project (on the top level project directory):

git submodule add https://github.com/krzyzanowskim/CryptoSwift.git

It is recommended to enable Whole-Module Optimization to gain better performance. Non-optimized build results in significantly worse performance.

Embedded Framework

Embedded frameworks require a minimum deployment target of iOS 8 or OS X Mavericks (10.9). Drag the CryptoSwift.xcodeproj file into your Xcode project, and add appropriate framework as a dependency to your target. Now select your App and choose the General tab for the app target. Find Embedded Binaries and press "+", then select CryptoSwift.framework (iOS, OS X, watchOS or tvOS)

Sometimes "embedded framework" option is not available. In that case, you have to add new build phase for the target

iOS, macOS, watchOS, tvOS

In the project, you'll find single scheme for all platforms:

  • CryptoSwift

Swift versions support

  • Swift 1.2: branch swift12 version <= 0.0.13
  • Swift 2.1: branch swift21 version <= 0.2.3
  • Swift 2.2, 2.3: branch swift2 version <= 0.5.2
  • Swift 3.1, branch swift3 version <= 0.6.9
  • Swift 3.2, branch swift32 version = 0.7.0
  • Swift 4.0, branch swift4 version <= 0.12.0
  • Swift 4.2, branch swift42 version <= 0.15.0
  • Swift 5.0, branch master

CocoaPods

You can use CocoaPods.

platform :ios, '10.0'
use_frameworks!

target 'MyApp' do
  pod 'CryptoSwift'
end

or for newest version from specified branch of code:

pod 'CryptoSwift', :git => "https://github.com/krzyzanowskim/CryptoSwift", :branch => "master"

Bear in mind that CocoaPods will build CryptoSwift without Whole-Module Optimization that may impact performance. You can change it manually after installation, or use cocoapods-wholemodule plugin.

Carthage

You can use Carthage. Specify in Cartfile:

github "krzyzanowskim/CryptoSwift"

Run carthage to build the framework and drag the built CryptoSwift.framework into your Xcode project. Follow build instructions. Common issues.

Accio

You can use Accio. Specify in Package.swift:

.package(url: "https://github.com/krzyzanowskim/CryptoSwift.git", .upToNextMajor(from: "1.0.0")),

Next, add CryptoSwift to your App targets dependencies like so:

.target(
    name: "App",
    dependencies: [
        "CryptoSwift",
    ]
),

Then run accio update.

Swift Package Manager

You can use Swift Package Manager and specify dependency in Package.swift by adding this:

dependencies: [
    .package(url: "https://github.com/krzyzanowskim/CryptoSwift.git", .upToNextMinor(from: "1.0.0"))
]

or more strict

dependencies: [
    .package(url: "https://github.com/krzyzanowskim/CryptoSwift.git", .exact("1.0.0"))
]

See: Package.swift - manual


How-to

also check Playground

Basics
import CryptoSwift

CryptoSwift uses array of bytes aka Array<UInt8> as a base type for all operations. Every data may be converted to a stream of bytes. You will find convenience functions that accept String or Data, and it will be internally converted to the array of bytes.

Data types conversion

For your convenience, CryptoSwift provides two functions to easily convert an array of bytes to Data or Data to an array of bytes:

Data from bytes:

let data = Data( [0x01, 0x02, 0x03])

Data to Array<UInt8>

let bytes = data.bytes                     // [1,2,3]

Hexadecimal encoding:

let bytes = Array<UInt8>(hex: "0x010203")  // [1,2,3]
let hex   = bytes.toHexString()            // "010203"

Build bytes out of String

let bytes: Array<UInt8> = "cipherkey".bytes  // Array("cipherkey".utf8)

Also... check out helpers that work with Base64 encoded data:

"aPf/i9th9iX+vf49eR7PYk2q7S5xmm3jkRLejgzHNJs=".decryptBase64ToString(cipher)
"aPf/i9th9iX+vf49eR7PYk2q7S5xmm3jkRLejgzHNJs=".decryptBase64(cipher)
bytes.toBase64()
Calculate Digest

Hashing a data or array of bytes (aka Array<UInt8>)

/* Hash struct usage */
let bytes:Array<UInt8> = [0x01, 0x02, 0x03]
let digest = input.md5()
let digest = Digest.md5(bytes)
let data = Data( [0x01, 0x02, 0x03])

let hash = data.md5()
let hash = data.sha1()
let hash = data.sha224()
let hash = data.sha256()
let hash = data.sha384()
let hash = data.sha512()    
do {
    var digest = MD5()
    let partial1 = try digest.update(withBytes: [0x31, 0x32])
    let partial2 = try digest.update(withBytes: [0x33])
    let result = try digest.finish()
} catch { }

Hashing a String and printing result

let hash = "123".md5() // "123".bytes.md5()
Calculate CRC
bytes.crc16()
data.crc16()

bytes.crc32()
data.crc32()
Message authenticators
// Calculate Message Authentication Code (MAC) for message
let key:Array<UInt8> = [1,2,3,4,5,6,7,8,9,10,...]

try Poly1305(key: key).authenticate(bytes)
try HMAC(key: key, variant: .sha256).authenticate(bytes)
try CMAC(key: key).authenticate(bytes)
Password-Based Key Derivation Functions
let password: Array<UInt8> = Array("s33krit".utf8)
let salt: Array<UInt8> = Array("nacllcan".utf8)

let key = try PKCS5.PBKDF2(password: password, salt: salt, iterations: 4096, keyLength: 32, variant: .sha256).calculate()
let password: Array<UInt8> = Array("s33krit".utf8)
let salt: Array<UInt8> = Array("nacllcan".utf8)
// Scrypt implementation does not implement work parallelization, so `p` parameter will
// increase the work time even in multicore systems
let key = try Scrypt(password: password, salt: salt, dkLen: 64, N: 16384, r: 8, p: 1).calculate()
HMAC-based Key Derivation Function
let password: Array<UInt8> = Array("s33krit".utf8)
let salt: Array<UInt8> = Array("nacllcan".utf8)

let key = try HKDF(password: password, salt: salt, variant: .sha256).calculate()
Data Padding

Some content-encryption algorithms assume the input length is a multiple of k octets, where k is greater than one. For such algorithms, the input shall be padded.

Padding.pkcs7.add(to: bytes, blockSize: AES.blockSize)

Working with Ciphers

ChaCha20
let encrypted = try ChaCha20(key: key, iv: iv).encrypt(message)
let decrypted = try ChaCha20(key: key, iv: iv).decrypt(encrypted)
Rabbit
let encrypted = try Rabbit(key: key, iv: iv).encrypt(message)
let decrypted = try Rabbit(key: key, iv: iv).decrypt(encrypted)
Blowfish
let encrypted = try Blowfish(key: key, blockMode: CBC(iv: iv), padding: .pkcs7).encrypt(message)
let decrypted = try Blowfish(key: key, blockMode: CBC(iv: iv), padding: .pkcs7).decrypt(encrypted)
AES

Notice regarding padding: Manual padding of data is optional, and CryptoSwift is using PKCS7 padding by default. If you need to manually disable/enable padding, you can do this by setting parameter for AES class

Variant of AES encryption (AES-128, AES-192, AES-256) depends on given key length:

  • AES-128 = 16 bytes
  • AES-192 = 24 bytes
  • AES-256 = 32 bytes

AES-256 example

try AES(key: [1,2,3,...,32], blockMode: CBC(iv: [1,2,3,...,16]), padding: .pkcs7)
All at once
do {
    let aes = try AES(key: "keykeykeykeykeyk", iv: "drowssapdrowssap") // aes128
    let ciphertext = try aes.encrypt(Array("Nullam quis risus eget urna mollis ornare vel eu leo.".utf8))
} catch { }
Incremental updates

Incremental operations use instance of Cryptor and encrypt/decrypt one part at a time, this way you can save on memory for large files.

do {
    var encryptor = try AES(key: "keykeykeykeykeyk", iv: "drowssapdrowssap").makeEncryptor()

    var ciphertext = Array<UInt8>()
    // aggregate partial results
    ciphertext += try encryptor.update(withBytes: Array("Nullam quis risus ".utf8))
    ciphertext += try encryptor.update(withBytes: Array("eget urna mollis ".utf8))
    ciphertext += try encryptor.update(withBytes: Array("ornare vel eu leo.".utf8))
    // finish at the end
    ciphertext += try encryptor.finish()

    print(ciphertext.toHexString())
} catch {
    print(error)
}

See Playground for sample code that work with stream.

AES Advanced usage
let input: Array<UInt8> = [0,1,2,3,4,5,6,7,8,9]

let key: Array<UInt8> = [0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00]
let iv: Array<UInt8> = AES.randomIV(AES.blockSize)

do {
    let encrypted = try AES(key: key, blockMode: CBC(iv: iv), padding: .pkcs7).encrypt(input)
    let decrypted = try AES(key: key, blockMode: CBC(iv: iv), padding: .pkcs7).decrypt(encrypted)
} catch {
    print(error)
}    

AES without data padding

let input: Array<UInt8> = [0,1,2,3,4,5,6,7,8,9]
let encrypted: Array<UInt8> = try! AES(key: Array("secret0key000000".utf8), blockMode: CBC(iv: Array("0123456789012345".utf8)), padding: .noPadding).encrypt(input)

Using convenience extensions

let plain = Data( [0x01, 0x02, 0x03])
let encrypted = try! plain.encrypt(ChaCha20(key: key, iv: iv))
let decrypted = try! encrypted.decrypt(ChaCha20(key: key, iv: iv))
AES-GCM

The result of Galois/Counter Mode (GCM) encryption is ciphertext and authentication tag, that is later used to decryption.

encryption

do {
    // In combined mode, the authentication tag is directly appended to the encrypted message. This is usually what you want.
    let gcm = GCM(iv: iv, mode: .combined)
    let aes = try AES(key: key, blockMode: gcm, padding: .noPadding)
    let encrypted = try aes.encrypt(plaintext)
    let tag = gcm.authenticationTag
catch {
    // failed
}

decryption

do {
    // In combined mode, the authentication tag is appended to the encrypted message. This is usually what you want.
    let gcm = GCM(iv: iv, mode: .combined)
    let aes = try AES(key: key, blockMode: gcm, padding: .noPadding)
    return try aes.decrypt(encrypted)
} catch {
    // failed
}

Note: GCM instance is not intended to be reused. So you can't use the same GCM instance from encoding to also perform decoding.

AES-CCM

The result of Counter with Cipher Block Chaining-Message Authentication Code encryption is ciphertext and authentication tag, that is later used to decryption.

do {
    // The authentication tag is appended to the encrypted message.
	let tagLength = 8
	let ccm = CCM(iv: iv, tagLength: tagLength, messageLength: ciphertext.count - tagLength, additionalAuthenticatedData: data)
    let aes = try AES(key: key, blockMode: ccm, padding: .noPadding)
    return try aes.decrypt(encrypted)
} catch {
    // failed
}

Check documentation or CCM specification for valid parameters for CCM.

AEAD
let encrypt = try AEADChaCha20Poly1305.encrypt(plaintext, key: key, iv: nonce, authenticationHeader: header)
let decrypt = try AEADChaCha20Poly1305.decrypt(ciphertext, key: key, iv: nonce, authenticationHeader: header, authenticationTag: tagArr: tag)

Author

CryptoSwift is owned and maintained by Marcin Krzyżanowski

You can follow me on Twitter at @krzyzanowskim for project updates and releases.

Cryptography Notice

This distribution includes cryptographic software. The country in which you currently reside may have restrictions on the import, possession, use, and/or re-export to another country, of encryption software. BEFORE using any encryption software, please check your country's laws, regulations and policies concerning the import, possession, or use, and re-export of encryption software, to see if this is permitted. See http://www.wassenaar.org/ for more information.

License

Copyright (C) 2014-2017 Marcin Krzyżanowski [email protected] This software is provided 'as-is', without any express or implied warranty.

In no event will the authors be held liable for any damages arising from the use of this software.

Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:

  • The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation is required.
  • Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.
  • This notice may not be removed or altered from any source or binary distribution.
  • Redistributions of any form whatsoever must retain the following acknowledgment: 'This product includes software developed by the "Marcin Krzyzanowski" (http://krzyzanowskim.com/).'

Changelog

See CHANGELOG file.

You might also like...
Fearless Wallet - a mobile wallet designed for the decentralized future on the Kusama and Polkadot networks
Fearless Wallet - a mobile wallet designed for the decentralized future on the Kusama and Polkadot networks

Fearless Wallet is a mobile wallet designed for the decentralized future on the Kusama and Polkadot network, with support on iOS and Android platforms. The best user experience, fast performance, and secure storage for your accounts. Development of Fearless Wallet is supported by Kusama Treasury grant.

Swiftlint, SwiftGen and Sourcery for your SPM package

BuildSystemPlugins This plugin assumes you have the same architecture proposed in here as a base. As an example for this implementation you can check

A highly experimental, self-custody Lightning wallet built to work for iOS and macOS.

Surge Surge is a highly experimental, self-custody Lightning wallet built to work for iOS and macOS. Motivation Tools and infrastructure for running a

A pure swift Ethereum Web3 library

⚗️ Web3 Web3.swift is a Swift library for signing transactions and interacting with Smart Contracts in the Ethereum Network. It allows you to connect

EthereumKit is a free, open-source Swift framework for easily interacting with the Ethereum.
EthereumKit is a free, open-source Swift framework for easily interacting with the Ethereum.

EthereumKit is a Swift framework that enables you to create Ethereum wallet and use it in your app. // BIP39: Generate seed and mnemonic sentence. le

Bitcoin protocol toolkit for Swift
Bitcoin protocol toolkit for Swift

Welcome to BitcoinKit The BitcoinKit library is a Swift implementation of the Bitcoin protocol which support both BCH and BTC. Improving the mobile ec

This library provides convenient way to use Coinpaprika.com API in Swift.

Coinpaprika API Swift Client Documentation | Repository | Installation Usage This library provides convenient way to use Coinpaprika.com API in Swift.

A simple Proof-of-Work Blockchain built in Swift

Blockchain in Swift A simple Proof-of-Work Blockchain built in Swift. Requirements Xcode 13.0 Swift 5.2 Vapor 4.49 Swift NIO 2.33.0 Getting started Cl

IOTA wallet.rs Swift binding

IOTA wallet.rs Swift Binding Swift binding for the official wallet.rs Rust library for IOTA Ledger. The Swift binding links and communicates with the

Owner
Kushal Shingote
Android Developer📱📱 iOS Apps📱📱 Swift | Xcode | SwiftUI iOS Swift development📱 Kotlin Application📱📱 iOS📱 Artificial Intelligence 💻 Data science
Kushal Shingote
Swift UI component - Stories instagram, slideshow, crypto wallet intro

SwiftUI and Combine - Stories intro multi-platform widget Features Long tap - pause stories showcase Tap - next story Leeway - pause before start stor

Igor 9 Dec 26, 2022
CryptoTrackerMenuBar - A Realtime Crypto Tracker macOS Menu Bar App built with SwiftUI & WebSocket

Realtime Crypto Tracker macOS Menu Bar App - SwiftUI & WebSocket A Realtime Cryp

Alfian Losari 21 Dec 15, 2022
Cross-platform 👻 Crypto Wallet Generator in Go

coingrig-go-wallet Cross-platform ?? Crypto Wallet Generator in Go Build Run ./build.sh Artifacts iOS .xcframework is in ios/ directory Android .jar a

Coingrig 2 Feb 26, 2022
Full Bitcoin library for iOS, implemented on Swift. SPV wallet implementation for Bitcoin, Bitcoin Cash and Dash blockchains.

BitcoinKit-iOS Bitcoin, BitcoinCash(ABC) and Dash wallet toolkit for Swift. This is a full implementation of SPV node including wallet creation/restor

Horizontal Systems 231 Dec 2, 2022
Elegant Web3js functionality in Swift. Native ABI parsing and smart contract interactions on Ethereum network.

You can ask for help in our Discord Channel web3swift Swift implementation of web3.js functionality ⚡ Interaction with remote node via JSON RPC ?? Sma

BANKEX - Proof-of-Asset Protocol 487 Mar 25, 2022
Modern Swift implementations of BIP39, BIP32, and BIP44

PLEASE NOTE! This is fork from KevinVitale/WalletKit Due to SPM (Swift package manager) and github restrictions it's impossible to add original KevinV

Alexey Strokin 3 Aug 18, 2022
BitcoinCore for Bitcoin, BitcoinCash(ABC), Litecoin and Dash wallet toolkit for Swift.

BitcoinCore for Bitcoin, BitcoinCash(ABC), Litecoin and Dash wallet toolkit for Swift. This is a full implementation of SPV node including wallet creation/restore, synchronization with network, send/receive transactions, and more.

Horizontal Systems 4 Nov 23, 2022
Ethereum Wallet Toolkit for iOS - You can implement an Ethereum wallet without a server and blockchain knowledge.

Introduction EtherWalletKit is an Ethereum Wallet Toolkit for iOS. I hope cryptocurrency and decentralized token economy become more widely adapted. H

Sung Woo Chang 136 Dec 25, 2022
Multi-wallet for Bitcoin, Ethereum, Binance Smart Chain and other emerging blockchains

Multi-wallet for Bitcoin, Ethereum, Binance Smart Chain and other emerging blockchains. Non-custodial storage, decentralized exchange, and extensive analytics for thousands of tokens and NFTs. Implemented on Swift.

Horizontal Systems 446 Jan 3, 2023
Trust - Ethereum Wallet and Web3 DApp Browser for iOS

Trust - Ethereum Wallet and Web3 DApp Browser for iOS Welcome to Trust's open source iOS app! Getting Started Download the Xcode 9 release. Clone this

Trust Wallet 1.4k Dec 31, 2022