ScriptsJul 6, 2026·3 min read

CryptoSwift — Cryptographic Algorithms in Pure Swift

A comprehensive collection of standard cryptographic algorithms implemented entirely in Swift with no C dependencies.

Agent ready

Ready-to-run agent install

This asset can be installed after the agent chooses its runtime, checks the plan, and runs the matching command.

Native · 98/100Policy: allow
Agent surface
Any MCP/CLI agent
Kind
Skill
Install
Single
Trust
Trust: Established
Entrypoint
CryptoSwift Overview
Direct install command
npx -y tokrepo@latest install 8f5735ce-7959-11f1-9bc6-00163e2b0d79 --target codex

Run after dry-run confirms the install plan.

Introduction

CryptoSwift is a pure-Swift implementation of standard cryptographic primitives. It provides hash functions, ciphers, MACs, key derivation, and authenticated encryption without relying on CommonCrypto or any C libraries, making it portable across all Apple platforms and Linux.

What CryptoSwift Does

  • Implements hash functions: MD5, SHA-1, SHA-2 (224/256/384/512), SHA-3
  • Provides symmetric ciphers: AES (128/192/256), ChaCha20, Blowfish, Rabbit
  • Supports block cipher modes: ECB, CBC, CTR, GCM, CCM, CFB, OFB
  • Includes HMAC, CMAC, Poly1305 message authentication codes
  • Offers PBKDF2, HKDF, and Scrypt key derivation functions

Architecture Overview

Each algorithm is implemented as a standalone Swift type conforming to shared protocols (Cipher, Authenticator, Digest). Data flows through a consistent bytes-in, bytes-out interface using Array. The library avoids Foundation dependencies where possible, operating on raw byte arrays for maximum portability. Extensions on String and Data provide convenience wrappers.

Self-Hosting & Configuration

  • Add via SPM from krzyzanowskim/CryptoSwift
  • Or via CocoaPods: pod 'CryptoSwift', '~> 1.8'
  • No system-level C dependencies; compiles on all Swift platforms including Linux
  • Supports iOS 13+, macOS 10.15+, tvOS 13+, watchOS 6+
  • Thread-safe for concurrent encryption/decryption operations

Key Features

  • Pure Swift with no bridging to C libraries
  • Incremental processing support for large data via update/finalize pattern
  • AES-GCM authenticated encryption for modern security requirements
  • Padding options: PKCS7, zero padding, NoPadding, ISO10126, ISO78164
  • Extensions on Data and String for one-liner hashing and encryption

Comparison with Similar Tools

  • Apple CryptoKit — hardware-accelerated, Apple-only; CryptoSwift supports Linux and offers more algorithm variety
  • CommonCrypto — C-based system library; CryptoSwift provides a friendlier Swift-native API
  • OpenSSL (via SwiftNIO) — full TLS stack; far heavier for simple encrypt/hash operations
  • Sodium (libsodium) — opinionated high-level crypto; CryptoSwift gives lower-level algorithm choice
  • RNCryptor — simplified encrypt/decrypt wrapper; CryptoSwift offers more granular control

FAQ

Q: Is CryptoSwift suitable for production security applications? A: It implements standard algorithms correctly, but for high-security applications consider Apple CryptoKit which uses hardware acceleration and has undergone formal audit.

Q: Does CryptoSwift support AES-GCM authenticated encryption? A: Yes. Use AES with GCM block mode for combined encryption and authentication.

Q: Can I use CryptoSwift on Linux? A: Yes. It is pure Swift with no Apple framework dependencies, making it fully compatible with Swift on Linux.

Q: How does performance compare to CommonCrypto? A: CommonCrypto uses hardware AES-NI instructions and is faster for bulk operations. CryptoSwift is adequate for typical app-level encryption workloads.

Sources

Discussion

Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.

Related Assets