CryptoSwift
CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift
A pure-Swift cryptography library for iOS, macOS, Linux, and Android that provides hashing, encryption, password hashing, and message authentication with no system library dependencies.
CryptoSwift is a collection of cryptographic tools written entirely in Swift, Apple's programming language for iOS, macOS, and related platforms. Cryptography is the practice of encoding and verifying data so that only authorized parties can read it. This library gives Swift developers a way to use those techniques without relying on platform-specific system libraries, since the entire implementation is written in pure Swift and works on Apple platforms, Linux, and Android.
The library covers a wide range of standard cryptographic operations. For hashing, it includes MD5, SHA-1, several variants of SHA-2, and SHA-3. Hashing takes any data and produces a fixed-length fingerprint; it is commonly used to verify that a file has not changed or to store passwords safely. For encryption and decryption, it supports AES (with key sizes of 128, 192, and 256 bits), ChaCha20, Rabbit, and Blowfish. AES is the most widely used symmetric encryption standard in the world. The library also supports RSA, which is a public-key algorithm used when two parties need to exchange encrypted data without sharing a secret password first.
Beyond those core algorithms, CryptoSwift provides message authenticators (tools that verify a message has not been tampered with), password hashing functions (PBKDF2, scrypt, and others that are specifically designed to be slow so that guessing passwords is impractical), and a range of cipher modes that control exactly how block encryption algorithms process data in sequence.
The library is installed through Swift Package Manager, Apple's standard tool for adding dependencies to Swift projects. You add a few lines to your package configuration file and the source code is pulled in automatically. A prebuilt binary format is also available for manual Xcode integration.
The README includes a short section on recommended defaults, advising developers to prefer authenticated encryption modes like AES-GCM or ChaCha20-Poly1305 for new work, to avoid older algorithms like MD5 and SHA-1 except for compatibility with legacy systems, and to use a unique initialization value for every encryption operation. These are practical guidelines for using the library correctly rather than just technically.
Where it fits
- Hash user passwords securely using scrypt or PBKDF2 before storing them in a database
- Encrypt and decrypt data using AES-256-GCM for secure local storage or network transmission in an iOS app
- Verify file integrity by computing a SHA-256 hash and comparing it before and after transfer
- Authenticate API messages using HMAC to detect tampering in transit