Crypto related functions and helpers for Swift implemented in Swift programming language



Crypto related functions and helpers for Swift implemented in Swift. (#PureSwift)



Good mood


  • Easy to use
  • Convenient extensions for String and NSData
  • iOS, OSX, AppleTV, watchOS, Linux support

What implemented?


Message authenticators
Cipher block mode
  • Electronic codebook (ECB)
  • Cipher-block chaining (CBC)
  • Cipher feedback (CFB)
  • Counter (CTR)
Data padding


Why? Because I can.


For latest version, please check develop branch. This is latest development version that will be merged into master branch at some point.


To install CryptoSwift, add it as a submodule to your project (on the top level project directory):

git submodule add

Embedded Framework

Embedded frameworks require a minimum deployment target of iOS 8 or OS X Mavericks (10.9). Drag the CryptoSwift.xcodeproj file into your Xcode project, and add appropriate framework as a dependency to your target. Now select your App and choose the General tab for the app target. Find Embedded Binaries and press "+", then select CryptoSwift.framework (iOS, OS X, watchOS or tvOS)

iOS, OSX, watchOS, tvOS

In the project, you'll find three targets, configured for each supported SDK:

  • CryptoSwift iOS
  • CryptoSwift OSX
  • CryptoSwift watchOS
  • CryptoSwift tvOS

You may need to choose the one you need to build CryptoSwift.framework for your application.


Alternatively, you can build the Universal Framework and link it in your Xcode project. To do that please run script and find resulting frameworks in Framework directory.

Looking for version for Swift 1.2? check branch swift12, it's there.


You can use CocoaPods.

source ''
platform :ios, '8.0'

pod 'CryptoSwift'

or for newest version from specified branch of code:

pod 'CryptoSwift', :git => "", :branch => "master"


You can use Carthage. Specify in Cartfile:

github "krzyzanowskim/CryptoSwift"

Run carthage to build the framework and drag the built CryptoSwift.framework into your Xcode project. Follow build instructions

Swift Package Manager

You can use Swift Package Manager and specify dependency in Package.swift by adding this:

.Package(url: "", majorVersion: 0)


import CryptoSwift

For your convenience you should use extensions methods like encrypt(), decrypt(), md5(), sha1() and so on.

Hashing a data or array of bytes (aka Array<UInt8>)

/* Hash enum usage */
let input:[UInt8] = [49, 50, 51]

let output = input.md5()
// alternatively: let output = CryptoSwift.Hash.md5(input).calculate()

let data = NSData()

let hash = data.md5()
let hash = data.sha1()
let hash = data.sha224()
let hash = data.sha256()
let hash = data.sha384()
let hash = data.sha512()

let crc32 = data.crc32()
let crc16 = data.crc16()


Hashing a String and printing result

let hash = "123".md5()

Some content-encryption algorithms assume the input length is a multiple of k octets, where k is greater than one. For such algorithms, the input shall be padded.

let paddedData = PKCS7().add(arr, blockSize: AES.blockSize)

Working with Ciphers


let encrypted: [UInt8] = ChaCha20(key: key, iv: iv).encrypt(message)
let decrypted: [UInt8] = ChaCha20(key: key, iv: iv).decrypt(encrypted)


let encrypted = Rabbit(key: key, iv: iv)?.encrypt(plaintext)
let decrypted = Rabbit(key: key, iv: iv)?.decrypt(encrypted!)


Notice regarding padding: Manual padding of data is optional and CryptoSwift by default always will add PKCS7 padding before encryption, and remove after decryption when Cipher enum is used. If you need manually disable/enable padding, you can do this by setting parameter for encrypt()/decrypt() on class AES.


let input = NSData()
let encrypted = try! input.encrypt(AES(key: "secret0key000000", iv:"0123456789012345"))

let input: [UInt8] = [0,1,2,3,4,5,6,7,8,9]
input.encrypt(AES(key: "secret0key000000", iv:"0123456789012345", blockMode: .CBC))

Encrypt String to Base64 string result:

// Encrypt string and get Base64 representation of result
let base64: String = try! "my secret string".encrypt(AES(key: "secret0key000000", iv: "0123456789012345"))

...under the hood, this is [UInt8] converted to NSData converted to Base64 string representation:

let encryptedBytes: [UInt8] = try! "my secret string".encrypt(AES(key: "secret0key000000", iv: "0123456789012345"))

let base64 = NSData(bytes: encryptedBytes).base64EncodedStringWithOptions(NSDataBase64EncodingOptions.Encoding64CharacterLineLength)


let input: [UInt8] = [0,1,2,3,4,5,6,7,8,9]

let key: [UInt8] = [0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00]
let iv: [UInt8] = AES.randomIV(AES.blockSize)

do {
    let encrypted: [UInt8] = try AES(key: key, iv: iv, blockMode: .CBC).encrypt(input, padding: PKCS7())
    let decrypted: [UInt8] = try AES(key: key, iv: iv, blockMode: .CBC).decrypt(encrypted, padding: PKCS7())
} catch AES.Error.BlockSizeExceeded {
    // block size exceeded
} catch {
    // some error

AES without data padding

let input: [UInt8] = [0,1,2,3,4,5,6,7,8,9]
let encrypted: [UInt8] = try! AES(key: "secret0key000000", iv:"0123456789012345", blockMode: .CBC).encrypt(input)

Using extensions

let plain = NSData()
let encrypted: NSData = try! plain.encrypt(ChaCha20(key: key, iv: iv))
let decrypted: NSData = try! encrypted.decrypt(ChaCha20(key: key, iv: iv))
// plain == decrypted

Message authenticators

// Calculate Message Authentication Code (MAC) for message
let mac: [UInt8] = try! Authenticator.Poly1305(key: key).authenticate(input)
Conversion between NSData and [UInt8]

For you convenience CryptoSwift provide two function to easily convert array of bytes to NSData and other way around:

let data: NSData = NSData(bytes: [0x01, 0x02, 0x03])
let bytes:[UInt8] = data.arrayOfBytes()


Cryptoswift is owned and maintained by Marcin Krzyżanowski. You can follow me on Twitter at @krzyzanowskim for project updates and releases.

Marcin Krzyżanowski


Copyright (C) 2014 Marcin Krzyżanowski This software is provided 'as-is', without any express or implied warranty.

In no event will the authors be held liable for any damages arising from the use of this software.

Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:

  • The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation is required.
  • Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.
  • This notice may not be removed or altered from any source or binary distribution.