{"id":35229879,"url":"https://github.com/cryptomator/cryptolib-swift","last_synced_at":"2026-04-02T18:45:34.147Z","repository":{"id":39862374,"uuid":"257866385","full_name":"cryptomator/cryptolib-swift","owner":"cryptomator","description":"Swift library with cryptographic functions for accessing Cryptomator vaults","archived":false,"fork":false,"pushed_at":"2025-10-07T12:08:16.000Z","size":319,"stargazers_count":21,"open_issues_count":1,"forks_count":8,"subscribers_count":6,"default_branch":"develop","last_synced_at":"2026-01-27T14:52:03.977Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Swift","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cryptomator.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-04-22T10:22:11.000Z","updated_at":"2025-12-12T03:23:03.000Z","dependencies_parsed_at":"2025-06-30T07:32:36.695Z","dependency_job_id":"02a372e3-d0d7-4670-bfc3-64b5cbd9d770","html_url":"https://github.com/cryptomator/cryptolib-swift","commit_stats":null,"previous_names":[],"tags_count":30,"template":false,"template_full_name":null,"purl":"pkg:github/cryptomator/cryptolib-swift","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cryptomator%2Fcryptolib-swift","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cryptomator%2Fcryptolib-swift/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cryptomator%2Fcryptolib-swift/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cryptomator%2Fcryptolib-swift/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cryptomator","download_url":"https://codeload.github.com/cryptomator/cryptolib-swift/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cryptomator%2Fcryptolib-swift/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31313305,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T12:59:32.332Z","status":"ssl_error","status_checked_at":"2026-04-02T12:54:48.875Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-12-30T02:16:25.478Z","updated_at":"2026-04-02T18:45:34.138Z","avatar_url":"https://github.com/cryptomator.png","language":"Swift","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Swift Compatibility](https://img.shields.io/endpoint?url=https%3A%2F%2Fswiftpackageindex.com%2Fapi%2Fpackages%2Fcryptomator%2Fcryptolib-swift%2Fbadge%3Ftype%3Dswift-versions)](https://swiftpackageindex.com/cryptomator/cryptolib-swift)\n[![Platform Compatibility](https://img.shields.io/endpoint?url=https%3A%2F%2Fswiftpackageindex.com%2Fapi%2Fpackages%2Fcryptomator%2Fcryptolib-swift%2Fbadge%3Ftype%3Dplatforms)](https://swiftpackageindex.com/cryptomator/cryptolib-swift)\n[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=cryptomator_cryptolib-swift\u0026metric=alert_status)](https://sonarcloud.io/summary/new_code?id=cryptomator_cryptolib-swift)\n[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=cryptomator_cryptolib-swift\u0026metric=coverage)](https://sonarcloud.io/summary/new_code?id=cryptomator_cryptolib-swift)\n\n# CryptoLib Swift\n\nThis library contains all cryptographic functions that are used by Cryptomator for iOS. The purpose of this project is to provide a separate light-weight library with its own release cycle that can be used in other projects, too.\n\nFor more information on the Cryptomator encryption scheme, visit the security architecture page on [docs.cryptomator.org](https://docs.cryptomator.org/en/1.6/security/architecture/).\n\n## Requirements\n\n- iOS 13.0 or higher\n- macOS 10.15 or higher\n\n## Installation\n\n### Swift Package Manager\n\nYou can use [Swift Package Manager](https://swift.org/package-manager/ \"Swift Package Manager\").\n\n```swift\n.package(url: \"https://github.com/cryptomator/cryptolib-swift.git\", .upToNextMinor(from: \"1.1.0\"))\n```\n\n## Usage\n\n### Masterkey\n\n`Masterkey` is a class that only contains the key material for AES encryption/decryption and MAC authentication. \n\n#### Factory\n\nThis will create a new masterkey with secure random bytes.\n\n```swift\nlet masterkey = try Masterkey.createNew()\n```\n\nAnother way is to create a masterkey from raw bytes.\n\n```swift\nlet aesMasterKey = ...\nlet macMasterKey = ...\nlet masterkey = Masterkey.createFromRaw(aesMasterKey: aesMasterKey, macMasterKey: macMasterKey)\n```\n\n### MasterkeyFile\n\n`MasterkeyFile` is a representation of the masterkey file. With that, you can unlock a masterkey file (and get a `Masterkey`), lock a masterkey file (and serialize it as JSON), or change the passphrase.\n\n#### Factory\n\nCreate a masterkey file with content provided either from URL:\n\n```swift\nlet url = ...\nlet masterkeyFile = try MasterkeyFile.withContentFromURL(url: url)\n```\n\nOr from JSON data:\n\n```swift\nlet data = ...\nlet masterkeyFile = try MasterkeyFile.withContentFromData(data: data)\n```\n\n#### Unlock\n\nWhen you have a masterkey file, you can attempt an unlock. When successful, it unwraps the stored encryption and MAC keys into the masterkey, which can be used for the cryptor.\n\n```swift\nlet masterkeyFile = ...\nlet passphrase = ...\nlet pepper = ... // optional\nlet masterkey = try masterkeyFile.unlock(passphrase: passphrase, pepper: pepper)\n```\n\nThe unlock process can also be performed in two steps:\n\n```swift\nlet masterkeyFile = ...\nlet passphrase = ...\nlet pepper = ... // optional\nlet kek = try masterkeyFile.deriveKey(passphrase: passphrase, pepper: pepper)\nlet masterkey = try masterkeyFile.unlock(kek: kek)\n```\n\nThis is useful if you'd like to derive the key in an extra step since the function is memory-intensive (using scrypt). The result can then be used elsewhere, e.g. in a memory-restricted process.\n\n#### Lock\n\nFor persisting the masterkey, use this method to export its encrypted/wrapped masterkey and other metadata as JSON data.\n\n```swift\nlet masterkey = ...\nlet vaultVersion = ...\nlet passphrase = ...\nlet pepper = ... // optional\nlet scryptCostParam = ... // optional\nlet data = try MasterkeyFile.lock(masterkey: masterkey, vaultVersion: vaultVersion, passphrase: passphrase, pepper: pepper, scryptCostParam: scryptCostParam)\n```\n\n#### Change Passphrase\n\nThe masterkey can be re-encrypted with a new passphrase.\n\n```swift\nlet masterkeyFileData = ...\nlet oldPassphrase = ...\nlet newPassphrase = ...\nlet pepper = ... // optional\nlet scryptCostParam = ... // optional\ntry MasterkeyFile.changePassphrase(masterkeyFileData: masterkeyFileData, oldPassphrase: oldPassphrase, newPassphrase: newPassphrase, pepper: pepper, scryptCostParam: scryptCostParam)\n```\n\n### Cryptor\n\n`Cryptor` is the core class for cryptographic operations on Cryptomator vaults.\n\n#### Constructor\n\nCreate a cryptor by providing a masterkey and a scheme (e.g., `.sivGcm`).\n\n```swift\nlet masterkey = ...\nlet scheme = ...\nlet cryptor = Cryptor(masterkey: masterkey, scheme: scheme)\n```\n\nMake sure that the data you're working with is compatible with the provided scheme.\n\n#### Path Encryption and Decryption\n\nEncrypt the directory ID in order to determine the encrypted directory URL.\n\n```swift\nlet cryptor = ...\nlet dirId = ...\nlet encryptedDirId = try cryptor.encryptDirId(dirId)\n```\n\nEncrypt and decrypt filenames by providing a directory ID.\n\n```swift\nlet cryptor = ...\nlet filename = ...\nlet dirId = ...\nlet ciphertextName = try cryptor.encryptFileName(filename, dirId: dirId)\nlet cleartextName = try cryptor.decryptFileName(ciphertextName, dirId: dirId)\n```\n\n#### File Content Encryption and Decryption\n\nEncrypt and decrypt file content via URLs. These methods support [implicit progress composition](https://developer.apple.com/documentation/foundation/progress#1661068).\n\n```swift\nlet cryptor = ...\nlet fileURL = ...\nlet ciphertextURL = ...\nlet cleartextURL = ...\ntry cryptor.encryptContent(from: fileURL, to: ciphertextURL)\ntry cryptor.decryptContent(from: ciphertextURL, to: cleartextURL)\n```\n\n#### File Size Calculation\n\nDetermine the cleartext and ciphertext sizes in O(1).\n\n```swift\nlet cryptor = ...\nlet size = ...\nlet ciphertextSize = cryptor.calculateCiphertextSize(size)\nlet cleartextSize = try cryptor.calculateCleartextSize(ciphertextSize)\n```\n\n## Contributing\n\nPlease read our [contribution guide](.github/CONTRIBUTING.md), if you would like to report a bug, ask a question or help us with coding.\n\nIn general, the following preference is used to choose the implementation of cryptographic primitives:\n\n1. Apple CryptoKit (AES-GCM)\n2. Apple Swift Crypto (HMAC)\n3. Apple CommonCrypto (AES-CTR, RFC 3394 Key Derivation)\n\nThis project uses [SwiftFormat](https://github.com/nicklockwood/SwiftFormat) and [SwiftLint](https://github.com/realm/SwiftLint) to enforce code style and conventions. Install these tools if you haven't already.\n\nPlease make sure that your code is correctly formatted and passes linter validations. The easiest way to do that is to set up a pre-commit hook. Create a file at `.git/hooks/pre-commit` with this content:\n\n```sh\n./Scripts/process.sh --staged\nexit $?\n```\n\nAnd make your pre-commit hook executable:\n\n```sh\nchmod +x .git/hooks/pre-commit\n```\n\n## Code of Conduct\n\nHelp us keep Cryptomator open and inclusive. Please read and follow our [Code of Conduct](.github/CODE_OF_CONDUCT.md).\n\n## License\n\nThis project is dual-licensed under the AGPLv3 for FOSS projects as well as a commercial license derived from the LGPL for independent software vendors and resellers. If you want to use this library in applications that are *not* licensed under the AGPL, feel free to contact our [sales team](https://cryptomator.org/enterprise/).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcryptomator%2Fcryptolib-swift","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcryptomator%2Fcryptolib-swift","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcryptomator%2Fcryptolib-swift/lists"}