MASTG-KNOW-0067: CommonCrypto, SecKey and Wrapper libraries

The most commonly used Class for cryptographic operations is the CommonCrypto, which is packed with the iOS runtime. The functionality offered by the CommonCrypto object can best be dissected by having a look at the source code of the header file:

• The Commoncryptor.h gives the parameters for the symmetric cryptographic operations.
• The CommonDigest.h gives the parameters for the hashing Algorithms.
• The CommonHMAC.h gives the parameters for the supported HMAC operations.
• The CommonKeyDerivation.h gives the parameters for supported KDF functions.
• The CommonSymmetricKeywrap.h gives the function used for wrapping a symmetric key with a Key Encryption Key.

Unfortunately, CommonCryptor lacks a few types of operations in its public APIs, such as: GCM mode is only available in its private APIs See its source code. For this, an additional binding header is necessary or other wrapper libraries can be used.

Next, for asymmetric operations, Apple provides SecKey. Apple provides a nice guide in its Developer Documentation on how to use this.

As noted before: some wrapper-libraries exist for both in order to provide convenience. Typical libraries that are used are, for instance:

• IDZSwiftCommonCrypto
• Heimdall
• SwiftyRSA
• RNCryptor
• Arcane