Swiftpack.co -  apple/swift-nio-ssl as Swift Package
Swiftpack.co is a collection of thousands of indexed Swift packages. Search packages.
apple/swift-nio-ssl
TLS Support for SwiftNIO, based on BoringSSL.
.package(url: "https://github.com/apple/swift-nio-ssl.git", from: "2.14.0")

SwiftNIO SSL

SwiftNIO SSL is a Swift package that contains an implementation of TLS based on BoringSSL. This package allows users of SwiftNIO to write protocol clients and servers that use TLS to secure data in flight.

The name is inspired primarily by the names of the library this package uses (BoringSSL), and not because we don't know the name of the protocol. We know the protocol is TLS!

To get started, check out the API docs.

Using SwiftNIO SSL

SwiftNIO SSL provides two ChannelHandlers to use to secure a data stream: the NIOSSLClientHandler and the NIOSSLServerHandler. Each of these can be added to a Channel to secure the communications on that channel.

Additionally, we provide a number of low-level primitives for configuring your TLS connections. These will be shown below.

To secure a server connection, you will need a X.509 certificate chain in a file (either PEM or DER, but PEM is far easier), and the associated private key for the leaf certificate. These objects can then be wrapped up in a TLSConfiguration object that is used to initialize the ChannelHandler.

For example:

let configuration = TLSConfiguration.makeServerConfiguration(
    certificateChain: try NIOSSLCertificate.fromPEMFile("cert.pem").map { .certificate($0) },
    privateKey: .file("key.pem")
)
let sslContext = try NIOSSLContext(configuration: configuration)

let server = ServerBootstrap(group: group)
    .childChannelInitializer { channel in
        // important: The handler must be initialized _inside_ the `childChannelInitializer`
        let handler = try NIOSSLServerHandler(context: sslContext)

        [...]
        channel.pipeline.addHandler(handler)
        [...]
    }

For clients, it is a bit simpler as there is no need to have a certificate chain or private key (though clients may have these things). Setup for clients may be done like this:

let configuration = TLSConfiguration.makeClientConfiguration()
let sslContext = try NIOSSLContext(configuration: configuration)

let client = ClientBootstrap(group: group)
    .channelInitializer { channel in
        // important: The handler must be initialized _inside_ the `channelInitializer`
        let handler = try NIOSSLClientHandler(context: sslContext)

        [...]
        channel.pipeline.addHandler(handler)
        [...]
    }

Note that SwiftNIO SSL currently requires Swift 5.2 and above. Release 2.13.x and prior support Swift 5.0 and 5.1

GitHub

link
Stars: 299
Last commit: 6 days ago

Ad: Job Offers

iOS Software Engineer @ Perry Street Software
Perry Street Software is Jack’d and SCRUFF. We are two of the world’s largest gay, bi, trans and queer social dating apps on iOS and Android. Our brands reach more than 20 million members worldwide so members can connect, meet and express themselves on a platform that prioritizes privacy and security. We invest heavily into SwiftUI and using Swift Packages to modularize the codebase.

Dependencies

Release Notes

SwiftNIO SSL 2.14.0
5 weeks ago

SemVer Minor

  • Added API for setting cipher suites in TLSConfiguration (#293, patch credit to @agnosticdev)
  • Rationalise TLSConfiguration construction. (#299)
  • Remove support for Swift 5.0 and 5.1 (#302)

SemVer Patch

  • Clean up new hashable implementation. (#298)
  • Update NIO dependency to 2.30.0 and later (#303)

Other Changes

  • Enable tests for Android (#300, patch credit to @buttaface)
  • docs: warn about NIOSSLContext being expensive to create (#295)

Swiftpack is being maintained by Petr Pavlik | @ptrpavlik | @swiftpackco | API