Swiftpack.co - trilemma-dev/SecureXPC as Swift Package

Swiftpack.co is a collection of thousands of indexed Swift packages. Search packages.
See all packages published by trilemma-dev.
trilemma-dev/SecureXPC 0.2.2
A framework designed specifically for secure XPC Mach service communication
⭐️ 3
🕓 5 weeks ago
.package(url: "https://github.com/trilemma-dev/SecureXPC.git", from: "0.2.2")

SecureXPC provides an easy way to perform secure XPC Mach service communication. Codable conforming types are used to send messages and receive replies. This framework is ideal for communicating with helper tools installed via SMJobBless.

To see a runnable sample app using this framework, check out SwiftAuthorizationSample.


The envisioned pattern when using this framework is to define routes in a shared file, create a server in one program (such as a helper tool) and register these routes, then from another program (such as an app) create a client and call these routes.


In a file shared by the client and server define one or more routes:

let route = XPCRouteWithMessageWithReply("bezaddle",
                                         messageType: String.self,
                                         replyType: Bool.self)


In one program create a server, register those routes, and then start the server:

    let server = XPCMachServer(machServiceName: "com.example.service",
                               clientRequirements: requirements)
    server.registerRoute(route, handler: bedazzle)

private func bedazzle(message: String) throws -> Bool {
     <# implementation here #>

If this program is a helper tool installed by SMJobBless, then in many cases it can be initialized automatically:

let server = XPCMachServer.forThisBlessedHelperTool()


In another program create a client, then call one of those routes:

let client = XPCMachClient(machServiceName: "com.example.service")
try client.sendMessage("Get Schwifty", route: route, withReply: { result in
    switch result {
        case let .success(reply):
            <# use the reply #>
        case let .failure(error):
            <# handle the error #>

Codable vs NSSecureCoding

SecureXPC uses types conforming to Swift's Codable protocol to serialize data across the XPC connection. Due to the nature of how Codable is defined, it is not possible for the same instance to be referenced from multiple other deserialized instances. This is in contrast to how NSSecureCoding behaves, which is used by NSXPCConnection for serialization.

While there are considerable similarities between these two serialization protocols, there is a significant difference in how deserialization occurs. A Codable conforming type is always decoded via its initializer with no possibility of substitution. In contrast, an NSSecureCoding conforming type may use awakeAfter(using:) to substitute in an already initialized instance.

While Codable can be implemented by any type, in practice value types such as struct and enum are the most natural fit. The aforementioned deserialization behavior is by definition not applicable to value types.


Stars: 3
Last commit: 4 days ago
jonrohan Something's broken? Yell at me @ptrpavlik. Praise and feedback (and money) is also welcome.

Release Notes

5 weeks ago
  • Renames XPCMachServer.forBlessedExecutable() to XPCMachServer.forBlessedHelperTool() to better align with the naming convention used by Apple in SMJobBless documentation
  • Minor documentation improvements

Swiftpack is being maintained by Petr Pavlik | @ptrpavlik | @swiftpackco | API | Analytics