Introducing Swift Certificates and Swift ASN.1

I’m excited to announce two new open source Swift packages: swift-certificates and swift-asn1. Together, these libraries provide developers a faster and safer implementation of X.509 certificates, a critical technology that powers the security of TLS.

→ swift.org/blog/swift-certificates-and-asn1/

Apple has released two new open-source Swift packages, swift-certificates and swift-asn1, to provide a faster, safer implementation of X.509 certificates for TLS security.

swift-asn1 handles ASN.1 parsing and Distinguished Encoding Rules (DER) serialisation in memory-safe Swift code, crucial for secure handling of untrusted inputs.

swift-certificates, still in early development, supports parsing most RFC 5280-compliant X.509 certificates, chain building, and pluggable verification policies, aiming to replace BoringSSL in swift-nio-ssl for better performance and memory safety.

The packages target server-side applications, with plans to add features like Certificate Signing Requests for broader use cases.