Skip to content

Security: MikaelRucinsky/JOSESwift

Security

SECURITY.md

Security Policy

Cryptography

JOSESwift exclusively uses the iOS Security framework and Apple’s CommonCrypto for cryptographic primitives.

At the moment, we do not have plans to accept implementations that make use of cryptographic implementations that are not part of Apple’s iOS SDKs.

However, we might consider extending the library in a way that would allow the current cryptographic implementation (based on Apple’s SDKs) to optionally be switched out by a different implementation if this enables JOSESwift to run in a pure Swift environment. Please contact us if this is something you are thinking about.

Supported Versions

Please make sure to always update to the latest version to receive security related patches.

Reporting a Vulnerability

For security disclosures or related matters, please contact [email protected]. We will do our best to review and respond to security disclosures with the highest priority.

There aren’t any published security advisories