CryptoKit uses strong types to prevent common mistakes that result in security vulnerabilities. So, when you create or import a key you declare up front what operations you plan to do with that key. That information flows through the type system, preventing you from making mistakes.
For an example of this sort of thing, consider the legacy SecKey
API. SecKeyCreateSignature
takes SecKey
and SecKeyAlgorithm
parameters and has doc comments to the effect that the key must be a private key and the algorithm must be appropriate for that key. In CryptoKit, the compiler checks that for you.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"