iOS SDK

You can use our iOS SDK to:

• Encrypt data
• Embed UI Components
• Attest Enclaves

Supported Platforms

• iOS 15+
• macOS 12+

Quickstart

Install SDK

The Evervault iOS SDK can be installed using the Swift Package Manager.

1. Open your Xcode project.
2. Navigate to File > Swift Packages > Add Package Dependency.
3. Enter the repository URL for the Evervault iOS SDK: https://github.com/evervault/evervault-ios.git.
4. Choose the latest available version or specify a version rule.
5. Click Next and follow the instructions to integrate the package into your project.

Initialize SDK

Now, let's initialize the SDK using our App and Team ID. If you don't have one yet, you can get one by creating an App in the Evervault Dashboard.

If you need multiple instances of the Evervault SDK you can use the initializer as follows:

Encrypting Data

Once the SDK is configured, you can use the encrypt method to encrypt your sensitive data. The encrypt method accepts various data types, including Boolean, Numerics, Strings, Arrays, Dictionaries, and Data.

Here's an example of encrypting a password:

Or using a dedicated instance:

The encrypt method returns an Any type, so you will need to safely cast the result based on the data type you provided. For Boolean, Numerics, and Strings, the encrypted data is returned as a String. For Arrays and Dictionaries, the encrypted data maintains the same structure but is encrypted. For Data, the encrypted data is returned as encrypted Data, which can be useful for encrypting files.

Decrypting Data

Decrypts data previously encrypted with the encrypt() function or through Relay.

The decrypt() method allows you to decrypt previously encrypted data using a token.

The token is a time bound token for decrypting data. The token can be generated using our backend SDKs or through our REST API.

The payload must be the same payload that was used to create the token and expires in a maximum of 10 minutes depending on the expiry set when creating the token.

Inputs

The Evervault iOS SDK also includes the EvervaultInputs module, which provides a SwiftUI view called PaymentCardInput. This view is designed for capturing credit card information and automatically encrypts the credit card number and CVC without exposing the unencrypted data. The PaymentCardInput view can be customized to fit your application's design.

To use PaymentCardInput, make sure you have imported the EvervaultInputs module in your file, and then simply add the view to your SwiftUI hierarchy:

Fields can be optionally displayed by passing in the enabledFields struct. For example if you with to only render the Card Number field use the following code.

The encrypted credit card number and CVC are captured in the PaymentCardData Binding, as well as the expiry month and year and validation fields.

Styling

Internally, the PaymentCardInput view uses SwiftUI TextFields. These can be customized using SwiftUI modifiers like any other TextFields in your application:

To provide more customization options, the PaymentCardInput can be styled using a PaymentCardInputStyle. There are two build-in styles:

• InlinePaymentCardInputView (the default style) - puts the credit card number, expiry and cvc fields all on a single row.

To explicitly use this style:

• RowsPaymentCardInputStyle - puts the credit card number on a single row. Below it, places the expiry and cvc fields next to each other.

To use this style:

If these two styles do not match your use case, you can create your own style:

Attest Enclaves

The Evervault iOS SDK includes the ability to attest connections to Enclaves.

To attest your Enclave, you need to provide the expected PCRs to a Enclave session.

Full example

A complete working example is included in the Evervault iOS package, located in the EvervaultIOSApp directory.

Running the Sample App

To run the sample app:

1. Open the EvervaultIOSApp.xcodeproj file in Xcode.
2. Configure your Team ID and App ID in EvervaultIOSAppApp.swift or add EV_TEAM_UUID and EV_APP_UUID Environment Variables the Run Scheme.
3. Select a simulator or physical device as the build target.
4. Build and run the app.

Reference

EvervaultCore

Evervault.shared.config(teamId: String, appId: String)

A shared instance of the Evervault class. This is the simplest way to get up and running if you only need to use a single Evervault team/app.

Evervault(teamId: String, appId: String)

Initializes a single instance of the Evervault class. You'll need to use this initializer if you require more than one Evervault team/app.

Evervault.encrypt(_ data: Any, role: String?) async throws -> Any

Encrypts the provided data using Evervault Encrypt and an optional data role.

The encrypt function supports: Boolean, Numerics, String, Array, Dictionary and Data.

Note: Data Roles aren't yet supported when encrypting data of the Data type

EvervaultInputs

PaymentCardInput(cardData: PaymentCardData)

Create a PaymentCardInput SwiftUI view

EvervaultEnclaves

Evervault.enclaveSession(enclaveAttestationData: AttestationData)

Create a URLSession which will attest connections to your Evervault Enclave.

AttestationData

Config used to compare against the attestation doc served to the client from a Enclave.

PCRs

The attestation measurements measurement expected to be embedded in the attestation document returned from a Enclave.

Using the Evervault API as a PCR Provider

The Evervault API exposes an endpoint to retrieve the PCRs for all active versions of your Enclave which you can use to keep your clients in sync with your Enclave across deployments.