According to the linked Apple CryptoKit documentation, only the SHA-2 algorithms are supported, e.g.: An implementation of Secure Hashing Algorithm 2 (SHA-2) hashing with a 256-bit digest. This is easily verified by comparing the result of using CryptoKit with any of the online digest tools. For example, the SHA-2/256 bit digest for the empty string is: E3B0 C442 98FC 1C14 9AFB F4C8 996F B924 27AE 41E4 649B 934C A495 991B 7852 B855 The SHA-3 family of algorithms is supported by the CryptoSwift package available from GitHub. Note, this is not the Apple curated swift-crypto package (which is excellent, but mostly mirrors CryptoKit). My understanding is that the SHA-2 family of algorithms are often referred to as simply SHA while the SHA-3 family of algorithms are explicitly referred to as SHA-3 since they are more recent (released 2015).

That makes sense. A normal user process may access /Users/***/Library/... while a root process will access /private/var/root/Library/.... No sharing that way. You suggest XPC as the IPC mechanism. Is there any reason I should avoid SwiftNIO? I was able to spin up a quick example that embedded an echo server in the Network Extension and am able to successfully communicate with it. Just want to make sure SwiftNIO is a reasonable approach before going too far down that path.

I plan to use JSON with simple newline framing for the communications. I think this can implemented using SwiftNIO with minimal effort and limited baggage since it is a low-level library. Of course, you can implement a fully-fledged HTTP server using SwiftNIO, but that would not be my approach.