We did a round of discussions in the group with regards to this proposal; and general SSWG rules, so allow me to summarize them here.
The SSWG has decided to accept this proposal into Sandbox maturity level!
Specifically, this decision is guided by the project fulfilling all requirements of the Sandbox level, and has an active active stream of development.
At the same time however, we are concerned about the feature parity between platforms, and going forward we are going to start a discussion and may change SSWG maturity level requirements to reflect that packages should have platform parity.
Also, SSWG endorsed projects should prefer the "vetted" SSWG endorsed SwiftCrypto package for their cryptography needs when applicable.
Since we did not have rules about such parity, or requirements regarding cryptography at the time of this review. We review it using the current rules. If and when we were to adopt a new rule in the maturity levels, we will re-review packages again.
Therefore , we would strongly suggest getting this package up to feature parity, either by feature removal (as proposed in !feat: Remove CryptoSwift (PKCS1.5 encryption support in Linux) ยท amosavian/JWSETKit@b8256c8 ยท GitHub), or by figuring out how to implement the missing logic using SwiftCrypto. @lukasa has been open to accepting new algorithms into the "_CryptoExtras" package that accompanies SwiftCrypto; so aiming to get an implementation there and use it would be the best outcome here.
Another related discussion re algorithms recently happened over here: [Pitch] OracleNIO: Oracle DB Driver built on SwiftNIO -- specifically discussing PBKDF2 which could be added to _CryptoExtras.
We'll add the project to the list of SSWG endorsed projects shortly.