CryptoKit isn't relevant to `goto fail`, which was the origin of this thread, given CryptoKit merely implements primitives and not TLS.

If you really are doubting what gets used for TLS, open up Console.app, start streaming, run `nscurl https://example.com/` (or load it in Safari, etc.), and you'll see logging like:

    default com.apple.network boringssl 18:11:46.229209-0700 libboringssl.dylib nscurl boringssl_session_apply_protocol_options_for_transport_block_invoke(2360) [C1.1.1.1:2][0x1008cef10] TLS configured [server(0) min_version(0x0303) max_version(0x0304) name(redacted) tickets(false) false_start(false) enforce_ev(false) enforce_ats(false) ats_non_pfs_ciphersuite_allowed(false) cc_mode_enforced(false) ech(false) pqtls(true), pake(false)]

It really is boringssl which is nowadays used for TLS by the Network framework.

iOS Safari definitely used BoringSSL last time I checked it with Frida