Security Options

Configure security options for TLS handshakes.

Topics

Configuring TLS Handshake Options

typealias sec_protocol_options_t

An object that contains security options to use for TLS handshakes.

protocol OS_sec_protocol_options

An interface that supports the object containing security options to use for TLS handshakes.

func sec_protocol_options_add_tls_application_protocol(sec_protocol_options_t, UnsafePointer<Int8>)

Adds an Application-Layer Protocol Negotiation (ALPN) value to present in the TLS handshake.

func sec_protocol_options_add_tls_ciphersuite(sec_protocol_options_t, SSLCipherSuite)

Adds a supported TLS ciphersuite to the configuration.

Deprecated
func sec_protocol_options_add_tls_ciphersuite_group(sec_protocol_options_t, SSLCiphersuiteGroup)

Adds a supported TLS ciphersuite group to the configuration.

Deprecated

Configuring TLS Behavior

Handling TLS Events

typealias sec_protocol_verify_t

A block that delivers a trust object for verification during a TLS handshake.

typealias sec_protocol_verify_complete_t

A block you return to indicate the result of a trust verification, where true indicates verification success.

typealias sec_protocol_challenge_t

A block that delivers the current TLS state for a handshake upon an identity challenge.

typealias sec_protocol_challenge_complete_t

A block you return to indicate the identity with which to reply to a challenge.

typealias sec_protocol_key_update_t

A block that delivers the current TLS state upon a key update.

typealias sec_protocol_key_update_complete_t

A block you return to indicate that you have finished responding to a key update.

typealias sec_protocol_pre_shared_key_selection_t

A block that delivers a PSK identity given a hint from its peers.

Beta
typealias sec_protocol_pre_shared_key_selection_complete_t

A block you return to indicate that you have chosen a PSK identity.

Beta

Inspecting TLS State

typealias sec_protocol_metadata_t

An object that represents the TLS state associated with a connection.

protocol OS_sec_protocol_metadata

An interface used to define the object that represents the TLS state associated with a connection.

func sec_protocol_metadata_copy_peer_public_key(sec_protocol_metadata_t) -> __DispatchData?

Accesses the public key presented by the peer in the TLS handshake.

Handling TLS Challenges

func sec_protocol_metadata_create_secret(sec_protocol_metadata_t, Int, UnsafePointer<Int8>, Int) -> __DispatchData?

Exports a cryptographic key derived from the protocol metadata using a label string.

Managing Security Objects

func sec_release(UnsafeMutableRawPointer!)

Releases a reference count on a security object.

typealias sec_object_t

The generic type for security objects used with the Network framework.

protocol OS_sec_object

An interface that supports the generic type for security objects used with the Network framework.

Beta Software

This documentation contains preliminary information about an API or technology in development. This information is subject to change, and software implemented according to this documentation should be tested with final operating system software.

Learn more about using Apple's beta software