Security Options

Configure security options for TLS handshakes.

Topics

Configuring TLS Handshake Options

typealias sec_protocol_options_t

An object that contains security options to use for TLS handshakes.

protocol OS_sec_protocol_options

An interface that supports the object containing security options to use for TLS handshakes.

func sec_protocol_options_add_tls_application_protocol(sec_protocol_options_t, UnsafePointer<Int8>)

Adds an Application-Layer Protocol Negotiation (ALPN) value to present in the TLS handshake.

func sec_protocol_options_add_tls_ciphersuite(sec_protocol_options_t, SSLCipherSuite)

Adds a supported TLS ciphersuite to the configuration.

Deprecated
func sec_protocol_options_add_tls_ciphersuite_group(sec_protocol_options_t, SSLCiphersuiteGroup)

Adds a supported TLS ciphersuite group to the configuration.

Deprecated

Configuring TLS Behavior

Handling TLS Events

typealias sec_protocol_verify_t

A block that delivers a trust object for verification during a TLS handshake.

typealias sec_protocol_verify_complete_t

A block you return to indicate the result of a trust verification, where true indicates verification success.

typealias sec_protocol_challenge_t

A block that delivers the current TLS state for a handshake upon an identity challenge.

typealias sec_protocol_challenge_complete_t

A block you return to indicate the identity with which to reply to a challenge.

typealias sec_protocol_key_update_t

A block that delivers the current TLS state upon a key update.

typealias sec_protocol_key_update_complete_t

A block you return to indicate that you have finished responding to a key update.

typealias sec_protocol_pre_shared_key_selection_t

A block that delivers a PSK identity given a hint from its peers.

typealias sec_protocol_pre_shared_key_selection_complete_t

A block you return to indicate that you have chosen a PSK identity.

Inspecting TLS State

typealias sec_protocol_metadata_t

An object that represents the TLS state associated with a connection.

protocol OS_sec_protocol_metadata

An interface used to define the object that represents the TLS state associated with a connection.

func sec_protocol_metadata_copy_peer_public_key(sec_protocol_metadata_t) -> __DispatchData?

Accesses the public key presented by the peer in the TLS handshake.

Handling TLS Challenges

func sec_protocol_metadata_create_secret(sec_protocol_metadata_t, Int, UnsafePointer<Int8>, Int) -> __DispatchData?

Exports a cryptographic key derived from the protocol metadata using a label string.

Managing Security Objects

func sec_release(UnsafeMutableRawPointer!)

Releases a reference count on a security object.

typealias sec_object_t

The generic type for security objects used with the Network framework.

protocol OS_sec_object

An interface that supports the generic type for security objects used with the Network framework.