Secure Transport

Overview

The Security.SecureTransport API gives you access to Apple’s implementation of Secure Sockets Layer version 3.0 (SSLv3), Transport Layer Security (TLS) versions 1.0 through 1.2, and Datagram Transport Layer Security (DTLS) version 1.0.

This API imposes no transport layer dependencies. You can use it with BSD Sockets and other protocols. To use this API, you provide callback functions to perform I/O on the underlying network connections. You are also responsible for setting up raw network connections. You pass in an opaque reference to the underlying (connected) entity at the start of an SSL session in the form of an SSLConnectionRef object.

Topics

First Steps

• Using the Secure Socket Layer for Network Communication

Session Context

• SSLCreateContext(_:_:_:)
• SSLProtocolSide
• SSLConnectionType
• SSLContext
• SSLContextGetTypeID()

Context Options

• SSLSetSessionOption(_:_:_:)
• SSLGetSessionOption(_:_:_:)
• SSLSessionOption

Context Callbacks

• SSLSetIOFuncs(_:_:_:)
• SSLReadFunc
• SSLWriteFunc

Session Configuration

• SSLSetSessionConfig(_:_:)
• SSLSetClientSideAuthenticate(_:_:)
• SSLConfig
• SSLAuthenticate

I/O Connections

• SSLSetConnection(_:_:)
• SSLGetConnection(_:_:)
• SSLConnectionRef

Session State

• SSLHandshake(_:)
• SSLReHandshake(_:)
• SSLClose(_:)
• SSLSetPeerID(_:_:_:)
• SSLGetPeerID(_:_:_:)
• SSLGetSessionState(_:_:)
• SSLSessionState
• SSLSetError(_:_:)

Read Operations

• SSLRead(_:_:_:_:)
• SSLGetBufferedReadSize(_:_:)

Write Operations

• SSLWrite(_:_:_:_:)
• SSLGetDatagramWriteSize(_:_:)
• SSLGetMaxDatagramRecordSize(_:_:)
• SSLSetMaxDatagramRecordSize(_:_:)
• SSLSetDatagramHelloCookie(_:_:_:)

The Peer Domain Name

• SSLSetPeerDomainName(_:_:_:)
• SSLGetPeerDomainNameLength(_:_:)
• SSLGetPeerDomainName(_:_:_:)
• SSLCopyRequestedPeerName(_:_:_:)
• SSLCopyRequestedPeerNameLength(_:_:)

Versions

• SSLSetProtocolVersionMax(_:_:)
• SSLSetProtocolVersionMin(_:_:)
• SSLGetProtocolVersionMax(_:_:)
• SSLGetProtocolVersionMin(_:_:)
• SSLGetNegotiatedProtocolVersion(_:_:)
• tls_protocol_version_t
• SSLProtocol

Application Layer Protocols

• SSLCopyALPNProtocols(_:_:)
• SSLSetALPNProtocols(_:_:)

Ciphers

• SSLGetNumberSupportedCiphers(_:_:)
• SSLGetSupportedCiphers(_:_:_:)
• SSLSetEnabledCiphers(_:_:_:)
• SSLGetNumberEnabledCiphers(_:_:)
• SSLGetEnabledCiphers(_:_:_:)
• SSLGetNegotiatedCipher(_:_:)
• SSLSetDiffieHellmanParams(_:_:_:)
• SSLGetDiffieHellmanParams(_:_:_:)
• tls_ciphersuite_group_t
• tls_ciphersuite_t
• SSLCipherSuite
• SSLCiphersuiteGroup
• SSL Cipher Suite Values

Root Certificates

• SSLSetCertificateAuthorities(_:_:_:)
• SSLCopyCertificateAuthorities(_:_:)

Authentication

• SSLAddDistinguishedName(_:_:_:)
• SSLCopyDistinguishedNames(_:_:)
• SSLSetCertificate(_:_:)
• SSLGetClientCertificateState(_:_:)
• SSLCopyPeerTrust(_:_:)
• SSLClientCertificateState
• SSLSetOCSPResponse(_:_:)
• SSLSetSessionTicketsEnabled(_:_:)

Result Codes

• Secure Transport Result Codes

Legacy Operations

• SSLSetEncryptionCertificate(_:_:)