]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_ssl/lib/SecureTransport.h
projects / apple / security.git / blob
? search:


f884dee9e1cfe79255ad06290044e1e84f1ae08d
[apple/security.git] / OSX / libsecurity_ssl / lib / SecureTransport.h
1 /*
2 * Copyright (c) 1999-2002,2005-2016 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * SecureTransport.h - Public API for Apple SSL/TLS Implementation
26 */
27
28 #ifndef _SECURITY_SECURETRANSPORT_H_
29 #define _SECURITY_SECURETRANSPORT_H_
30
31 /*
32 * This file describes the public API for an implementation of the
33 * Secure Socket Layer, V. 3.0, Transport Layer Security, V. 1.0 to V. 1.2
34 * and Datagram Transport Layer Security V. 1.0
35 *
36 * There are no transport layer dependencies in this library;
37 * it can be used with sockets, Open Transport, etc. Applications using
38 * this library provide callback functions which do the actual I/O
39 * on underlying network connections. Applications are also responsible
40 * for setting up raw network connections; the application passes in
41 * an opaque reference to the underlying (connected) entity at the
42 * start of an SSL session in the form of an SSLConnectionRef.
43 *
44 * Some terminology:
45 *
46 * A "client" is the initiator of an SSL Session. The canonical example
47 * of a client is a web browser, when it's talking to an https URL.
48 *
49 * A "server" is an entity which accepts requests for SSL sessions made
50 * by clients. E.g., a secure web server.
51
52 * An "SSL Session", or "session", is bounded by calls to SSLHandshake()
53 * and SSLClose(). An "Active session" is in some state between these
54 * two calls, inclusive.
55 *
56 * An SSL Session Context, or SSLContextRef, is an opaque reference in this
57 * library to the state associated with one session. A SSLContextRef cannot
58 * be reused for multiple sessions.
59 */
60
61 #include <CoreFoundation/CFArray.h>
62 #include <Security/CipherSuite.h>
63 #include <Security/SecTrust.h>
64 #include <sys/types.h>
65 #include <Availability.h>
66
67 #ifdef __cplusplus
68 extern "C" {
69 #endif
70
71 CF_ASSUME_NONNULL_BEGIN
72 CF_IMPLICIT_BRIDGING_ENABLED
73
74 /***********************
75 *** Common typedefs ***
76 ***********************/
77
78 /* Opaque reference to an SSL session context */
79 struct SSLContext;
80 typedef struct CF_BRIDGED_TYPE(id) SSLContext *SSLContextRef;
81
82 /* Opaque reference to an I/O connection (socket, endpoint, etc.) */
83 typedef const void * SSLConnectionRef;
84
85 /* SSL Protocol version */
86 typedef CF_ENUM(int, SSLProtocol) {
87 kSSLProtocolUnknown = 0, /* no protocol negotiated/specified; use default */
88 kSSLProtocol3 = 2, /* SSL 3.0 */
89 kTLSProtocol1 = 4, /* TLS 1.0 */
90 kTLSProtocol11 = 7, /* TLS 1.1 */
91 kTLSProtocol12 = 8, /* TLS 1.2 */
92 kDTLSProtocol1 = 9, /* DTLS 1.0 */
93 kTLSProtocol13 = 10, /* TLS 1.3 */
94
95 kTLSProtocolMaxSupported = 999, /* Max system-supported version */
96
97 kSSLProtocol2 = 1, /* SSL 2.0. DEPRECATED on iOS. */
98 kSSLProtocol3Only = 3, /* SSL 3.0. DEPRECATED on iOS. */
99 kTLSProtocol1Only = 5, /* TLS 1.0 Only. DEPRECATED on iOS. */
100 kSSLProtocolAll = 6, /* All TLS supported protocols. DEPRECATED on iOS. */
101 };
102
103 /* SSL session options */
104 typedef CF_ENUM(int, SSLSessionOption) {
105 /*
106 * Set this option to enable returning from SSLHandshake (with a result of
107 * errSSLServerAuthCompleted) when the server authentication portion of the
108 * handshake is complete. This disable certificate verification and
109 * provides an opportunity to perform application-specific server
110 * verification before deciding to continue.
111 */
112 kSSLSessionOptionBreakOnServerAuth = 0,
113 /*
114 * Set this option to enable returning from SSLHandshake (with a result of
115 * errSSLClientCertRequested) when the server requests a client certificate.
116 */
117 kSSLSessionOptionBreakOnCertRequested = 1,
118 /*
119 * This option is the same as kSSLSessionOptionBreakOnServerAuth but applies
120 * to the case where SecureTransport is the server and the client has presented
121 * its certificates allowing the server to verify whether these should be
122 * allowed to authenticate.
123 */
124 kSSLSessionOptionBreakOnClientAuth = 2,
125 /*
126 * Enable/Disable TLS False Start
127 * When enabled, False Start will only be performed if a adequate cipher-suite is
128 * negotiated.
129 */
130 kSSLSessionOptionFalseStart = 3,
131 /*
132 * Enable/Disable 1/n-1 record splitting for BEAST attack mitigation.
133 * When enabled, record splitting will only be performed for TLS 1.0 connections
134 * using a block cipher.
135 */
136 kSSLSessionOptionSendOneByteRecord = 4,
137 /*
138 * Allow/Disallow server identity change on renegotiation. Disallow by default
139 * to avoid Triple Handshake attack.
140 */
141 kSSLSessionOptionAllowServerIdentityChange = 5,
142 /*
143 * Enable fallback countermeasures. Use this option when retyring a SSL connection
144 * with a lower protocol version because of failure to connect.
145 */
146 kSSLSessionOptionFallback = 6,
147 /*
148 * Set this option to break from a client hello in order to check for SNI
149 */
150 kSSLSessionOptionBreakOnClientHello = 7,
151 /*
152 * Set this option to Allow renegotations. False by default.
153 */
154 kSSLSessionOptionAllowRenegotiation = 8,
155 /*
156 * Set this option to enable session tickets. False by default.
157 */
158 kSSLSessionOptionEnableSessionTickets = 9,
159 };
160
161 /* State of an SSLSession */
162 typedef CF_ENUM(int, SSLSessionState) {
163 kSSLIdle, /* no I/O performed yet */
164 kSSLHandshake, /* SSL handshake in progress */
165 kSSLConnected, /* Handshake complete, ready for normal I/O */
166 kSSLClosed, /* connection closed normally */
167 kSSLAborted /* connection aborted */
168 };
169
170 /*
171 * Status of client certificate exchange (which is optional
172 * for both server and client).
173 */
174 typedef CF_ENUM(int, SSLClientCertificateState) {
175 /* Server hasn't asked for a cert. Client hasn't sent one. */
176 kSSLClientCertNone,
177 /* Server has asked for a cert, but client didn't send it. */
178 kSSLClientCertRequested,
179 /*
180 * Server side: We asked for a cert, client sent one, we validated
181 * it OK. App can inspect the cert via
182 * SSLCopyPeerCertificates().
183 * Client side: server asked for one, we sent it.
184 */
185 kSSLClientCertSent,
186 /*
187 * Client sent a cert but failed validation. Server side only.
188 * Server app can inspect the cert via SSLCopyPeerCertificates().
189 */
190 kSSLClientCertRejected
191 };
192
193 /*
194 * R/W functions. The application using this library provides
195 * these functions via SSLSetIOFuncs().
196 *
197 * Data's memory is allocated by caller; on entry to these two functions
198 * the *length argument indicates both the size of the available data and the
199 * requested byte count. Number of bytes actually transferred is returned in
200 * *length.
201 *
202 * The application may configure the underlying connection to operate
203 * in a non-blocking manner; in such a case, a read operation may
204 * well return errSSLWouldBlock, indicating "I transferred less data than
205 * you requested (maybe even zero bytes), nothing is wrong, except
206 * requested I/O hasn't completed". This will be returned back up to
207 * the application as a return from SSLRead(), SSLWrite(), SSLHandshake(),
208 * etc.
209 */
210 typedef OSStatus
211 (*SSLReadFunc) (SSLConnectionRef connection,
212 void *data, /* owned by
213 * caller, data
214 * RETURNED */
215 size_t *dataLength); /* IN/OUT */
216 typedef OSStatus
217 (*SSLWriteFunc) (SSLConnectionRef connection,
218 const void *data,
219 size_t *dataLength); /* IN/OUT */
220
221 /*************************************************
222 *** OSStatus values unique to SecureTransport ***
223 *************************************************/
224
225 /*
226 Note: the comments that appear after these errors are used to create SecErrorMessages.strings.
227 The comments must not be multi-line, and should be in a form meaningful to an end user. If
228 a different or additional comment is needed, it can be put in the header doc format, or on a
229 line that does not start with errZZZ.
230 */
231
232 CF_ENUM(OSStatus) {
233 errSSLProtocol = -9800, /* SSL protocol error */
234 errSSLNegotiation = -9801, /* Cipher Suite negotiation failure */
235 errSSLFatalAlert = -9802, /* Fatal alert */
236 errSSLWouldBlock = -9803, /* I/O would block (not fatal) */
237 errSSLSessionNotFound = -9804, /* attempt to restore an unknown session */
238 errSSLClosedGraceful = -9805, /* connection closed gracefully */
239 errSSLClosedAbort = -9806, /* connection closed via error */
240 errSSLXCertChainInvalid = -9807, /* invalid certificate chain */
241 errSSLBadCert = -9808, /* bad certificate format */
242 errSSLCrypto = -9809, /* underlying cryptographic error */
243 errSSLInternal = -9810, /* Internal error */
244 errSSLModuleAttach = -9811, /* module attach failure */
245 errSSLUnknownRootCert = -9812, /* valid cert chain, untrusted root */
246 errSSLNoRootCert = -9813, /* cert chain not verified by root */
247 errSSLCertExpired = -9814, /* chain had an expired cert */
248 errSSLCertNotYetValid = -9815, /* chain had a cert not yet valid */
249 errSSLClosedNoNotify = -9816, /* server closed session with no notification */
250 errSSLBufferOverflow = -9817, /* insufficient buffer provided */
251 errSSLBadCipherSuite = -9818, /* bad SSLCipherSuite */
252
253 /* fatal errors detected by peer */
254 errSSLPeerUnexpectedMsg = -9819, /* unexpected message received */
255 errSSLPeerBadRecordMac = -9820, /* bad MAC */
256 errSSLPeerDecryptionFail = -9821, /* decryption failed */
257 errSSLPeerRecordOverflow = -9822, /* record overflow */
258 errSSLPeerDecompressFail = -9823, /* decompression failure */
259 errSSLPeerHandshakeFail = -9824, /* handshake failure */
260 errSSLPeerBadCert = -9825, /* misc. bad certificate */
261 errSSLPeerUnsupportedCert = -9826, /* bad unsupported cert format */
262 errSSLPeerCertRevoked = -9827, /* certificate revoked */
263 errSSLPeerCertExpired = -9828, /* certificate expired */
264 errSSLPeerCertUnknown = -9829, /* unknown certificate */
265 errSSLIllegalParam = -9830, /* illegal parameter */
266 errSSLPeerUnknownCA = -9831, /* unknown Cert Authority */
267 errSSLPeerAccessDenied = -9832, /* access denied */
268 errSSLPeerDecodeError = -9833, /* decoding error */
269 errSSLPeerDecryptError = -9834, /* decryption error */
270 errSSLPeerExportRestriction = -9835, /* export restriction */
271 errSSLPeerProtocolVersion = -9836, /* bad protocol version */
272 errSSLPeerInsufficientSecurity = -9837, /* insufficient security */
273 errSSLPeerInternalError = -9838, /* internal error */
274 errSSLPeerUserCancelled = -9839, /* user canceled */
275 errSSLPeerNoRenegotiation = -9840, /* no renegotiation allowed */
276
277 /* non-fatal result codes */
278 errSSLPeerAuthCompleted = -9841, /* peer cert is valid, or was ignored if verification disabled */
279 errSSLClientCertRequested = -9842, /* server has requested a client cert */
280
281 /* more errors detected by us */
282 errSSLHostNameMismatch = -9843, /* peer host name mismatch */
283 errSSLConnectionRefused = -9844, /* peer dropped connection before responding */
284 errSSLDecryptionFail = -9845, /* decryption failure */
285 errSSLBadRecordMac = -9846, /* bad MAC */
286 errSSLRecordOverflow = -9847, /* record overflow */
287 errSSLBadConfiguration = -9848, /* configuration error */
288 errSSLUnexpectedRecord = -9849, /* unexpected (skipped) record in DTLS */
289 errSSLWeakPeerEphemeralDHKey = -9850, /* weak ephemeral dh key */
290
291 /* non-fatal result codes */
292 errSSLClientHelloReceived = -9851, /* SNI */
293
294 /* fatal errors resulting from transport or networking errors */
295 errSSLTransportReset = -9852, /* transport (socket) shutdown, e.g., TCP RST or FIN. */
296 errSSLNetworkTimeout = -9853, /* network timeout triggered */
297
298 /* fatal errors resulting from software misconfiguration */
299 errSSLConfigurationFailed = -9854, /* TLS configuration failed */
300
301 /* additional errors */
302 errSSLUnsupportedExtension = -9855, /* unsupported TLS extension */
303 errSSLUnexpectedMessage = -9856, /* peer rejected unexpected message */
304 errSSLDecompressFail = -9857, /* decompression failed */
305 errSSLHandshakeFail = -9858, /* handshake failed */
306 errSSLDecodeError = -9859, /* decode failed */
307 errSSLInappropriateFallback = -9860, /* inappropriate fallback */
308 errSSLMissingExtension = -9861, /* missing extension */
309 errSSLBadCertificateStatusResponse = -9862, /* bad OCSP response */
310 errSSLCertificateRequired = -9863, /* certificate required */
311 errSSLUnknownPSKIdentity = -9864, /* unknown PSK identity */
312 errSSLUnrecognizedName = -9865, /* unknown or unrecognized name */
313 };
314
315 /* DEPRECATED aliases for errSSLPeerAuthCompleted */
316 #define errSSLServerAuthCompleted errSSLPeerAuthCompleted
317 #define errSSLClientAuthCompleted errSSLPeerAuthCompleted
318
319 /* DEPRECATED alias for the end of the error range */
320 #define errSSLLast errSSLUnexpectedRecord
321
322 typedef CF_ENUM(int, SSLProtocolSide)
323 {
324 kSSLServerSide,
325 kSSLClientSide
326 };
327
328 typedef CF_ENUM(int, SSLConnectionType)
329 {
330 kSSLStreamType,
331 kSSLDatagramType
332 };
333
334 /*
335 * Predefined TLS configurations constants
336 */
337
338 /* Default configuration (has 3DES, no RC4) */
339 extern const CFStringRef kSSLSessionConfig_default
340 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_13,__IPHONE_5_0,__IPHONE_11_0);
341
342 /* ATS v1 Config: TLS v1.2, only PFS ciphersuites */
343 extern const CFStringRef kSSLSessionConfig_ATSv1
344 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
345
346 /* ATS v1 Config without PFS: TLS v1.2, include non PFS ciphersuites */
347 extern const CFStringRef kSSLSessionConfig_ATSv1_noPFS
348 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
349
350 /* TLS v1.2 to TLS v1.0, with default ciphersuites (no 3DES, no RC4) */
351 extern const CFStringRef kSSLSessionConfig_standard
352 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
353
354 /* TLS v1.2 to TLS v1.0, with default ciphersuites + RC4 + 3DES */
355 extern const CFStringRef kSSLSessionConfig_RC4_fallback
356 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_13,__IPHONE_5_0,__IPHONE_11_0);
357
358 /* TLS v1.0 only, with default ciphersuites + fallback SCSV */
359 extern const CFStringRef kSSLSessionConfig_TLSv1_fallback
360 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
361
362 /* TLS v1.0, with default ciphersuites + RC4 + 3DES + fallback SCSV */
363 extern const CFStringRef kSSLSessionConfig_TLSv1_RC4_fallback
364 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_13,__IPHONE_5_0,__IPHONE_11_0);
365
366 /* TLS v1.2 to TLS v1.0, defaults + RC4 + DHE ciphersuites */
367 extern const CFStringRef kSSLSessionConfig_legacy
368 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
369
370 /* TLS v1.2 to TLS v1.0, default + RC4 + DHE ciphersuites */
371 extern const CFStringRef kSSLSessionConfig_legacy_DHE
372 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
373
374 /* TLS v1.2, anonymous ciphersuites only */
375 extern const CFStringRef kSSLSessionConfig_anonymous
376 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
377
378 /* TLS v1.2 to TLS v1.0, has 3DES, no RC4 */
379 extern const CFStringRef kSSLSessionConfig_3DES_fallback
380 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_13,__IPHONE_5_0,__IPHONE_11_0);
381
382 /* TLS v1.0, with default ciphersuites + 3DES, no RC4 */
383 extern const CFStringRef kSSLSessionConfig_TLSv1_3DES_fallback
384 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_13,__IPHONE_5_0,__IPHONE_11_0);
385
386
387 /******************
388 *** Public API ***
389 ******************/
390
391 /*
392 * Secure Transport APIs require a SSLContextRef, which is an opaque
393 * reference to the SSL session and its parameters. On Mac OS X 10.7
394 * and earlier versions, a new context is created using SSLNewContext,
395 * and is disposed by calling SSLDisposeContext.
396 *
397 * On i0S 5.0 and later, as well as Mac OS X versions after 10.7, the
398 * SSLContextRef is a true CFType object with retain-release semantics.
399 * New code should create a new context using SSLCreateContext (instead
400 * of SSLNewContext), and dispose the context by calling CFRelease
401 * (instead of SSLDisposeContext) when finished with it.
402 */
403
404 /*
405 * Return the CFTypeID for SSLContext objects.
406 */
407 CFTypeID
408 SSLContextGetTypeID(void)
409 __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
410
411 /*
412 * Create a new instance of an SSLContextRef using the specified allocator.
413 */
414 __nullable
415 SSLContextRef
416 SSLCreateContext(CFAllocatorRef __nullable alloc, SSLProtocolSide protocolSide, SSLConnectionType connectionType)
417 __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
418
419
420 #if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE))
421 /*
422 * Create a new session context.
423 *
424 * ==========================
425 * MAC OS X ONLY (DEPRECATED)
426 * ==========================
427 * NOTE: this function is not available on iOS, and should be considered
428 * deprecated on Mac OS X. Your code should use SSLCreateContext instead.
429 */
430 OSStatus
431 SSLNewContext (Boolean isServer,
432 SSLContextRef * __nonnull CF_RETURNS_RETAINED contextPtr) /* RETURNED */
433 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
434
435 /*
436 * Dispose of a session context.
437 *
438 * ==========================
439 * MAC OS X ONLY (DEPRECATED)
440 * ==========================
441 * NOTE: this function is not available on iOS, and should be considered
442 * deprecated on Mac OS X. Your code should use CFRelease to dispose a session
443 * created with SSLCreateContext.
444 */
445 OSStatus
446 SSLDisposeContext (SSLContextRef context)
447 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
448
449 #endif /* MAC OS X */
450
451 /*
452 * Determine the state of an SSL/DTLS session.
453 */
454 OSStatus
455 SSLGetSessionState (SSLContextRef context,
456 SSLSessionState *state) /* RETURNED */
457 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
458
459 /*
460 * Set options for an SSL session. Must be called prior to SSLHandshake();
461 * subsequently cannot be called while session is active.
462 */
463 OSStatus
464 SSLSetSessionOption (SSLContextRef context,
465 SSLSessionOption option,
466 Boolean value)
467 __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_5_0);
468
469 /*
470 * Determine current value for the specified option in a given SSL session.
471 */
472 OSStatus
473 SSLGetSessionOption (SSLContextRef context,
474 SSLSessionOption option,
475 Boolean *value)
476 __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_5_0);
477
478 /********************************************************************
479 *** Session context configuration, common to client and servers. ***
480 ********************************************************************/
481
482 /*
483 * Specify functions which do the network I/O. Must be called prior
484 * to SSLHandshake(); subsequently cannot be called while a session is
485 * active.
486 */
487 OSStatus
488 SSLSetIOFuncs (SSLContextRef context,
489 SSLReadFunc readFunc,
490 SSLWriteFunc writeFunc)
491 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
492
493
494 /*
495 * Set a predefined configuration for the SSL Session
496 *
497 * This currently affect enabled protocol versions,
498 * enabled ciphersuites, and the kSSLSessionOptionFallback
499 * session option.
500 */
501 OSStatus
502 SSLSetSessionConfig(SSLContextRef context,
503 CFStringRef config)
504 __OSX_AVAILABLE_STARTING(__MAC_10_12, __IPHONE_10_0);
505
506 /*
507 * Set the minimum SSL protocol version allowed. Optional.
508 * The default is the lower supported protocol.
509 *
510 * This can only be called when no session is active.
511 *
512 * For TLS contexts, legal values for minVersion are :
513 * kSSLProtocol3
514 * kTLSProtocol1
515 * kTLSProtocol11
516 * kTLSProtocol12
517 *
518 * For DTLS contexts, legal values for minVersion are :
519 * kDTLSProtocol1
520 */
521 OSStatus
522 SSLSetProtocolVersionMin (SSLContextRef context,
523 SSLProtocol minVersion)
524 __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
525
526 /*
527 * Get minimum protocol version allowed
528 */
529 OSStatus
530 SSLGetProtocolVersionMin (SSLContextRef context,
531 SSLProtocol *minVersion)
532 __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
533
534 /*
535 * Set the maximum SSL protocol version allowed. Optional.
536 * The default is the highest supported protocol.
537 *
538 * This can only be called when no session is active.
539 *
540 * For TLS contexts, legal values for maxVersion are :
541 * kSSLProtocol3
542 * kTLSProtocol1
543 * kTLSProtocol11
544 * kTLSProtocol12
545 *
546 * For DTLS contexts, legal values for maxVersion are :
547 * kDTLSProtocol1
548 */
549 OSStatus
550 SSLSetProtocolVersionMax (SSLContextRef context,
551 SSLProtocol maxVersion)
552 __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
553
554 /*
555 * Get maximum protocol version allowed
556 */
557 OSStatus
558 SSLGetProtocolVersionMax (SSLContextRef context,
559 SSLProtocol *maxVersion)
560 __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
561
562
563 #if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE))
564 /*
565 * Set allowed SSL protocol versions. Optional.
566 * Specifying kSSLProtocolAll for SSLSetProtocolVersionEnabled results in
567 * specified 'enable' boolean to be applied to all supported protocols.
568 * The default is "all supported protocols are enabled".
569 * This can only be called when no session is active.
570 *
571 * Legal values for protocol are :
572 * kSSLProtocol2
573 * kSSLProtocol3
574 * kTLSProtocol1
575 * kSSLProtocolAll
576 *
577 * ==========================
578 * MAC OS X ONLY (DEPRECATED)
579 * ==========================
580 * NOTE: this function is not available on iOS, and should be considered
581 * deprecated on Mac OS X. You can use SSLSetProtocolVersionMin and/or
582 * SSLSetProtocolVersionMax to specify which protocols are enabled.
583 */
584 OSStatus
585 SSLSetProtocolVersionEnabled (SSLContextRef context,
586 SSLProtocol protocol,
587 Boolean enable)
588 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
589
590 /*
591 * Obtain a value specified in SSLSetProtocolVersionEnabled.
592 *
593 * ==========================
594 * MAC OS X ONLY (DEPRECATED)
595 * ==========================
596 * NOTE: this function is not available on iOS, and should be considered
597 * deprecated on Mac OS X. You can use SSLGetProtocolVersionMin and/or
598 * SSLGetProtocolVersionMax to check whether a protocol is enabled.
599 */
600 OSStatus
601 SSLGetProtocolVersionEnabled(SSLContextRef context,
602 SSLProtocol protocol,
603 Boolean *enable) /* RETURNED */
604 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
605
606 /*
607 * Get/set SSL protocol version; optional. Default is kSSLProtocolUnknown,
608 * in which case the highest possible version is attempted, but a lower
609 * version is accepted if the peer requires it.
610 * SSLSetProtocolVersion cannot be called when a session is active.
611 *
612 * ==========================
613 * MAC OS X ONLY (DEPRECATED)
614 * ==========================
615 * NOTE: this function is not available on iOS, and deprecated on Mac OS X 10.8.
616 * Use SSLSetProtocolVersionMin and/or SSLSetProtocolVersionMax to specify
617 * which protocols are enabled.
618 */
619 OSStatus
620 SSLSetProtocolVersion (SSLContextRef context,
621 SSLProtocol version)
622 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_8,__IPHONE_NA,__IPHONE_NA);
623
624 /*
625 * Obtain the protocol version specified in SSLSetProtocolVersion.
626 * If SSLSetProtocolVersionEnabled() has been called for this session,
627 * SSLGetProtocolVersion() may return errSecParam if the protocol enable
628 * state can not be represented by the SSLProtocol enums (e.g.,
629 * SSL2 and TLS1 enabled, SSL3 disabled).
630 *
631 * ==========================
632 * MAC OS X ONLY (DEPRECATED)
633 * ==========================
634 * NOTE: this function is not available on iOS, and deprecated on Mac OS X 10.8.
635 * Use SSLGetProtocolVersionMin and/or SSLGetProtocolVersionMax to check
636 * whether a protocol is enabled.
637 */
638 OSStatus
639 SSLGetProtocolVersion (SSLContextRef context,
640 SSLProtocol *protocol) /* RETURNED */
641 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_8,__IPHONE_NA,__IPHONE_NA);
642
643 #endif /* MAC OS X */
644
645 /*
646 * Specify this connection's certificate(s). This is mandatory for
647 * server connections, optional for clients. Specifying a certificate
648 * for a client enables SSL client-side authentication. The end-entity
649 * cert is in certRefs[0]. Specifying a root cert is optional; if it's
650 * not specified, the root cert which verifies the cert chain specified
651 * here must be present in the system-wide set of trusted anchor certs.
652 *
653 * The certRefs argument is a CFArray containing SecCertificateRefs,
654 * except for certRefs[0], which is a SecIdentityRef.
655 *
656 * Must be called prior to SSLHandshake(), or immediately after
657 * SSLHandshake has returned errSSLClientCertRequested (i.e. before the
658 * handshake is resumed by calling SSLHandshake again.)
659 *
660 * SecureTransport assumes the following:
661 *
662 * -- The certRef references remain valid for the lifetime of the session.
663 * -- The certificate specified in certRefs[0] is capable of signing.
664 * -- The required capabilities of the certRef[0], and of the optional cert
665 * specified in SSLSetEncryptionCertificate (see below), are highly
666 * dependent on the application. For example, to work as a server with
667 * Netscape clients, the cert specified here must be capable of both
668 * signing and encrypting.
669 */
670 OSStatus
671 SSLSetCertificate (SSLContextRef context,
672 CFArrayRef _Nullable certRefs)
673 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
674
675 /*
676 * Specify I/O connection - a socket, endpoint, etc., which is
677 * managed by caller. On the client side, it's assumed that communication
678 * has been established with the desired server on this connection.
679 * On the server side, it's assumed that an incoming client request
680 * has been established.
681 *
682 * Must be called prior to SSLHandshake(); subsequently can only be
683 * called when no session is active.
684 */
685 OSStatus
686 SSLSetConnection (SSLContextRef context,
687 SSLConnectionRef __nullable connection)
688 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
689
690 OSStatus
691 SSLGetConnection (SSLContextRef context,
692 SSLConnectionRef * __nonnull CF_RETURNS_NOT_RETAINED connection)
693 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
694
695 /*
696 * Specify the fully qualified doman name of the peer, e.g., "store.apple.com."
697 * Optional; used to verify the common name field in peer's certificate.
698 * Name is in the form of a C string; NULL termination optional, i.e.,
699 * peerName[peerNameLen+1] may or may not have a NULL. In any case peerNameLen
700 * is the number of bytes of the peer domain name.
701 */
702 OSStatus
703 SSLSetPeerDomainName (SSLContextRef context,
704 const char * __nullable peerName,
705 size_t peerNameLen)
706 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
707
708 /*
709 * Determine the buffer size needed for SSLGetPeerDomainName().
710 */
711 OSStatus
712 SSLGetPeerDomainNameLength (SSLContextRef context,
713 size_t *peerNameLen) // RETURNED
714 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
715
716 /*
717 * Obtain the value specified in SSLSetPeerDomainName().
718 */
719 OSStatus
720 SSLGetPeerDomainName (SSLContextRef context,
721 char *peerName, // returned here
722 size_t *peerNameLen) // IN/OUT
723 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
724
725
726 /*
727 * Determine the buffer size needed for SSLCopyRequestedPeerNameLength().
728 */
729 OSStatus
730 SSLCopyRequestedPeerName (SSLContextRef context,
731 char *peerName,
732 size_t *peerNameLen)
733 __OSX_AVAILABLE_STARTING(__MAC_10_11, __IPHONE_9_0);
734
735 /*
736 * Server Only: obtain the hostname specified by the client in the ServerName extension (SNI)
737 */
738 OSStatus
739 SSLCopyRequestedPeerNameLength (SSLContextRef ctx,
740 size_t *peerNameLen)
741 __OSX_AVAILABLE_STARTING(__MAC_10_11, __IPHONE_9_0);
742
743
744 /*
745 * Specify the Datagram TLS Hello Cookie.
746 * This is to be called for server side only and is optional.
747 * The default is a zero len cookie. The maximum cookieLen is 32 bytes.
748 */
749 OSStatus
750 SSLSetDatagramHelloCookie (SSLContextRef dtlsContext,
751 const void * __nullable cookie,
752 size_t cookieLen)
753 __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
754
755 /*
756 * Specify the maximum record size, including all DTLS record headers.
757 * This should be set appropriately to avoid fragmentation
758 * of Datagrams during handshake, as fragmented datagrams may
759 * be dropped by some network.
760 * This is for Datagram TLS only
761 */
762 OSStatus
763 SSLSetMaxDatagramRecordSize (SSLContextRef dtlsContext,
764 size_t maxSize)
765 __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
766
767 /*
768 * Get the maximum record size, including all Datagram TLS record headers.
769 * This is for Datagram TLS only
770 */
771 OSStatus
772 SSLGetMaxDatagramRecordSize (SSLContextRef dtlsContext,
773 size_t *maxSize)
774 __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
775
776 /*
777 * Obtain the actual negotiated protocol version of the active
778 * session, which may be different that the value specified in
779 * SSLSetProtocolVersion(). Returns kSSLProtocolUnknown if no
780 * SSL session is in progress.
781 */
782 OSStatus
783 SSLGetNegotiatedProtocolVersion (SSLContextRef context,
784 SSLProtocol *protocol) /* RETURNED */
785 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
786
787 /*
788 * Determine number and values of all of the SSLCipherSuites we support.
789 * Caller allocates output buffer for SSLGetSupportedCiphers() and passes in
790 * its size in *numCiphers. If supplied buffer is too small, errSSLBufferOverflow
791 * will be returned.
792 */
793 OSStatus
794 SSLGetNumberSupportedCiphers (SSLContextRef context,
795 size_t *numCiphers)
796 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
797
798 OSStatus
799 SSLGetSupportedCiphers (SSLContextRef context,
800 SSLCipherSuite *ciphers, /* RETURNED */
801 size_t *numCiphers) /* IN/OUT */
802 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
803
804 /*
805 * Specify a (typically) restricted set of SSLCipherSuites to be enabled by
806 * the current SSLContext. Can only be called when no session is active. Default
807 * set of enabled SSLCipherSuites is the same as the complete set of supported
808 * SSLCipherSuites as obtained by SSLGetSupportedCiphers().
809 */
810 OSStatus
811 SSLSetEnabledCiphers (SSLContextRef context,
812 const SSLCipherSuite *ciphers,
813 size_t numCiphers)
814 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
815
816 /*
817 * Determine number and values of all of the SSLCipherSuites currently enabled.
818 * Caller allocates output buffer for SSLGetEnabledCiphers() and passes in
819 * its size in *numCiphers. If supplied buffer is too small, errSSLBufferOverflow
820 * will be returned.
821 */
822 OSStatus
823 SSLGetNumberEnabledCiphers (SSLContextRef context,
824 size_t *numCiphers)
825 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
826
827 OSStatus
828 SSLGetEnabledCiphers (SSLContextRef context,
829 SSLCipherSuite *ciphers, /* RETURNED */
830 size_t *numCiphers) /* IN/OUT */
831 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
832
833 /*
834 * Forcibly enable or disable session ticket resumption. By default, session tickets
835 * are disabled.
836 */
837 OSStatus
838 SSLSetSessionTicketsEnabled (SSLContextRef context,
839 Boolean enabled)
840 __OSX_AVAILABLE_STARTING(__MAC_10_13, __IPHONE_11_0);
841
842
843 #if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE))
844 /*
845 * Enable/disable peer certificate chain validation. Default is enabled.
846 * If caller disables, it is the caller's responsibility to call
847 * SSLCopyPeerCertificates() upon successful completion of the handshake
848 * and then to perform external validation of the peer certificate
849 * chain before proceeding with data transfer.
850 *
851 * ==========================
852 * MAC OS X ONLY (DEPRECATED)
853 * ==========================
854 * NOTE: this function is not available on iOS, and should be considered
855 * deprecated on Mac OS X. To disable peer certificate chain validation, you
856 * can instead use SSLSetSessionOption to set kSSLSessionOptionBreakOnServerAuth
857 * to true. This will disable verification and cause SSLHandshake to return with
858 * an errSSLServerAuthCompleted result when the peer certificates have been
859 * received; at that time, you can choose to evaluate peer trust yourself, or
860 * simply call SSLHandshake again to proceed with the handshake.
861 */
862 OSStatus
863 SSLSetEnableCertVerify (SSLContextRef context,
864 Boolean enableVerify)
865 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
866
867 /*
868 * Check whether peer certificate chain validation is enabled.
869 *
870 * ==========================
871 * MAC OS X ONLY (DEPRECATED)
872 * ==========================
873 * NOTE: this function is not available on iOS, and should be considered
874 * deprecated on Mac OS X. To check whether peer certificate chain validation
875 * is enabled in a context, call SSLGetSessionOption to obtain the value of
876 * the kSSLSessionOptionBreakOnServerAuth session option flag. If the value
877 * of this option flag is true, then verification is disabled.
878 */
879 OSStatus
880 SSLGetEnableCertVerify (SSLContextRef context,
881 Boolean *enableVerify) /* RETURNED */
882 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
883
884 /*
885 * Specify the option of ignoring certificates' "expired" times.
886 * This is a common failure in the real SSL world. Default setting for this
887 * flag is false, meaning expired certs result in an errSSLCertExpired error.
888 *
889 * ==========================
890 * MAC OS X ONLY (DEPRECATED)
891 * ==========================
892 * NOTE: this function is not available on iOS, and should be considered
893 * deprecated on Mac OS X. To ignore expired certificate errors, first disable
894 * Secure Transport's automatic verification of peer certificates by calling
895 * SSLSetSessionOption to set kSSLSessionOptionBreakOnServerAuth to true. When
896 * SSLHandshake subsequently returns an errSSLServerAuthCompleted result,
897 * your code should obtain the SecTrustRef for the peer's certificates and
898 * perform a custom trust evaluation with SecTrust APIs (see SecTrust.h).
899 * The SecTrustSetOptions function allows you to specify that the expiration
900 * status of certificates should be ignored for this evaluation.
901 *
902 * Example:
903 *
904 * status = SSLSetSessionOption(ctx, kSSLSessionOptionBreakOnServerAuth, true);
905 * do {
906 * status = SSLHandshake(ctx);
907 *
908 * if (status == errSSLServerAuthCompleted) {
909 * SecTrustRef peerTrust = NULL;
910 * status = SSLCopyPeerTrust(ctx, &peerTrust);
911 * if (status == errSecSuccess) {
912 * SecTrustResultType trustResult;
913 * // set flag to allow expired certificates
914 * SecTrustSetOptions(peerTrust, kSecTrustOptionAllowExpired);
915 * status = SecTrustEvaluate(peerTrust, &trustResult);
916 * if (status == errSecSuccess) {
917 * // A "proceed" result means the cert is explicitly trusted,
918 * // e.g. "Always Trust" was clicked;
919 * // "Unspecified" means the cert has no explicit trust settings,
920 * // but is implicitly OK since it chains back to a trusted root.
921 * // Any other result means the cert is not trusted.
922 * //
923 * if (trustResult == kSecTrustResultProceed ||
924 * trustResult == kSecTrustResultUnspecified) {
925 * // certificate is trusted
926 * status = errSSLWouldBlock; // so we call SSLHandshake again
927 * } else if (trustResult == kSecTrustResultRecoverableTrustFailure) {
928 * // not trusted, for some reason other than being expired;
929 * // could ask the user whether to allow the connection here
930 * //
931 * status = errSSLXCertChainInvalid;
932 * } else {
933 * // cannot use this certificate (fatal)
934 * status = errSSLBadCert;
935 * }
936 * }
937 * if (peerTrust) {
938 * CFRelease(peerTrust);
939 * }
940 * }
941 * } // errSSLServerAuthCompleted
942 *
943 * } while (status == errSSLWouldBlock);
944 *
945 */
946 OSStatus
947 SSLSetAllowsExpiredCerts (SSLContextRef context,
948 Boolean allowsExpired)
949 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
950
951 /*
952 * Obtain the current value of an SSLContext's "allowExpiredCerts" flag.
953 *
954 * ==========================
955 * MAC OS X ONLY (DEPRECATED)
956 * ==========================
957 * NOTE: this function is not available on iOS, and should be considered
958 * deprecated on Mac OS X.
959 */
960 OSStatus
961 SSLGetAllowsExpiredCerts (SSLContextRef context,
962 Boolean *allowsExpired) /* RETURNED */
963 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
964
965 /*
966 * Similar to SSLSetAllowsExpiredCerts, SSLSetAllowsExpiredRoots allows the
967 * option of ignoring "expired" status for root certificates only.
968 * Default setting is false, i.e., expired root certs result in an
969 * errSSLCertExpired error.
970 *
971 * ==========================
972 * MAC OS X ONLY (DEPRECATED)
973 * ==========================
974 * NOTE: this function is not available on iOS, and should be considered
975 * deprecated on Mac OS X. To ignore expired certificate errors, first disable
976 * Secure Transport's automatic verification of peer certificates by calling
977 * SSLSetSessionOption to set kSSLSessionOptionBreakOnServerAuth to true. When
978 * SSLHandshake subsequently returns an errSSLServerAuthCompleted result,
979 * your code should obtain the SecTrustRef for the peer's certificates and
980 * perform a custom trust evaluation with SecTrust APIs (see SecTrust.h).
981 * The SecTrustSetOptions function allows you to specify that the expiration
982 * status of certificates should be ignored for this evaluation.
983 *
984 * See the description of the SSLSetAllowsExpiredCerts function (above)
985 * for a code example. The kSecTrustOptionAllowExpiredRoot option can be used
986 * instead of kSecTrustOptionAllowExpired to allow expired roots only.
987 */
988 OSStatus
989 SSLSetAllowsExpiredRoots (SSLContextRef context,
990 Boolean allowsExpired)
991 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
992
993 /*
994 * Obtain the current value of an SSLContext's "allow expired roots" flag.
995 *
996 * ==========================
997 * MAC OS X ONLY (DEPRECATED)
998 * ==========================
999 * NOTE: this function is not available on iOS, and should be considered
1000 * deprecated on Mac OS X.
1001 */
1002 OSStatus
1003 SSLGetAllowsExpiredRoots (SSLContextRef context,
1004 Boolean *allowsExpired) /* RETURNED */
1005 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
1006
1007 /*
1008 * Specify option of allowing for an unknown root cert, i.e., one which
1009 * this software can not verify as one of a list of known good root certs.
1010 * Default for this flag is false, in which case one of the following two
1011 * errors may occur:
1012 * -- The peer returns a cert chain with a root cert, and the chain
1013 * verifies to that root, but the root is not one of our trusted
1014 * roots. This results in errSSLUnknownRootCert on handshake.
1015 * -- The peer returns a cert chain which does not contain a root cert,
1016 * and we can't verify the chain to one of our trusted roots. This
1017 * results in errSSLNoRootCert on handshake.
1018 *
1019 * Both of these error conditions are ignored when the AllowAnyRoot flag is
1020 * true, allowing connection to a totally untrusted peer.
1021 *
1022 * ==========================
1023 * MAC OS X ONLY (DEPRECATED)
1024 * ==========================
1025 * NOTE: this function is not available on iOS, and should be considered
1026 * deprecated on Mac OS X. To ignore unknown root cert errors, first disable
1027 * Secure Transport's automatic verification of peer certificates by calling
1028 * SSLSetSessionOption to set kSSLSessionOptionBreakOnServerAuth to true. When
1029 * SSLHandshake subsequently returns an errSSLServerAuthCompleted result,
1030 * your code should obtain the SecTrustRef for the peer's certificates and
1031 * perform a custom trust evaluation with SecTrust APIs (see SecTrust.h).
1032 *
1033 * See the description of the SSLSetAllowsExpiredCerts function (above)
1034 * for a code example. Note that an unknown root certificate will cause
1035 * SecTrustEvaluate to report kSecTrustResultRecoverableTrustFailure as the
1036 * trust result.
1037 */
1038 OSStatus
1039 SSLSetAllowsAnyRoot (SSLContextRef context,
1040 Boolean anyRoot)
1041 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
1042
1043 /*
1044 * Obtain the current value of an SSLContext's "allow any root" flag.
1045 *
1046 * ==========================
1047 * MAC OS X ONLY (DEPRECATED)
1048 * ==========================
1049 * NOTE: this function is not available on iOS, and should be considered
1050 * deprecated on Mac OS X.
1051 */
1052 OSStatus
1053 SSLGetAllowsAnyRoot (SSLContextRef context,
1054 Boolean *anyRoot) /* RETURNED */
1055 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
1056
1057 /*
1058 * Augment or replace the system's default trusted root certificate set
1059 * for this session. If replaceExisting is true, the specified roots will
1060 * be the only roots which are trusted during this session. If replaceExisting
1061 * is false, the specified roots will be added to the current set of trusted
1062 * root certs. If this function has never been called, the current trusted
1063 * root set is the same as the system's default trusted root set.
1064 * Successive calls with replaceExisting false result in accumulation
1065 * of additional root certs.
1066 *
1067 * The trustedRoots array contains SecCertificateRefs.
1068 *
1069 * ==========================
1070 * MAC OS X ONLY (DEPRECATED)
1071 * ==========================
1072 * NOTE: this function is not available on iOS, and should be considered
1073 * deprecated on Mac OS X. To trust specific roots in a session, first disable
1074 * Secure Transport's automatic verification of peer certificates by calling
1075 * SSLSetSessionOption to set kSSLSessionOptionBreakOnServerAuth to true. When
1076 * SSLHandshake subsequently returns an errSSLServerAuthCompleted result,
1077 * your code should obtain the SecTrustRef for the peer's certificates and
1078 * perform a custom trust evaluation with SecTrust APIs (see SecTrust.h).
1079 *
1080 * See the description of the SSLSetAllowsExpiredCerts function (above)
1081 * for a code example. You can call SecTrustSetAnchorCertificates to
1082 * augment the system's trusted root set, or SecTrustSetAnchorCertificatesOnly
1083 * to make these the only trusted roots, prior to calling SecTrustEvaluate.
1084 */
1085 OSStatus
1086 SSLSetTrustedRoots (SSLContextRef context,
1087 CFArrayRef trustedRoots,
1088 Boolean replaceExisting)
1089 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
1090
1091 /*
1092 * Obtain an array of SecCertificateRefs representing the current
1093 * set of trusted roots. If SSLSetTrustedRoots() has never been called
1094 * for this session, this returns the system's default root set.
1095 *
1096 * Caller must CFRelease the returned CFArray.
1097 *
1098 * ==========================
1099 * MAC OS X ONLY (DEPRECATED)
1100 * ==========================
1101 * NOTE: this function is not available on iOS, and should be considered
1102 * deprecated on Mac OS X. To get the current set of trusted roots, call the
1103 * SSLCopyPeerTrust function to obtain the SecTrustRef for the peer certificate
1104 * chain, then SecTrustCopyCustomAnchorCertificates (see SecTrust.h).
1105 */
1106 OSStatus
1107 SSLCopyTrustedRoots (SSLContextRef context,
1108 CFArrayRef * __nonnull CF_RETURNS_RETAINED trustedRoots) /* RETURNED */
1109 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_5,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
1110
1111 /*
1112 * Request peer certificates. Valid anytime, subsequent to a handshake attempt.
1113 *
1114 * The certs argument is a CFArray containing SecCertificateRefs.
1115 * Caller must CFRelease the returned array.
1116 *
1117 * The cert at index 0 of the returned array is the subject (end
1118 * entity) cert; the root cert (or the closest cert to it) is at
1119 * the end of the returned array.
1120 *
1121 * ==========================
1122 * MAC OS X ONLY (DEPRECATED)
1123 * ==========================
1124 * NOTE: this function is not available on iOS, and should be considered
1125 * deprecated on Mac OS X. To get peer certificates, call SSLCopyPeerTrust
1126 * to obtain the SecTrustRef for the peer certificate chain, then use the
1127 * SecTrustGetCertificateCount and SecTrustGetCertificateAtIndex functions
1128 * to retrieve individual certificates in the chain (see SecTrust.h).
1129 */
1130 OSStatus
1131 SSLCopyPeerCertificates (SSLContextRef context,
1132 CFArrayRef * __nonnull CF_RETURNS_RETAINED certs) /* RETURNED */
1133 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_5,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
1134
1135 #endif /* MAC OS X */
1136
1137 /*
1138 * Obtain a SecTrustRef representing peer certificates. Valid anytime,
1139 * subsequent to a handshake attempt. Caller must CFRelease the returned
1140 * trust reference.
1141 *
1142 * The returned trust reference will have already been evaluated for you,
1143 * unless one of the following is true:
1144 * - Your code has disabled automatic certificate verification, by calling
1145 * SSLSetSessionOption to set kSSLSessionOptionBreakOnServerAuth to true.
1146 * - Your code has called SSLSetPeerID, and this session has been resumed
1147 * from an earlier cached session.
1148 *
1149 * In these cases, your code should call SecTrustEvaluate prior to
1150 * examining the peer certificate chain or trust results (see SecTrust.h).
1151 *
1152 * NOTE: if you have not called SSLHandshake at least once prior to
1153 * calling this function, the returned trust reference will be NULL.
1154 */
1155 OSStatus
1156 SSLCopyPeerTrust (SSLContextRef context,
1157 SecTrustRef * __nonnull CF_RETURNS_RETAINED trust) /* RETURNED */
1158 __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_5_0);
1159
1160 /*
1161 * Specify some data, opaque to this library, which is sufficient
1162 * to uniquely identify the peer of the current session. An example
1163 * would be IP address and port, stored in some caller-private manner.
1164 * To be optionally called prior to SSLHandshake for the current
1165 * session. This is mandatory if this session is to be resumable.
1166 *
1167 * SecureTransport allocates its own copy of the incoming peerID. The
1168 * data provided in *peerID, while opaque to SecureTransport, is used
1169 * in a byte-for-byte compare to other previous peerID values set by the
1170 * current application. Matching peerID blobs result in SecureTransport
1171 * attempting to resume an SSL session with the same parameters as used
1172 * in the previous session which specified the same peerID bytes.
1173 */
1174 OSStatus
1175 SSLSetPeerID (SSLContextRef context,
1176 const void * __nullable peerID,
1177 size_t peerIDLen)
1178 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
1179
1180 /*
1181 * Obtain current PeerID. Returns NULL pointer, zero length if
1182 * SSLSetPeerID has not been called for this context.
1183 */
1184 OSStatus
1185 SSLGetPeerID (SSLContextRef context,
1186 const void * __nullable * __nonnull peerID,
1187 size_t *peerIDLen)
1188 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
1189
1190 /*
1191 * Obtain the SSLCipherSuite (e.g., SSL_RSA_WITH_DES_CBC_SHA) negotiated
1192 * for this session. Only valid when a session is active.
1193 */
1194 OSStatus
1195 SSLGetNegotiatedCipher (SSLContextRef context,
1196 SSLCipherSuite *cipherSuite)
1197 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
1198
1199 /*
1200 * Set the ALPN protocols to be passed in the ALPN negotiation.
1201 * This is the list of supported application-layer protocols supported.
1202 *
1203 * The protocols parameter must be an array of CFStringRef values
1204 * with ASCII-encoded reprensetations of the supported protocols, e.g., "http/1.1".
1205 *
1206 * See RFC 7301 for more information.
1207 */
1208 OSStatus
1209 SSLSetALPNProtocols (SSLContextRef context,
1210 CFArrayRef protocols)
1211 __OSX_AVAILABLE_STARTING(__MAC_10_13, __IPHONE_11_0);
1212
1213 /*
1214 * Get the ALPN protocols associated with this SSL context.
1215 * This is the list of supported application-layer protocols supported.
1216 *
1217 * The resultant protocols array will contain CFStringRef values containing
1218 * ASCII-encoded representations of the supported protocols, e.g., "http/1.1".
1219 *
1220 * See RFC 7301 for more information.
1221 *
1222 * Note: The `protocols` pointer must be NULL, otherwise the copy will fail.
1223 * This function will allocate memory for the CFArrayRef container
1224 * if there is data to provide. Otherwise, the pointer will remain NULL.
1225 */
1226 OSStatus
1227 SSLCopyALPNProtocols (SSLContextRef context,
1228 CFArrayRef __nullable * __nonnull protocols) /* RETURNED */
1229 __OSX_AVAILABLE_STARTING(__MAC_10_13, __IPHONE_11_0);
1230
1231 /*
1232 * Set the OCSP response for the given SSL session.
1233 *
1234 * The response parameter must be a non-NULL CFDataRef containing the
1235 * bytes of the OCSP response.
1236 */
1237 OSStatus
1238 SSLSetOCSPResponse (SSLContextRef context,
1239 CFDataRef __nonnull response)
1240 __OSX_AVAILABLE_STARTING(__MAC_10_13, __IPHONE_11_0);
1241
1242 /********************************************************
1243 *** Session context configuration, server side only. ***
1244 ********************************************************/
1245
1246 /*
1247 * This function is deprecated in OSX 10.11 and iOS 9.0 and
1248 * has no effect on the TLS handshake since OSX 10.10 and
1249 * iOS 8.0. Using separate RSA certificates for encryption
1250 * and signing is no longer supported.
1251 */
1252 OSStatus
1253 SSLSetEncryptionCertificate (SSLContextRef context,
1254 CFArrayRef certRefs)
1255 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2, __MAC_10_11, __IPHONE_5_0, __IPHONE_9_0);
1256
1257 /*
1258 * Specify requirements for client-side authentication.
1259 * Optional; Default is kNeverAuthenticate.
1260 *
1261 * Can only be called when no session is active.
1262 */
1263 typedef CF_ENUM(int, SSLAuthenticate) {
1264 kNeverAuthenticate, /* skip client authentication */
1265 kAlwaysAuthenticate, /* require it */
1266 kTryAuthenticate /* try to authenticate, but not an error
1267 * if client doesn't have a cert */
1268 };
1269
1270 OSStatus
1271 SSLSetClientSideAuthenticate (SSLContextRef context,
1272 SSLAuthenticate auth)
1273 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
1274
1275 /*
1276 * Add a DER-encoded distinguished name to list of acceptable names
1277 * to be specified in requests for client certificates.
1278 */
1279 OSStatus
1280 SSLAddDistinguishedName (SSLContextRef context,
1281 const void * __nullable derDN,
1282 size_t derDNLen)
1283 __OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_5_0);
1284
1285
1286 #if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE))
1287 /*
1288 * Add a SecCertificateRef, or a CFArray of them, to a server's list
1289 * of acceptable Certificate Authorities (CAs) to present to the client
1290 * when client authentication is performed.
1291 *
1292 * If replaceExisting is true, the specified certificate(s) will replace
1293 * a possible existing list of acceptable CAs. If replaceExisting is
1294 * false, the specified certificate(s) will be appended to the existing
1295 * list of acceptable CAs, if any.
1296 *
1297 * Returns errSecParam if this is called on a SSLContextRef which
1298 * is configured as a client, or when a session is active.
1299 *
1300 * NOTE: this function is currently not available on iOS.
1301 */
1302 OSStatus
1303 SSLSetCertificateAuthorities(SSLContextRef context,
1304 CFTypeRef certificateOrArray,
1305 Boolean replaceExisting)
1306 __OSX_AVAILABLE_STARTING(__MAC_10_5, __IPHONE_NA);
1307
1308 /*
1309 * Obtain the certificates specified in SSLSetCertificateAuthorities(),
1310 * if any. Returns a NULL array if SSLSetCertificateAuthorities() has not
1311 * been called.
1312 * Caller must CFRelease the returned array.
1313 *
1314 * NOTE: this function is currently not available on iOS.
1315 */
1316 OSStatus
1317 SSLCopyCertificateAuthorities(SSLContextRef context,
1318 CFArrayRef * __nonnull CF_RETURNS_RETAINED certificates) /* RETURNED */
1319 __OSX_AVAILABLE_STARTING(__MAC_10_5, __IPHONE_NA);
1320
1321 #endif /* MAC OS X */
1322
1323 /*
1324 * Obtain the list of acceptable distinguished names as provided by
1325 * a server (if the SSLContextRef is configured as a client), or as
1326 * specified by SSLSetCertificateAuthorities (if the SSLContextRef
1327 * is configured as a server).
1328 * The returned array contains CFDataRefs, each of which represents
1329 * one DER-encoded RDN.
1330 *
1331 * Caller must CFRelease the returned array.
1332 */
1333 OSStatus
1334 SSLCopyDistinguishedNames (SSLContextRef context,
1335 CFArrayRef * __nonnull CF_RETURNS_RETAINED names)
1336 __OSX_AVAILABLE_STARTING(__MAC_10_5, __IPHONE_5_0);
1337
1338 /*
1339 * Obtain client certificate exchange status. Can be called
1340 * any time. Reflects the *last* client certificate state change;
1341 * subsequent to a renegotiation attempt by either peer, the state
1342 * is reset to kSSLClientCertNone.
1343 */
1344 OSStatus
1345 SSLGetClientCertificateState (SSLContextRef context,
1346 SSLClientCertificateState *clientState)
1347 __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_5_0);
1348
1349
1350 #if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE))
1351 /*
1352 * Specify Diffie-Hellman parameters. Optional; if we are configured to allow
1353 * for D-H ciphers and a D-H cipher is negotiated, and this function has not
1354 * been called, a set of process-wide parameters will be calculated. However
1355 * that can take a long time (30 seconds).
1356 *
1357 * NOTE: this function is currently not available on iOS.
1358 */
1359 OSStatus SSLSetDiffieHellmanParams (SSLContextRef context,
1360 const void * __nullable dhParams,
1361 size_t dhParamsLen)
1362 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_NA);
1363
1364 /*
1365 * Return parameter block specified in SSLSetDiffieHellmanParams.
1366 * Returned data is not copied and belongs to the SSLContextRef.
1367 *
1368 * NOTE: this function is currently not available on iOS.
1369 */
1370 OSStatus SSLGetDiffieHellmanParams (SSLContextRef context,
1371 const void * __nullable * __nonnull dhParams,
1372 size_t *dhParamsLen)
1373 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_NA);
1374
1375 /*
1376 * Enable/Disable RSA blinding. This feature thwarts a known timing
1377 * attack to which RSA keys are vulnerable; enabling it is a tradeoff
1378 * between performance and security. The default for RSA blinding is
1379 * enabled.
1380 *
1381 * ==========================
1382 * MAC OS X ONLY (DEPRECATED)
1383 * ==========================
1384 * NOTE: this function is not available on iOS, and should be considered
1385 * deprecated on Mac OS X. RSA blinding is enabled unconditionally, as
1386 * it prevents a known way for an attacker to recover the private key,
1387 * and the performance gain of disabling it is negligible.
1388 */
1389 OSStatus SSLSetRsaBlinding (SSLContextRef context,
1390 Boolean blinding)
1391 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
1392
1393 OSStatus SSLGetRsaBlinding (SSLContextRef context,
1394 Boolean *blinding)
1395 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2,__MAC_10_9,__IPHONE_NA,__IPHONE_NA);
1396
1397 #endif /* MAC OS X */
1398
1399 /*******************************
1400 ******** I/O Functions ********
1401 *******************************/
1402
1403 /*
1404 * Note: depending on the configuration of the underlying I/O
1405 * connection, all SSL I/O functions can return errSSLWouldBlock,
1406 * indicating "not complete, nothing is wrong, except required
1407 * I/O hasn't completed". Caller may need to repeat I/Os as necessary
1408 * if the underlying connection has been configured to behave in
1409 * a non-blocking manner.
1410 */
1411
1412 /*
1413 * Perform the SSL handshake. On successful return, session is
1414 * ready for normal secure application I/O via SSLWrite and SSLRead.
1415 *
1416 * Interesting error returns:
1417 *
1418 * errSSLUnknownRootCert: Peer had a valid cert chain, but the root of
1419 * the chain is unknown.
1420 *
1421 * errSSLNoRootCert: Peer had a cert chain which did not end in a root.
1422 *
1423 * errSSLCertExpired: Peer's cert chain had one or more expired certs.
1424 *
1425 * errSSLXCertChainInvalid: Peer had an invalid cert chain (i.e.,
1426 * signature verification within the chain failed, or no certs
1427 * were found).
1428 *
1429 * In all of the above errors, the handshake was aborted; the peer's
1430 * cert chain is available via SSLCopyPeerTrust or SSLCopyPeerCertificates.
1431 *
1432 * Other interesting result codes:
1433 *
1434 * errSSLPeerAuthCompleted: Peer's cert chain is valid, or was ignored if
1435 * cert verification was disabled via SSLSetEnableCertVerify. The application
1436 * may decide to continue with the handshake (by calling SSLHandshake
1437 * again), or close the connection at this point.
1438 *
1439 * errSSLClientCertRequested: The server has requested a client certificate.
1440 * The client may choose to examine the server's certificate and
1441 * distinguished name list, then optionally call SSLSetCertificate prior
1442 * to resuming the handshake by calling SSLHandshake again.
1443 *
1444 * A return value of errSSLWouldBlock indicates that SSLHandshake has to be
1445 * called again (and again and again until something else is returned).
1446 */
1447 OSStatus
1448 SSLHandshake (SSLContextRef context)
1449 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
1450
1451 /*
1452 * Server Only: Request renegotation.
1453 * This will return an error if the server is already renegotiating, or if the session is closed.
1454 * After this return without error, the application should call SSLHandshake() and/or SSLRead() as
1455 * for the original handshake.
1456 */
1457 OSStatus
1458 SSLReHandshake (SSLContextRef context)
1459 __OSX_AVAILABLE_STARTING(__MAC_10_12, __IPHONE_10_0);
1460
1461
1462 /*
1463 * Normal application-level read/write. On both of these, a errSSLWouldBlock
1464 * return and a partially completed transfer - or even zero bytes transferred -
1465 * are NOT mutually exclusive.
1466 */
1467 OSStatus
1468 SSLWrite (SSLContextRef context,
1469 const void * __nullable data,
1470 size_t dataLength,
1471 size_t *processed) /* RETURNED */
1472 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
1473
1474 /*
1475 * data is mallocd by caller; available size specified in
1476 * dataLength; actual number of bytes read returned in
1477 * *processed.
1478 */
1479 OSStatus
1480 SSLRead (SSLContextRef context,
1481 void * data, /* RETURNED */
1482 size_t dataLength,
1483 size_t *processed) /* RETURNED */
1484 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
1485
1486 /*
1487 * Determine how much data the client can be guaranteed to
1488 * obtain via SSLRead() without blocking or causing any low-level
1489 * read operations to occur.
1490 */
1491 OSStatus
1492 SSLGetBufferedReadSize (SSLContextRef context,
1493 size_t *bufSize) /* RETURNED */
1494 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
1495
1496 /*
1497 * Determine how much data the application can be guaranteed to write
1498 * with SSLWrite() without causing fragmentation. The value is based on
1499 * the maximum Datagram Record size defined by the application with
1500 * SSLSetMaxDatagramRecordSize(), minus the DTLS Record header size.
1501 */
1502 OSStatus
1503 SSLGetDatagramWriteSize (SSLContextRef dtlsContext,
1504 size_t *bufSize)
1505 __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
1506
1507 /*
1508 * Terminate current SSL session.
1509 */
1510 OSStatus
1511 SSLClose (SSLContextRef context)
1512 __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_5_0);
1513
1514 /*
1515 * Set the status of a SSLContextRef. This is to be done after handling
1516 * steps of the SSL handshake such as server certificate validation.
1517 */
1518 OSStatus
1519 SSLSetError (SSLContextRef context,
1520 OSStatus status)
1521 __OSX_AVAILABLE_STARTING(__MAC_10_13, __IPHONE_11_0);
1522
1523 CF_IMPLICIT_BRIDGING_DISABLED
1524 CF_ASSUME_NONNULL_END
1525
1526 #ifdef __cplusplus
1527 }
1528 #endif
1529
1530 #endif /* !_SECURITY_SECURETRANSPORT_H_ */
mirror of Security