A protocol that should be implemented by 3rd-party libraries implementing TLS.
More...
#import <ObjFW/OFTLSSocket.h>
A protocol that should be implemented by 3rd-party libraries implementing TLS.
◆ certificateFileForSNIHost:()
Returns the path of the X.509 certificate file used by the TLS socket for the specified SNI host.
- Parameters
-
| SNIHost | The SNI host for which the path of the X.509 certificate file should be returned |
- Returns
- The path of the X.509 certificate file used by the TLS socket for the specified SNI host
◆ initWithSocket:()
Initializes the TLS socket with the specified TCP socket as its underlying socket.
- Parameters
-
| socket | The TCP socket to use as underlying socket |
◆ privateKeyFileForSNIHost:()
Returns the path of the PKCS#8 private key file used by the TLS socket for the specified SNI host.
- Parameters
-
| SNIHost | The SNI host for which the path of the PKCS#8 private key file should be returned |
- Returns
- The path of the PKCS#8 private key file used by the TLS socket for the specified SNI host
◆ privateKeyPassphraseForSNIHost:()
| - (nullable const char *) privateKeyPassphraseForSNIHost: |
|
(OFString *) |
SNIHost |
|
Returns the passphrase to decrypt the PKCS#8 private key file for the specified SNI host.
- Warning
- You should not copy this to insecure memory which is swappable!
- Parameters
-
| SNIHost | The SNI host for which the passphrase to decrypt the PKCS#8 private key file should be returned |
- Returns
- The passphrase to decrypt the PKCS#8 private key file for the specified SNI host
◆ setCertificateFile:forSNIHost:()
| - (void) setCertificateFile: |
|
(OFString *) |
certificateFile |
| forSNIHost: |
|
(OFString *) |
SNIHost |
|
|
| |
Sets the path to the X.509 certificate file to use for the specified SNI host.
- Parameters
-
| SNIHost | The SNI host for which the path of the X.509 certificate file should be set |
| certificateFile | The path to the X.509 certificate file |
◆ setPrivateKeyFile:forSNIHost:()
| - (void) setPrivateKeyFile: |
|
(OFString *) |
privateKeyFile |
| forSNIHost: |
|
(OFString *) |
SNIHost |
|
|
| |
Sets the path to the PKCS#8 private key file to use for the specified SNI host.
- Parameters
-
| privateKeyFile | The path to the PKCS#8 private key file |
| SNIHost | The SNI host for which the path to the PKCS#8 private key file should be set |
◆ setPrivateKeyPassphrase:forSNIHost:()
| - (void) setPrivateKeyPassphrase: |
|
(const char *) |
privateKeyPassphrase |
| forSNIHost: |
|
(OFString *) |
SNIHost |
|
|
| |
Sets the passphrase to decrypt the PKCS#8 private key file for the specified SNI host.
- Warning
- You have to ensure that this is in secure memory protected from swapping! This is also the reason why this is not an OFString.
- Parameters
-
| privateKeyPassphrase | The passphrase to decrypt the PKCS#8 private key file for the specified SNI host |
| SNIHost | The SNI host for which the passphrase to decrypt the PKCS#8 private key file should be set |
◆ startTLSWithExpectedHost:()
| - (void) startTLSWithExpectedHost: |
|
(nullable OFString *) |
host |
|
Initiates the TLS handshake.
- Note
- This is only useful if you used initWithSocket: to start TLS on a TCP socket which is already connected!
- Parameters
-
| host | The host to expect for certificate verification. May be nil if certificate verification is disabled. |
◆ certificateVerificationEnabled
| - (bool) certificateVerificationEnabled |
|
readwritenonatomicassign |
Whether certificate verification is enabled.
The default is enabled.
◆ nonatomic
The delegate for the TLS socket.
The path to the X.509 certificate file to use.
The path to the PKCS#8 private key file to use.
The passphrase to decrypt the PKCS#8 private key file.
- Warning
- You have to ensure that this is in secure memory protected from swapping! This is also the reason why this is not an OFString.
The documentation for this protocol was generated from the following file:
