GitHub/TrustKit
1
0
Fork 0
mirror of https://github.com/datatheorem/TrustKit.git synced 2026-05-17 12:50:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
224aeaff5f244500d36edee4f3da93ca7b61a2de
TrustKit/docs/documentation/Constants.html
T
Alban Diquet 224aeaff5f Commit generated documentation
2017-01-11 18:07:01 -08:00

998 lines
58 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<title>Constants Reference</title>
<link rel="stylesheet" type="text/css" href="css/jazzy.css" />
<link rel="stylesheet" type="text/css" href="css/highlight.css" />
<meta charset='utf-8'>
<script src="js/jquery.min.js" defer></script>
<script src="js/jazzy.js" defer></script>
</head>
<body>
<a title="Constants Reference"></a>
<header>
<div class="content-wrapper">
<p><a href="index.html">TrustKit Docs</a></p>
<p class="header-right"><a href="https://github.com/datatheorem/TrustKit"><img src="img/gh.png"/>View on GitHub</a></p>
</div>
</header>
<div class="content-wrapper">
<p id="breadcrumbs">
<a href="index.html">TrustKit Reference</a>
<img id="carat" src="img/carat.png" />
Constants Reference
</p>
</div>
<div class="content-wrapper">
<nav class="sidebar">
<ul class="nav-groups">
<li class="nav-group-name">
<a href="Classes.html">Classes</a>
<ul class="nav-group-tasks">
<li class="nav-group-task">
<a href="Classes/TSKPinningValidator.html">TSKPinningValidator</a>
</li>
<li class="nav-group-task">
<a href="Classes/TrustKit.html">TrustKit</a>
</li>
</ul>
</li>
<li class="nav-group-name">
<a href="Constants.html">Constants</a>
<ul class="nav-group-tasks">
<li class="nav-group-task">
<a href="Constants.html#/c:@TrustKitVersion">TrustKitVersion</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKAlgorithmEcDsaSecp256r1">kTSKAlgorithmEcDsaSecp256r1</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKAlgorithmRsa2048">kTSKAlgorithmRsa2048</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKAlgorithmRsa4096">kTSKAlgorithmRsa4096</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKDisableDefaultReportUri">kTSKDisableDefaultReportUri</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKEnforcePinning">kTSKEnforcePinning</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKIgnorePinningForUserDefinedTrustAnchors">kTSKIgnorePinningForUserDefinedTrustAnchors</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKIncludeSubdomains">kTSKIncludeSubdomains</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKPinnedDomains">kTSKPinnedDomains</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKPublicKeyAlgorithms">kTSKPublicKeyAlgorithms</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKPublicKeyHashes">kTSKPublicKeyHashes</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKReportUris">kTSKReportUris</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKSwizzleNetworkDelegates">kTSKSwizzleNetworkDelegates</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKValidationCertificateChainNotificationKey">kTSKValidationCertificateChainNotificationKey</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKValidationCompletedNotification">kTSKValidationCompletedNotification</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKValidationDecisionNotificationKey">kTSKValidationDecisionNotificationKey</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKValidationDurationNotificationKey">kTSKValidationDurationNotificationKey</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKValidationNotedHostnameNotificationKey">kTSKValidationNotedHostnameNotificationKey</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKValidationResultNotificationKey">kTSKValidationResultNotificationKey</a>
</li>
<li class="nav-group-task">
<a href="Constants.html#/c:@kTSKValidationServerHostnameNotificationKey">kTSKValidationServerHostnameNotificationKey</a>
</li>
</ul>
</li>
<li class="nav-group-name">
<a href="Enums.html">Enums</a>
<ul class="nav-group-tasks">
<li class="nav-group-task">
<a href="Enums/TSKTrustDecision.html">TSKTrustDecision</a>
</li>
</ul>
</li>
<li class="nav-group-name">
<a href="Type Definitions.html">Type Definitions</a>
<ul class="nav-group-tasks">
<li class="nav-group-task">
<a href="Type Definitions.html#/c:TrustKit.h@T@TSKDomainConfigurationKey">TSKDomainConfigurationKey</a>
</li>
<li class="nav-group-task">
<a href="Type Definitions.html#/c:TrustKit.h@T@TSKGlobalConfigurationKey">TSKGlobalConfigurationKey</a>
</li>
<li class="nav-group-task">
<a href="Type Definitions.html#/c:TrustKit.h@T@TSKNotificationUserInfoKey">TSKNotificationUserInfoKey</a>
</li>
<li class="nav-group-task">
<a href="Type Definitions.html#/c:TrustKit.h@T@TSKSupportedAlgorithm">TSKSupportedAlgorithm</a>
</li>
</ul>
</li>
</ul>
</nav>
<article class="main-content">
<section>
<section class="section">
<h1>Constants</h1>
<p>The following constants are available globally.</p>
</section>
<section class="section task-group-section">
<div class="task-group">
<div class="task-name-container">
<a name="/TrustKit%20Version%20Number"></a>
<a name="//apple_ref/objc/Section/TrustKit Version Number" class="dashAnchor"></a>
<a href="#/TrustKit%20Version%20Number">
<h3 class="section-name">TrustKit Version Number</h3>
</a>
</div>
<ul>
<li class="item">
<div>
<code>
<a name="/c:@TrustKitVersion"></a>
<a name="//apple_ref/objc/Constant/TrustKitVersion" class="dashAnchor"></a>
<a class="token" href="#/c:@TrustKitVersion">TrustKitVersion</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>The version of TrustKit, such as <q>1.4.0</q>.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="n">NSString</span> <span class="o">*</span><span class="k">const</span> <span class="n">_Nonnull</span> <span class="n">TrustKitVersion</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">TrustKitVersion</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L23">Show on GitHub</a>
</div>
</section>
</div>
</li>
</ul>
</div>
<div class="task-group">
<div class="task-name-container">
<a name="/Global%20Configuration%20Keys%20-%20Required"></a>
<a name="//apple_ref/objc/Section/Global Configuration Keys - Required" class="dashAnchor"></a>
<a href="#/Global%20Configuration%20Keys%20-%20Required">
<h3 class="section-name">Global Configuration Keys - Required</h3>
</a>
</div>
<ul>
<li class="item">
<div>
<code>
<a name="/c:@kTSKSwizzleNetworkDelegates"></a>
<a name="//apple_ref/objc/Constant/kTSKSwizzleNetworkDelegates" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKSwizzleNetworkDelegates">kTSKSwizzleNetworkDelegates</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>A boolean. If set to <code>YES</code>, TrustKit will perform method swizzling on the App&rsquo;s <code>NSURLConnection</code> and <code>NSURLSession</code> delegates in order to automatically add SSL pinning validation to the App&rsquo;s connections.</p>
<p>Swizzling allows enabling pinning within an App without having to find and modify each and every instance of <code>NSURLConnection</code> or <code>NSURLSession</code> delegates.
However, it should only be enabled for simple Apps, as it may not work properly in several scenarios including:</p>
<ul>
<li>Apps with complex connection delegates, for example to handle client authentication via certificates or basic authentication.</li>
<li>Apps where method swizzling of the connection delegates is already performed by another module or library (such as Analytics SDKs).</li>
<li>Apps that do no use <code>NSURLSession</code> or <code>NSURLConnection</code> for their connections.</li>
</ul>
<p>In such scenarios or if the developer wants a tigher control on the App&rsquo;s networking behavior, <code>kTSKSwizzleNetworkDelegates</code> should be set to <code>NO</code>; the developer should then manually add pinning validation to the App&rsquo;s authentication handlers.</p>
<p>See the <code><a href="Classes/TSKPinningValidator.html">TSKPinningValidator</a></code> class for instructions on how to do so.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKGlobalConfigurationKey">TSKGlobalConfigurationKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKSwizzleNetworkDelegates</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKSwizzleNetworkDelegates</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L58">Show on GitHub</a>
</div>
</section>
</div>
</li>
<li class="item">
<div>
<code>
<a name="/c:@kTSKPinnedDomains"></a>
<a name="//apple_ref/objc/Constant/kTSKPinnedDomains" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKPinnedDomains">kTSKPinnedDomains</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>A dictionary with domains (such as <em><a href="http://www.domain.com">www.domain.com</a></em>) as keys and dictionaries as values.</p>
<p>Each entry should contain domain-specific settings for performing pinning validation when connecting to the domain, including for example the domain&rsquo;s public key hashes. A list of all domain-specific keys is available in the <q>Domain-specific Keys</q> sections.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKGlobalConfigurationKey">TSKGlobalConfigurationKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKPinnedDomains</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKPinnedDomains</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L66">Show on GitHub</a>
</div>
</section>
</div>
</li>
</ul>
</div>
<div class="task-group">
<div class="task-name-container">
<a name="/Global%20Configuration%20Keys%20-%20Optional"></a>
<a name="//apple_ref/objc/Section/Global Configuration Keys - Optional" class="dashAnchor"></a>
<a href="#/Global%20Configuration%20Keys%20-%20Optional">
<h3 class="section-name">Global Configuration Keys - Optional</h3>
</a>
</div>
<ul>
<li class="item">
<div>
<code>
<a name="/c:@kTSKIgnorePinningForUserDefinedTrustAnchors"></a>
<a name="//apple_ref/objc/Constant/kTSKIgnorePinningForUserDefinedTrustAnchors" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKIgnorePinningForUserDefinedTrustAnchors">kTSKIgnorePinningForUserDefinedTrustAnchors</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>A boolean. If set to <code>YES</code>, pinning validation will be skipped if the server&rsquo;s certificate chain terminates at a user-defined trust anchor (such as a root CA that isn&rsquo;t part of OS X&rsquo;s default trust store) and no pin failure reports will be sent; default value is <code>YES</code>.</p>
<p>This is useful for allowing SSL connections through corporate proxies or firewalls. See <q>How does key pinning interact with local proxies and filters?</q> within the Chromium security FAQ at <a href="https://www.chromium.org/Home/chromium-security/security-faq">https://www.chromium.org/Home/chromium-security/security-faq</a> for more information.</p>
<p>Only available on macOS.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKGlobalConfigurationKey">TSKGlobalConfigurationKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKIgnorePinningForUserDefinedTrustAnchors</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKIgnorePinningForUserDefinedTrustAnchors</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L80">Show on GitHub</a>
</div>
</section>
</div>
</li>
</ul>
</div>
<div class="task-group">
<div class="task-name-container">
<a name="/Domain-Specific%20Configuration%20Keys%20-%20Required"></a>
<a name="//apple_ref/objc/Section/Domain-Specific Configuration Keys - Required" class="dashAnchor"></a>
<a href="#/Domain-Specific%20Configuration%20Keys%20-%20Required">
<h3 class="section-name">Domain-Specific Configuration Keys - Required</h3>
</a>
</div>
<ul>
<li class="item">
<div>
<code>
<a name="/c:@kTSKPublicKeyHashes"></a>
<a name="//apple_ref/objc/Constant/kTSKPublicKeyHashes" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKPublicKeyHashes">kTSKPublicKeyHashes</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>An array of SSL pins, where each pin is the base64-encoded SHA-256 hash of a certificate&rsquo;s Subject Public Key Info.</p>
<p>TrustKit will verify that at least one of the specified pins is found in the server&rsquo;s evaluated certificate chain.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKDomainConfigurationKey">TSKDomainConfigurationKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKPublicKeyHashes</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKPublicKeyHashes</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L90">Show on GitHub</a>
</div>
</section>
</div>
</li>
<li class="item">
<div>
<code>
<a name="/c:@kTSKPublicKeyAlgorithms"></a>
<a name="//apple_ref/objc/Constant/kTSKPublicKeyAlgorithms" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKPublicKeyAlgorithms">kTSKPublicKeyAlgorithms</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>An array of <code><a href="Type Definitions.html#/c:TrustKit.h@T@TSKSupportedAlgorithm">TSKSupportedAlgorithm</a></code> constants to specify the public key algorithms for the keys to be pinned.</p>
<p>TrustKit requires this information in order to compute SSL pins when validating a server&rsquo;s certificate chain, because the <code>Security</code> framework does not provide APIs to extract the key&rsquo;s algorithm from an SSL certificate. To minimize the performance impact of Trustkit, only one algorithm should be enabled.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKDomainConfigurationKey">TSKDomainConfigurationKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKPublicKeyAlgorithms</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKPublicKeyAlgorithms</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L98">Show on GitHub</a>
</div>
</section>
</div>
</li>
</ul>
</div>
<div class="task-group">
<div class="task-name-container">
<a name="/Domain-Specific%20Configuration%20Keys%20-%20Optional"></a>
<a name="//apple_ref/objc/Section/Domain-Specific Configuration Keys - Optional" class="dashAnchor"></a>
<a href="#/Domain-Specific%20Configuration%20Keys%20-%20Optional">
<h3 class="section-name">Domain-Specific Configuration Keys - Optional</h3>
</a>
</div>
<ul>
<li class="item">
<div>
<code>
<a name="/c:@kTSKEnforcePinning"></a>
<a name="//apple_ref/objc/Constant/kTSKEnforcePinning" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKEnforcePinning">kTSKEnforcePinning</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>A boolean. If set to <code>NO</code>, TrustKit will not block SSL connections that caused a pin or certificate validation error; default value is <code>YES</code>.</p>
<p>When a pinning failure occurs, pin failure reports will always be sent to the configured report URIs regardless of the value of <code>kTSKEnforcePinning</code>.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKDomainConfigurationKey">TSKDomainConfigurationKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKEnforcePinning</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKEnforcePinning</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L108">Show on GitHub</a>
</div>
</section>
</div>
</li>
<li class="item">
<div>
<code>
<a name="/c:@kTSKIncludeSubdomains"></a>
<a name="//apple_ref/objc/Constant/kTSKIncludeSubdomains" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKIncludeSubdomains">kTSKIncludeSubdomains</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>A boolean. If set to <code>YES</code>, also pin all the subdomains of the specified domain; default value is <code>NO</code>.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKDomainConfigurationKey">TSKDomainConfigurationKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKIncludeSubdomains</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKIncludeSubdomains</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L114">Show on GitHub</a>
</div>
</section>
</div>
</li>
<li class="item">
<div>
<code>
<a name="/c:@kTSKReportUris"></a>
<a name="//apple_ref/objc/Constant/kTSKReportUris" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKReportUris">kTSKReportUris</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>An array of URLs to which pin validation failures should be reported.</p>
<p>To minimize the performance impact of sending reports on each validation failure, the reports are uploaded using the background transfer service and are also rate-limited to one per day and per type of failure. For HTTPS report URLs, the HTTPS connections will ignore the SSL pinning policy and use the default certificate validation mechanisms, in order to maximize the chance of the reports reaching the server. The format of the reports is similar to the one described in RFC 7469 for the HPKP specification:</p>
<p>{
<q>app-bundle-id</q>:<q>com.example.ABC</q>,
<q>app-version</q>:<q>1.0</q>,
<q>app-vendor-id</q>:<q>599F9C00-92DC-4B5C-9464-7971F01F8370</q>,
<q>date-time</q>: <q>2015-07-10T20:03:14Z</q>,
<q>hostname</q>: <q>mail.example.com</q>,
<q>port</q>: 0,
<q>include-subdomains</q>: true,
<q>noted-hostname</q>: <q>example.com</q>,
<q>validated-certificate-chain</q>: [
pem1, &hellip; pemN
],
<q>known-pins</q>: [
<q>pin-sha256=\</q>d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=\<q>,
&ldquo;pin-sha256=&ldquo;E9CZ9INDbd+2eRQozYqqbQ2yXLVKB9+xcprMF+44U1g=\</q>
],
<q>validation-result</q>:1
}</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKDomainConfigurationKey">TSKDomainConfigurationKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKReportUris</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKReportUris</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L141">Show on GitHub</a>
</div>
</section>
</div>
</li>
<li class="item">
<div>
<code>
<a name="/c:@kTSKDisableDefaultReportUri"></a>
<a name="//apple_ref/objc/Constant/kTSKDisableDefaultReportUri" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKDisableDefaultReportUri">kTSKDisableDefaultReportUri</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>A boolean. If set to <code>YES</code>, the default report URL for sending pin failure reports will be disabled; default value is <code>NO</code>.</p>
<p>By default, pin failure reports are sent to a report server hosted by Data Theorem, for detecting potential CA compromises and man-in-the-middle attacks, as well as providing a free dashboard for developers; email <a href="mailto:info@datatheorem.com">info@datatheorem.com</a> if you&rsquo;d like a dashboard for your App. Only pin failure reports are sent, which contain the App&rsquo;s bundle ID, the IDFV, and the server&rsquo;s hostname and certificate chain that failed validation.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKDomainConfigurationKey">TSKDomainConfigurationKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKDisableDefaultReportUri</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKDisableDefaultReportUri</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L149">Show on GitHub</a>
</div>
</section>
</div>
</li>
</ul>
</div>
<div class="task-group">
<div class="task-name-container">
<a name="/Supported%20Public%20Key%20Algorithm%20Keys"></a>
<a name="//apple_ref/objc/Section/Supported Public Key Algorithm Keys" class="dashAnchor"></a>
<a href="#/Supported%20Public%20Key%20Algorithm%20Keys">
<h3 class="section-name">Supported Public Key Algorithm Keys</h3>
</a>
</div>
<ul>
<li class="item">
<div>
<code>
<a name="/c:@kTSKAlgorithmRsa2048"></a>
<a name="//apple_ref/objc/Constant/kTSKAlgorithmRsa2048" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKAlgorithmRsa2048">kTSKAlgorithmRsa2048</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>RSA 2048.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKSupportedAlgorithm">TSKSupportedAlgorithm</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKAlgorithmRsa2048</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKAlgorithmRsa2048</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L170">Show on GitHub</a>
</div>
</section>
</div>
</li>
<li class="item">
<div>
<code>
<a name="/c:@kTSKAlgorithmRsa4096"></a>
<a name="//apple_ref/objc/Constant/kTSKAlgorithmRsa4096" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKAlgorithmRsa4096">kTSKAlgorithmRsa4096</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>RSA 4096.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKSupportedAlgorithm">TSKSupportedAlgorithm</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKAlgorithmRsa4096</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKAlgorithmRsa4096</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L176">Show on GitHub</a>
</div>
</section>
</div>
</li>
<li class="item">
<div>
<code>
<a name="/c:@kTSKAlgorithmEcDsaSecp256r1"></a>
<a name="//apple_ref/objc/Constant/kTSKAlgorithmEcDsaSecp256r1" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKAlgorithmEcDsaSecp256r1">kTSKAlgorithmEcDsaSecp256r1</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>ECDSA with secp256r1 curve.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKSupportedAlgorithm">TSKSupportedAlgorithm</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKAlgorithmEcDsaSecp256r1</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKAlgorithmEcDsaSecp256r1</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L182">Show on GitHub</a>
</div>
</section>
</div>
</li>
</ul>
</div>
<div class="task-group">
<div class="task-name-container">
<a name="/Pinning%20Validation%20Notification%20Name"></a>
<a name="//apple_ref/objc/Section/Pinning Validation Notification Name" class="dashAnchor"></a>
<a href="#/Pinning%20Validation%20Notification%20Name">
<h3 class="section-name">Pinning Validation Notification Name</h3>
</a>
</div>
<ul>
<li class="item">
<div>
<code>
<a name="/c:@kTSKValidationCompletedNotification"></a>
<a name="//apple_ref/objc/Constant/kTSKValidationCompletedNotification" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKValidationCompletedNotification">kTSKValidationCompletedNotification</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>The <code>name</code> of the notification to be posted for every request that is going through TrustKit&rsquo;s pinning validation mechanism.</p>
<p>Once TrustKit has been initialized, notifications will be posted with this <code>name</code> every time TrustKit validates the certificate chain for a server configured in the SSL pinning policy; if the server&rsquo;s hostname does not have an entry in the pinning policy, no notifications get posted as no pinning validation was performed.</p>
<p>These notifications can be used for performance measurement or to act upon any pinning validation performed by TrustKit (for example to customize the reporting mechanism). The notifications provide details about TrustKit&rsquo;s inner-workings which most Apps should not need to process. Hence, these notifications can be ignored unless the App requires some advanced customization in regards to pinning validation.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n">NSString</span> <span class="o">*</span><span class="n">_Nonnull</span> <span class="n">kTSKValidationCompletedNotification</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="kd">static</span> <span class="k">let</span> <span class="nv">tskValidationCompleted</span><span class="p">:</span> <span class="kt">NSNotification</span><span class="o">.</span><span class="kt">Name</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L195">Show on GitHub</a>
</div>
</section>
</div>
</li>
</ul>
</div>
<div class="task-group">
<div class="task-name-container">
<a name="/Pinning%20Validation%20Notification%20UserInfo%20Keys"></a>
<a name="//apple_ref/objc/Section/Pinning Validation Notification UserInfo Keys" class="dashAnchor"></a>
<a href="#/Pinning%20Validation%20Notification%20UserInfo%20Keys">
<h3 class="section-name">Pinning Validation Notification UserInfo Keys</h3>
</a>
</div>
<ul>
<li class="item">
<div>
<code>
<a name="/c:@kTSKValidationDurationNotificationKey"></a>
<a name="//apple_ref/objc/Constant/kTSKValidationDurationNotificationKey" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKValidationDurationNotificationKey">kTSKValidationDurationNotificationKey</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>The time in seconds it took for the SSL pinning validation to be performed.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKNotificationUserInfoKey">TSKNotificationUserInfoKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKValidationDurationNotificationKey</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKValidationDurationNotificationKey</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L209">Show on GitHub</a>
</div>
</section>
</div>
</li>
<li class="item">
<div>
<code>
<a name="/c:@kTSKValidationResultNotificationKey"></a>
<a name="//apple_ref/objc/Constant/kTSKValidationResultNotificationKey" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKValidationResultNotificationKey">kTSKValidationResultNotificationKey</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>The <code>TSKPinningValidationResult</code> returned when validating the server&rsquo;s certificate chain, which represents the result of evaluating the certificate chain against the configured SSL pins for this server.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKNotificationUserInfoKey">TSKNotificationUserInfoKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKValidationResultNotificationKey</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKValidationResultNotificationKey</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L215">Show on GitHub</a>
</div>
</section>
</div>
</li>
<li class="item">
<div>
<code>
<a name="/c:@kTSKValidationDecisionNotificationKey"></a>
<a name="//apple_ref/objc/Constant/kTSKValidationDecisionNotificationKey" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKValidationDecisionNotificationKey">kTSKValidationDecisionNotificationKey</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>The <code><a href="Enums/TSKTrustDecision.html">TSKTrustDecision</a></code> returned when validating the certificate&rsquo;s chain, which describes whether the connection should be blocked or allowed, based on the <code>TSKPinningValidationResult</code> returned when evaluating the server&rsquo;s certificate chain and the SSL pining policy configured for this server.</p>
<p>For example, the pinning validation could have failed (returning <code>TSKPinningValidationFailed</code>) but the policy might be set to ignore pinning validation failures for this server, thereby returning <code>TSKTrustDecisionShouldAllowConnection</code>.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKNotificationUserInfoKey">TSKNotificationUserInfoKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKValidationDecisionNotificationKey</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKValidationDecisionNotificationKey</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L222">Show on GitHub</a>
</div>
</section>
</div>
</li>
<li class="item">
<div>
<code>
<a name="/c:@kTSKValidationCertificateChainNotificationKey"></a>
<a name="//apple_ref/objc/Constant/kTSKValidationCertificateChainNotificationKey" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKValidationCertificateChainNotificationKey">kTSKValidationCertificateChainNotificationKey</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>The certificate chain returned by the server as an array of PEM-formatted certificates.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKNotificationUserInfoKey">TSKNotificationUserInfoKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKValidationCertificateChainNotificationKey</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKValidationCertificateChainNotificationKey</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L227">Show on GitHub</a>
</div>
</section>
</div>
</li>
<li class="item">
<div>
<code>
<a name="/c:@kTSKValidationNotedHostnameNotificationKey"></a>
<a name="//apple_ref/objc/Constant/kTSKValidationNotedHostnameNotificationKey" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKValidationNotedHostnameNotificationKey">kTSKValidationNotedHostnameNotificationKey</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>The entry within the SSL pinning configuration that was used as the pinning policy for the server being validated. It will be the same as the <code><a href="Constants.html#/c:@kTSKValidationServerHostnameNotificationKey">kTSKValidationServerHostnameNotificationKey</a></code> entry unless the server is a subdomain of a domain configured in the pinning policy with <code><a href="Constants.html#/c:@kTSKIncludeSubdomains">kTSKIncludeSubdomains</a></code> enabled. The corresponding pinning configuration that was used for validation can be retrieved using:</p>
<pre class="highlight plaintext"><code>NSString *notedHostname = userInfo[kTSKValidationNotedHostnameNotificationKey];
NSDictionary *hostnameConfiguration = [TrustKit configuration][kTSKPinnedDomains][notedHostname];
</code></pre>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKNotificationUserInfoKey">TSKNotificationUserInfoKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKValidationNotedHostnameNotificationKey</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKValidationNotedHostnameNotificationKey</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L235">Show on GitHub</a>
</div>
</section>
</div>
</li>
<li class="item">
<div>
<code>
<a name="/c:@kTSKValidationServerHostnameNotificationKey"></a>
<a name="//apple_ref/objc/Constant/kTSKValidationServerHostnameNotificationKey" class="dashAnchor"></a>
<a class="token" href="#/c:@kTSKValidationServerHostnameNotificationKey">kTSKValidationServerHostnameNotificationKey</a>
</code>
</div>
<div class="height-container">
<div class="pointer-container"></div>
<section class="section">
<div class="pointer"></div>
<div class="abstract">
<p>The hostname of the server SSL pinning validation was performed against.</p>
</div>
<div class="declaration">
<h4>Declaration</h4>
<div class="language">
<p class="aside-title">Objective-C</p>
<pre class="highlight"><code><span class="k">extern</span> <span class="k">const</span> <span class="n"><a href="Type Definitions.html#/c:TrustKit.h@T@TSKNotificationUserInfoKey">TSKNotificationUserInfoKey</a></span> <span class="n">_Nonnull</span> <span class="n">kTSKValidationServerHostnameNotificationKey</span></code></pre>
</div>
<div class="language">
<p class="aside-title">Swift</p>
<pre class="highlight"><code><span class="k">let</span> <span class="nv">kTSKValidationServerHostnameNotificationKey</span><span class="p">:</span> <span class="kt">String</span></code></pre>
</div>
</div>
<div class="slightly-smaller">
<a href="https://github.com/datatheorem/TrustKit/tree/1.4.0/TrustKit/TrustKit.h#L240">Show on GitHub</a>
</div>
</section>
</div>
</li>
</ul>
</div>
</section>
</section>
<section id="footer">
<p>&copy; 2017 <a class="link" href="https://datatheorem.github.io" target="_blank" rel="external">Data Theorem</a>. All rights reserved. (Last updated: 2017-01-11)</p>
<p>Generated by <a class="link" href="https://github.com/realm/jazzy" target="_blank" rel="external">jazzy ♪♫ v0.7.3</a>, a <a class="link" href="http://realm.io" target="_blank" rel="external">Realm</a> project.</p>
</section>
</article>
</div>
</body>
</div>
</html>
Reference in New Issue View Git Blame Copy Permalink