ContextQMD
Back to Alamofire

ServerTrustEvaluating

docs/Protocols/ServerTrustEvaluating.html

5.12.06.5 KB
Original Source

ServerTrustEvaluating

public protocol ServerTrustEvaluating : Sendable

A protocol describing the API used to evaluate server trusts.

`

                evaluate(_:forHost:)
                `

Evaluates the given SecTrust value for the given host.

Declaration

Swift

func evaluate(_ trust: SecTrust, forHost host: String) throws

Parameters

| trust |

The SecTrust value to evaluate.

| | host |

The host for which to evaluate the SecTrust value.

|

Return Value

A Bool indicating whether the evaluator considers the SecTrust value valid for host.

Available where Self == RevocationTrustEvaluator

`

                revocationChecking
                ` Extension method

Provides a default RevocationTrustEvaluator instance.

Declaration

Swift

public static var revocationChecking: RevocationTrustEvaluator { get }

`

                revocationChecking(performDefaultValidation:validateHost:options:)
                ` Extension method

Creates a RevocationTrustEvaluator using the provided parameters.

Note

Default and host validation will fail when using this evaluator with self-signed certificates. Use PinnedCertificatesTrustEvaluator if you need to use self-signed certificates.

Declaration

Swift

public static func revocationChecking(performDefaultValidation: Bool = true,
                                      validateHost: Bool = true,
                                      options: RevocationTrustEvaluator.Options = .any) -> RevocationTrustEvaluator

Parameters

| performDefaultValidation |

Determines whether default validation should be performed in addition to evaluating the pinned certificates. true by default.

| | validateHost |

Determines whether or not the evaluator should validate the host, in addition to performing the default evaluation, even if performDefaultValidation is false. true by default.

| | options |

The Options to use to check the revocation status of the certificate. .any by default.

|

Return Value

The RevocationTrustEvaluator.

Available where Self == PinnedCertificatesTrustEvaluator

`

                pinnedCertificates
                ` Extension method

Provides a default PinnedCertificatesTrustEvaluator instance.

Declaration

Swift

public static var pinnedCertificates: PinnedCertificatesTrustEvaluator { get }

`

                pinnedCertificates(certificates:acceptSelfSignedCertificates:performDefaultValidation:validateHost:)
                ` Extension method

Creates a PinnedCertificatesTrustEvaluator using the provided parameters.

Declaration

Swift

public static func pinnedCertificates(certificates: [SecCertificate] = Bundle.main.af.certificates,
                                      acceptSelfSignedCertificates: Bool = false,
                                      performDefaultValidation: Bool = true,
                                      validateHost: Bool = true) -> PinnedCertificatesTrustEvaluator

Parameters

| certificates |

The certificates to use to evaluate the trust. All cer, crt, and der certificates in Bundle.main by default.

| | acceptSelfSignedCertificates |

Adds the provided certificates as anchors for the trust evaluation, allowing self-signed certificates to pass. false by default. THIS SETTING SHOULD BE FALSE IN PRODUCTION!

| | performDefaultValidation |

Determines whether default validation should be performed in addition to evaluating the pinned certificates. true by default.

| | validateHost |

Determines whether or not the evaluator should validate the host, in addition to performing the default evaluation, even if performDefaultValidation is false. true by default.

|

Available where Self == PublicKeysTrustEvaluator

`

                publicKeys
                ` Extension method

Provides a default PublicKeysTrustEvaluator instance.

Declaration

Swift

public static var publicKeys: PublicKeysTrustEvaluator { get }

`

                publicKeys(keys:performDefaultValidation:validateHost:)
                ` Extension method

Creates a PublicKeysTrustEvaluator from the provided parameters.

Note

Default and host validation will fail when using this evaluator with self-signed certificates. Use PinnedCertificatesTrustEvaluator if you need to use self-signed certificates.

Declaration

Swift

public static func publicKeys(keys: [SecKey] = Bundle.main.af.publicKeys,
                              performDefaultValidation: Bool = true,
                              validateHost: Bool = true) -> PublicKeysTrustEvaluator

Parameters

| keys |

The SecKeys to use to validate public keys. Defaults to the public keys of all certificates included in the main bundle.

| | performDefaultValidation |

Determines whether default validation should be performed in addition to evaluating the pinned certificates. true by default.

| | validateHost |

Determines whether or not the evaluator should validate the host, in addition to performing the default evaluation, even if performDefaultValidation is false. true by default.

|

Available where Self == CompositeTrustEvaluator

`

                composite(evaluators:)
                ` Extension method

Creates a CompositeTrustEvaluator from the provided evaluators.

Declaration

Swift

public static func composite(evaluators: [any ServerTrustEvaluating]) -> CompositeTrustEvaluator

Parameters

| evaluators |

The ServerTrustEvaluating values used to evaluate the server trust.

|