Skip to content
This repository has been archived by the owner on Oct 17, 2021. It is now read-only.

RevocationTrustEvaluator

mattt edited this page Sep 18, 2020 · 2 revisions

RevocationTrustEvaluator

An evaluator which Uses the default and revoked server trust evaluations allowing you to control whether to validate the host provided by the challenge as well as specify the revocation flags for testing for revoked certificates. Apple platforms did not start testing for revoked certificates automatically until iOS 10.1, macOS 10.12 and tvOS 10.1 which is demonstrated in our TLS tests. Applications are encouraged to always validate the host in production environments to guarantee the validity of the server's certificate chain.

public final class RevocationTrustEvaluator:​ ServerTrustEvaluating

Inheritance

ServerTrustEvaluating

Initializers

init(performDefaultValidation:​validateHost:​options:​)

Creates a RevocationTrustEvaluator.

public init(performDefaultValidation:​ Bool = true, validateHost:​ Bool = true, options:​ Options = .any)

Parameters

  • performDefaultValidation:​ Determines whether default validation should be performed in addition to evaluating the pinned certificates. true by default.
  • validateHost:​ Determines whether or not the evaluator should validate the host, in addition to performing the default evaluation, even if performDefaultValidation is false. true by default.
  • options:​ The Options to use to check the revocation status of the certificate. .any by default.

Methods

evaluate(_:​forHost:​)

public func evaluate(_ trust:​ SecTrust, forHost host:​ String) throws
Types
Protocols
Global Typealiases
Clone this wiki locally