NIOSSL

A representation of BoringSSL’s internal error stack: a list of BoringSSL errors.

PSK Identity Callback Manager

A custom verification callback that allows completely overriding the certificate verification logic of BoringSSL.

A callback that can be used to implement SSLKEYLOGFILE support.

An NIOSSLPassphraseCallback is a callback that will be invoked by NIOSSL when it needs to get access to a private key that is stored in encrypted form.

An NIOSSLPassphraseSetter is a closure that you must invoke to provide a passphrase to BoringSSL. It will be provided to you when your NIOSSLPassphraseCallback is invoked.

A custom verification callback.

A secure default configuration of cipher suites for TLS 1.2 and earlier.

An enum that wraps individual BoringSSL errors directly.

Certificate verification modes.

Support for TLS renegotiation.

Places NIOSSL can obtain additional trust roots from.

Places NIOSSL can obtain certificates from.

Errors that can be raised by NIO’s BoringSSL wrapper.

Places NIOSSL can obtain private keys from.

Formats NIOSSL supports for serializing keys and certificates.

Places NIOSSL can obtain a trust store from.

The result of an attempt to verify an X.509 certificate.

Represents errors that may occur while attempting to unwrap TLS from a connection.

Known and supported TLS versions.

Wraps a single error from BoringSSL.

A TLS provider to bootstrap TLS-enabled connections with NIOClientTCPBootstrap.

Closing the TLS channel cleanly timed out, so it was closed uncleanly.

This structure contains errors added to NIOSSL after the original NIOSSLError enum was shipped. This is an extensible error object that allows us to evolve it going forward.

Object Identifier (OID)

A container of a single PKCS#12 bundle.

Available ciphers to use for TLS instead of a string based representation.

PSK Client Identity response type used in the callback.

PSK Server Identity response type used in the callback.

Signature algorithms. The values are defined as in TLS 1.3

Manages configuration of TLS for SwiftNIO programs.

A reference to a BoringSSL Certificate object (X509 *).

A channel handler that wraps a channel in TLS using NIOSSL. This handler can be used in channels that are acting as the client in the TLS dialog. For server connections, use the NIOSSLServerHandler.

A wrapper class that encapsulates BoringSSL’s SSL_CTX * object.

The base class for all NIOSSL handlers. This class cannot actually be instantiated by users directly: instead, users must select which mode they would like their handler to operate in, client or server.

A reference to an BoringSSL private key object in the form of an EVP_PKEY *.

An NIOSSLPublicKey is an abstract handle to a public key owned by BoringSSL.

A channel handler that wraps a channel in TLS using NIOSSL. This handler can be used in channels that are acting as the server in the TLS dialog. For client connections, use the NIOSSLClientHandler.

NIOSSLCustomPrivateKey defines the interface of a custom, non-BoringSSL private key.