TSKPinningValidatorCallback.h 1.9 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950
  1. /*
  2. TSKPinningValidatorCallback.h
  3. TrustKit
  4. Copyright 2017 The TrustKit Project Authors
  5. Licensed under the MIT license, see associated LICENSE file for terms.
  6. See AUTHORS file for the list of project authors.
  7. */
  8. #ifndef TSKPinningValidatorCallback_h
  9. #define TSKPinningValidatorCallback_h
  10. #import "TSKPinningValidatorResult.h"
  11. #import "TSKTrustKitConfig.h"
  12. /**
  13. The pinning policy set for a specific hostname.
  14. */
  15. typedef NSDictionary<TSKDomainConfigurationKey, id> TKSDomainPinningPolicy;
  16. /**
  17. A block that can be set in a `TrustKit` instance to be invoked for every request that is going through
  18. instance's pinning validation logic.
  19. The callback will be invoked every time the validator performs pinning validation against a server's
  20. certificate chain; if the server's hostname is not defined in the pinning policy, no invocations will
  21. result as no pinning validation was performed.
  22. The callback provides the following arguments:
  23. * The `TSKPinningValidatorResult` resulting from the validation of the server's identity.
  24. * The `notedHostname`, which is the entry within the SSL pinning configuration that was used for the
  25. server being validated.
  26. * The `notedHostname`'s pinning policy, which was used for the server being validated.
  27. The callback can be used for advanced features such as performance measurement or customizing the
  28. reporting mechanism. Hence, most Apps should not have to use this callback. If set, the callback may
  29. be invoked very frequently and is not a suitable place for expensive tasks.
  30. Lastly, the callback is always invoked after the validation has been completed, and therefore
  31. cannot be used to modify the result of the validation (for example to accept invalid certificates).
  32. */
  33. typedef void (^TSKPinningValidatorCallback)(TSKPinningValidatorResult * _Nonnull result, NSString * _Nonnull notedHostname, TKSDomainPinningPolicy * _Nonnull policy);
  34. #endif /* TSKPinningValidatorCallback_h */