How do we set specific extensions for TLS options?

sec_protocol_options_set_tls_ocsp_enabled(sec_options, false);
sec_protocol_options_set_tls_sct_enabled(sec_options, false);
sec_protocol_options_set_peer_authentication_required(sec_options, true);
sec_protocol_options_set_tls_renegotiation_enabled(sec_options, true);
sec_protocol_options_set_tls_tickets_enabled(sec_options, true);
sec_protocol_options_set_tls_resumption_enabled(sec_options, true);
sec_protocol_options_add_pre_shared_key(sec_options, psk, client_id);

This is all we have to work with when using the network framework but there's no way to specify i.e. encrypt-then-mac extensions if we are using CBC ciphersuites, there's very little control considering how messy TLS security can get- surely even the option of setting the raw hex of the TLS extensions appended to what is included above is desirable.

How do we set specific extensions for TLS options?

I’m posting a link to your other thread, just for context.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

How do we set specific extensions for TLS options?
 
 
Q