Adding security layer to Peer to Peer app using Network.framwork security protocol

App & System Services Core OS
shobhakar OP
Created Sep ’22
Replies 3
Boosts 0
Views 771
Participants 3

I am pretty much new to use Network framework security part. If you could help me if there is any sample that i can use to do encryption of data in Peer to Peer data sharing.

Thanks

Answered by DTS Engineer in 736075022

What is the TLS Version Network framework is using

The TLS version is negotiated with the server. Currently, Network framework will attempt to connect with TLS 1.3. I believe it will, by default, fail the connection is the server tries to negotiate that down below TLS 1.2 but I’ve not actually checked that recently. If you have specific version constraints, apply them using sec_protocol_options_set_min_tls_protocol_version and sec_protocol_options_set_max_tls_protocol_version.

IMPORTANT This thread is about peer-to-peer networking and a common option in that case is pre-shared key (PSK). The last time I checked, PSK requires TLS 1.2.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Replies  3
Boosts  0
Views  771
Participants  3
DTS Engineer OP
Apple
Sep ’22

The go-to security protocol for Network framework is TLS. Using standard TLS is a peer-to-peer environment is tricky, but Network framework supports the pre-shared key variant (PSK) that makes things a lot easier. For an example of this in action, see the Building a custom peer-to-peer protocol sample code.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
shobhakar OP
Nov ’22

What is the TLS Version Network framework is using , kindly help 

0
DTS Engineer OP
Apple
Nov ’22
Accepted Answer

What is the TLS Version Network framework is using

The TLS version is negotiated with the server. Currently, Network framework will attempt to connect with TLS 1.3. I believe it will, by default, fail the connection is the server tries to negotiate that down below TLS 1.2 but I’ve not actually checked that recently. If you have specific version constraints, apply them using sec_protocol_options_set_min_tls_protocol_version and sec_protocol_options_set_max_tls_protocol_version.

IMPORTANT This thread is about peer-to-peer networking and a common option in that case is pre-shared key (PSK). The last time I checked, PSK requires TLS 1.2.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
Adding security layer to Peer to Peer app using Network.framwork security protocol
First post date Last post date
 
 
Q