So actually, questions in topic's title. I'm asking because on wiki https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations It says, that it doesn't support. While on some other source, i've found that it supports.
Context of question: working on AVPLayer API and trying to play a video from secured server. And it doesn't work for server signed with x25519 and works for server signed with p-256. That's the only difference I managed to find between them.
I don’t know. In situations like this I usually look up the details in the iOS Security document (you can find a link to it in the Security Resources pinned post), but it doesn’t cover this specifically. I encourage you to file a bug against that doc to cover this issue.
Please post your bug number, just for the record.
One option here is to download the certificate chain from the server and then write a tiny test program that does trust evaluation on it. If that trust evaluation fails, it’s unlikely that the AVFoundation HTTPS client is going to work.
So:
Download the certificates from the server and save them in DER format.
Create certificate objects from that data (
SecCertificateCreateWithDataCreate a trust object from those certificates (
SecTrustCreateWithCertificatesSecPolicyCreateBasicX509Evaluate trust on that (
SecTrustEvaluateLook at the resulting trust result and, if necessary, the result of
SecTrustCopyPropertiesSecTrustCopyResultShare and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"