From 3152ee0464cd9c1245907b793ec7857f39da14f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20K=C3=B6plinger?= Date: Mon, 23 Mar 2020 18:35:20 +0100 Subject: [PATCH 1/3] iOS: Enable System.Net.Security.Native and parts of System.Security.Cryptography.Native.Apple Unavailable APIs are excluded via #if for now. --- src/libraries/Native/Unix/CMakeLists.txt | 2 +- .../CMakeLists.txt | 28 +++++++++---------- .../pal_ecc.c | 2 ++ .../pal_ecc.h | 2 ++ .../pal_keychain.c | 2 ++ .../pal_keychain.h | 2 ++ .../pal_rsa.c | 2 ++ .../pal_rsa.h | 2 ++ .../pal_sec.c | 2 ++ .../pal_sec.h | 2 ++ .../pal_seckey.c | 4 +++ .../pal_seckey.h | 4 +++ .../pal_signverify.c | 2 ++ .../pal_signverify.h | 2 ++ .../pal_ssl.c | 2 ++ .../pal_ssl.h | 1 + .../pal_trust.c | 2 ++ .../pal_trust.h | 2 ++ .../pal_x509.c | 4 +++ .../pal_x509.h | 2 ++ 20 files changed, 55 insertions(+), 16 deletions(-) diff --git a/src/libraries/Native/Unix/CMakeLists.txt b/src/libraries/Native/Unix/CMakeLists.txt index d921d23d2bf94..79045004a9967 100644 --- a/src/libraries/Native/Unix/CMakeLists.txt +++ b/src/libraries/Native/Unix/CMakeLists.txt @@ -192,7 +192,6 @@ add_subdirectory(System.Native) if (NOT CLR_CMAKE_TARGET_ARCH_WASM AND NOT CLR_CMAKE_TARGET_IOS) # TODO: reenable for iOS add_subdirectory(System.Globalization.Native) - add_subdirectory(System.Net.Security.Native) # disable System.Security.Cryptography.Native build on iOS, # only used for interacting with OpenSSL which isn't useful there @@ -200,5 +199,6 @@ if (NOT CLR_CMAKE_TARGET_ARCH_WASM AND NOT CLR_CMAKE_TARGET_IOS) # TODO: reenab endif() if(CLR_CMAKE_TARGET_DARWIN) + add_subdirectory(System.Net.Security.Native) add_subdirectory(System.Security.Cryptography.Native.Apple) endif() diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/CMakeLists.txt b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/CMakeLists.txt index 2e578633a8061..d8f6eb28445f7 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/CMakeLists.txt +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/CMakeLists.txt @@ -5,26 +5,24 @@ find_library(SECURITY_LIBRARY Security) set(NATIVECRYPTO_SOURCES pal_digest.c + pal_ecc.c pal_hmac.c + pal_keyagree.c + pal_keychain.c pal_random.c + pal_rsa.c + pal_sec.c + pal_seckey.c + pal_signverify.c + pal_ssl.c pal_symmetric.c + pal_trust.c + pal_x509.c + pal_x509chain.c ) -if (NOT CLR_CMAKE_TARGET_IOS) # TODO: reenable more sources - set(NATIVECRYPTO_SOURCES - ${NATIVECRYPTO_SOURCES} - pal_ecc.c - pal_keyagree.c - pal_keychain.c - pal_rsa.c - pal_sec.c - pal_seckey.c - pal_signverify.c - pal_ssl.c - pal_trust.c - pal_x509.c - pal_x509chain.c - ) +if (CLR_CMAKE_TARGET_IOS) + add_definitions(-DTARGET_IOS) endif() add_library(System.Security.Cryptography.Native.Apple diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ecc.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ecc.c index 05e83310334f3..a7ff6ae370111 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ecc.c +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ecc.c @@ -4,6 +4,7 @@ #include "pal_ecc.h" +#ifndef TARGET_IOS int32_t AppleCryptoNative_EccGenerateKey( int32_t keySizeBits, SecKeychainRef tempKeychain, SecKeyRef* pPublicKey, SecKeyRef* pPrivateKey, int32_t* pOSStatus) { @@ -51,6 +52,7 @@ int32_t AppleCryptoNative_EccGenerateKey( *pOSStatus = status; return status == noErr; } +#endif uint64_t AppleCryptoNative_EccGetKeySizeInBits(SecKeyRef publicKey) { diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ecc.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ecc.h index 3ae5da555e1a9..859f0b8c11c43 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ecc.h +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ecc.h @@ -9,6 +9,7 @@ #include +#ifndef TARGET_IOS /* Generate an ECC keypair of the specified size. @@ -19,6 +20,7 @@ PALEXPORT int32_t AppleCryptoNative_EccGenerateKey(int32_t keySizeBits, SecKeyRef* pPublicKey, SecKeyRef* pPrivateKey, int32_t* pOSStatus); +#endif /* Get the keysize, in bits, of an ECC key. diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_keychain.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_keychain.c index 8e41e199fa266..7cc506fd6e2f1 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_keychain.c +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_keychain.c @@ -5,6 +5,7 @@ #include "pal_keychain.h" #include "pal_utilities.h" +#ifndef TARGET_IOS int32_t AppleCryptoNative_SecKeychainItemCopyKeychain(SecKeychainItemRef item, SecKeychainRef* pKeychainOut) { if (pKeychainOut != NULL) @@ -465,3 +466,4 @@ AppleCryptoNative_X509StoreRemoveCertificate(CFTypeRef certOrIdentity, SecKeycha CFRelease(cert); return *pOSStatus == noErr; } +#endif diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_keychain.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_keychain.h index 7dbcd5e934cd7..dab2e9bcc0e4a 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_keychain.h +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_keychain.h @@ -9,6 +9,7 @@ #include +#ifndef TARGET_IOS /* Get a CFRetain()ed SecKeychainRef value for the keychain to which the keychain item belongs. @@ -137,3 +138,4 @@ pOSStatus: Receives the last OSStatus value.. */ PALEXPORT int32_t AppleCryptoNative_X509StoreRemoveCertificate(CFTypeRef certOrIdentity, SecKeychainRef keychain, uint8_t isReadOnlyMode, int32_t* pOSStatus); +#endif diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_rsa.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_rsa.c index f2bc5da9e0377..0f53b4cca644c 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_rsa.c +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_rsa.c @@ -4,6 +4,7 @@ #include "pal_rsa.h" +#ifndef TARGET_IOS static int32_t ExecuteCFDataTransform( SecTransformRef xform, uint8_t* pbData, int32_t cbData, CFDataRef* pDataOut, CFErrorRef* pErrorOut); @@ -267,6 +268,7 @@ static int32_t ExecuteCFDataTransform( return ret; } +#endif static int32_t RsaPrimitive(SecKeyRef key, uint8_t* pbData, diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_rsa.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_rsa.h index b9d0834d991d4..14df62a70b4aa 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_rsa.h +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_rsa.h @@ -10,6 +10,7 @@ #include +#ifndef TARGET_IOS /* Generate a new RSA keypair with the specified key size, in bits. @@ -60,6 +61,7 @@ Follows pal_seckey return conventions. */ PALEXPORT int32_t AppleCryptoNative_RsaEncryptPkcs( SecKeyRef publicKey, uint8_t* pbData, int32_t cbData, CFDataRef* pEncryptedOut, CFErrorRef* pErrorOut); +#endif /* Apply an RSA private key to a signing operation on data which was already padded. diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_sec.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_sec.c index 5abbf37db2479..58d6ab46ec457 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_sec.c +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_sec.c @@ -4,7 +4,9 @@ #include "pal_sec.h" +#ifndef TARGET_IOS CFStringRef AppleCryptoNative_SecCopyErrorMessageString(int32_t osStatus) { return SecCopyErrorMessageString(osStatus, NULL); } +#endif diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_sec.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_sec.h index 4e81d6b57e13b..966621875931b 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_sec.h +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_sec.h @@ -10,9 +10,11 @@ #include +#ifndef TARGET_IOS /* Get an error message for an OSStatus error from the security library. Returns NULL if no message is available for the code. */ PALEXPORT CFStringRef AppleCryptoNative_SecCopyErrorMessageString(OSStatus osStatus); +#endif diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_seckey.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_seckey.c index 99c2a661f6fa1..e7fc650bbacc0 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_seckey.c +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_seckey.c @@ -5,6 +5,7 @@ #include "pal_seckey.h" #include "pal_utilities.h" +#ifndef TARGET_IOS int32_t AppleCryptoNative_SecKeyExport( SecKeyRef pKey, int32_t exportPrivate, CFStringRef cfExportPassphrase, CFDataRef* ppDataOut, int32_t* pOSStatus) { @@ -128,6 +129,7 @@ int32_t AppleCryptoNative_SecKeyImportEphemeral( CFRelease(cfData); return ret; } +#endif uint64_t AppleCryptoNative_SecKeyGetSimpleKeySizeInBytes(SecKeyRef publicKey) { @@ -139,6 +141,7 @@ uint64_t AppleCryptoNative_SecKeyGetSimpleKeySizeInBytes(SecKeyRef publicKey) return SecKeyGetBlockSize(publicKey); } +#ifndef TARGET_IOS OSStatus ExportImportKey(SecKeyRef* key, SecExternalItemType type) { SecExternalFormat dataFormat = kSecFormatOpenSSL; @@ -197,3 +200,4 @@ OSStatus ExportImportKey(SecKeyRef* key, SecExternalItemType type) return status; } +#endif diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_seckey.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_seckey.h index a645d8600fe14..d4dd95ab81fc0 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_seckey.h +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_seckey.h @@ -17,6 +17,7 @@ static const int32_t kErrorSeeError = -2; static const int32_t kErrorUnknownAlgorithm = -3; static const int32_t kErrorUnknownState = -4; +#ifndef TARGET_IOS /* Export a key object. @@ -48,6 +49,7 @@ state machine errors. */ PALEXPORT int32_t AppleCryptoNative_SecKeyImportEphemeral( uint8_t* pbKeyBlob, int32_t cbKeyBlob, int32_t isPrivateKey, SecKeyRef* ppKeyOut, int32_t* pOSStatus); +#endif /* For RSA and DSA this function returns the number of bytes in "the key", which corresponds to @@ -59,9 +61,11 @@ For ECC the value should not be used. */ PALEXPORT uint64_t AppleCryptoNative_SecKeyGetSimpleKeySizeInBytes(SecKeyRef publicKey); +#ifndef TARGET_IOS /* Export a key and re-import it to the NULL keychain. Only internal callers are expected. */ OSStatus ExportImportKey(SecKeyRef* key, SecExternalItemType type); +#endif diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_signverify.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_signverify.c index fe791cba0ab93..792ffeb455004 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_signverify.c +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_signverify.c @@ -4,6 +4,7 @@ #include "pal_signverify.h" +#ifndef TARGET_IOS static int32_t ExecuteSignTransform(SecTransformRef signer, CFDataRef* pSignatureOut, CFErrorRef* pErrorOut); static int32_t ExecuteVerifyTransform(SecTransformRef verifier, CFErrorRef* pErrorOut); @@ -285,3 +286,4 @@ static int32_t ConfigureSignVerifyTransform(SecTransformRef xform, return 1; } +#endif diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_signverify.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_signverify.h index 37060b93edeb2..a8ff06660460b 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_signverify.h +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_signverify.h @@ -10,6 +10,7 @@ #include +#ifndef TARGET_IOS /* Generate a signature for algorithms which require only the data hash blob, like DSA and ECDSA. @@ -56,3 +57,4 @@ PALEXPORT int32_t AppleCryptoNative_VerifySignature(SecKeyRef publicKey, uint8_t* pbSignature, int32_t cbSignature, CFErrorRef* pErrorOut); +#endif diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c index 127a84626379a..c3ec5d15699f1 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c @@ -587,11 +587,13 @@ int32_t AppleCryptoNative_SslSetEnabledCipherSuites(SSLContextRef sslContext, co if (sizeof(SSLCipherSuite) == sizeof(uint32_t)) { +#ifndef TARGET_IOS #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wdeprecated-declarations" // macOS return SSLSetEnabledCiphers(sslContext, cipherSuites, (size_t)numCipherSuites); #pragma clang diagnostic pop +#endif } else { diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.h index 48cff8839a40d..7c65ac9000586 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.h +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.h @@ -6,6 +6,7 @@ #include "pal_compiler.h" #include +#include enum { diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_trust.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_trust.c index 0d083bd9bb3ea..7167ecf9b04c5 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_trust.c +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_trust.c @@ -5,6 +5,7 @@ #include "pal_trust.h" #include "pal_utilities.h" +#ifndef TARGET_IOS static bool CheckTrustMatch(SecCertificateRef cert, SecTrustSettingsDomain domain, SecTrustSettingsResult result, @@ -245,3 +246,4 @@ int32_t AppleCryptoNative_StoreEnumerateMachineDisallowed(CFArrayRef* pCertsOut, return ret; } +#endif diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_trust.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_trust.h index ae2ee23e6bb83..31b136ef9cf78 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_trust.h +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_trust.h @@ -9,6 +9,7 @@ #include +#ifndef TARGET_IOS /* Enumerate the certificates which are root trusted by the user. @@ -62,3 +63,4 @@ pCertsOut: When the return value is not 1, NULL. Otherwise NULL on "no certs fou pOSStatus: Receives the last OSStatus value. */ PALEXPORT int32_t AppleCryptoNative_StoreEnumerateMachineDisallowed(CFArrayRef* pCertsOut, int32_t* pOSStatusOut); +#endif \ No newline at end of file diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509.c index b6d620de3bd31..08d7974c16e79 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509.c +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509.c @@ -108,6 +108,7 @@ PAL_X509ContentType AppleCryptoNative_X509GetContentType(uint8_t* pbData, int32_ return PAL_Certificate; } +#ifndef TARGET_IOS SecExternalFormat dataFormat = kSecFormatPKCS7; SecExternalFormat actualFormat = dataFormat; SecExternalItemType itemType = kSecItemTypeAggregate; @@ -175,6 +176,7 @@ PAL_X509ContentType AppleCryptoNative_X509GetContentType(uint8_t* pbData, int32_ return PAL_Certificate; } } +#endif CFRelease(cfData); return PAL_X509Unknown; @@ -256,6 +258,7 @@ int32_t AppleCryptoNative_X509CopyPrivateKeyFromIdentity(SecIdentityRef identity return SecIdentityCopyPrivateKey(identity, pPrivateKeyOut); } +#ifndef TARGET_IOS static int32_t ReadX509(uint8_t* pbData, int32_t cbData, PAL_X509ContentType contentType, @@ -914,3 +917,4 @@ int32_t AppleCryptoNative_X509MoveToKeychain(SecCertificateRef cert, *pOSStatus = status; return status == noErr; } +#endif diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509.h index 951a25ae6c426..5b712e0c2ea8d 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509.h +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509.h @@ -74,6 +74,7 @@ pPrivateKeyOut: Receives a SecKeyRef for the private key associated with the ide */ PALEXPORT int32_t AppleCryptoNative_X509CopyPrivateKeyFromIdentity(SecIdentityRef identity, SecKeyRef* pPrivateKeyOut); +#ifndef TARGET_IOS /* Read cbData bytes of data from pbData and interpret it to a collection of certificates (or identities). @@ -191,3 +192,4 @@ PALEXPORT int32_t AppleCryptoNative_X509MoveToKeychain(SecCertificateRef cert, SecKeyRef privateKey, SecIdentityRef* pIdentityOut, int32_t* pOSStatus); +#endif From 76d5fc360566f39434bd7072ab716bc514dc2cf7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20K=C3=B6plinger?= Date: Mon, 23 Mar 2020 19:15:57 +0100 Subject: [PATCH 2/3] Fix iOS ARM 32bits build --- .../System.Security.Cryptography.Native.Apple/pal_x509chain.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509chain.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509chain.h index 599d2409f8acd..e62e818beab2e 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509chain.h +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509chain.h @@ -42,8 +42,8 @@ enum typedef uint32_t PAL_X509ChainStatusFlags; #define PAL_X509ChainErrorNone 0 -#define PAL_X509ChainErrorUnknownValueType 0x0001L << 32 -#define PAL_X509ChainErrorUnknownValue 0x0002L << 32 +#define PAL_X509ChainErrorUnknownValueType (((uint64_t)0x0001L) << 32) +#define PAL_X509ChainErrorUnknownValue (((uint64_t)0x0002L) << 32) typedef uint64_t PAL_X509ChainErrorFlags; /* From d32355a6f2e04635e614aba6194956ea6080551c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20K=C3=B6plinger?= Date: Tue, 24 Mar 2020 10:47:45 +0100 Subject: [PATCH 3/3] PR feedback --- .../Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c | 4 ++-- .../System.Security.Cryptography.Native.Apple/pal_trust.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c index c3ec5d15699f1..c77218e51204a 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c @@ -585,17 +585,17 @@ int32_t AppleCryptoNative_SslSetEnabledCipherSuites(SSLContextRef sslContext, co // Max numCipherSuites is 2^16 (all possible cipher suites) assert(numCipherSuites < (1 << 16)); +#ifndef TARGET_IOS if (sizeof(SSLCipherSuite) == sizeof(uint32_t)) { -#ifndef TARGET_IOS #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wdeprecated-declarations" // macOS return SSLSetEnabledCiphers(sslContext, cipherSuites, (size_t)numCipherSuites); #pragma clang diagnostic pop -#endif } else +#endif { // iOS, tvOS, watchOS SSLCipherSuite* cipherSuites16 = (SSLCipherSuite*)calloc((size_t)numCipherSuites, sizeof(SSLCipherSuite)); diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_trust.h b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_trust.h index 31b136ef9cf78..6776fc35e3b7e 100644 --- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_trust.h +++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_trust.h @@ -63,4 +63,4 @@ pCertsOut: When the return value is not 1, NULL. Otherwise NULL on "no certs fou pOSStatus: Receives the last OSStatus value. */ PALEXPORT int32_t AppleCryptoNative_StoreEnumerateMachineDisallowed(CFArrayRef* pCertsOut, int32_t* pOSStatusOut); -#endif \ No newline at end of file +#endif