sectask/SecTaskPriv.h

   1 /*
   2  * Copyright (c) 2013-2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #ifndef _SECURITY_SECTASKPRIV_H_
  25 #define _SECURITY_SECTASKPRIV_H_
  26
  27 #include <CoreFoundation/CoreFoundation.h>
  28 #include <Security/SecTask.h>
  29 #include <xpc/xpc.h>
  30
  31 __BEGIN_DECLS
  32
  33 #if SEC_OS_OSX
  34 /*!
  35     @function SecTaskValidateForRequirement
  36     @abstract Validate a SecTask instance for a specified requirement.
  37     @param task The SecTask instance to validate.
  38     @param requirement A requirement string to be validated.
  39     @result An error code of type OSStatus. Returns errSecSuccess if the
  40     task satisfies the requirement.
  41 */
  42
  43 OSStatus SecTaskValidateForRequirement(SecTaskRef _Nonnull task, CFStringRef _Nonnull requirement);
  44
  45 #endif /* SEC_OS_OSX */
  46
  47 /*!
  48  @function SecTaskCreateWithXPCMessage
  49  @abstract Get SecTask instance from the remote peer of the xpc connection
  50  @param message message from peer in the xpc connection event handler, you can't use
  51                 connection since it cached and uses the most recent sender to this connection.
  52  */
  53
  54 _Nullable SecTaskRef
  55 SecTaskCreateWithXPCMessage(xpc_object_t _Nonnull message);
  56
  57 /*!
  58  @function SecTaskEntitlementsValidated
  59  @abstract Check whether entitlements can be trusted or not.  If this returns
  60  false the tasks entitlements must not be used for anything security sensetive.
  61  @param task A previously created SecTask object
  62  */
  63 Boolean SecTaskEntitlementsValidated(SecTaskRef _Nonnull task);
  64
  65 /*!
  66  @function SecTaskCopyTeamIdentifier
  67  @abstract Return the value of the team identifier.
  68  @param task A previously created SecTask object
  69  @param error On a NULL return, this will contain a CFError describing
  70  the problem.  This argument may be NULL if the caller is not interested in
  71  detailed errors. The caller must CFRelease the returned value
  72  */
  73 __nullable
  74 CFStringRef SecTaskCopyTeamIdentifier(SecTaskRef _Nonnull task, CFErrorRef _Nullable * _Nullable error);
  75
  76 __END_DECLS
  77
  78 #endif /* !_SECURITY_SECTASKPRIV_H_ */