sectask/SecTask.h

   1 /*
   2  * Copyright (c) 2008,2012-2013 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #ifndef _SECURITY_SECTASK_H_
  25 #define _SECURITY_SECTASK_H_
  26
  27 #include <CoreFoundation/CoreFoundation.h>
  28 #include <mach/message.h>
  29 #include <sys/cdefs.h>
  30
  31 __BEGIN_DECLS
  32
  33 /*!
  34     @typedef SecTaskRef
  35     @abstract CFType used for representing a task
  36 */
  37 typedef struct CF_BRIDGED_TYPE(id) __SecTask *SecTaskRef;
  38
  39 /*!
  40     @function SecTaskGetTypeID
  41     @abstract Returns the type ID for CF instances of SecTask.
  42     @result A CFTypeID for SecTask
  43 */
  44 CFTypeID SecTaskGetTypeID(void);
  45
  46 /*!
  47     @function SecTaskCreateWithAuditToken
  48     @abstract Create a SecTask object for the task that sent the mach message
  49     represented by the audit token.
  50     @param token The audit token of a mach message
  51     @result The newly created SecTask object or NULL on error.  The caller must
  52     CFRelease the returned object.
  53 */
  54 SecTaskRef SecTaskCreateWithAuditToken(CFAllocatorRef allocator, audit_token_t token);
  55
  56 /*!
  57      @function SecTaskCreateFromSelf
  58      @abstract Create a SecTask object for the current task.
  59      @result The newly created SecTask object or NULL on error.  The caller must
  60      CFRelease the returned object.
  61  */
  62 SecTaskRef SecTaskCreateFromSelf(CFAllocatorRef allocator);
  63
  64 /*!
  65     @function SecTaskCopyValueForEntitlement
  66     @abstract Returns the value of a single entitlement for the represented
  67     task.
  68     @param task A previously created SecTask object
  69     @param entitlement The name of the entitlement to be fetched
  70     @param error On a NULL return, this may be contain a CFError describing
  71     the problem.  This argument may be NULL if the caller is not interested in
  72     detailed errors.
  73     @result The value of the specified entitlement for the process or NULL if
  74     the entitlement value could not be retrieved.  The type of the returned
  75     value will depend on the entitlement specified.  The caller must release
  76     the returned object.
  77     @discussion A NULL return may indicate an error, or it may indicate that
  78     the entitlement is simply not present.  In the latter case, no CFError is
  79     returned.
  80 */
  81 CFTypeRef SecTaskCopyValueForEntitlement(SecTaskRef task, CFStringRef entitlement, CFErrorRef *error);
  82
  83 /*!
  84     @function SecTaskCopyValuesForEntitlements
  85     @abstract Returns the values of multiple entitlements for the represented
  86     task.
  87     @param task A previously created SecTask object
  88     @param entitlements An array of entitlement names to be fetched
  89     @param error On a NULL return, this will contain a CFError describing
  90     the problem.  This argument may be NULL if the caller is not interested in
  91     detailed errors.  If a requested entitlement is not present for the
  92     returned dictionary, the entitlement is not set on the task.  The caller
  93     must CFRelease the returned value
  94 */
  95 CFDictionaryRef SecTaskCopyValuesForEntitlements(SecTaskRef task, CFArrayRef entitlements, CFErrorRef *error);
  96
  97 /*!
  98     @function SecTaskCopySigningIdentifier
  99     @abstract Return the value of the codesigning identifier.
 100     @param task A previously created SecTask object
 101     @param error On a NULL return, this will contain a CFError describing
 102     the problem.  This argument may be NULL if the caller is not interested in
 103     detailed errors. The caller must CFRelease the returned value
 104 */
 105 CFStringRef SecTaskCopySigningIdentifier(SecTaskRef task, CFErrorRef *error);
 106
 107 /*!
 108     @function SecTaskGetCodeSignStatus
 109     @abstract Return the code sign status flags
 110     @param task A previously created SecTask object
 111 */
 112
 113 uint32_t SecTaskGetCodeSignStatus(SecTaskRef task);
 114
 115 __END_DECLS
 116
 117 #endif /* !_SECURITY_SECTASK_H_ */