]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_codesigning/lib/SecRequirement.cpp
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-59306.61.1.tar.gz
[apple/security.git] / OSX / libsecurity_codesigning / lib / SecRequirement.cpp
diff --git a/OSX/libsecurity_codesigning/lib/SecRequirement.cpp b/OSX/libsecurity_codesigning/lib/SecRequirement.cpp
index 7c44fcf6f535025c7a2946b8366d6e3a933c123f..d89c924088863c1ce6bcee62260d70b510bdca66 100644 (file)
--- a/OSX/libsecurity_codesigning/lib/SecRequirement.cpp
+++ b/OSX/libsecurity_codesigning/lib/SecRequirement.cpp
@@ -169,6 +169,8 @@ CFStringRef kSecRequirementKeyEntitlements = CFSTR("requirement:eval:entitlement
 CFStringRef kSecRequirementKeyIdentifier = CFSTR("requirement:eval:identifier");
 CFStringRef kSecRequirementKeyPackageChecksum = CFSTR("requirement:eval:package_checksum");
 CFStringRef kSecRequirementKeyChecksumAlgorithm = CFSTR("requirement:eval:package_checksum_algorithm");
+CFStringRef kSecRequirementKeySecureTimestamp = CFSTR("requirement:eval:secure_timestamp");
+CFStringRef kSecRequirementKeyTeamIdentifier = CFSTR("requirement:eval:team_identifier");
 
 OSStatus SecRequirementEvaluate(SecRequirementRef requirementRef,
        CFArrayRef certificateChain, CFDictionaryRef context,
@@ -188,6 +190,12 @@ OSStatus SecRequirementEvaluate(SecRequirementRef requirementRef,
                }
        }
 
+       const char *teamID = NULL;
+       if (context && CFDictionaryGetValue(context, kSecRequirementKeyTeamIdentifier)) {
+               CFStringRef str = (CFStringRef)CFDictionaryGetValue(context, kSecRequirementKeyTeamIdentifier);
+               teamID = CFStringGetCStringPtr(str, kCFStringEncodingUTF8);
+       }
+
        Requirement::Context ctx(certificateChain,              // mandatory
                context ? CFDictionaryRef(CFDictionaryGetValue(context, kSecRequirementKeyInfoPlist)) : NULL,
                context ? CFDictionaryRef(CFDictionaryGetValue(context, kSecRequirementKeyEntitlements)) : NULL,
@@ -196,7 +204,9 @@ OSStatus SecRequirementEvaluate(SecRequirementRef requirementRef,
                NULL,   // can't specify a CodeDirectory here
                context ? CFDataRef(CFDictionaryGetValue(context, kSecRequirementKeyPackageChecksum)) : NULL,
         checksumAlgorithm,
-               false // can't get forced platform this way
+               false, // can't get forced platform this way
+               context ? CFDateRef(CFDictionaryGetValue(context, kSecRequirementKeySecureTimestamp)) : NULL,
+               teamID
        );
        req->validate(ctx);
        
mirror of Security