]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-59306.101.1.tar.gz
[apple/security.git] / OSX / libsecurity_codesigning / lib / SecCodeSigner.cpp
diff --git a/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp b/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp
index e9965556c7012a4f6ff91b66865461490c8a190b..7e09f760496128dd1d5ee2e0063a17d7da80e700 100644 (file)
--- a/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp
+++ b/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp
@@ -59,12 +59,15 @@ const CFStringRef kSecCodeSignerTimestampOmitCertificates = CFSTR("timestamp-omi
 const CFStringRef kSecCodeSignerPreserveMetadata = CFSTR("preserve-metadata");
 const CFStringRef kSecCodeSignerTeamIdentifier =       CFSTR("teamidentifier");
 const CFStringRef kSecCodeSignerPlatformIdentifier = CFSTR("platform-identifier");
+const CFStringRef kSecCodeSignerRuntimeVersion = CFSTR("runtime-version");
+const CFStringRef kSecCodeSignerPreserveAFSC =         CFSTR("preserve-afsc");
+const CFStringRef kSecCodeSignerOmitAdhocFlag =        CFSTR("omit-adhoc-flag");
+
+// Keys for signature editing
+const CFStringRef kSecCodeSignerEditCpuType =  CFSTR("edit-cpu-type");
+const CFStringRef kSecCodeSignerEditCpuSubtype = CFSTR("edit-cpu-subtype");
+const CFStringRef kSecCodeSignerEditCMS =              CFSTR("edit-cms");
 
-// temporary add-back to bridge B&I build dependencies -- remove soon
-const CFStringRef kSecCodeSignerTSAUse = CFSTR("timestamp-required");
-const CFStringRef kSecCodeSignerTSAURL = CFSTR("timestamp-url");
-const CFStringRef kSecCodeSignerTSAClientAuth = CFSTR("timestamp-authentication");
-const CFStringRef kSecCodeSignerTSANoCerts =   CFSTR("timestamp-omit-certificates");
 
 
 //
@@ -87,14 +90,17 @@ OSStatus SecCodeSignerCreate(CFDictionaryRef parameters, SecCSFlags flags,
        BEGIN_CSAPI
                
        checkFlags(flags,
-                 kSecCSRemoveSignature
+                 kSecCSEditSignature
+               | kSecCSRemoveSignature
                | kSecCSSignPreserveSignature
                | kSecCSSignNestedCode
                | kSecCSSignOpaque
                | kSecCSSignV1
                | kSecCSSignNoV1
                | kSecCSSignBundleRoot
-               | kSecCSSignStrictPreflight);
+               | kSecCSSignStrictPreflight
+        | kSecCSSignGeneratePEH
+               | kSecCSSignGenerateEntitlementDER);
        SecPointer<SecCodeSigner> signer = new SecCodeSigner(flags);
        signer->parameters(parameters);
        CodeSigning::Required(signerRef) = signer->handle();
mirror of Security