Security-57337.60.2.tar.gz

[apple/security.git] / OSX / libsecurity_codesigning / lib / CSCommon.h

diff --git a/OSX/libsecurity_codesigning/lib/CSCommon.h b/OSX/libsecurity_codesigning/lib/CSCommon.h
index 70058cf17baa4515af348dc04ac9c9c44c358768..be1be0fd4b615d91ab0035e653df9ee75824fd5d 100644 (file)
--- a/OSX/libsecurity_codesigning/lib/CSCommon.h
+++ b/OSX/libsecurity_codesigning/lib/CSCommon.h
@@ -115,6 +115,9 @@ CF_ENUM(OSStatus) {
        errSecCSInvalidPlatform =                       -67005, /* invalid platform identifier or platform mismatch */
        errSecCSTooBig =                                        -67004, /* code is too big for current signing format */
        errSecCSInvalidSymlink =                        -67003, /* invalid destination for symbolic link in bundle */
        errSecCSInvalidPlatform =                       -67005, /* invalid platform identifier or platform mismatch */
        errSecCSTooBig =                                        -67004, /* code is too big for current signing format */
        errSecCSInvalidSymlink =                        -67003, /* invalid destination for symbolic link in bundle */

+       errSecCSNotAppLike =                            -67002, /* the code is valid but does not seem to be an app */
+       errSecCSBadDiskImageFormat =            -67001, /* disk image format unrecognized, invalid, or unsuitable */
+       errSecCSUnsupportedDigestAlgorithm = -67000, /* signature digest algorithm(s) specified are not supported */

 };
 
 /*
 };
 
 /*


@@ -308,6 +311,27 @@ typedef CF_ENUM(uint32_t, SecRequirementType) {
        kSecInvalidRequirementType,                             /* invalid type of Requirement (must be last) */
        kSecRequirementTypeCount = kSecInvalidRequirementType /* number of valid requirement types */
 };
        kSecInvalidRequirementType,                             /* invalid type of Requirement (must be last) */
        kSecRequirementTypeCount = kSecInvalidRequirementType /* number of valid requirement types */
 };

+       
+       
+/*!
+ Types of cryptographic digests (hashes) used to hold code signatures
+ together.
+ 
+ Each combination of type, length, and other parameters is a separate
+ hash type; we don't understand "families" here.
+ 
+ These type codes govern the digest links that connect a CodeDirectory
+ to its subordinate data structures (code pages, resources, etc.)
+ They do not directly control other uses of hashes (such as those used
+ within X.509 certificates and CMS blobs).
+ */
+typedef CF_ENUM(uint32_t, SecCSDigestAlgorithm) {
+       kSecCodeSignatureNoHash                                                 =  0,   /* null value */
+       kSecCodeSignatureHashSHA1                                               =  1,   /* SHA-1 */
+       kSecCodeSignatureHashSHA256                                             =  2,   /* SHA-256 */
+       kSecCodeSignatureHashSHA256Truncated                    =  3,   /* SHA-256 truncated to first 20 bytes */
+       kSecCodeSignatureHashSHA384                                             =  4,   /* SHA-384 */
+};

 
 CF_ASSUME_NONNULL_END
 
 
 CF_ASSUME_NONNULL_END