]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_codesigning/lib/CSCommonPriv.h
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-58286.20.16.tar.gz
[apple/security.git] / OSX / libsecurity_codesigning / lib / CSCommonPriv.h
diff --git a/OSX/libsecurity_codesigning/lib/CSCommonPriv.h b/OSX/libsecurity_codesigning/lib/CSCommonPriv.h
index a03ac61d90e5731ddc4857af59f5787fda77dbd3..d527dd37f8d2308603c271f18c12c2fc66cf6d16 100644 (file)
--- a/OSX/libsecurity_codesigning/lib/CSCommonPriv.h
+++ b/OSX/libsecurity_codesigning/lib/CSCommonPriv.h
@@ -87,29 +87,21 @@ enum {
        kSecCodeMagicByte = 0xfa                                        /* shared first byte */
 };
 
        kSecCodeMagicByte = 0xfa                                        /* shared first byte */
 };
 
-
 /*!
 /*!
-       Types of cryptographic digests (hashes) used to hold code signatures
-       together.
-
-       Each combination of type, length, and other parameters is a separate
-       hash type; we don't understand "families" here.
-
-       These type codes govern the digest links that connect a CodeDirectory
-       to its subordinate data structures (code pages, resources, etc.)
-       They do not directly control other uses of hashes (such as the
-       hash-of-CodeDirectory identifiers used in requirements).
+ @typedef SecCodeExecSegFlags
  */
  */
-enum {
-       kSecCodeSignatureNoHash                                                 =  0,   /* null value */
-       kSecCodeSignatureHashSHA1                                               =  1,   /* SHA-1 */
-       kSecCodeSignatureHashSHA256                                             =  2,   /* SHA-256 */
-       kSecCodeSignatureHashSHA256Truncated                    =  3,   /* SHA-256 truncated to first 20 bytes */
-       
-       kSecCodeSignatureDefaultDigestAlgorithm = kSecCodeSignatureHashSHA1
+typedef CF_OPTIONS(uint32_t, SecCodeExecSegFlags) {
+       kSecCodeExecSegMainBinary = 0x0001,             /* exec seg belongs to main binary */
+
+       // Entitlements
+       kSecCodeExecSegAllowUnsigned = 0x0010,  /* allow unsigned pages (for debugging) */
+       kSecCodeExecSegDebugger = 0x0020,               /* main binary is debugger */
+       kSecCodeExecSegJit = 0x0040,                    /* JIT enabled */
+       kSecCodeExecSegSkipLibraryVal = 0x0080, /* skip library validation */
+       kSecCodeExecSegCanLoadCdHash = 0x0100,  /* can bless cdhash for execution */
+       kSecCodeExecSegCanExecCdHash = 0x0200,  /* can execute blessed cdhash */
 };
        
 };
        
-       
 /*
        The current (fixed) size of a cdhash in the system.
  */
 /*
        The current (fixed) size of a cdhash in the system.
  */
mirror of Security