Security-58286.220.15.tar.gz

[apple/security.git] / OSX / libsecurity_codesigning / lib / StaticCode.h

diff --git a/OSX/libsecurity_codesigning/lib/StaticCode.h b/OSX/libsecurity_codesigning/lib/StaticCode.h
index 71ead90f33b1cadd5122f3190c78d242222bf552..2ca6d7da2a23f7d30d059c922706072b5cc99529 100644 (file)
--- a/OSX/libsecurity_codesigning/lib/StaticCode.h
+++ b/OSX/libsecurity_codesigning/lib/StaticCode.h
@@ -106,7 +106,7 @@ public:
        static SecStaticCode *requiredStatic(SecStaticCodeRef ref);     // convert SecCodeRef
        static SecCode *optionalDynamic(SecStaticCodeRef ref); // extract SecCodeRef or NULL if static
 
-       SecStaticCode(DiskRep *rep);
+       SecStaticCode(DiskRep *rep, uint32_t flags = 0);
     virtual ~SecStaticCode() throw();
 
     void initializeFromParent(const SecStaticCode& parent);
@@ -227,6 +227,7 @@ protected:
 private:
        void validateOtherVersions(CFURLRef path, SecCSFlags flags, SecRequirementRef req, SecStaticCode *code);
        bool checkfix30814861(string path, bool addition);
+       bool checkfix41082220(OSStatus result);
 
        ResourceBuilder *mCheckfix30814861builder1;
        dispatch_once_t mCheckfix30814861builder1_once;
@@ -291,6 +292,11 @@ private:
 
        LimitedAsync *mLimitedAsync;            // limited async workers for verification
 
+       uint32_t mFlags;                                        // flags from creation
+       bool mNotarizationChecked;                      // ensure notarization check only performed once
+       bool mStaplingChecked;                          // ensure stapling check only performed once
+       double mNotarizationDate;                       // the notarization ticket's date, if online check failed
+
        // signature verification outcome (mTrust == NULL => not done yet)
        CFRef<SecTrustRef> mTrust;                      // outcome of crypto validation (valid or not)
        CFRef<CFArrayRef> mCertChain;