extern const CFStringRef kSecCodeInfoNotarizationDate; /* Internal */
extern const CFStringRef kSecCodeInfoCMSDigestHashType; /* Internal */
extern const CFStringRef kSecCodeInfoCMSDigest; /* Internal */
+extern const CFStringRef kSecCodeInfoSignatureVersion; /* Internal */
extern const CFStringRef kSecCodeInfoDiskRepVersionPlatform; /* Number */
extern const CFStringRef kSecCodeInfoDiskRepVersionMin; /* Number */
*/
OSStatus SecCodeCreateWithAuditToken(const audit_token_t *audit,
SecCSFlags flags, SecCodeRef *process)
- AVAILABLE_MAC_OS_X_VERSION_10_14_4_AND_LATER;
+ AVAILABLE_MAC_OS_X_VERSION_10_15_AND_LATER;
/* Deprecated and unsafe, DO NOT USE. */
OSStatus SecCodeCreateWithPID(pid_t pid, SecCSFlags flags, SecCodeRef *process)
*/
OSStatus SecCodeValidateFileResource(SecStaticCodeRef code, CFStringRef relativePath, CFDataRef fileData, SecCSFlags flags);
+
+/*
+ @constant kSecCSStrictValidateStructure
+ A subset of the work kSecCSStrictValidate performs, omitting work that
+ is unnecessary on some platforms. Since the definition of what can be
+ omitted is in flux, and since we would like to remove that notion
+ entirely eventually, we makes this a private flag.
+ */
+CF_ENUM(uint32_t) {
+ // NOTE: These values needs to align with the public definitions for static code validity too.
+ kSecCSStrictValidateStructure = 1 << 13,
+ kSecCSSkipRootVolumeExceptions = 1 << 14,
+ kSecCSSkipXattrFiles = 1 << 15,
+};
+
+#if TARGET_OS_OSX
+/* Here just to make TAPI happy. */
+extern int GKBIS_DS_Store_Present;
+extern int GKBIS_Dot_underbar_Present;
+extern int GKBIS_Num_localizations;
+extern int GKBIS_Num_files;
+extern int GKBIS_Num_dirs;
+extern int GKBIS_Num_symlinks;
+#endif /* TARGET_OS_OSX */
+
#ifdef __cplusplus
}
#endif
projects / apple / security.git / blobdiff