]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-59306.101.1.tar.gz
[apple/security.git] / OSX / libsecurity_codesigning / lib / SecCodeSigner.cpp
diff --git a/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp b/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp
index bae22bd5c07430a3910afe690b61df9c5e7bb613..7e09f760496128dd1d5ee2e0063a17d7da80e700 100644 (file)
--- a/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp
+++ b/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp
@@ -59,6 +59,16 @@ const CFStringRef kSecCodeSignerTimestampOmitCertificates =  CFSTR("timestamp-omi
 const CFStringRef kSecCodeSignerPreserveMetadata = CFSTR("preserve-metadata");
 const CFStringRef kSecCodeSignerTeamIdentifier =       CFSTR("teamidentifier");
 const CFStringRef kSecCodeSignerPlatformIdentifier = CFSTR("platform-identifier");
+const CFStringRef kSecCodeSignerRuntimeVersion = CFSTR("runtime-version");
+const CFStringRef kSecCodeSignerPreserveAFSC =         CFSTR("preserve-afsc");
+const CFStringRef kSecCodeSignerOmitAdhocFlag =        CFSTR("omit-adhoc-flag");
+
+// Keys for signature editing
+const CFStringRef kSecCodeSignerEditCpuType =  CFSTR("edit-cpu-type");
+const CFStringRef kSecCodeSignerEditCpuSubtype = CFSTR("edit-cpu-subtype");
+const CFStringRef kSecCodeSignerEditCMS =              CFSTR("edit-cms");
+
+
 
 //
 // CF-standard type code functions
@@ -80,14 +90,17 @@ OSStatus SecCodeSignerCreate(CFDictionaryRef parameters, SecCSFlags flags,
        BEGIN_CSAPI
                
        checkFlags(flags,
-                 kSecCSRemoveSignature
+                 kSecCSEditSignature
+               | kSecCSRemoveSignature
                | kSecCSSignPreserveSignature
                | kSecCSSignNestedCode
                | kSecCSSignOpaque
                | kSecCSSignV1
                | kSecCSSignNoV1
                | kSecCSSignBundleRoot
-               | kSecCSSignStrictPreflight);
+               | kSecCSSignStrictPreflight
+        | kSecCSSignGeneratePEH
+               | kSecCSSignGenerateEntitlementDER);
        SecPointer<SecCodeSigner> signer = new SecCodeSigner(flags);
        signer->parameters(parameters);
        CodeSigning::Required(signerRef) = signer->handle();
mirror of Security