X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..7e6b461318c8a779d91381531435a68ee4e8b6ed:/OSX/libsecurity_codesigning/lib/SecCode.h?ds=sidebyside diff --git a/OSX/libsecurity_codesigning/lib/SecCode.h b/OSX/libsecurity_codesigning/lib/SecCode.h index 415506b4..aa53b5ac 100644 --- a/OSX/libsecurity_codesigning/lib/SecCode.h +++ b/OSX/libsecurity_codesigning/lib/SecCode.h @@ -51,9 +51,7 @@ CFTypeID SecCodeGetTypeID(void); Obtains a SecCode object for the code making the call. The calling code is determined in a way that is subject to modification over time, but obeys the following rules. If it is a UNIX process, its process id (pid) - is always used. If it is an active code host that has a dedicated guest, such a guest - is always preferred. If it is a host that has called SecHostSelectGuest, such selection - is considered until revoked. + is always used. @param flags Optional flags. Pass kSecCSDefaultFlags for standard behavior. @param self Upon successful return, contains a SecCodeRef representing the caller. @@ -111,7 +109,7 @@ OSStatus SecCodeCopyStaticCode(SecCodeRef code, SecCSFlags flags, SecStaticCodeR and is the ultimate authority on the its dynamic validity and status. The host relationship is securely established (absent reported errors). - @param code A valid SecCode object reference representing code running + @param guest A valid SecCode object reference representing code running on the system. @param flags Optional flags. Pass kSecCSDefaultFlags for standard behavior. @param host On successful return, a SecCode object reference identifying @@ -121,6 +119,17 @@ OSStatus SecCodeCopyStaticCode(SecCodeRef code, SecCSFlags flags, SecStaticCodeR */ OSStatus SecCodeCopyHost(SecCodeRef guest, SecCSFlags flags, SecCodeRef * __nonnull CF_RETURNS_RETAINED host); +extern const CFStringRef kSecGuestAttributeCanonical; +extern const CFStringRef kSecGuestAttributeHash; +extern const CFStringRef kSecGuestAttributeMachPort; +extern const CFStringRef kSecGuestAttributePid; +extern const CFStringRef kSecGuestAttributeAudit; +extern const CFStringRef kSecGuestAttributeDynamicCode; +extern const CFStringRef kSecGuestAttributeDynamicCodeInfoPlist; +extern const CFStringRef kSecGuestAttributeArchitecture; +extern const CFStringRef kSecGuestAttributeSubarchitecture; + +#if TARGET_OS_OSX /*! @function SecCodeCopyGuestWithAttributes This is the omnibus API function for obtaining dynamic code references. @@ -175,17 +184,10 @@ OSStatus SecCodeCopyHost(SecCodeRef guest, SecCSFlags flags, SecCodeRef * __nonn @error errSecCSMultipleGuests The attributes specified do not uniquely identify a guest (the specification is ambiguous). */ -extern const CFStringRef kSecGuestAttributeCanonical; -extern const CFStringRef kSecGuestAttributeHash; -extern const CFStringRef kSecGuestAttributeMachPort; -extern const CFStringRef kSecGuestAttributePid; -extern const CFStringRef kSecGuestAttributeDynamicCode; -extern const CFStringRef kSecGuestAttributeDynamicCodeInfoPlist; -extern const CFStringRef kSecGuestAttributeArchitecture; -extern const CFStringRef kSecGuestAttributeSubarchitecture; OSStatus SecCodeCopyGuestWithAttributes(SecCodeRef __nullable host, CFDictionaryRef __nullable attributes, SecCSFlags flags, SecCodeRef * __nonnull CF_RETURNS_RETAINED guest); +#endif // TARGET_OS_OSX /*! @@ -201,6 +203,30 @@ OSStatus SecCodeCopyGuestWithAttributes(SecCodeRef __nullable host, This call is secure against attempts to modify the file system source of the SecCode. + @param code The code object to be validated. + @param flags Optional flags. Pass kSecCSDefaultFlags for standard behavior. + @param requirement An optional code requirement specifying additional conditions + the code object must satisfy to be considered valid. If NULL, no additional + requirements are imposed. + @result If validation passes, errSecSuccess. If validation fails, an OSStatus value + documented in CSCommon.h or certain other Security framework headers. +*/ +OSStatus SecCodeCheckValidity(SecCodeRef code, SecCSFlags flags, + SecRequirementRef __nullable requirement); + +/*! + @function SecCodeCheckValidityWifErrors + Performs dynamic validation of the given SecCode object. The call obtains and + verifies the signature on the code object. It checks the validity of only those + sealed components required to establish identity. It checks the SecCode's + dynamic validity status as reported by its host. It ensures that the SecCode's + host is in turn valid. Finally, it validates the code against a SecRequirement + if one is given. The call succeeds if all these conditions are satisfactory. + It fails otherwise. + + This call is secure against attempts to modify the file system source of the + SecCode. + @param code The code object to be validated. @param flags Optional flags. Pass kSecCSDefaultFlags for standard behavior. @param requirement An optional code requirement specifying additional conditions @@ -213,9 +239,6 @@ OSStatus SecCodeCopyGuestWithAttributes(SecCodeRef __nullable host, @result If validation passes, errSecSuccess. If validation fails, an OSStatus value documented in CSCommon.h or certain other Security framework headers. */ -OSStatus SecCodeCheckValidity(SecCodeRef code, SecCSFlags flags, - SecRequirementRef __nullable requirement); - OSStatus SecCodeCheckValidityWithErrors(SecCodeRef code, SecCSFlags flags, SecRequirementRef __nullable requirement, CFErrorRef *errors); @@ -226,10 +249,7 @@ OSStatus SecCodeCheckValidityWithErrors(SecCodeRef code, SecCSFlags flags, code object can be found. For single files, the URL points to that file. For bundles, it points to the directory containing the entire bundle. - This returns the same URL as the kSecCodeInfoMainExecutable key returned - by SecCodeCopySigningInformation. - - @param code The Code or StaticCode object to be located. For a Code + @param staticCode The Code or StaticCode object to be located. For a Code argument, its StaticCode is processed as per SecCodeCopyStaticCode. @param flags Optional flags. Pass kSecCSDefaultFlags for standard behavior. @param path On successful return, contains a CFURL identifying the location @@ -340,7 +360,12 @@ OSStatus SecCodeCopyDesignatedRequirement(SecStaticCodeRef code, SecCSFlags flag @constant kSecCodeInfoFormat A CFString characterizing the type and format of the code. Suitable for display to a (knowledeable) user. @constant kSecCodeInfoDigestAlgorithm A CFNumber indicating the kind of cryptographic - hash function used within the signature to seal its pieces together. + hash function chosen to establish integrity of the signature on this system, which + is the best supported algorithm from kSecCodeInfoDigestAlgorithms. + @constant kSecCodeInfoDigestAlgorithms A CFArray of CFNumbers indicating the kinds of + cryptographic hash functions available within the signature. The ordering of those items + has no significance in terms of priority, but determines the order in which + the hashes appear in kSecCodeInfoCdHashes. @constant kSecCodeInfoPlatformIdentifier If this code was signed as part of an operating system release, this value identifies that release. @constant kSecCodeInfoIdentifier A CFString with the actual signing identifier @@ -388,24 +413,32 @@ OSStatus SecCodeCopyDesignatedRequirement(SecStaticCodeRef code, SecCSFlags flag remains stable across (developer-approved) updates. The algorithm used may change from time to time. However, for any existing signature, the value is stable. + @constant kSecCodeInfoCdHashes An array containing the values of the kSecCodeInfoUnique + binary identifier for every digest algorithm supported in the signature, in the same + order as in the kSecCodeInfoDigestAlgorithms array. The kSecCodeInfoUnique value + will be contained in this array, and be the one corresponding to the + kSecCodeInfoDigestAlgorithm value. */ CF_ENUM(uint32_t) { kSecCSInternalInformation = 1 << 0, kSecCSSigningInformation = 1 << 1, kSecCSRequirementInformation = 1 << 2, kSecCSDynamicInformation = 1 << 3, - kSecCSContentInformation = 1 << 4 + kSecCSContentInformation = 1 << 4, + kSecCSSkipResourceDirectory = 1 << 5, + kSecCSCalculateCMSDigest = 1 << 6, }; /* flag required to get this value */ extern const CFStringRef kSecCodeInfoCertificates; /* Signing */ extern const CFStringRef kSecCodeInfoChangedFiles; /* Content */ extern const CFStringRef kSecCodeInfoCMS; /* Signing */ extern const CFStringRef kSecCodeInfoDesignatedRequirement; /* Requirement */ -extern const CFStringRef kSecCodeInfoEntitlements; /* Requirement */ -extern const CFStringRef kSecCodeInfoEntitlementsDict; /* Requirement */ +extern const CFStringRef kSecCodeInfoEntitlements; /* generic */ +extern const CFStringRef kSecCodeInfoEntitlementsDict; /* generic */ extern const CFStringRef kSecCodeInfoFlags; /* generic */ extern const CFStringRef kSecCodeInfoFormat; /* generic */ extern const CFStringRef kSecCodeInfoDigestAlgorithm; /* generic */ +extern const CFStringRef kSecCodeInfoDigestAlgorithms; /* generic */ extern const CFStringRef kSecCodeInfoPlatformIdentifier; /* generic */ extern const CFStringRef kSecCodeInfoIdentifier; /* generic */ extern const CFStringRef kSecCodeInfoImplicitDesignatedRequirement; /* Requirement */ @@ -420,6 +453,8 @@ extern const CFStringRef kSecCodeInfoTime; /* Signing */ extern const CFStringRef kSecCodeInfoTimestamp; /* Signing */ extern const CFStringRef kSecCodeInfoTrust; /* Signing */ extern const CFStringRef kSecCodeInfoUnique; /* generic */ +extern const CFStringRef kSecCodeInfoCdHashes; /* generic */ +extern const CFStringRef kSecCodeInfoRuntimeVersion; /*generic */ OSStatus SecCodeCopySigningInformation(SecStaticCodeRef code, SecCSFlags flags, CFDictionaryRef * __nonnull CF_RETURNS_RETAINED information);