X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..7e6b461318c8a779d91381531435a68ee4e8b6ed:/OSX/libsecurity_codesigning/lib/policyengine.h?ds=inline

diff --git a/OSX/libsecurity_codesigning/lib/policyengine.h b/OSX/libsecurity_codesigning/lib/policyengine.h
index 46083083..87b10df7 100644
--- a/OSX/libsecurity_codesigning/lib/policyengine.h
+++ b/OSX/libsecurity_codesigning/lib/policyengine.h
@@ -65,7 +65,7 @@ public:
 	void recordFailure(CFDictionaryRef info);
 
 public:
-	static void addAuthority(SecAssessmentFlags flags, CFMutableDictionaryRef parent, const char *label, SQLite::int64 row = 0, CFTypeRef cacheInfo = NULL, bool weak = false);
+	static void addAuthority(SecAssessmentFlags flags, CFMutableDictionaryRef parent, const char *label, SQLite::int64 row = 0, CFTypeRef cacheInfo = NULL, bool weak = false, uint64_t ruleFlags = 0);
 	static void addToAuthority(CFMutableDictionaryRef parent, CFStringRef key, CFTypeRef value);
 
 private:
@@ -88,7 +88,10 @@ private:
 	void recordOutcome(SecStaticCodeRef code, bool allow, AuthorityType type, double expires, SQLite::int64 authority);
 
 private:
-	OpaqueWhitelist mOpaqueWhitelist;
+	OpaqueWhitelist* mOpaqueWhitelist;
+	CFDictionaryRef opaqueWhitelistValidationConditionsFor(SecStaticCodeRef code);
+	bool opaqueWhiteListContains(SecStaticCodeRef code, SecAssessmentFeedback feedback, OSStatus reason);
+	void opaqueWhitelistAdd(SecStaticCodeRef code);
 
     friend class EvaluationManager;
     friend class EvaluationTask;