X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..dd5fb164cf5b32c462296bc65e289e100f74b59a:/OSX/libsecurity_codesigning/lib/CSCommonPriv.h

diff --git a/OSX/libsecurity_codesigning/lib/CSCommonPriv.h b/OSX/libsecurity_codesigning/lib/CSCommonPriv.h
index a03ac61d..d527dd37 100644
--- a/OSX/libsecurity_codesigning/lib/CSCommonPriv.h
+++ b/OSX/libsecurity_codesigning/lib/CSCommonPriv.h
@@ -87,29 +87,21 @@ enum {
 	kSecCodeMagicByte = 0xfa					/* shared first byte */
 };
 
-
 /*!
-	Types of cryptographic digests (hashes) used to hold code signatures
-	together.
-
-	Each combination of type, length, and other parameters is a separate
-	hash type; we don't understand "families" here.
-
-	These type codes govern the digest links that connect a CodeDirectory
-	to its subordinate data structures (code pages, resources, etc.)
-	They do not directly control other uses of hashes (such as the
-	hash-of-CodeDirectory identifiers used in requirements).
+ @typedef SecCodeExecSegFlags
  */
-enum {
-	kSecCodeSignatureNoHash							=  0,	/* null value */
-	kSecCodeSignatureHashSHA1						=  1,	/* SHA-1 */
-	kSecCodeSignatureHashSHA256						=  2,	/* SHA-256 */
-	kSecCodeSignatureHashSHA256Truncated			=  3,	/* SHA-256 truncated to first 20 bytes */
-	
-	kSecCodeSignatureDefaultDigestAlgorithm = kSecCodeSignatureHashSHA1
+typedef CF_OPTIONS(uint32_t, SecCodeExecSegFlags) {
+	kSecCodeExecSegMainBinary = 0x0001,		/* exec seg belongs to main binary */
+
+	// Entitlements
+	kSecCodeExecSegAllowUnsigned = 0x0010,	/* allow unsigned pages (for debugging) */
+	kSecCodeExecSegDebugger = 0x0020,		/* main binary is debugger */
+	kSecCodeExecSegJit = 0x0040,			/* JIT enabled */
+	kSecCodeExecSegSkipLibraryVal = 0x0080,	/* skip library validation */
+	kSecCodeExecSegCanLoadCdHash = 0x0100,	/* can bless cdhash for execution */
+	kSecCodeExecSegCanExecCdHash = 0x0200,	/* can execute blessed cdhash */
 };
 	
-	
 /*
 	The current (fixed) size of a cdhash in the system.
  */