X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/80e2389990082500d76eb566d4946be3e786c3ef..d8f41ccd20de16f8ebe2ccc84d47bf1cb2b26bbb:/Security/libsecurity_codesigning/lib/SecStaticCodePriv.h diff --git a/Security/libsecurity_codesigning/lib/SecStaticCodePriv.h b/Security/libsecurity_codesigning/lib/SecStaticCodePriv.h new file mode 100644 index 00000000..c534c0e5 --- /dev/null +++ b/Security/libsecurity_codesigning/lib/SecStaticCodePriv.h @@ -0,0 +1,92 @@ +/* + * Copyright (c) 2006,2011-2012,2014 Apple Inc. All Rights Reserved. + * + * @APPLE_LICENSE_HEADER_START@ + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, + * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. + * + * @APPLE_LICENSE_HEADER_END@ + */ + +/*! + @header SecStaticCode + SecStaticCodePriv is the private counter-part to SecStaticCode. Its contents are not + official API, and are subject to change without notice. +*/ +#ifndef _H_SECSTATICCODEPRIV +#define _H_SECSTATICCODEPRIV + +#include + +#ifdef __cplusplus +extern "C" { +#endif + + +/* + @function SecCodeSetCallback + For a given Code or StaticCode object, specify a block that is invoked at certain + stages of a validation operation. The block is only invoked for validations of this + particular object. Note that validation outcomes are cached in the API object, and + repeated validations will not generally result in the same set of callbacks. + Only one callback can be active for each API object. A new call to SecCodeSetCallback + replaces the previous callback. + + @param code A Code or StaticCode object whose validation should be monitored. + @param flags Optional flags. Pass kSecCSDefaultFlags for standard behavior. + @param old A pointer to a block pointer that receives any previously registered callback. + Pass NULL if you are not interested in any previous value. + @param callback A block to be synchronously invoked at certain stages of API operation. + Pass NULL to disable callbacks for this code object. The block must be available to + be invoked, possibly repeatedly, for as long as the code object exists or it is superseded + by another call to this API, whichever happens earlier. + From your block, return NULL to continue normal operation. Return a CFTypeRef object of + suitable value for the reported stage to intervene. + */ +OSStatus SecStaticCodeSetCallback(SecStaticCodeRef code, SecCSFlags flag, SecCodeCallback *olds, SecCodeCallback callback); + + +/* + @function SecStaticCodeSetValidationConditions + Set various parameters that modify the evaluation of a signature. + This is an internal affordance used by Gatekeeper to implement checkfix evaluation. + It is not meant to be a generally useful mechanism. + + @param code A Code or StaticCode object whose validation should be modified. + @param conditions A dictionary containing one or more validation conditions. Must not be NULL. + */ +OSStatus SecStaticCodeSetValidationConditions(SecStaticCodeRef code, CFDictionaryRef conditions); + + +/* + @function SecStaticCodeCancelValidation + Ask for an ongoing static validation using this (static) code object to be cancelled as soon as feasible. + if no validation is pending, this does nothing. + Since validation is synchronous, this call must be made from another thread. + This call will return immediately. If a validation operation is terminated due to it, + it will fail with the errSecCSVetoed error. + + @param code A Code or StaticCode object whose validation should be modified. + @param flags Optional flags. Pass kSecCSDefaultFlags for standard behavior. + */ +OSStatus SecStaticCodeCancelValidation(SecStaticCodeRef code, SecCSFlags flags); + + +#ifdef __cplusplus +} +#endif + +#endif //_H_SECSTATICCODEPRIV