X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/e3d460c9de4426da6c630c3ae3f46173a99f82d8..7e6b461318c8a779d91381531435a68ee4e8b6ed:/OSX/libsecurity_codesigning/lib/CSCommon.h

diff --git a/OSX/libsecurity_codesigning/lib/CSCommon.h b/OSX/libsecurity_codesigning/lib/CSCommon.h
index be1be0fd..d3a6bb18 100644
--- a/OSX/libsecurity_codesigning/lib/CSCommon.h
+++ b/OSX/libsecurity_codesigning/lib/CSCommon.h
@@ -84,8 +84,8 @@ CF_ENUM(OSStatus) {
 	errSecCSStaticCodeChanged =			-67034,	/* the code on disk does not match what is running */
 	errSecCSDBDenied =					-67033,	/* permission to use a database denied */
 	errSecCSDBAccess =					-67032,	/* cannot access a database */
-	errSecCSSigDBDenied = errSecCSDBDenied,
-	errSecCSSigDBAccess = errSecCSDBAccess,
+	errSecCSSigDBDenied =               -67033, /* permission to use a database denied */
+	errSecCSSigDBAccess =               -67032, /* cannot access a database */
 	errSecCSHostProtocolInvalidAttribute = -67031, /* host returned invalid or inconsistent guest attributes */
 	errSecCSInfoPlistFailed =			-67030,	/* invalid Info.plist (plist or signature have been modified) */
 	errSecCSNoMainExecutable =			-67029,	/* the code has no main executable file */
@@ -111,13 +111,21 @@ CF_ENUM(OSStatus) {
 	errSecCSBadFrameworkVersion = 		-67009, /* embedded framework contains modified or invalid version */
 	errSecCSUnsealedFrameworkRoot =		-67008, /* unsealed contents present in the root directory of an embedded framework */
 	errSecCSWeakResourceEnvelope =		-67007, /* resource envelope is obsolete (version 1 signature) */
-	errSecCSCancelled =					-67006, /* operation was terminated by explicit cancellation */
+    errSecCSCancelled =					-67006, /* operation was terminated by explicit cancelation */
 	errSecCSInvalidPlatform =			-67005,	/* invalid platform identifier or platform mismatch */
 	errSecCSTooBig =					-67004,	/* code is too big for current signing format */
 	errSecCSInvalidSymlink =			-67003,	/* invalid destination for symbolic link in bundle */
 	errSecCSNotAppLike =				-67002,	/* the code is valid but does not seem to be an app */
 	errSecCSBadDiskImageFormat =		-67001,	/* disk image format unrecognized, invalid, or unsuitable */
-	errSecCSUnsupportedDigestAlgorithm = -67000, /* signature digest algorithm(s) specified are not supported */
+	errSecCSUnsupportedDigestAlgorithm = -67000, /* a requested signature digest algorithm is not supported */
+	errSecCSInvalidAssociatedFileData =	-66999,	/* resource fork, Finder information, or similar detritus not allowed */
+	errSecCSInvalidTeamIdentifier =		-66998, /* a Team Identifier string is invalid */
+	errSecCSBadTeamIdentifier = 		-66997, /* a Team Identifier is wrong or inappropriate */
+	errSecCSSignatureUntrusted =		-66996, /* signature is valid but signer is not trusted */
+	errSecMultipleExecSegments =		-66995, /* the image contains multiple executable segments */
+	errSecCSInvalidEntitlements =		-66994, /* invalid entitlement plist */
+	errSecCSInvalidRuntimeVersion =		-66993, /* an invalid runtime version was explicitly set */
+	errSecCSRevokedNotarization =		-66992, /* notarization indicates this code has been revoked */
 };
 
 /*
@@ -135,6 +143,7 @@ extern const CFStringRef kSecCFErrorResourceSeal;	/* CFTypeRef: invalid componen
 extern const CFStringRef kSecCFErrorResourceAdded;	/* CFURLRef: unsealed resource found */
 extern const CFStringRef kSecCFErrorResourceAltered; /* CFURLRef: modified resource found */
 extern const CFStringRef kSecCFErrorResourceMissing; /* CFURLRef: sealed (non-optional) resource missing */
+extern const CFStringRef kSecCFErrorResourceSideband; /* CFURLRef: sealed resource has invalid sideband data (resource fork, etc.) */
 extern const CFStringRef kSecCFErrorInfoPlist;		/* CFTypeRef: Info.plist dictionary or component thereof found invalid */
 extern const CFStringRef kSecCFErrorGuestAttributes; /* CFTypeRef: Guest attribute set of element not accepted */
 extern const CFStringRef kSecCFErrorRequirementSyntax; /* CFStringRef: compilation error for Requirement source */
@@ -200,11 +209,12 @@ CF_ENUM(SecGuestRef) {
 typedef CF_OPTIONS(uint32_t, SecCSFlags) {
     kSecCSDefaultFlags = 0,					/* no particular flags (default behavior) */
 	
-    kSecCSConsiderExpiration = 1 << 31,		/* consider expired certificates invalid */
+    kSecCSConsiderExpiration = 1U << 31,		/* consider expired certificates invalid */
     kSecCSEnforceRevocationChecks = 1 << 30,	/* force revocation checks regardless of preference settings */
     kSecCSNoNetworkAccess = 1 << 29,            /* do not use the network, cancels "kSecCSEnforceRevocationChecks"  */
 	kSecCSReportProgress = 1 << 28,			/* make progress report call-backs when configured */
     kSecCSCheckTrustedAnchors = 1 << 27, /* build certificate chain to system trust anchors, not to any self-signed certificate */
+	kSecCSQuickCheck = 1 << 26,		/* (internal) */
 };
 
 
@@ -238,6 +248,9 @@ typedef CF_OPTIONS(uint32_t, SecCSFlags) {
 	immediately	if it becomes invalid.
 	@constant kSecCodeSignatureForceExpiration
 	Forces the kSecCSConsiderExpiration flag on all validations of the code.
+	@constant kSecCodeSignatureRuntime
+	Instructs the kernel to apply runtime hardening policies as required by the
+	hardened runtime version
  */
 typedef CF_OPTIONS(uint32_t, SecCodeSignatureFlags) {
 	kSecCodeSignatureHost = 0x0001,			/* may host guest code */
@@ -248,9 +261,9 @@ typedef CF_OPTIONS(uint32_t, SecCodeSignatureFlags) {
 	kSecCodeSignatureRestrict = 0x0800, /* restrict dyld loading */
 	kSecCodeSignatureEnforcement = 0x1000, /* enforce code signing */
 	kSecCodeSignatureLibraryValidation = 0x2000, /* library validation required */
+	kSecCodeSignatureRuntime = 0x10000, /* apply runtime hardening policies */
 };
 
-
 /*!
 	@typedef SecCodeStatus
 	The code signing system attaches a set of status flags to each running code.
@@ -290,11 +303,20 @@ typedef CF_OPTIONS(uint32_t, SecCodeSignatureFlags) {
 	This bit can only be set. Code that has the kill flag set will never be dynamically invalid
 	(and live). Note however that a change in static validity does not necessarily trigger instant
 	death.
+
+	@constant kSecCodeStatusDebugged
+	Indicated that code has been debugged by another process that was allowed to do so. The debugger
+	causes this to be set when it attachs.
+
+	@constant kSecCodeStatusPlatform
+	Indicates the code is platform code, shipping with the operating system and signed by Apple.
 */
 typedef CF_OPTIONS(uint32_t, SecCodeStatus) {
-	kSecCodeStatusValid =	0x0001,
-	kSecCodeStatusHard =	0x0100,
-	kSecCodeStatusKill =	0x0200,
+	kSecCodeStatusValid     = 0x00000001,
+	kSecCodeStatusHard      = 0x00000100,
+	kSecCodeStatusKill      = 0x00000200,
+	kSecCodeStatusDebugged  = 0x10000000,
+	kSecCodeStatusPlatform  = 0x04000000,
 };
 
 
@@ -331,6 +353,7 @@ typedef CF_ENUM(uint32_t, SecCSDigestAlgorithm) {
 	kSecCodeSignatureHashSHA256						=  2,	/* SHA-256 */
 	kSecCodeSignatureHashSHA256Truncated			=  3,	/* SHA-256 truncated to first 20 bytes */
 	kSecCodeSignatureHashSHA384						=  4,	/* SHA-384 */
+    kSecCodeSignatureHashSHA512                     =  5,   /* SHA-512 */
 };
 
 CF_ASSUME_NONNULL_END