X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/e3d460c9de4426da6c630c3ae3f46173a99f82d8..dd5fb164cf5b32c462296bc65e289e100f74b59a:/OSX/libsecurity_codesigning/lib/CSCommon.h?ds=inline diff --git a/OSX/libsecurity_codesigning/lib/CSCommon.h b/OSX/libsecurity_codesigning/lib/CSCommon.h index be1be0fd..6aeef649 100644 --- a/OSX/libsecurity_codesigning/lib/CSCommon.h +++ b/OSX/libsecurity_codesigning/lib/CSCommon.h @@ -111,13 +111,18 @@ CF_ENUM(OSStatus) { errSecCSBadFrameworkVersion = -67009, /* embedded framework contains modified or invalid version */ errSecCSUnsealedFrameworkRoot = -67008, /* unsealed contents present in the root directory of an embedded framework */ errSecCSWeakResourceEnvelope = -67007, /* resource envelope is obsolete (version 1 signature) */ - errSecCSCancelled = -67006, /* operation was terminated by explicit cancellation */ + errSecCSCancelled = -67006, /* operation was terminated by explicit cancelation */ errSecCSInvalidPlatform = -67005, /* invalid platform identifier or platform mismatch */ errSecCSTooBig = -67004, /* code is too big for current signing format */ errSecCSInvalidSymlink = -67003, /* invalid destination for symbolic link in bundle */ errSecCSNotAppLike = -67002, /* the code is valid but does not seem to be an app */ errSecCSBadDiskImageFormat = -67001, /* disk image format unrecognized, invalid, or unsuitable */ - errSecCSUnsupportedDigestAlgorithm = -67000, /* signature digest algorithm(s) specified are not supported */ + errSecCSUnsupportedDigestAlgorithm = -67000, /* a requested signature digest algorithm is not supported */ + errSecCSInvalidAssociatedFileData = -66999, /* resource fork, Finder information, or similar detritus not allowed */ + errSecCSInvalidTeamIdentifier = -66998, /* a Team Identifier string is invalid */ + errSecCSBadTeamIdentifier = -66997, /* a Team Identifier is wrong or inappropriate */ + errSecCSSignatureUntrusted = -66996, /* signature is valid but signer is not trusted */ + errSecMultipleExecSegments = -66995, /* the image contains multiple executable segments */ }; /* @@ -135,6 +140,7 @@ extern const CFStringRef kSecCFErrorResourceSeal; /* CFTypeRef: invalid componen extern const CFStringRef kSecCFErrorResourceAdded; /* CFURLRef: unsealed resource found */ extern const CFStringRef kSecCFErrorResourceAltered; /* CFURLRef: modified resource found */ extern const CFStringRef kSecCFErrorResourceMissing; /* CFURLRef: sealed (non-optional) resource missing */ +extern const CFStringRef kSecCFErrorResourceSideband; /* CFURLRef: sealed resource has invalid sideband data (resource fork, etc.) */ extern const CFStringRef kSecCFErrorInfoPlist; /* CFTypeRef: Info.plist dictionary or component thereof found invalid */ extern const CFStringRef kSecCFErrorGuestAttributes; /* CFTypeRef: Guest attribute set of element not accepted */ extern const CFStringRef kSecCFErrorRequirementSyntax; /* CFStringRef: compilation error for Requirement source */ @@ -200,11 +206,12 @@ CF_ENUM(SecGuestRef) { typedef CF_OPTIONS(uint32_t, SecCSFlags) { kSecCSDefaultFlags = 0, /* no particular flags (default behavior) */ - kSecCSConsiderExpiration = 1 << 31, /* consider expired certificates invalid */ + kSecCSConsiderExpiration = 1U << 31, /* consider expired certificates invalid */ kSecCSEnforceRevocationChecks = 1 << 30, /* force revocation checks regardless of preference settings */ kSecCSNoNetworkAccess = 1 << 29, /* do not use the network, cancels "kSecCSEnforceRevocationChecks" */ kSecCSReportProgress = 1 << 28, /* make progress report call-backs when configured */ kSecCSCheckTrustedAnchors = 1 << 27, /* build certificate chain to system trust anchors, not to any self-signed certificate */ + kSecCSQuickCheck = 1 << 26, /* (internal) */ }; @@ -250,7 +257,6 @@ typedef CF_OPTIONS(uint32_t, SecCodeSignatureFlags) { kSecCodeSignatureLibraryValidation = 0x2000, /* library validation required */ }; - /*! @typedef SecCodeStatus The code signing system attaches a set of status flags to each running code.