X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/fa7225c82381bac4432a6edf16f53b5370238d85..bf028f67fd3bb2266df81b80fb6f25a77112e308:/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp?ds=inline

diff --git a/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp b/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp
index 7d83ce7a..7e09f760 100644
--- a/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp
+++ b/OSX/libsecurity_codesigning/lib/SecCodeSigner.cpp
@@ -59,6 +59,14 @@ const CFStringRef kSecCodeSignerTimestampOmitCertificates =	CFSTR("timestamp-omi
 const CFStringRef kSecCodeSignerPreserveMetadata = CFSTR("preserve-metadata");
 const CFStringRef kSecCodeSignerTeamIdentifier =	CFSTR("teamidentifier");
 const CFStringRef kSecCodeSignerPlatformIdentifier = CFSTR("platform-identifier");
+const CFStringRef kSecCodeSignerRuntimeVersion = CFSTR("runtime-version");
+const CFStringRef kSecCodeSignerPreserveAFSC = 	CFSTR("preserve-afsc");
+const CFStringRef kSecCodeSignerOmitAdhocFlag =	CFSTR("omit-adhoc-flag");
+
+// Keys for signature editing
+const CFStringRef kSecCodeSignerEditCpuType = 	CFSTR("edit-cpu-type");
+const CFStringRef kSecCodeSignerEditCpuSubtype = CFSTR("edit-cpu-subtype");
+const CFStringRef kSecCodeSignerEditCMS = 		CFSTR("edit-cms");
 
 
 
@@ -82,14 +90,17 @@ OSStatus SecCodeSignerCreate(CFDictionaryRef parameters, SecCSFlags flags,
 	BEGIN_CSAPI
 		
 	checkFlags(flags,
-		  kSecCSRemoveSignature
+		  kSecCSEditSignature
+		| kSecCSRemoveSignature
 		| kSecCSSignPreserveSignature
 		| kSecCSSignNestedCode
 		| kSecCSSignOpaque
 		| kSecCSSignV1
 		| kSecCSSignNoV1
 		| kSecCSSignBundleRoot
-		| kSecCSSignStrictPreflight);
+		| kSecCSSignStrictPreflight
+        | kSecCSSignGeneratePEH
+		| kSecCSSignGenerateEntitlementDER);
 	SecPointer<SecCodeSigner> signer = new SecCodeSigner(flags);
 	signer->parameters(parameters);
 	CodeSigning::Required(signerRef) = signer->handle();