1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
//! This file has been automatically generated by `objc2`'s `header-translator`.
//! DO NOT EDIT
use core::ptr::NonNull;
use objc2_core_foundation::*;
use crate::*;
#[cfg(feature = "CSCommon")]
unsafe impl ConcreteType for SecStaticCode {
/// Returns the type identifier of all SecStaticCode instances.
#[doc(alias = "SecStaticCodeGetTypeID")]
#[inline]
fn type_id() -> CFTypeID {
extern "C-unwind" {
fn SecStaticCodeGetTypeID() -> CFTypeID;
}
unsafe { SecStaticCodeGetTypeID() }
}
}
#[cfg(feature = "CSCommon")]
impl SecStaticCode {
/// Given a path to a file system object, create a SecStaticCode object representing
/// the code at that location, if possible. Such a SecStaticCode is not inherently
/// linked to running code in the system.
///
/// It is possible to create a SecStaticCode object from an unsigned code object.
/// Most uses of such an object will return the errSecCSUnsigned error. However,
/// SecCodeCopyPath and SecCodeCopySigningInformation can be safely applied to such objects.
///
///
/// Parameter `path`: A path to a location in the file system. Only file:// URLs are
/// currently supported. For bundles, pass a URL to the root directory of the
/// bundle. For single files, pass a URL to the file. If you pass a URL to the
/// main executable of a bundle, the bundle as a whole will be generally recognized.
/// Caution: Paths containing embedded // or /../ within a bundle's directory
/// may cause the bundle to be misconstrued. If you expect to submit such paths,
/// first clean them with realpath(3) or equivalent.
///
/// Parameter `flags`: Optional flags. Pass kSecCSDefaultFlags for standard behavior.
///
/// Parameter `staticCode`: On successful return, contains a reference to the StaticCode object
/// representing the code at path. Unchanged on error.
///
/// Returns: Upon success, errSecSuccess. Upon error, an OSStatus value documented in
/// CSCommon.h or certain other Security framework headers.
///
/// # Safety
///
/// `static_code` must be a valid pointer.
#[doc(alias = "SecStaticCodeCreateWithPath")]
#[cfg(feature = "CSCommon")]
#[inline]
pub unsafe fn create_with_path(
path: &CFURL,
flags: SecCSFlags,
static_code: NonNull<*const SecStaticCode>,
) -> OSStatus {
extern "C-unwind" {
fn SecStaticCodeCreateWithPath(
path: &CFURL,
flags: SecCSFlags,
static_code: NonNull<*const SecStaticCode>,
) -> OSStatus;
}
unsafe { SecStaticCodeCreateWithPath(path, flags, static_code) }
}
}
extern "C" {
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeattributearchitecture?language=objc)
pub static kSecCodeAttributeArchitecture: &'static CFString;
}
extern "C" {
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeattributesubarchitecture?language=objc)
pub static kSecCodeAttributeSubarchitecture: &'static CFString;
}
extern "C" {
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeattributeuniversalfileoffset?language=objc)
pub static kSecCodeAttributeUniversalFileOffset: &'static CFString;
}
extern "C" {
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeattributebundleversion?language=objc)
pub static kSecCodeAttributeBundleVersion: &'static CFString;
}
#[cfg(feature = "CSCommon")]
impl SecStaticCode {
/// Given a path to a file system object, create a SecStaticCode object representing
/// the code at that location, if possible. Such a SecStaticCode is not inherently
/// linked to running code in the system.
///
/// It is possible to create a SecStaticCode object from an unsigned code object.
/// Most uses of such an object will return the errSecCSUnsigned error. However,
/// SecCodeCopyPath and SecCodeCopySigningInformation can be safely applied to such objects.
///
///
/// Parameter `path`: A path to a location in the file system. Only file:// URLs are
/// currently supported. For bundles, pass a URL to the root directory of the
/// bundle. For single files, pass a URL to the file. If you pass a URL to the
/// main executable of a bundle, the bundle as a whole will be generally recognized.
/// Caution: Paths containing embedded // or /../ within a bundle's directory
/// may cause the bundle to be misconstrued. If you expect to submit such paths,
/// first clean them with realpath(3) or equivalent.
///
/// Parameter `flags`: Optional flags. Pass kSecCSDefaultFlags for standard behavior.
///
/// Parameter `attributes`: A CFDictionary containing additional attributes of the code sought.
///
/// Parameter `staticCode`: On successful return, contains a reference to the StaticCode object
/// representing the code at path. Unchanged on error.
///
/// Returns: Upon success, errSecSuccess. Upon error, an OSStatus value documented in
/// CSCommon.h or certain other Security framework headers.
///
///
/// This can be a CFString containing a canonical architecture name ("i386" etc.), or a CFNumber
/// specifying an architecture numerically (see mach/machine.h). This key is ignored if the code
/// is not in Mach-O binary form. If the code is Mach-O but not universal ("thin"), the architecture
/// specified must agree with the actual file contents.
///
/// (using the kSecCodeAttributeArchitecture key), specifies any sub-architecture by number.
/// This key is ignored if no main architecture is specified; if it is specified by name; or
/// if the code is not in Mach-O form.
///
///
/// then select the specified framework version. This key is otherwise ignored.
///
/// # Safety
///
/// - `attributes` generics must be of the correct type.
/// - `static_code` must be a valid pointer.
#[doc(alias = "SecStaticCodeCreateWithPathAndAttributes")]
#[cfg(feature = "CSCommon")]
#[inline]
pub unsafe fn create_with_path_and_attributes(
path: &CFURL,
flags: SecCSFlags,
attributes: &CFDictionary,
static_code: NonNull<*const SecStaticCode>,
) -> OSStatus {
extern "C-unwind" {
fn SecStaticCodeCreateWithPathAndAttributes(
path: &CFURL,
flags: SecCSFlags,
attributes: &CFDictionary,
static_code: NonNull<*const SecStaticCode>,
) -> OSStatus;
}
unsafe { SecStaticCodeCreateWithPathAndAttributes(path, flags, attributes, static_code) }
}
}
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccscheckallarchitectures?language=objc)
pub const kSecCSCheckAllArchitectures: u32 = 1;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsdonotvalidateexecutable?language=objc)
pub const kSecCSDoNotValidateExecutable: u32 = 2;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsdonotvalidateresources?language=objc)
pub const kSecCSDoNotValidateResources: u32 = 4;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsbasicvalidateonly?language=objc)
pub const kSecCSBasicValidateOnly: u32 = 6;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccschecknestedcode?language=objc)
pub const kSecCSCheckNestedCode: u32 = 8;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsstrictvalidate?language=objc)
pub const kSecCSStrictValidate: u32 = 16;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsfullreport?language=objc)
pub const kSecCSFullReport: u32 = 32;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccscheckgatekeeperarchitectures?language=objc)
pub const kSecCSCheckGatekeeperArchitectures: u32 = 65;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsrestrictsymlinks?language=objc)
pub const kSecCSRestrictSymlinks: u32 = 128;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsrestricttoapplike?language=objc)
pub const kSecCSRestrictToAppLike: u32 = 256;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsrestrictsidebanddata?language=objc)
pub const kSecCSRestrictSidebandData: u32 = 512;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsusesoftwaresigningcert?language=objc)
pub const kSecCSUseSoftwareSigningCert: u32 = 1024;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsvalidatepeh?language=objc)
pub const kSecCSValidatePEH: u32 = 2048;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccssinglethreaded?language=objc)
pub const kSecCSSingleThreaded: u32 = 4096;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsallownetworkaccess?language=objc)
pub const kSecCSAllowNetworkAccess: u32 = 65536;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsfastexecutablevalidation?language=objc)
pub const kSecCSFastExecutableValidation: u32 = 131072;
#[cfg(feature = "CSCommon")]
impl SecStaticCode {
#[doc(alias = "SecStaticCodeCheckValidity")]
#[cfg(feature = "CSCommon")]
#[inline]
pub unsafe fn check_validity(
&self,
flags: SecCSFlags,
requirement: Option<&SecRequirement>,
) -> OSStatus {
extern "C-unwind" {
fn SecStaticCodeCheckValidity(
static_code: &SecStaticCode,
flags: SecCSFlags,
requirement: Option<&SecRequirement>,
) -> OSStatus;
}
unsafe { SecStaticCodeCheckValidity(self, flags, requirement) }
}
/// # Safety
///
/// `errors` must be a valid pointer or null.
#[doc(alias = "SecStaticCodeCheckValidityWithErrors")]
#[cfg(feature = "CSCommon")]
#[inline]
pub unsafe fn check_validity_with_errors(
&self,
flags: SecCSFlags,
requirement: Option<&SecRequirement>,
errors: *mut *mut CFError,
) -> OSStatus {
extern "C-unwind" {
fn SecStaticCodeCheckValidityWithErrors(
static_code: &SecStaticCode,
flags: SecCSFlags,
requirement: Option<&SecRequirement>,
errors: *mut *mut CFError,
) -> OSStatus;
}
unsafe { SecStaticCodeCheckValidityWithErrors(self, flags, requirement, errors) }
}
}
extern "C-unwind" {
#[cfg(feature = "CSCommon")]
#[deprecated = "renamed to `SecStaticCode::create_with_path`"]
pub fn SecStaticCodeCreateWithPath(
path: &CFURL,
flags: SecCSFlags,
static_code: NonNull<*const SecStaticCode>,
) -> OSStatus;
}
extern "C-unwind" {
#[cfg(feature = "CSCommon")]
#[deprecated = "renamed to `SecStaticCode::create_with_path_and_attributes`"]
pub fn SecStaticCodeCreateWithPathAndAttributes(
path: &CFURL,
flags: SecCSFlags,
attributes: &CFDictionary,
static_code: NonNull<*const SecStaticCode>,
) -> OSStatus;
}
extern "C-unwind" {
#[cfg(feature = "CSCommon")]
#[deprecated = "renamed to `SecStaticCode::check_validity`"]
pub fn SecStaticCodeCheckValidity(
static_code: &SecStaticCode,
flags: SecCSFlags,
requirement: Option<&SecRequirement>,
) -> OSStatus;
}
extern "C-unwind" {
#[cfg(feature = "CSCommon")]
#[deprecated = "renamed to `SecStaticCode::check_validity_with_errors`"]
pub fn SecStaticCodeCheckValidityWithErrors(
static_code: &SecStaticCode,
flags: SecCSFlags,
requirement: Option<&SecRequirement>,
errors: *mut *mut CFError,
) -> OSStatus;
}