objc2_security/generated/

SecCode.rs

//! This file has been automatically generated by `objc2`'s `header-translator`.
//! DO NOT EDIT
use core::ptr::NonNull;
use objc2_core_foundation::*;

use crate::*;

#[cfg(feature = "CSCommon")]
unsafe impl ConcreteType for SecCode {
    /// Returns the type identifier of all SecCode instances.
    #[doc(alias = "SecCodeGetTypeID")]
    #[inline]
    fn type_id() -> CFTypeID {
        extern "C-unwind" {
            fn SecCodeGetTypeID() -> CFTypeID;
        }
        unsafe { SecCodeGetTypeID() }
    }
}

extern "C-unwind" {
    /// Obtains a SecCode object for the code making the call.
    /// The calling code is determined in a way that is subject to modification over
    /// time, but obeys the following rules. If it is a UNIX process, its process id (pid)
    /// is always used.
    ///
    ///
    /// Parameter `flags`: Optional flags. Pass kSecCSDefaultFlags for standard behavior.
    ///
    /// Parameter `self`: Upon successful return, contains a SecCodeRef representing the caller.
    ///
    ///
    /// Returns: Upon success, errSecSuccess. Upon error, an OSStatus value documented in
    /// CSCommon.h or certain other Security framework headers.
    #[cfg(feature = "CSCommon")]
    pub fn SecCodeCopySelf(flags: SecCSFlags, self_: NonNull<*mut SecCode>) -> OSStatus;
}

/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsuseallarchitectures?language=objc)
pub const kSecCSUseAllArchitectures: u32 = 1;

extern "C-unwind" {
    #[cfg(feature = "CSCommon")]
    pub fn SecCodeCopyStaticCode(
        code: &SecCode,
        flags: SecCSFlags,
        static_code: NonNull<*const SecStaticCode>,
    ) -> OSStatus;
}

extern "C-unwind" {
    /// Given a SecCode object, identify the (different) SecCode object that acts
    /// as its host. A SecCode's host acts as a supervisor and controller,
    /// and is the ultimate authority on the its dynamic validity and status.
    /// The host relationship is securely established (absent reported errors).
    ///
    ///
    /// Parameter `guest`: A valid SecCode object reference representing code running
    /// on the system.
    ///
    /// Parameter `flags`: Optional flags. Pass kSecCSDefaultFlags for standard behavior.
    ///
    /// Parameter `host`: On successful return, a SecCode object reference identifying
    /// the code's host.
    ///
    /// Returns: Upon success, errSecSuccess. Upon error, an OSStatus value documented in
    /// CSCommon.h or certain other Security framework headers.
    #[cfg(feature = "CSCommon")]
    pub fn SecCodeCopyHost(
        guest: &SecCode,
        flags: SecCSFlags,
        host: NonNull<*mut SecCode>,
    ) -> OSStatus;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/ksecguestattributecanonical?language=objc)
    pub static kSecGuestAttributeCanonical: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/ksecguestattributehash?language=objc)
    pub static kSecGuestAttributeHash: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/ksecguestattributemachport?language=objc)
    pub static kSecGuestAttributeMachPort: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/ksecguestattributepid?language=objc)
    pub static kSecGuestAttributePid: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/ksecguestattributeaudit?language=objc)
    pub static kSecGuestAttributeAudit: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/ksecguestattributedynamiccode?language=objc)
    pub static kSecGuestAttributeDynamicCode: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/ksecguestattributedynamiccodeinfoplist?language=objc)
    pub static kSecGuestAttributeDynamicCodeInfoPlist: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/ksecguestattributearchitecture?language=objc)
    pub static kSecGuestAttributeArchitecture: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/ksecguestattributesubarchitecture?language=objc)
    pub static kSecGuestAttributeSubarchitecture: &'static CFString;
}

extern "C-unwind" {
    /// This is the omnibus API function for obtaining dynamic code references.
    /// In general, it asks a particular code acting as a code host to locate
    /// and return a guest with given attributes. Different hosts support
    /// different combinations of attributes and values for guest selection.
    ///
    /// Asking the NULL host invokes system default    procedures for obtaining
    /// any running code in the system with the    attributes given. The returned
    /// code may be anywhere in the system.
    ///
    /// The methods a host uses to identify, separate, and control its guests
    /// are specific to each type of host. This call provides a generic abstraction layer
    /// that allows uniform interrogation of all hosts. A SecCode that does not
    /// act as a host will always return errSecCSNoSuchCode. A SecCode that does
    /// support hosting may return itself to signify that the attribute refers to
    /// itself rather than one of its hosts.
    ///
    ///
    /// Parameter `host`: A valid SecCode object reference representing code running
    /// on the system that acts as a Code Signing host. As a special case, passing
    /// NULL indicates that the Code Signing root of trust should be used as a starting
    /// point. Currently, that is the system kernel.
    ///
    /// Parameter `attributes`: A CFDictionary containing zero or more attribute selector
    /// values. Each selector has a CFString key and associated CFTypeRef value.
    /// The key name identifies the attribute being specified; the associated value,
    /// whose type depends on the the key name, selects a particular value or other
    /// constraint on that attribute. Each host only supports particular combinations
    /// of keys and values,    and errors will be returned if any unsupported set is requested.
    /// As a special case, NULL is taken to mean an empty attribute set.
    /// Note that some hosts that support hosting chains (guests being hosts)
    /// may return sub-guests in this call. In other words, do not assume that
    /// a SecCodeRef returned by this call is a direct guest of the queried host
    /// (though it will be a proximate guest, i.e. a guest's guest some way down).
    /// Asking the NULL host for NULL attributes returns a code reference for the system root
    /// of trust (at present, the running Darwin kernel).
    ///
    /// Parameter `flags`: Optional flags. Pass kSecCSDefaultFlags for standard behavior.
    ///
    /// Parameter `guest`: On successful return, a SecCode object reference identifying
    /// the particular guest of the host that owns the attribute value(s) specified.
    /// This argument will not be changed if the call fails (does not return errSecSuccess).
    ///
    /// Returns: Upon success, errSecSuccess. Upon error, an OSStatus value documented in
    /// CSCommon.h or certain other Security framework headers. In particular:
    /// errSecCSUnsupportedGuestAttributes The host does not support the attribute
    /// type given by attributeType.
    /// errSecCSInvalidAttributeValues The type of value given for a guest
    /// attribute is not supported by the host.
    /// errSecCSNoSuchCode The host has no guest with the attribute value given
    /// by attributeValue, even though the value is of a supported type. This may also
    /// be returned if the host code does not currently act as a Code Signing host.
    /// errSecCSNotAHost The specified host cannot, in fact, act as a code
    /// host. (It is missing the kSecCodeSignatureHost option flag in its code
    /// signature.)
    /// errSecCSMultipleGuests The attributes specified do not uniquely identify
    /// a guest (the specification is ambiguous).
    #[cfg(feature = "CSCommon")]
    pub fn SecCodeCopyGuestWithAttributes(
        host: Option<&SecCode>,
        attributes: Option<&CFDictionary>,
        flags: SecCSFlags,
        guest: NonNull<*mut SecCode>,
    ) -> OSStatus;
}

extern "C-unwind" {
    /// Performs dynamic validation of the given SecCode object. The call obtains and
    /// verifies the signature on the code object. It checks the validity of only those
    /// sealed components required to establish identity. It checks the SecCode's
    /// dynamic validity status as reported by its host. It ensures that the SecCode's
    /// host is in turn valid. Finally, it validates the code against a SecRequirement
    /// if one is given. The call succeeds if all these conditions are satisfactory.
    /// It fails otherwise.
    ///
    /// This call is secure against attempts to modify the file system source of the
    /// SecCode.
    ///
    ///
    /// Parameter `code`: The code object to be validated.
    ///
    /// Parameter `flags`: Optional flags. Pass kSecCSDefaultFlags for standard behavior.
    ///
    /// Parameter `requirement`: An optional code requirement specifying additional conditions
    /// the code object must satisfy to be considered valid. If NULL, no additional
    /// requirements are imposed.
    ///
    /// Returns: If validation passes, errSecSuccess. If validation fails, an OSStatus value
    /// documented in CSCommon.h or certain other Security framework headers.
    #[cfg(feature = "CSCommon")]
    pub fn SecCodeCheckValidity(
        code: &SecCode,
        flags: SecCSFlags,
        requirement: Option<&SecRequirement>,
    ) -> OSStatus;
}

extern "C-unwind" {
    /// Performs dynamic validation of the given SecCode object. The call obtains and
    /// verifies the signature on the code object. It checks the validity of only those
    /// sealed components required to establish identity. It checks the SecCode's
    /// dynamic validity status as reported by its host. It ensures that the SecCode's
    /// host is in turn valid. Finally, it validates the code against a SecRequirement
    /// if one is given. The call succeeds if all these conditions are satisfactory.
    /// It fails otherwise.
    ///
    /// This call is secure against attempts to modify the file system source of the
    /// SecCode.
    ///
    ///
    /// Parameter `code`: The code object to be validated.
    ///
    /// Parameter `flags`: Optional flags. Pass kSecCSDefaultFlags for standard behavior.
    ///
    /// Parameter `requirement`: An optional code requirement specifying additional conditions
    /// the code object must satisfy to be considered valid. If NULL, no additional
    /// requirements are imposed.
    ///
    /// Parameter `errors`: An optional pointer to a CFErrorRef variable. If the call fails
    /// (and something other than errSecSuccess is returned), and this argument is non-NULL,
    /// a CFErrorRef is stored there further describing the nature and circumstances
    /// of the failure. The caller must CFRelease() this error object when done with it.
    ///
    /// Returns: If validation passes, errSecSuccess. If validation fails, an OSStatus value
    /// documented in CSCommon.h or certain other Security framework headers.
    #[cfg(feature = "CSCommon")]
    pub fn SecCodeCheckValidityWithErrors(
        code: &SecCode,
        flags: SecCSFlags,
        requirement: Option<&SecRequirement>,
        errors: *mut *mut CFError,
    ) -> OSStatus;
}

extern "C-unwind" {
    /// For a SecStaticCodeRef, check that a given CFData object faithfully represents
    /// a plain-file resource in its resource seal.
    /// This call will fail if the file is missing in the bundle, even if it is optional.
    ///
    ///
    /// Parameter `code`: A code or StaticCode object.
    ///
    /// Parameter `relativePath`: A CFStringRef containing the relative path to a sealed resource
    /// file. This path is relative to the resource base, which is either Contents or
    /// the bundle root, depending on bundle format.
    ///
    /// Parameter `fileData`: A CFDataRef containing the exact contents of that resource file.
    ///
    /// Parameter `flags`: Pass kSecCSDefaultFlags.
    ///
    /// Returns: noErr if fileData is the exact content of the file at relativePath at the
    /// time it was signed. Various error codes if it is different, there was no such file,
    /// it was not a plain file, or anything is irregular.
    #[cfg(feature = "CSCommon")]
    pub fn SecCodeValidateFileResource(
        code: &SecStaticCode,
        relative_path: &CFString,
        file_data: &CFData,
        flags: SecCSFlags,
    ) -> OSStatus;
}

extern "C-unwind" {
    /// For a given Code or StaticCode object, returns a URL to a location on disk where the
    /// code object can be found. For single files, the URL points to that file.
    /// For bundles, it points to the directory containing the entire bundle.
    ///
    ///
    /// Parameter `staticCode`: The Code or StaticCode object to be located. For a Code
    /// argument, its StaticCode is processed as per SecCodeCopyStaticCode.
    ///
    /// Parameter `flags`: Optional flags. Pass kSecCSDefaultFlags for standard behavior.
    ///
    /// Parameter `path`: On successful return, contains a CFURL identifying the location
    /// on disk of the staticCode object.
    ///
    /// Returns: On success, errSecSuccess. On error, an OSStatus value
    /// documented in CSCommon.h or certain other Security framework headers.
    #[cfg(feature = "CSCommon")]
    pub fn SecCodeCopyPath(
        static_code: &SecStaticCode,
        flags: SecCSFlags,
        path: NonNull<*const CFURL>,
    ) -> OSStatus;
}

extern "C-unwind" {
    /// For a given Code or StaticCode object, determines its Designated Code Requirement.
    /// The Designated Requirement is the SecRequirement that the code believes
    /// should be used to properly identify it in the future.
    ///
    /// If the SecCode contains an explicit Designated Requirement, a copy of that
    /// is returned. If it does not, a SecRequirement is implicitly constructed from
    /// its signing authority and its embedded unique identifier. No Designated
    /// Requirement can be obtained from code that is unsigned. Code that is modified
    /// after signature, improperly signed, or has become invalid, may or may not yield
    /// a Designated Requirement. This call does not validate the SecStaticCode argument.
    ///
    ///
    /// Parameter `code`: The Code or StaticCode object to be interrogated. For a Code
    /// argument, its StaticCode is processed as per SecCodeCopyStaticCode.
    ///
    /// Parameter `flags`: Optional flags. Pass kSecCSDefaultFlags for standard behavior.
    ///
    /// Parameter `requirement`: On successful return, contains a copy of a SecRequirement
    /// object representing the code's Designated Requirement. On error, unchanged.
    ///
    /// Returns: On success, errSecSuccess. On error, an OSStatus value
    /// documented in CSCommon.h or certain other Security framework headers.
    #[cfg(feature = "CSCommon")]
    pub fn SecCodeCopyDesignatedRequirement(
        code: &SecStaticCode,
        flags: SecCSFlags,
        requirement: NonNull<*mut SecRequirement>,
    ) -> OSStatus;
}

/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsinternalinformation?language=objc)
pub const kSecCSInternalInformation: u32 = 1;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccssigninginformation?language=objc)
pub const kSecCSSigningInformation: u32 = 2;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsrequirementinformation?language=objc)
pub const kSecCSRequirementInformation: u32 = 4;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsdynamicinformation?language=objc)
pub const kSecCSDynamicInformation: u32 = 8;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccscontentinformation?language=objc)
pub const kSecCSContentInformation: u32 = 16;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccsskipresourcedirectory?language=objc)
pub const kSecCSSkipResourceDirectory: u32 = 32;
/// [Apple's documentation](https://developer.apple.com/documentation/security/kseccscalculatecmsdigest?language=objc)
pub const kSecCSCalculateCMSDigest: u32 = 64;

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfocertificates?language=objc)
    pub static kSecCodeInfoCertificates: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfochangedfiles?language=objc)
    pub static kSecCodeInfoChangedFiles: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfocms?language=objc)
    pub static kSecCodeInfoCMS: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfodesignatedrequirement?language=objc)
    pub static kSecCodeInfoDesignatedRequirement: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfoentitlements?language=objc)
    pub static kSecCodeInfoEntitlements: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfoentitlementsdict?language=objc)
    pub static kSecCodeInfoEntitlementsDict: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfoflags?language=objc)
    pub static kSecCodeInfoFlags: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfoformat?language=objc)
    pub static kSecCodeInfoFormat: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfodigestalgorithm?language=objc)
    pub static kSecCodeInfoDigestAlgorithm: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfodigestalgorithms?language=objc)
    pub static kSecCodeInfoDigestAlgorithms: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfoplatformidentifier?language=objc)
    pub static kSecCodeInfoPlatformIdentifier: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfoidentifier?language=objc)
    pub static kSecCodeInfoIdentifier: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfoimplicitdesignatedrequirement?language=objc)
    pub static kSecCodeInfoImplicitDesignatedRequirement: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfodefaultdesignatedlightweightcoderequirement?language=objc)
    pub static kSecCodeInfoDefaultDesignatedLightweightCodeRequirement: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfomainexecutable?language=objc)
    pub static kSecCodeInfoMainExecutable: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfoplist?language=objc)
    pub static kSecCodeInfoPList: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinforequirements?language=objc)
    pub static kSecCodeInfoRequirements: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinforequirementdata?language=objc)
    pub static kSecCodeInfoRequirementData: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfosource?language=objc)
    pub static kSecCodeInfoSource: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfostatus?language=objc)
    pub static kSecCodeInfoStatus: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfoteamidentifier?language=objc)
    pub static kSecCodeInfoTeamIdentifier: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfotime?language=objc)
    pub static kSecCodeInfoTime: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfotimestamp?language=objc)
    pub static kSecCodeInfoTimestamp: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfotrust?language=objc)
    pub static kSecCodeInfoTrust: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfounique?language=objc)
    pub static kSecCodeInfoUnique: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfocdhashes?language=objc)
    pub static kSecCodeInfoCdHashes: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinforuntimeversion?language=objc)
    pub static kSecCodeInfoRuntimeVersion: &'static CFString;
}

extern "C" {
    /// [Apple's documentation](https://developer.apple.com/documentation/security/kseccodeinfostaplednotarizationticket?language=objc)
    pub static kSecCodeInfoStapledNotarizationTicket: &'static CFString;
}

extern "C-unwind" {
    #[cfg(feature = "CSCommon")]
    pub fn SecCodeCopySigningInformation(
        code: &SecStaticCode,
        flags: SecCSFlags,
        information: NonNull<*const CFDictionary>,
    ) -> OSStatus;
}

extern "C-unwind" {
    #[cfg(feature = "CSCommon")]
    pub fn SecCodeMapMemory(code: &SecStaticCode, flags: SecCSFlags) -> OSStatus;
}