objc2_security

Struct SecCode

Source 
#[repr(C)]
pub struct SecCode { /* private fields */ }
Available on crate feature CSCommon only.
Expand description

This is the type of a reference to running code.

In many (but not all) calls, this can be passed to a SecStaticCodeRef argument, which performs an implicit SecCodeCopyStaticCode call and operates on the result.

See also Apple’s documentation

Implementations§

Source§

impl SecCode

Source

pub unsafe fn copy_self(flags: SecCSFlags, self_: NonNull<*mut SecCode>) -> i32

Available on crate feature SecCode only.

Obtains a SecCode object for the code making the call. The calling code is determined in a way that is subject to modification over time, but obeys the following rules. If it is a UNIX process, its process id (pid) is always used.

Parameter flags: Optional flags. Pass kSecCSDefaultFlags for standard behavior.

Parameter self: Upon successful return, contains a SecCodeRef representing the caller.

Returns: Upon success, errSecSuccess. Upon error, an OSStatus value documented in CSCommon.h or certain other Security framework headers.

Source§

impl SecCode

Source

pub unsafe fn copy_static_code( self: &SecCode, flags: SecCSFlags, static_code: NonNull<*const SecStaticCode>, ) -> i32

Available on crate feature SecCode only.
Source

pub unsafe fn copy_host( self: &SecCode, flags: SecCSFlags, host: NonNull<*mut SecCode>, ) -> i32

Available on crate feature SecCode only.

Given a SecCode object, identify the (different) SecCode object that acts as its host. A SecCode’s host acts as a supervisor and controller, and is the ultimate authority on the its dynamic validity and status. The host relationship is securely established (absent reported errors).

Parameter guest: A valid SecCode object reference representing code running on the system.

Parameter flags: Optional flags. Pass kSecCSDefaultFlags for standard behavior.

Parameter host: On successful return, a SecCode object reference identifying the code’s host.

Returns: Upon success, errSecSuccess. Upon error, an OSStatus value documented in CSCommon.h or certain other Security framework headers.

Source§

impl SecCode

Source

pub unsafe fn copy_guest_with_attributes( host: Option<&SecCode>, attributes: Option<&CFDictionary>, flags: SecCSFlags, guest: NonNull<*mut SecCode>, ) -> i32

Available on crate feature SecCode only.

This is the omnibus API function for obtaining dynamic code references. In general, it asks a particular code acting as a code host to locate and return a guest with given attributes. Different hosts support different combinations of attributes and values for guest selection.

Asking the NULL host invokes system default procedures for obtaining any running code in the system with the attributes given. The returned code may be anywhere in the system.

The methods a host uses to identify, separate, and control its guests are specific to each type of host. This call provides a generic abstraction layer that allows uniform interrogation of all hosts. A SecCode that does not act as a host will always return errSecCSNoSuchCode. A SecCode that does support hosting may return itself to signify that the attribute refers to itself rather than one of its hosts.

Parameter host: A valid SecCode object reference representing code running on the system that acts as a Code Signing host. As a special case, passing NULL indicates that the Code Signing root of trust should be used as a starting point. Currently, that is the system kernel.

Parameter attributes: A CFDictionary containing zero or more attribute selector values. Each selector has a CFString key and associated CFTypeRef value. The key name identifies the attribute being specified; the associated value, whose type depends on the the key name, selects a particular value or other constraint on that attribute. Each host only supports particular combinations of keys and values, and errors will be returned if any unsupported set is requested. As a special case, NULL is taken to mean an empty attribute set. Note that some hosts that support hosting chains (guests being hosts) may return sub-guests in this call. In other words, do not assume that a SecCodeRef returned by this call is a direct guest of the queried host (though it will be a proximate guest, i.e. a guest’s guest some way down). Asking the NULL host for NULL attributes returns a code reference for the system root of trust (at present, the running Darwin kernel).

Parameter flags: Optional flags. Pass kSecCSDefaultFlags for standard behavior.

Parameter guest: On successful return, a SecCode object reference identifying the particular guest of the host that owns the attribute value(s) specified. This argument will not be changed if the call fails (does not return errSecSuccess).

Returns: Upon success, errSecSuccess. Upon error, an OSStatus value documented in CSCommon.h or certain other Security framework headers. In particular: errSecCSUnsupportedGuestAttributes The host does not support the attribute type given by attributeType. errSecCSInvalidAttributeValues The type of value given for a guest attribute is not supported by the host. errSecCSNoSuchCode The host has no guest with the attribute value given by attributeValue, even though the value is of a supported type. This may also be returned if the host code does not currently act as a Code Signing host. errSecCSNotAHost The specified host cannot, in fact, act as a code host. (It is missing the kSecCodeSignatureHost option flag in its code signature.) errSecCSMultipleGuests The attributes specified do not uniquely identify a guest (the specification is ambiguous).

Source

pub unsafe fn check_validity( self: &SecCode, flags: SecCSFlags, requirement: Option<&SecRequirement>, ) -> i32

Available on crate feature SecCode only.

Performs dynamic validation of the given SecCode object. The call obtains and verifies the signature on the code object. It checks the validity of only those sealed components required to establish identity. It checks the SecCode’s dynamic validity status as reported by its host. It ensures that the SecCode’s host is in turn valid. Finally, it validates the code against a SecRequirement if one is given. The call succeeds if all these conditions are satisfactory. It fails otherwise.

This call is secure against attempts to modify the file system source of the SecCode.

Parameter code: The code object to be validated.

Parameter flags: Optional flags. Pass kSecCSDefaultFlags for standard behavior.

Parameter requirement: An optional code requirement specifying additional conditions the code object must satisfy to be considered valid. If NULL, no additional requirements are imposed.

Returns: If validation passes, errSecSuccess. If validation fails, an OSStatus value documented in CSCommon.h or certain other Security framework headers.

Source

pub unsafe fn check_validity_with_errors( self: &SecCode, flags: SecCSFlags, requirement: Option<&SecRequirement>, errors: *mut *mut CFError, ) -> i32

Available on crate feature SecCode only.

Performs dynamic validation of the given SecCode object. The call obtains and verifies the signature on the code object. It checks the validity of only those sealed components required to establish identity. It checks the SecCode’s dynamic validity status as reported by its host. It ensures that the SecCode’s host is in turn valid. Finally, it validates the code against a SecRequirement if one is given. The call succeeds if all these conditions are satisfactory. It fails otherwise.

This call is secure against attempts to modify the file system source of the SecCode.

Parameter code: The code object to be validated.

Parameter flags: Optional flags. Pass kSecCSDefaultFlags for standard behavior.

Parameter requirement: An optional code requirement specifying additional conditions the code object must satisfy to be considered valid. If NULL, no additional requirements are imposed.

Parameter errors: An optional pointer to a CFErrorRef variable. If the call fails (and something other than errSecSuccess is returned), and this argument is non-NULL, a CFErrorRef is stored there further describing the nature and circumstances of the failure. The caller must CFRelease() this error object when done with it.

Returns: If validation passes, errSecSuccess. If validation fails, an OSStatus value documented in CSCommon.h or certain other Security framework headers.

Source

pub unsafe fn validate_file_resource( code: &SecStaticCode, relative_path: &CFString, file_data: &CFData, flags: SecCSFlags, ) -> i32

Available on crate feature SecCode only.

For a SecStaticCodeRef, check that a given CFData object faithfully represents a plain-file resource in its resource seal. This call will fail if the file is missing in the bundle, even if it is optional.

Parameter code: A code or StaticCode object.

Parameter relativePath: A CFStringRef containing the relative path to a sealed resource file. This path is relative to the resource base, which is either Contents or the bundle root, depending on bundle format.

Parameter fileData: A CFDataRef containing the exact contents of that resource file.

Parameter flags: Pass kSecCSDefaultFlags.

Returns: noErr if fileData is the exact content of the file at relativePath at the time it was signed. Various error codes if it is different, there was no such file, it was not a plain file, or anything is irregular.

Source

pub unsafe fn copy_path( static_code: &SecStaticCode, flags: SecCSFlags, path: NonNull<*const CFURL>, ) -> i32

Available on crate feature SecCode only.

For a given Code or StaticCode object, returns a URL to a location on disk where the code object can be found. For single files, the URL points to that file. For bundles, it points to the directory containing the entire bundle.

Parameter staticCode: The Code or StaticCode object to be located. For a Code argument, its StaticCode is processed as per SecCodeCopyStaticCode.

Parameter flags: Optional flags. Pass kSecCSDefaultFlags for standard behavior.

Parameter path: On successful return, contains a CFURL identifying the location on disk of the staticCode object.

Returns: On success, errSecSuccess. On error, an OSStatus value documented in CSCommon.h or certain other Security framework headers.

Source

pub unsafe fn copy_designated_requirement( code: &SecStaticCode, flags: SecCSFlags, requirement: NonNull<*mut SecRequirement>, ) -> i32

Available on crate feature SecCode only.

For a given Code or StaticCode object, determines its Designated Code Requirement. The Designated Requirement is the SecRequirement that the code believes should be used to properly identify it in the future.

If the SecCode contains an explicit Designated Requirement, a copy of that is returned. If it does not, a SecRequirement is implicitly constructed from its signing authority and its embedded unique identifier. No Designated Requirement can be obtained from code that is unsigned. Code that is modified after signature, improperly signed, or has become invalid, may or may not yield a Designated Requirement. This call does not validate the SecStaticCode argument.

Parameter code: The Code or StaticCode object to be interrogated. For a Code argument, its StaticCode is processed as per SecCodeCopyStaticCode.

Parameter flags: Optional flags. Pass kSecCSDefaultFlags for standard behavior.

Parameter requirement: On successful return, contains a copy of a SecRequirement object representing the code’s Designated Requirement. On error, unchanged.

Returns: On success, errSecSuccess. On error, an OSStatus value documented in CSCommon.h or certain other Security framework headers.

Source§

impl SecCode

Source

pub unsafe fn copy_signing_information( code: &SecStaticCode, flags: SecCSFlags, information: NonNull<*const CFDictionary>, ) -> i32

Available on crate feature SecCode only.
Source

pub unsafe fn map_memory(code: &SecStaticCode, flags: SecCSFlags) -> i32

Available on crate feature SecCode only.

Methods from Deref<Target = CFType>§

Source

pub fn downcast_ref<T>(&self) -> Option<&T>
where T: ConcreteType,

Available on crate feature SecCustomTransform only.

Attempt to downcast the type to that of type T.

This is the reference-variant. Use CFRetained::downcast if you want to convert a retained type. See also ConcreteType for more details on which types support being converted to.

Source

pub fn retain_count(&self) -> usize

Available on crate feature SecCustomTransform only.

Get the reference count of the object.

This function may be useful for debugging. You normally do not use this function otherwise.

Beware that some things (like CFNumbers, small CFStrings etc.) may not have a normal retain count for optimization purposes, and can return usize::MAX in that case.

Trait Implementations§

Source§

impl AsRef<AnyObject> for SecCode

Source§

fn as_ref(&self) -> &AnyObject

Converts this type into a shared reference of the (usually inferred) input type.
Source§

impl AsRef<CFType> for SecCode

Source§

fn as_ref(&self) -> &CFType

Converts this type into a shared reference of the (usually inferred) input type.
Source§

impl AsRef<SecCode> for SecCode

Source§

fn as_ref(&self) -> &Self

Converts this type into a shared reference of the (usually inferred) input type.
Source§

impl Borrow<AnyObject> for SecCode

Source§

fn borrow(&self) -> &AnyObject

Immutably borrows from an owned value. Read more
Source§

impl Borrow<CFType> for SecCode

Source§

fn borrow(&self) -> &CFType

Immutably borrows from an owned value. Read more
Source§

impl ConcreteType for SecCode

Available on crate feature SecCode only.
Source§

fn type_id() -> CFTypeID

Returns the type identifier of all SecCode instances.

Source§

impl Debug for SecCode

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Deref for SecCode

Source§

type Target = CFType

The resulting type after dereferencing.
Source§

fn deref(&self) -> &Self::Target

Dereferences the value.
Source§

impl Hash for SecCode

Source§

fn hash<H: Hasher>(&self, state: &mut H)

Feeds this value into the given Hasher. Read more
1.3.0 · Source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
Source§

impl Message for SecCode

Source§

fn retain(&self) -> Retained<Self>
where Self: Sized,

Increment the reference count of the receiver. Read more
Source§

impl PartialEq for SecCode

Source§

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl RefEncode for SecCode

Source§

const ENCODING_REF: Encoding

The Objective-C type-encoding for a reference of this type. Read more
Source§

impl Type for SecCode

Source§

fn retain(&self) -> CFRetained<Self>
where Self: Sized,

Increment the reference count of the receiver. Read more
Source§

fn as_concrete_TypeRef(&self) -> &Self

👎Deprecated: this is redundant
Helper for easier transition from the core-foundation crate.
Source§

unsafe fn wrap_under_get_rule(ptr: *const Self) -> CFRetained<Self>
where Self: Sized,

👎Deprecated: use CFRetained::retain
Helper for easier transition from the core-foundation crate. Read more
Source§

fn as_CFTypeRef(&self) -> &CFType
where Self: AsRef<CFType>,

👎Deprecated: this is redundant (CF types deref to CFType)
Helper for easier transition from the core-foundation crate.
Source§

unsafe fn wrap_under_create_rule(ptr: *const Self) -> CFRetained<Self>
where Self: Sized,

👎Deprecated: use CFRetained::from_raw
Helper for easier transition from the core-foundation crate. Read more
Source§

impl Eq for SecCode

Auto Trait Implementations§

§

impl !Freeze for SecCode

§

impl !RefUnwindSafe for SecCode

§

impl !Send for SecCode

§

impl !Sync for SecCode

§

impl !Unpin for SecCode

§

impl !UnwindSafe for SecCode

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<P, T> Receiver for P
where P: Deref<Target = T> + ?Sized, T: ?Sized,

Source§

type Target = T

🔬This is a nightly-only experimental API. (arbitrary_self_types)
The target type on which the method may be called.
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> AutoreleaseSafe for T
where T: ?Sized,