#include "cs.h"
#include "CodeSigner.h"
#include "cskernel.h"
using namespace CodeSigning;
const CFStringRef kSecCodeSignerApplicationData = CFSTR("application-specific");
const CFStringRef kSecCodeSignerDetached = CFSTR("detached");
const CFStringRef kSecCodeSignerDigestAlgorithm = CFSTR("digest-algorithm");
const CFStringRef kSecCodeSignerDryRun = CFSTR("dryrun");
const CFStringRef kSecCodeSignerEntitlements = CFSTR("entitlements");
const CFStringRef kSecCodeSignerFlags = CFSTR("flags");
const CFStringRef kSecCodeSignerIdentifier = CFSTR("identifier");
const CFStringRef kSecCodeSignerIdentifierPrefix = CFSTR("identifier-prefix");
const CFStringRef kSecCodeSignerIdentity = CFSTR("signer");
const CFStringRef kSecCodeSignerPageSize = CFSTR("pagesize");
const CFStringRef kSecCodeSignerRequirements = CFSTR("requirements");
const CFStringRef kSecCodeSignerResourceRules = CFSTR("resource-rules");
const CFStringRef kSecCodeSignerSDKRoot = CFSTR("sdkroot");
const CFStringRef kSecCodeSignerSigningTime = CFSTR("signing-time");
const CFStringRef kSecCodeSignerRequireTimestamp = CFSTR("timestamp-required");
const CFStringRef kSecCodeSignerTimestampServer = CFSTR("timestamp-url");
const CFStringRef kSecCodeSignerTimestampAuthentication = CFSTR("timestamp-authentication");
const CFStringRef kSecCodeSignerTimestampOmitCertificates = CFSTR("timestamp-omit-certificates");
const CFStringRef kSecCodeSignerPreserveMetadata = CFSTR("preserve-metadata");
const CFStringRef kSecCodeSignerTeamIdentifier = CFSTR("teamidentifier");
const CFStringRef kSecCodeSignerPlatformIdentifier = CFSTR("platform-identifier");
const CFStringRef kSecCodeSignerRuntimeVersion = CFSTR("runtime-version");
const CFStringRef kSecCodeSignerPreserveAFSC = CFSTR("preserve-afsc");
const CFStringRef kSecCodeSignerOmitAdhocFlag = CFSTR("omit-adhoc-flag");
const CFStringRef kSecCodeSignerEditCpuType = CFSTR("edit-cpu-type");
const CFStringRef kSecCodeSignerEditCpuSubtype = CFSTR("edit-cpu-subtype");
const CFStringRef kSecCodeSignerEditCMS = CFSTR("edit-cms");
CFTypeID SecCodeSignerGetTypeID(void)
{
BEGIN_CSAPI
return gCFObjects().CodeSigner.typeID;
END_CSAPI1(_kCFRuntimeNotATypeID)
}
OSStatus SecCodeSignerCreate(CFDictionaryRef parameters, SecCSFlags flags,
SecCodeSignerRef *signerRef)
{
BEGIN_CSAPI
checkFlags(flags,
kSecCSEditSignature
| kSecCSRemoveSignature
| kSecCSSignPreserveSignature
| kSecCSSignNestedCode
| kSecCSSignOpaque
| kSecCSSignV1
| kSecCSSignNoV1
| kSecCSSignBundleRoot
| kSecCSSignStrictPreflight
| kSecCSSignGeneratePEH
| kSecCSSignGenerateEntitlementDER);
SecPointer<SecCodeSigner> signer = new SecCodeSigner(flags);
signer->parameters(parameters);
CodeSigning::Required(signerRef) = signer->handle();
END_CSAPI
}
OSStatus SecCodeSignerAddSignature(SecCodeSignerRef signerRef,
SecStaticCodeRef codeRef, SecCSFlags flags)
{
return SecCodeSignerAddSignatureWithErrors(signerRef, codeRef, flags, NULL);
}
OSStatus SecCodeSignerAddSignatureWithErrors(SecCodeSignerRef signerRef,
SecStaticCodeRef codeRef, SecCSFlags flags, CFErrorRef *errors)
{
BEGIN_CSAPI
checkFlags(flags,
kSecCSReportProgress
);
SecCodeSigner::required(signerRef)->sign(SecStaticCode::required(codeRef), flags);
END_CSAPI_ERRORS
}