1/*
2 * Copyright (c) 2008,2012-2013 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24#ifndef _SECURITY_SECTASK_H_
25#define _SECURITY_SECTASK_H_
26
27#include <CoreFoundation/CoreFoundation.h>
28#include <mach/message.h>
29
30#if defined(__cplusplus)
31extern "C" {
32#endif
33
34/*!
35    @typedef SecTaskRef
36    @abstract CFType used for representing a task
37*/
38typedef struct __SecTask *SecTaskRef;
39
40/*!
41    @function SecTaskGetTypeID
42    @abstract Returns the type ID for CF instances of SecTask.
43    @result A CFTypeID for SecTask
44*/
45CFTypeID SecTaskGetTypeID(void);
46
47/*!
48    @function SecTaskCreateWithAuditToken
49    @abstract Create a SecTask object for the task that sent the mach message
50    represented by the audit token.
51    @param token The audit token of a mach message
52    @result The newly created SecTask object or NULL on error.  The caller must
53    CFRelease the returned object.
54*/
55SecTaskRef SecTaskCreateWithAuditToken(CFAllocatorRef allocator, audit_token_t token);
56
57/*!
58     @function SecTaskCreateFromSelf
59     @abstract Create a SecTask object for the current task.
60     @result The newly created SecTask object or NULL on error.  The caller must
61     CFRelease the returned object.
62 */
63SecTaskRef SecTaskCreateFromSelf(CFAllocatorRef allocator);
64
65/*!
66    @function SecTaskCopyValueForEntitlement
67    @abstract Returns the value of a single entitlement for the represented
68    task.
69    @param task A previously created SecTask object
70    @param entitlement The name of the entitlement to be fetched
71    @param error On a NULL return, this may be contain a CFError describing
72    the problem.  This argument may be NULL if the caller is not interested in
73    detailed errors.
74    @result The value of the specified entitlement for the process or NULL if
75    the entitlement value could not be retrieved.  The type of the returned
76    value will depend on the entitlement specified.  The caller must release
77    the returned object.
78    @discussion A NULL return may indicate an error, or it may indicate that
79    the entitlement is simply not present.  In the latter case, no CFError is
80    returned.
81*/
82CFTypeRef SecTaskCopyValueForEntitlement(SecTaskRef task, CFStringRef entitlement, CFErrorRef *error);
83
84/*!
85    @function SecTaskCopyValuesForEntitlements
86    @abstract Returns the values of multiple entitlements for the represented
87    task.
88    @param task A previously created SecTask object
89    @param entitlements An array of entitlement names to be fetched
90    @param error On a NULL return, this will contain a CFError describing
91    the problem.  This argument may be NULL if the caller is not interested in
92    detailed errors.  If a requested entitlement is not present for the
93    returned dictionary, the entitlement is not set on the task.  The caller
94    must CFRelease the returned value
95*/
96CFDictionaryRef SecTaskCopyValuesForEntitlements(SecTaskRef task, CFArrayRef entitlements, CFErrorRef *error);
97
98/*!
99    @function SecTaskCopySigningIdentifier
100    @abstract Return the value of the codesigning identifier.
101    @param task A previously created SecTask object
102    @param error On a NULL return, this will contain a CFError describing
103    the problem.  This argument may be NULL if the caller is not interested in
104    detailed errors. The caller must CFRelease the returned value
105*/
106CFStringRef SecTaskCopySigningIdentifier(SecTaskRef task, CFErrorRef *error);
107
108#if defined(__cplusplus)
109}
110#endif
111
112#endif /* !_SECURITY_SECTASK_H_ */
113