1/* 2 * Copyright (c) 2008,2012-2013 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24#ifndef _SECURITY_SECTASK_H_ 25#define _SECURITY_SECTASK_H_ 26 27#include <CoreFoundation/CoreFoundation.h> 28#include <mach/message.h> 29 30#if defined(__cplusplus) 31extern "C" { 32#endif 33 34/*! 35 @typedef SecTaskRef 36 @abstract CFType used for representing a task 37*/ 38typedef struct __SecTask *SecTaskRef; 39 40/*! 41 @function SecTaskGetTypeID 42 @abstract Returns the type ID for CF instances of SecTask. 43 @result A CFTypeID for SecTask 44*/ 45CFTypeID SecTaskGetTypeID(void); 46 47/*! 48 @function SecTaskCreateWithAuditToken 49 @abstract Create a SecTask object for the task that sent the mach message 50 represented by the audit token. 51 @param token The audit token of a mach message 52 @result The newly created SecTask object or NULL on error. The caller must 53 CFRelease the returned object. 54*/ 55SecTaskRef SecTaskCreateWithAuditToken(CFAllocatorRef allocator, audit_token_t token); 56 57/*! 58 @function SecTaskCreateFromSelf 59 @abstract Create a SecTask object for the current task. 60 @result The newly created SecTask object or NULL on error. The caller must 61 CFRelease the returned object. 62 */ 63SecTaskRef SecTaskCreateFromSelf(CFAllocatorRef allocator); 64 65/*! 66 @function SecTaskCopyValueForEntitlement 67 @abstract Returns the value of a single entitlement for the represented 68 task. 69 @param task A previously created SecTask object 70 @param entitlement The name of the entitlement to be fetched 71 @param error On a NULL return, this may be contain a CFError describing 72 the problem. This argument may be NULL if the caller is not interested in 73 detailed errors. 74 @result The value of the specified entitlement for the process or NULL if 75 the entitlement value could not be retrieved. The type of the returned 76 value will depend on the entitlement specified. The caller must release 77 the returned object. 78 @discussion A NULL return may indicate an error, or it may indicate that 79 the entitlement is simply not present. In the latter case, no CFError is 80 returned. 81*/ 82CFTypeRef SecTaskCopyValueForEntitlement(SecTaskRef task, CFStringRef entitlement, CFErrorRef *error); 83 84/*! 85 @function SecTaskCopyValuesForEntitlements 86 @abstract Returns the values of multiple entitlements for the represented 87 task. 88 @param task A previously created SecTask object 89 @param entitlements An array of entitlement names to be fetched 90 @param error On a NULL return, this will contain a CFError describing 91 the problem. This argument may be NULL if the caller is not interested in 92 detailed errors. If a requested entitlement is not present for the 93 returned dictionary, the entitlement is not set on the task. The caller 94 must CFRelease the returned value 95*/ 96CFDictionaryRef SecTaskCopyValuesForEntitlements(SecTaskRef task, CFArrayRef entitlements, CFErrorRef *error); 97 98/*! 99 @function SecTaskCopySigningIdentifier 100 @abstract Return the value of the codesigning identifier. 101 @param task A previously created SecTask object 102 @param error On a NULL return, this will contain a CFError describing 103 the problem. This argument may be NULL if the caller is not interested in 104 detailed errors. The caller must CFRelease the returned value 105*/ 106CFStringRef SecTaskCopySigningIdentifier(SecTaskRef task, CFErrorRef *error); 107 108#if defined(__cplusplus) 109} 110#endif 111 112#endif /* !_SECURITY_SECTASK_H_ */ 113