Retrieves various pieces of information from a code signature.
- macOS 10.6+
The code or static code object from whose signature you wish to retrieve information. If you provide a code object, the function processes it in the same manner as the
Secfunction—that is, the static code signing information is obtained from the signature on disk. Note that dynamic information (
Code Copy Static Code
k) can be obtained only for a code object, not for a static code object.
Sec CSDynamic Information
On return, a dictionary containing information about the code. The contents of the dictionary depend on the flags you pass in the
flagsparameter. Regardless of flags, the
kkey is always present if the code is signed and always absent if the code is unsigned. See Signing Information Dictionary Keys for descriptions of the dictionary keys. Call the
Sec Code Info Identifier
CFReleasefunction to release this object when you are finished with it.
A result code. See Code Signing Services Result Codes.
The amount and detail level of the data returned is controlled by the flags passed to the call.
If the code exists but is not signed, this function call succeeds and returns a dictionary that does not contain the
k key. This is the recommended way to check quickly whether code is signed if that is the only information you need. However, note that this function does not validate the signature.
If the signing data for the code is corrupt or invalid, this function may fail or it may return partial data. To ensure that only valid data is returned (and errors are raised for invalid data), you must successfully call the
Sec function before calling
Some of the objects returned in the information dictionary are (retained) “live” API objects used by the code signing infrastructure. Making changes to these objects is unsupported and may cause subsequent code signing operations on the affected code to behave in undefined ways.