Retrieves the designated code requirement of signed code.


OSStatus SecCodeCopyDesignatedRequirement(SecStaticCodeRef code, SecCSFlags flags, SecRequirementRef  _Nullable *requirement);



The code or static code object for which you want the designated requirement. If you provide a code object, the function processes it in the same manner as the SecCodeCopyStaticCode function.


Optional flags; see SecCSFlags for possible values. Pass kSecCSDefaultFlags for standard behavior.


On return, the code's designated requirement. Call the CFRelease function to release this object when you are finished with it.

Return Value


The designated requirement is the internal code requirement that the code specifies as the way to identify it. See Code Signing Guide for a discussion of code requirements and designated requirements.

If the code contains an explicit designated requirement, a copy of that is returned. If it doesn't, a designated requirement is constructed from the code’s signing authority and its embedded unique identifier. No designated requirement can be obtained from unsigned code. Code that is modified after being signed, that has been signed improperly, or whose signature has become invalid, may or may not yield a designated requirement. This function does not validate the signature.

See Also

Code Requirements

Applying Code Requirements

Manage the code requirements that apply to your signed code.


A code requirement object.


Returns the unique identifier of the opaque type to which a code requirement object belongs.


An enumeration indicating different types of internal requirements for code.