Signing Information Dictionary Keys

Use these keys from the information dictionary when you retrieve information from a code signature.

Overview

Use these keys when examining the dictionary returned by the SecCodeCopySigningInformation function to obtain information about the signed code.

Topics

Constants

kSecCodeInfoCdHashes

A key whose value is an array containing the unique binary identifier for every digest algorithm supported in the signature.

kSecCodeInfoCertificates

A key whose value is an array of certificates representing the certificate chain of the signing certificate as seen by the system.

kSecCodeInfoChangedFiles

A key whose value is a list of all files in the code that may have been modified by the process of signing it.

kSecCodeInfoCMS

A key whose value is the CMS cryptographic object that secures the code signature.

kSecCodeInfoDesignatedRequirement

A keys whose value is the designated requirement of the code.

kSecCodeInfoDigestAlgorithm

A key whose value is a number indicating the cryptographic hash function.

kSecCodeInfoDigestAlgorithms

A key whose value is a list of the kinds of cryptographic hash functions available within the signature.

kSecCodeInfoEntitlements

A key whose value represents the embedded entitlement blob of the code, if any.

kSecCodeInfoEntitlementsDict

A key whose value is a dictionary of embedded entitlements.

kSecCodeInfoFormat

A key whose value is a string representing the type and format of the code in a form suitable for display to a knowledgeable user.

kSecCodeInfoFlags

A key whose value indicates the static (on-disk) state of the object.

kSecCodeInfoIdentifier

A key whose value is the signing identifier sealed into the signature.

kSecCodeInfoImplicitDesignatedRequirement

A key whose value is the designated requirement (DR) that the system generated—or would have generated—for the code in the absence of an explicitly-declared DR.

kSecCodeInfoMainExecutable

A key whose value is a URL locating the main executable file of the code.

kSecCodeInfoPList

A key whose value is an information dictionary containing the contents of the secured Info.plist file as seen by Code Signing Services.

kSecCodeInfoPlatformIdentifier

A key whose value identifies the operating system release with which the code is associated, if any.

kSecCodeInfoRequirements

A key whose value is the internal requirements of the code as a text string in canonical syntax.

kSecCodeInfoRequirementData

A key whose value is the internal requirements of the code as a binary blob.

kSecCodeInfoRuntimeVersion

A key whose value represents the runtime version.

kSecCodeInfoSource

The source of the code signature used for the code object in a format suitable for display.

kSecCodeInfoStatus

A key whose value is the set of code status flags for the running code.

kSecCodeInfoTeamIdentifier

A key whose value is the team identifier.

kSecCodeInfoTime

A key whose value is the signing date embedded in the code signature.

kSecCodeInfoTimestamp

A key whose value indicates the actual signing date.

kSecCodeInfoTrust

A key whose value is the trust object the system uses to evaluate the validity of the code's signature.

kSecCodeInfoUnique

A key whose value is a binary number that uniquely identifies static code.

See Also

Code Signatures

SecCodeCopySigningInformation

Retrieves various pieces of information from a code signature.

Code Signing Information Flags

Use these supplemental flags to retrieve signing information.

SecCodeSignatureFlags

Specify option flags that can be embedded in a code signature during signing and that govern the use of the signature.

SecCSDigestAlgorithm

The list of digest algorithms available for code signatures.