Specify option flags that can be embedded in a code signature during signing and that govern the use of the signature.


struct SecCodeSignatureFlags


Some of these flags can be set through the codesign(1) command’s --options argument and some are set implicitly based on signing circumstances. The flags here appear as the value associated with the kSecCodeInfoFlags key in the signing information dictionary. See Signing Information Dictionary Keys.



static var adhoc: SecCodeSignatureFlags

Must be used without a signing identity.

static var forceHard: SecCodeSignatureFlags

Always set the hard status flag on launch.

static var forceKill: SecCodeSignatureFlags

Always set the kill status flag on launch.

static var forceExpiration: SecCodeSignatureFlags

Always set the considerExpiration flag when validating the code.

static var runtime: SecCodeSignatureFlags

Apply runtime hardening policies as required by the hardened runtime version.


Conforms To

See Also

Code Signatures

Code Signing Information Flags

Use these supplemental flags to retrieve signing information.

Signing Information Dictionary Keys

Use these keys from the information dictionary when you retrieve information from a code signature.

enum SecCSDigestAlgorithm

The list of digest algorithms available for code signatures.