Skip to content

Security macOS xcode16.3 b1

Rolf Bjarne Kvinge edited this page Mar 20, 2025 · 2 revisions

#Security.framework https://github.com/dotnet/macios/pull/22442

diff -ruN /Applications/Xcode_16.2.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/Security.framework/Headers/SecBase.h /Applications/Xcode_16.3.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/Security.framework/Headers/SecBase.h
--- /Applications/Xcode_16.2.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/Security.framework/Headers/SecBase.h	2024-11-11 05:29:34
+++ /Applications/Xcode_16.3.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/Security.framework/Headers/SecBase.h	2025-02-07 21:03:00
@@ -706,6 +706,7 @@
     errSecCertificateValidityPeriodTooLong   = -67901,    /* The validity period in the certificate exceeds the maximum allowed. */
     errSecCertificateIsCA                    = -67902,    /* The verified certificate is a CA rather than an end-entity */
     errSecCertificateDuplicateExtension      = -67903,    /* The certificate contains multiple extensions with the same extension ID. */
+    errSecMissingQualifiedCertStatement      = -67904,    /* A qualified certificate statement was expected but missing. */
 };
 
 
diff -ruN /Applications/Xcode_16.2.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/Security.framework/Headers/SecTrust.h /Applications/Xcode_16.3.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/Security.framework/Headers/SecTrust.h
--- /Applications/Xcode_16.2.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/Security.framework/Headers/SecTrust.h	2024-11-11 05:07:38
+++ /Applications/Xcode_16.3.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/Security.framework/Headers/SecTrust.h	2025-02-07 21:02:59
@@ -135,6 +135,15 @@
         field is meant to be displayed to the user as the validated
         name of the company or entity that owns the certificate if the
         kSecTrustExtendedValidation key is present.
+    @constant kSecTrustQCStatements
+        This key will be present and have a value of CFStringRef if
+        the leaf certificate contains qualified certificate statements.
+        The string can be displayed to the user as a representation
+        of a qualified certificate's purpose.
+    @constant kSecTrustQWACValidation
+        This key will be present and have a value of kCFBooleanTrue
+        if this chain was successfully validated as a Qualified Website
+        Authentication Certificate.
     @constant kSecTrustResultValue
         This key will be present if a trust evaluation has been performed.
         Its value is a CFNumberRef representing the SecTrustResultType result
@@ -181,6 +190,10 @@
     __OSX_AVAILABLE_STARTING(__MAC_10_11, __IPHONE_9_0);
 extern const CFStringRef kSecTrustCertificateTransparencyWhiteList
     __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_12, __MAC_10_13, __IPHONE_10_0, __IPHONE_11_0);
+extern const CFStringRef kSecTrustQCStatements
+    API_AVAILABLE(macos(15.4), ios(18.4), tvos(18.4), watchos(11.4));
+extern const CFStringRef kSecTrustQWACValidation
+    API_AVAILABLE(macos(15.4), ios(18.4), tvos(18.4), watchos(11.4));
 
 #ifdef __BLOCKS__
 /*!
Clone this wiki locally