You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
327 lines
12 KiB
327 lines
12 KiB
6 years ago
|
/*
|
||
|
* Copyright (c) 1999-2002,2004,2011,2014 Apple Inc. All Rights Reserved.
|
||
|
*
|
||
|
* @APPLE_LICENSE_HEADER_START@
|
||
|
*
|
||
|
* This file contains Original Code and/or Modifications of Original Code
|
||
|
* as defined in and that are subject to the Apple Public Source License
|
||
|
* Version 2.0 (the 'License'). You may not use this file except in
|
||
|
* compliance with the License. Please obtain a copy of the License at
|
||
|
* http://www.opensource.apple.com/apsl/ and read it before using this
|
||
|
* file.
|
||
|
*
|
||
|
* The Original Code and all software distributed under the License are
|
||
|
* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
|
||
|
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
|
||
|
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
|
||
|
* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
|
||
|
* Please see the License for the specific language governing rights and
|
||
|
* limitations under the License.
|
||
|
*
|
||
|
* @APPLE_LICENSE_HEADER_END@
|
||
|
*
|
||
|
* eisl.h -- Embedded Integrity Services Library Interface
|
||
|
*/
|
||
|
|
||
|
#ifndef _EISL_H_
|
||
|
#define _EISL_H_ 1
|
||
|
|
||
|
#include <Security/cssmconfig.h>
|
||
|
|
||
|
#ifdef __cplusplus
|
||
|
extern "C" {
|
||
|
#endif
|
||
|
|
||
|
/* Data Types for Embedded Integrity Services Library */
|
||
|
|
||
|
typedef const void *ISL_ITERATOR_PTR;
|
||
|
|
||
|
typedef const void *ISL_VERIFIED_SIGNATURE_ROOT_PTR;
|
||
|
|
||
|
typedef const void *ISL_VERIFIED_CERTIFICATE_CHAIN_PTR;
|
||
|
|
||
|
typedef const void *ISL_VERIFIED_CERTIFICATE_PTR;
|
||
|
|
||
|
typedef const void *ISL_MANIFEST_SECTION_PTR;
|
||
|
|
||
|
typedef const void *ISL_VERIFIED_MODULE_PTR;
|
||
|
|
||
|
typedef void (*ISL_FUNCTION_PTR)(void);
|
||
|
|
||
|
typedef struct isl_data {
|
||
|
CSSM_SIZE Length; /* in bytes */
|
||
|
uint8 *Data;
|
||
|
} ISL_DATA, *ISL_DATA_PTR;
|
||
|
|
||
|
typedef struct isl_const_data {
|
||
|
CSSM_SIZE Length; /* in bytes */
|
||
|
const uint8 *Data;
|
||
|
} ISL_CONST_DATA, *ISL_CONST_DATA_PTR;
|
||
|
|
||
|
typedef enum isl_status {
|
||
|
ISL_OK = 0,
|
||
|
ISL_FAIL = -1
|
||
|
} ISL_STATUS;
|
||
|
|
||
|
|
||
|
/* Embedded Integrity Services Library Functions */
|
||
|
|
||
|
ISL_VERIFIED_MODULE_PTR
|
||
|
EISL_SelfCheck (void);
|
||
|
|
||
|
ISL_VERIFIED_MODULE_PTR
|
||
|
EISL_VerifyAndLoadModuleAndCredentialData (const ISL_CONST_DATA CredentialsImage,
|
||
|
const ISL_CONST_DATA ModuleSearchPath,
|
||
|
const ISL_CONST_DATA Name,
|
||
|
const ISL_CONST_DATA Signer,
|
||
|
const ISL_CONST_DATA PublicKey);
|
||
|
|
||
|
ISL_VERIFIED_MODULE_PTR
|
||
|
EISL_VerifyAndLoadModuleAndCredentialDataWithCertificate (const ISL_CONST_DATA CredentialsImage,
|
||
|
const ISL_CONST_DATA ModuleSearchPath,
|
||
|
const ISL_CONST_DATA Name,
|
||
|
const ISL_CONST_DATA Signer,
|
||
|
const ISL_CONST_DATA Certificate);
|
||
|
|
||
|
ISL_VERIFIED_MODULE_PTR
|
||
|
EISL_VerifyAndLoadModuleAndCredentials (ISL_CONST_DATA Credentials,
|
||
|
ISL_CONST_DATA Name,
|
||
|
ISL_CONST_DATA Signer,
|
||
|
ISL_CONST_DATA PublicKey);
|
||
|
|
||
|
ISL_VERIFIED_MODULE_PTR
|
||
|
EISL_VerifyAndLoadModuleAndCredentialsWithCertificate (const ISL_CONST_DATA Credentials,
|
||
|
const ISL_CONST_DATA Name,
|
||
|
const ISL_CONST_DATA Signer,
|
||
|
const ISL_CONST_DATA Certificate);
|
||
|
|
||
|
ISL_VERIFIED_MODULE_PTR
|
||
|
EISL_VerifyLoadedModuleAndCredentialData (const ISL_CONST_DATA CredentialsImage,
|
||
|
const ISL_CONST_DATA ModuleSearchPath,
|
||
|
const ISL_CONST_DATA Name,
|
||
|
const ISL_CONST_DATA Signer,
|
||
|
const ISL_CONST_DATA PublicKey);
|
||
|
|
||
|
ISL_VERIFIED_MODULE_PTR
|
||
|
EISL_VerifyLoadedModuleAndCredentialDataWithCertificate (const ISL_CONST_DATA CredentialsImage,
|
||
|
const ISL_CONST_DATA ModuleSearchPath,
|
||
|
const ISL_CONST_DATA Name,
|
||
|
const ISL_CONST_DATA Signer,
|
||
|
const ISL_CONST_DATA Certificate);
|
||
|
|
||
|
ISL_VERIFIED_MODULE_PTR
|
||
|
EISL_VerifyLoadedModuleAndCredentials (ISL_CONST_DATA Credentials,
|
||
|
ISL_CONST_DATA Name,
|
||
|
ISL_CONST_DATA Signer,
|
||
|
ISL_CONST_DATA PublicKey);
|
||
|
|
||
|
ISL_VERIFIED_MODULE_PTR
|
||
|
EISL_VerifyLoadedModuleAndCredentialsWithCertificate (const ISL_CONST_DATA Credentials,
|
||
|
const ISL_CONST_DATA Name,
|
||
|
const ISL_CONST_DATA Signer,
|
||
|
const ISL_CONST_DATA Certificate);
|
||
|
|
||
|
ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
|
||
|
EISL_GetCertificateChain (ISL_VERIFIED_MODULE_PTR Module);
|
||
|
|
||
|
uint32
|
||
|
EISL_ContinueVerification (ISL_VERIFIED_MODULE_PTR Module,
|
||
|
uint32 WorkFactor);
|
||
|
|
||
|
ISL_VERIFIED_MODULE_PTR
|
||
|
EISL_DuplicateVerifiedModulePtr (ISL_VERIFIED_MODULE_PTR Module);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_RecycleVerifiedModuleCredentials (ISL_VERIFIED_MODULE_PTR Verification);
|
||
|
|
||
|
|
||
|
/* Signature Root Methods */
|
||
|
|
||
|
ISL_VERIFIED_SIGNATURE_ROOT_PTR
|
||
|
EISL_CreateVerifiedSignatureRootWithCredentialData (const ISL_CONST_DATA CredentialsImage,
|
||
|
const ISL_CONST_DATA ModuleSearchPath,
|
||
|
const ISL_CONST_DATA Signer,
|
||
|
const ISL_CONST_DATA PublicKey);
|
||
|
|
||
|
ISL_VERIFIED_SIGNATURE_ROOT_PTR
|
||
|
EISL_CreateVerifiedSignatureRootWithCredentialDataAndCertificate (const ISL_CONST_DATA CredentialsImage,
|
||
|
const ISL_CONST_DATA ModuleSearchPath,
|
||
|
ISL_VERIFIED_CERTIFICATE_PTR Cert);
|
||
|
|
||
|
ISL_VERIFIED_SIGNATURE_ROOT_PTR
|
||
|
EISL_CreateVerfiedSignatureRoot (ISL_CONST_DATA Credentials,
|
||
|
ISL_CONST_DATA Signer,
|
||
|
ISL_CONST_DATA PublicKey);
|
||
|
|
||
|
ISL_VERIFIED_SIGNATURE_ROOT_PTR
|
||
|
EISL_CreateVerfiedSignatureRootWithCertificate (ISL_CONST_DATA Credentials,
|
||
|
ISL_VERIFIED_CERTIFICATE_PTR Cert);
|
||
|
|
||
|
ISL_MANIFEST_SECTION_PTR
|
||
|
EISL_FindManifestSection (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root,
|
||
|
ISL_CONST_DATA Name);
|
||
|
|
||
|
ISL_ITERATOR_PTR
|
||
|
EISL_CreateManifestSectionEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
|
||
|
|
||
|
ISL_MANIFEST_SECTION_PTR
|
||
|
EISL_GetNextManifestSection (ISL_ITERATOR_PTR Iterator);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_RecycleManifestSectionEnumerator (ISL_ITERATOR_PTR Iterator);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_FindManifestAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context,
|
||
|
ISL_CONST_DATA Name,
|
||
|
ISL_CONST_DATA_PTR Value);
|
||
|
|
||
|
ISL_ITERATOR_PTR
|
||
|
EISL_CreateManifestAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_FindSignerInfoAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context,
|
||
|
ISL_CONST_DATA Name,
|
||
|
ISL_CONST_DATA_PTR Value);
|
||
|
|
||
|
ISL_ITERATOR_PTR
|
||
|
EISL_CreateSignerInfoAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_GetNextAttribute (ISL_ITERATOR_PTR Iterator,
|
||
|
ISL_CONST_DATA_PTR Name,
|
||
|
ISL_CONST_DATA_PTR Value);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_RecycleAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_FindSignatureAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root,
|
||
|
ISL_CONST_DATA Name,
|
||
|
ISL_CONST_DATA_PTR Value);
|
||
|
|
||
|
ISL_ITERATOR_PTR
|
||
|
EISL_CreateSignatureAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_GetNextSignatureAttribute (ISL_ITERATOR_PTR Iterator,
|
||
|
ISL_CONST_DATA_PTR Name,
|
||
|
ISL_CONST_DATA_PTR Value);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_RecycleSignatureAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_RecycleVerifiedSignatureRoot (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
|
||
|
|
||
|
|
||
|
/* Certificate Chain Methods */
|
||
|
|
||
|
const ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
|
||
|
EISL_CreateCertificateChainWithCredentialData (const ISL_CONST_DATA RootIssuer,
|
||
|
const ISL_CONST_DATA PublicKey,
|
||
|
const ISL_CONST_DATA CredentialsImage,
|
||
|
const ISL_CONST_DATA ModuleSearchPath);
|
||
|
|
||
|
ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
|
||
|
EISL_CreateCertificateChainWithCredentialDataAndCertificate (const ISL_CONST_DATA Certificate,
|
||
|
const ISL_CONST_DATA CredentialsImage,
|
||
|
const ISL_CONST_DATA ModuleSearchPath);
|
||
|
|
||
|
ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
|
||
|
EISL_CreateCertificateChain (ISL_CONST_DATA RootIssuer,
|
||
|
ISL_CONST_DATA PublicKey,
|
||
|
ISL_CONST_DATA Credential);
|
||
|
|
||
|
ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
|
||
|
EISL_CreateCertificateChainWithCertificate (const ISL_CONST_DATA Certificate,
|
||
|
const ISL_CONST_DATA Credential);
|
||
|
|
||
|
uint32
|
||
|
EISL_CopyCertificateChain (ISL_VERIFIED_CERTIFICATE_CHAIN_PTR Verification,
|
||
|
ISL_VERIFIED_CERTIFICATE_PTR Certs[],
|
||
|
uint32 MaxCertificates);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_RecycleVerifiedCertificateChain (ISL_VERIFIED_CERTIFICATE_CHAIN_PTR Chain);
|
||
|
|
||
|
|
||
|
/* Certificate Attribute Methods */
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_FindCertificateAttribute (ISL_VERIFIED_CERTIFICATE_PTR Cert,
|
||
|
ISL_CONST_DATA Name,
|
||
|
ISL_CONST_DATA_PTR Value);
|
||
|
|
||
|
ISL_ITERATOR_PTR
|
||
|
EISL_CreateCertificateAttributeEnumerator (ISL_VERIFIED_CERTIFICATE_PTR Cert);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_GetNextCertificateAttribute (ISL_ITERATOR_PTR CertIterator,
|
||
|
ISL_CONST_DATA_PTR Name,
|
||
|
ISL_CONST_DATA_PTR Value);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_RecycleCertificateAttributeEnumerator (ISL_ITERATOR_PTR CertIterator);
|
||
|
|
||
|
|
||
|
/* Manifest Section Object Methods */
|
||
|
|
||
|
ISL_VERIFIED_SIGNATURE_ROOT_PTR
|
||
|
EISL_GetManifestSignatureRoot (ISL_MANIFEST_SECTION_PTR Section);
|
||
|
|
||
|
ISL_VERIFIED_MODULE_PTR
|
||
|
EISL_VerifyAndLoadModule (ISL_MANIFEST_SECTION_PTR Section);
|
||
|
|
||
|
ISL_VERIFIED_MODULE_PTR
|
||
|
EISL_VerifyLoadedModule (ISL_MANIFEST_SECTION_PTR Section);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_FindManifestSectionAttribute (ISL_MANIFEST_SECTION_PTR Section,
|
||
|
ISL_CONST_DATA Name,
|
||
|
ISL_CONST_DATA_PTR Value);
|
||
|
|
||
|
ISL_ITERATOR_PTR
|
||
|
EISL_CreateManifestSectionAttributeEnumerator (ISL_MANIFEST_SECTION_PTR Section);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_GetNextManifestSectionAttribute (ISL_ITERATOR_PTR Iterator,
|
||
|
ISL_CONST_DATA_PTR Name,
|
||
|
ISL_CONST_DATA_PTR Value);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_RecycleManifestSectionAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
|
||
|
|
||
|
ISL_MANIFEST_SECTION_PTR
|
||
|
EISL_GetModuleManifestSection (ISL_VERIFIED_MODULE_PTR Module);
|
||
|
|
||
|
|
||
|
/* Secure Linkage Services */
|
||
|
|
||
|
ISL_FUNCTION_PTR
|
||
|
EISL_LocateProcedureAddress (ISL_VERIFIED_MODULE_PTR Module,
|
||
|
ISL_CONST_DATA Name);
|
||
|
|
||
|
#ifdef MACOSX
|
||
|
#define EISL_GetReturnAddress(Address) \
|
||
|
{\
|
||
|
/* Platform specific code in here */ \
|
||
|
}
|
||
|
#endif
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_CheckAddressWithinModule (ISL_VERIFIED_MODULE_PTR Verification,
|
||
|
ISL_FUNCTION_PTR Address);
|
||
|
|
||
|
ISL_STATUS
|
||
|
EISL_CheckDataAddressWithinModule (ISL_VERIFIED_MODULE_PTR Verification,
|
||
|
const void *Address);
|
||
|
|
||
|
void *
|
||
|
EISL_GetLibHandle (ISL_VERIFIED_MODULE_PTR Verification);
|
||
|
|
||
|
#ifdef __cplusplus
|
||
|
}
|
||
|
#endif
|
||
|
|
||
|
#endif /* _EISL_H_ */
|