libsecurity_cssm/lib/eisl.h

   1 /*
   2  * Copyright (c) 1999-2002,2004 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  *
  23  * eisl.h -- Embedded Integrity Services Library Interface
  24  */
  25
  26 #ifndef _EISL_H_
  27 #define _EISL_H_  1
  28
  29 #include <Security/cssmconfig.h>
  30
  31 #ifdef __cplusplus
  32 extern "C" {
  33 #endif
  34
  35 /* Data Types for Embedded Integrity Services Library */
  36
  37 typedef const void *ISL_ITERATOR_PTR;
  38
  39 typedef const void *ISL_VERIFIED_SIGNATURE_ROOT_PTR;
  40
  41 typedef const void *ISL_VERIFIED_CERTIFICATE_CHAIN_PTR;
  42
  43 typedef const void *ISL_VERIFIED_CERTIFICATE_PTR;
  44
  45 typedef const void *ISL_MANIFEST_SECTION_PTR;
  46
  47 typedef const void *ISL_VERIFIED_MODULE_PTR;
  48
  49 typedef void (*ISL_FUNCTION_PTR)(void);
  50
  51 typedef struct isl_data {
  52     CSSM_SIZE Length; /* in bytes */
  53     uint8 *Data;
  54 } ISL_DATA, *ISL_DATA_PTR;
  55
  56 typedef struct isl_const_data {
  57     CSSM_SIZE Length; /* in bytes */
  58     const uint8 *Data;
  59 } ISL_CONST_DATA, *ISL_CONST_DATA_PTR;
  60
  61 typedef enum isl_status {
  62         ISL_OK = 0,
  63         ISL_FAIL = -1
  64 } ISL_STATUS;
  65
  66
  67 /* Embedded Integrity Services Library Functions */
  68
  69 ISL_VERIFIED_MODULE_PTR
  70 EISL_SelfCheck ();
  71
  72 ISL_VERIFIED_MODULE_PTR
  73 EISL_VerifyAndLoadModuleAndCredentialData (const ISL_CONST_DATA CredentialsImage,
  74                                            const ISL_CONST_DATA ModuleSearchPath,
  75                                            const ISL_CONST_DATA Name,
  76                                            const ISL_CONST_DATA Signer,
  77                                            const ISL_CONST_DATA PublicKey);
  78
  79 ISL_VERIFIED_MODULE_PTR
  80 EISL_VerifyAndLoadModuleAndCredentialDataWithCertificate (const ISL_CONST_DATA CredentialsImage,
  81                                                           const ISL_CONST_DATA ModuleSearchPath,
  82                                                           const ISL_CONST_DATA Name,
  83                                                           const ISL_CONST_DATA Signer,
  84                                                           const ISL_CONST_DATA Certificate);
  85
  86 ISL_VERIFIED_MODULE_PTR
  87 EISL_VerifyAndLoadModuleAndCredentials (ISL_CONST_DATA Credentials,
  88                                         ISL_CONST_DATA Name,
  89                                         ISL_CONST_DATA Signer,
  90                                         ISL_CONST_DATA PublicKey);
  91
  92 ISL_VERIFIED_MODULE_PTR
  93 EISL_VerifyAndLoadModuleAndCredentialsWithCertificate (const ISL_CONST_DATA Credentials,
  94                                                        const ISL_CONST_DATA Name,
  95                                                        const ISL_CONST_DATA Signer,
  96                                                        const ISL_CONST_DATA Certificate);
  97
  98 ISL_VERIFIED_MODULE_PTR
  99 EISL_VerifyLoadedModuleAndCredentialData (const ISL_CONST_DATA CredentialsImage,
 100                                           const ISL_CONST_DATA ModuleSearchPath,
 101                                           const ISL_CONST_DATA Name,
 102                                           const ISL_CONST_DATA Signer,
 103                                           const ISL_CONST_DATA PublicKey);
 104
 105 ISL_VERIFIED_MODULE_PTR
 106 EISL_VerifyLoadedModuleAndCredentialDataWithCertificate (const ISL_CONST_DATA CredentialsImage,
 107                                                          const ISL_CONST_DATA ModuleSearchPath,
 108                                                          const ISL_CONST_DATA Name,
 109                                                          const ISL_CONST_DATA Signer,
 110                                                          const ISL_CONST_DATA Certificate);
 111
 112 ISL_VERIFIED_MODULE_PTR
 113 EISL_VerifyLoadedModuleAndCredentials (ISL_CONST_DATA Credentials,
 114                                        ISL_CONST_DATA Name,
 115                                        ISL_CONST_DATA Signer,
 116                                        ISL_CONST_DATA PublicKey);
 117
 118 ISL_VERIFIED_MODULE_PTR
 119 EISL_VerifyLoadedModuleAndCredentialsWithCertificate (const ISL_CONST_DATA Credentials,
 120                                                       const ISL_CONST_DATA Name,
 121                                                       const ISL_CONST_DATA Signer,
 122                                                       const ISL_CONST_DATA Certificate);
 123
 124 ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
 125 EISL_GetCertificateChain (ISL_VERIFIED_MODULE_PTR Module);
 126
 127 uint32
 128 EISL_ContinueVerification (ISL_VERIFIED_MODULE_PTR Module,
 129                            uint32 WorkFactor);
 130
 131 ISL_VERIFIED_MODULE_PTR
 132 EISL_DuplicateVerifiedModulePtr (ISL_VERIFIED_MODULE_PTR Module);
 133
 134 ISL_STATUS
 135 EISL_RecycleVerifiedModuleCredentials (ISL_VERIFIED_MODULE_PTR Verification);
 136
 137
 138 /* Signature Root Methods */
 139
 140 ISL_VERIFIED_SIGNATURE_ROOT_PTR
 141 EISL_CreateVerifiedSignatureRootWithCredentialData (const ISL_CONST_DATA CredentialsImage,
 142                                                     const ISL_CONST_DATA ModuleSearchPath,
 143                                                     const ISL_CONST_DATA Signer,
 144                                                     const ISL_CONST_DATA PublicKey);
 145
 146 ISL_VERIFIED_SIGNATURE_ROOT_PTR
 147 EISL_CreateVerifiedSignatureRootWithCredentialDataAndCertificate (const ISL_CONST_DATA CredentialsImage,
 148                                                                   const ISL_CONST_DATA ModuleSearchPath,
 149                                                                   ISL_VERIFIED_CERTIFICATE_PTR Cert);
 150
 151 ISL_VERIFIED_SIGNATURE_ROOT_PTR
 152 EISL_CreateVerfiedSignatureRoot (ISL_CONST_DATA Credentials,
 153                                  ISL_CONST_DATA Signer,
 154                                  ISL_CONST_DATA PublicKey);
 155
 156 ISL_VERIFIED_SIGNATURE_ROOT_PTR
 157 EISL_CreateVerfiedSignatureRootWithCertificate (ISL_CONST_DATA Credentials,
 158                                                 ISL_VERIFIED_CERTIFICATE_PTR Cert);
 159
 160 ISL_MANIFEST_SECTION_PTR
 161 EISL_FindManifestSection (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root,
 162                           ISL_CONST_DATA Name);
 163
 164 ISL_ITERATOR_PTR
 165 EISL_CreateManifestSectionEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
 166
 167 ISL_MANIFEST_SECTION_PTR
 168 EISL_GetNextManifestSection (ISL_ITERATOR_PTR Iterator);
 169
 170 ISL_STATUS
 171 EISL_RecycleManifestSectionEnumerator (ISL_ITERATOR_PTR Iterator);
 172
 173 ISL_STATUS
 174 EISL_FindManifestAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context,
 175                             ISL_CONST_DATA Name,
 176                             ISL_CONST_DATA_PTR Value);
 177
 178 ISL_ITERATOR_PTR
 179 EISL_CreateManifestAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context);
 180
 181 ISL_STATUS
 182 EISL_FindSignerInfoAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context,
 183                               ISL_CONST_DATA Name,
 184                               ISL_CONST_DATA_PTR Value);
 185
 186 ISL_ITERATOR_PTR
 187 EISL_CreateSignerInfoAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context);
 188
 189 ISL_STATUS
 190 EISL_GetNextAttribute (ISL_ITERATOR_PTR Iterator,
 191                        ISL_CONST_DATA_PTR Name,
 192                        ISL_CONST_DATA_PTR Value);
 193
 194 ISL_STATUS
 195 EISL_RecycleAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
 196
 197 ISL_STATUS
 198 EISL_FindSignatureAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root,
 199                              ISL_CONST_DATA Name,
 200                              ISL_CONST_DATA_PTR Value);
 201
 202 ISL_ITERATOR_PTR
 203 EISL_CreateSignatureAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
 204
 205 ISL_STATUS
 206 EISL_GetNextSignatureAttribute (ISL_ITERATOR_PTR Iterator,
 207                                 ISL_CONST_DATA_PTR Name,
 208                                 ISL_CONST_DATA_PTR Value);
 209
 210 ISL_STATUS
 211 EISL_RecycleSignatureAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
 212
 213 ISL_STATUS
 214 EISL_RecycleVerifiedSignatureRoot (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
 215
 216
 217 /* Certificate Chain Methods */
 218
 219 const ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
 220 EISL_CreateCertificateChainWithCredentialData (const ISL_CONST_DATA RootIssuer,
 221                                                const ISL_CONST_DATA PublicKey,
 222                                                const ISL_CONST_DATA CredentialsImage,
 223                                                const ISL_CONST_DATA ModuleSearchPath);
 224
 225 ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
 226 EISL_CreateCertificateChainWithCredentialDataAndCertificate (const ISL_CONST_DATA Certificate,
 227                                                              const ISL_CONST_DATA CredentialsImage,
 228                                                              const ISL_CONST_DATA ModuleSearchPath);
 229
 230 ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
 231 EISL_CreateCertificateChain (ISL_CONST_DATA RootIssuer,
 232                              ISL_CONST_DATA PublicKey,
 233                              ISL_CONST_DATA Credential);
 234
 235 ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
 236 EISL_CreateCertificateChainWithCertificate (const ISL_CONST_DATA Certificate,
 237                                             const ISL_CONST_DATA Credential);
 238
 239 uint32
 240 EISL_CopyCertificateChain (ISL_VERIFIED_CERTIFICATE_CHAIN_PTR Verification,
 241                            ISL_VERIFIED_CERTIFICATE_PTR Certs[],
 242                            uint32 MaxCertificates);
 243
 244 ISL_STATUS
 245 EISL_RecycleVerifiedCertificateChain (ISL_VERIFIED_CERTIFICATE_CHAIN_PTR Chain);
 246
 247
 248 /* Certificate Attribute Methods */
 249
 250 ISL_STATUS
 251 EISL_FindCertificateAttribute (ISL_VERIFIED_CERTIFICATE_PTR Cert,
 252                                ISL_CONST_DATA Name,
 253                                ISL_CONST_DATA_PTR Value);
 254
 255 ISL_ITERATOR_PTR
 256 EISL_CreateCertificateAttributeEnumerator (ISL_VERIFIED_CERTIFICATE_PTR Cert);
 257
 258 ISL_STATUS
 259 EISL_GetNextCertificateAttribute (ISL_ITERATOR_PTR CertIterator,
 260                                   ISL_CONST_DATA_PTR Name,
 261                                   ISL_CONST_DATA_PTR Value);
 262
 263 ISL_STATUS
 264 EISL_RecycleCertificateAttributeEnumerator (ISL_ITERATOR_PTR CertIterator);
 265
 266
 267 /* Manifest Section Object Methods */
 268
 269 ISL_VERIFIED_SIGNATURE_ROOT_PTR
 270 EISL_GetManifestSignatureRoot (ISL_MANIFEST_SECTION_PTR Section);
 271
 272 ISL_VERIFIED_MODULE_PTR
 273 EISL_VerifyAndLoadModule (ISL_MANIFEST_SECTION_PTR Section);
 274
 275 ISL_VERIFIED_MODULE_PTR
 276 EISL_VerifyLoadedModule (ISL_MANIFEST_SECTION_PTR Section);
 277
 278 ISL_STATUS
 279 EISL_FindManifestSectionAttribute (ISL_MANIFEST_SECTION_PTR Section,
 280                                    ISL_CONST_DATA Name,
 281                                    ISL_CONST_DATA_PTR Value);
 282
 283 ISL_ITERATOR_PTR
 284 EISL_CreateManifestSectionAttributeEnumerator (ISL_MANIFEST_SECTION_PTR Section);
 285
 286 ISL_STATUS
 287 EISL_GetNextManifestSectionAttribute (ISL_ITERATOR_PTR Iterator,
 288                                       ISL_CONST_DATA_PTR Name,
 289                                       ISL_CONST_DATA_PTR Value);
 290
 291 ISL_STATUS
 292 EISL_RecycleManifestSectionAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
 293
 294 ISL_MANIFEST_SECTION_PTR
 295 EISL_GetModuleManifestSection (ISL_VERIFIED_MODULE_PTR Module);
 296
 297
 298 /* Secure Linkage Services */
 299
 300 ISL_FUNCTION_PTR
 301 EISL_LocateProcedureAddress (ISL_VERIFIED_MODULE_PTR Module,
 302                              ISL_CONST_DATA Name);
 303
 304 #ifdef MACOSX
 305 #define EISL_GetReturnAddress(Address) \
 306 {\
 307     /* Platform specific code in here */
 308 }
 309 #endif
 310
 311 ISL_STATUS
 312 EISL_CheckAddressWithinModule (ISL_VERIFIED_MODULE_PTR Verification,
 313                                ISL_FUNCTION_PTR Address);
 314
 315 ISL_STATUS
 316 EISL_CheckDataAddressWithinModule (ISL_VERIFIED_MODULE_PTR Verification,
 317                                    const void *Address);
 318
 319 void *
 320 EISL_GetLibHandle (ISL_VERIFIED_MODULE_PTR Verification);
 321
 322 #ifdef __cplusplus
 323 }
 324 #endif
 325
 326 #endif /* _EISL_H_ */