]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_cssm/lib/eisl.h
Security-57336.1.9.tar.gz
[apple/security.git] / OSX / libsecurity_cssm / lib / eisl.h
1 /*
2 * Copyright (c) 1999-2002,2004,2011,2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 *
23 * eisl.h -- Embedded Integrity Services Library Interface
24 */
25
26 #ifndef _EISL_H_
27 #define _EISL_H_ 1
28
29 #include <Security/cssmconfig.h>
30
31 #ifdef __cplusplus
32 extern "C" {
33 #endif
34
35 /* Data Types for Embedded Integrity Services Library */
36
37 typedef const void *ISL_ITERATOR_PTR;
38
39 typedef const void *ISL_VERIFIED_SIGNATURE_ROOT_PTR;
40
41 typedef const void *ISL_VERIFIED_CERTIFICATE_CHAIN_PTR;
42
43 typedef const void *ISL_VERIFIED_CERTIFICATE_PTR;
44
45 typedef const void *ISL_MANIFEST_SECTION_PTR;
46
47 typedef const void *ISL_VERIFIED_MODULE_PTR;
48
49 typedef void (*ISL_FUNCTION_PTR)(void);
50
51 typedef struct isl_data {
52 CSSM_SIZE Length; /* in bytes */
53 uint8 *Data;
54 } ISL_DATA, *ISL_DATA_PTR;
55
56 typedef struct isl_const_data {
57 CSSM_SIZE Length; /* in bytes */
58 const uint8 *Data;
59 } ISL_CONST_DATA, *ISL_CONST_DATA_PTR;
60
61 typedef enum isl_status {
62 ISL_OK = 0,
63 ISL_FAIL = -1
64 } ISL_STATUS;
65
66
67 /* Embedded Integrity Services Library Functions */
68
69 ISL_VERIFIED_MODULE_PTR
70 EISL_SelfCheck ();
71
72 ISL_VERIFIED_MODULE_PTR
73 EISL_VerifyAndLoadModuleAndCredentialData (const ISL_CONST_DATA CredentialsImage,
74 const ISL_CONST_DATA ModuleSearchPath,
75 const ISL_CONST_DATA Name,
76 const ISL_CONST_DATA Signer,
77 const ISL_CONST_DATA PublicKey);
78
79 ISL_VERIFIED_MODULE_PTR
80 EISL_VerifyAndLoadModuleAndCredentialDataWithCertificate (const ISL_CONST_DATA CredentialsImage,
81 const ISL_CONST_DATA ModuleSearchPath,
82 const ISL_CONST_DATA Name,
83 const ISL_CONST_DATA Signer,
84 const ISL_CONST_DATA Certificate);
85
86 ISL_VERIFIED_MODULE_PTR
87 EISL_VerifyAndLoadModuleAndCredentials (ISL_CONST_DATA Credentials,
88 ISL_CONST_DATA Name,
89 ISL_CONST_DATA Signer,
90 ISL_CONST_DATA PublicKey);
91
92 ISL_VERIFIED_MODULE_PTR
93 EISL_VerifyAndLoadModuleAndCredentialsWithCertificate (const ISL_CONST_DATA Credentials,
94 const ISL_CONST_DATA Name,
95 const ISL_CONST_DATA Signer,
96 const ISL_CONST_DATA Certificate);
97
98 ISL_VERIFIED_MODULE_PTR
99 EISL_VerifyLoadedModuleAndCredentialData (const ISL_CONST_DATA CredentialsImage,
100 const ISL_CONST_DATA ModuleSearchPath,
101 const ISL_CONST_DATA Name,
102 const ISL_CONST_DATA Signer,
103 const ISL_CONST_DATA PublicKey);
104
105 ISL_VERIFIED_MODULE_PTR
106 EISL_VerifyLoadedModuleAndCredentialDataWithCertificate (const ISL_CONST_DATA CredentialsImage,
107 const ISL_CONST_DATA ModuleSearchPath,
108 const ISL_CONST_DATA Name,
109 const ISL_CONST_DATA Signer,
110 const ISL_CONST_DATA Certificate);
111
112 ISL_VERIFIED_MODULE_PTR
113 EISL_VerifyLoadedModuleAndCredentials (ISL_CONST_DATA Credentials,
114 ISL_CONST_DATA Name,
115 ISL_CONST_DATA Signer,
116 ISL_CONST_DATA PublicKey);
117
118 ISL_VERIFIED_MODULE_PTR
119 EISL_VerifyLoadedModuleAndCredentialsWithCertificate (const ISL_CONST_DATA Credentials,
120 const ISL_CONST_DATA Name,
121 const ISL_CONST_DATA Signer,
122 const ISL_CONST_DATA Certificate);
123
124 ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
125 EISL_GetCertificateChain (ISL_VERIFIED_MODULE_PTR Module);
126
127 uint32
128 EISL_ContinueVerification (ISL_VERIFIED_MODULE_PTR Module,
129 uint32 WorkFactor);
130
131 ISL_VERIFIED_MODULE_PTR
132 EISL_DuplicateVerifiedModulePtr (ISL_VERIFIED_MODULE_PTR Module);
133
134 ISL_STATUS
135 EISL_RecycleVerifiedModuleCredentials (ISL_VERIFIED_MODULE_PTR Verification);
136
137
138 /* Signature Root Methods */
139
140 ISL_VERIFIED_SIGNATURE_ROOT_PTR
141 EISL_CreateVerifiedSignatureRootWithCredentialData (const ISL_CONST_DATA CredentialsImage,
142 const ISL_CONST_DATA ModuleSearchPath,
143 const ISL_CONST_DATA Signer,
144 const ISL_CONST_DATA PublicKey);
145
146 ISL_VERIFIED_SIGNATURE_ROOT_PTR
147 EISL_CreateVerifiedSignatureRootWithCredentialDataAndCertificate (const ISL_CONST_DATA CredentialsImage,
148 const ISL_CONST_DATA ModuleSearchPath,
149 ISL_VERIFIED_CERTIFICATE_PTR Cert);
150
151 ISL_VERIFIED_SIGNATURE_ROOT_PTR
152 EISL_CreateVerfiedSignatureRoot (ISL_CONST_DATA Credentials,
153 ISL_CONST_DATA Signer,
154 ISL_CONST_DATA PublicKey);
155
156 ISL_VERIFIED_SIGNATURE_ROOT_PTR
157 EISL_CreateVerfiedSignatureRootWithCertificate (ISL_CONST_DATA Credentials,
158 ISL_VERIFIED_CERTIFICATE_PTR Cert);
159
160 ISL_MANIFEST_SECTION_PTR
161 EISL_FindManifestSection (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root,
162 ISL_CONST_DATA Name);
163
164 ISL_ITERATOR_PTR
165 EISL_CreateManifestSectionEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
166
167 ISL_MANIFEST_SECTION_PTR
168 EISL_GetNextManifestSection (ISL_ITERATOR_PTR Iterator);
169
170 ISL_STATUS
171 EISL_RecycleManifestSectionEnumerator (ISL_ITERATOR_PTR Iterator);
172
173 ISL_STATUS
174 EISL_FindManifestAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context,
175 ISL_CONST_DATA Name,
176 ISL_CONST_DATA_PTR Value);
177
178 ISL_ITERATOR_PTR
179 EISL_CreateManifestAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context);
180
181 ISL_STATUS
182 EISL_FindSignerInfoAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context,
183 ISL_CONST_DATA Name,
184 ISL_CONST_DATA_PTR Value);
185
186 ISL_ITERATOR_PTR
187 EISL_CreateSignerInfoAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context);
188
189 ISL_STATUS
190 EISL_GetNextAttribute (ISL_ITERATOR_PTR Iterator,
191 ISL_CONST_DATA_PTR Name,
192 ISL_CONST_DATA_PTR Value);
193
194 ISL_STATUS
195 EISL_RecycleAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
196
197 ISL_STATUS
198 EISL_FindSignatureAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root,
199 ISL_CONST_DATA Name,
200 ISL_CONST_DATA_PTR Value);
201
202 ISL_ITERATOR_PTR
203 EISL_CreateSignatureAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
204
205 ISL_STATUS
206 EISL_GetNextSignatureAttribute (ISL_ITERATOR_PTR Iterator,
207 ISL_CONST_DATA_PTR Name,
208 ISL_CONST_DATA_PTR Value);
209
210 ISL_STATUS
211 EISL_RecycleSignatureAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
212
213 ISL_STATUS
214 EISL_RecycleVerifiedSignatureRoot (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
215
216
217 /* Certificate Chain Methods */
218
219 const ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
220 EISL_CreateCertificateChainWithCredentialData (const ISL_CONST_DATA RootIssuer,
221 const ISL_CONST_DATA PublicKey,
222 const ISL_CONST_DATA CredentialsImage,
223 const ISL_CONST_DATA ModuleSearchPath);
224
225 ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
226 EISL_CreateCertificateChainWithCredentialDataAndCertificate (const ISL_CONST_DATA Certificate,
227 const ISL_CONST_DATA CredentialsImage,
228 const ISL_CONST_DATA ModuleSearchPath);
229
230 ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
231 EISL_CreateCertificateChain (ISL_CONST_DATA RootIssuer,
232 ISL_CONST_DATA PublicKey,
233 ISL_CONST_DATA Credential);
234
235 ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
236 EISL_CreateCertificateChainWithCertificate (const ISL_CONST_DATA Certificate,
237 const ISL_CONST_DATA Credential);
238
239 uint32
240 EISL_CopyCertificateChain (ISL_VERIFIED_CERTIFICATE_CHAIN_PTR Verification,
241 ISL_VERIFIED_CERTIFICATE_PTR Certs[],
242 uint32 MaxCertificates);
243
244 ISL_STATUS
245 EISL_RecycleVerifiedCertificateChain (ISL_VERIFIED_CERTIFICATE_CHAIN_PTR Chain);
246
247
248 /* Certificate Attribute Methods */
249
250 ISL_STATUS
251 EISL_FindCertificateAttribute (ISL_VERIFIED_CERTIFICATE_PTR Cert,
252 ISL_CONST_DATA Name,
253 ISL_CONST_DATA_PTR Value);
254
255 ISL_ITERATOR_PTR
256 EISL_CreateCertificateAttributeEnumerator (ISL_VERIFIED_CERTIFICATE_PTR Cert);
257
258 ISL_STATUS
259 EISL_GetNextCertificateAttribute (ISL_ITERATOR_PTR CertIterator,
260 ISL_CONST_DATA_PTR Name,
261 ISL_CONST_DATA_PTR Value);
262
263 ISL_STATUS
264 EISL_RecycleCertificateAttributeEnumerator (ISL_ITERATOR_PTR CertIterator);
265
266
267 /* Manifest Section Object Methods */
268
269 ISL_VERIFIED_SIGNATURE_ROOT_PTR
270 EISL_GetManifestSignatureRoot (ISL_MANIFEST_SECTION_PTR Section);
271
272 ISL_VERIFIED_MODULE_PTR
273 EISL_VerifyAndLoadModule (ISL_MANIFEST_SECTION_PTR Section);
274
275 ISL_VERIFIED_MODULE_PTR
276 EISL_VerifyLoadedModule (ISL_MANIFEST_SECTION_PTR Section);
277
278 ISL_STATUS
279 EISL_FindManifestSectionAttribute (ISL_MANIFEST_SECTION_PTR Section,
280 ISL_CONST_DATA Name,
281 ISL_CONST_DATA_PTR Value);
282
283 ISL_ITERATOR_PTR
284 EISL_CreateManifestSectionAttributeEnumerator (ISL_MANIFEST_SECTION_PTR Section);
285
286 ISL_STATUS
287 EISL_GetNextManifestSectionAttribute (ISL_ITERATOR_PTR Iterator,
288 ISL_CONST_DATA_PTR Name,
289 ISL_CONST_DATA_PTR Value);
290
291 ISL_STATUS
292 EISL_RecycleManifestSectionAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
293
294 ISL_MANIFEST_SECTION_PTR
295 EISL_GetModuleManifestSection (ISL_VERIFIED_MODULE_PTR Module);
296
297
298 /* Secure Linkage Services */
299
300 ISL_FUNCTION_PTR
301 EISL_LocateProcedureAddress (ISL_VERIFIED_MODULE_PTR Module,
302 ISL_CONST_DATA Name);
303
304 #ifdef MACOSX
305 #define EISL_GetReturnAddress(Address) \
306 {\
307 /* Platform specific code in here */ \
308 }
309 #endif
310
311 ISL_STATUS
312 EISL_CheckAddressWithinModule (ISL_VERIFIED_MODULE_PTR Verification,
313 ISL_FUNCTION_PTR Address);
314
315 ISL_STATUS
316 EISL_CheckDataAddressWithinModule (ISL_VERIFIED_MODULE_PTR Verification,
317 const void *Address);
318
319 void *
320 EISL_GetLibHandle (ISL_VERIFIED_MODULE_PTR Verification);
321
322 #ifdef __cplusplus
323 }
324 #endif
325
326 #endif /* _EISL_H_ */