]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_manifest/lib/SecureDownload.h
Security-58286.1.32.tar.gz
[apple/security.git] / OSX / libsecurity_manifest / lib / SecureDownload.h
1 #ifndef __SECURE_DOWNLOAD__
2 #define __SECURE_DOWNLOAD__
3
4 #if defined(__cplusplus)
5 extern "C" {
6 #endif
7
8 /*
9 * Copyright (c) 2006,2011,2013-2014 Apple Inc. All Rights Reserved.
10 *
11 * @APPLE_LICENSE_HEADER_START@
12 *
13 * This file contains Original Code and/or Modifications of Original Code
14 * as defined in and that are subject to the Apple Public Source License
15 * Version 2.0 (the 'License'). You may not use this file except in
16 * compliance with the License. Please obtain a copy of the License at
17 * http://www.opensource.apple.com/apsl/ and read it before using this
18 * file.
19 *
20 * The Original Code and all software distributed under the License are
21 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
22 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
23 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
24 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
25 * Please see the License for the specific language governing rights and
26 * limitations under the License.
27 *
28 * @APPLE_LICENSE_HEADER_END@
29 */
30
31 /*!
32 @header SecureDownload
33 @abstract Used by clients to implement Apple's Verified Download System.
34
35 Please note that a succesful check does not guarantee anything about
36 the safety of the file being downloaded. Rather, it simply checks to make sure
37 that the contents of the file being downloaded exactly matches the contents
38 of the file when the ticket was originally generated.
39
40 To use, do the following:
41 1: Download the secure download ticket.
42 2: Pass the ticket to SecureDownloadCreateWithTicket. On error, call
43 SecureDownloadGetTrustRef to return data that will help you figure
44 out why the ticket was bad.
45 3: If SecureDownloadCreateWithTicket returns errSecSuccess, call SecureDownloadCopyURLs
46 to return a list of data download locations. Begin downloading data from
47 the first URL in the list. If that download fails, try downloading from
48 the second URL, and so forth.
49 4: Each time you receive data, call SecureDownloadReceivedData.
50 5: Once all data has been received, call SecureDownloadFinished.
51 6: Release the SecureDownloadRef by calling SecureDownloadRelease.
52 */
53
54
55
56 #include <CoreFoundation/CoreFoundation.h>
57 #include <Security/SecBase.h>
58 #include <Security/SecTrust.h> /* SecTrustRef */
59
60
61 typedef struct OpaqueSecureDownload *SecureDownloadRef;
62
63 enum {
64 errSecureDownloadInvalidTicket = -20052,
65 errSecureDownloadInvalidDownload = -20053
66 };
67
68 /*!
69 @enum _SecureDownloadSetupCallbackResult
70 @discussion This type is used to indicate whether or not a
71 signer should be evaluated.
72 @constant kSecureDownloadDoNotEvaluateSigner Indicates that the signer should not be evaluated.
73 @constant kSecureDownloadEvaluateSigner Indicates that the signer should be evaluated.
74 @constant kSecureDownloadFailEvaluation Indicates that evaluation should fail immediately.
75 */
76
77 typedef enum _SecureDownloadTrustCallbackResult
78 {
79 kSecureDownloadDoNotEvaluateSigner = 0,
80 kSecureDownloadEvaluateSigner = 1,
81 kSecureDownloadFailEvaluation = 2
82 } SecureDownloadTrustCallbackResult;
83
84 /*!
85 @typedef SecureDownloadTrustSetupCallback
86 @discussion This callback is used to determine whether trust for a particular
87 signer should be evaluated.
88 @param trustRef The trustRef for this evaluation
89 @param setupContext user defined.
90 @result A SecureDownloadTrustCallbackResult (see).
91 */
92
93 typedef SecureDownloadTrustCallbackResult(*SecureDownloadTrustSetupCallback)
94 (SecTrustRef trustRef, void* setupContext);
95
96 /*!
97 @typedef SecureDownloadTrustEvaluateCallback
98 @discussion This callback is used called after trust has been evaluated.
99 @param trustRef The trustRef for this evaluation
100 @param result The result of the evaluation (See the SecTrust documentation).
101 @param evaluateContext user defined.
102 @result A SecTrustResultType. Return the value passed in result if you
103 do not want to change the evaluation result.
104 */
105
106 typedef SecTrustResultType(*SecureDownloadTrustEvaluateCallback)
107 (SecTrustRef trustRef, SecTrustResultType result,
108 void *evaluateContext);
109
110 /*!
111 @function SecureDownloadCreateWithTicket
112 @abstract Create a SecureDownloadRef for use during the Secure Download process.
113 @param ticket The download ticket.
114 @param setup Called before trust is verified for each signer of the ticket.
115 This allows the user to modify the SecTrustRef if needed
116 (see the SecTrust documentation). Returns a SecureDownloadTrustCallbackResult (see).
117 @param setupContext User defined. Passed as a parameter to the setupCallback.
118 @param evaluate Called after SecTrustEvaluate has been called for a
119 signer if the result was not trusted. This allows
120 the developer to query the user as to whether or not
121 to trust the signer. Returns a SecTrustResultType
122 @param evaluateContext User defined. Passed as a parameter to the evaluate callback.
123 @param downloadRef The returned reference.
124 @result Returns errSecureDownloadInvalidTicket if the ticket was invalid. Otherwise
125 see "Security Error Codes" (SecBase.h).
126 .
127 */
128
129 OSStatus SecureDownloadCreateWithTicket (CFDataRef ticket,
130 SecureDownloadTrustSetupCallback setup,
131 void* setupContext,
132 SecureDownloadTrustEvaluateCallback evaluate,
133 void* evaluateContext,
134 SecureDownloadRef* downloadRef);
135
136 /*!
137 @function SecureDownloadCopyURLs
138 @abstract Return a list of URL's from which the data can be downloaded. The first
139 URL in the list is the preferred download location. The other URL's are
140 backup locations in case earlier locations in the list could not be
141 accessed.
142 @param downloadRef A SecureDownloadRef instance.
143 @param urls On return, the list of URL's to download. Format is a CFArray of CFURL's.
144 @result A result code. See "Security Error Codes" (SecBase.h).
145 */
146
147 OSStatus SecureDownloadCopyURLs (SecureDownloadRef downloadRef, CFArrayRef* urls);
148
149 /*!
150 @function SecureDownloadCopyName
151 @abstract Return the printable name of this download ticket.
152 @param downloadRef A SecureDownloadRef instance.
153 @param name On output, the download name.
154 @result A result code. See "Security Error Codes" (SecBase.h).
155 */
156
157 OSStatus SecureDownloadCopyName (SecureDownloadRef downloadRef, CFStringRef* name);
158
159 /*!
160 @function SecureDownloadCopyCreationDate
161 @abstract Return the date the downlooad ticket was created.
162 @param downloadRef A SecureDownloadRef instance.
163 @result A result code.
164 */
165
166 OSStatus SecureDownloadCopyCreationDate (SecureDownloadRef downloadRef, CFDateRef* date);
167
168 /*!
169 @function SecureDownloadGetDownloadSize
170 @abstract Return the size of the expected download.
171 @param downloadRef A SecureDownloadRef instance.
172 @param downloadSize On output, the size of the download.
173 @result A result code. See "Security Error Codes" (SecBase.h).
174 */
175
176 OSStatus SecureDownloadGetDownloadSize (SecureDownloadRef downloadRef, SInt64 *downloadSize);
177
178 /*!
179 @function SecureDownloadUpdateWithData
180 @abstract Check data received during Secure Download for validity.
181 Call this function each time data is received.
182 @param downloadRef A SecureDownloadRef instance.
183 @param data The data to check.
184 @result Returns errSecureDownloadInvalidDownload if data is invalid. Otherwise
185 see "Security Error Codes" (SecBase.h).
186 */
187
188 OSStatus SecureDownloadUpdateWithData (SecureDownloadRef downloadRef, CFDataRef data);
189
190 /*!
191 @function SecureDownloadFinished
192 @abstract Concludes the secure download process. Call this after all data has been received.
193 @param downloadRef A SecureDownloadRef instance.
194 @result Returns errSecureDownloadInvalidDownload if data is invalid. Otherwise
195 see "Security Error Codes" (SecBase.h).
196 */
197
198 OSStatus SecureDownloadFinished (SecureDownloadRef downloadRef);
199
200 /*!
201 @function SecureDownloadRelease
202 @abstract Releases a SecureDownloadRef.
203 @param downloadRef The SecureDownloadRef to release.
204 @result A result code. See "Security Error Codes" (SecBase.h).
205 */
206
207 OSStatus SecureDownloadRelease (SecureDownloadRef downloadRef);
208
209 /*!
210 @function SecureDownloadCopyTicketLocation
211 @abstract Copies the ticket location from an x-securedownload URL.
212 @param url The x-securedownload URL.
213 @param ticketLocation On exit, the URL of the ticket.
214 @result A result code. See "Security Error Codes" (SecBase.h).
215 */
216
217 OSStatus SecureDownloadCopyTicketLocation (CFURLRef url, CFURLRef *ticketLocation);
218
219 #if defined(__cplusplus)
220 };
221 #endif
222
223 #endif