cdsa/cdsa/eisl.h

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 /*
  20    File:      eisl.h
  21
  22    Contains:  Embedded Integrity Services Library Interface
  23
  24    Copyright: (c) 1999-2000 Apple Computer, Inc., all rights reserved.
  25 */
  26
  27 #ifndef _EISL_H_
  28 #define _EISL_H_  1
  29
  30 #include <Security/cssmconfig.h>
  31
  32 #ifdef __cplusplus
  33 extern "C" {
  34 #endif
  35
  36 /* Data Types for Embedded Integrity Services Library */
  37
  38 typedef const void *ISL_ITERATOR_PTR;
  39
  40 typedef const void *ISL_VERIFIED_SIGNATURE_ROOT_PTR;
  41
  42 typedef const void *ISL_VERIFIED_CERTIFICATE_CHAIN_PTR;
  43
  44 typedef const void *ISL_VERIFIED_CERTIFICATE_PTR;
  45
  46 typedef const void *ISL_MANIFEST_SECTION_PTR;
  47
  48 typedef const void *ISL_VERIFIED_MODULE_PTR;
  49
  50 typedef void (*ISL_FUNCTION_PTR)(void);
  51
  52 typedef struct isl_data {
  53     uint32 Length; /* in bytes */
  54     uint8 *Data;
  55 } ISL_DATA, *ISL_DATA_PTR;
  56
  57 typedef struct isl_const_data {
  58     uint32 Length; /* in bytes */
  59     const uint8 *Data;
  60 } ISL_CONST_DATA, *ISL_CONST_DATA_PTR;
  61
  62 typedef enum isl_status {
  63         ISL_OK = 0,
  64         ISL_FAIL = -1
  65 } ISL_STATUS;
  66
  67
  68 /* Embedded Integrity Services Library Functions */
  69
  70 ISL_VERIFIED_MODULE_PTR
  71 EISL_SelfCheck ();
  72
  73 ISL_VERIFIED_MODULE_PTR
  74 EISL_VerifyAndLoadModuleAndCredentialData (const ISL_CONST_DATA CredentialsImage,
  75                                            const ISL_CONST_DATA ModuleSearchPath,
  76                                            const ISL_CONST_DATA Name,
  77                                            const ISL_CONST_DATA Signer,
  78                                            const ISL_CONST_DATA PublicKey);
  79
  80 ISL_VERIFIED_MODULE_PTR
  81 EISL_VerifyAndLoadModuleAndCredentialDataWithCertificate (const ISL_CONST_DATA CredentialsImage,
  82                                                           const ISL_CONST_DATA ModuleSearchPath,
  83                                                           const ISL_CONST_DATA Name,
  84                                                           const ISL_CONST_DATA Signer,
  85                                                           const ISL_CONST_DATA Certificate);
  86
  87 ISL_VERIFIED_MODULE_PTR
  88 EISL_VerifyAndLoadModuleAndCredentials (ISL_CONST_DATA Credentials,
  89                                         ISL_CONST_DATA Name,
  90                                         ISL_CONST_DATA Signer,
  91                                         ISL_CONST_DATA PublicKey);
  92
  93 ISL_VERIFIED_MODULE_PTR
  94 EISL_VerifyAndLoadModuleAndCredentialsWithCertificate (const ISL_CONST_DATA Credentials,
  95                                                        const ISL_CONST_DATA Name,
  96                                                        const ISL_CONST_DATA Signer,
  97                                                        const ISL_CONST_DATA Certificate);
  98
  99 ISL_VERIFIED_MODULE_PTR
 100 EISL_VerifyLoadedModuleAndCredentialData (const ISL_CONST_DATA CredentialsImage,
 101                                           const ISL_CONST_DATA ModuleSearchPath,
 102                                           const ISL_CONST_DATA Name,
 103                                           const ISL_CONST_DATA Signer,
 104                                           const ISL_CONST_DATA PublicKey);
 105
 106 ISL_VERIFIED_MODULE_PTR
 107 EISL_VerifyLoadedModuleAndCredentialDataWithCertificate (const ISL_CONST_DATA CredentialsImage,
 108                                                          const ISL_CONST_DATA ModuleSearchPath,
 109                                                          const ISL_CONST_DATA Name,
 110                                                          const ISL_CONST_DATA Signer,
 111                                                          const ISL_CONST_DATA Certificate);
 112
 113 ISL_VERIFIED_MODULE_PTR
 114 EISL_VerifyLoadedModuleAndCredentials (ISL_CONST_DATA Credentials,
 115                                        ISL_CONST_DATA Name,
 116                                        ISL_CONST_DATA Signer,
 117                                        ISL_CONST_DATA PublicKey);
 118
 119 ISL_VERIFIED_MODULE_PTR
 120 EISL_VerifyLoadedModuleAndCredentialsWithCertificate (const ISL_CONST_DATA Credentials,
 121                                                       const ISL_CONST_DATA Name,
 122                                                       const ISL_CONST_DATA Signer,
 123                                                       const ISL_CONST_DATA Certificate);
 124
 125 ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
 126 EISL_GetCertificateChain (ISL_VERIFIED_MODULE_PTR Module);
 127
 128 uint32
 129 EISL_ContinueVerification (ISL_VERIFIED_MODULE_PTR Module,
 130                            uint32 WorkFactor);
 131
 132 ISL_VERIFIED_MODULE_PTR
 133 EISL_DuplicateVerifiedModulePtr (ISL_VERIFIED_MODULE_PTR Module);
 134
 135 ISL_STATUS
 136 EISL_RecycleVerifiedModuleCredentials (ISL_VERIFIED_MODULE_PTR Verification);
 137
 138
 139 /* Signature Root Methods */
 140
 141 ISL_VERIFIED_SIGNATURE_ROOT_PTR
 142 EISL_CreateVerifiedSignatureRootWithCredentialData (const ISL_CONST_DATA CredentialsImage,
 143                                                     const ISL_CONST_DATA ModuleSearchPath,
 144                                                     const ISL_CONST_DATA Signer,
 145                                                     const ISL_CONST_DATA PublicKey);
 146
 147 ISL_VERIFIED_SIGNATURE_ROOT_PTR
 148 EISL_CreateVerifiedSignatureRootWithCredentialDataAndCertificate (const ISL_CONST_DATA CredentialsImage,
 149                                                                   const ISL_CONST_DATA ModuleSearchPath,
 150                                                                   ISL_VERIFIED_CERTIFICATE_PTR Cert);
 151
 152 ISL_VERIFIED_SIGNATURE_ROOT_PTR
 153 EISL_CreateVerfiedSignatureRoot (ISL_CONST_DATA Credentials,
 154                                  ISL_CONST_DATA Signer,
 155                                  ISL_CONST_DATA PublicKey);
 156
 157 ISL_VERIFIED_SIGNATURE_ROOT_PTR
 158 EISL_CreateVerfiedSignatureRootWithCertificate (ISL_CONST_DATA Credentials,
 159                                                 ISL_VERIFIED_CERTIFICATE_PTR Cert);
 160
 161 ISL_MANIFEST_SECTION_PTR
 162 EISL_FindManifestSection (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root,
 163                           ISL_CONST_DATA Name);
 164
 165 ISL_ITERATOR_PTR
 166 EISL_CreateManifestSectionEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
 167
 168 ISL_MANIFEST_SECTION_PTR
 169 EISL_GetNextManifestSection (ISL_ITERATOR_PTR Iterator);
 170
 171 ISL_STATUS
 172 EISL_RecycleManifestSectionEnumerator (ISL_ITERATOR_PTR Iterator);
 173
 174 ISL_STATUS
 175 EISL_FindManifestAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context,
 176                             ISL_CONST_DATA Name,
 177                             ISL_CONST_DATA_PTR Value);
 178
 179 ISL_ITERATOR_PTR
 180 EISL_CreateManifestAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context);
 181
 182 ISL_STATUS
 183 EISL_FindSignerInfoAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context,
 184                               ISL_CONST_DATA Name,
 185                               ISL_CONST_DATA_PTR Value);
 186
 187 ISL_ITERATOR_PTR
 188 EISL_CreateSignerInfoAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context);
 189
 190 ISL_STATUS
 191 EISL_GetNextAttribute (ISL_ITERATOR_PTR Iterator,
 192                        ISL_CONST_DATA_PTR Name,
 193                        ISL_CONST_DATA_PTR Value);
 194
 195 ISL_STATUS
 196 EISL_RecycleAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
 197
 198 ISL_STATUS
 199 EISL_FindSignatureAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root,
 200                              ISL_CONST_DATA Name,
 201                              ISL_CONST_DATA_PTR Value);
 202
 203 ISL_ITERATOR_PTR
 204 EISL_CreateSignatureAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
 205
 206 ISL_STATUS
 207 EISL_GetNextSignatureAttribute (ISL_ITERATOR_PTR Iterator,
 208                                 ISL_CONST_DATA_PTR Name,
 209                                 ISL_CONST_DATA_PTR Value);
 210
 211 ISL_STATUS
 212 EISL_RecycleSignatureAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
 213
 214 ISL_STATUS
 215 EISL_RecycleVerifiedSignatureRoot (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
 216
 217
 218 /* Certificate Chain Methods */
 219
 220 const ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
 221 EISL_CreateCertificateChainWithCredentialData (const ISL_CONST_DATA RootIssuer,
 222                                                const ISL_CONST_DATA PublicKey,
 223                                                const ISL_CONST_DATA CredentialsImage,
 224                                                const ISL_CONST_DATA ModuleSearchPath);
 225
 226 ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
 227 EISL_CreateCertificateChainWithCredentialDataAndCertificate (const ISL_CONST_DATA Certificate,
 228                                                              const ISL_CONST_DATA CredentialsImage,
 229                                                              const ISL_CONST_DATA ModuleSearchPath);
 230
 231 ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
 232 EISL_CreateCertificateChain (ISL_CONST_DATA RootIssuer,
 233                              ISL_CONST_DATA PublicKey,
 234                              ISL_CONST_DATA Credential);
 235
 236 ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
 237 EISL_CreateCertificateChainWithCertificate (const ISL_CONST_DATA Certificate,
 238                                             const ISL_CONST_DATA Credential);
 239
 240 uint32
 241 EISL_CopyCertificateChain (ISL_VERIFIED_CERTIFICATE_CHAIN_PTR Verification,
 242                            ISL_VERIFIED_CERTIFICATE_PTR Certs[],
 243                            uint32 MaxCertificates);
 244
 245 ISL_STATUS
 246 EISL_RecycleVerifiedCertificateChain (ISL_VERIFIED_CERTIFICATE_CHAIN_PTR Chain);
 247
 248
 249 /* Certificate Attribute Methods */
 250
 251 ISL_STATUS
 252 EISL_FindCertificateAttribute (ISL_VERIFIED_CERTIFICATE_PTR Cert,
 253                                ISL_CONST_DATA Name,
 254                                ISL_CONST_DATA_PTR Value);
 255
 256 ISL_ITERATOR_PTR
 257 EISL_CreateCertificateAttributeEnumerator (ISL_VERIFIED_CERTIFICATE_PTR Cert);
 258
 259 ISL_STATUS
 260 EISL_GetNextCertificateAttribute (ISL_ITERATOR_PTR CertIterator,
 261                                   ISL_CONST_DATA_PTR Name,
 262                                   ISL_CONST_DATA_PTR Value);
 263
 264 ISL_STATUS
 265 EISL_RecycleCertificateAttributeEnumerator (ISL_ITERATOR_PTR CertIterator);
 266
 267
 268 /* Manifest Section Object Methods */
 269
 270 ISL_VERIFIED_SIGNATURE_ROOT_PTR
 271 EISL_GetManifestSignatureRoot (ISL_MANIFEST_SECTION_PTR Section);
 272
 273 ISL_VERIFIED_MODULE_PTR
 274 EISL_VerifyAndLoadModule (ISL_MANIFEST_SECTION_PTR Section);
 275
 276 ISL_VERIFIED_MODULE_PTR
 277 EISL_VerifyLoadedModule (ISL_MANIFEST_SECTION_PTR Section);
 278
 279 ISL_STATUS
 280 EISL_FindManifestSectionAttribute (ISL_MANIFEST_SECTION_PTR Section,
 281                                    ISL_CONST_DATA Name,
 282                                    ISL_CONST_DATA_PTR Value);
 283
 284 ISL_ITERATOR_PTR
 285 EISL_CreateManifestSectionAttributeEnumerator (ISL_MANIFEST_SECTION_PTR Section);
 286
 287 ISL_STATUS
 288 EISL_GetNextManifestSectionAttribute (ISL_ITERATOR_PTR Iterator,
 289                                       ISL_CONST_DATA_PTR Name,
 290                                       ISL_CONST_DATA_PTR Value);
 291
 292 ISL_STATUS
 293 EISL_RecycleManifestSectionAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
 294
 295 ISL_MANIFEST_SECTION_PTR
 296 EISL_GetModuleManifestSection (ISL_VERIFIED_MODULE_PTR Module);
 297
 298
 299 /* Secure Linkage Services */
 300
 301 ISL_FUNCTION_PTR
 302 EISL_LocateProcedureAddress (ISL_VERIFIED_MODULE_PTR Module,
 303                              ISL_CONST_DATA Name);
 304
 305 #ifdef MACOSX
 306 #define EISL_GetReturnAddress(Address) \
 307 {\
 308     /* Platform specific code in here */
 309 }
 310 #endif
 311
 312 ISL_STATUS
 313 EISL_CheckAddressWithinModule (ISL_VERIFIED_MODULE_PTR Verification,
 314                                ISL_FUNCTION_PTR Address);
 315
 316 ISL_STATUS
 317 EISL_CheckDataAddressWithinModule (ISL_VERIFIED_MODULE_PTR Verification,
 318                                    const void *Address);
 319
 320 void *
 321 EISL_GetLibHandle (ISL_VERIFIED_MODULE_PTR Verification);
 322
 323 #ifdef __cplusplus
 324 }
 325 #endif
 326
 327 #endif /* _EISL_H_ */