--- /dev/null
+/*
+ * Copyright (c) 1999-2002,2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ *
+ * eisl.h -- Embedded Integrity Services Library Interface
+ */
+
+#ifndef _EISL_H_
+#define _EISL_H_ 1
+
+#include <Security/cssmconfig.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Data Types for Embedded Integrity Services Library */
+
+typedef const void *ISL_ITERATOR_PTR;
+
+typedef const void *ISL_VERIFIED_SIGNATURE_ROOT_PTR;
+
+typedef const void *ISL_VERIFIED_CERTIFICATE_CHAIN_PTR;
+
+typedef const void *ISL_VERIFIED_CERTIFICATE_PTR;
+
+typedef const void *ISL_MANIFEST_SECTION_PTR;
+
+typedef const void *ISL_VERIFIED_MODULE_PTR;
+
+typedef void (*ISL_FUNCTION_PTR)(void);
+
+typedef struct isl_data {
+ CSSM_SIZE Length; /* in bytes */
+ uint8 *Data;
+} ISL_DATA, *ISL_DATA_PTR;
+
+typedef struct isl_const_data {
+ CSSM_SIZE Length; /* in bytes */
+ const uint8 *Data;
+} ISL_CONST_DATA, *ISL_CONST_DATA_PTR;
+
+typedef enum isl_status {
+ ISL_OK = 0,
+ ISL_FAIL = -1
+} ISL_STATUS;
+
+
+/* Embedded Integrity Services Library Functions */
+
+ISL_VERIFIED_MODULE_PTR
+EISL_SelfCheck ();
+
+ISL_VERIFIED_MODULE_PTR
+EISL_VerifyAndLoadModuleAndCredentialData (const ISL_CONST_DATA CredentialsImage,
+ const ISL_CONST_DATA ModuleSearchPath,
+ const ISL_CONST_DATA Name,
+ const ISL_CONST_DATA Signer,
+ const ISL_CONST_DATA PublicKey);
+
+ISL_VERIFIED_MODULE_PTR
+EISL_VerifyAndLoadModuleAndCredentialDataWithCertificate (const ISL_CONST_DATA CredentialsImage,
+ const ISL_CONST_DATA ModuleSearchPath,
+ const ISL_CONST_DATA Name,
+ const ISL_CONST_DATA Signer,
+ const ISL_CONST_DATA Certificate);
+
+ISL_VERIFIED_MODULE_PTR
+EISL_VerifyAndLoadModuleAndCredentials (ISL_CONST_DATA Credentials,
+ ISL_CONST_DATA Name,
+ ISL_CONST_DATA Signer,
+ ISL_CONST_DATA PublicKey);
+
+ISL_VERIFIED_MODULE_PTR
+EISL_VerifyAndLoadModuleAndCredentialsWithCertificate (const ISL_CONST_DATA Credentials,
+ const ISL_CONST_DATA Name,
+ const ISL_CONST_DATA Signer,
+ const ISL_CONST_DATA Certificate);
+
+ISL_VERIFIED_MODULE_PTR
+EISL_VerifyLoadedModuleAndCredentialData (const ISL_CONST_DATA CredentialsImage,
+ const ISL_CONST_DATA ModuleSearchPath,
+ const ISL_CONST_DATA Name,
+ const ISL_CONST_DATA Signer,
+ const ISL_CONST_DATA PublicKey);
+
+ISL_VERIFIED_MODULE_PTR
+EISL_VerifyLoadedModuleAndCredentialDataWithCertificate (const ISL_CONST_DATA CredentialsImage,
+ const ISL_CONST_DATA ModuleSearchPath,
+ const ISL_CONST_DATA Name,
+ const ISL_CONST_DATA Signer,
+ const ISL_CONST_DATA Certificate);
+
+ISL_VERIFIED_MODULE_PTR
+EISL_VerifyLoadedModuleAndCredentials (ISL_CONST_DATA Credentials,
+ ISL_CONST_DATA Name,
+ ISL_CONST_DATA Signer,
+ ISL_CONST_DATA PublicKey);
+
+ISL_VERIFIED_MODULE_PTR
+EISL_VerifyLoadedModuleAndCredentialsWithCertificate (const ISL_CONST_DATA Credentials,
+ const ISL_CONST_DATA Name,
+ const ISL_CONST_DATA Signer,
+ const ISL_CONST_DATA Certificate);
+
+ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
+EISL_GetCertificateChain (ISL_VERIFIED_MODULE_PTR Module);
+
+uint32
+EISL_ContinueVerification (ISL_VERIFIED_MODULE_PTR Module,
+ uint32 WorkFactor);
+
+ISL_VERIFIED_MODULE_PTR
+EISL_DuplicateVerifiedModulePtr (ISL_VERIFIED_MODULE_PTR Module);
+
+ISL_STATUS
+EISL_RecycleVerifiedModuleCredentials (ISL_VERIFIED_MODULE_PTR Verification);
+
+
+/* Signature Root Methods */
+
+ISL_VERIFIED_SIGNATURE_ROOT_PTR
+EISL_CreateVerifiedSignatureRootWithCredentialData (const ISL_CONST_DATA CredentialsImage,
+ const ISL_CONST_DATA ModuleSearchPath,
+ const ISL_CONST_DATA Signer,
+ const ISL_CONST_DATA PublicKey);
+
+ISL_VERIFIED_SIGNATURE_ROOT_PTR
+EISL_CreateVerifiedSignatureRootWithCredentialDataAndCertificate (const ISL_CONST_DATA CredentialsImage,
+ const ISL_CONST_DATA ModuleSearchPath,
+ ISL_VERIFIED_CERTIFICATE_PTR Cert);
+
+ISL_VERIFIED_SIGNATURE_ROOT_PTR
+EISL_CreateVerfiedSignatureRoot (ISL_CONST_DATA Credentials,
+ ISL_CONST_DATA Signer,
+ ISL_CONST_DATA PublicKey);
+
+ISL_VERIFIED_SIGNATURE_ROOT_PTR
+EISL_CreateVerfiedSignatureRootWithCertificate (ISL_CONST_DATA Credentials,
+ ISL_VERIFIED_CERTIFICATE_PTR Cert);
+
+ISL_MANIFEST_SECTION_PTR
+EISL_FindManifestSection (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root,
+ ISL_CONST_DATA Name);
+
+ISL_ITERATOR_PTR
+EISL_CreateManifestSectionEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
+
+ISL_MANIFEST_SECTION_PTR
+EISL_GetNextManifestSection (ISL_ITERATOR_PTR Iterator);
+
+ISL_STATUS
+EISL_RecycleManifestSectionEnumerator (ISL_ITERATOR_PTR Iterator);
+
+ISL_STATUS
+EISL_FindManifestAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context,
+ ISL_CONST_DATA Name,
+ ISL_CONST_DATA_PTR Value);
+
+ISL_ITERATOR_PTR
+EISL_CreateManifestAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context);
+
+ISL_STATUS
+EISL_FindSignerInfoAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context,
+ ISL_CONST_DATA Name,
+ ISL_CONST_DATA_PTR Value);
+
+ISL_ITERATOR_PTR
+EISL_CreateSignerInfoAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Context);
+
+ISL_STATUS
+EISL_GetNextAttribute (ISL_ITERATOR_PTR Iterator,
+ ISL_CONST_DATA_PTR Name,
+ ISL_CONST_DATA_PTR Value);
+
+ISL_STATUS
+EISL_RecycleAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
+
+ISL_STATUS
+EISL_FindSignatureAttribute (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root,
+ ISL_CONST_DATA Name,
+ ISL_CONST_DATA_PTR Value);
+
+ISL_ITERATOR_PTR
+EISL_CreateSignatureAttributeEnumerator (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
+
+ISL_STATUS
+EISL_GetNextSignatureAttribute (ISL_ITERATOR_PTR Iterator,
+ ISL_CONST_DATA_PTR Name,
+ ISL_CONST_DATA_PTR Value);
+
+ISL_STATUS
+EISL_RecycleSignatureAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
+
+ISL_STATUS
+EISL_RecycleVerifiedSignatureRoot (ISL_VERIFIED_SIGNATURE_ROOT_PTR Root);
+
+
+/* Certificate Chain Methods */
+
+const ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
+EISL_CreateCertificateChainWithCredentialData (const ISL_CONST_DATA RootIssuer,
+ const ISL_CONST_DATA PublicKey,
+ const ISL_CONST_DATA CredentialsImage,
+ const ISL_CONST_DATA ModuleSearchPath);
+
+ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
+EISL_CreateCertificateChainWithCredentialDataAndCertificate (const ISL_CONST_DATA Certificate,
+ const ISL_CONST_DATA CredentialsImage,
+ const ISL_CONST_DATA ModuleSearchPath);
+
+ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
+EISL_CreateCertificateChain (ISL_CONST_DATA RootIssuer,
+ ISL_CONST_DATA PublicKey,
+ ISL_CONST_DATA Credential);
+
+ISL_VERIFIED_CERTIFICATE_CHAIN_PTR
+EISL_CreateCertificateChainWithCertificate (const ISL_CONST_DATA Certificate,
+ const ISL_CONST_DATA Credential);
+
+uint32
+EISL_CopyCertificateChain (ISL_VERIFIED_CERTIFICATE_CHAIN_PTR Verification,
+ ISL_VERIFIED_CERTIFICATE_PTR Certs[],
+ uint32 MaxCertificates);
+
+ISL_STATUS
+EISL_RecycleVerifiedCertificateChain (ISL_VERIFIED_CERTIFICATE_CHAIN_PTR Chain);
+
+
+/* Certificate Attribute Methods */
+
+ISL_STATUS
+EISL_FindCertificateAttribute (ISL_VERIFIED_CERTIFICATE_PTR Cert,
+ ISL_CONST_DATA Name,
+ ISL_CONST_DATA_PTR Value);
+
+ISL_ITERATOR_PTR
+EISL_CreateCertificateAttributeEnumerator (ISL_VERIFIED_CERTIFICATE_PTR Cert);
+
+ISL_STATUS
+EISL_GetNextCertificateAttribute (ISL_ITERATOR_PTR CertIterator,
+ ISL_CONST_DATA_PTR Name,
+ ISL_CONST_DATA_PTR Value);
+
+ISL_STATUS
+EISL_RecycleCertificateAttributeEnumerator (ISL_ITERATOR_PTR CertIterator);
+
+
+/* Manifest Section Object Methods */
+
+ISL_VERIFIED_SIGNATURE_ROOT_PTR
+EISL_GetManifestSignatureRoot (ISL_MANIFEST_SECTION_PTR Section);
+
+ISL_VERIFIED_MODULE_PTR
+EISL_VerifyAndLoadModule (ISL_MANIFEST_SECTION_PTR Section);
+
+ISL_VERIFIED_MODULE_PTR
+EISL_VerifyLoadedModule (ISL_MANIFEST_SECTION_PTR Section);
+
+ISL_STATUS
+EISL_FindManifestSectionAttribute (ISL_MANIFEST_SECTION_PTR Section,
+ ISL_CONST_DATA Name,
+ ISL_CONST_DATA_PTR Value);
+
+ISL_ITERATOR_PTR
+EISL_CreateManifestSectionAttributeEnumerator (ISL_MANIFEST_SECTION_PTR Section);
+
+ISL_STATUS
+EISL_GetNextManifestSectionAttribute (ISL_ITERATOR_PTR Iterator,
+ ISL_CONST_DATA_PTR Name,
+ ISL_CONST_DATA_PTR Value);
+
+ISL_STATUS
+EISL_RecycleManifestSectionAttributeEnumerator (ISL_ITERATOR_PTR Iterator);
+
+ISL_MANIFEST_SECTION_PTR
+EISL_GetModuleManifestSection (ISL_VERIFIED_MODULE_PTR Module);
+
+
+/* Secure Linkage Services */
+
+ISL_FUNCTION_PTR
+EISL_LocateProcedureAddress (ISL_VERIFIED_MODULE_PTR Module,
+ ISL_CONST_DATA Name);
+
+#ifdef MACOSX
+#define EISL_GetReturnAddress(Address) \
+{\
+ /* Platform specific code in here */
+}
+#endif
+
+ISL_STATUS
+EISL_CheckAddressWithinModule (ISL_VERIFIED_MODULE_PTR Verification,
+ ISL_FUNCTION_PTR Address);
+
+ISL_STATUS
+EISL_CheckDataAddressWithinModule (ISL_VERIFIED_MODULE_PTR Verification,
+ const void *Address);
+
+void *
+EISL_GetLibHandle (ISL_VERIFIED_MODULE_PTR Verification);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _EISL_H_ */
projects / apple / security.git / blobdiff