/* * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * * This file contains Original Code and/or Modifications of Original Code * as defined in and that are subject to the Apple Public Source License * Version 2.0 (the 'License'). You may not use this file except in * compliance with the License. Please obtain a copy of the License at * http://www.opensource.apple.com/apsl/ and read it before using this * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. * Please see the License for the specific language governing rights and * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ /*! @header SecManifest The functions and data types in SecManifest implement file, directory, and data signing. */ #ifndef _SECURITY_SECMANIFEST_H_ #define _SECURITY_SECMANIFEST_H_ #include <Security/SecTrust.h> #include <Security/SecIdentity.h> #include <Security/SecBase.h> #if defined(__cplusplus) extern "C" { #endif enum { errSecManifestNotSupported = -22040, /* The specified object can't be placed in a manifest */ errSecManifestNoSigners = -22041, /* There must be at least one signer for a manifest */ errSecManifestCMSFailure = -22042, /* A problem occurred with CMS */ errSecManifestIsNotEmpty = -20043, /* The manifest was not empty before create from external representation */ errSecManifestDidNotVerify = -20044, /* The manifest did not verify */ errSecManifestDamaged = -20045, /* The manifest was damaged */ errSecManifestNotEqual = -20046, /* The manifests were not equal */ errSecManifestBadResult = -20057, /* A manifest callback returned an invalid result */ errSecManifestNoPolicy = -20058, /* Couldn't find the default policy */ errSecManifestInvalidException = -20059, /* Exception list members must be CFStrings */ errSecManifestNoSignersFound = -20060, /* No signers were found in the manifest */ }; typedef UInt32 SecManifestCompareOptions; enum {kSecManifestVerifyOwnerAndGroup = 0x1}; /*! @typedef SecManifestRef @abstract A pointer to an opaque manifest structure */ typedef struct OpaqueSecManifestRef *SecManifestRef; /*! @function SecManifestGetVersion @abstract Determines the version of the SecManifest API installed on the user's system. @param version On return, a pointer to the version number of the SecManifest API installed on the system. @result A result code. */ OSStatus SecManifestGetVersion(UInt32 *version); /*! @function SecManifestCreate @abstract Creates a new manifest object for signing. @param manifest On return, a porinter to a manifest reference. The memory that manifest occupies must be released by calling SecManifestRelease when you are finished with it. @result A result code. */ OSStatus SecManifestCreate(SecManifestRef *manifest); /*! @function SecManifestRelease @abstract Destroys a manifest object @param manifest The manifest to destroy. */ void SecManifestRelease(SecManifestRef manifest); typedef enum _SecManifestTrustCallbackResult { kSecManifestDoNotVerify, kSecManifestSignerVerified, kSecManifestContinue, kSecManifestFailed } SecManifestTrustCallbackResult; typedef SecManifestTrustCallbackResult(*SecManifestTrustSetupCallback) (SecTrustRef trustRef, void* setupContext); typedef SecManifestTrustCallbackResult(*SecManifestTrustEvaluateCallback) (SecTrustRef trustRef, SecTrustResultType result, void *evaluateContext); /*! @function SecManifestVerifySignature @abstract Verifies a signature created with SecManifestCreateSignature, @param data The signature to verify. @param setupCallback Called before trust is verified for a signer. This allows the user to modify the SecTrustRef if needed (see the SecTrust documentation). @param setupContext User defined. @param evaluateCallback Called after SecTrustEvaluate has been called for a signer if the result was not trusted. This allows the developer to query the user as to whether or not to trust the signer. @param evaluateContext User defined. @param manifest Optional return of the verified manifest */ OSStatus SecManifestVerifySignature(CFDataRef data, SecManifestTrustSetupCallback setupCallback, void* setupContext, SecManifestTrustEvaluateCallback evaluateCallback, void* evaluateContext, SecManifestRef *manifest); /*! @function SecManifestVerifySignature @abstract Verifies a signature created with SecManifestCreateSignature, @param data The signature to verify. @param setupCallback Called before trust is verified for a signer. This allows the user to modify the SecTrustRef if needed (see the SecTrust documentation). @param setupContext User defined. @param evaluateCallback Called after SecTrustEvaluate has been called for a signer if the result was not trusted. This allows the developer to query the user as to whether or not to trust the signer. @param evaluateContext User defined. @param policyRef A SecPolicyRef used to evaluate the signature. Pass NULL to use the default policy @param manifest Optional return of the verified manifest */ OSStatus SecManifestVerifySignatureWithPolicy(CFDataRef data, SecManifestTrustSetupCallback setupCallback, void* setupContext, SecManifestTrustEvaluateCallback evaluateCallback, void* evaluateContext, SecPolicyRef policyRef, SecManifestRef *manifest); /*! @function SecManifestCreateSignature @abstract Creates a signature. @param manifest The manifest from which to create the signature. @param options Reserved for future use. @param data On return, the external representation. The memory that data occupies must be released by calling CFRelease when finished with it. @result A result code. */ OSStatus SecManifestCreateSignature(SecManifestRef manifest, UInt32 options, CFDataRef *data); /*! @function SecManifestAddObject @abstract Adds data to be signed or verified to the manifest object. @param manifest The manifest object. @param object The object to add. @param exceptionList If data points to a directory, this contains an optional list of CFStrings, relative to object, that will not be included in the manifest. @result A result code. @discussion object may either be a CFURL that points to a file URL, or a SecManifestData, which points to arbitrary data. */ OSStatus SecManifestAddObject(SecManifestRef manifest, CFTypeRef object, CFArrayRef exceptionList); /*! @function SecManifestCompare @abstraact Compare one manifest to another. @param manifest1 A manifest to be compared for equality. @param manifest2 A manifest to be compared for equality. @param verifyOwnerAndGroup If true, owner and group ID's will be checked as part of the verification process. @result A result code. */ OSStatus SecManifestCompare(SecManifestRef manifest1, SecManifestRef manifest2, SecManifestCompareOptions options); /*! @function SecManifestAddSigner @abstract Add an identity to the list of identities that will sign the manifest. @param manifest The manifest to sign. @param identity The identity to be used to sign the manifest. @result A result code. @discussion Multiple signers are supported. The actual signing does not take place until SecManifestCreateExternalRepresentation is called. */ OSStatus SecManifestAddSigner(SecManifestRef manifest, SecIdentityRef identity); #if defined(__cplusplus) } #endif #endif /* ! _SECURITY_SECMANIFEST_H_ */