Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
1,764 changed files
with
137,567 additions
and
146,560 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,140 @@ | ||
| #ifndef libTrustCache_API_h | ||
| #define libTrustCache_API_h | ||
|
|
||
| #include <sys/cdefs.h> | ||
| __BEGIN_DECLS | ||
|
|
||
| #include <stdint.h> | ||
| #include <stdbool.h> | ||
| #include <img4/firmware.h> | ||
| #include <TrustCache/RawTypes.h> | ||
| #include <TrustCache/Types.h> | ||
| #include <TrustCache/TypesConfig.h> | ||
| #include <TrustCache/Return.h> | ||
|
|
||
| /** | ||
| * NOTE: This library does not enforce any concurrency by itself. To be safe in a multi-threaded | ||
| * environment, the caller must manually enforce concurrency on the runtime data structure as | ||
| * otherwise the library is susceptible to memory corruption from race conditions. | ||
| */ | ||
|
|
||
| /** | ||
| * Initialize a runtime to the default values. | ||
| * | ||
| * If the system supports read-only segments, and the runtime is allocated within the read-only | ||
| * segment, then this function needs to be called before the segment is enforced to be read-only. | ||
| * For more information, please look at <TrustCache/Types.h>. | ||
| */ | ||
| static inline void | ||
| trustCacheInitializeRuntime(TrustCacheRuntime_t *runtime, | ||
| TrustCacheMutableRuntime_t *mutableRT, | ||
| bool allowSecondStaticTC, | ||
| bool allowEngineeringTC, | ||
| bool allowLegacyTC, | ||
| const img4_runtime_t *image4RT) | ||
| { | ||
| /* Zero out everything */ | ||
| memset(runtime, 0, sizeof(*runtime)); | ||
| memset(mutableRT, 0, sizeof(*mutableRT)); | ||
|
|
||
| /* Set the mutable runtime pointer */ | ||
| runtime->mutableRT = mutableRT; | ||
|
|
||
| /* Setup trust cache type permissions */ | ||
| runtime->allowSecondStaticTC = allowSecondStaticTC; | ||
| runtime->allowEngineeringTC = allowEngineeringTC; | ||
| runtime->allowLegacyTC = allowLegacyTC; | ||
|
|
||
| /* Set the image4 runtime */ | ||
| runtime->image4RT = image4RT; | ||
| } | ||
|
|
||
| /** | ||
| * Add a trust cache module directly to the runtime. This function is used to add modules which | ||
| * don't need to be separately authenticated. Currently, the only trust cache types which can be | ||
| * used with this function are static and engineering trust caches. | ||
| * | ||
| * If the system supports read-only segments, and the runtime is allocated within the read-only | ||
| * segment, then this function needs to be called before the segment is enforced to be read-only. | ||
| * For more information, please look at <TrustCache/Types.h>. | ||
| */ | ||
| TCReturn_t | ||
| trustCacheLoadModule(TrustCacheRuntime_t *runtime, | ||
| const TCType_t type, | ||
| TrustCache_t *trustCache, | ||
| const uintptr_t dataAddr, | ||
| const size_t dataSize); | ||
|
|
||
| /** | ||
| * Load a trust cache onto the system. This function validates the trust cache for a proper | ||
| * signature and adds it to the runtime. | ||
| * | ||
| * Both the payload and the manifest must be provided and they will be validated as image4 | ||
| * objects. | ||
| */ | ||
| TCReturn_t | ||
| trustCacheLoad(TrustCacheRuntime_t *runtime, | ||
| TCType_t type, | ||
| TrustCache_t *trustCache, | ||
| const uintptr_t payloadAddr, | ||
| const size_t payloadSize, | ||
| const uintptr_t manifestAddr, | ||
| const size_t manifestSize); | ||
|
|
||
| /** | ||
| * Query a trust cache for a particular CDHash. The returned token can then be used to | ||
| * query further attributes from the matched entry. | ||
| */ | ||
| TCReturn_t | ||
| trustCacheQuery(const TrustCacheRuntime_t *runtime, | ||
| TCQueryType_t queryType, | ||
| const uint8_t CDHash[kTCEntryHashSize], | ||
| TrustCacheQueryToken_t *queryToken); | ||
|
|
||
| /** | ||
| * Get the capabilities of a trust cache. This function can be used to query which fields a given | ||
| * trust cache supports. | ||
| * | ||
| * The fields which are supported are based on the version of the trust cache module. | ||
| */ | ||
| TCReturn_t | ||
| trustCacheGetCapabilities(const TrustCache_t *trustCache, | ||
| TCCapabilities_t *capabilities); | ||
|
|
||
| /** | ||
| * Acquire the trust cache type for a query token. | ||
| */ | ||
| TCReturn_t | ||
| trustCacheQueryGetTCType(const TrustCacheQueryToken_t *queryToken, | ||
| TCType_t *typeRet); | ||
|
|
||
| /** | ||
| * Acquire the capabilities of the trust cache through a query token. | ||
| */ | ||
| TCReturn_t | ||
| trustCacheQueryGetCapabilities(const TrustCacheQueryToken_t *queryToken, | ||
| TCCapabilities_t *capabilities); | ||
|
|
||
| /** | ||
| * Acquire the hash type for the CDHash through a query token. | ||
| */ | ||
| TCReturn_t | ||
| trustCacheQueryGetHashType(const TrustCacheQueryToken_t *queryToken, | ||
| uint8_t *hashTypeRet); | ||
|
|
||
| /** | ||
| * Acquire the flags for a trust cache entry through a query token. | ||
| */ | ||
| TCReturn_t | ||
| trustCacheQueryGetFlags(const TrustCacheQueryToken_t *queryToken, | ||
| uint64_t *flagsRet); | ||
|
|
||
| /** | ||
| * Acquire the constraint category for a trust cache entry through a query token. | ||
| */ | ||
| TCReturn_t | ||
| trustCacheQueryGetConstraintCategory(const TrustCacheQueryToken_t *queryToken, | ||
| uint8_t *constraintCategoryRet); | ||
|
|
||
| __END_DECLS | ||
| #endif /* libTrustCache_API_h */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,103 @@ | ||
| #ifndef libTrustCache_RawTypes_h | ||
| #define libTrustCache_RawTypes_h | ||
|
|
||
| #include <sys/cdefs.h> | ||
| __BEGIN_DECLS | ||
|
|
||
| #include <stdint.h> | ||
| #include <corecrypto/ccsha1.h> | ||
|
|
||
| /* | ||
| * CDHashes in the trust cache are always truncated to the length of a SHA1 hash. | ||
| */ | ||
| #define kTCEntryHashSize CCSHA1_OUTPUT_SIZE | ||
|
|
||
| /* UUIDs are always 16 bytes */ | ||
| #define kUUIDSize 16 | ||
|
|
||
| /* Versions supported by the library */ | ||
| enum { | ||
| kTCVersion0 = 0x0, | ||
| kTCVersion1 = 0x1, | ||
| kTCVersion2 = 0x2, | ||
|
|
||
| kTCVersionTotal, | ||
| }; | ||
|
|
||
| /* Flags for the trust cache look ups */ | ||
| enum { | ||
| kTCFlagAMFID = 0x01, | ||
| kTCFlagANEModel = 0x02, | ||
| }; | ||
|
|
||
| typedef struct _TrustCacheModuleBase { | ||
| /* The version for this trust cache module */ | ||
| uint32_t version; | ||
| } __attribute__((packed)) TrustCacheModuleBase_t; | ||
|
|
||
| #pragma mark Trust Cache Version 0 | ||
|
|
||
| typedef uint8_t TrustCacheEntry0_t[kTCEntryHashSize]; | ||
|
|
||
| typedef struct _TrustCacheModule0 { | ||
| /* Must be 0 */ | ||
| uint32_t version; | ||
|
|
||
| /* ID which uniquely identifies the trust cache */ | ||
| uint8_t uuid[kUUIDSize]; | ||
|
|
||
| /* The number of entries present in the trust cache */ | ||
| uint32_t numEntries; | ||
|
|
||
| /* Dynamic data containing all the entries */ | ||
| TrustCacheEntry0_t entries[0]; | ||
| } __attribute__((packed)) TrustCacheModule0_t; | ||
|
|
||
| #pragma mark Trust Cache Version 1 | ||
|
|
||
| typedef struct _TrustCacheEntry1 { | ||
| uint8_t CDHash[kTCEntryHashSize]; | ||
| uint8_t hashType; | ||
| uint8_t flags; | ||
| } __attribute__((packed)) TrustCacheEntry1_t; | ||
|
|
||
| typedef struct _TrustCacheModule1 { | ||
| /* Must be 1 */ | ||
| uint32_t version; | ||
|
|
||
| /* ID which uniquely identifies the trust cache */ | ||
| uint8_t uuid[kUUIDSize]; | ||
|
|
||
| /* The number of entries present in the trust cache */ | ||
| uint32_t numEntries; | ||
|
|
||
| /* Dynamic data containing all the entries */ | ||
| TrustCacheEntry1_t entries[0]; | ||
| } __attribute__((packed)) TrustCacheModule1_t; | ||
|
|
||
| #pragma mark Trust Cache Version 2 | ||
|
|
||
| typedef struct _TrustCacheEntry2 { | ||
| uint8_t CDHash[kTCEntryHashSize]; | ||
| uint8_t hashType; | ||
| uint8_t flags; | ||
| uint8_t constraintCategory; | ||
| uint8_t reserved0; | ||
| } __attribute__((packed)) TrustCacheEntry2_t; | ||
|
|
||
| typedef struct _TrustCacheModule2 { | ||
| /* Must be 2 */ | ||
| uint32_t version; | ||
|
|
||
| /* ID which uniquely identifies the trust cache */ | ||
| uint8_t uuid[kUUIDSize]; | ||
|
|
||
| /* The number of entries present in the trust cache */ | ||
| uint32_t numEntries; | ||
|
|
||
| /* Dynamic data containing all the entries */ | ||
| TrustCacheEntry2_t entries[0]; | ||
| } __attribute__((packed)) TrustCacheModule2_t; | ||
|
|
||
| __END_DECLS | ||
| #endif /* libTrustCache_RawTypes_h */ |
Oops, something went wrong.