VirtualBox

source: vbox/trunk/include/iprt/crypto/applecodesign.h@ 88383

Last change on this file since 88383 was 85121, checked in by vboxsync, 4 years ago

iprt/cdefs.h: Refactored the typedef use of DECLCALLBACK as well as DECLCALLBACKMEMBER to wrap the whole expression, similar to the DECLR?CALLBACKMEMBER macros. This allows adding a throw() at the end when compiling with the VC++ compiler to indicate that the callbacks won't throw anything, so we can stop supressing the C5039 warning about passing functions that can potential throw C++ exceptions to extern C code that can't necessarily cope with such (unwind,++). Introduced a few _EX variations that allows specifying different/no calling convention too, as that's handy when dynamically resolving host APIs. Fixed numerous places missing DECLCALLBACK and such. Left two angry @todos regarding use of CreateThread. bugref:9794

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 11.3 KB
Line 
1/** @file
2 * IPRT - Apple Code Signing Structures and APIs.
3 */
4
5/*
6 * Copyright (C) 2018-2020 Oracle Corporation
7 *
8 * This file is part of VirtualBox Open Source Edition (OSE), as
9 * available from http://www.virtualbox.org. This file is free software;
10 * you can redistribute it and/or modify it under the terms of the GNU
11 * General Public License (GPL) as published by the Free Software
12 * Foundation, in version 2 as it comes in the "COPYING" file of the
13 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
14 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
15 *
16 * The contents of this file may alternatively be used under the terms
17 * of the Common Development and Distribution License Version 1.0
18 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
19 * VirtualBox OSE distribution, in which case the provisions of the
20 * CDDL are applicable instead of those of the GPL.
21 *
22 * You may elect to license modified versions of this file under the
23 * terms and conditions of either the GPL or the CDDL or both.
24 */
25
26#ifndef IPRT_INCLUDED_crypto_applecodesign_h
27#define IPRT_INCLUDED_crypto_applecodesign_h
28#ifndef RT_WITHOUT_PRAGMA_ONCE
29# pragma once
30#endif
31
32#include <iprt/types.h>
33#include <iprt/assertcompile.h>
34#include <iprt/crypto/pkcs7.h>
35
36/** @defgroup grp_rt_craplcs RTCrAppleCs - Apple Code Signing
37 * @ingroup grp_rt_crypto
38 * @{
39 */
40
41/** Apple developer ID for application signing. */
42#define RTCR_APPLE_CS_DEVID_APPLICATION_OID "1.2.840.113635.100.6.1.13"
43/** Apple developer ID for installer signing. */
44#define RTCR_APPLE_CS_DEVID_INSTALLER_OID "1.2.840.113635.100.6.1.14"
45/** Apple developer ID for kernel extension signing. */
46#define RTCR_APPLE_CS_DEVID_KEXT_OID "1.2.840.113635.100.6.1.18"
47/** Apple certificate policy OID. */
48#define RTCR_APPLE_CS_CERTIFICATE_POLICY_OID "1.2.840.113635.100.5.1"
49
50
51/** @name RTCRAPLCS_MAGIC_XXX - Apple code signing magic values for identifying blobs
52 * @note No byte order conversion required.
53 * @{ */
54#define RTCRAPLCS_MAGIC_BLOBWRAPPER RT_N2H_U32_C(UINT32_C(0xfade0b01))
55#define RTCRAPLCS_MAGIC_EMBEDDED_SIGNATURE_OLD RT_N2H_U32_C(UINT32_C(0xfade0b02))
56#define RTCRAPLCS_MAGIC_REQUIREMENT RT_N2H_U32_C(UINT32_C(0xfade0c00))
57#define RTCRAPLCS_MAGIC_REQUIREMENTS RT_N2H_U32_C(UINT32_C(0xfade0c01))
58#define RTCRAPLCS_MAGIC_CODEDIRECTORY RT_N2H_U32_C(UINT32_C(0xfade0c02))
59#define RTCRAPLCS_MAGIC_EMBEDDED_SIGNATURE RT_N2H_U32_C(UINT32_C(0xfade0cc0))
60#define RTCRAPLCS_MAGIC_DETACHED_SIGNATURE RT_N2H_U32_C(UINT32_C(0xfade0cc1))
61/** @} */
62
63/** @name Apple code signing versions.
64 * @note Requires byte order conversion of the field value. That way
65 * greater-than and less-than comparisons works correctly.
66 * @{ */
67#define RTCRAPLCS_VER_2_0 UINT32_C(0x00020000)
68#define RTCRAPLCS_VER_SUPPORTS_SCATTER UINT32_C(0x00020100)
69#define RTCRAPLCS_VER_SUPPORTS_TEAMID UINT32_C(0x00020200)
70#define RTCRAPLCS_VER_SUPPORTS_CODE_LIMIT_64 UINT32_C(0x00020300)
71#define RTCRAPLCS_VER_SUPPORTS_EXEC_SEG UINT32_C(0x00020400)
72/** @} */
73
74/** @name RTCRAPLCS_SLOT_XXX - Apple code signing slots.
75 * @note No byte order conversion required.
76 * @{ */
77#define RTCRAPLCS_SLOT_CODEDIRECTORY RT_N2H_U32_C(UINT32_C(0x00000000))
78#define RTCRAPLCS_SLOT_INFO RT_N2H_U32_C(UINT32_C(0x00000001))
79#define RTCRAPLCS_SLOT_REQUIREMENTS RT_N2H_U32_C(UINT32_C(0x00000002))
80#define RTCRAPLCS_SLOT_RESOURCEDIR RT_N2H_U32_C(UINT32_C(0x00000003))
81#define RTCRAPLCS_SLOT_APPLICATION RT_N2H_U32_C(UINT32_C(0x00000004))
82#define RTCRAPLCS_SLOT_ENTITLEMENTS RT_N2H_U32_C(UINT32_C(0x00000005))
83#define RTCRAPLCS_SLOT_ALTERNATE_CODEDIRECTORIES RT_N2H_U32_C(UINT32_C(0x00001000))
84#define RTCRAPLCS_SLOT_ALTERNATE_CODEDIRECTORIES_END RT_N2H_U32_C(UINT32_C(0x00001005))
85#define RTCRAPLCS_SLOT_ALTERNATE_CODEDIRECTORIES_COUNT UINT32_C(0x00000005)
86#define RTCRAPLCS_SLOT_ALTERNATE_CODEDIRECTORY_INC RT_N2H_U32_C(UINT32_C(0x00000001))
87/** The signature.
88 * This is simply a RTCRAPLCSHDR/RTCRAPLCS_MAGIC_BLOBWRAPPER followed by a DER
89 * encoded \#PKCS7 ContentInfo structure containing signedData. The inner
90 * signedData structure signs external data, so its ContentInfo member is set
91 * to 1.2.840.113549.1.7.1 and has no data. */
92#define RTCRAPLCS_SLOT_SIGNATURE RT_N2H_U32_C(UINT32_C(0x00010000))
93/** @} */
94
95/** @name RTCRAPLCS_HASHTYPE_XXX - Apple code signing hash types
96 * @note Byte sized field, so no byte order concerns.
97 * @{ */
98#define RTCRAPLCS_HASHTYPE_SHA1 UINT8_C(1)
99#define RTCRAPLCS_HASHTYPE_SHA256 UINT8_C(2)
100#define RTCRAPLCS_HASHTYPE_SHA256_TRUNCATED UINT8_C(3) /**< Truncated to 20 bytes (SHA1 size). */
101#define RTCRAPLCS_HASHTYPE_SHA384 UINT8_C(4)
102/** @} */
103
104
105/**
106 * Apple code signing blob header.
107 */
108typedef struct RTCRAPLCSHDR
109{
110 /** The magic value (RTCRAPLCS_MAGIC_XXX).
111 * (Big endian, but constant are big endian already.) */
112 uint32_t uMagic;
113 /** The total length of the blob. Big endian. */
114 uint32_t cb;
115} RTCRAPLCSHDR;
116AssertCompileSize(RTCRAPLCSHDR, 8);
117/** Pointer to a CS blob header. */
118typedef RTCRAPLCSHDR *PRTCRAPLCSHDR;
119/** Pointer to a const CS blob header. */
120typedef RTCRAPLCSHDR const *PCRTCRAPLCSHDR;
121
122/**
123 * Apple code signing super blob slot.
124 */
125typedef struct RTCRAPLCSBLOBSLOT
126{
127 /** Slot type, RTCRAPLCS_SLOT_XXX.
128 * (Big endian, but so are the constants too). */
129 uint32_t uType;
130 /** Data offset. Big endian. */
131 uint32_t offData;
132} RTCRAPLCSBLOBSLOT;
133AssertCompileSize(RTCRAPLCSBLOBSLOT, 8);
134/** Pointer to a super blob slot. */
135typedef RTCRAPLCSBLOBSLOT *PRTCRAPLCSBLOBSLOT;
136/** Pointer to a const super blob slot. */
137typedef RTCRAPLCSBLOBSLOT const *PCRTCRAPLCSBLOBSLOT;
138
139/**
140 * Apple code signing super blob.
141 */
142typedef struct RTCRAPLCSSUPERBLOB
143{
144 /** Header (uMagic = RTCRAPLCS_MAGIC_EMBEDDED_SIGNATURE?
145 * or RTCRAPLCS_MAGIC_EMBEDDED_SIGNATURE_OLD? ). */
146 RTCRAPLCSHDR Hdr;
147 /** Number of slots. Big endian. */
148 uint32_t cSlots;
149 /** Slots. */
150 RT_FLEXIBLE_ARRAY_EXTENSION
151 RTCRAPLCSBLOBSLOT aSlots[RT_FLEXIBLE_ARRAY];
152} RTCRAPLCSSUPERBLOB;
153AssertCompileMemberOffset(RTCRAPLCSSUPERBLOB, aSlots, 12);
154/** Pointer to a CS super blob. */
155typedef RTCRAPLCSSUPERBLOB *PRTCRAPLCSSUPERBLOB;
156/** Pointer to a const CS super blob. */
157typedef RTCRAPLCSSUPERBLOB const *PCRTCRAPLCSSUPERBLOB;
158
159/**
160 * Code directory (RTCRAPLCS_MAGIC_CODEDIRECTORY).
161 */
162typedef struct RTCRAPLCSCODEDIRECTORY
163{
164 /** 0x00: Header (uMagic = RTCRAPLCS_MAGIC_CODEDIRECTORY). */
165 RTCRAPLCSHDR Hdr;
166 /** 0x08: The version number (RTCRAPLCS_VER_XXX).
167 * @note Big endian, host order constants. */
168 uint32_t uVersion;
169 /** 0x0c: Flags & mode, RTCRAPLCS_???. (Big endian. ) */
170 uint32_t fFlags;
171 /** 0x10: Offset of the hash slots. Big endian.
172 * Special slots found below this offset, code slots at and after. */
173 uint32_t offHashSlots;
174 /** 0x14: Offset of the identifier string. Big endian. */
175 uint32_t offIdentifier;
176 /** 0x18: Number of special hash slots. Hubertus Bigend style. */
177 uint32_t cSpecialSlots;
178 /** 0x1c: Number of code hash slots. Big endian. */
179 uint32_t cCodeSlots;
180 /** 0x20: Number of bytes of code that's covered, 32-bit wide. Big endian. */
181 uint32_t cbCodeLimit32;
182 /** 0x24: The hash size. */
183 uint8_t cbHash;
184 /** 0x25: The hash type (RTCRAPLCS_HASHTYPE_XXX). */
185 uint8_t bHashType;
186 /** 0x26: Platform identifier or zero. */
187 uint8_t idPlatform;
188 /** 0x27: The page shift value. zero if infinite page size. */
189 uint8_t cPageShift;
190 /** 0x28: Spare field, MBZ. */
191 uint32_t uUnused1;
192 /** 0x2c: Offset of scatter vector (optional). Big endian.
193 * @since RTCRAPLCS_VER_SUPPORTS_SCATTER */
194 uint32_t offScatter;
195 /** 0x30: Offset of team identifier (optional). Big endian.
196 * @since RTCRAPLCS_VER_SUPPORTS_TEAMID */
197 uint32_t offTeamId;
198 /** 0x34: Unused field, MBZ.
199 * @since RTCRAPLCS_VER_SUPPORTS_CODE_LIMIT_64 */
200 uint32_t uUnused2;
201 /** 0x38: Number of bytes of code that's covered, 64-bit wide. Big endian.
202 * @since RTCRAPLCS_VER_SUPPORTS_CODE_LIMIT_64 */
203 uint64_t cbCodeLimit64;
204 /** 0x40: File offset of the first segment. Big endian.
205 * @since RTCRAPLCS_VER_SUPPORTS_EXEC_SEG */
206 uint64_t offExecSeg;
207 /** 0x48: The size of the first segment. Big endian.
208 * @since RTCRAPLCS_VER_SUPPORTS_EXEC_SEG */
209 uint64_t cbExecSeg;
210 /** 0x50: Flags for the first segment. Big endian.
211 * @since RTCRAPLCS_VER_SUPPORTS_EXEC_SEG */
212 uint64_t fExecSeg;
213} RTCRAPLCSCODEDIRECTORY;
214AssertCompileSize(RTCRAPLCSCODEDIRECTORY, 0x58);
215/** Pointer to a CS code directory. */
216typedef RTCRAPLCSCODEDIRECTORY *PRTCRAPLCSCODEDIRECTORY;
217/** Pointer to a const CS code directory. */
218typedef RTCRAPLCSCODEDIRECTORY const *PCRTCRAPLCSCODEDIRECTORY;
219
220
221/**
222 * IPRT structure for working with an Apple code signing blob.
223 */
224typedef struct RTCRAPLCS
225{
226 uint8_t const *pbBlob;
227 size_t cbBlob;
228 size_t auReserved[4];
229} RTCRAPLCS;
230/** Pointer to an IPRT CS blob descriptor. */
231typedef RTCRAPLCS *PRTCRAPLCS;
232
233/**
234 * Initialize a RTCRAPLCS descriptor and validate the blob data.
235 *
236 * @returns IPRT status code.
237 * @param pDesc The descirptor to initialize.
238 * @param pvBlob The blob bytes.
239 * @param cbBlob The number of bytes in the blob.
240 * @param fFlags Future validation flags, MBZ.
241 * @param pErrInfo Where to return additional error details. Optional.
242 */
243RTDECL(int) RTCrAppleCsInit(PRTCRAPLCS pDesc, void const *pvBlob, size_t cbBlob, uint32_t fFlags, PRTERRINFO pErrInfo);
244
245/**
246 * Callback used by RTCrAppleCsVerifyImage to digest a section of the image.
247 *
248 * @return IPRT status code.
249 * @param hDigest The digest to feed the bytes to.
250 * @param off The RVA of the bytes to digest.
251 * @param cb Number of bytes to digest.
252 * @param pvUser User argument.
253 */
254typedef DECLCALLBACKTYPE(int, FNRTCRAPPLECSDIGESTAREA,(RTCRDIGEST hDigest, size_t off, size_t cb, void *pvUser));
255/** Pointer to a image digest callback. */
256typedef FNRTCRAPPLECSDIGESTAREA *PFNRTCRAPPLECSDIGESTAREA;
257
258/**
259 * Verifies an image against the given signature blob.
260 *
261 * @return IPRT status code.
262 * @param pDesc The apple code signing blob to verify against.
263 * @param fFlags Future verification flags, MBZ.
264 * @param pfnCallback Image digest callback.
265 * @param pvUser User argument for the callback.
266 * @param pErrInfo Where to return additional error details. Optional.
267 */
268RTDECL(int) RTCrAppleCsVerifyImage(PRTCRAPLCS pDesc, uint32_t fFlags, PFNRTCRAPPLECSDIGESTAREA pfnCallback,
269 void *pvUser, PRTERRINFO pErrInfo);
270
271RTDECL(int) RTCrAppleCsQuerySigneddData(PRTCRAPLCS pDesc, PRTCRPKCS7SIGNEDDATA pSignedData, PRTERRINFO pErrInfo);
272
273/** @} */
274
275#endif /* !IPRT_INCLUDED_crypto_applecodesign_h */
276
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette