1 #ifndef _CHUNKLIST_H 2 #define _CHUNKLIST_H 3 4 #include <libkern/crypto/sha2.h> 5 6 /* 7 * Chunklist file format 8 */ 9 #define CHUNKLIST_MAGIC 0x4C4B4E43 10 #define CHUNKLIST_FILE_VERSION_10 1 11 #define CHUNKLIST_CHUNK_METHOD_10 1 12 #define CHUNKLIST_SIGNATURE_METHOD_REV1 1 13 #define CHUNKLIST_REV1_SIG_LEN 256 14 #define CHUNKLIST_PUBKEY_LEN (2048/8) 15 #define CHUNKLIST_SIGNATURE_LEN (2048/8) 16 17 struct chunklist_hdr { 18 uint32_t cl_magic; 19 uint32_t cl_header_size; 20 uint8_t cl_file_ver; 21 uint8_t cl_chunk_method; 22 uint8_t cl_sig_method; 23 uint8_t __unused1; 24 uint64_t cl_chunk_count; 25 uint64_t cl_chunk_offset; 26 uint64_t cl_sig_offset; 27 } __attribute__((packed)); 28 29 struct chunklist_chunk { 30 uint32_t chunk_size; 31 uint8_t chunk_sha256[SHA256_DIGEST_LENGTH]; 32 } __attribute__((packed)); 33 34 struct chunklist_pubkey { 35 const boolean_t is_production; 36 const uint8_t key[CHUNKLIST_PUBKEY_LEN]; 37 }; 38 39 int authenticate_root_with_chunklist(const char *rootdmg_path, boolean_t *out_enforced); 40 int authenticate_root_version_check(void); 41 int authenticate_bootkc_uuid(void); 42 int authenticate_libkern_uuid(void); 43 #endif /* _CHUNKLIST_H */ 44