1 /* 2 * Copyright (c) 2021 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29 #ifndef __APPLE_ENCRYPTED_ARCHIVE_H 30 #define __APPLE_ENCRYPTED_ARCHIVE_H 31 32 #include <stdint.h> 33 #include <os/base.h> 34 #include <sys/cdefs.h> 35 #include <sys/_types/_ssize_t.h> 36 37 /* Callbacks used to write/read data to/from the encrypted stream */ 38 typedef ssize_t (*apple_encrypted_archive_pwrite_proc)( 39 void *arg, 40 const void *buf, 41 size_t nbyte, 42 off_t offset); 43 44 typedef ssize_t (*apple_encrypted_archive_pread_proc)( 45 void *arg, 46 void *buf, 47 size_t nbyte, 48 off_t offset); 49 50 /** 51 * @abstract Get state size 52 * 53 * @return Positive state size (bytes) on success, and 0 on failure 54 */ 55 typedef size_t (*apple_encrypted_archive_get_state_size)(void); 56 57 /** 58 * @abstract Initialize state 59 * 60 * @param state Encryption state buffer, \p state_size bytes 61 * @param state_size Size allocated in \p state, must be at least apple_encrypted_archive_get_state_size() 62 * @param recipient_public_key x9.63 encoded public key, must be on the P256 elliptic curve 63 * @param recipient_public_key_size bytes stored in \p public_key (must be 65) 64 * 65 * @return 0 on success, and a negative error code on failure 66 */ 67 typedef int (*apple_encrypted_archive_initialize_state)( 68 void *state, 69 size_t state_size, 70 const uint8_t *recipient_public_key, 71 size_t recipient_public_key_size); 72 73 /** 74 * @abstract Open encryption stream 75 * 76 * @discussion State must have been initialized with apple_encrypted_archive_initialize_state() 77 * 78 * @param state Encryption state buffer, \p state_size bytes 79 * @param state_size Size allocated in \p state, must be at least apple_encrypted_archive_get_state_size() 80 * @param callback_arg Value passed as first argument to the pwrite/pread callbacks 81 * @param pwrite_callback Function used to write data to the encrypted stream 82 * @param pread_callback Function used to read data from the encrypted stream 83 * 84 * @return 0 on success, and a negative error code on failure 85 */ 86 typedef int (*apple_encrypted_archive_open)( 87 void *state, 88 size_t state_size, 89 void *callback_arg, 90 apple_encrypted_archive_pwrite_proc pwrite_callback, 91 apple_encrypted_archive_pread_proc pread_callback); 92 93 /** 94 * @abstract Write data to encryption stream 95 * 96 * @discussion Stream must have been opened with apple_encrypted_archive_open() 97 * 98 * @param state Encryption state buffer, \p state_size bytes 99 * @param state_size Size allocated in \p state, must be at least apple_encrypted_archive_get_state_size() 100 * @param buf Data to write, \p nbyte bytes 101 * @param nbyte Number of bytes to write from \p buf 102 * 103 * @return Number of bytes written on success, and a negative error code on failure 104 */ 105 typedef ssize_t (*apple_encrypted_archive_write)( 106 void *state, 107 size_t state_size, 108 const void *buf, 109 size_t nbyte); 110 111 /** 112 * @abstract Close encryption stream 113 * 114 * @discussion Stream must have been opened with apple_encrypted_archive_open() 115 * 116 * @param state Encryption state buffer, \p state_size bytes 117 * @param state_size Size allocated in \p state, must be at least apple_encrypted_archive_get_state_size() 118 * 119 * @return 0 on success, and a negative error code on failure 120 */ 121 typedef int (*apple_encrypted_archive_close)( 122 void *state, 123 size_t state_size); 124 125 typedef struct _apple_encrypted_archive { 126 apple_encrypted_archive_get_state_size aea_get_state_size; 127 apple_encrypted_archive_initialize_state aea_initialize_state; 128 apple_encrypted_archive_open aea_open; 129 apple_encrypted_archive_write aea_write; 130 apple_encrypted_archive_close aea_close; 131 } apple_encrypted_archive_t; 132 133 __BEGIN_DECLS 134 135 /** 136 * @abstract The AppleEncryptedArchive interface that was registered. 137 */ 138 extern const apple_encrypted_archive_t *apple_encrypted_archive; 139 140 /** 141 * @abstract Registers the AppleEncryptedArchive kext interface for use within the kernel proper. 142 * 143 * @param aea The interface to register. 144 * 145 * @discussion 146 * This routine may only be called once and must be called before late-const has 147 * been applied to kernel memory. 148 */ 149 OS_EXPORT OS_NONNULL1 150 void apple_encrypted_archive_interface_register(const apple_encrypted_archive_t *aea); 151 152 #if PRIVATE 153 154 typedef void (*registration_callback_t)(void); 155 156 void apple_encrypted_archive_interface_set_registration_callback(registration_callback_t callback); 157 158 #endif /* PRIVATE */ 159 160 __END_DECLS 161 162 #endif // __APPLE_ENCRYPTED_ARCHIVE_H 163