1#ifndef _CHUNKLIST_H
2#define _CHUNKLIST_H
3
4#include <libkern/crypto/sha2.h>
5
6/*
7 * Chunklist file format
8 */
9#define CHUNKLIST_MAGIC 0x4C4B4E43
10#define CHUNKLIST_FILE_VERSION_10 1
11#define CHUNKLIST_CHUNK_METHOD_10 1
12#define CHUNKLIST_SIGNATURE_METHOD_REV1 1
13#define CHUNKLIST_REV1_SIG_LEN 256
14#define CHUNKLIST_PUBKEY_LEN (2048/8)
15#define CHUNKLIST_SIGNATURE_LEN (2048/8)
16
17struct chunklist_hdr {
18 uint32_t cl_magic;
19 uint32_t cl_header_size;
20 uint8_t cl_file_ver;
21 uint8_t cl_chunk_method;
22 uint8_t cl_sig_method;
23 uint8_t __unused1;
24 uint64_t cl_chunk_count;
25 uint64_t cl_chunk_offset;
26 uint64_t cl_sig_offset;
27} __attribute__((packed));
28
29struct chunklist_chunk {
30 uint32_t chunk_size;
31 uint8_t chunk_sha256[SHA256_DIGEST_LENGTH];
32} __attribute__((packed));
33
34struct chunklist_pubkey {
35 const boolean_t is_production;
36 const uint8_t key[CHUNKLIST_PUBKEY_LEN];
37};
38
39int authenticate_root_with_chunklist(const char *rootdmg_path, boolean_t *out_enforced);
40int authenticate_root_version_check(void);
41int authenticate_bootkc_uuid(void);
42int authenticate_libkern_uuid(void);
43#endif /* _CHUNKLIST_H */
44