The "get" function for each iterator object varies with each type of subordinate object referenced and returned by the function.
The object is recycled after the "get" function indicates that there are no more subordinate object references to enumerate.
Iterator objects are objects in their own right, but they are documented with their containing object.
typedef const void *ISL_ITERATOR_PTR;
Valid operations on this object are to create an iterator to return manifest sections, or search for a specific signed object. The attributes of the unverified object have been verified, but the object itself has not been verified.
One can also create an iterator to enumerate the verified attributes of the signature itself.
typedef const void *ISL_VERIFIED_SIGNATURE_ROOT_PTR;
typedef const void *ISL_VERIFIED_CERTIFICATE_CHAIN_PTR;
typedef const void *ISL_VERIFIED_CERTIFICATE_PTR;
Valid operations on this object are to verify the signed object, and to create an iterator which returns attributes of the signed object. Using the iterator, it is possible to check the attributes of a signed object prior to verifying the object itself. The manifest section object is always contained in a Verified Signature Root Object.
typedef const void *ISL_MANIFEST_SECTION_PTR;
This object is always contained in a Verified Signature Root Object.
Valid operations on this object include checking address ranges and obtaining the Manifest Section Object corresponding to the verified module. The verified module object cannot be modified in memory, and libraries must use various techniques to enforce this requirement.
typedef const void *ISL_VERIFIED_MODULE_PTR;
OBJECT | CONTAINING OBJECT | CREATING FUNCTION(S) | RECYCLING FUNCTION |
---|---|---|---|
Verified Signature Root | none | EISL_CreateVerifiedSignatureRoot EISL_CreateVerifiedSignatureRootWithCertificate EISL_CreateVerifiedSignatureRootWithCredentialData EISL_CreateVerifiedSignatureRootWithCredentialDataAndCertificate | EISL_RecycleVerifiedSignatureRoot |
Verified Module* | Verified Signature Root | EISL_SelfCheck EISL_VerifyLoadedModule EISL_VerifyAndLoadModuleAndCredentials EISL_VerifyAndLoadModuleAndCredentialsWithCertificate EISL_VerifyAndLoadModuleAndCredentialData EISL_VerifyAndLoadModuleAndCredentialDataWithCertificate EISL_VerifyAndLoadModule EISL_VerifyLoadedModuleAndCredentials EISL_VerifyLoadedModuleAndCredentialsWithCertificate EISL_VerifyLoadedModuleAndCredentialData EISL_VerifyLoadedModuleAndCredentialDataWithCertificate EISL_DuplicateVerifiedModulePtr | ISL_RecycleModuleAndCredentials* |
Manifest Section | Verified Signature Root | (implicit) | (implicit) |
Verified Module | Manifest Section | (implicit) | (implicit) |
Verified Certificate | none | EISL_CreateCertificateChain EISL_CreateCertificateChainWithCertificate EISL_CreateCertificateChainWithCredentialData EISL_CreateCertificateChainWithCredentialDataAnd Certificate | EISL_RecycleCertificateChain |
Verified Certificate Chain*** | Verified Signature Root | (implicit) | (implicit) |
Verified Certificate | Verified Certificate Chain | (implicit) | (implicit) |
Signature Root Attribuite Iterator | Verified Signature Root | EISL_CreateManifestAttributeEnumerator | EISL_RecycleAttributeEnumerator |
Manifest Section Iterator | Verified Signature Root | EISL_CreateManifestSectionEnumerator | EISL_RecycleManifestSectionEnumerator ** |
Signature Attribute Iterator | Verified Signature Root | EISL_Create Signature AttributeEnumerator | EISL_RecycleSignatureAttributeEnumerator ** |
Signer Info Attribute Iterator | Verified Signature Root | EISL_CreateSignerInfoAttributeEnumerator | EISL_RecycleAttributeEnumerator |
Certificate Attribute Iterator | Verified Certificate | EISL_CreateCertificateAttributeEnumerator | EISL_RecycleCertificateAttributeEnumerator ** |
Manifest Section Attribute Iterator | Verified Signature Root | EISL_CreateManifestSection | EISL_RecycleManifestSectionAttribute |
typedef struct isl_data{
uint32 Length; /* in bytes */
uint8 *Data;
} ISL_DATA, *ISL_DATA_PTR;
typedef struct isl_const_data{
uint32 Length; /* in bytes */
const uint8 *Data;
} ISL_CONST_DATA, *ISL_CONST_DATA_PTR;
typedef enum isl_status{
ISL_OK = 0,
ISL_FAIL = -1
} ISL_STATUS;
typedef void (*ISL_FUNCTION_PTR)(void);
Contents | Next section | Index |