[apple/security.git] / OSX / sec / SOSCircle / SecureObjectSync / SOSRingBasic.c

//
//  SOSRingBasic.c
//  sec
//
//  Created by Richard Murphy on 3/3/15.
//
//

#include "SOSRingBasic.h"

#include <AssertMacros.h>

#include <Security/SecureObjectSync/SOSInternal.h>
#include <Security/SecureObjectSync/SOSPeerInfoInternal.h>
#include <Security/SecureObjectSync/SOSPeerInfoCollections.h>
#include <Security/SecureObjectSync/SOSCircle.h>
#include <Security/SecFramework.h>

#include <Security/SecKey.h>
#include <Security/SecKeyPriv.h>
#include <CoreFoundation/CoreFoundation.h>

#include <utilities/SecCFWrappers.h>

#include <stdlib.h>
#include <assert.h>

#include "SOSRingUtils.h"
#include "SOSRingTypes.h"

// MARK: Basic Ring Ops

static SOSRingRef SOSRingCreate_Basic(CFStringRef name, CFStringRef myPeerID, CFErrorRef *error) {
    SOSRingRef retval = NULL;
    retval = SOSRingCreate_Internal(name, 0, error);
    if(!retval) return NULL;
    SOSRingSetLastModifier(retval, myPeerID);
    return retval;
}

static bool SOSRingResetToEmpty_Basic(SOSRingRef ring, CFStringRef myPeerID, CFErrorRef *error) {
    return SOSRingResetToEmpty_Internal(ring, error) && SOSRingSetLastModifier(ring, myPeerID);
}

static bool SOSRingResetToOffering_Basic(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
    CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
    SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
    bool retval = priv && myPeerID &&
    SOSRingResetToEmpty_Internal(ring, error) &&
    SOSRingAddPeerID(ring, myPeerID) &&
    SOSRingSetLastModifier(ring, myPeerID) &&
    SOSRingGenerationSign_Internal(ring, priv, error);
    if(user_privkey) SOSRingConcordanceSign_Internal(ring, user_privkey, error);
    CFReleaseNull(priv);
    return retval;
}

static SOSRingStatus SOSRingDeviceIsInRing_Basic(SOSRingRef ring, CFStringRef peerID) {
    if(SOSRingHasPeerID(ring, peerID)) return kSOSRingMember;
    if(SOSRingHasApplicant(ring, peerID)) return kSOSRingApplicant;
    if(SOSRingHasRejection(ring, peerID)) return kSOSRingReject;
    return kSOSRingNotInRing;
}

static bool SOSRingApply_Basic(SOSRingRef ring, SecKeyRef user_pubkey, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
    bool retval = false;
    CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
    SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
    require_action_quiet(SOSRingDeviceIsInRing_Basic(ring, myPeerID) == kSOSRingNotInRing, errOut, secnotice("ring", "Already associated with ring"));
    retval = priv && myPeerID &&
        SOSRingAddPeerID(ring, myPeerID) &&
        SOSRingSetLastModifier(ring, myPeerID) &&
        SOSRingGenerationSign_Internal(ring, priv, error);
    CFReleaseNull(priv);
errOut:
    return retval;

}

static bool SOSRingWithdraw_Basic(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
    CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
    if(SOSRingHasPeerID(ring, myPeerID)) {
        SOSRingRemovePeerID(ring, myPeerID);
    } else if(SOSRingHasApplicant(ring, myPeerID)) {
        SOSRingRemoveApplicant(ring, myPeerID);
    } else if(SOSRingHasRejection(ring, myPeerID)) {
        SOSRingRemoveRejection(ring, myPeerID);
    } else {
        SOSCreateError(kSOSErrorPeerNotFound, CFSTR("Not associated with Ring"), NULL, error);
        return false;
    }
    SOSRingSetLastModifier(ring, myPeerID);

    SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
    SOSRingGenerationSign_Internal(ring, priv, error);
    if(user_privkey) SOSRingConcordanceSign_Internal(ring, user_privkey, error);
    CFReleaseNull(priv);
    return true;
}

static bool SOSRingGenerationSign_Basic(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
    CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
    SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
    bool retval = priv && myPeerID &&
    SOSRingSetLastModifier(ring, myPeerID) &&
    SOSRingGenerationSign_Internal(ring, priv, error);
    if(user_privkey) SOSRingConcordanceSign_Internal(ring, user_privkey, error);
    CFReleaseNull(priv);
    return retval;
}

static bool SOSRingConcordanceSign_Basic(SOSRingRef ring, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
    CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
    SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
    bool retval = priv && myPeerID &&
    SOSRingSetLastModifier(ring, myPeerID) &&
    SOSRingConcordanceSign_Internal(ring, priv, error);
    CFReleaseNull(priv);
    return retval;
}

static bool SOSRingSetPayload_Basic(SOSRingRef ring, SecKeyRef user_privkey, CFDataRef payload, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
    CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
    SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
    bool retval = priv && myPeerID &&
    SOSRingSetLastModifier(ring, myPeerID) &&
    SOSRingSetPayload_Internal(ring, payload) &&
    SOSRingGenerationSign_Internal(ring, priv, error);
    if(user_privkey) SOSRingConcordanceSign_Internal(ring, user_privkey, error);
    CFReleaseNull(priv);
    return retval;
}

static CFDataRef SOSRingGetPayload_Basic(SOSRingRef ring, CFErrorRef *error) {
    return SOSRingGetPayload_Internal(ring);
}


ringFuncStruct basic = {
    "Basic",
    1,
    SOSRingCreate_Basic,
    SOSRingResetToEmpty_Basic,
    SOSRingResetToOffering_Basic,
    SOSRingDeviceIsInRing_Basic,
    SOSRingApply_Basic,
    SOSRingWithdraw_Basic,
    SOSRingGenerationSign_Basic,
    SOSRingConcordanceSign_Basic,
    SOSRingPeerKeyConcordanceTrust,
    NULL,
    NULL,
    SOSRingSetPayload_Basic,
    SOSRingGetPayload_Basic,
};
Commit	Line	Data
5c19dc3a A	1	//
	2	// SOSRingBasic.c
	3	// sec
	4	//
	5	// Created by Richard Murphy on 3/3/15.
	6	//
	7	//
	8
	9	#include "SOSRingBasic.h"
	10
	11	#include <AssertMacros.h>
	12
	13	#include <Security/SecureObjectSync/SOSInternal.h>
	14	#include <Security/SecureObjectSync/SOSPeerInfoInternal.h>
	15	#include <Security/SecureObjectSync/SOSPeerInfoCollections.h>
	16	#include <Security/SecureObjectSync/SOSCircle.h>
	17	#include <Security/SecFramework.h>
	18
	19	#include <Security/SecKey.h>
	20	#include <Security/SecKeyPriv.h>
	21	#include <CoreFoundation/CoreFoundation.h>
	22
	23	#include <utilities/SecCFWrappers.h>
	24
	25	#include <stdlib.h>
	26	#include <assert.h>
	27
	28	#include "SOSRingUtils.h"
	29	#include "SOSRingTypes.h"
	30
	31	// MARK: Basic Ring Ops
	32
	33	static SOSRingRef SOSRingCreate_Basic(CFStringRef name, CFStringRef myPeerID, CFErrorRef *error) {
	34	SOSRingRef retval = NULL;
	35	retval = SOSRingCreate_Internal(name, 0, error);
	36	if(!retval) return NULL;
	37	SOSRingSetLastModifier(retval, myPeerID);
	38	return retval;
	39	}
	40
	41	static bool SOSRingResetToEmpty_Basic(SOSRingRef ring, CFStringRef myPeerID, CFErrorRef *error) {
	42	return SOSRingResetToEmpty_Internal(ring, error) && SOSRingSetLastModifier(ring, myPeerID);
	43	}
	44
	45	static bool SOSRingResetToOffering_Basic(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
	46	CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
	47	SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
	48	bool retval = priv && myPeerID &&
	49	SOSRingResetToEmpty_Internal(ring, error) &&
	50	SOSRingAddPeerID(ring, myPeerID) &&
	51	SOSRingSetLastModifier(ring, myPeerID) &&
	52	SOSRingGenerationSign_Internal(ring, priv, error);
	53	if(user_privkey) SOSRingConcordanceSign_Internal(ring, user_privkey, error);
	54	CFReleaseNull(priv);
	55	return retval;
	56	}
	57
	58	static SOSRingStatus SOSRingDeviceIsInRing_Basic(SOSRingRef ring, CFStringRef peerID) {
	59	if(SOSRingHasPeerID(ring, peerID)) return kSOSRingMember;
	60	if(SOSRingHasApplicant(ring, peerID)) return kSOSRingApplicant;
	61	if(SOSRingHasRejection(ring, peerID)) return kSOSRingReject;
	62	return kSOSRingNotInRing;
	63	}
	64
65	static bool SOSRingApply_Basic(SOSRingRef ring, SecKeyRef user_pubkey, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
66	bool retval = false;
67	CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
68	SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
69	require_action_quiet(SOSRingDeviceIsInRing_Basic(ring, myPeerID) == kSOSRingNotInRing, errOut, secnotice("ring", "Already associated with ring"));
70	retval = priv && myPeerID &&
71	SOSRingAddPeerID(ring, myPeerID) &&
72	SOSRingSetLastModifier(ring, myPeerID) &&
73	SOSRingGenerationSign_Internal(ring, priv, error);
74	CFReleaseNull(priv);
75	errOut:
76	return retval;
77
78	}
79
80	static bool SOSRingWithdraw_Basic(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
81	CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
82	if(SOSRingHasPeerID(ring, myPeerID)) {
83	SOSRingRemovePeerID(ring, myPeerID);
84	} else if(SOSRingHasApplicant(ring, myPeerID)) {
85	SOSRingRemoveApplicant(ring, myPeerID);
86	} else if(SOSRingHasRejection(ring, myPeerID)) {
87	SOSRingRemoveRejection(ring, myPeerID);
88	} else {
89	SOSCreateError(kSOSErrorPeerNotFound, CFSTR("Not associated with Ring"), NULL, error);
90	return false;
91	}
92	SOSRingSetLastModifier(ring, myPeerID);
93
94	SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
95	SOSRingGenerationSign_Internal(ring, priv, error);
96	if(user_privkey) SOSRingConcordanceSign_Internal(ring, user_privkey, error);
97	CFReleaseNull(priv);
98	return true;
99	}
100
101	static bool SOSRingGenerationSign_Basic(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
102	CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
103	SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
104	bool retval = priv && myPeerID &&
105	SOSRingSetLastModifier(ring, myPeerID) &&
106	SOSRingGenerationSign_Internal(ring, priv, error);
107	if(user_privkey) SOSRingConcordanceSign_Internal(ring, user_privkey, error);
108	CFReleaseNull(priv);
109	return retval;
110	}
111
112	static bool SOSRingConcordanceSign_Basic(SOSRingRef ring, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
113	CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
114	SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
115	bool retval = priv && myPeerID &&
116	SOSRingSetLastModifier(ring, myPeerID) &&
117	SOSRingConcordanceSign_Internal(ring, priv, error);
118	CFReleaseNull(priv);
119	return retval;
120	}
121
122	static bool SOSRingSetPayload_Basic(SOSRingRef ring, SecKeyRef user_privkey, CFDataRef payload, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
123	CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
124	SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
125	bool retval = priv && myPeerID &&
126	SOSRingSetLastModifier(ring, myPeerID) &&
127	SOSRingSetPayload_Internal(ring, payload) &&
128	SOSRingGenerationSign_Internal(ring, priv, error);
129	if(user_privkey) SOSRingConcordanceSign_Internal(ring, user_privkey, error);
130	CFReleaseNull(priv);
131	return retval;
132	}
133
134	static CFDataRef SOSRingGetPayload_Basic(SOSRingRef ring, CFErrorRef *error) {
135	return SOSRingGetPayload_Internal(ring);
136	}
137
138
139	ringFuncStruct basic = {
140	"Basic",
141	1,
142	SOSRingCreate_Basic,
143	SOSRingResetToEmpty_Basic,
144	SOSRingResetToOffering_Basic,
145	SOSRingDeviceIsInRing_Basic,
146	SOSRingApply_Basic,
147	SOSRingWithdraw_Basic,
148	SOSRingGenerationSign_Basic,
149	SOSRingConcordanceSign_Basic,
150	SOSRingPeerKeyConcordanceTrust,
151	NULL,
152	NULL,
153	SOSRingSetPayload_Basic,
154	SOSRingGetPayload_Basic,
155	};