[apple/security.git] / keychain / SecureObjectSync / SOSRing.h

//
//  SOSRing.h
//  sec
//
//  Created by Richard Murphy on 3/3/15.
//
//

#ifndef _sec_SOSRing_
#define _sec_SOSRing_

#include <CoreFoundation/CoreFoundation.h>
#include <Security/SecureObjectSync/SOSCloudCircle.h>
#include "keychain/SecureObjectSync/SOSGenCount.h"
#include "keychain/SecureObjectSync/SOSFullPeerInfo.h"
#include "keychain/SecureObjectSync/SOSConcordanceTrust.h"
#include <Security/SecureObjectSync/SOSBackupSliceKeyBag.h>
#include <Security/SecKey.h>

typedef struct __OpaqueSOSRing *SOSRingRef;

enum {
    kSOSRingMember      = 0,
    kSOSRingNotInRing   = 1,
    kSOSRingApplicant   = 2,
    kSOSRingReject      = 3,
    kSOSRingRetired      = 4,
    kSOSRingError       = 99,
};
typedef int SOSRingStatus;

enum {
    kSOSRingBase = 0,
    kSOSRingBackup = 1,
    kSOSRingPeerKeyed = 2,
    kSOSRingEntropyKeyed = 3,
    kSOSRingPKKeyed = 4,
    kSOSRingRecovery = 5,
    kSOSRingTypeCount = 6,
    kSOSRingTypeError = 0xfbad,
};
typedef uint32_t SOSRingType;

CFTypeID SOSRingGetTypeID(void);

SOSRingRef SOSRingCreate(CFStringRef name, CFStringRef myPeerID, SOSRingType type, CFErrorRef *error);
bool SOSRingResetToEmpty(SOSRingRef ring, CFStringRef myPeerID, CFErrorRef *error);
bool SOSRingGenerationSign(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error);
bool SOSRingConcordanceSign(SOSRingRef ring, SOSFullPeerInfoRef requestor, CFErrorRef *error);
SOSConcordanceStatus SOSRingConcordanceTrust(SOSFullPeerInfoRef me, CFSetRef peers,
                                             SOSRingRef knownRing, SOSRingRef proposedRing,
                                             SecKeyRef knownPubkey, SecKeyRef userPubkey,
                                             CFStringRef excludePeerID, CFErrorRef *error);
bool SOSRingAccept(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error);
bool SOSRingReject(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error);
bool SOSRingSetPayload(SOSRingRef ring, SecKeyRef user_privkey, CFDataRef payload, SOSFullPeerInfoRef requestor, CFErrorRef *error);
CFDataRef SOSRingGetPayload(SOSRingRef ring, CFErrorRef *error);
CFSetRef SOSRingGetBackupViewset(SOSRingRef ring, CFErrorRef *error);
CFStringRef SOSRingGetBackupView(SOSRingRef ring, CFErrorRef *error);

bool SOSRingSetBackupKeyBag(SOSRingRef ring, SOSFullPeerInfoRef fpi, CFSetRef viewSet, SOSBackupSliceKeyBagRef bskb, CFErrorRef *error);

SOSBackupSliceKeyBagRef SOSRingCopyBackupSliceKeyBag(SOSRingRef ring, CFErrorRef *error);

bool SOSRingPeerTrusted(SOSRingRef ring, SOSFullPeerInfoRef requestor, CFErrorRef *error);
bool SOSRingPKTrusted(SOSRingRef ring, SecKeyRef pubkey, CFErrorRef *error);

CFDataRef SOSRingCopyEncodedData(SOSRingRef ring, CFErrorRef *error);
SOSRingRef SOSRingCreateFromData(CFErrorRef* error, CFDataRef ring_data);

CFStringRef SOSRingGetName(SOSRingRef ring);
uint32_t SOSRingGetType(SOSRingRef ring);
SOSGenCountRef SOSRingGetGeneration(SOSRingRef ring);
uint32_t SOSRingGetVersion(SOSRingRef ring);
CFStringRef SOSRingGetIdentifier(SOSRingRef ring);
CFStringRef SOSRingGetLastModifier(SOSRingRef ring);

CFMutableSetRef SOSRingGetApplicants(SOSRingRef ring);

static inline bool isSOSRing(CFTypeRef object) {
    return object && (CFGetTypeID(object) == SOSRingGetTypeID());
}

bool SOSBackupRingSetViews(SOSRingRef ring, SOSFullPeerInfoRef requestor, CFSetRef viewSet, CFErrorRef *error);
CFSetRef SOSBackupRingGetViews(SOSRingRef ring, CFErrorRef *error);

#endif /* defined(_sec_SOSRing_) */
Commit	Line	Data
5c19dc3a A	1	//
	2	// SOSRing.h
	3	// sec
	4	//
	5	// Created by Richard Murphy on 3/3/15.
	6	//
	7	//
	8
	9	#ifndef _sec_SOSRing_
	10	#define _sec_SOSRing_
	11
	12	#include <CoreFoundation/CoreFoundation.h>
	13	#include <Security/SecureObjectSync/SOSCloudCircle.h>
b54c578e A	14	#include "keychain/SecureObjectSync/SOSGenCount.h"
	15	#include "keychain/SecureObjectSync/SOSFullPeerInfo.h"
	16	#include "keychain/SecureObjectSync/SOSConcordanceTrust.h"
5c19dc3a	17	#include <Security/SecureObjectSync/SOSBackupSliceKeyBag.h>
5c19dc3a A	18	#include <Security/SecKey.h>
	19
	20	typedef struct __OpaqueSOSRing *SOSRingRef;
	21
	22	enum {
	23	kSOSRingMember = 0,
	24	kSOSRingNotInRing = 1,
	25	kSOSRingApplicant = 2,
	26	kSOSRingReject = 3,
	27	kSOSRingRetired = 4,
	28	kSOSRingError = 99,
	29	};
	30	typedef int SOSRingStatus;
	31
	32	enum {
	33	kSOSRingBase = 0,
	34	kSOSRingBackup = 1,
	35	kSOSRingPeerKeyed = 2,
	36	kSOSRingEntropyKeyed = 3,
	37	kSOSRingPKKeyed = 4,
6b200bc3 A	38	kSOSRingRecovery = 5,
6b200bc3 A	39	kSOSRingTypeCount = 6,
5c19dc3a A	40	kSOSRingTypeError = 0xfbad,
	41	};
	42	typedef uint32_t SOSRingType;
	43
5c19dc3a A	44	CFTypeID SOSRingGetTypeID(void);
	45
	46	SOSRingRef SOSRingCreate(CFStringRef name, CFStringRef myPeerID, SOSRingType type, CFErrorRef *error);
	47	bool SOSRingResetToEmpty(SOSRingRef ring, CFStringRef myPeerID, CFErrorRef *error);
5c19dc3a A	48	bool SOSRingGenerationSign(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error);
	49	bool SOSRingConcordanceSign(SOSRingRef ring, SOSFullPeerInfoRef requestor, CFErrorRef *error);
	50	SOSConcordanceStatus SOSRingConcordanceTrust(SOSFullPeerInfoRef me, CFSetRef peers,
	51	SOSRingRef knownRing, SOSRingRef proposedRing,
	52	SecKeyRef knownPubkey, SecKeyRef userPubkey,
	53	CFStringRef excludePeerID, CFErrorRef *error);
	54	bool SOSRingAccept(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error);
	55	bool SOSRingReject(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error);
	56	bool SOSRingSetPayload(SOSRingRef ring, SecKeyRef user_privkey, CFDataRef payload, SOSFullPeerInfoRef requestor, CFErrorRef *error);
	57	CFDataRef SOSRingGetPayload(SOSRingRef ring, CFErrorRef *error);
	58	CFSetRef SOSRingGetBackupViewset(SOSRingRef ring, CFErrorRef *error);
b54c578e	59	CFStringRef SOSRingGetBackupView(SOSRingRef ring, CFErrorRef *error);
5c19dc3a A	60
	61	bool SOSRingSetBackupKeyBag(SOSRingRef ring, SOSFullPeerInfoRef fpi, CFSetRef viewSet, SOSBackupSliceKeyBagRef bskb, CFErrorRef *error);
	62
	63	SOSBackupSliceKeyBagRef SOSRingCopyBackupSliceKeyBag(SOSRingRef ring, CFErrorRef *error);
	64
	65	bool SOSRingPeerTrusted(SOSRingRef ring, SOSFullPeerInfoRef requestor, CFErrorRef *error);
	66	bool SOSRingPKTrusted(SOSRingRef ring, SecKeyRef pubkey, CFErrorRef *error);
	67
	68	CFDataRef SOSRingCopyEncodedData(SOSRingRef ring, CFErrorRef *error);
	69	SOSRingRef SOSRingCreateFromData(CFErrorRef* error, CFDataRef ring_data);
	70
	71	CFStringRef SOSRingGetName(SOSRingRef ring);
	72	uint32_t SOSRingGetType(SOSRingRef ring);
	73	SOSGenCountRef SOSRingGetGeneration(SOSRingRef ring);
	74	uint32_t SOSRingGetVersion(SOSRingRef ring);
	75	CFStringRef SOSRingGetIdentifier(SOSRingRef ring);
	76	CFStringRef SOSRingGetLastModifier(SOSRingRef ring);
	77
	78	CFMutableSetRef SOSRingGetApplicants(SOSRingRef ring);
	79
	80	static inline bool isSOSRing(CFTypeRef object) {
	81	return object && (CFGetTypeID(object) == SOSRingGetTypeID());
	82	}
	83
	84	bool SOSBackupRingSetViews(SOSRingRef ring, SOSFullPeerInfoRef requestor, CFSetRef viewSet, CFErrorRef *error);
	85	CFSetRef SOSBackupRingGetViews(SOSRingRef ring, CFErrorRef *error);
	86
	87	#endif /* defined(_sec_SOSRing_) */