]> git.saurik.com Git - apple/security.git/blame - OSX/sec/SOSCircle/SecureObjectSync/SOSCloudCircle.c
projects / apple / security.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Security-57740.1.18.tar.gz
[apple/security.git] / OSX / sec / SOSCircle / SecureObjectSync / SOSCloudCircle.c
CommitLineData
5c19dc3a
A		 1/*
2 * Copyright (c) 2012-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24//
25// SOSCloudCircle.m
26//
27
28#include <stdio.h>
29#include <AssertMacros.h>
30#include <Security/SecureObjectSync/SOSCloudCircle.h>
31#include <Security/SecureObjectSync/SOSCloudCircleInternal.h>
32#include <Security/SecureObjectSync/SOSCircle.h>
33#include <Security/SecureObjectSync/SOSAccount.h>
34#include <Security/SecureObjectSync/SOSAccountPriv.h>
35#include <Security/SecureObjectSync/SOSFullPeerInfo.h>
36#include <Security/SecureObjectSync/SOSPeerInfoCollections.h>
37#include <Security/SecureObjectSync/SOSInternal.h>
38#include <Security/SecureObjectSync/SOSRing.h>
39#include <Security/SecureObjectSync/SOSBackupSliceKeyBag.h>
40
41#include <Security/SecKeyPriv.h>
42#include <Security/SecFramework.h>
43#include <CoreFoundation/CFXPCBridge.h>
44
45#include <securityd/SecItemServer.h>
46
47#include <utilities/SecDispatchRelease.h>
48#include <utilities/SecCFRelease.h>
49#include <utilities/SecCFWrappers.h>
50#include <utilities/SecXPCError.h>
51
52#include <utilities/debugging.h>
53
54#include <CoreFoundation/CoreFoundation.h>
55
56#include <xpc/xpc.h>
57#define MINIMIZE_INCLUDES MINIMIZE_INCLUDES
58#include <ipc/securityd_client.h>
59#include <securityd/spi.h>
60
5c19dc3a 61#include <Security/SecuritydXPC.h>
fa7225c8 62#include "SOSPeerInfoDER.h"
5c19dc3a
A		 63
64const char * kSOSCCCircleChangedNotification = "com.apple.security.secureobjectsync.circlechanged";
65const char * kSOSCCViewMembershipChangedNotification = "com.apple.security.secureobjectsync.viewschanged";
66const char * kSOSCCInitialSyncChangedNotification = "com.apple.security.secureobjectsync.initialsyncchanged";
e0e0d90e
A		 67const char * kSOSCCHoldLockForInitialSync = "com.apple.security.secureobjectsync.holdlock";
68const char * kSOSCCPeerAvailable = "com.apple.security.secureobjectsync.peeravailable";
5c19dc3a
A		 69
70#define do_if_registered(sdp, ...) if (gSecurityd && gSecurityd->sdp) { return gSecurityd->sdp(__VA_ARGS__); }
71
72static bool xpc_dictionary_entry_is_type(xpc_object_t dictionary, const char *key, xpc_type_t type)
73{
74 xpc_object_t value = xpc_dictionary_get_value(dictionary, key);
75
76 return value && (xpc_get_type(value) == type);
77}
78
79SOSCCStatus SOSCCThisDeviceIsInCircle(CFErrorRef *error)
80{
81 sec_trace_enter_api(NULL);
82 sec_trace_return_api(SOSCCStatus, ^{
83 SOSCCStatus result = kSOSCCError;
84
85 do_if_registered(soscc_ThisDeviceIsInCircle, error);
86
87 xpc_object_t message = securityd_create_message(kSecXPCOpDeviceInCircle, error);
88 if (message) {
89 xpc_object_t response = securityd_message_with_reply_sync(message, error);
90
91 if (response && xpc_dictionary_entry_is_type(response, kSecXPCKeyResult, XPC_TYPE_INT64)) {
92 result = (SOSCCStatus) xpc_dictionary_get_int64(response, kSecXPCKeyResult);
93 } else {
94 result = kSOSCCError;
95 }
96
97 if (result < 0) {
98 if (response && securityd_message_no_error(response, error))
99 {
100 char *desc = xpc_copy_description(response);
101 SecCFCreateErrorWithFormat(0, sSecXPCErrorDomain, NULL, error, NULL, CFSTR("Remote error occurred/no info: %s"), desc);
102 free((void *)desc);
103 }
104 }
105 if(response)
106 xpc_release(response);
107 if(message)
108 xpc_release(message);
109 }
110
111
112 return result;
113 }, CFSTR("SOSCCStatus=%d"))
114}
115
116static bool cfstring_to_error_request(enum SecXPCOperation op, CFStringRef string, CFErrorRef* error)
117{
118 __block bool result = false;
119
120 secdebug("sosops","enter - operation: %d", op);
121 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
122 xpc_object_t xString = _CFXPCCreateXPCObjectFromCFObject(string);
123 bool success = false;
124 if (xString){
125 xpc_dictionary_set_value(message, kSecXPCKeyString, xString);
126 success = true;
127 xpc_release(xString);
128 }
129 return success;
130 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
131 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
132 return result;
133 });
134 return result;
135}
136
137static SOSRingStatus cfstring_to_uint64_request(enum SecXPCOperation op, CFStringRef string, CFErrorRef* error)
138{
139 __block bool result = false;
140
141 secdebug("sosops","enter - operation: %d", op);
142 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
143 xpc_object_t xString = _CFXPCCreateXPCObjectFromCFObject(string);
144 bool success = false;
145 if (xString){
146 xpc_dictionary_set_value(message, kSecXPCKeyString, xString);
147 success = true;
148 xpc_release(xString);
149 }
150 return success;
151 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
152 result = xpc_dictionary_get_int64(response, kSecXPCKeyResult);
153 return result;
154 });
155 return result;
156}
157
158static CFStringRef simple_cfstring_error_request(enum SecXPCOperation op, CFErrorRef* error)
159{
160 __block CFStringRef result = NULL;
161
162 secdebug("sosops","enter - operation: %d", op);
163 securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
164 const char *c_string = xpc_dictionary_get_string(response, kSecXPCKeyResult);
165
166 if (c_string) {
167 result = CFStringCreateWithBytes(kCFAllocatorDefault, (const UInt8*)c_string, strlen(c_string), kCFStringEncodingUTF8, false);
168 }
169
170 return c_string != NULL;
171 });
172 return result;
173}
174
175static bool simple_bool_error_request(enum SecXPCOperation op, CFErrorRef* error)
176{
177 __block bool result = false;
fa7225c8 178
5c19dc3a
A		 179 secdebug("sosops","enter - operation: %d", op);
180 securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
181 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
182 return result;
183 });
184 return result;
185}
186
fa7225c8
A		 187static CFBooleanRef cfarray_to_cfboolean_error_request(enum SecXPCOperation op, CFArrayRef views, CFErrorRef* error)
188{
189 __block bool result = false;
190
191 secdebug("sosops","enter - operation: %d", op);
192 bool noError = securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
193 return SecXPCDictionarySetPList(message, kSecXPCKeyArray, views, error);
194 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
195 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
196 return true;
197 });
198 return noError ? (result ? kCFBooleanTrue : kCFBooleanFalse) : NULL;
199}
200
201
e0e0d90e
A		 202static bool escrow_to_bool_error_request(enum SecXPCOperation op, CFStringRef escrow_label, uint64_t tries, CFErrorRef* error)
203{
204 __block bool result = false;
205
206 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
207
208 bool success = false;
209 xpc_object_t xEscrowLabel = _CFXPCCreateXPCObjectFromCFObject(escrow_label);
210 if (xEscrowLabel){
211 xpc_dictionary_set_value(message, kSecXPCKeyEscrowLabel, xEscrowLabel);
212 success = true;
213 xpc_release(xEscrowLabel);
214 }
215 if(tries){
216 xpc_dictionary_set_int64(message, kSecXPCKeyTriesLabel, tries);
217 success = true;
218 }
219
220 return success;
221 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
222 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
223 return result;
224 });
225 return result;
226}
227
fa7225c8 228static CF_RETURNS_RETAINED CFArrayRef simple_array_error_request(enum SecXPCOperation op, CFErrorRef* error)
5c19dc3a
A		 229{
230 __block CFArrayRef result = NULL;
231
232 secdebug("sosops","enter - operation: %d", op);
233 if (securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, CFErrorRef *error) {
234 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCKeyResult);
235 result = _CFXPCCreateCFObjectFromXPCObject(temp_result);
236 return result != NULL;
237 })) {
238 if (!isArray(result)) {
239 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected array, got: %@"), result);
240 CFReleaseNull(result);
241 }
242 }
243 return result;
244}
245
e0e0d90e
A		 246static CFDictionaryRef strings_to_dictionary_error_request(enum SecXPCOperation op, CFErrorRef* error)
247{
248 __block CFDictionaryRef result = NULL;
249
250 secdebug("sosops","enter - operation: %d", op);
251
252 if (securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, CFErrorRef *error) {
253 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCKeyResult);
254 if(temp_result)
255 result = _CFXPCCreateCFObjectFromXPCObject(temp_result);
256 return result != NULL;
257 })){
258
259 if (!isDictionary(result)) {
260 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected dictionary, got: %@"), result);
261 CFReleaseNull(result);
262 }
263
264 }
265 return result;
266}
267
5c19dc3a
A		 268static int simple_int_error_request(enum SecXPCOperation op, CFErrorRef* error)
269{
270 __block int result = 0;
271
272 secdebug("sosops","enter - operation: %d", op);
273 securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
274 int64_t temp_result = xpc_dictionary_get_int64(response, kSecXPCKeyResult);
275 if ((temp_result >= INT32_MIN) && (temp_result <= INT32_MAX)) {
276 result = (int)temp_result;
277 }
278 return result;
279 });
280 return result;
281}
282
283static SOSPeerInfoRef peer_info_error_request(enum SecXPCOperation op, CFErrorRef* error)
284{
285 SOSPeerInfoRef result = NULL;
286 __block CFDataRef data = NULL;
287
288 secdebug("sosops","enter - operation: %d", op);
289 securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, CFErrorRef *error) {
290 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCKeyResult);
291 if (response && (NULL != temp_result)) {
292 data = _CFXPCCreateCFObjectFromXPCObject(temp_result);
293 }
294 return data != NULL;
295 });
296
297 if (!isData(data)) {
298 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected CFData, got: %@"), result);
299 }
300
301 if (data) {
302 result = SOSPeerInfoCreateFromData(kCFAllocatorDefault, error, data);
303 }
304 CFReleaseNull(data);
305 return result;
306}
307
e3d460c9
A		 308static CFDataRef data_to_error_request(enum SecXPCOperation op, CFErrorRef *error)
309{
310 __block CFDataRef result = NULL;
311
312 secdebug("sosops", "enter -- operation: %d", op);
313 secdebug("sosops","enter - operation: %d", op);
314 securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, CFErrorRef *error) {
315 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCKeyResult);
316 if (response && (NULL != temp_result)) {
317 result = _CFXPCCreateCFObjectFromXPCObject(temp_result);
318 }
319 return result != NULL;
320 });
321
322 if (!isData(result)) {
323 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected CFData, got: %@"), result);
324 return NULL;
325 }
326
327 return result;
328}
329
5c19dc3a
A		 330static CFArrayRef array_of_info_error_request(enum SecXPCOperation op, CFErrorRef* error)
331{
332 __block CFArrayRef result = NULL;
333
334 secdebug("sosops","enter - operation: %d", op);
335 securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, CFErrorRef *error) {
336 xpc_object_t encoded_array = xpc_dictionary_get_value(response, kSecXPCKeyResult);
337 if (response && (NULL != encoded_array)) {
338 result = CreateArrayOfPeerInfoWithXPCObject(encoded_array, error);
339 }
340 return result != NULL;
341 });
342
343 if (!isArray(result)) {
344 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected array, got: %@"), result);
345 CFReleaseNull(result);
346 }
347 return result;
348}
349
350static SOSPeerInfoRef data_to_peer_info_error_request(enum SecXPCOperation op, CFDataRef secret, CFErrorRef* error)
351{
352 __block SOSPeerInfoRef result = false;
353 __block CFDataRef data = NULL;
354
355 secdebug("sosops", "enter - operation: %d", op);
356 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
357 xpc_object_t xsecretData = _CFXPCCreateXPCObjectFromCFObject(secret);
358 bool success = false;
359 if (xsecretData){
360 xpc_dictionary_set_value(message, kSecXPCKeyNewPublicBackupKey, xsecretData);
361 success = true;
362 xpc_release(xsecretData);
363 }
364 return success;
365 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
366 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCKeyResult);
367 if (response && (NULL != temp_result)) {
368 data = _CFXPCCreateCFObjectFromXPCObject(temp_result);
369 }
370 return result != NULL;
371 });
372
373 if (!isData(data)) {
374 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected CFData, got: %@"), result);
375 }
376
377 if (data) {
378 result = SOSPeerInfoCreateFromData(kCFAllocatorDefault, error, data);
379 }
380 CFReleaseNull(data);
381 return result;
382}
383
384static bool keybag_and_bool_to_bool_error_request(enum SecXPCOperation op, CFDataRef data, bool include, CFErrorRef* error)
385{
386 secdebug("sosops", "enter - operation: %d", op);
387 return securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
388 xpc_object_t xData = _CFXPCCreateXPCObjectFromCFObject(data);
389 bool success = false;
390 if (xData){
391 xpc_dictionary_set_value(message, kSecXPCKeyKeybag, xData);
392 xpc_release(xData);
393 success = true;
394 }
395 xpc_dictionary_set_bool(message, kSecXPCKeyIncludeV0, include);
396 return success;
397 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
398 return xpc_dictionary_get_bool(response, kSecXPCKeyResult);
399 });
400}
401
402
403static bool info_array_to_bool_error_request(enum SecXPCOperation op, CFArrayRef peer_infos, CFErrorRef* error)
404{
405 __block bool result = false;
406
407 secdebug("sosops", "enter - operation: %d", op);
408 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
409 xpc_object_t encoded_peers = CreateXPCObjectWithArrayOfPeerInfo(peer_infos, error);
410 if (encoded_peers)
411 xpc_dictionary_set_value(message, kSecXPCKeyPeerInfos, encoded_peers);
412 return encoded_peers != NULL;
413 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
414 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
415 return result;
416 });
417 return result;
418}
419
420static bool uint64_t_to_bool_error_request(enum SecXPCOperation op,
421 uint64_t number,
422 CFErrorRef* error)
423{
424 __block bool result = false;
425
426 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
427 xpc_dictionary_set_uint64(message, kSecXPCLimitInMinutes, number);
428 return true;
429 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
430 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
431 return result;
432 });
433
434 return result;
435}
436
e3d460c9
A		 437static bool cfstring_and_cfdata_to_cfdata_cfdata_error_request(enum SecXPCOperation op, CFStringRef viewName, CFDataRef input, CFDataRef* data, CFDataRef* data2, CFErrorRef* error) {
438 secdebug("sosops", "enter - operation: %d", op);
439 __block bool result = false;
440 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
441 xpc_object_t xviewname = _CFXPCCreateXPCObjectFromCFObject(viewName);
442 xpc_object_t xinput = _CFXPCCreateXPCObjectFromCFObject(input);
443 bool success = false;
444 if (xviewname && xinput){
445 xpc_dictionary_set_value(message, kSecXPCKeyViewName, xviewname);
446 xpc_dictionary_set_value(message, kSecXPCData, xinput);
447 success = true;
448 xpc_release(xviewname);
449 xpc_release(xinput);
450 }
451 return success;
452 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
453 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
454
455 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCData);
456 if (response && (NULL != temp_result) && data) {
457 *data = _CFXPCCreateCFObjectFromXPCObject(temp_result);
458 }
459 temp_result = xpc_dictionary_get_value(response, kSecXPCKeyKeybag);
460 if (response && (NULL != temp_result) && data2) {
461 *data2 = _CFXPCCreateCFObjectFromXPCObject(temp_result);
462 }
463
464 return result;
465 });
466
467 if (data &&!isData(*data)) {
468 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected CFData, got: %@"), *data);
469 }
470 if (data2 &&!isData(*data2)) {
471 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected CFData, got: %@"), *data2);
472 }
473
474 return result;
475}
476
5c19dc3a
A		 477static bool set_hsa2_autoaccept_error_request(enum SecXPCOperation op, CFDataRef pubKey, CFErrorRef *error)
478{
479 __block bool result = false;
480
481 sec_trace_enter_api(NULL);
482 securityd_send_sync_and_do(op, error, ^(xpc_object_t message,
483 CFErrorRef *error) {
484 xpc_object_t xpubkey = _CFXPCCreateXPCObjectFromCFObject(pubKey);
485 bool success = false;
486 if (xpubkey) {
487 xpc_dictionary_set_value(message,
488 kSecXPCKeyHSA2AutoAcceptInfo, xpubkey);
489 success = true;
490 xpc_release(xpubkey);
491 }
492
493 return success;
494 }, ^(xpc_object_t response, __unused CFErrorRef *error) {
495 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
496 return (bool)true;
497 });
498
499 return result;
500}
501
fa7225c8
A		 502
503
504static bool cfdata_error_request_returns_bool(enum SecXPCOperation op, CFDataRef thedata, CFErrorRef *error) {
505 __block bool result = false;
506
507 sec_trace_enter_api(NULL);
508 securityd_send_sync_and_do(op, error, ^(xpc_object_t message, CFErrorRef *error) {
509 xpc_object_t xdata = _CFXPCCreateXPCObjectFromCFObject(thedata);
510 bool success = false;
511 if (xdata) {
512 xpc_dictionary_set_value(message, kSecXPCData, xdata);
513 success = true;
514 xpc_release(xdata);
515 }
516
517 return success;
518 }, ^(xpc_object_t response, __unused CFErrorRef *error) {
519 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
520 return (bool)true;
521 });
522
523 return result;
524}
525
526
527static CFDataRef cfdata_error_request_returns_cfdata(enum SecXPCOperation op, CFDataRef thedata, CFErrorRef *error) {
528 __block CFDataRef result = NULL;
529
530 sec_trace_enter_api(NULL);
531 securityd_send_sync_and_do(op, error, ^(xpc_object_t message, CFErrorRef *error) {
532 xpc_object_t xdata = _CFXPCCreateXPCObjectFromCFObject(thedata);
533 bool success = false;
534 if (xdata) {
535 xpc_dictionary_set_value(message, kSecXPCData, xdata);
536 success = true;
537 xpc_release(xdata);
538 }
539 return success;
540 }, ^(xpc_object_t response, __unused CFErrorRef *error) {
541 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCKeyResult);
542 if (response && (NULL != temp_result)) {
543 CFTypeRef object = _CFXPCCreateCFObjectFromXPCObject(temp_result);
544 result = asData(object, error);
545 if (!result) {
546 CFReleaseNull(object);
547 }
548 }
549 return (bool) (result != NULL);
550 });
551
552 return result;
553}
554
555
5c19dc3a
A		 556bool SOSCCRequestToJoinCircle(CFErrorRef* error)
557{
558 sec_trace_enter_api(NULL);
559 sec_trace_return_bool_api(^{
560 do_if_registered(soscc_RequestToJoinCircle, error);
561
562 return simple_bool_error_request(kSecXPCOpRequestToJoin, error);
563 }, NULL)
564}
565
566bool SOSCCRequestToJoinCircleAfterRestore(CFErrorRef* error)
567{
568 sec_trace_enter_api(NULL);
569 sec_trace_return_bool_api(^{
570 do_if_registered(soscc_RequestToJoinCircleAfterRestore, error);
571
572 return simple_bool_error_request(kSecXPCOpRequestToJoinAfterRestore, error);
573 }, NULL)
574}
575
fa7225c8
A		 576bool SOSCCAccountHasPublicKey(CFErrorRef *error)
577{
578
579 sec_trace_enter_api(NULL);
580 sec_trace_return_bool_api(^{
581 do_if_registered(soscc_AccountHasPublicKey, error);
582
583 return simple_bool_error_request(kSecXPCOpAccountHasPublicKey, error);
584 }, NULL)
585
586}
587
588bool SOSCCAccountIsNew(CFErrorRef *error)
589{
590 sec_trace_enter_api(NULL);
591 sec_trace_return_bool_api(^{
592 do_if_registered(soscc_AccountIsNew, error);
593
594 return simple_bool_error_request(kSecXPCOpAccountIsNew, error);
595 }, NULL)
596}
5c19dc3a
A		 597
598bool SOSCCWaitForInitialSync(CFErrorRef* error)
599{
600 sec_trace_enter_api(NULL);
601 sec_trace_return_bool_api(^{
602 do_if_registered(soscc_WaitForInitialSync, error);
603
604 return simple_bool_error_request(kSecXPCOpWaitForInitialSync, error);
605 }, NULL)
606}
607
608CFArrayRef SOSCCCopyYetToSyncViewsList(CFErrorRef* error)
609{
610 sec_trace_enter_api(NULL);
611 sec_trace_return_api(CFArrayRef, ^{
612 do_if_registered(soscc_CopyYetToSyncViewsList, error);
613
614 return simple_array_error_request(kSecXPCOpCopyYetToSyncViews, error);
615 }, NULL)
616}
617
618bool SOSCCRequestEnsureFreshParameters(CFErrorRef* error)
619{
620 sec_trace_enter_api(NULL);
621 sec_trace_return_bool_api(^{
622 do_if_registered(soscc_RequestEnsureFreshParameters, error);
623
624 return simple_bool_error_request(kSecXPCOpRequestEnsureFreshParameters, error);
625 }, NULL)
626}
627
628CFStringRef SOSCCGetAllTheRings(CFErrorRef *error){
629 sec_trace_enter_api(NULL);
630 sec_trace_return_api(CFStringRef, ^{
631 do_if_registered(soscc_GetAllTheRings, error);
632
633
634 return simple_cfstring_error_request(kSecXPCOpGetAllTheRings, error);
635 }, NULL)
636}
637bool SOSCCApplyToARing(CFStringRef ringName, CFErrorRef* error)
638{
639 sec_trace_enter_api(NULL);
640 sec_trace_return_bool_api(^{
641 do_if_registered(soscc_ApplyToARing, ringName, error);
642
643 return cfstring_to_error_request(kSecXPCOpApplyToARing, ringName, error);
644 }, NULL)
645}
646
647bool SOSCCWithdrawlFromARing(CFStringRef ringName, CFErrorRef* error)
648{
649 sec_trace_enter_api(NULL);
650 sec_trace_return_bool_api(^{
651 do_if_registered(soscc_WithdrawlFromARing, ringName, error);
652
653 return cfstring_to_error_request(kSecXPCOpWithdrawlFromARing, ringName, error);
654 }, NULL)
655}
656
657SOSRingStatus SOSCCRingStatus(CFStringRef ringName, CFErrorRef* error)
658{
659 sec_trace_enter_api(NULL);
660 sec_trace_return_api(SOSRingStatus, ^{
661 do_if_registered(soscc_RingStatus, ringName, error);
662
663 return cfstring_to_uint64_request(kSecXPCOpRingStatus, ringName, error);
664 }, CFSTR("SOSCCStatus=%d"))
665}
666
667bool SOSCCEnableRing(CFStringRef ringName, CFErrorRef* error)
668{
669 sec_trace_enter_api(NULL);
670 sec_trace_return_bool_api(^{
671 do_if_registered(soscc_EnableRing, ringName, error);
672
673 return cfstring_to_error_request(kSecXPCOpEnableRing, ringName, error);
674 }, NULL)
675}
676
677bool SOSCCAccountSetToNew(CFErrorRef *error)
678{
679 secwarning("SOSCCAccountSetToNew called");
680 sec_trace_enter_api(NULL);
681 sec_trace_return_bool_api(^{
682 do_if_registered(soscc_SetToNew, error);
683 return simple_bool_error_request(kSecXPCOpAccountSetToNew, error);
684 }, NULL)
685}
686
687bool SOSCCResetToOffering(CFErrorRef* error)
688{
689 secwarning("SOSCCResetToOffering called");
690 sec_trace_enter_api(NULL);
691 sec_trace_return_bool_api(^{
692 do_if_registered(soscc_ResetToOffering, error);
693
694 return simple_bool_error_request(kSecXPCOpResetToOffering, error);
695 }, NULL)
696}
697
698bool SOSCCResetToEmpty(CFErrorRef* error)
699{
700 secwarning("SOSCCResetToEmpty called");
701 sec_trace_enter_api(NULL);
702 sec_trace_return_bool_api(^{
703 do_if_registered(soscc_ResetToEmpty, error);
704
705 return simple_bool_error_request(kSecXPCOpResetToEmpty, error);
706 }, NULL)
707}
708
e0e0d90e
A		 709bool SOSCCRemovePeersFromCircle(CFArrayRef peers, CFErrorRef* error)
710{
711 sec_trace_enter_api(NULL);
712 sec_trace_return_bool_api(^{
713 do_if_registered(soscc_RemovePeersFromCircle, peers, error);
714
715 return info_array_to_bool_error_request(kSecXPCOpRemovePeersFromCircle, peers, error);
716 }, NULL)
717}
718
5c19dc3a
A		 719bool SOSCCRemoveThisDeviceFromCircle(CFErrorRef* error)
720{
721 sec_trace_enter_api(NULL);
722 sec_trace_return_bool_api(^{
723 do_if_registered(soscc_RemoveThisDeviceFromCircle, error);
724
725 return simple_bool_error_request(kSecXPCOpRemoveThisDeviceFromCircle, error);
726 }, NULL)
727}
728
729bool SOSCCLoggedOutOfAccount(CFErrorRef* error)
730{
731 sec_trace_enter_api(NULL);
732 sec_trace_return_bool_api(^{
733 do_if_registered(soscc_LoggedOutOfAccount, error);
734
735 return simple_bool_error_request(kSecXPCOpLoggedOutOfAccount, error);
736 }, NULL)
737}
738
739bool SOSCCBailFromCircle_BestEffort(uint64_t limit_in_seconds, CFErrorRef* error)
740{
741 sec_trace_enter_api(NULL);
742 sec_trace_return_bool_api(^{
743 do_if_registered(soscc_BailFromCircle, limit_in_seconds, error);
744
745 return uint64_t_to_bool_error_request(kSecXPCOpBailFromCircle, limit_in_seconds, error);
746 }, NULL)
747}
748
749bool SOSCCSignedOut(bool immediate, CFErrorRef* error)
750{
751 uint64_t limit = strtoul(optarg, NULL, 10);
752
753 if(immediate)
754 return SOSCCRemoveThisDeviceFromCircle(error);
755 else
756 return SOSCCBailFromCircle_BestEffort(limit, error);
757
758}
759
760CFArrayRef SOSCCCopyPeerPeerInfo(CFErrorRef* error)
761{
762 sec_trace_enter_api(NULL);
763 sec_trace_return_api(CFArrayRef, ^{
764 do_if_registered(soscc_CopyPeerInfo, error);
765
766 return array_of_info_error_request(kSecXPCOpCopyPeerPeerInfo, error);
767 }, CFSTR("return=%@"));
768}
769
770bool SOSCCSetAutoAcceptInfo(CFDataRef autoaccept, CFErrorRef *error)
771{
772 sec_trace_return_bool_api(^{
773 do_if_registered(soscc_SetHSA2AutoAcceptInfo, autoaccept, error);
774
775 return set_hsa2_autoaccept_error_request(kSecXPCOpSetHSA2AutoAcceptInfo, autoaccept, error);
776 }, NULL)
777}
778
779CFArrayRef SOSCCCopyConcurringPeerPeerInfo(CFErrorRef* error)
780{
781 sec_trace_enter_api(NULL);
782 sec_trace_return_api(CFArrayRef, ^{
783 do_if_registered(soscc_CopyConcurringPeerInfo, error);
784
785 return array_of_info_error_request(kSecXPCOpCopyConcurringPeerPeerInfo, error);
786 }, CFSTR("return=%@"));
787}
788
789CFArrayRef SOSCCCopyGenerationPeerInfo(CFErrorRef* error)
790{
791 sec_trace_enter_api(NULL);
792 sec_trace_return_api(CFArrayRef, ^{
793 do_if_registered(soscc_CopyGenerationPeerInfo, error);
794
795 return simple_array_error_request(kSecXPCOpCopyGenerationPeerInfo, error);
796 }, CFSTR("return=%@"));
797}
798
799CFArrayRef SOSCCCopyApplicantPeerInfo(CFErrorRef* error)
800{
801 sec_trace_enter_api(NULL);
802 sec_trace_return_api(CFArrayRef, ^{
803 do_if_registered(soscc_CopyApplicantPeerInfo, error);
804
805 return array_of_info_error_request(kSecXPCOpCopyApplicantPeerInfo, error);
806 }, CFSTR("return=%@"));
807}
808
809bool SOSCCValidateUserPublic(CFErrorRef* error){
810 sec_trace_enter_api(NULL);
811 sec_trace_return_api(bool, ^{
812 do_if_registered(soscc_ValidateUserPublic, error);
813
814 return simple_bool_error_request(kSecXPCOpValidateUserPublic, error);
815 }, NULL);
816}
817
818CFArrayRef SOSCCCopyValidPeerPeerInfo(CFErrorRef* error)
819{
820 sec_trace_enter_api(NULL);
821 sec_trace_return_api(CFArrayRef, ^{
822 do_if_registered(soscc_CopyValidPeerPeerInfo, error);
823
824 return array_of_info_error_request(kSecXPCOpCopyValidPeerPeerInfo, error);
825 }, CFSTR("return=%@"));
826}
827
828CFArrayRef SOSCCCopyNotValidPeerPeerInfo(CFErrorRef* error)
829{
830 sec_trace_enter_api(NULL);
831 sec_trace_return_api(CFArrayRef, ^{
832 do_if_registered(soscc_CopyNotValidPeerPeerInfo, error);
833
834 return array_of_info_error_request(kSecXPCOpCopyNotValidPeerPeerInfo, error);
835 }, CFSTR("return=%@"));
836}
837
838CFArrayRef SOSCCCopyRetirementPeerInfo(CFErrorRef* error)
839{
840 sec_trace_enter_api(NULL);
841 sec_trace_return_api(CFArrayRef, ^{
842 do_if_registered(soscc_CopyRetirementPeerInfo, error);
e0e0d90e 843
5c19dc3a
A		 844 return array_of_info_error_request(kSecXPCOpCopyRetirementPeerInfo, error);
845 }, CFSTR("return=%@"));
846}
847
e0e0d90e
A		 848CFArrayRef SOSCCCopyViewUnawarePeerInfo(CFErrorRef* error)
849{
850 sec_trace_enter_api(NULL);
851 sec_trace_return_api(CFArrayRef, ^{
852 do_if_registered(soscc_CopyViewUnawarePeerInfo, error);
853
854 return array_of_info_error_request(kSecXPCOpCopyViewUnawarePeerInfo, error);
855 }, CFSTR("return=%@"));
856}
857
e3d460c9
A		 858CFDataRef SOSCCCopyAccountState(CFErrorRef* error)
859{
860 sec_trace_enter_api(NULL);
861 sec_trace_return_api(CFDataRef, ^{
862 do_if_registered(soscc_CopyAccountState, error);
863
864 return data_to_error_request(kSecXPCOpCopyAccountData, error);
865 }, CFSTR("return=%@"));
866}
867
868bool SOSCCDeleteAccountState(CFErrorRef *error)
869{
870 sec_trace_enter_api(NULL);
871 sec_trace_return_api(bool, ^{
872 do_if_registered(soscc_DeleteAccountState, error);
873 return simple_bool_error_request(kSecXPCOpDeleteAccountData, error);
874 }, NULL);
875}
876CFDataRef SOSCCCopyEngineData(CFErrorRef* error)
877{
878 sec_trace_enter_api(NULL);
879 sec_trace_return_api(CFDataRef, ^{
880 do_if_registered(soscc_CopyEngineData, error);
881
882 return data_to_error_request(kSecXPCOpCopyEngineData, error);
883 }, CFSTR("return=%@"));
884}
885
886bool SOSCCDeleteEngineState(CFErrorRef *error)
887{
888 sec_trace_enter_api(NULL);
889 sec_trace_return_api(bool, ^{
890 do_if_registered(soscc_DeleteEngineState, error);
891 return simple_bool_error_request(kSecXPCOpDeleteEngineData, error);
892 }, NULL);
893}
894
5c19dc3a
A		 895SOSPeerInfoRef SOSCCCopyMyPeerInfo(CFErrorRef *error)
896{
897 sec_trace_enter_api(NULL);
898 sec_trace_return_api(SOSPeerInfoRef, ^{
899 do_if_registered(soscc_CopyMyPeerInfo, error);
900
901 return peer_info_error_request(kSecXPCOpCopyMyPeerInfo, error);
902 }, CFSTR("return=%@"));
903}
904
905CFArrayRef SOSCCCopyEngineState(CFErrorRef* error)
906{
907 sec_trace_enter_api(NULL);
908 sec_trace_return_api(CFArrayRef, ^{
909 do_if_registered(soscc_CopyEngineState, error);
910
911 return simple_array_error_request(kSecXPCOpCopyEngineState, error);
912 }, CFSTR("return=%@"));
913}
914
915bool SOSCCAcceptApplicants(CFArrayRef applicants, CFErrorRef* error)
916{
917 sec_trace_enter_api(NULL);
918 sec_trace_return_bool_api(^{
919 do_if_registered(soscc_AcceptApplicants, applicants, error);
920
921 return info_array_to_bool_error_request(kSecXPCOpAcceptApplicants, applicants, error);
922 }, NULL)
923}
924
925bool SOSCCRejectApplicants(CFArrayRef applicants, CFErrorRef *error)
926{
927 sec_trace_enter_api(CFSTR("applicants=%@"), applicants);
928 sec_trace_return_bool_api(^{
929 do_if_registered(soscc_RejectApplicants, applicants, error);
930
931 return info_array_to_bool_error_request(kSecXPCOpRejectApplicants, applicants, error);
932 }, NULL)
933}
934
935static SOSPeerInfoRef SOSSetNewPublicBackupKey(CFDataRef pubKey, CFErrorRef *error)
936{
937 sec_trace_enter_api(NULL);
938 sec_trace_return_api(SOSPeerInfoRef, ^{
939 do_if_registered(soscc_SetNewPublicBackupKey, pubKey, error);
940
941 return data_to_peer_info_error_request(kSecXPCOpSetNewPublicBackupKey, pubKey, error);
942 }, CFSTR("return=%@"));
943}
944
945SOSPeerInfoRef SOSCCCopyMyPeerWithNewDeviceRecoverySecret(CFDataRef secret, CFErrorRef *error){
946 CFDataRef publicKeyData = SOSCopyDeviceBackupPublicKey(secret, error);
947
fa7225c8 948 return publicKeyData ? SOSSetNewPublicBackupKey(publicKeyData, error) : NULL;
5c19dc3a
A		 949}
950
e0e0d90e 951bool SOSCCRegisterSingleRecoverySecret(CFDataRef aks_bag, bool forV0Only, CFErrorRef *error){
5c19dc3a
A		 952 sec_trace_enter_api(NULL);
953 sec_trace_return_bool_api(^{
e0e0d90e
A		 954 do_if_registered(soscc_RegisterSingleRecoverySecret, aks_bag, forV0Only, error);
955 return keybag_and_bool_to_bool_error_request(kSecXPCOpSetBagForAllSlices, aks_bag, forV0Only, error);
5c19dc3a
A		 956 }, NULL);
957}
958
959
960static bool label_and_password_to_bool_error_request(enum SecXPCOperation op,
961 CFStringRef user_label, CFDataRef user_password,
962 CFErrorRef* error)
963{
964 __block bool result = false;
965
966 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
967 CFStringPerformWithCString(user_label, ^(const char *utf8Str) {
968 xpc_dictionary_set_string(message, kSecXPCKeyUserLabel, utf8Str);
969 });
970 xpc_dictionary_set_data(message, kSecXPCKeyUserPassword, CFDataGetBytePtr(user_password), CFDataGetLength(user_password));
971 return true;
972 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
973 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
974 return result;
975 });
976
977 return result;
978}
979
980static bool label_and_password_and_dsid_to_bool_error_request(enum SecXPCOperation op,
981 CFStringRef user_label, CFDataRef user_password,
982 CFStringRef dsid, CFErrorRef* error)
983{
984 __block bool result = false;
985
986 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
987 CFStringPerformWithCString(user_label, ^(const char *utf8Str) {
988 xpc_dictionary_set_string(message, kSecXPCKeyUserLabel, utf8Str);
989 });
990 CFStringPerformWithCString(dsid, ^(const char *utr8StrDSID) {
991 xpc_dictionary_set_string(message, kSecXPCKeyDSID, utr8StrDSID);
992 });
993 xpc_dictionary_set_data(message, kSecXPCKeyUserPassword, CFDataGetBytePtr(user_password), CFDataGetLength(user_password));
994 return true;
995 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
996 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
997 return result;
998 });
999
1000 return result;
1001}
1002
1003static bool deviceid_to_bool_error_request(enum SecXPCOperation op,
1004 CFStringRef IDS,
1005 CFErrorRef* error)
1006{
1007 __block bool result = false;
1008
1009 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
1010 CFStringPerformWithCString(IDS, ^(const char *utf8Str) {
1011 xpc_dictionary_set_string(message, kSecXPCKeyDeviceID, utf8Str);
1012 });
1013 return true;
1014 }, ^bool(xpc_object_t response, CFErrorRef *error) {
1015 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
5c19dc3a
A		 1016 return result;
1017 });
1018
1019 return result;
1020}
1021
fa7225c8 1022static int idsDict_to_int_error_request(enum SecXPCOperation op,
5c19dc3a
A		 1023 CFDictionaryRef IDS,
1024 CFErrorRef* error)
1025{
fa7225c8 1026 __block int result = 0;
5c19dc3a
A		 1027
1028 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
1029 SecXPCDictionarySetPListOptional(message, kSecXPCKeyIDSMessage, IDS, error);
1030 return true;
1031 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
1032 int64_t temp_result = xpc_dictionary_get_int64(response, kSecXPCKeyResult);
1033 if ((temp_result >= INT32_MIN) && (temp_result <= INT32_MAX)) {
1034 result = (int)temp_result;
1035 }
fa7225c8 1036 return true;
5c19dc3a
A		 1037 });
1038
1039 return result;
1040}
1041
1042static bool idscommand_to_bool_error_request(enum SecXPCOperation op,
1043 CFStringRef idsMessage,
1044 CFErrorRef* error)
1045{
1046 __block bool result = false;
1047
1048 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
1049 CFStringPerformWithCString(idsMessage, ^(const char *utf8Str) {
1050 xpc_dictionary_set_string(message, kSecXPCKeySendIDSMessage, utf8Str);
1051 });
1052 return true;
1053 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
1054 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
1055 return result;
1056 });
1057
1058 return result;
1059}
1060
1061bool SOSCCRegisterUserCredentials(CFStringRef user_label, CFDataRef user_password, CFErrorRef* error)
1062{
1063 secnotice("sosops", "SOSCCRegisterUserCredentials - calling SOSCCSetUserCredentials!! %@\n", user_label);
1064 return SOSCCSetUserCredentials(user_label, user_password, error);
1065}
1066
1067bool SOSCCSetUserCredentials(CFStringRef user_label, CFDataRef user_password, CFErrorRef* error)
1068{
1069 secnotice("sosops", "SOSCCSetUserCredentials!! %@\n", user_label);
1070 sec_trace_enter_api(CFSTR("user_label=%@"), user_label);
1071 sec_trace_return_bool_api(^{
1072 do_if_registered(soscc_SetUserCredentials, user_label, user_password, error);
1073
1074 return label_and_password_to_bool_error_request(kSecXPCOpSetUserCredentials, user_label, user_password, error);
1075 }, NULL)
1076}
1077
1078bool SOSCCSetUserCredentialsAndDSID(CFStringRef user_label, CFDataRef user_password, CFStringRef dsid, CFErrorRef *error)
1079{
1080 secnotice("sosops", "SOSCCSetUserCredentialsAndDSID!! %@\n", user_label);
1081 sec_trace_enter_api(CFSTR("user_label=%@"), user_label);
1082 sec_trace_return_bool_api(^{
1083 do_if_registered(soscc_SetUserCredentialsAndDSID, user_label, user_password, dsid, error);
1084 if(dsid == NULL){
1085 return label_and_password_and_dsid_to_bool_error_request(kSecXPCOpSetUserCredentialsAndDSID, user_label, user_password, CFSTR(""), error);
1086 }
1087 else{
1088 return label_and_password_and_dsid_to_bool_error_request(kSecXPCOpSetUserCredentialsAndDSID, user_label, user_password, dsid, error);
1089 }
1090 }, NULL)
1091
1092}
1093bool SOSCCSetDeviceID(CFStringRef IDS, CFErrorRef* error)
1094{
1095 secnotice("sosops", "SOSCCSetDeviceID!! %@\n", IDS);
1096 sec_trace_enter_api(NULL);
1097 sec_trace_return_bool_api(^{
fa7225c8
A		 1098 do_if_registered(soscc_SetDeviceID, IDS, error);
1099 bool result = deviceid_to_bool_error_request(kSecXPCOpSetDeviceID, IDS, error);
5c19dc3a
A		 1100 return result;
1101 }, NULL)
1102}
1103
1104bool SOSCCIDSServiceRegistrationTest(CFStringRef message, CFErrorRef *error)
1105{
1106 secnotice("sosops", "SOSCCSendIDSTestMessage!! %@\n", message);
1107 sec_trace_enter_api(NULL);
1108 sec_trace_return_bool_api(^{
1109 do_if_registered(soscc_CheckIDSRegistration, message, error);
1110 return idscommand_to_bool_error_request(kSecXPCOpSendIDSMessage, message, error);
1111 }, NULL)
1112}
1113
1114bool SOSCCIDSPingTest(CFStringRef message, CFErrorRef *error)
1115{
1116 secnotice("sosops", "SOSCCSendIDSTestMessage!! %@\n", message);
1117 sec_trace_enter_api(NULL);
1118 sec_trace_return_bool_api(^{
1119 do_if_registered(soscc_PingTest, message, error);
1120 return idscommand_to_bool_error_request(kSecXPCOpPingTest, message, error);
1121 }, NULL)
1122}
1123
1124bool SOSCCIDSDeviceIDIsAvailableTest(CFErrorRef *error)
1125{
1126 secnotice("sosops", "SOSCCIDSDeviceIDIsAvailableTest!!\n");
1127 sec_trace_enter_api(NULL);
1128 sec_trace_return_bool_api(^{
1129 do_if_registered(soscc_GetIDSIDFromIDS, error);
1130 return simple_bool_error_request(kSecXPCOpIDSDeviceID, error);
1131 }, NULL)
1132}
1133
1134HandleIDSMessageReason SOSCCHandleIDSMessage(CFDictionaryRef IDS, CFErrorRef* error)
1135{
1136 secnotice("sosops", "SOSCCHandleIDSMessage!! %@\n", IDS);
1137 sec_trace_enter_api(NULL);
1138 sec_trace_return_api(HandleIDSMessageReason, ^{
1139 do_if_registered(soscc_HandleIDSMessage, IDS, error);
fa7225c8
A		 1140 return (HandleIDSMessageReason) idsDict_to_int_error_request(kSecXPCOpHandleIDSMessage, IDS, error);
1141 }, NULL)
1142}
1143
1144bool SOSCCRequestSyncWithPeerOverKVS(CFStringRef peerID, CFErrorRef *error)
1145{
1146 secnotice("sosops", "SOSCCRequestSyncWithPeerOverKVS!! %@\n", peerID);
1147 sec_trace_enter_api(NULL);
1148 sec_trace_return_bool_api(^{
1149 do_if_registered(soscc_requestSyncWithPeerOverKVS, peerID, error);
1150 return deviceid_to_bool_error_request(kSecXPCOpSyncWithKVSPeer, peerID, error);
1151 }, NULL)
1152}
1153
1154bool SOSCCRequestSyncWithPeerOverIDS(CFStringRef deviceID, CFErrorRef *error)
1155{
1156 secnotice("sosops", "SOSCCRequestSyncWithPeerOverIDS!! %@\n", deviceID);
1157 sec_trace_enter_api(NULL);
1158 sec_trace_return_bool_api(^{
1159 do_if_registered(soscc_requestSyncWithPeerOverIDS, deviceID, error);
1160 return deviceid_to_bool_error_request(kSecXPCOpSyncWithIDSPeer, deviceID, error);
5c19dc3a
A		 1161 }, NULL)
1162}
1163
1164bool SOSCCTryUserCredentials(CFStringRef user_label, CFDataRef user_password, CFErrorRef* error)
1165{
1166 sec_trace_enter_api(CFSTR("user_label=%@"), user_label);
1167 sec_trace_return_bool_api(^{
1168 do_if_registered(soscc_TryUserCredentials, user_label, user_password, error);
1169
1170 return label_and_password_to_bool_error_request(kSecXPCOpTryUserCredentials, user_label, user_password, error);
1171 }, NULL)
1172}
1173
1174
1175bool SOSCCCanAuthenticate(CFErrorRef* error) {
1176 sec_trace_enter_api(NULL);
1177 sec_trace_return_bool_api(^{
1178 do_if_registered(soscc_CanAuthenticate, error);
1179
1180 return simple_bool_error_request(kSecXPCOpCanAuthenticate, error);
1181 }, NULL)
1182}
1183
1184bool SOSCCPurgeUserCredentials(CFErrorRef* error) {
1185 sec_trace_enter_api(NULL);
1186 sec_trace_return_bool_api(^{
1187 do_if_registered(soscc_PurgeUserCredentials, error);
1188
1189 return simple_bool_error_request(kSecXPCOpPurgeUserCredentials, error);
1190 }, NULL)
1191}
1192
1193enum DepartureReason SOSCCGetLastDepartureReason(CFErrorRef *error) {
1194 sec_trace_enter_api(NULL);
1195 sec_trace_return_api(enum DepartureReason, ^{
1196 do_if_registered(soscc_GetLastDepartureReason, error);
1197
1198 return (enum DepartureReason) simple_int_error_request(kSecXPCOpGetLastDepartureReason, error);
1199 }, NULL)
1200}
1201
1202bool SOSCCSetLastDepartureReason(enum DepartureReason reason, CFErrorRef *error) {
1203 sec_trace_enter_api(NULL);
1204 sec_trace_return_api(bool, ^{
1205 do_if_registered(soscc_SetLastDepartureReason, reason, error);
1206 return securityd_send_sync_and_do(kSecXPCOpSetLastDepartureReason, error,
1207 ^bool(xpc_object_t message, CFErrorRef *error) {
1208 xpc_dictionary_set_int64(message, kSecXPCKeyReason, reason);
1209 return true;
1210 },
1211 ^bool(xpc_object_t response, __unused CFErrorRef *error) {
1212 return xpc_dictionary_get_bool(response, kSecXPCKeyResult);
1213 }
1214 );
1215 }, NULL)
1216}
1217
1218CFStringRef SOSCCCopyIncompatibilityInfo(CFErrorRef* error) {
1219 sec_trace_enter_api(NULL);
1220 sec_trace_return_api(CFStringRef, ^{
1221 do_if_registered(soscc_CopyIncompatibilityInfo, error);
1222
1223 return simple_cfstring_error_request(kSecXPCOpCopyIncompatibilityInfo, error);
1224 }, NULL)
1225}
1226
e0e0d90e 1227CFStringRef SOSCCCopyDeviceID(CFErrorRef* error)
5c19dc3a
A		 1228{
1229 sec_trace_enter_api(NULL);
1230 sec_trace_return_api(CFStringRef, ^{
e0e0d90e 1231 do_if_registered(soscc_CopyDeviceID, error);
5c19dc3a
A		 1232 CFStringRef deviceID = simple_cfstring_error_request(kSecXPCOpRequestDeviceID, error);
1233 return deviceID;
1234 }, NULL)
1235}
1236
1237bool SOSCCProcessEnsurePeerRegistration(CFErrorRef* error){
1238 secnotice("updates", "enter SOSCCProcessEnsurePeerRegistration");
1239 sec_trace_enter_api(NULL);
1240 sec_trace_return_bool_api(^{
1241 do_if_registered(soscc_EnsurePeerRegistration, error);
1242
1243 return simple_bool_error_request(soscc_EnsurePeerRegistration_id, error);
1244 }, NULL)
1245}
1246
1247
1248SyncWithAllPeersReason SOSCCProcessSyncWithAllPeers(CFErrorRef* error)
1249{
1250 sec_trace_enter_api(NULL);
1251 sec_trace_return_api(SyncWithAllPeersReason, ^{
1252 do_if_registered(soscc_ProcessSyncWithAllPeers, error);
1253
1254 return (SyncWithAllPeersReason) simple_int_error_request(kSecXPCOpProcessSyncWithAllPeers, error);
1255 }, NULL)
1256}
1257
1258CFStringRef SOSCCGetStatusDescription(SOSCCStatus status)
1259{
1260 switch (status) {
1261 case kSOSCCInCircle:
1262 return CFSTR("InCircle");
1263 case kSOSCCNotInCircle:
1264 return CFSTR("NotInCircle");
1265 case kSOSCCRequestPending:
1266 return CFSTR("RequestPending");
1267 case kSOSCCCircleAbsent:
1268 return CFSTR("CircleAbsent");
1269 case kSOSCCError:
1270 return CFSTR("InternalError");
1271 default:
1272 return CFSTR("Unknown Status (%d)");
1273 };
1274}
1275
1276#if 0
1277 kSOSCCGeneralViewError = -1,
1278 kSOSCCViewMember = 0,
1279 kSOSCCViewNotMember = 1,
1280 kSOSCCViewNotQualified = 2,
1281 kSOSCCNoSuchView = 3,
1282#endif
1283
1284static int64_t name_action_to_code_request(enum SecXPCOperation op, uint16_t error_result,
1285 CFStringRef name, uint64_t action, CFErrorRef *error) {
1286 __block int64_t result = error_result;
1287
1288 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
1289 CFStringPerformWithCString(name, ^(const char *utf8Str) {
1290 xpc_dictionary_set_string(message, kSecXPCKeyViewName, utf8Str);
1291 });
1292 xpc_dictionary_set_int64(message, kSecXPCKeyViewActionCode, action);
1293 return true;
1294 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
1295 if (response && xpc_dictionary_entry_is_type(response, kSecXPCKeyResult, XPC_TYPE_INT64)) {
1296 result = xpc_dictionary_get_int64(response, kSecXPCKeyResult);
1297 }
1298 return result != error_result;
1299 });
1300
1301 return result;
1302}
1303
1304SOSViewResultCode SOSCCView(CFStringRef view, SOSViewActionCode actionCode, CFErrorRef *error) {
1305 sec_trace_enter_api(NULL);
1306 sec_trace_return_api(SOSViewResultCode, ^{
1307 do_if_registered(soscc_View, view, actionCode, error);
1308
1309 return (SOSViewResultCode) name_action_to_code_request(kSecXPCOpView, kSOSCCGeneralViewError, view, actionCode, error);
1310 }, CFSTR("SOSViewResultCode=%d"))
1311}
1312
1313
1314bool SOSCCViewSet(CFSetRef enabledViews, CFSetRef disabledViews) {
1315 CFErrorRef *error = NULL;
1316 __block bool result = false;
1317
1318 sec_trace_enter_api(NULL);
1319 sec_trace_return_bool_api(^{
1320 do_if_registered(soscc_ViewSet, enabledViews, disabledViews);
1321 return securityd_send_sync_and_do(kSecXPCOpViewSet, error, ^bool(xpc_object_t message, CFErrorRef *error) {
1322 xpc_object_t enabledSetXpc = CreateXPCObjectWithCFSetRef(enabledViews, error);
1323 xpc_object_t disabledSetXpc = CreateXPCObjectWithCFSetRef(disabledViews, error);
1324 if (enabledSetXpc) xpc_dictionary_set_value(message, kSecXPCKeyEnabledViewsKey, enabledSetXpc);
1325 if (disabledSetXpc) xpc_dictionary_set_value(message, kSecXPCKeyDisabledViewsKey, disabledSetXpc);
1326 return (enabledSetXpc != NULL) || (disabledSetXpc != NULL) ;
1327 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
1328 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
1329 return result;
1330 });
1331 }, NULL)
1332}
1333
1334SOSSecurityPropertyResultCode SOSCCSecurityProperty(CFStringRef property, SOSSecurityPropertyActionCode actionCode, CFErrorRef *error) {
1335 sec_trace_enter_api(NULL);
1336 sec_trace_return_api(SOSSecurityPropertyResultCode, ^{
1337 SOSSecurityPropertyResultCode result = kSOSCCGeneralSecurityPropertyError;
1338 do_if_registered(soscc_SecurityProperty, property, actionCode, error);
1339 xpc_object_t message = securityd_create_message(kSecXPCOpSecurityProperty, error);
1340 if (message) {
1341 int64_t bigac = actionCode;
1342 xpc_dictionary_set_string(message, kSecXPCKeyViewName, CFStringGetCStringPtr(property, kCFStringEncodingUTF8));
1343 xpc_dictionary_set_int64(message, kSecXPCKeyViewActionCode, bigac);
1344
1345 xpc_object_t response = securityd_message_with_reply_sync(message, error);
1346
1347 if (response && xpc_dictionary_entry_is_type(response, kSecXPCKeyResult, XPC_TYPE_INT64)) {
1348 result = (SOSSecurityPropertyResultCode) xpc_dictionary_get_int64(response, kSecXPCKeyResult);
1349 }
1350
1351 if (result == kSOSCCGeneralSecurityPropertyError) {
1352 if (response && securityd_message_no_error(response, error)) {
1353 char *desc = xpc_copy_description(response);
1354 SecCFCreateErrorWithFormat(0, sSecXPCErrorDomain, NULL, error, NULL, CFSTR("Remote error occurred/no info: %s"), desc);
1355 free((void *)desc);
1356 }
1357 }
1358 if(response)
1359 xpc_release(response);
1360 if(message)
1361 xpc_release(message);
1362 }
1363
1364 return result;
1365 }, CFSTR("SOSSecurityPropertyResultCode=%d"))
1366}
1367
1368
1369static bool sosIsViewSetSyncing(size_t n, CFStringRef *views) {
1370 __block bool retval = true;
1371
1372 SOSCCStatus cstatus = SOSCCThisDeviceIsInCircle(NULL);
1373 if(cstatus == kSOSCCInCircle) {
1374 for(size_t i = 0; i < n; i++) {
1375 SOSViewResultCode vstatus = SOSCCView(views[i], kSOSCCViewQuery, NULL);
1376 if(vstatus != kSOSCCViewMember) retval = false;
1377 }
1378 } else {
1379 retval = false;
1380 }
1381 return retval;
1382}
1383
1384bool SOSCCIsIcloudKeychainSyncing(void) {
fa7225c8 1385 CFStringRef views[] = { kSOSViewAutofillPasswords, kSOSViewSafariCreditCards };
5c19dc3a
A		 1386 return sosIsViewSetSyncing(1, views);
1387}
1388
1389bool SOSCCIsSafariSyncing(void) {
1390 CFStringRef views[] = { kSOSViewAutofillPasswords, kSOSViewSafariCreditCards };
1391 return sosIsViewSetSyncing(2, views);
1392}
1393
1394bool SOSCCIsAppleTVSyncing(void) {
1395 CFStringRef views[] = { kSOSViewAppleTV };
1396 return sosIsViewSetSyncing(1, views);
1397}
1398
1399bool SOSCCIsHomeKitSyncing(void) {
1400 CFStringRef views[] = { kSOSViewHomeKit };
1401 return sosIsViewSetSyncing(1, views);
1402}
1403
1404bool SOSCCIsWiFiSyncing(void) {
1405 CFStringRef views[] = { kSOSViewWiFi };
1406 return sosIsViewSetSyncing(1, views);
1407}
e0e0d90e 1408
fa7225c8
A		 1409bool SOSCCIsContinuityUnlockSyncing(void) {
1410 CFStringRef views[] = { kSOSViewContinuityUnlock };
1411 return sosIsViewSetSyncing(1, views);
1412}
1413
1414
e0e0d90e
A		 1415bool SOSCCSetEscrowRecord(CFStringRef escrow_label, uint64_t tries, CFErrorRef *error ){
1416 secnotice("escrow", "enter SOSCCSetEscrowRecord");
1417 sec_trace_enter_api(NULL);
1418 sec_trace_return_bool_api(^{
1419 do_if_registered(soscc_SetEscrowRecords, escrow_label, tries, error);
1420
1421 return escrow_to_bool_error_request(kSecXPCOpSetEscrowRecord, escrow_label, tries, error);
1422 }, NULL)
1423}
1424
1425CFDictionaryRef SOSCCCopyEscrowRecord(CFErrorRef *error){
1426 secnotice("escrow", "enter SOSCCCopyEscrowRecord");
1427 sec_trace_enter_api(NULL);
1428 sec_trace_return_api(CFDictionaryRef, ^{
1429 do_if_registered(soscc_CopyEscrowRecords, error);
1430
1431 return strings_to_dictionary_error_request(kSecXPCOpGetEscrowRecord, error);
1432 }, CFSTR("return=%@"))
1433
1434}
1435
1436bool SOSCCCheckPeerAvailability(CFErrorRef *error){
1437 secnotice("peer", "enter SOSCCCheckPeerAvailability");
1438 sec_trace_enter_api(NULL);
1439 sec_trace_return_bool_api(^{
1440 do_if_registered(soscc_PeerAvailability, error);
1441
1442 return simple_bool_error_request(kSecXPCOpCheckPeerAvailability, error);
1443 }, NULL)
1444
1445}
1446
1447
e3d460c9
A		 1448bool SOSWrapToBackupSliceKeyBagForView(CFStringRef viewName, CFDataRef input, CFDataRef* output, CFDataRef* bskbEncoded, CFErrorRef* error) {
1449 sec_trace_enter_api(NULL);
1450 sec_trace_return_bool_api(^{
1451 do_if_registered(sosbskb_WrapToBackupSliceKeyBagForView, viewName, input, output, bskbEncoded, error);
1452
1453 return cfstring_and_cfdata_to_cfdata_cfdata_error_request(kSecXPCOpWrapToBackupSliceKeyBagForView, viewName, input, output, bskbEncoded, error);
1454 }, NULL)
1455}
fa7225c8
A		 1456
1457
1458SOSPeerInfoRef SOSCCCopyApplication(CFErrorRef *error) {
1459 secnotice("hsa2PB", "enter SOSCCCopyApplication applicant");
1460 sec_trace_enter_api(NULL);
1461
1462 sec_trace_return_api(SOSPeerInfoRef, ^{
1463 do_if_registered(soscc_CopyApplicant, error);
1464 return peer_info_error_request(kSecXPCOpCopyApplication, error);
1465 }, CFSTR("return=%@"));
1466}
1467
1468CFDataRef SOSCCCopyCircleJoiningBlob(SOSPeerInfoRef applicant, CFErrorRef *error) {
1469 secnotice("hsa2PB", "enter SOSCCCopyCircleJoiningBlob approver");
1470 sec_trace_enter_api(NULL);
1471
1472 sec_trace_return_api(CFDataRef, ^{
1473 CFDataRef result = NULL;
1474 do_if_registered(soscc_CopyCircleJoiningBlob, applicant, error);
1475 CFDataRef piData = SOSPeerInfoCopyEncodedData(applicant, kCFAllocatorDefault, error);
1476 result = cfdata_error_request_returns_cfdata(kSecXPCOpCopyCircleJoiningBlob, piData, error);
1477 CFReleaseNull(piData);
1478 return result;
1479 }, CFSTR("return=%@"));
1480}
1481
1482bool SOSCCJoinWithCircleJoiningBlob(CFDataRef joiningBlob, CFErrorRef *error) {
1483 secnotice("hsa2PB", "enter SOSCCJoinWithCircleJoiningBlob applicant");
1484 sec_trace_enter_api(NULL);
1485 sec_trace_return_bool_api(^{
1486 do_if_registered(soscc_JoinWithCircleJoiningBlob, joiningBlob, error);
1487
1488 return cfdata_error_request_returns_bool(kSecXPCOpJoinWithCircleJoiningBlob, joiningBlob, error);
1489 }, NULL)
1490
1491 return false;
1492}
1493
1494bool SOSCCIsThisDeviceLastBackup(CFErrorRef *error) {
1495 secnotice("peer", "enter SOSCCIsThisDeviceLastBackup");
1496 sec_trace_enter_api(NULL);
1497 sec_trace_return_bool_api(^{
1498 do_if_registered(soscc_IsThisDeviceLastBackup, error);
1499
1500 return simple_bool_error_request(kSecXPCOpIsThisDeviceLastBackup, error);
1501 }, NULL)
1502}
1503
1504CFBooleanRef SOSCCPeersHaveViewsEnabled(CFArrayRef viewNames, CFErrorRef *error) {
1505 secnotice("view-enabled", "enter SOSCCPeersHaveViewsEnabled");
1506 sec_trace_enter_api(NULL);
1507 sec_trace_return_api(CFBooleanRef, ^{
1508 do_if_registered(soscc_SOSCCPeersHaveViewsEnabled, viewNames, error);
1509
1510 return cfarray_to_cfboolean_error_request(kSecXPCOpPeersHaveViewsEnabled, viewNames, error);
1511 }, CFSTR("return=%@"))
1512}
1513
mirror of Security