OSX/sec/SOSCircle/SecureObjectSync/SOSRingUtils.h

   1 //
   2 //  SOSRingUtils.h
   3 //  sec
   4 //
   5 //  Created by Richard Murphy on 1/28/15.
   6 //
   7 //
   8
   9 #ifndef _sec_SOSRingUtils_
  10 #define _sec_SOSRingUtils_
  11
  12 #include <CoreFoundation/CFRuntime.h>
  13 #include <CoreFoundation/CoreFoundation.h>
  14 #include <utilities/SecCFWrappers.h>
  15 #include <Security/SecureObjectSync/SOSGenCount.h>
  16 #include "SOSRing.h"
  17
  18 #define ALLOCATOR NULL
  19
  20
  21 struct __OpaqueSOSRing {
  22     CFRuntimeBase _base;
  23     CFMutableDictionaryRef unSignedInformation;
  24     CFMutableDictionaryRef signedInformation;
  25     CFMutableDictionaryRef signatures;      // Signatures keyed by peerid
  26     CFMutableDictionaryRef data;            // Anything for ring-specific rule support
  27 };
  28
  29 static inline
  30 void SOSRingAssertStable(SOSRingRef ring)
  31 {
  32     assert(ring);
  33     assert(ring->unSignedInformation);
  34     assert(ring->signedInformation);
  35     assert(ring->signatures);
  36     assert(ring->data);
  37 }
  38
  39 static inline
  40 bool SOSRingIsStable(SOSRingRef ring) {
  41     return (ring) && (ring->unSignedInformation) && (ring->signedInformation) && (ring->signatures)&& (ring->data);
  42 }
  43
  44 /* unSignedInformation Dictionary Keys */
  45 extern CFStringRef sApplicantsKey;
  46 extern CFStringRef sRejectionsKey;
  47 extern CFStringRef sRetiredKey;
  48 extern CFStringRef sLastPeerToModifyKey;
  49
  50 /* signedInformation Dictionary Keys */
  51 extern CFStringRef sNameKey;
  52 extern CFStringRef sVersion;
  53 extern CFStringRef sTypeKey;
  54 extern CFStringRef sIdentifierKey;
  55 extern CFStringRef sGenerationKey;
  56 extern CFStringRef sPeerIDsKey;
  57 extern CFStringRef sRingVersionKey;
  58
  59 CF_RETURNS_RETAINED SOSRingRef SOSRingAllocate(void);
  60 SOSRingRef SOSRingCreate_Internal(CFStringRef name, SOSRingType type, CFErrorRef *error);
  61 SOSRingRef SOSRingCopyRing(SOSRingRef original, CFErrorRef *error);
  62
  63 bool SOSRingVerifySignatureExists(SOSRingRef ring, SecKeyRef pubKey, CFErrorRef *error);
  64 bool SOSRingVerify(SOSRingRef ring, SecKeyRef pubKey, CFErrorRef *error);
  65 bool SOSRingVerifyPeerSigned(SOSRingRef ring, SOSPeerInfoRef peer, CFErrorRef *error);
  66 bool SOSRingGenerationSign_Internal(SOSRingRef ring, SecKeyRef privKey, CFErrorRef *error);
  67 bool SOSRingConcordanceSign_Internal(SOSRingRef ring, SecKeyRef privKey, CFErrorRef *error);
  68 SOSConcordanceStatus GetSignersStatus(CFSetRef peers, SOSRingRef signersRing, SOSRingRef statusRing,
  69                                       SecKeyRef userPubkey, CFStringRef excludePeerID, CFErrorRef *error);
  70 SOSConcordanceStatus GetSignersStatus_Transitive(CFSetRef peers, SOSRingRef signersRing, SOSRingRef statusRing,
  71                                                  SecKeyRef userPubkey, CFStringRef excludePeerID, CFErrorRef *error);
  72 SOSConcordanceStatus SOSRingUserKeyConcordanceTrust(SOSFullPeerInfoRef me, CFSetRef peers, SOSRingRef knownRing, SOSRingRef proposedRing,
  73                                                     SecKeyRef knownPubkey, SecKeyRef userPubkey,
  74                                                     CFStringRef excludePeerID, CFErrorRef *error);
  75 SOSConcordanceStatus SOSRingPeerKeyConcordanceTrust(SOSFullPeerInfoRef me, CFSetRef peers, SOSRingRef knownRing, SOSRingRef proposedRing,
  76                                                     __unused SecKeyRef knownPubkey, SecKeyRef userPubkey,
  77                                                     CFStringRef excludePeerID, CFErrorRef *error);
  78
  79 bool SOSRingHasPeerWithID(SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
  80
  81 int SOSRingCountPeers(SOSRingRef ring);
  82 CFStringRef SOSRingCopySignerList(SOSRingRef ring);
  83 CFDictionaryRef SOSRingCopyPeerIDList(SOSRingRef ring);
  84
  85
  86 int SOSRingCountApplicants(SOSRingRef ring);
  87 bool SOSRingHasApplicant(SOSRingRef ring, CFStringRef peerID);
  88 CFMutableSetRef SOSRingCopyApplicants(SOSRingRef ring);
  89
  90 int SOSRingCountRejections(SOSRingRef ring);
  91 bool SOSRingHasRejection(SOSRingRef ring, CFStringRef peerID);
  92 CFMutableSetRef SOSRingCopyRejections(SOSRingRef ring);
  93 bool SOSRingHasPeerWithID(SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
  94
  95 // Use this to determine whether a ring your interogating is the "same one" that you think you're going to change.
  96 bool SOSRingIsSame(SOSRingRef ring1, SOSRingRef ring2);
  97
  98 const char *SOSRingGetNameC(SOSRingRef ring);
  99
 100 void SOSRingGenerationIncrement(SOSRingRef ring);
 101 bool SOSRingIsOlderGeneration(SOSRingRef olderRing, SOSRingRef newerRing);
 102 void SOSRingGenerationCreateWithBaseline(SOSRingRef newring, SOSRingRef baseline);
 103
 104 bool SOSRingSetApplicants(SOSRingRef ring, CFMutableSetRef applicants);
 105
 106 bool SOSRingSetLastModifier(SOSRingRef ring, CFStringRef peerID);
 107
 108 bool SOSRingResetToEmpty_Internal(SOSRingRef ring, CFErrorRef *error);
 109 bool SOSRingIsEmpty_Internal(SOSRingRef ring);
 110 bool SOSRingIsOffering_Internal(SOSRingRef ring);
 111
 112
 113 bool SOSRingAddApplicant(SOSRingRef ring, CFStringRef peerid);
 114 bool SOSRingRemoveApplicant(SOSRingRef ring, CFStringRef peerid);
 115
 116 bool SOSRingAddRejection(SOSRingRef ring, CFStringRef peerid);
 117 bool SOSRingRemoveRejection(SOSRingRef ring, CFStringRef peerid);
 118 CFDataRef SOSRingGetPayload_Internal(SOSRingRef ring);
 119 bool SOSRingSetPayload_Internal(SOSRingRef ring, CFDataRef payload);
 120 CFSetRef SOSRingGetBackupViewset_Internal(SOSRingRef ring);
 121 bool SOSRingSetBackupViewset_Internal(SOSRingRef ring, CFSetRef viewSet);
 122 bool SOSRingSetPeerIDs(SOSRingRef ring, CFMutableSetRef peers);
 123 int SOSRingCountPeerIDs(SOSRingRef ring);
 124 bool SOSRingHasPeerID(SOSRingRef ring, CFStringRef peerID);
 125 CFMutableSetRef SOSRingCopyPeerIDs(SOSRingRef ring);
 126 void SOSRingAddAll(SOSRingRef ring, CFSetRef peerInfosOrIDs);
 127 bool SOSRingAddPeerID(SOSRingRef ring, CFStringRef peerid);
 128 bool SOSRingRemovePeerID(SOSRingRef ring, CFStringRef peerid);
 129 void SOSRingForEachPeerID(SOSRingRef ring, void (^action)(CFStringRef peerID));
 130
 131 size_t SOSRingGetDEREncodedSize(SOSRingRef ring, CFErrorRef *error);
 132 uint8_t* SOSRingEncodeToDER(SOSRingRef ring, CFErrorRef* error, const uint8_t* der, uint8_t* der_end);
 133 SOSRingRef SOSRingCreateFromDER(CFErrorRef* error, const uint8_t** der_p, const uint8_t *der_end);
 134
 135 CFDictionaryRef SOSRingCreateRetirementTicket(SOSFullPeerInfoRef fpi, CFErrorRef *error);
 136
 137 #if 0
 138 int SOSRingCountActivePeers(SOSCircleRef circle, SOSRingRef ring);
 139 int SOSRingCountActiveValidPeers(SOSCircleRef circle, SOSRingRef ring, SecKeyRef pubkey);
 140 int SOSRingCountRetiredPeers(SOSCircleRef circle, SOSRingRef ring);
 141 void SOSRingForEachPeer(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
 142 void SOSRingForEachRetiredPeer(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
 143 void SOSRingForEachActivePeer(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
 144 void SOSRingForEachActiveValidPeer(SOSCircleRef circle, SOSRingRef ring, SecKeyRef user_public_key, void (^action)(SOSPeerInfoRef peer));
 145 SOSPeerInfoRef SOSRingCopyPeerWithID(SOSCircleRef circle, SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
 146 bool SOSRingHasActivePeerWithID(SOSCircleRef circle, SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
 147 bool SOSRingHasActiveValidPeerWithID(SOSCircleRef circle, SOSRingRef ring, CFStringRef peerid, SecKeyRef user_public_key, CFErrorRef *error);
 148 void SOSRingForEachApplicant(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
 149 bool SOSRingResetToOffering_Internal(SOSCircleRef circle, SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error);
 150 #endif
 151
 152 #endif /* defined(_sec_SOSRingUtils_) */