OSX/sec/SOSCircle/SecureObjectSync/SOSPeerInfo.h

   1 /*
   2  * Copyright (c) 2012-2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 #ifndef _SOSPEERINFO_H_
  26 #define _SOSPEERINFO_H_
  27
  28 #include <CoreFoundation/CoreFoundation.h>
  29 #include <Security/SecKey.h>
  30 #include <CommonCrypto/CommonDigestSPI.h>
  31 #include <corecrypto/ccdigest.h>
  32
  33 #include <Security/SecureObjectSync/SOSTypes.h>
  34
  35 __BEGIN_DECLS
  36
  37 typedef struct __OpaqueSOSPeerInfo   *SOSPeerInfoRef;
  38
  39 // Bumped to 3 from 2 so we can identify pre-iCDP peers and add the proper views.
  40 #define PEERINFO_CURRENT_VERSION 3
  41
  42 enum {
  43     kSOSPeerVersion = 2,
  44     kSOSPeerV2BaseVersion = 2,
  45 };
  46
  47
  48 enum {
  49     SOSPeerCmpPubKeyHash = 0,
  50     SOSPeerCmpName = 1,
  51 };
  52 typedef uint32_t SOSPeerInfoCmpSelect;
  53
  54 CFTypeID SOSPeerInfoGetTypeID(void);
  55
  56 static inline bool isSOSPeerInfo(CFTypeRef obj) {
  57     return obj && (CFGetTypeID(obj) == SOSPeerInfoGetTypeID());
  58 }
  59
  60 static inline SOSPeerInfoRef asSOSPeerInfo(CFTypeRef obj) {
  61     return isSOSPeerInfo(obj) ? (SOSPeerInfoRef) obj : NULL;
  62 }
  63
  64 SOSPeerInfoRef SOSPeerInfoCreate(CFAllocatorRef allocator, CFDictionaryRef gestalt, CFDataRef backup_key, SecKeyRef signingKey, SecKeyRef octagonSigningKey, SecKeyRef octagonPeerEncryptionKey, CFErrorRef* error);
  65
  66 SOSPeerInfoRef SOSPeerInfoCreateWithTransportAndViews(CFAllocatorRef allocator, CFDictionaryRef gestalt, CFDataRef backup_key,
  67                                                       CFStringRef IDSID, CFStringRef transportType, CFBooleanRef preferIDS,
  68                                                       CFBooleanRef preferFragmentation, CFBooleanRef preferAckModel, CFSetRef enabledViews, SecKeyRef signingKey, SecKeyRef octagonSigningKey, SecKeyRef octagonPeerEncryptionKey, CFErrorRef* error);
  69
  70 SOSPeerInfoRef SOSPeerInfoCreateCloudIdentity(CFAllocatorRef allocator, CFDictionaryRef gestalt, SecKeyRef signingKey, CFErrorRef* error);
  71
  72 SOSPeerInfoRef SOSPeerInfoCreateCopy(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFErrorRef* error);
  73 SOSPeerInfoRef SOSPeerInfoCreateCurrentCopy(CFAllocatorRef allocator, SOSPeerInfoRef toCopy,
  74                                             CFStringRef IDSID, CFStringRef transportType, CFBooleanRef preferIDS, CFBooleanRef preferFragmentation, CFBooleanRef preferAckModel, CFSetRef enabledViews,
  75                                             SecKeyRef signingKey, CFErrorRef* error);
  76 bool SOSPeerInfoVersionIsCurrent(SOSPeerInfoRef pi);
  77 bool SOSPeerInfoVersionHasV2Data(SOSPeerInfoRef pi);
  78 SOSPeerInfoRef SOSPeerInfoCopyWithGestaltUpdate(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFDictionaryRef gestalt, SecKeyRef signingKey, CFErrorRef* error);
  79 SOSPeerInfoRef SOSPeerInfoCopyWithBackupKeyUpdate(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFDataRef backupKey, SecKeyRef signingKey, CFErrorRef* error);
  80 SOSPeerInfoRef SOSPeerInfoCopyWithEscrowRecordUpdate(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFStringRef dsid, CFDictionaryRef escrowRecord, SecKeyRef signingKey, CFErrorRef *error);
  81 SOSPeerInfoRef SOSPeerInfoCopyWithReplacedEscrowRecords(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFDictionaryRef escrowRecords, SecKeyRef signingKey, CFErrorRef *error);
  82
  83
  84 SOSPeerInfoRef SOSPeerInfoCopyWithViewsChange(CFAllocatorRef allocator, SOSPeerInfoRef toCopy,
  85                                               SOSViewActionCode action, CFStringRef viewname, SOSViewResultCode *retval,
  86                                               SecKeyRef signingKey, CFErrorRef* error);
  87 SOSPeerInfoRef SOSPeerInfoCopyAsApplication(SOSPeerInfoRef pi, SecKeyRef userkey, SecKeyRef peerkey, CFErrorRef *error);
  88
  89 SOSPeerInfoRef SOSPeerInfoCopyWithSecurityPropertyChange(CFAllocatorRef allocator, SOSPeerInfoRef toCopy,
  90                                                         SOSSecurityPropertyActionCode action, CFStringRef property, SOSSecurityPropertyResultCode *retval,
  91                                                         SecKeyRef signingKey, CFErrorRef* error);
  92
  93 SOSPeerInfoRef SOSPeerInfoCopyWithPing(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, SecKeyRef signingKey, CFErrorRef* error);
  94 SOSPeerInfoRef SOSPeerInfoCopyAsApplication(SOSPeerInfoRef pi, SecKeyRef userkey, SecKeyRef peerkey, CFErrorRef *error);
  95
  96 bool SOSPeerInfoUpdateDigestWithPublicKeyBytes(SOSPeerInfoRef peer, const struct ccdigest_info *di,
  97                                                ccdigest_ctx_t ctx, CFErrorRef *error);
  98 bool SOSPeerInfoUpdateDigestWithDescription(SOSPeerInfoRef peer, const struct ccdigest_info *di,
  99                                             ccdigest_ctx_t ctx, CFErrorRef *error);
 100
 101
 102 bool SOSPeerInfoApplicationVerify(SOSPeerInfoRef pi, SecKeyRef userkey, CFErrorRef *error);
 103
 104 CF_RETURNS_RETAINED CFDateRef SOSPeerInfoGetApplicationDate(SOSPeerInfoRef pi);
 105
 106 //
 107 // DER Import Export
 108 //
 109 SOSPeerInfoRef SOSPeerInfoCreateFromDER(CFAllocatorRef allocator, CFErrorRef* error,
 110                                         const uint8_t** der_p, const uint8_t *der_end);
 111
 112 SOSPeerInfoRef SOSPeerInfoCreateFromData(CFAllocatorRef allocator, CFErrorRef* error,
 113                                          CFDataRef peerinfo_data);
 114
 115 size_t      SOSPeerInfoGetDEREncodedSize(SOSPeerInfoRef peer, CFErrorRef *error);
 116 uint8_t*    SOSPeerInfoEncodeToDER(SOSPeerInfoRef peer, CFErrorRef* error,
 117                                    const uint8_t* der, uint8_t* der_end);
 118
 119 CFDataRef SOSPeerInfoCopyEncodedData(SOSPeerInfoRef peer, CFAllocatorRef allocator, CFErrorRef *error);
 120
 121 //
 122 // Transfered Data
 123 //
 124 bool SOSPeerInfoHasBackupKey(SOSPeerInfoRef peer);
 125 CFDataRef SOSPeerInfoCopyBackupKey(SOSPeerInfoRef peer);
 126 CFMutableDictionaryRef SOSPeerInfoCopyEscrowRecord(SOSPeerInfoRef peer);
 127
 128 //
 129 // DER Import Export
 130 //
 131 SOSPeerInfoRef SOSPeerInfoCreateFromDER(CFAllocatorRef allocator, CFErrorRef* error,
 132                                         const uint8_t** der_p, const uint8_t *der_end);
 133
 134 SOSPeerInfoRef SOSPeerInfoCreateFromData(CFAllocatorRef allocator, CFErrorRef* error,
 135                                          CFDataRef peerinfo_data);
 136
 137 size_t      SOSPeerInfoGetDEREncodedSize(SOSPeerInfoRef peer, CFErrorRef *error);
 138 uint8_t*    SOSPeerInfoEncodeToDER(SOSPeerInfoRef peer, CFErrorRef* error,
 139                                    const uint8_t* der, uint8_t* der_end);
 140
 141 CFDataRef SOSPeerInfoCopyEncodedData(SOSPeerInfoRef peer, CFAllocatorRef allocator, CFErrorRef *error);
 142
 143 //
 144 // Gestalt info about the peer. It was fetched by the implementation on the other side.
 145 // probably has what you're looking for..
 146 //
 147 CFTypeRef SOSPeerInfoLookupGestaltValue(SOSPeerInfoRef pi, CFStringRef key);
 148 CFDictionaryRef SOSPeerInfoCopyPeerGestalt(SOSPeerInfoRef pi);
 149 CFDictionaryRef SOSPeerGetGestalt(SOSPeerInfoRef pi);
 150 CFStringRef SOSPeerInfoGetPeerName(SOSPeerInfoRef peer);
 151
 152 //
 153 // Syntactic Sugar for some commone ones, might get deprectated at this level.
 154 //
 155
 156 CFStringRef SOSPeerInfoGetPeerDeviceType(SOSPeerInfoRef peer);
 157 CFIndex SOSPeerInfoGetPeerProtocolVersion(SOSPeerInfoRef peer);
 158
 159
 160 // Stringified ID for this peer, not human readable.
 161 CFStringRef SOSPeerInfoGetPeerID(SOSPeerInfoRef peer);
 162 bool SOSPeerInfoPeerIDEqual(SOSPeerInfoRef pi, CFStringRef myPeerID);
 163
 164 CFIndex SOSPeerInfoGetVersion(SOSPeerInfoRef peer);
 165
 166 //
 167 // Peer Info Gestalt Helpers
 168 //
 169 CFStringRef SOSPeerGestaltGetName(CFDictionaryRef gestalt);
 170
 171 // These are Mobile Gestalt questions. Not all Gestalt questions are carried.
 172 CFTypeRef SOSPeerGestaltGetAnswer(CFDictionaryRef gestalt, CFStringRef question);
 173
 174 SecKeyRef SOSPeerInfoCopyPubKey(SOSPeerInfoRef peer, CFErrorRef *error);
 175 SecKeyRef SOSPeerInfoCopyOctagonSigningPublicKey(SOSPeerInfoRef peer, CFErrorRef* error);
 176 SecKeyRef SOSPeerInfoCopyOctagonEncryptionPublicKey(SOSPeerInfoRef peer, CFErrorRef* error);
 177 bool SOSPeerInfoHasOctagonSigningPubKey(SOSPeerInfoRef peer);
 178 bool SOSPeerInfoHasOctagonEncryptionPubKey(SOSPeerInfoRef peer);
 179
 180 CFDataRef SOSPeerInfoGetAutoAcceptInfo(SOSPeerInfoRef peer);
 181
 182 CFComparisonResult SOSPeerInfoCompareByID(const void *val1, const void *val2, void *context);
 183
 184 SOSPeerInfoRef SOSPeerInfoCreateRetirementTicket(CFAllocatorRef allocator, SecKeyRef privKey, SOSPeerInfoRef peer, CFErrorRef *error);
 185
 186 CFStringRef SOSPeerInfoInspectRetirementTicket(SOSPeerInfoRef pi, CFErrorRef *error);
 187
 188 bool SOSPeerInfoRetireRetirementTicket(size_t max_days, SOSPeerInfoRef pi);
 189
 190 CF_RETURNS_RETAINED CFDateRef SOSPeerInfoGetRetirementDate(SOSPeerInfoRef pi);
 191
 192 bool SOSPeerInfoIsRetirementTicket(SOSPeerInfoRef pi);
 193
 194 bool SOSPeerInfoIsCloudIdentity(SOSPeerInfoRef pi);
 195
 196 CF_RETURNS_RETAINED SOSPeerInfoRef SOSPeerInfoUpgradeSignatures(CFAllocatorRef allocator, SecKeyRef privKey, SecKeyRef perKey, SOSPeerInfoRef peer, CFErrorRef *error);
 197
 198 SOSViewResultCode SOSPeerInfoViewStatus(SOSPeerInfoRef pi, CFStringRef view, CFErrorRef *error);
 199
 200 CFSetRef SOSPeerInfoGetPermittedViews(SOSPeerInfoRef peer);
 201 bool SOSPeerInfoIsEnabledView(SOSPeerInfoRef peer, CFStringRef viewName);
 202 CFMutableSetRef SOSPeerInfoCopyEnabledViews(SOSPeerInfoRef peer);
 203 void SOSPeerInfoWithEnabledViewSet(SOSPeerInfoRef pi, void (^operation)(CFSetRef enabled));
 204
 205 SOSSecurityPropertyResultCode SOSPeerInfoSecurityPropertyStatus(SOSPeerInfoRef pi, CFStringRef property, CFErrorRef *error);
 206
 207 //Transport
 208 CFBooleanRef SOSPeerInfoCopyIDSPreference(SOSPeerInfoRef peer);
 209 SOSPeerInfoRef SOSPeerInfoSetIDSPreference(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFBooleanRef preference, SecKeyRef signingKey, CFErrorRef *error);
 210
 211 CFBooleanRef SOSPeerInfoCopyIDSFragmentationPreference(SOSPeerInfoRef peer);
 212 CFBooleanRef SOSPeerInfoCopyIDSACKModelPreference(SOSPeerInfoRef peer);
 213 SOSPeerInfoRef SOSPeerInfoSetIDSFragmentationPreference(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFBooleanRef preference, SecKeyRef signingKey, CFErrorRef *error);
 214 SOSPeerInfoRef CF_RETURNS_RETAINED SOSPeerInfoSetIDSACKModelPreference(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFBooleanRef preference, SecKeyRef signingKey, CFErrorRef *error);
 215
 216 CFStringRef SOSPeerInfoCopyTransportType(SOSPeerInfoRef peer);
 217 bool SOSPeerInfoTransportTypeIs(SOSPeerInfoRef pi, CFStringRef transportType);
 218 SOSPeerInfoRef SOSPeerInfoSetTransportType(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFStringRef transportType, SecKeyRef signingKey, CFErrorRef *error);
 219 bool SOSPeerInfoKVSOnly(SOSPeerInfoRef pi);
 220
 221 // IDSs device ID
 222 bool SOSPeerInfoHasDeviceID(SOSPeerInfoRef peer);
 223 CFStringRef SOSPeerInfoCopyDeviceID(SOSPeerInfoRef peer);
 224 SOSPeerInfoRef SOSPeerInfoSetDeviceID(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFStringRef IDS, SecKeyRef signingKey, CFErrorRef *error);
 225
 226 /* octagon keys */
 227 SOSPeerInfoRef CF_RETURNS_RETAINED
 228 SOSPeerInfoSetOctagonSigningKey(CFAllocatorRef allocator,
 229                                 SOSPeerInfoRef toCopy,
 230                                 SecKeyRef octagonSigningKey,
 231                                 SecKeyRef signingKey,
 232                                 CFErrorRef *error);
 233
 234 SOSPeerInfoRef CF_RETURNS_RETAINED
 235 SOSPeerInfoSetOctagonEncryptionKey(CFAllocatorRef allocator,
 236                                  SOSPeerInfoRef toCopy,
 237                                  SecKeyRef octagonEncryptionKey,
 238                                  SecKeyRef signingKey,
 239                                  CFErrorRef *error);
 240
 241
 242 CFStringRef SOSPeerInfoCopySerialNumber(SOSPeerInfoRef pi);
 243 CFStringRef SOSPeerInfoCopyOSVersion(SOSPeerInfoRef pi);
 244
 245
 246 bool SOSPeerInfoShouldUseIDSTransport(SOSPeerInfoRef myPeer, SOSPeerInfoRef theirPeer);
 247 bool SOSPeerInfoShouldUseIDSMessageFragmentation(SOSPeerInfoRef myPeer, SOSPeerInfoRef theirPeer);
 248 bool SOSPeerInfoShouldUseACKModel(SOSPeerInfoRef myPeer, SOSPeerInfoRef theirPeer);
 249
 250 void SOSPeerInfoLogState(char *category, SOSPeerInfoRef pi, SecKeyRef pubKey, CFStringRef myPID, char sigchr);
 251
 252 enum {
 253     SOSPeerInfo_unknown = 0,
 254     SOSPeerInfo_iCloud = 1,
 255     SOSPeerInfo_iOS = 2,
 256     SOSPeerInfo_macOS = 3,
 257     SOSPeerInfo_watchOS = 4,
 258     SOSPeerInfo_tvOS = 5,
 259 };
 260 typedef uint32_t SOSPeerInfoDeviceClass;
 261
 262 SOSPeerInfoDeviceClass SOSPeerInfoGetClass(SOSPeerInfoRef pi);
 263
 264 __END_DECLS
 265
 266 #endif