2 * Copyright (c) 2012-2014 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 #ifndef _SOSPEERINFO_H_
26 #define _SOSPEERINFO_H_
28 #include <CoreFoundation/CoreFoundation.h>
29 #include <Security/SecKey.h>
30 #include <CommonCrypto/CommonDigestSPI.h>
31 #include <corecrypto/ccdigest.h>
33 #include <Security/SecureObjectSync/SOSTypes.h>
37 typedef struct __OpaqueSOSPeerInfo
*SOSPeerInfoRef
;
39 // Bumped to 3 from 2 so we can identify pre-iCDP peers and add the proper views.
40 #define PEERINFO_CURRENT_VERSION 3
44 kSOSPeerV2BaseVersion
= 2,
49 SOSPeerCmpPubKeyHash
= 0,
52 typedef uint32_t SOSPeerInfoCmpSelect
;
54 CFTypeID
SOSPeerInfoGetTypeID(void);
56 static inline bool isSOSPeerInfo(CFTypeRef obj
) {
57 return obj
&& (CFGetTypeID(obj
) == SOSPeerInfoGetTypeID());
60 static inline SOSPeerInfoRef
asSOSPeerInfo(CFTypeRef obj
) {
61 return isSOSPeerInfo(obj
) ? (SOSPeerInfoRef
) obj
: NULL
;
64 SOSPeerInfoRef
SOSPeerInfoCreate(CFAllocatorRef allocator
, CFDictionaryRef gestalt
, CFDataRef backup_key
, SecKeyRef signingKey
, SecKeyRef octagonSigningKey
, SecKeyRef octagonPeerEncryptionKey
, CFErrorRef
* error
);
66 SOSPeerInfoRef
SOSPeerInfoCreateWithTransportAndViews(CFAllocatorRef allocator
, CFDictionaryRef gestalt
, CFDataRef backup_key
,
67 CFStringRef IDSID
, CFStringRef transportType
, CFBooleanRef preferIDS
,
68 CFBooleanRef preferFragmentation
, CFBooleanRef preferAckModel
, CFSetRef enabledViews
, SecKeyRef signingKey
, SecKeyRef octagonSigningKey
, SecKeyRef octagonPeerEncryptionKey
, CFErrorRef
* error
);
70 SOSPeerInfoRef
SOSPeerInfoCreateCloudIdentity(CFAllocatorRef allocator
, CFDictionaryRef gestalt
, SecKeyRef signingKey
, CFErrorRef
* error
);
72 SOSPeerInfoRef
SOSPeerInfoCreateCopy(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
, CFErrorRef
* error
);
73 SOSPeerInfoRef
SOSPeerInfoCreateCurrentCopy(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
,
74 CFStringRef IDSID
, CFStringRef transportType
, CFBooleanRef preferIDS
, CFBooleanRef preferFragmentation
, CFBooleanRef preferAckModel
, CFSetRef enabledViews
,
75 SecKeyRef signingKey
, CFErrorRef
* error
);
76 bool SOSPeerInfoVersionIsCurrent(SOSPeerInfoRef pi
);
77 bool SOSPeerInfoVersionHasV2Data(SOSPeerInfoRef pi
);
78 SOSPeerInfoRef
SOSPeerInfoCopyWithGestaltUpdate(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
, CFDictionaryRef gestalt
, SecKeyRef signingKey
, CFErrorRef
* error
);
79 SOSPeerInfoRef
SOSPeerInfoCopyWithBackupKeyUpdate(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
, CFDataRef backupKey
, SecKeyRef signingKey
, CFErrorRef
* error
);
80 SOSPeerInfoRef
SOSPeerInfoCopyWithEscrowRecordUpdate(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
, CFStringRef dsid
, CFDictionaryRef escrowRecord
, SecKeyRef signingKey
, CFErrorRef
*error
);
81 SOSPeerInfoRef
SOSPeerInfoCopyWithReplacedEscrowRecords(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
, CFDictionaryRef escrowRecords
, SecKeyRef signingKey
, CFErrorRef
*error
);
84 SOSPeerInfoRef
SOSPeerInfoCopyWithViewsChange(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
,
85 SOSViewActionCode action
, CFStringRef viewname
, SOSViewResultCode
*retval
,
86 SecKeyRef signingKey
, CFErrorRef
* error
);
87 SOSPeerInfoRef
SOSPeerInfoCopyAsApplication(SOSPeerInfoRef pi
, SecKeyRef userkey
, SecKeyRef peerkey
, CFErrorRef
*error
);
89 SOSPeerInfoRef
SOSPeerInfoCopyWithSecurityPropertyChange(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
,
90 SOSSecurityPropertyActionCode action
, CFStringRef property
, SOSSecurityPropertyResultCode
*retval
,
91 SecKeyRef signingKey
, CFErrorRef
* error
);
93 SOSPeerInfoRef
SOSPeerInfoCopyWithPing(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
, SecKeyRef signingKey
, CFErrorRef
* error
);
94 SOSPeerInfoRef
SOSPeerInfoCopyAsApplication(SOSPeerInfoRef pi
, SecKeyRef userkey
, SecKeyRef peerkey
, CFErrorRef
*error
);
96 bool SOSPeerInfoUpdateDigestWithPublicKeyBytes(SOSPeerInfoRef peer
, const struct ccdigest_info
*di
,
97 ccdigest_ctx_t ctx
, CFErrorRef
*error
);
98 bool SOSPeerInfoUpdateDigestWithDescription(SOSPeerInfoRef peer
, const struct ccdigest_info
*di
,
99 ccdigest_ctx_t ctx
, CFErrorRef
*error
);
102 bool SOSPeerInfoApplicationVerify(SOSPeerInfoRef pi
, SecKeyRef userkey
, CFErrorRef
*error
);
104 CF_RETURNS_RETAINED CFDateRef
SOSPeerInfoGetApplicationDate(SOSPeerInfoRef pi
);
109 SOSPeerInfoRef
SOSPeerInfoCreateFromDER(CFAllocatorRef allocator
, CFErrorRef
* error
,
110 const uint8_t** der_p
, const uint8_t *der_end
);
112 SOSPeerInfoRef
SOSPeerInfoCreateFromData(CFAllocatorRef allocator
, CFErrorRef
* error
,
113 CFDataRef peerinfo_data
);
115 size_t SOSPeerInfoGetDEREncodedSize(SOSPeerInfoRef peer
, CFErrorRef
*error
);
116 uint8_t* SOSPeerInfoEncodeToDER(SOSPeerInfoRef peer
, CFErrorRef
* error
,
117 const uint8_t* der
, uint8_t* der_end
);
119 CFDataRef
SOSPeerInfoCopyEncodedData(SOSPeerInfoRef peer
, CFAllocatorRef allocator
, CFErrorRef
*error
);
124 bool SOSPeerInfoHasBackupKey(SOSPeerInfoRef peer
);
125 CFDataRef
SOSPeerInfoCopyBackupKey(SOSPeerInfoRef peer
);
126 CFMutableDictionaryRef
SOSPeerInfoCopyEscrowRecord(SOSPeerInfoRef peer
);
131 SOSPeerInfoRef
SOSPeerInfoCreateFromDER(CFAllocatorRef allocator
, CFErrorRef
* error
,
132 const uint8_t** der_p
, const uint8_t *der_end
);
134 SOSPeerInfoRef
SOSPeerInfoCreateFromData(CFAllocatorRef allocator
, CFErrorRef
* error
,
135 CFDataRef peerinfo_data
);
137 size_t SOSPeerInfoGetDEREncodedSize(SOSPeerInfoRef peer
, CFErrorRef
*error
);
138 uint8_t* SOSPeerInfoEncodeToDER(SOSPeerInfoRef peer
, CFErrorRef
* error
,
139 const uint8_t* der
, uint8_t* der_end
);
141 CFDataRef
SOSPeerInfoCopyEncodedData(SOSPeerInfoRef peer
, CFAllocatorRef allocator
, CFErrorRef
*error
);
144 // Gestalt info about the peer. It was fetched by the implementation on the other side.
145 // probably has what you're looking for..
147 CFTypeRef
SOSPeerInfoLookupGestaltValue(SOSPeerInfoRef pi
, CFStringRef key
);
148 CFDictionaryRef
SOSPeerInfoCopyPeerGestalt(SOSPeerInfoRef pi
);
149 CFDictionaryRef
SOSPeerGetGestalt(SOSPeerInfoRef pi
);
150 CFStringRef
SOSPeerInfoGetPeerName(SOSPeerInfoRef peer
);
153 // Syntactic Sugar for some commone ones, might get deprectated at this level.
156 CFStringRef
SOSPeerInfoGetPeerDeviceType(SOSPeerInfoRef peer
);
157 CFIndex
SOSPeerInfoGetPeerProtocolVersion(SOSPeerInfoRef peer
);
160 // Stringified ID for this peer, not human readable.
161 CFStringRef
SOSPeerInfoGetPeerID(SOSPeerInfoRef peer
);
162 bool SOSPeerInfoPeerIDEqual(SOSPeerInfoRef pi
, CFStringRef myPeerID
);
164 CFIndex
SOSPeerInfoGetVersion(SOSPeerInfoRef peer
);
167 // Peer Info Gestalt Helpers
169 CFStringRef
SOSPeerGestaltGetName(CFDictionaryRef gestalt
);
171 // These are Mobile Gestalt questions. Not all Gestalt questions are carried.
172 CFTypeRef
SOSPeerGestaltGetAnswer(CFDictionaryRef gestalt
, CFStringRef question
);
174 SecKeyRef
SOSPeerInfoCopyPubKey(SOSPeerInfoRef peer
, CFErrorRef
*error
);
175 SecKeyRef
SOSPeerInfoCopyOctagonSigningPublicKey(SOSPeerInfoRef peer
, CFErrorRef
* error
);
176 SecKeyRef
SOSPeerInfoCopyOctagonEncryptionPublicKey(SOSPeerInfoRef peer
, CFErrorRef
* error
);
177 bool SOSPeerInfoHasOctagonSigningPubKey(SOSPeerInfoRef peer
);
178 bool SOSPeerInfoHasOctagonEncryptionPubKey(SOSPeerInfoRef peer
);
180 CFDataRef
SOSPeerInfoGetAutoAcceptInfo(SOSPeerInfoRef peer
);
182 CFComparisonResult
SOSPeerInfoCompareByID(const void *val1
, const void *val2
, void *context
);
184 SOSPeerInfoRef
SOSPeerInfoCreateRetirementTicket(CFAllocatorRef allocator
, SecKeyRef privKey
, SOSPeerInfoRef peer
, CFErrorRef
*error
);
186 CFStringRef
SOSPeerInfoInspectRetirementTicket(SOSPeerInfoRef pi
, CFErrorRef
*error
);
188 bool SOSPeerInfoRetireRetirementTicket(size_t max_days
, SOSPeerInfoRef pi
);
190 CF_RETURNS_RETAINED CFDateRef
SOSPeerInfoGetRetirementDate(SOSPeerInfoRef pi
);
192 bool SOSPeerInfoIsRetirementTicket(SOSPeerInfoRef pi
);
194 bool SOSPeerInfoIsCloudIdentity(SOSPeerInfoRef pi
);
196 SOSPeerInfoRef
SOSPeerInfoUpgradeSignatures(CFAllocatorRef allocator
, SecKeyRef privKey
, SecKeyRef perKey
, SOSPeerInfoRef peer
, CFErrorRef
*error
);
198 SOSViewResultCode
SOSPeerInfoViewStatus(SOSPeerInfoRef pi
, CFStringRef view
, CFErrorRef
*error
);
200 CFSetRef
SOSPeerInfoGetPermittedViews(SOSPeerInfoRef peer
);
201 bool SOSPeerInfoIsEnabledView(SOSPeerInfoRef peer
, CFStringRef viewName
);
202 CFMutableSetRef
SOSPeerInfoCopyEnabledViews(SOSPeerInfoRef peer
);
203 void SOSPeerInfoWithEnabledViewSet(SOSPeerInfoRef pi
, void (^operation
)(CFSetRef enabled
));
205 SOSSecurityPropertyResultCode
SOSPeerInfoSecurityPropertyStatus(SOSPeerInfoRef pi
, CFStringRef property
, CFErrorRef
*error
);
208 CFBooleanRef
SOSPeerInfoCopyIDSPreference(SOSPeerInfoRef peer
);
209 SOSPeerInfoRef
SOSPeerInfoSetIDSPreference(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
, CFBooleanRef preference
, SecKeyRef signingKey
, CFErrorRef
*error
);
211 CFBooleanRef
SOSPeerInfoCopyIDSFragmentationPreference(SOSPeerInfoRef peer
);
212 CFBooleanRef
SOSPeerInfoCopyIDSACKModelPreference(SOSPeerInfoRef peer
);
213 SOSPeerInfoRef
SOSPeerInfoSetIDSFragmentationPreference(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
, CFBooleanRef preference
, SecKeyRef signingKey
, CFErrorRef
*error
);
214 SOSPeerInfoRef
SOSPeerInfoSetIDSACKModelPreference(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
, CFBooleanRef preference
, SecKeyRef signingKey
, CFErrorRef
*error
);
216 CFStringRef
SOSPeerInfoCopyTransportType(SOSPeerInfoRef peer
);
217 bool SOSPeerInfoTransportTypeIs(SOSPeerInfoRef pi
, CFStringRef transportType
);
218 SOSPeerInfoRef
SOSPeerInfoSetTransportType(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
, CFStringRef transportType
, SecKeyRef signingKey
, CFErrorRef
*error
);
219 bool SOSPeerInfoKVSOnly(SOSPeerInfoRef pi
);
222 bool SOSPeerInfoHasDeviceID(SOSPeerInfoRef peer
);
223 CFStringRef
SOSPeerInfoCopyDeviceID(SOSPeerInfoRef peer
);
224 SOSPeerInfoRef
SOSPeerInfoSetDeviceID(CFAllocatorRef allocator
, SOSPeerInfoRef toCopy
, CFStringRef IDS
, SecKeyRef signingKey
, CFErrorRef
*error
);
227 SOSPeerInfoRef CF_RETURNS_RETAINED
228 SOSPeerInfoSetOctagonSigningKey(CFAllocatorRef allocator
,
229 SOSPeerInfoRef toCopy
,
230 SecKeyRef octagonSigningKey
,
231 SecKeyRef signingKey
,
234 SOSPeerInfoRef CF_RETURNS_RETAINED
235 SOSPeerInfoSetOctagonEncryptionKey(CFAllocatorRef allocator
,
236 SOSPeerInfoRef toCopy
,
237 SecKeyRef octagonEncryptionKey
,
238 SecKeyRef signingKey
,
242 CFStringRef
SOSPeerInfoCopySerialNumber(SOSPeerInfoRef pi
);
243 CFStringRef
SOSPeerInfoCopyOSVersion(SOSPeerInfoRef pi
);
246 bool SOSPeerInfoShouldUseIDSTransport(SOSPeerInfoRef myPeer
, SOSPeerInfoRef theirPeer
);
247 bool SOSPeerInfoShouldUseIDSMessageFragmentation(SOSPeerInfoRef myPeer
, SOSPeerInfoRef theirPeer
);
248 bool SOSPeerInfoShouldUseACKModel(SOSPeerInfoRef myPeer
, SOSPeerInfoRef theirPeer
);
250 void SOSPeerInfoLogState(char *category
, SOSPeerInfoRef pi
, SecKeyRef pubKey
, CFStringRef myPID
, char sigchr
);
253 SOSPeerInfo_unknown
= 0,
254 SOSPeerInfo_iCloud
= 1,
256 SOSPeerInfo_macOS
= 3,
257 SOSPeerInfo_watchOS
= 4,
258 SOSPeerInfo_tvOS
= 5,
260 typedef uint32_t SOSPeerInfoDeviceClass
;
262 SOSPeerInfoDeviceClass
SOSPeerInfoGetClass(SOSPeerInfoRef pi
);