]> git.saurik.com Git - apple/security.git/blob - OSX/sec/SOSCircle/SecureObjectSync/SOSPeerInfo.h
Security-58286.41.2.tar.gz
[apple/security.git] / OSX / sec / SOSCircle / SecureObjectSync / SOSPeerInfo.h
1 /*
2 * Copyright (c) 2012-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 #ifndef _SOSPEERINFO_H_
26 #define _SOSPEERINFO_H_
27
28 #include <CoreFoundation/CoreFoundation.h>
29 #include <Security/SecKey.h>
30 #include <CommonCrypto/CommonDigestSPI.h>
31 #include <corecrypto/ccdigest.h>
32
33 #include <Security/SecureObjectSync/SOSTypes.h>
34
35 __BEGIN_DECLS
36
37 typedef struct __OpaqueSOSPeerInfo *SOSPeerInfoRef;
38
39 // Bumped to 3 from 2 so we can identify pre-iCDP peers and add the proper views.
40 #define PEERINFO_CURRENT_VERSION 3
41
42 enum {
43 kSOSPeerVersion = 2,
44 kSOSPeerV2BaseVersion = 2,
45 };
46
47
48 enum {
49 SOSPeerCmpPubKeyHash = 0,
50 SOSPeerCmpName = 1,
51 };
52 typedef uint32_t SOSPeerInfoCmpSelect;
53
54 CFTypeID SOSPeerInfoGetTypeID(void);
55
56 static inline bool isSOSPeerInfo(CFTypeRef obj) {
57 return obj && (CFGetTypeID(obj) == SOSPeerInfoGetTypeID());
58 }
59
60 static inline SOSPeerInfoRef asSOSPeerInfo(CFTypeRef obj) {
61 return isSOSPeerInfo(obj) ? (SOSPeerInfoRef) obj : NULL;
62 }
63
64 SOSPeerInfoRef SOSPeerInfoCreate(CFAllocatorRef allocator, CFDictionaryRef gestalt, CFDataRef backup_key, SecKeyRef signingKey, SecKeyRef octagonSigningKey, SecKeyRef octagonPeerEncryptionKey, CFErrorRef* error);
65
66 SOSPeerInfoRef SOSPeerInfoCreateWithTransportAndViews(CFAllocatorRef allocator, CFDictionaryRef gestalt, CFDataRef backup_key,
67 CFStringRef IDSID, CFStringRef transportType, CFBooleanRef preferIDS,
68 CFBooleanRef preferFragmentation, CFBooleanRef preferAckModel, CFSetRef enabledViews, SecKeyRef signingKey, SecKeyRef octagonSigningKey, SecKeyRef octagonPeerEncryptionKey, CFErrorRef* error);
69
70 SOSPeerInfoRef SOSPeerInfoCreateCloudIdentity(CFAllocatorRef allocator, CFDictionaryRef gestalt, SecKeyRef signingKey, CFErrorRef* error);
71
72 SOSPeerInfoRef SOSPeerInfoCreateCopy(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFErrorRef* error);
73 SOSPeerInfoRef SOSPeerInfoCreateCurrentCopy(CFAllocatorRef allocator, SOSPeerInfoRef toCopy,
74 CFStringRef IDSID, CFStringRef transportType, CFBooleanRef preferIDS, CFBooleanRef preferFragmentation, CFBooleanRef preferAckModel, CFSetRef enabledViews,
75 SecKeyRef signingKey, CFErrorRef* error);
76 bool SOSPeerInfoVersionIsCurrent(SOSPeerInfoRef pi);
77 bool SOSPeerInfoVersionHasV2Data(SOSPeerInfoRef pi);
78 SOSPeerInfoRef SOSPeerInfoCopyWithGestaltUpdate(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFDictionaryRef gestalt, SecKeyRef signingKey, CFErrorRef* error);
79 SOSPeerInfoRef SOSPeerInfoCopyWithBackupKeyUpdate(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFDataRef backupKey, SecKeyRef signingKey, CFErrorRef* error);
80 SOSPeerInfoRef SOSPeerInfoCopyWithEscrowRecordUpdate(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFStringRef dsid, CFDictionaryRef escrowRecord, SecKeyRef signingKey, CFErrorRef *error);
81 SOSPeerInfoRef SOSPeerInfoCopyWithReplacedEscrowRecords(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFDictionaryRef escrowRecords, SecKeyRef signingKey, CFErrorRef *error);
82
83
84 SOSPeerInfoRef SOSPeerInfoCopyWithViewsChange(CFAllocatorRef allocator, SOSPeerInfoRef toCopy,
85 SOSViewActionCode action, CFStringRef viewname, SOSViewResultCode *retval,
86 SecKeyRef signingKey, CFErrorRef* error);
87 SOSPeerInfoRef SOSPeerInfoCopyAsApplication(SOSPeerInfoRef pi, SecKeyRef userkey, SecKeyRef peerkey, CFErrorRef *error);
88
89 SOSPeerInfoRef SOSPeerInfoCopyWithSecurityPropertyChange(CFAllocatorRef allocator, SOSPeerInfoRef toCopy,
90 SOSSecurityPropertyActionCode action, CFStringRef property, SOSSecurityPropertyResultCode *retval,
91 SecKeyRef signingKey, CFErrorRef* error);
92
93 SOSPeerInfoRef SOSPeerInfoCopyWithPing(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, SecKeyRef signingKey, CFErrorRef* error);
94 SOSPeerInfoRef SOSPeerInfoCopyAsApplication(SOSPeerInfoRef pi, SecKeyRef userkey, SecKeyRef peerkey, CFErrorRef *error);
95
96 bool SOSPeerInfoUpdateDigestWithPublicKeyBytes(SOSPeerInfoRef peer, const struct ccdigest_info *di,
97 ccdigest_ctx_t ctx, CFErrorRef *error);
98 bool SOSPeerInfoUpdateDigestWithDescription(SOSPeerInfoRef peer, const struct ccdigest_info *di,
99 ccdigest_ctx_t ctx, CFErrorRef *error);
100
101
102 bool SOSPeerInfoApplicationVerify(SOSPeerInfoRef pi, SecKeyRef userkey, CFErrorRef *error);
103
104 CF_RETURNS_RETAINED CFDateRef SOSPeerInfoGetApplicationDate(SOSPeerInfoRef pi);
105
106 //
107 // DER Import Export
108 //
109 SOSPeerInfoRef SOSPeerInfoCreateFromDER(CFAllocatorRef allocator, CFErrorRef* error,
110 const uint8_t** der_p, const uint8_t *der_end);
111
112 SOSPeerInfoRef SOSPeerInfoCreateFromData(CFAllocatorRef allocator, CFErrorRef* error,
113 CFDataRef peerinfo_data);
114
115 size_t SOSPeerInfoGetDEREncodedSize(SOSPeerInfoRef peer, CFErrorRef *error);
116 uint8_t* SOSPeerInfoEncodeToDER(SOSPeerInfoRef peer, CFErrorRef* error,
117 const uint8_t* der, uint8_t* der_end);
118
119 CFDataRef SOSPeerInfoCopyEncodedData(SOSPeerInfoRef peer, CFAllocatorRef allocator, CFErrorRef *error);
120
121 //
122 // Transfered Data
123 //
124 bool SOSPeerInfoHasBackupKey(SOSPeerInfoRef peer);
125 CFDataRef SOSPeerInfoCopyBackupKey(SOSPeerInfoRef peer);
126 CFMutableDictionaryRef SOSPeerInfoCopyEscrowRecord(SOSPeerInfoRef peer);
127
128 //
129 // DER Import Export
130 //
131 SOSPeerInfoRef SOSPeerInfoCreateFromDER(CFAllocatorRef allocator, CFErrorRef* error,
132 const uint8_t** der_p, const uint8_t *der_end);
133
134 SOSPeerInfoRef SOSPeerInfoCreateFromData(CFAllocatorRef allocator, CFErrorRef* error,
135 CFDataRef peerinfo_data);
136
137 size_t SOSPeerInfoGetDEREncodedSize(SOSPeerInfoRef peer, CFErrorRef *error);
138 uint8_t* SOSPeerInfoEncodeToDER(SOSPeerInfoRef peer, CFErrorRef* error,
139 const uint8_t* der, uint8_t* der_end);
140
141 CFDataRef SOSPeerInfoCopyEncodedData(SOSPeerInfoRef peer, CFAllocatorRef allocator, CFErrorRef *error);
142
143 //
144 // Gestalt info about the peer. It was fetched by the implementation on the other side.
145 // probably has what you're looking for..
146 //
147 CFTypeRef SOSPeerInfoLookupGestaltValue(SOSPeerInfoRef pi, CFStringRef key);
148 CFDictionaryRef SOSPeerInfoCopyPeerGestalt(SOSPeerInfoRef pi);
149 CFDictionaryRef SOSPeerGetGestalt(SOSPeerInfoRef pi);
150 CFStringRef SOSPeerInfoGetPeerName(SOSPeerInfoRef peer);
151
152 //
153 // Syntactic Sugar for some commone ones, might get deprectated at this level.
154 //
155
156 CFStringRef SOSPeerInfoGetPeerDeviceType(SOSPeerInfoRef peer);
157 CFIndex SOSPeerInfoGetPeerProtocolVersion(SOSPeerInfoRef peer);
158
159
160 // Stringified ID for this peer, not human readable.
161 CFStringRef SOSPeerInfoGetPeerID(SOSPeerInfoRef peer);
162 bool SOSPeerInfoPeerIDEqual(SOSPeerInfoRef pi, CFStringRef myPeerID);
163
164 CFIndex SOSPeerInfoGetVersion(SOSPeerInfoRef peer);
165
166 //
167 // Peer Info Gestalt Helpers
168 //
169 CFStringRef SOSPeerGestaltGetName(CFDictionaryRef gestalt);
170
171 // These are Mobile Gestalt questions. Not all Gestalt questions are carried.
172 CFTypeRef SOSPeerGestaltGetAnswer(CFDictionaryRef gestalt, CFStringRef question);
173
174 SecKeyRef SOSPeerInfoCopyPubKey(SOSPeerInfoRef peer, CFErrorRef *error);
175 SecKeyRef SOSPeerInfoCopyOctagonSigningPublicKey(SOSPeerInfoRef peer, CFErrorRef* error);
176 SecKeyRef SOSPeerInfoCopyOctagonEncryptionPublicKey(SOSPeerInfoRef peer, CFErrorRef* error);
177 bool SOSPeerInfoHasOctagonSigningPubKey(SOSPeerInfoRef peer);
178 bool SOSPeerInfoHasOctagonEncryptionPubKey(SOSPeerInfoRef peer);
179
180 CFDataRef SOSPeerInfoGetAutoAcceptInfo(SOSPeerInfoRef peer);
181
182 CFComparisonResult SOSPeerInfoCompareByID(const void *val1, const void *val2, void *context);
183
184 SOSPeerInfoRef SOSPeerInfoCreateRetirementTicket(CFAllocatorRef allocator, SecKeyRef privKey, SOSPeerInfoRef peer, CFErrorRef *error);
185
186 CFStringRef SOSPeerInfoInspectRetirementTicket(SOSPeerInfoRef pi, CFErrorRef *error);
187
188 bool SOSPeerInfoRetireRetirementTicket(size_t max_days, SOSPeerInfoRef pi);
189
190 CF_RETURNS_RETAINED CFDateRef SOSPeerInfoGetRetirementDate(SOSPeerInfoRef pi);
191
192 bool SOSPeerInfoIsRetirementTicket(SOSPeerInfoRef pi);
193
194 bool SOSPeerInfoIsCloudIdentity(SOSPeerInfoRef pi);
195
196 SOSPeerInfoRef SOSPeerInfoUpgradeSignatures(CFAllocatorRef allocator, SecKeyRef privKey, SecKeyRef perKey, SOSPeerInfoRef peer, CFErrorRef *error);
197
198 SOSViewResultCode SOSPeerInfoViewStatus(SOSPeerInfoRef pi, CFStringRef view, CFErrorRef *error);
199
200 CFSetRef SOSPeerInfoGetPermittedViews(SOSPeerInfoRef peer);
201 bool SOSPeerInfoIsEnabledView(SOSPeerInfoRef peer, CFStringRef viewName);
202 CFMutableSetRef SOSPeerInfoCopyEnabledViews(SOSPeerInfoRef peer);
203 void SOSPeerInfoWithEnabledViewSet(SOSPeerInfoRef pi, void (^operation)(CFSetRef enabled));
204
205 SOSSecurityPropertyResultCode SOSPeerInfoSecurityPropertyStatus(SOSPeerInfoRef pi, CFStringRef property, CFErrorRef *error);
206
207 //Transport
208 CFBooleanRef SOSPeerInfoCopyIDSPreference(SOSPeerInfoRef peer);
209 SOSPeerInfoRef SOSPeerInfoSetIDSPreference(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFBooleanRef preference, SecKeyRef signingKey, CFErrorRef *error);
210
211 CFBooleanRef SOSPeerInfoCopyIDSFragmentationPreference(SOSPeerInfoRef peer);
212 CFBooleanRef SOSPeerInfoCopyIDSACKModelPreference(SOSPeerInfoRef peer);
213 SOSPeerInfoRef SOSPeerInfoSetIDSFragmentationPreference(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFBooleanRef preference, SecKeyRef signingKey, CFErrorRef *error);
214 SOSPeerInfoRef SOSPeerInfoSetIDSACKModelPreference(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFBooleanRef preference, SecKeyRef signingKey, CFErrorRef *error);
215
216 CFStringRef SOSPeerInfoCopyTransportType(SOSPeerInfoRef peer);
217 bool SOSPeerInfoTransportTypeIs(SOSPeerInfoRef pi, CFStringRef transportType);
218 SOSPeerInfoRef SOSPeerInfoSetTransportType(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFStringRef transportType, SecKeyRef signingKey, CFErrorRef *error);
219 bool SOSPeerInfoKVSOnly(SOSPeerInfoRef pi);
220
221 // IDSs device ID
222 bool SOSPeerInfoHasDeviceID(SOSPeerInfoRef peer);
223 CFStringRef SOSPeerInfoCopyDeviceID(SOSPeerInfoRef peer);
224 SOSPeerInfoRef SOSPeerInfoSetDeviceID(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFStringRef IDS, SecKeyRef signingKey, CFErrorRef *error);
225
226 /* octagon keys */
227 SOSPeerInfoRef CF_RETURNS_RETAINED
228 SOSPeerInfoSetOctagonSigningKey(CFAllocatorRef allocator,
229 SOSPeerInfoRef toCopy,
230 SecKeyRef octagonSigningKey,
231 SecKeyRef signingKey,
232 CFErrorRef *error);
233
234 SOSPeerInfoRef CF_RETURNS_RETAINED
235 SOSPeerInfoSetOctagonEncryptionKey(CFAllocatorRef allocator,
236 SOSPeerInfoRef toCopy,
237 SecKeyRef octagonEncryptionKey,
238 SecKeyRef signingKey,
239 CFErrorRef *error);
240
241
242 CFStringRef SOSPeerInfoCopySerialNumber(SOSPeerInfoRef pi);
243 CFStringRef SOSPeerInfoCopyOSVersion(SOSPeerInfoRef pi);
244
245
246 bool SOSPeerInfoShouldUseIDSTransport(SOSPeerInfoRef myPeer, SOSPeerInfoRef theirPeer);
247 bool SOSPeerInfoShouldUseIDSMessageFragmentation(SOSPeerInfoRef myPeer, SOSPeerInfoRef theirPeer);
248 bool SOSPeerInfoShouldUseACKModel(SOSPeerInfoRef myPeer, SOSPeerInfoRef theirPeer);
249
250 void SOSPeerInfoLogState(char *category, SOSPeerInfoRef pi, SecKeyRef pubKey, CFStringRef myPID, char sigchr);
251
252 enum {
253 SOSPeerInfo_unknown = 0,
254 SOSPeerInfo_iCloud = 1,
255 SOSPeerInfo_iOS = 2,
256 SOSPeerInfo_macOS = 3,
257 SOSPeerInfo_watchOS = 4,
258 SOSPeerInfo_tvOS = 5,
259 };
260 typedef uint32_t SOSPeerInfoDeviceClass;
261
262 SOSPeerInfoDeviceClass SOSPeerInfoGetClass(SOSPeerInfoRef pi);
263
264 __END_DECLS
265
266 #endif