]> git.saurik.com Git - apple/security.git/blob - OSX/sec/SOSCircle/SecureObjectSync/SOSCloudCircle.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57337.50.23.tar.gz
[apple/security.git] / OSX / sec / SOSCircle / SecureObjectSync / SOSCloudCircle.c
1 /*
2 * Copyright (c) 2012-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 //
25 // SOSCloudCircle.m
26 //
27
28 #include <stdio.h>
29 #include <AssertMacros.h>
30 #include <Security/SecureObjectSync/SOSCloudCircle.h>
31 #include <Security/SecureObjectSync/SOSCloudCircleInternal.h>
32 #include <Security/SecureObjectSync/SOSCircle.h>
33 #include <Security/SecureObjectSync/SOSAccount.h>
34 #include <Security/SecureObjectSync/SOSAccountPriv.h>
35 #include <Security/SecureObjectSync/SOSFullPeerInfo.h>
36 #include <Security/SecureObjectSync/SOSPeerInfoCollections.h>
37 #include <Security/SecureObjectSync/SOSInternal.h>
38 #include <Security/SecureObjectSync/SOSRing.h>
39 #include <Security/SecureObjectSync/SOSBackupSliceKeyBag.h>
40
41 #include <Security/SecKeyPriv.h>
42 #include <Security/SecFramework.h>
43 #include <CoreFoundation/CFXPCBridge.h>
44
45 #include <securityd/SecItemServer.h>
46
47 #include <utilities/SecDispatchRelease.h>
48 #include <utilities/SecCFRelease.h>
49 #include <utilities/SecCFWrappers.h>
50 #include <utilities/SecXPCError.h>
51
52 #include <utilities/debugging.h>
53
54 #include <CoreFoundation/CoreFoundation.h>
55
56 #include <xpc/xpc.h>
57 #define MINIMIZE_INCLUDES MINIMIZE_INCLUDES
58 #include <ipc/securityd_client.h>
59 #include <securityd/spi.h>
60
61 #include "SOSRegressionUtilities.h"
62 #include <Security/SecuritydXPC.h>
63 #include <SOSPeerInfoDER.h>
64 #include <SOSCloudKeychainClient.h>
65
66 const char * kSOSCCCircleChangedNotification = "com.apple.security.secureobjectsync.circlechanged";
67 const char * kSOSCCViewMembershipChangedNotification = "com.apple.security.secureobjectsync.viewschanged";
68 const char * kSOSCCInitialSyncChangedNotification = "com.apple.security.secureobjectsync.initialsyncchanged";
69 const char * kSOSCCHoldLockForInitialSync = "com.apple.security.secureobjectsync.holdlock";
70 const char * kSOSCCPeerAvailable = "com.apple.security.secureobjectsync.peeravailable";
71
72 #define do_if_registered(sdp, ...) if (gSecurityd && gSecurityd->sdp) { return gSecurityd->sdp(__VA_ARGS__); }
73
74 static bool xpc_dictionary_entry_is_type(xpc_object_t dictionary, const char *key, xpc_type_t type)
75 {
76 xpc_object_t value = xpc_dictionary_get_value(dictionary, key);
77
78 return value && (xpc_get_type(value) == type);
79 }
80
81 SOSCCStatus SOSCCThisDeviceIsInCircle(CFErrorRef *error)
82 {
83 sec_trace_enter_api(NULL);
84 sec_trace_return_api(SOSCCStatus, ^{
85 SOSCCStatus result = kSOSCCError;
86
87 do_if_registered(soscc_ThisDeviceIsInCircle, error);
88
89 xpc_object_t message = securityd_create_message(kSecXPCOpDeviceInCircle, error);
90 if (message) {
91 xpc_object_t response = securityd_message_with_reply_sync(message, error);
92
93 if (response && xpc_dictionary_entry_is_type(response, kSecXPCKeyResult, XPC_TYPE_INT64)) {
94 result = (SOSCCStatus) xpc_dictionary_get_int64(response, kSecXPCKeyResult);
95 } else {
96 result = kSOSCCError;
97 }
98
99 if (result < 0) {
100 if (response && securityd_message_no_error(response, error))
101 {
102 char *desc = xpc_copy_description(response);
103 SecCFCreateErrorWithFormat(0, sSecXPCErrorDomain, NULL, error, NULL, CFSTR("Remote error occurred/no info: %s"), desc);
104 free((void *)desc);
105 }
106 }
107 if(response)
108 xpc_release(response);
109 if(message)
110 xpc_release(message);
111 }
112
113
114 return result;
115 }, CFSTR("SOSCCStatus=%d"))
116 }
117
118 static bool cfstring_to_error_request(enum SecXPCOperation op, CFStringRef string, CFErrorRef* error)
119 {
120 __block bool result = false;
121
122 secdebug("sosops","enter - operation: %d", op);
123 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
124 xpc_object_t xString = _CFXPCCreateXPCObjectFromCFObject(string);
125 bool success = false;
126 if (xString){
127 xpc_dictionary_set_value(message, kSecXPCKeyString, xString);
128 success = true;
129 xpc_release(xString);
130 }
131 return success;
132 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
133 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
134 return result;
135 });
136 return result;
137 }
138
139 static SOSRingStatus cfstring_to_uint64_request(enum SecXPCOperation op, CFStringRef string, CFErrorRef* error)
140 {
141 __block bool result = false;
142
143 secdebug("sosops","enter - operation: %d", op);
144 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
145 xpc_object_t xString = _CFXPCCreateXPCObjectFromCFObject(string);
146 bool success = false;
147 if (xString){
148 xpc_dictionary_set_value(message, kSecXPCKeyString, xString);
149 success = true;
150 xpc_release(xString);
151 }
152 return success;
153 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
154 result = xpc_dictionary_get_int64(response, kSecXPCKeyResult);
155 return result;
156 });
157 return result;
158 }
159
160 static CFStringRef simple_cfstring_error_request(enum SecXPCOperation op, CFErrorRef* error)
161 {
162 __block CFStringRef result = NULL;
163
164 secdebug("sosops","enter - operation: %d", op);
165 securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
166 const char *c_string = xpc_dictionary_get_string(response, kSecXPCKeyResult);
167
168 if (c_string) {
169 result = CFStringCreateWithBytes(kCFAllocatorDefault, (const UInt8*)c_string, strlen(c_string), kCFStringEncodingUTF8, false);
170 }
171
172 return c_string != NULL;
173 });
174 return result;
175 }
176
177 static bool simple_bool_error_request(enum SecXPCOperation op, CFErrorRef* error)
178 {
179 __block bool result = false;
180
181 secdebug("sosops","enter - operation: %d", op);
182 securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
183 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
184 return result;
185 });
186 return result;
187 }
188
189 static bool escrow_to_bool_error_request(enum SecXPCOperation op, CFStringRef escrow_label, uint64_t tries, CFErrorRef* error)
190 {
191 __block bool result = false;
192
193 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
194
195 bool success = false;
196 xpc_object_t xEscrowLabel = _CFXPCCreateXPCObjectFromCFObject(escrow_label);
197 if (xEscrowLabel){
198 xpc_dictionary_set_value(message, kSecXPCKeyEscrowLabel, xEscrowLabel);
199 success = true;
200 xpc_release(xEscrowLabel);
201 }
202 if(tries){
203 xpc_dictionary_set_int64(message, kSecXPCKeyTriesLabel, tries);
204 success = true;
205 }
206
207 return success;
208 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
209 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
210 return result;
211 });
212 return result;
213 }
214
215 static CFArrayRef simple_array_error_request(enum SecXPCOperation op, CFErrorRef* error)
216 {
217 __block CFArrayRef result = NULL;
218
219 secdebug("sosops","enter - operation: %d", op);
220 if (securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, CFErrorRef *error) {
221 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCKeyResult);
222 result = _CFXPCCreateCFObjectFromXPCObject(temp_result);
223 return result != NULL;
224 })) {
225 if (!isArray(result)) {
226 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected array, got: %@"), result);
227 CFReleaseNull(result);
228 }
229 }
230 return result;
231 }
232
233 static CFDictionaryRef strings_to_dictionary_error_request(enum SecXPCOperation op, CFErrorRef* error)
234 {
235 __block CFDictionaryRef result = NULL;
236
237 secdebug("sosops","enter - operation: %d", op);
238
239 if (securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, CFErrorRef *error) {
240 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCKeyResult);
241 if(temp_result)
242 result = _CFXPCCreateCFObjectFromXPCObject(temp_result);
243 return result != NULL;
244 })){
245
246 if (!isDictionary(result)) {
247 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected dictionary, got: %@"), result);
248 CFReleaseNull(result);
249 }
250
251 }
252 return result;
253 }
254
255 static int simple_int_error_request(enum SecXPCOperation op, CFErrorRef* error)
256 {
257 __block int result = 0;
258
259 secdebug("sosops","enter - operation: %d", op);
260 securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
261 int64_t temp_result = xpc_dictionary_get_int64(response, kSecXPCKeyResult);
262 if ((temp_result >= INT32_MIN) && (temp_result <= INT32_MAX)) {
263 result = (int)temp_result;
264 }
265 return result;
266 });
267 return result;
268 }
269
270 static SOSPeerInfoRef peer_info_error_request(enum SecXPCOperation op, CFErrorRef* error)
271 {
272 SOSPeerInfoRef result = NULL;
273 __block CFDataRef data = NULL;
274
275 secdebug("sosops","enter - operation: %d", op);
276 securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, CFErrorRef *error) {
277 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCKeyResult);
278 if (response && (NULL != temp_result)) {
279 data = _CFXPCCreateCFObjectFromXPCObject(temp_result);
280 }
281 return data != NULL;
282 });
283
284 if (!isData(data)) {
285 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected CFData, got: %@"), result);
286 }
287
288 if (data) {
289 result = SOSPeerInfoCreateFromData(kCFAllocatorDefault, error, data);
290 }
291 CFReleaseNull(data);
292 return result;
293 }
294
295 static CFDataRef data_to_error_request(enum SecXPCOperation op, CFErrorRef *error)
296 {
297 __block CFDataRef result = NULL;
298
299 secdebug("sosops", "enter -- operation: %d", op);
300 secdebug("sosops","enter - operation: %d", op);
301 securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, CFErrorRef *error) {
302 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCKeyResult);
303 if (response && (NULL != temp_result)) {
304 result = _CFXPCCreateCFObjectFromXPCObject(temp_result);
305 }
306 return result != NULL;
307 });
308
309 if (!isData(result)) {
310 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected CFData, got: %@"), result);
311 return NULL;
312 }
313
314 return result;
315 }
316
317 static CFArrayRef array_of_info_error_request(enum SecXPCOperation op, CFErrorRef* error)
318 {
319 __block CFArrayRef result = NULL;
320
321 secdebug("sosops","enter - operation: %d", op);
322 securityd_send_sync_and_do(op, error, NULL, ^bool(xpc_object_t response, CFErrorRef *error) {
323 xpc_object_t encoded_array = xpc_dictionary_get_value(response, kSecXPCKeyResult);
324 if (response && (NULL != encoded_array)) {
325 result = CreateArrayOfPeerInfoWithXPCObject(encoded_array, error);
326 }
327 return result != NULL;
328 });
329
330 if (!isArray(result)) {
331 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected array, got: %@"), result);
332 CFReleaseNull(result);
333 }
334 return result;
335 }
336
337 static SOSPeerInfoRef data_to_peer_info_error_request(enum SecXPCOperation op, CFDataRef secret, CFErrorRef* error)
338 {
339 __block SOSPeerInfoRef result = false;
340 __block CFDataRef data = NULL;
341
342 secdebug("sosops", "enter - operation: %d", op);
343 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
344 xpc_object_t xsecretData = _CFXPCCreateXPCObjectFromCFObject(secret);
345 bool success = false;
346 if (xsecretData){
347 xpc_dictionary_set_value(message, kSecXPCKeyNewPublicBackupKey, xsecretData);
348 success = true;
349 xpc_release(xsecretData);
350 }
351 return success;
352 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
353 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCKeyResult);
354 if (response && (NULL != temp_result)) {
355 data = _CFXPCCreateCFObjectFromXPCObject(temp_result);
356 }
357 return result != NULL;
358 });
359
360 if (!isData(data)) {
361 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected CFData, got: %@"), result);
362 }
363
364 if (data) {
365 result = SOSPeerInfoCreateFromData(kCFAllocatorDefault, error, data);
366 }
367 CFReleaseNull(data);
368 return result;
369 }
370
371 static bool keybag_and_bool_to_bool_error_request(enum SecXPCOperation op, CFDataRef data, bool include, CFErrorRef* error)
372 {
373 secdebug("sosops", "enter - operation: %d", op);
374 return securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
375 xpc_object_t xData = _CFXPCCreateXPCObjectFromCFObject(data);
376 bool success = false;
377 if (xData){
378 xpc_dictionary_set_value(message, kSecXPCKeyKeybag, xData);
379 xpc_release(xData);
380 success = true;
381 }
382 xpc_dictionary_set_bool(message, kSecXPCKeyIncludeV0, include);
383 return success;
384 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
385 return xpc_dictionary_get_bool(response, kSecXPCKeyResult);
386 });
387 }
388
389
390 static bool info_array_to_bool_error_request(enum SecXPCOperation op, CFArrayRef peer_infos, CFErrorRef* error)
391 {
392 __block bool result = false;
393
394 secdebug("sosops", "enter - operation: %d", op);
395 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
396 xpc_object_t encoded_peers = CreateXPCObjectWithArrayOfPeerInfo(peer_infos, error);
397 if (encoded_peers)
398 xpc_dictionary_set_value(message, kSecXPCKeyPeerInfos, encoded_peers);
399 return encoded_peers != NULL;
400 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
401 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
402 return result;
403 });
404 return result;
405 }
406
407 static bool uint64_t_to_bool_error_request(enum SecXPCOperation op,
408 uint64_t number,
409 CFErrorRef* error)
410 {
411 __block bool result = false;
412
413 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
414 xpc_dictionary_set_uint64(message, kSecXPCLimitInMinutes, number);
415 return true;
416 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
417 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
418 return result;
419 });
420
421 return result;
422 }
423
424 static bool cfstring_and_cfdata_to_cfdata_cfdata_error_request(enum SecXPCOperation op, CFStringRef viewName, CFDataRef input, CFDataRef* data, CFDataRef* data2, CFErrorRef* error) {
425 secdebug("sosops", "enter - operation: %d", op);
426 __block bool result = false;
427 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
428 xpc_object_t xviewname = _CFXPCCreateXPCObjectFromCFObject(viewName);
429 xpc_object_t xinput = _CFXPCCreateXPCObjectFromCFObject(input);
430 bool success = false;
431 if (xviewname && xinput){
432 xpc_dictionary_set_value(message, kSecXPCKeyViewName, xviewname);
433 xpc_dictionary_set_value(message, kSecXPCData, xinput);
434 success = true;
435 xpc_release(xviewname);
436 xpc_release(xinput);
437 }
438 return success;
439 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
440 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
441
442 xpc_object_t temp_result = xpc_dictionary_get_value(response, kSecXPCData);
443 if (response && (NULL != temp_result) && data) {
444 *data = _CFXPCCreateCFObjectFromXPCObject(temp_result);
445 }
446 temp_result = xpc_dictionary_get_value(response, kSecXPCKeyKeybag);
447 if (response && (NULL != temp_result) && data2) {
448 *data2 = _CFXPCCreateCFObjectFromXPCObject(temp_result);
449 }
450
451 return result;
452 });
453
454 if (data &&!isData(*data)) {
455 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected CFData, got: %@"), *data);
456 }
457 if (data2 &&!isData(*data2)) {
458 SOSErrorCreate(kSOSErrorUnexpectedType, error, NULL, CFSTR("Expected CFData, got: %@"), *data2);
459 }
460
461 return result;
462 }
463
464 static bool set_hsa2_autoaccept_error_request(enum SecXPCOperation op, CFDataRef pubKey, CFErrorRef *error)
465 {
466 __block bool result = false;
467
468 sec_trace_enter_api(NULL);
469 securityd_send_sync_and_do(op, error, ^(xpc_object_t message,
470 CFErrorRef *error) {
471 xpc_object_t xpubkey = _CFXPCCreateXPCObjectFromCFObject(pubKey);
472 bool success = false;
473 if (xpubkey) {
474 xpc_dictionary_set_value(message,
475 kSecXPCKeyHSA2AutoAcceptInfo, xpubkey);
476 success = true;
477 xpc_release(xpubkey);
478 }
479
480 return success;
481 }, ^(xpc_object_t response, __unused CFErrorRef *error) {
482 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
483 return (bool)true;
484 });
485
486 return result;
487 }
488
489 bool SOSCCRequestToJoinCircle(CFErrorRef* error)
490 {
491 sec_trace_enter_api(NULL);
492 sec_trace_return_bool_api(^{
493 do_if_registered(soscc_RequestToJoinCircle, error);
494
495 return simple_bool_error_request(kSecXPCOpRequestToJoin, error);
496 }, NULL)
497 }
498
499 bool SOSCCRequestToJoinCircleAfterRestore(CFErrorRef* error)
500 {
501 sec_trace_enter_api(NULL);
502 sec_trace_return_bool_api(^{
503 do_if_registered(soscc_RequestToJoinCircleAfterRestore, error);
504
505 return simple_bool_error_request(kSecXPCOpRequestToJoinAfterRestore, error);
506 }, NULL)
507 }
508
509
510 bool SOSCCWaitForInitialSync(CFErrorRef* error)
511 {
512 sec_trace_enter_api(NULL);
513 sec_trace_return_bool_api(^{
514 do_if_registered(soscc_WaitForInitialSync, error);
515
516 return simple_bool_error_request(kSecXPCOpWaitForInitialSync, error);
517 }, NULL)
518 }
519
520 CFArrayRef SOSCCCopyYetToSyncViewsList(CFErrorRef* error)
521 {
522 sec_trace_enter_api(NULL);
523 sec_trace_return_api(CFArrayRef, ^{
524 do_if_registered(soscc_CopyYetToSyncViewsList, error);
525
526 return simple_array_error_request(kSecXPCOpCopyYetToSyncViews, error);
527 }, NULL)
528 }
529
530 bool SOSCCRequestEnsureFreshParameters(CFErrorRef* error)
531 {
532 sec_trace_enter_api(NULL);
533 sec_trace_return_bool_api(^{
534 do_if_registered(soscc_RequestEnsureFreshParameters, error);
535
536 return simple_bool_error_request(kSecXPCOpRequestEnsureFreshParameters, error);
537 }, NULL)
538 }
539
540 CFStringRef SOSCCGetAllTheRings(CFErrorRef *error){
541 sec_trace_enter_api(NULL);
542 sec_trace_return_api(CFStringRef, ^{
543 do_if_registered(soscc_GetAllTheRings, error);
544
545
546 return simple_cfstring_error_request(kSecXPCOpGetAllTheRings, error);
547 }, NULL)
548 }
549 bool SOSCCApplyToARing(CFStringRef ringName, CFErrorRef* error)
550 {
551 sec_trace_enter_api(NULL);
552 sec_trace_return_bool_api(^{
553 do_if_registered(soscc_ApplyToARing, ringName, error);
554
555 return cfstring_to_error_request(kSecXPCOpApplyToARing, ringName, error);
556 }, NULL)
557 }
558
559 bool SOSCCWithdrawlFromARing(CFStringRef ringName, CFErrorRef* error)
560 {
561 sec_trace_enter_api(NULL);
562 sec_trace_return_bool_api(^{
563 do_if_registered(soscc_WithdrawlFromARing, ringName, error);
564
565 return cfstring_to_error_request(kSecXPCOpWithdrawlFromARing, ringName, error);
566 }, NULL)
567 }
568
569 SOSRingStatus SOSCCRingStatus(CFStringRef ringName, CFErrorRef* error)
570 {
571 sec_trace_enter_api(NULL);
572 sec_trace_return_api(SOSRingStatus, ^{
573 do_if_registered(soscc_RingStatus, ringName, error);
574
575 return cfstring_to_uint64_request(kSecXPCOpRingStatus, ringName, error);
576 }, CFSTR("SOSCCStatus=%d"))
577 }
578
579 bool SOSCCEnableRing(CFStringRef ringName, CFErrorRef* error)
580 {
581 sec_trace_enter_api(NULL);
582 sec_trace_return_bool_api(^{
583 do_if_registered(soscc_EnableRing, ringName, error);
584
585 return cfstring_to_error_request(kSecXPCOpEnableRing, ringName, error);
586 }, NULL)
587 }
588
589 bool SOSCCAccountSetToNew(CFErrorRef *error)
590 {
591 secwarning("SOSCCAccountSetToNew called");
592 sec_trace_enter_api(NULL);
593 sec_trace_return_bool_api(^{
594 do_if_registered(soscc_SetToNew, error);
595 return simple_bool_error_request(kSecXPCOpAccountSetToNew, error);
596 }, NULL)
597 }
598
599 bool SOSCCResetToOffering(CFErrorRef* error)
600 {
601 secwarning("SOSCCResetToOffering called");
602 sec_trace_enter_api(NULL);
603 sec_trace_return_bool_api(^{
604 do_if_registered(soscc_ResetToOffering, error);
605
606 return simple_bool_error_request(kSecXPCOpResetToOffering, error);
607 }, NULL)
608 }
609
610 bool SOSCCResetToEmpty(CFErrorRef* error)
611 {
612 secwarning("SOSCCResetToEmpty called");
613 sec_trace_enter_api(NULL);
614 sec_trace_return_bool_api(^{
615 do_if_registered(soscc_ResetToEmpty, error);
616
617 return simple_bool_error_request(kSecXPCOpResetToEmpty, error);
618 }, NULL)
619 }
620
621 bool SOSCCRemovePeersFromCircle(CFArrayRef peers, CFErrorRef* error)
622 {
623 sec_trace_enter_api(NULL);
624 sec_trace_return_bool_api(^{
625 do_if_registered(soscc_RemovePeersFromCircle, peers, error);
626
627 return info_array_to_bool_error_request(kSecXPCOpRemovePeersFromCircle, peers, error);
628 }, NULL)
629 }
630
631 bool SOSCCRemoveThisDeviceFromCircle(CFErrorRef* error)
632 {
633 sec_trace_enter_api(NULL);
634 sec_trace_return_bool_api(^{
635 do_if_registered(soscc_RemoveThisDeviceFromCircle, error);
636
637 return simple_bool_error_request(kSecXPCOpRemoveThisDeviceFromCircle, error);
638 }, NULL)
639 }
640
641 bool SOSCCLoggedOutOfAccount(CFErrorRef* error)
642 {
643 sec_trace_enter_api(NULL);
644 sec_trace_return_bool_api(^{
645 do_if_registered(soscc_LoggedOutOfAccount, error);
646
647 return simple_bool_error_request(kSecXPCOpLoggedOutOfAccount, error);
648 }, NULL)
649 }
650
651 bool SOSCCBailFromCircle_BestEffort(uint64_t limit_in_seconds, CFErrorRef* error)
652 {
653 sec_trace_enter_api(NULL);
654 sec_trace_return_bool_api(^{
655 do_if_registered(soscc_BailFromCircle, limit_in_seconds, error);
656
657 return uint64_t_to_bool_error_request(kSecXPCOpBailFromCircle, limit_in_seconds, error);
658 }, NULL)
659 }
660
661 bool SOSCCSignedOut(bool immediate, CFErrorRef* error)
662 {
663 uint64_t limit = strtoul(optarg, NULL, 10);
664
665 if(immediate)
666 return SOSCCRemoveThisDeviceFromCircle(error);
667 else
668 return SOSCCBailFromCircle_BestEffort(limit, error);
669
670 }
671
672 CFArrayRef SOSCCCopyPeerPeerInfo(CFErrorRef* error)
673 {
674 sec_trace_enter_api(NULL);
675 sec_trace_return_api(CFArrayRef, ^{
676 do_if_registered(soscc_CopyPeerInfo, error);
677
678 return array_of_info_error_request(kSecXPCOpCopyPeerPeerInfo, error);
679 }, CFSTR("return=%@"));
680 }
681
682 bool SOSCCSetAutoAcceptInfo(CFDataRef autoaccept, CFErrorRef *error)
683 {
684 sec_trace_return_bool_api(^{
685 do_if_registered(soscc_SetHSA2AutoAcceptInfo, autoaccept, error);
686
687 return set_hsa2_autoaccept_error_request(kSecXPCOpSetHSA2AutoAcceptInfo, autoaccept, error);
688 }, NULL)
689 }
690
691 CFArrayRef SOSCCCopyConcurringPeerPeerInfo(CFErrorRef* error)
692 {
693 sec_trace_enter_api(NULL);
694 sec_trace_return_api(CFArrayRef, ^{
695 do_if_registered(soscc_CopyConcurringPeerInfo, error);
696
697 return array_of_info_error_request(kSecXPCOpCopyConcurringPeerPeerInfo, error);
698 }, CFSTR("return=%@"));
699 }
700
701 CFArrayRef SOSCCCopyGenerationPeerInfo(CFErrorRef* error)
702 {
703 sec_trace_enter_api(NULL);
704 sec_trace_return_api(CFArrayRef, ^{
705 do_if_registered(soscc_CopyGenerationPeerInfo, error);
706
707 return simple_array_error_request(kSecXPCOpCopyGenerationPeerInfo, error);
708 }, CFSTR("return=%@"));
709 }
710
711 CFArrayRef SOSCCCopyApplicantPeerInfo(CFErrorRef* error)
712 {
713 sec_trace_enter_api(NULL);
714 sec_trace_return_api(CFArrayRef, ^{
715 do_if_registered(soscc_CopyApplicantPeerInfo, error);
716
717 return array_of_info_error_request(kSecXPCOpCopyApplicantPeerInfo, error);
718 }, CFSTR("return=%@"));
719 }
720
721 bool SOSCCValidateUserPublic(CFErrorRef* error){
722 sec_trace_enter_api(NULL);
723 sec_trace_return_api(bool, ^{
724 do_if_registered(soscc_ValidateUserPublic, error);
725
726 return simple_bool_error_request(kSecXPCOpValidateUserPublic, error);
727 }, NULL);
728 }
729
730 CFArrayRef SOSCCCopyValidPeerPeerInfo(CFErrorRef* error)
731 {
732 sec_trace_enter_api(NULL);
733 sec_trace_return_api(CFArrayRef, ^{
734 do_if_registered(soscc_CopyValidPeerPeerInfo, error);
735
736 return array_of_info_error_request(kSecXPCOpCopyValidPeerPeerInfo, error);
737 }, CFSTR("return=%@"));
738 }
739
740 CFArrayRef SOSCCCopyNotValidPeerPeerInfo(CFErrorRef* error)
741 {
742 sec_trace_enter_api(NULL);
743 sec_trace_return_api(CFArrayRef, ^{
744 do_if_registered(soscc_CopyNotValidPeerPeerInfo, error);
745
746 return array_of_info_error_request(kSecXPCOpCopyNotValidPeerPeerInfo, error);
747 }, CFSTR("return=%@"));
748 }
749
750 CFArrayRef SOSCCCopyRetirementPeerInfo(CFErrorRef* error)
751 {
752 sec_trace_enter_api(NULL);
753 sec_trace_return_api(CFArrayRef, ^{
754 do_if_registered(soscc_CopyRetirementPeerInfo, error);
755
756 return array_of_info_error_request(kSecXPCOpCopyRetirementPeerInfo, error);
757 }, CFSTR("return=%@"));
758 }
759
760 CFArrayRef SOSCCCopyViewUnawarePeerInfo(CFErrorRef* error)
761 {
762 sec_trace_enter_api(NULL);
763 sec_trace_return_api(CFArrayRef, ^{
764 do_if_registered(soscc_CopyViewUnawarePeerInfo, error);
765
766 return array_of_info_error_request(kSecXPCOpCopyViewUnawarePeerInfo, error);
767 }, CFSTR("return=%@"));
768 }
769
770 CFDataRef SOSCCCopyAccountState(CFErrorRef* error)
771 {
772 sec_trace_enter_api(NULL);
773 sec_trace_return_api(CFDataRef, ^{
774 do_if_registered(soscc_CopyAccountState, error);
775
776 return data_to_error_request(kSecXPCOpCopyAccountData, error);
777 }, CFSTR("return=%@"));
778 }
779
780 bool SOSCCDeleteAccountState(CFErrorRef *error)
781 {
782 sec_trace_enter_api(NULL);
783 sec_trace_return_api(bool, ^{
784 do_if_registered(soscc_DeleteAccountState, error);
785 return simple_bool_error_request(kSecXPCOpDeleteAccountData, error);
786 }, NULL);
787 }
788 CFDataRef SOSCCCopyEngineData(CFErrorRef* error)
789 {
790 sec_trace_enter_api(NULL);
791 sec_trace_return_api(CFDataRef, ^{
792 do_if_registered(soscc_CopyEngineData, error);
793
794 return data_to_error_request(kSecXPCOpCopyEngineData, error);
795 }, CFSTR("return=%@"));
796 }
797
798 bool SOSCCDeleteEngineState(CFErrorRef *error)
799 {
800 sec_trace_enter_api(NULL);
801 sec_trace_return_api(bool, ^{
802 do_if_registered(soscc_DeleteEngineState, error);
803 return simple_bool_error_request(kSecXPCOpDeleteEngineData, error);
804 }, NULL);
805 }
806
807 SOSPeerInfoRef SOSCCCopyMyPeerInfo(CFErrorRef *error)
808 {
809 sec_trace_enter_api(NULL);
810 sec_trace_return_api(SOSPeerInfoRef, ^{
811 do_if_registered(soscc_CopyMyPeerInfo, error);
812
813 return peer_info_error_request(kSecXPCOpCopyMyPeerInfo, error);
814 }, CFSTR("return=%@"));
815 }
816
817 CFArrayRef SOSCCCopyEngineState(CFErrorRef* error)
818 {
819 sec_trace_enter_api(NULL);
820 sec_trace_return_api(CFArrayRef, ^{
821 do_if_registered(soscc_CopyEngineState, error);
822
823 return simple_array_error_request(kSecXPCOpCopyEngineState, error);
824 }, CFSTR("return=%@"));
825 }
826
827 bool SOSCCAcceptApplicants(CFArrayRef applicants, CFErrorRef* error)
828 {
829 sec_trace_enter_api(NULL);
830 sec_trace_return_bool_api(^{
831 do_if_registered(soscc_AcceptApplicants, applicants, error);
832
833 return info_array_to_bool_error_request(kSecXPCOpAcceptApplicants, applicants, error);
834 }, NULL)
835 }
836
837 bool SOSCCRejectApplicants(CFArrayRef applicants, CFErrorRef *error)
838 {
839 sec_trace_enter_api(CFSTR("applicants=%@"), applicants);
840 sec_trace_return_bool_api(^{
841 do_if_registered(soscc_RejectApplicants, applicants, error);
842
843 return info_array_to_bool_error_request(kSecXPCOpRejectApplicants, applicants, error);
844 }, NULL)
845 }
846
847 static SOSPeerInfoRef SOSSetNewPublicBackupKey(CFDataRef pubKey, CFErrorRef *error)
848 {
849 sec_trace_enter_api(NULL);
850 sec_trace_return_api(SOSPeerInfoRef, ^{
851 do_if_registered(soscc_SetNewPublicBackupKey, pubKey, error);
852
853 return data_to_peer_info_error_request(kSecXPCOpSetNewPublicBackupKey, pubKey, error);
854 }, CFSTR("return=%@"));
855 }
856
857 SOSPeerInfoRef SOSCCCopyMyPeerWithNewDeviceRecoverySecret(CFDataRef secret, CFErrorRef *error){
858 CFDataRef publicKeyData = SOSCopyDeviceBackupPublicKey(secret, error);
859
860 return SOSSetNewPublicBackupKey(publicKeyData, error);
861 }
862
863 bool SOSCCRegisterSingleRecoverySecret(CFDataRef aks_bag, bool forV0Only, CFErrorRef *error){
864 sec_trace_enter_api(NULL);
865 sec_trace_return_bool_api(^{
866 do_if_registered(soscc_RegisterSingleRecoverySecret, aks_bag, forV0Only, error);
867 return keybag_and_bool_to_bool_error_request(kSecXPCOpSetBagForAllSlices, aks_bag, forV0Only, error);
868 }, NULL);
869 }
870
871
872 static bool label_and_password_to_bool_error_request(enum SecXPCOperation op,
873 CFStringRef user_label, CFDataRef user_password,
874 CFErrorRef* error)
875 {
876 __block bool result = false;
877
878 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
879 CFStringPerformWithCString(user_label, ^(const char *utf8Str) {
880 xpc_dictionary_set_string(message, kSecXPCKeyUserLabel, utf8Str);
881 });
882 xpc_dictionary_set_data(message, kSecXPCKeyUserPassword, CFDataGetBytePtr(user_password), CFDataGetLength(user_password));
883 return true;
884 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
885 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
886 return result;
887 });
888
889 return result;
890 }
891
892 static bool label_and_password_and_dsid_to_bool_error_request(enum SecXPCOperation op,
893 CFStringRef user_label, CFDataRef user_password,
894 CFStringRef dsid, CFErrorRef* error)
895 {
896 __block bool result = false;
897
898 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
899 CFStringPerformWithCString(user_label, ^(const char *utf8Str) {
900 xpc_dictionary_set_string(message, kSecXPCKeyUserLabel, utf8Str);
901 });
902 CFStringPerformWithCString(dsid, ^(const char *utr8StrDSID) {
903 xpc_dictionary_set_string(message, kSecXPCKeyDSID, utr8StrDSID);
904 });
905 xpc_dictionary_set_data(message, kSecXPCKeyUserPassword, CFDataGetBytePtr(user_password), CFDataGetLength(user_password));
906 return true;
907 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
908 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
909 return result;
910 });
911
912 return result;
913 }
914
915 static bool deviceid_to_bool_error_request(enum SecXPCOperation op,
916 CFStringRef IDS,
917 CFErrorRef* error)
918 {
919 __block bool result = false;
920
921 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
922 CFStringPerformWithCString(IDS, ^(const char *utf8Str) {
923 xpc_dictionary_set_string(message, kSecXPCKeyDeviceID, utf8Str);
924 });
925 return true;
926 }, ^bool(xpc_object_t response, CFErrorRef *error) {
927 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
928 if(result == false){
929 xpc_object_t xpc_error = xpc_dictionary_get_value(response, kSecXPCKeyError);
930 if (xpc_error && error) {
931 *error = SecCreateCFErrorWithXPCObject(xpc_error);
932 }
933 }
934 return result;
935 });
936
937 return result;
938 }
939
940 static int idsDict_to_bool_error_request(enum SecXPCOperation op,
941 CFDictionaryRef IDS,
942 CFErrorRef* error)
943 {
944 __block int result = false;
945
946 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
947 SecXPCDictionarySetPListOptional(message, kSecXPCKeyIDSMessage, IDS, error);
948 return true;
949 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
950 int64_t temp_result = xpc_dictionary_get_int64(response, kSecXPCKeyResult);
951 if ((temp_result >= INT32_MIN) && (temp_result <= INT32_MAX)) {
952 result = (int)temp_result;
953 }
954 return result;
955 });
956
957 return result;
958 }
959
960 static bool idscommand_to_bool_error_request(enum SecXPCOperation op,
961 CFStringRef idsMessage,
962 CFErrorRef* error)
963 {
964 __block bool result = false;
965
966 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
967 CFStringPerformWithCString(idsMessage, ^(const char *utf8Str) {
968 xpc_dictionary_set_string(message, kSecXPCKeySendIDSMessage, utf8Str);
969 });
970 return true;
971 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
972 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
973 return result;
974 });
975
976 return result;
977 }
978
979 bool SOSCCRegisterUserCredentials(CFStringRef user_label, CFDataRef user_password, CFErrorRef* error)
980 {
981 secnotice("sosops", "SOSCCRegisterUserCredentials - calling SOSCCSetUserCredentials!! %@\n", user_label);
982 return SOSCCSetUserCredentials(user_label, user_password, error);
983 }
984
985 bool SOSCCSetUserCredentials(CFStringRef user_label, CFDataRef user_password, CFErrorRef* error)
986 {
987 secnotice("sosops", "SOSCCSetUserCredentials!! %@\n", user_label);
988 sec_trace_enter_api(CFSTR("user_label=%@"), user_label);
989 sec_trace_return_bool_api(^{
990 do_if_registered(soscc_SetUserCredentials, user_label, user_password, error);
991
992 return label_and_password_to_bool_error_request(kSecXPCOpSetUserCredentials, user_label, user_password, error);
993 }, NULL)
994 }
995
996 bool SOSCCSetUserCredentialsAndDSID(CFStringRef user_label, CFDataRef user_password, CFStringRef dsid, CFErrorRef *error)
997 {
998 secnotice("sosops", "SOSCCSetUserCredentialsAndDSID!! %@\n", user_label);
999 sec_trace_enter_api(CFSTR("user_label=%@"), user_label);
1000 sec_trace_return_bool_api(^{
1001 do_if_registered(soscc_SetUserCredentialsAndDSID, user_label, user_password, dsid, error);
1002 if(dsid == NULL){
1003 return label_and_password_and_dsid_to_bool_error_request(kSecXPCOpSetUserCredentialsAndDSID, user_label, user_password, CFSTR(""), error);
1004 }
1005 else{
1006 return label_and_password_and_dsid_to_bool_error_request(kSecXPCOpSetUserCredentialsAndDSID, user_label, user_password, dsid, error);
1007 }
1008 }, NULL)
1009
1010 }
1011 bool SOSCCSetDeviceID(CFStringRef IDS, CFErrorRef* error)
1012 {
1013 secnotice("sosops", "SOSCCSetDeviceID!! %@\n", IDS);
1014 sec_trace_enter_api(NULL);
1015 sec_trace_return_bool_api(^{
1016 CFErrorRef localError = NULL;
1017 do_if_registered(soscc_SetDeviceID, IDS, &localError);
1018 bool result = deviceid_to_bool_error_request(kSecXPCOpSetDeviceID, IDS, &localError);
1019 if(localError){
1020 *error = CFRetainSafe(localError);
1021 }
1022 return result;
1023 }, NULL)
1024 }
1025
1026 bool SOSCCIDSServiceRegistrationTest(CFStringRef message, CFErrorRef *error)
1027 {
1028 secnotice("sosops", "SOSCCSendIDSTestMessage!! %@\n", message);
1029 sec_trace_enter_api(NULL);
1030 sec_trace_return_bool_api(^{
1031 do_if_registered(soscc_CheckIDSRegistration, message, error);
1032 return idscommand_to_bool_error_request(kSecXPCOpSendIDSMessage, message, error);
1033 }, NULL)
1034 }
1035
1036 bool SOSCCIDSPingTest(CFStringRef message, CFErrorRef *error)
1037 {
1038 secnotice("sosops", "SOSCCSendIDSTestMessage!! %@\n", message);
1039 sec_trace_enter_api(NULL);
1040 sec_trace_return_bool_api(^{
1041 do_if_registered(soscc_PingTest, message, error);
1042 return idscommand_to_bool_error_request(kSecXPCOpPingTest, message, error);
1043 }, NULL)
1044 }
1045
1046 bool SOSCCIDSDeviceIDIsAvailableTest(CFErrorRef *error)
1047 {
1048 secnotice("sosops", "SOSCCIDSDeviceIDIsAvailableTest!!\n");
1049 sec_trace_enter_api(NULL);
1050 sec_trace_return_bool_api(^{
1051 do_if_registered(soscc_GetIDSIDFromIDS, error);
1052 return simple_bool_error_request(kSecXPCOpIDSDeviceID, error);
1053 }, NULL)
1054 }
1055
1056 HandleIDSMessageReason SOSCCHandleIDSMessage(CFDictionaryRef IDS, CFErrorRef* error)
1057 {
1058 secnotice("sosops", "SOSCCHandleIDSMessage!! %@\n", IDS);
1059 sec_trace_enter_api(NULL);
1060 sec_trace_return_api(HandleIDSMessageReason, ^{
1061 do_if_registered(soscc_HandleIDSMessage, IDS, error);
1062 return (HandleIDSMessageReason) idsDict_to_bool_error_request(kSecXPCOpHandleIDSMessage, IDS, error);
1063 }, NULL)
1064 }
1065
1066 bool SOSCCTryUserCredentials(CFStringRef user_label, CFDataRef user_password, CFErrorRef* error)
1067 {
1068 sec_trace_enter_api(CFSTR("user_label=%@"), user_label);
1069 sec_trace_return_bool_api(^{
1070 do_if_registered(soscc_TryUserCredentials, user_label, user_password, error);
1071
1072 return label_and_password_to_bool_error_request(kSecXPCOpTryUserCredentials, user_label, user_password, error);
1073 }, NULL)
1074 }
1075
1076
1077 bool SOSCCCanAuthenticate(CFErrorRef* error) {
1078 sec_trace_enter_api(NULL);
1079 sec_trace_return_bool_api(^{
1080 do_if_registered(soscc_CanAuthenticate, error);
1081
1082 return simple_bool_error_request(kSecXPCOpCanAuthenticate, error);
1083 }, NULL)
1084 }
1085
1086 bool SOSCCPurgeUserCredentials(CFErrorRef* error) {
1087 sec_trace_enter_api(NULL);
1088 sec_trace_return_bool_api(^{
1089 do_if_registered(soscc_PurgeUserCredentials, error);
1090
1091 return simple_bool_error_request(kSecXPCOpPurgeUserCredentials, error);
1092 }, NULL)
1093 }
1094
1095 enum DepartureReason SOSCCGetLastDepartureReason(CFErrorRef *error) {
1096 sec_trace_enter_api(NULL);
1097 sec_trace_return_api(enum DepartureReason, ^{
1098 do_if_registered(soscc_GetLastDepartureReason, error);
1099
1100 return (enum DepartureReason) simple_int_error_request(kSecXPCOpGetLastDepartureReason, error);
1101 }, NULL)
1102 }
1103
1104 bool SOSCCSetLastDepartureReason(enum DepartureReason reason, CFErrorRef *error) {
1105 sec_trace_enter_api(NULL);
1106 sec_trace_return_api(bool, ^{
1107 do_if_registered(soscc_SetLastDepartureReason, reason, error);
1108 return securityd_send_sync_and_do(kSecXPCOpSetLastDepartureReason, error,
1109 ^bool(xpc_object_t message, CFErrorRef *error) {
1110 xpc_dictionary_set_int64(message, kSecXPCKeyReason, reason);
1111 return true;
1112 },
1113 ^bool(xpc_object_t response, __unused CFErrorRef *error) {
1114 return xpc_dictionary_get_bool(response, kSecXPCKeyResult);
1115 }
1116 );
1117 }, NULL)
1118 }
1119
1120 CFStringRef SOSCCCopyIncompatibilityInfo(CFErrorRef* error) {
1121 sec_trace_enter_api(NULL);
1122 sec_trace_return_api(CFStringRef, ^{
1123 do_if_registered(soscc_CopyIncompatibilityInfo, error);
1124
1125 return simple_cfstring_error_request(kSecXPCOpCopyIncompatibilityInfo, error);
1126 }, NULL)
1127 }
1128
1129 CFStringRef SOSCCCopyDeviceID(CFErrorRef* error)
1130 {
1131 sec_trace_enter_api(NULL);
1132 sec_trace_return_api(CFStringRef, ^{
1133 do_if_registered(soscc_CopyDeviceID, error);
1134 CFStringRef deviceID = simple_cfstring_error_request(kSecXPCOpRequestDeviceID, error);
1135 return deviceID;
1136 }, NULL)
1137 }
1138
1139 bool SOSCCProcessEnsurePeerRegistration(CFErrorRef* error){
1140 secnotice("updates", "enter SOSCCProcessEnsurePeerRegistration");
1141 sec_trace_enter_api(NULL);
1142 sec_trace_return_bool_api(^{
1143 do_if_registered(soscc_EnsurePeerRegistration, error);
1144
1145 return simple_bool_error_request(soscc_EnsurePeerRegistration_id, error);
1146 }, NULL)
1147 }
1148
1149
1150 SyncWithAllPeersReason SOSCCProcessSyncWithAllPeers(CFErrorRef* error)
1151 {
1152 sec_trace_enter_api(NULL);
1153 sec_trace_return_api(SyncWithAllPeersReason, ^{
1154 do_if_registered(soscc_ProcessSyncWithAllPeers, error);
1155
1156 return (SyncWithAllPeersReason) simple_int_error_request(kSecXPCOpProcessSyncWithAllPeers, error);
1157 }, NULL)
1158 }
1159
1160 CFStringRef SOSCCGetStatusDescription(SOSCCStatus status)
1161 {
1162 switch (status) {
1163 case kSOSCCInCircle:
1164 return CFSTR("InCircle");
1165 case kSOSCCNotInCircle:
1166 return CFSTR("NotInCircle");
1167 case kSOSCCRequestPending:
1168 return CFSTR("RequestPending");
1169 case kSOSCCCircleAbsent:
1170 return CFSTR("CircleAbsent");
1171 case kSOSCCError:
1172 return CFSTR("InternalError");
1173 default:
1174 return CFSTR("Unknown Status (%d)");
1175 };
1176 }
1177
1178 #if 0
1179 kSOSCCGeneralViewError = -1,
1180 kSOSCCViewMember = 0,
1181 kSOSCCViewNotMember = 1,
1182 kSOSCCViewNotQualified = 2,
1183 kSOSCCNoSuchView = 3,
1184 #endif
1185
1186 static int64_t name_action_to_code_request(enum SecXPCOperation op, uint16_t error_result,
1187 CFStringRef name, uint64_t action, CFErrorRef *error) {
1188 __block int64_t result = error_result;
1189
1190 securityd_send_sync_and_do(op, error, ^bool(xpc_object_t message, CFErrorRef *error) {
1191 CFStringPerformWithCString(name, ^(const char *utf8Str) {
1192 xpc_dictionary_set_string(message, kSecXPCKeyViewName, utf8Str);
1193 });
1194 xpc_dictionary_set_int64(message, kSecXPCKeyViewActionCode, action);
1195 return true;
1196 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
1197 if (response && xpc_dictionary_entry_is_type(response, kSecXPCKeyResult, XPC_TYPE_INT64)) {
1198 result = xpc_dictionary_get_int64(response, kSecXPCKeyResult);
1199 }
1200 return result != error_result;
1201 });
1202
1203 return result;
1204 }
1205
1206 SOSViewResultCode SOSCCView(CFStringRef view, SOSViewActionCode actionCode, CFErrorRef *error) {
1207 sec_trace_enter_api(NULL);
1208 sec_trace_return_api(SOSViewResultCode, ^{
1209 do_if_registered(soscc_View, view, actionCode, error);
1210
1211 return (SOSViewResultCode) name_action_to_code_request(kSecXPCOpView, kSOSCCGeneralViewError, view, actionCode, error);
1212 }, CFSTR("SOSViewResultCode=%d"))
1213 }
1214
1215
1216 bool SOSCCViewSet(CFSetRef enabledViews, CFSetRef disabledViews) {
1217 CFErrorRef *error = NULL;
1218 __block bool result = false;
1219
1220 sec_trace_enter_api(NULL);
1221 sec_trace_return_bool_api(^{
1222 do_if_registered(soscc_ViewSet, enabledViews, disabledViews);
1223 return securityd_send_sync_and_do(kSecXPCOpViewSet, error, ^bool(xpc_object_t message, CFErrorRef *error) {
1224 xpc_object_t enabledSetXpc = CreateXPCObjectWithCFSetRef(enabledViews, error);
1225 xpc_object_t disabledSetXpc = CreateXPCObjectWithCFSetRef(disabledViews, error);
1226 if (enabledSetXpc) xpc_dictionary_set_value(message, kSecXPCKeyEnabledViewsKey, enabledSetXpc);
1227 if (disabledSetXpc) xpc_dictionary_set_value(message, kSecXPCKeyDisabledViewsKey, disabledSetXpc);
1228 return (enabledSetXpc != NULL) || (disabledSetXpc != NULL) ;
1229 }, ^bool(xpc_object_t response, __unused CFErrorRef *error) {
1230 result = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
1231 return result;
1232 });
1233 }, NULL)
1234 }
1235
1236 SOSSecurityPropertyResultCode SOSCCSecurityProperty(CFStringRef property, SOSSecurityPropertyActionCode actionCode, CFErrorRef *error) {
1237 sec_trace_enter_api(NULL);
1238 sec_trace_return_api(SOSSecurityPropertyResultCode, ^{
1239 SOSSecurityPropertyResultCode result = kSOSCCGeneralSecurityPropertyError;
1240 do_if_registered(soscc_SecurityProperty, property, actionCode, error);
1241 xpc_object_t message = securityd_create_message(kSecXPCOpSecurityProperty, error);
1242 if (message) {
1243 int64_t bigac = actionCode;
1244 xpc_dictionary_set_string(message, kSecXPCKeyViewName, CFStringGetCStringPtr(property, kCFStringEncodingUTF8));
1245 xpc_dictionary_set_int64(message, kSecXPCKeyViewActionCode, bigac);
1246
1247 xpc_object_t response = securityd_message_with_reply_sync(message, error);
1248
1249 if (response && xpc_dictionary_entry_is_type(response, kSecXPCKeyResult, XPC_TYPE_INT64)) {
1250 result = (SOSSecurityPropertyResultCode) xpc_dictionary_get_int64(response, kSecXPCKeyResult);
1251 }
1252
1253 if (result == kSOSCCGeneralSecurityPropertyError) {
1254 if (response && securityd_message_no_error(response, error)) {
1255 char *desc = xpc_copy_description(response);
1256 SecCFCreateErrorWithFormat(0, sSecXPCErrorDomain, NULL, error, NULL, CFSTR("Remote error occurred/no info: %s"), desc);
1257 free((void *)desc);
1258 }
1259 }
1260 if(response)
1261 xpc_release(response);
1262 if(message)
1263 xpc_release(message);
1264 }
1265
1266 return result;
1267 }, CFSTR("SOSSecurityPropertyResultCode=%d"))
1268 }
1269
1270
1271 static bool sosIsViewSetSyncing(size_t n, CFStringRef *views) {
1272 __block bool retval = true;
1273
1274 SOSCCStatus cstatus = SOSCCThisDeviceIsInCircle(NULL);
1275 if(cstatus == kSOSCCInCircle) {
1276 for(size_t i = 0; i < n; i++) {
1277 SOSViewResultCode vstatus = SOSCCView(views[i], kSOSCCViewQuery, NULL);
1278 if(vstatus != kSOSCCViewMember) retval = false;
1279 }
1280 } else {
1281 retval = false;
1282 }
1283 return retval;
1284 }
1285
1286 bool SOSCCIsIcloudKeychainSyncing(void) {
1287 CFStringRef views[] = { kSOSViewKeychainV0 };
1288 return sosIsViewSetSyncing(1, views);
1289 }
1290
1291 bool SOSCCIsSafariSyncing(void) {
1292 CFStringRef views[] = { kSOSViewAutofillPasswords, kSOSViewSafariCreditCards };
1293 return sosIsViewSetSyncing(2, views);
1294 }
1295
1296 bool SOSCCIsAppleTVSyncing(void) {
1297 CFStringRef views[] = { kSOSViewAppleTV };
1298 return sosIsViewSetSyncing(1, views);
1299 }
1300
1301 bool SOSCCIsHomeKitSyncing(void) {
1302 CFStringRef views[] = { kSOSViewHomeKit };
1303 return sosIsViewSetSyncing(1, views);
1304 }
1305
1306 bool SOSCCIsWiFiSyncing(void) {
1307 CFStringRef views[] = { kSOSViewWiFi };
1308 return sosIsViewSetSyncing(1, views);
1309 }
1310
1311 bool SOSCCSetEscrowRecord(CFStringRef escrow_label, uint64_t tries, CFErrorRef *error ){
1312 secnotice("escrow", "enter SOSCCSetEscrowRecord");
1313 sec_trace_enter_api(NULL);
1314 sec_trace_return_bool_api(^{
1315 do_if_registered(soscc_SetEscrowRecords, escrow_label, tries, error);
1316
1317 return escrow_to_bool_error_request(kSecXPCOpSetEscrowRecord, escrow_label, tries, error);
1318 }, NULL)
1319 }
1320
1321 CFDictionaryRef SOSCCCopyEscrowRecord(CFErrorRef *error){
1322 secnotice("escrow", "enter SOSCCCopyEscrowRecord");
1323 sec_trace_enter_api(NULL);
1324 sec_trace_return_api(CFDictionaryRef, ^{
1325 do_if_registered(soscc_CopyEscrowRecords, error);
1326
1327 return strings_to_dictionary_error_request(kSecXPCOpGetEscrowRecord, error);
1328 }, CFSTR("return=%@"))
1329
1330 }
1331
1332 bool SOSCCCheckPeerAvailability(CFErrorRef *error){
1333 secnotice("peer", "enter SOSCCCheckPeerAvailability");
1334 sec_trace_enter_api(NULL);
1335 sec_trace_return_bool_api(^{
1336 do_if_registered(soscc_PeerAvailability, error);
1337
1338 return simple_bool_error_request(kSecXPCOpCheckPeerAvailability, error);
1339 }, NULL)
1340
1341 }
1342
1343
1344 bool SOSWrapToBackupSliceKeyBagForView(CFStringRef viewName, CFDataRef input, CFDataRef* output, CFDataRef* bskbEncoded, CFErrorRef* error) {
1345 sec_trace_enter_api(NULL);
1346 sec_trace_return_bool_api(^{
1347 do_if_registered(sosbskb_WrapToBackupSliceKeyBagForView, viewName, input, output, bskbEncoded, error);
1348
1349 return cfstring_and_cfdata_to_cfdata_cfdata_error_request(kSecXPCOpWrapToBackupSliceKeyBagForView, viewName, input, output, bskbEncoded, error);
1350 }, NULL)
1351 }
mirror of Security