OSX/sec/SOSCircle/SecureObjectSync/SOSBackupSliceKeyBag.h

   1 /*
   2  * Copyright (c) 2015 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 /*!
  25  @header SOSBackupSliceKeyBag.h - View Bags - backup bags for views
  26  */
  27
  28 #ifndef _sec_SOSBackupSliceKeyBag_
  29 #define _sec_SOSBackupSliceKeyBag_
  30
  31 #include <CoreFoundation/CoreFoundation.h>
  32 #include <Security/SecureObjectSync/SOSPeerInfo.h>
  33
  34 extern CFStringRef bskbRkbgPrefix;
  35
  36 // We don't have a portable header (particularly for the SIM) so for now we define the one type we need.
  37 // This should be fixed when we get a portable AKS interface.
  38 typedef int32_t bskb_keybag_handle_t;
  39
  40 typedef struct __OpaqueSOSBackupSliceKeyBag *SOSBackupSliceKeyBagRef;
  41
  42 CFTypeRef SOSBackupSliceKeyBageGetTypeID(void);
  43
  44 SOSBackupSliceKeyBagRef SOSBackupSliceKeyBagCreate(CFAllocatorRef allocator, CFSetRef peers, CFErrorRef* error);
  45 SOSBackupSliceKeyBagRef SOSBackupSliceKeyBagCreateDirect(CFAllocatorRef allocator, CFDataRef aks_bag, CFErrorRef *error);
  46
  47 SOSBackupSliceKeyBagRef SOSBackupSliceKeyBagCreateWithAdditionalKeys(CFAllocatorRef allocator,
  48                                                                      CFSetRef /*SOSPeerInfoRef*/ peers,
  49                                                                      CFDictionaryRef /*CFStringRef (prefix) CFDataRef (keydata) */ additionalKeys,
  50                                                                      CFErrorRef* error);
  51
  52 SOSBackupSliceKeyBagRef SOSBackupSliceKeyBagCreateFromData(CFAllocatorRef allocator, CFDataRef data, CFErrorRef *error);
  53
  54 CFDataRef SOSBSKBCopyEncoded(SOSBackupSliceKeyBagRef BackupSliceKeyBag, CFErrorRef* error);
  55
  56 //
  57 bool SOSBSKBIsDirect(SOSBackupSliceKeyBagRef backupSliceKeyBag);
  58
  59 CFSetRef SOSBSKBGetPeers(SOSBackupSliceKeyBagRef backupSliceKeyBag);
  60
  61 int SOSBSKBCountPeers(SOSBackupSliceKeyBagRef backupSliceKeyBag);
  62
  63 bool SOSBSKBPeerIsInKeyBag(SOSBackupSliceKeyBagRef backupSliceKeyBag, SOSPeerInfoRef pi);
  64 bool SOSBKSBKeyIsInKeyBag(SOSBackupSliceKeyBagRef backupSliceKeyBag, CFDataRef publicKey);
  65 bool SOSBKSBPrefixedKeyIsInKeyBag(SOSBackupSliceKeyBagRef backupSliceKeyBag, CFStringRef prefix, CFDataRef publicKey);
  66
  67 // Keybag fetching
  68 CFDataRef SOSBSKBCopyAKSBag(SOSBackupSliceKeyBagRef backupSliceKeyBag, CFErrorRef* error);
  69
  70
  71 // Der encoding
  72 const uint8_t* der_decode_BackupSliceKeyBag(CFAllocatorRef allocator,
  73                                   SOSBackupSliceKeyBagRef* BackupSliceKeyBag, CFErrorRef *error,
  74                                   const uint8_t* der, const uint8_t *der_end);
  75
  76 size_t der_sizeof_BackupSliceKeyBag(SOSBackupSliceKeyBagRef BackupSliceKeyBag, CFErrorRef *error);
  77 uint8_t* der_encode_BackupSliceKeyBag(SOSBackupSliceKeyBagRef BackupSliceKeyBag, CFErrorRef *error,
  78                             const uint8_t *der, uint8_t *der_end);
  79
  80 bskb_keybag_handle_t SOSBSKBLoadLocked(SOSBackupSliceKeyBagRef backupSliceKeyBag,
  81                                        CFErrorRef *error);
  82
  83 bskb_keybag_handle_t SOSBSKBLoadAndUnlockWithPeerIDAndSecret(SOSBackupSliceKeyBagRef backupSliceKeyBag,
  84                                                              CFStringRef peerID, CFDataRef peerSecret,
  85                                                              CFErrorRef *error);
  86
  87 bskb_keybag_handle_t SOSBSKBLoadAndUnlockWithPeerSecret(SOSBackupSliceKeyBagRef backupSliceKeyBag,
  88                                                         SOSPeerInfoRef peer, CFDataRef peerSecret,
  89                                                         CFErrorRef *error);
  90
  91 bskb_keybag_handle_t SOSBSKBLoadAndUnlockWithDirectSecret(SOSBackupSliceKeyBagRef backupSliceKeyBag,
  92                                                           CFDataRef directSecret,
  93                                                           CFErrorRef *error);
  94
  95 bskb_keybag_handle_t SOSBSKBLoadAndUnlockWithWrappingSecret(SOSBackupSliceKeyBagRef backupSliceKeyBag,
  96                                                             CFDataRef wrappingSecret,
  97                                                             CFErrorRef *error);
  98
  99 // Utilities for backup keys
 100 bool SOSBSKBIsGoodBackupPublic(CFDataRef publicKey, CFErrorRef *error);
 101
 102 CFDataRef SOSBSKBCopyRecoveryKey(SOSBackupSliceKeyBagRef bskb);
 103 bool SOSBSKBHasRecoveryKey(SOSBackupSliceKeyBagRef bskb);
 104
 105 #endif /* defined(_sec_SOSBackupSliceKeyBag_) */