]> git.saurik.com Git - apple/security.git/blob - OSX/sec/SOSCircle/SecureObjectSync/SOSAccountCircles.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57337.20.44.tar.gz
[apple/security.git] / OSX / sec / SOSCircle / SecureObjectSync / SOSAccountCircles.c
1 //
2 // SOSAccountCircles.c
3 // sec
4 //
5
6 #include "SOSAccountPriv.h"
7 #include <Security/SecureObjectSync/SOSTransport.h>
8 #include <Security/SecureObjectSync/SOSTransportKeyParameterKVS.h>
9 #include <Security/SecureObjectSync/SOSTransportCircleKVS.h>
10 #include <Security/SecureObjectSync/SOSTransportMessageKVS.h>
11 #include <Security/SecureObjectSync/SOSTransportMessageIDS.h>
12 #include "SOSCloudKeychainClient.h"
13
14
15 //
16 // MARK: Circle management
17 //
18
19 CFIndex whichTransportType;
20
21
22 SecKeyRef SOSAccountCopyPublicKeyForPeer(SOSAccountRef account, CFStringRef peer_id, CFErrorRef *error) {
23 SecKeyRef publicKey = NULL;
24 SOSPeerInfoRef peer = NULL;
25
26 require_action_quiet(account->trusted_circle, fail, SOSErrorCreate(kSOSErrorNoCircle, error, NULL, CFSTR("No circle to get peer key from")));
27
28 peer = SOSCircleCopyPeerWithID(account->trusted_circle, peer_id, error);
29 require_quiet(peer, fail);
30
31 publicKey = SOSPeerInfoCopyPubKey(peer);
32
33 fail:
34 CFReleaseSafe(peer);
35 return publicKey;
36 }
37
38
39 SOSCircleRef SOSAccountGetCircle(SOSAccountRef a, CFErrorRef *error)
40 {
41 CFTypeRef entry = a->trusted_circle;
42
43 require_action_quiet(!isNull(entry), fail,
44 SOSCreateError(kSOSErrorIncompatibleCircle, CFSTR("Incompatible circle in KVS"), NULL, error));
45
46 require_action_quiet(entry, fail,
47 SOSCreateError(kSOSErrorNoCircle, CFSTR("No circle found"), NULL, error));
48
49
50 return (SOSCircleRef) entry;
51
52 fail:
53 return NULL;
54 }
55
56 static void setup_defaults_settings(){
57
58 Boolean keyExistsAndHasValue = false;
59
60 whichTransportType = CFPreferencesGetAppIntegerValue(CFSTR("Transport"), CFSTR("com.apple.security"), &keyExistsAndHasValue);
61 if(whichTransportType == kSOSTransportFuture)
62 secdebug("IDS", "Successfully retrieved value: %d, We are a Galarch + 1 device: %ld", keyExistsAndHasValue, whichTransportType);
63 else if (whichTransportType == kSOSTransportPresent)
64 secdebug("IDS", "Successfully retrieved value: %d, We are a Galarch device: %ld", keyExistsAndHasValue, whichTransportType);
65
66 else if (whichTransportType == kSOSTransportIDS)
67 secdebug("IDS", "Successfully retrieved value: %d, We are an IDS device: %ld", keyExistsAndHasValue, whichTransportType);
68
69 else if (whichTransportType == kSOSTransportKVS)
70 secdebug("IDS", "Successfully retrieved value: %d, We are a KVS device: %ld", keyExistsAndHasValue, whichTransportType);
71 else
72 secdebug("IDS", "Successfully retrieved value: %d, We are a KVS device: %ld", keyExistsAndHasValue, whichTransportType);
73
74 }
75
76 static void SOSTransportInit(void) {
77 static dispatch_once_t sdOnceToken;
78 dispatch_once(&sdOnceToken, ^{
79 setup_defaults_settings();
80 });
81 }
82
83 static bool SOSAccountInflateTransportsForCircle(SOSAccountRef account, CFStringRef circleName, CFErrorRef *error){
84 bool success = false;
85
86 SOSTransportKeyParameterRef tKey = NULL;
87 SOSTransportCircleRef tCircle = NULL;
88 SOSTransportMessageRef tidsMessage = NULL;
89 SOSTransportMessageRef tkvsMessage = NULL;
90
91 SOSTransportInit();
92
93 tKey = (SOSTransportKeyParameterRef)SOSTransportKeyParameterKVSCreate(account, error);
94 tCircle = (SOSTransportCircleRef)SOSTransportCircleKVSCreate(account, circleName, error);
95
96 require_quiet(tKey, fail);
97 require_quiet(tCircle, fail);
98
99 tidsMessage = (SOSTransportMessageRef)SOSTransportMessageIDSCreate(account, circleName, error);
100 require_quiet(tidsMessage, fail);
101
102 CFRetainAssign(account->ids_message_transport, tidsMessage);
103 tkvsMessage = (SOSTransportMessageRef)SOSTransportMessageKVSCreate(account, circleName, error);
104 require_quiet(tkvsMessage, fail);
105
106 CFRetainAssign(account->kvs_message_transport, tkvsMessage);
107
108 CFRetainAssign(account->key_transport, (SOSTransportKeyParameterRef)tKey);
109 CFRetainAssign(account->circle_transport, tCircle);
110
111
112 success = true;
113 fail:
114 CFReleaseNull(tKey);
115 CFReleaseNull(tCircle);
116 CFReleaseNull(tidsMessage);
117 CFReleaseNull(tkvsMessage);
118 return success;
119 }
120
121 SOSCircleRef SOSAccountEnsureCircle(SOSAccountRef a, CFStringRef name, CFErrorRef *error)
122 {
123 CFErrorRef localError = NULL;
124
125 if (a->trusted_circle == NULL) {
126 a->trusted_circle = SOSCircleCreate(NULL, name, NULL);
127 SOSUpdateKeyInterest(a);
128 }
129
130
131 SOSCircleRef circle = SOSAccountGetCircle(a, &localError);
132
133 require_action_quiet(circle || !isSOSErrorCoded(localError, kSOSErrorIncompatibleCircle), fail,
134 if (error) { *error = localError; localError = NULL; });
135
136 require_quiet(SOSAccountInflateTransportsForCircle(a, name, error), fail);
137
138 fail:
139 CFReleaseNull(localError);
140 return circle;
141 }
142
143
144 bool SOSAccountUpdateCircleFromRemote(SOSAccountRef account, SOSCircleRef newCircle, CFErrorRef *error)
145 {
146 return SOSAccountHandleUpdateCircle(account, newCircle, false, error);
147 }
148
149 bool SOSAccountUpdateCircle(SOSAccountRef account, SOSCircleRef newCircle, CFErrorRef *error)
150 {
151 return SOSAccountHandleUpdateCircle(account, newCircle, true, error);
152 }
153
154 bool SOSAccountModifyCircle(SOSAccountRef account,
155 CFErrorRef* error,
156 bool (^action)(SOSCircleRef circle))
157 {
158 bool success = false;
159
160 SOSCircleRef circle = NULL;
161 require_action_quiet(account->trusted_circle, fail, SOSErrorCreate(kSOSErrorNoCircle, error, NULL, CFSTR("No circle to get peer key from")));
162
163 circle = SOSCircleCopyCircle(kCFAllocatorDefault, account->trusted_circle, error);
164 require_quiet(circle, fail);
165
166 success = true;
167 require_quiet(action(circle), fail);
168
169 success = SOSAccountUpdateCircle(account, circle, error);
170
171 fail:
172 CFReleaseSafe(circle);
173 return success;
174 }
175
mirror of Security