OSX/sec/SOSCircle/SecureObjectSync/SOSRingDER.c

   1 //
   2 //  SOSRingDER.c
   3 //  sec
   4 //
   5 //  Created by Richard Murphy on 3/3/15.
   6 //
   7 //
   8
   9 #include "SOSRingDER.h"
  10 #include <AssertMacros.h>
  11
  12 #include <Security/SecureObjectSync/SOSInternal.h>
  13 #include <Security/SecureObjectSync/SOSPeer.h>
  14 #include <Security/SecureObjectSync/SOSPeerInfoInternal.h>
  15 #include <Security/SecureObjectSync/SOSPeerInfoCollections.h>
  16 #include <Security/SecureObjectSync/SOSCircle.h>
  17 #include <Security/SecFramework.h>
  18
  19 #include <Security/SecKey.h>
  20 #include <Security/SecKeyPriv.h>
  21 #include <CoreFoundation/CoreFoundation.h>
  22
  23 #include <utilities/SecCFWrappers.h>
  24
  25 //#include "ckdUtilities.h"
  26
  27 #include <corecrypto/ccder.h>
  28 #include <corecrypto/ccdigest.h>
  29 #include <corecrypto/ccsha2.h>
  30
  31
  32 #include <utilities/der_plist.h>
  33 #include <utilities/der_plist_internal.h>
  34 #include <corecrypto/ccder.h>
  35 #include <utilities/der_date.h>
  36
  37 #include <stdlib.h>
  38 #include <assert.h>
  39
  40 #include "SOSRingUtils.h"
  41
  42 size_t SOSRingGetDEREncodedSize(SOSRingRef ring, CFErrorRef *error) {
  43     SOSRingAssertStable(ring);
  44     size_t total_payload = 0;
  45
  46     require_quiet(accumulate_size(&total_payload, der_sizeof_dictionary((CFDictionaryRef) ring->unSignedInformation, error)), fail);
  47     require_quiet(accumulate_size(&total_payload, der_sizeof_dictionary((CFDictionaryRef) ring->signedInformation, error)), fail);
  48     require_quiet(accumulate_size(&total_payload, der_sizeof_dictionary((CFDictionaryRef) ring->signatures, error)), fail);
  49     require_quiet(accumulate_size(&total_payload, der_sizeof_dictionary((CFDictionaryRef) ring->data, error)), fail);
  50
  51     return ccder_sizeof(CCDER_CONSTRUCTED_SEQUENCE, total_payload);
  52 fail:
  53     SecCFDERCreateError(kSecDERErrorUnknownEncoding, CFSTR("don't know how to encode"), NULL, error);
  54     return 0;
  55 }
  56
  57 uint8_t* SOSRingEncodeToDER(SOSRingRef ring, CFErrorRef* error, const uint8_t* der, uint8_t* der_end) {
  58     return ccder_encode_constructed_tl(CCDER_CONSTRUCTED_SEQUENCE, der_end, der,
  59         der_encode_dictionary(ring->unSignedInformation, error, der,
  60         der_encode_dictionary(ring->signedInformation, error, der,
  61         der_encode_dictionary(ring->signatures, error, der,
  62         der_encode_dictionary(ring->data, error, der, der_end)))));
  63 }
  64
  65 CFDataRef SOSRingCopyEncodedData(SOSRingRef ring, CFErrorRef *error) {
  66     return CFDataCreateWithDER(kCFAllocatorDefault, SOSRingGetDEREncodedSize(ring, error), ^uint8_t*(size_t size, uint8_t *buffer) {
  67         return SOSRingEncodeToDER(ring, error, buffer, (uint8_t *) buffer + size);
  68     });
  69 }
  70
  71 SOSRingRef SOSRingCreateFromDER(CFErrorRef* error, const uint8_t** der_p, const uint8_t *der_end) {
  72     SOSRingRef ring = SOSRingAllocate();
  73     SOSRingRef retval = NULL;
  74     const uint8_t *sequence_end;
  75     CFDictionaryRef unSignedInformation = NULL;
  76     CFDictionaryRef signedInformation = NULL;
  77     CFDictionaryRef signatures = NULL;
  78     CFDictionaryRef data = NULL;
  79
  80     require_action_quiet(ring, errOut, secnotice("ring", "Unable to allocate ring"));
  81     *der_p = ccder_decode_constructed_tl(CCDER_CONSTRUCTED_SEQUENCE, &sequence_end, *der_p, der_end);
  82     *der_p = der_decode_dictionary(ALLOCATOR, kCFPropertyListImmutable, &unSignedInformation, error, *der_p, sequence_end);
  83     *der_p = der_decode_dictionary(ALLOCATOR, kCFPropertyListImmutable, &signedInformation, error, *der_p, sequence_end);
  84     *der_p = der_decode_dictionary(ALLOCATOR, kCFPropertyListImmutable, &signatures, error, *der_p, sequence_end);
  85     *der_p = der_decode_dictionary(ALLOCATOR, kCFPropertyListImmutable, &data, error, *der_p, sequence_end);
  86
  87     require_action_quiet(*der_p, errOut, secnotice("ring", "Unable to decode DER"));
  88     require_action_quiet(*der_p == der_end, errOut, secnotice("ring", "Unable to decode DER"));
  89
  90     ring->unSignedInformation = CFDictionaryCreateMutableCopy(ALLOCATOR, 0, unSignedInformation);
  91     ring->signedInformation = CFDictionaryCreateMutableCopy(ALLOCATOR, 0, signedInformation);
  92     ring->signatures = CFDictionaryCreateMutableCopy(ALLOCATOR, 0, signatures);
  93     ring->data = CFDictionaryCreateMutableCopy(ALLOCATOR, 0, data);
  94     retval = ring;
  95     ring = NULL;
  96
  97 errOut:
  98     CFReleaseNull(unSignedInformation);
  99     CFReleaseNull(signedInformation);
 100     CFReleaseNull(signatures);
 101     CFReleaseNull(data);
 102     CFReleaseNull(ring);
 103
 104     return retval;
 105 }
 106
 107 SOSRingRef SOSRingCreateFromData(CFErrorRef* error, CFDataRef ring_data) {
 108     const uint8_t *der = CFDataGetBytePtr(ring_data);
 109     CFIndex len = CFDataGetLength(ring_data);
 110     return SOSRingCreateFromDER(error, &der, der+len);
 111 }