keychain/ckks/CKKSItem.h

   1 /*
   2  * Copyright (c) 2016 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #import "keychain/ckks/CKKS.h"
  25 #import "keychain/ckks/CKKSSQLDatabaseObject.h"
  26 #import "keychain/ckks/CKKSRecordHolder.h"
  27 #include <utilities/SecDb.h>
  28 #include <securityd/SecDbItem.h>
  29
  30 #ifndef CKKSItem_h
  31 #define CKKSItem_h
  32
  33 #if OCTAGON
  34
  35 #import <CloudKit/CloudKit.h>
  36
  37 @class CKKSWrappedAESSIVKey;
  38
  39
  40 // Helper base class that includes UUIDs and key information
  41 @interface CKKSItem : CKKSCKRecordHolder {
  42
  43 }
  44
  45 @property (copy) NSString* uuid;
  46 @property (copy) NSString* parentKeyUUID;
  47 @property (copy) NSData* encitem;
  48
  49 @property (getter=base64Item, setter=setBase64Item:) NSString* base64encitem;
  50
  51 @property (copy) CKKSWrappedAESSIVKey* wrappedkey;
  52 @property NSUInteger generationCount;
  53 @property enum SecCKKSItemEncryptionVersion encver;
  54
  55 @property NSNumber* plaintextPCSServiceIdentifier;
  56 @property NSData* plaintextPCSPublicKey;
  57 @property NSData* plaintextPCSPublicIdentity;
  58
  59 // Used for item encryption and decryption. Attempts to be future-compatible for new CloudKit record fields with an optional olditem field, which may contain a CK record. Any fields in that record that we don't understand will be added to the authenticated data dictionary.
  60 - (NSDictionary<NSString*, NSData*>*)makeAuthenticatedDataDictionaryUpdatingCKKSItem:(CKKSItem*) olditem encryptionVersion:(SecCKKSItemEncryptionVersion)encversion;
  61
  62
  63 - (instancetype) initWithCKRecord: (CKRecord*) record;
  64 - (instancetype) initCopyingCKKSItem: (CKKSItem*) item;
  65
  66 // Use this one if you really don't have any more information
  67 - (instancetype) initWithUUID: (NSString*) uuid
  68                 parentKeyUUID: (NSString*) parentKeyUUID
  69                        zoneID: (CKRecordZoneID*) zoneID;
  70
  71 // Use this one if you don't have a CKRecord yet
  72 - (instancetype) initWithUUID: (NSString*) uuid
  73                 parentKeyUUID: (NSString*) parentKeyUUID
  74                        zoneID: (CKRecordZoneID*) zoneID
  75                       encItem: (NSData*) encitem
  76                    wrappedkey: (CKKSWrappedAESSIVKey*) wrappedkey
  77               generationCount: (NSUInteger) genCount
  78                        encver: (NSUInteger) encver;
  79
  80 - (instancetype) initWithUUID: (NSString*) uuid
  81                 parentKeyUUID: (NSString*) parentKeyUUID
  82                        zoneID: (CKRecordZoneID*)zoneID
  83               encodedCKRecord: (NSData*) encodedrecord
  84                       encItem: (NSData*) encitem
  85                    wrappedkey: (CKKSWrappedAESSIVKey*) wrappedkey
  86               generationCount: (NSUInteger) genCount
  87                        encver: (NSUInteger) encver;
  88
  89 - (instancetype) initWithUUID: (NSString*) uuid
  90                 parentKeyUUID: (NSString*) parentKeyUUID
  91                        zoneID: (CKRecordZoneID*)zoneID
  92               encodedCKRecord: (NSData*) encodedrecord
  93                       encItem: (NSData*) encitem
  94                    wrappedkey: (CKKSWrappedAESSIVKey*) wrappedkey
  95               generationCount: (NSUInteger) genCount
  96                        encver: (NSUInteger) encver
  97 plaintextPCSServiceIdentifier: (NSNumber*) pcsServiceIdentifier
  98         plaintextPCSPublicKey: (NSData*) pcsPublicKey
  99    plaintextPCSPublicIdentity: (NSData*) pcsPublicIdentity;
 100
 101 // Convenience function: set the upload version for this record to be the current OS version
 102 + (void)setOSVersionInRecord: (CKRecord*) record;
 103
 104
 105 @end
 106
 107 @interface CKKSSQLDatabaseObject (CKKSZoneExtras)
 108 // Convenience function: get all UUIDs of this type
 109 + (NSArray<NSString*>*) allUUIDs:  (NSError * __autoreleasing *) error;
 110
 111 // Convenience function: get all objects in this particular zone
 112 + (NSArray*) all:(CKRecordZoneID*) zoneID error: (NSError * __autoreleasing *) error;
 113
 114 // Convenience function: delete all records of this type with this zoneID
 115 + (bool) deleteAll:(CKRecordZoneID*) zoneID error: (NSError * __autoreleasing *) error;
 116 @end
 117
 118 #endif
 119 #endif /* CKKSItem_H */