]> git.saurik.com Git - apple/security.git/blob - keychain/ckks/CKKSManifest.h
Security-58286.1.32.tar.gz
[apple/security.git] / keychain / ckks / CKKSManifest.h
1 /*
2 * Copyright (c) 2016 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 #if OCTAGON
25
26 #import "CKKSRecordHolder.h"
27 #import <Foundation/Foundation.h>
28 #import <SecurityFoundation/SFKey.h>
29
30 NS_ASSUME_NONNULL_BEGIN
31
32 extern NSString* const CKKSManifestZoneKey;
33 extern NSString* const CKKSManifestSignerIDKey;
34 extern NSString* const CKKSManifestGenCountKey;
35
36 @class CKKSManifestMasterRecord;
37 @class CKRecord;
38 @class CKKSItem;
39 @class CKKSCurrentItemPointer;
40
41 @interface CKKSManifest : CKKSCKRecordHolder
42
43 @property (readonly, class) NSUInteger greatestKnownGenerationCount;
44
45 @property (nonatomic, readonly) NSData* digestValue;
46 @property (nonatomic, readonly) NSUInteger generationCount;
47 @property (nonatomic, readonly) NSString* signerID;
48
49 + (void)performWithAccountInfo:(void (^)(void))action;
50
51 + (bool)shouldSyncManifests;
52 + (bool)shouldEnforceManifests;
53
54 + (nullable instancetype)manifestForZone:(NSString*)zone peerID:(NSString*)peerID error:(NSError**)error;
55 + (nullable instancetype)manifestForRecordName:(NSString*)recordName error:(NSError**)error;
56 + (nullable instancetype)latestTrustedManifestForZone:(NSString*)zone error:(NSError**)error;
57
58 - (BOOL)updateWithRecord:(CKRecord*)record error:(NSError**)error;
59
60 - (BOOL)validateWithError:(NSError**)error;
61 - (BOOL)validateItem:(CKKSItem*)item withError:(NSError**)error;
62 - (BOOL)validateCurrentItem:(CKKSCurrentItemPointer*)currentItem withError:(NSError**)error;
63 - (BOOL)itemUUIDExistsInManifest:(NSString*)uuid;
64 - (BOOL)contentsAreEqualToManifest:(CKKSManifest*)otherManifest;
65
66 @end
67
68 @interface CKKSPendingManifest : CKKSManifest
69
70 @property (readonly, getter=isReadyToCommmit) BOOL readyToCommit;
71
72 - (nullable CKKSManifest*)commitToDatabaseWithError:(NSError**)error;
73
74 @end
75
76 @interface CKKSEgoManifest : CKKSManifest
77
78 + (nullable CKKSEgoManifest*)tryCurrentEgoManifestForZone:(NSString*)zone;
79 + (nullable instancetype)newManifestForZone:(NSString*)zone withItems:(NSArray<CKKSItem*>*)items peerManifestIDs:(NSArray<NSString*>*)peerManifestIDs currentItems:(NSDictionary*)currentItems error:(NSError**)error;
80
81 - (void)updateWithNewOrChangedRecords:(NSArray<CKRecord*>*)newOrChangedRecords deletedRecordIDs:(NSArray<CKRecordID*>*)deletedRecordIDs;
82 - (void)setCurrentItemUUID:(NSString*)newCurrentItemUUID forIdentifier:(NSString*)currentPointerIdentifier;
83
84 - (NSArray<CKRecord*>*)allCKRecordsWithZoneID:(CKRecordZoneID*)zoneID;
85
86 @end
87
88 // ----------------------------------------------------
89 // Declarations for unit tests
90
91 @class CKKSManifestInjectionPointHelper;
92
93 @interface CKKSManifest (UnitTesting)
94
95 - (void)nilAllIvars;
96
97 @end
98
99 @interface CKKSEgoManifest (UnitTesting)
100
101 + (nullable instancetype)newFakeManifestForZone:(NSString*)zone withItemRecords:(NSArray<CKRecord*>*)itemRecords currentItems:(NSDictionary*)currentItems signerID:(NSString*)signerID keyPair:(SFECKeyPair*)keyPair error:(NSError**)error;
102
103 @end
104
105 @interface CKKSManifestInjectionPointHelper : NSObject
106
107 @property (class) BOOL ignoreChanges; // turn to YES to have changes to the database get ignored by CKKSManifest to support negative testing
108
109 + (void)registerEgoPeerID:(NSString*)egoPeerID keyPair:(SFECKeyPair*)keyPair;
110
111 @end
112
113 NS_ASSUME_NONNULL_END
114
115 #endif