]> git.saurik.com Git - apple/security.git/blob - OSX/sec/ipc/securityd_client.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57740.31.2.tar.gz
[apple/security.git] / OSX / sec / ipc / securityd_client.h
1 /*
2 * Copyright (c) 2007-2009,2012-2015 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23 #ifndef _SECURITYD_CLIENT_H_
24 #define _SECURITYD_CLIENT_H_
25
26 #include <stdint.h>
27
28 #include <Security/SecTrust.h>
29 #include <Security/SecTask.h>
30 #ifndef MINIMIZE_INCLUDES
31 # include <Security/SecTrustStore.h>
32 # include <Security/SecCertificatePath.h>
33 #else
34 typedef struct __SecTrustStore *SecTrustStoreRef;
35 # ifndef _SECURITY_SECCERTIFICATE_H_
36 typedef struct __SecCertificate *SecCertificateRef;
37 # endif // _SECURITY_SECCERTIFICATE_H_
38 # ifndef _SECURITY_SECCERTIFICATEPATH_H_
39 typedef struct SecCertificatePath *SecCertificatePathRef;
40 # endif // _SECURITY_SECCERTIFICATEPATH_H_
41 #endif // MINIMIZE_INCLUDES
42
43 #if TARGET_OS_EMBEDDED
44 #include <libaks.h>
45 #endif
46
47 #include <CoreFoundation/CFArray.h>
48 #include <CoreFoundation/CFDictionary.h>
49 #include <CoreFoundation/CFError.h>
50
51 #include <Security/SecureObjectSync/SOSCloudCircle.h>
52 #include <Security/SecureObjectSync/SOSPeerInfo.h>
53 #include <Security/SecureObjectSync/SOSRing.h>
54
55 #include <xpc/xpc.h>
56 #include <CoreFoundation/CFXPCBridge.h>
57
58 // TODO: This should be in client of XPC code locations...
59 #if SECITEM_SHIM_OSX
60 #define kSecuritydXPCServiceName "com.apple.securityd.xpc"
61 #define kTrustdAgentXPCServiceName "com.apple.trustd.agent"
62 #define kTrustdXPCServiceName "com.apple.trustd"
63 #else
64 #define kSecuritydXPCServiceName "com.apple.securityd"
65 #define kTrustdAgentXPCServiceName "com.apple.securityd"
66 #define kTrustdXPCServiceName "com.apple.securityd"
67 #endif // *** END SECITEM_SHIM_OSX ***
68
69 //
70 // MARK: XPC Information.
71 //
72
73 extern CFStringRef sSecXPCErrorDomain;
74
75 extern const char *kSecXPCKeyOperation;
76 extern const char *kSecXPCKeyResult;
77 extern const char *kSecXPCKeyError;
78 extern const char *kSecXPCKeyPeerInfos;
79 extern const char *kSecXPCKeyUserLabel;
80 extern const char *kSecXPCKeyBackup;
81 extern const char *kSecXPCKeyKeybag;
82 extern const char *kSecXPCKeyUserPassword;
83 extern const char *kSecXPCKeyDSID;
84 extern const char *kSecXPCKeyViewName;
85 extern const char *kSecXPCKeyViewActionCode;
86 extern const char *kSecXPCKeyNewPublicBackupKey;
87 extern const char *kSecXPCKeyIncludeV0;
88 extern const char *kSecXPCKeyEnabledViewsKey;
89 extern const char *kSecXPCKeyDisabledViewsKey;
90 extern const char *kSecXPCKeyEscrowLabel;
91 extern const char *kSecXPCKeyTriesLabel;
92 extern const char *kSecXPCKeyFileDescriptor;
93 extern const char *kSecXPCKeyAccessGroups;
94 extern const char *kSecXPCKeyClasses;
95
96 //
97 // MARK: Dispatch macros
98 //
99
100 #define SECURITYD_XPC(sdp, wrapper, ...) ((gSecurityd && gSecurityd->sdp) ? gSecurityd->sdp(__VA_ARGS__) : wrapper(sdp ## _id, __VA_ARGS__))
101
102 //
103 // MARK: Object to XPC format conversion.
104 //
105
106
107 //
108 // MARK: XPC Interfaces
109 //
110
111 extern const char *kSecXPCKeyOperation;
112 extern const char *kSecXPCKeyResult;
113 extern const char *kSecXPCKeyError;
114 extern const char *kSecXPCKeyPeerInfos;
115 extern const char *kSecXPCKeyUserLabel;
116 extern const char *kSecXPCKeyUserPassword;
117 extern const char *kSecXPCKeyDSID;
118 extern const char *kSecXPCLimitInMinutes;
119 extern const char *kSecXPCKeyQuery;
120 extern const char *kSecXPCKeyAttributesToUpdate;
121 extern const char *kSecXPCKeyDomain;
122 extern const char *kSecXPCKeyDigest;
123 extern const char *kSecXPCKeyCertificate;
124 extern const char *kSecXPCKeySettings;
125 extern const char *kSecXPCPublicPeerId; // Public peer id
126 extern const char *kSecXPCOTRSession; // OTR session bytes
127 extern const char *kSecXPCData; // Data to process
128 extern const char *kSecXPCOTRReady; // OTR ready for messages
129 extern const char *kSecXPCKeyDeviceID;
130 extern const char *kSecXPCKeyIDSMessage;
131 extern const char *kSecXPCKeyViewName;
132 extern const char *kSecXPCKeyViewActionCode;
133 extern const char *kSecXPCKeySendIDSMessage;
134 extern const char *kSecXPCKeyHSA2AutoAcceptInfo;
135 extern const char *kSecXPCKeyEscrowLabel;
136 extern const char *kSecXPCKeyTriesLabel;
137 extern const char *kSecXPCKeyString;
138 extern const char *kSecXPCKeyArray;
139
140 extern const char *kSecXPCKeyReason;
141
142 //
143 // MARK: Mach port request IDs
144 //
145 enum SecXPCOperation {
146 sec_item_add_id = 0,
147 sec_item_copy_matching_id = 1,
148 sec_item_update_id = 2,
149 sec_item_delete_id = 3,
150 // trust_store_for_domain -- NOT an ipc
151 sec_trust_store_contains_id = 4,
152 sec_trust_store_set_trust_settings_id = 5,
153 sec_trust_store_remove_certificate_id = 6,
154 // remove_all -- NOT an ipc
155 sec_delete_all_id = 7,
156 sec_trust_evaluate_id = 8,
157 // Any new items MUST be added below here
158 // This allows updating roots on a device, since SecTrustEvaluate must continue to work
159 sec_keychain_backup_id,
160 sec_keychain_restore_id,
161 sec_keychain_backup_syncable_id,
162 sec_keychain_restore_syncable_id,
163 sec_item_backup_copy_names_id,
164 sec_item_backup_handoff_fd_id,
165 sec_item_backup_set_confirmed_manifest_id,
166 sec_item_backup_restore_id,
167 sec_keychain_sync_update_message_id,
168 sec_ota_pki_asset_version_id,
169 sec_otr_session_create_remote_id,
170 sec_otr_session_process_packet_remote_id,
171 kSecXPCOpOTAPKIGetNewAsset,
172 kSecXPCOpOTAGetEscrowCertificates,
173 kSecXPCOpProcessUnlockNotification,
174 kSecXPCOpProcessSyncWithAllPeers,
175 kSecXPCOpRollKeys,
176 sec_add_shared_web_credential_id,
177 sec_copy_shared_web_credential_id,
178 sec_get_log_settings_id,
179 sec_set_xpc_log_settings_id,
180 sec_set_circle_log_settings_id,
181 soscc_EnsurePeerRegistration_id,
182 kSecXPCOpRequestEnsureFreshParameters,
183 kSecXPCOpGetAllTheRings,
184 kSecXPCOpApplyToARing,
185 kSecXPCOpWithdrawlFromARing,
186 kSecXPCOpEnableRing,
187 kSecXPCOpRingStatus,
188 kSecXPCOpRequestDeviceID,
189 kSecXPCOpSetDeviceID,
190 kSecXPCOpHandleIDSMessage,
191 kSecXPCOpSyncWithKVSPeer,
192 kSecXPCOpSyncWithIDSPeer,
193 kSecXPCOpSendIDSMessage,
194 kSecXPCOpPingTest,
195 kSecXPCOpIDSDeviceID,
196 // any process using an operation below here is required to have entitlement keychain-cloud-circle
197 kSecXPCOpTryUserCredentials,
198 kSecXPCOpSetUserCredentials,
199 kSecXPCOpSetUserCredentialsAndDSID,
200 kSecXPCOpCanAuthenticate,
201 kSecXPCOpPurgeUserCredentials,
202 kSecXPCOpDeviceInCircle,
203 kSecXPCOpRequestToJoin,
204 kSecXPCOpRequestToJoinAfterRestore,
205 kSecXPCOpResetToOffering,
206 kSecXPCOpResetToEmpty,
207 kSecXPCOpView,
208 kSecXPCOpViewSet,
209 kSecXPCOpSecurityProperty,
210 kSecXPCOpRemoveThisDeviceFromCircle,
211 kSecXPCOpRemovePeersFromCircle,
212 kSecXPCOpLoggedOutOfAccount,
213 kSecXPCOpBailFromCircle,
214 kSecXPCOpAcceptApplicants,
215 kSecXPCOpRejectApplicants,
216 kSecXPCOpCopyApplicantPeerInfo,
217 kSecXPCOpCopyValidPeerPeerInfo,
218 kSecXPCOpValidateUserPublic,
219 kSecXPCOpCopyNotValidPeerPeerInfo,
220 kSecXPCOpCopyPeerPeerInfo,
221 kSecXPCOpCopyConcurringPeerPeerInfo,
222 kSecXPCOpCopyGenerationPeerInfo,
223 kSecXPCOpGetLastDepartureReason,
224 kSecXPCOpSetLastDepartureReason,
225 kSecXPCOpCopyIncompatibilityInfo,
226 kSecXPCOpCopyRetirementPeerInfo,
227 kSecXPCOpCopyViewUnawarePeerInfo,
228 kSecXPCOpCopyEngineState,
229 kSecXPCOpCopyMyPeerInfo,
230 kSecXPCOpAccountSetToNew,
231 kSecXPCOpSetHSA2AutoAcceptInfo,
232 kSecXPCOpSetNewPublicBackupKey,
233 kSecXPCOpSetBagForAllSlices,
234 kSecXPCOpWaitForInitialSync,
235 kSecXPCOpCopyYetToSyncViews,
236 kSecXPCOpSetEscrowRecord,
237 kSecXPCOpGetEscrowRecord,
238 kSecXPCOpCheckPeerAvailability,
239 kSecXPCOpCopyAccountData,
240 kSecXPCOpDeleteAccountData,
241 kSecXPCOpCopyEngineData,
242 kSecXPCOpDeleteEngineData,
243 kSecXPCOpCopyApplication,
244 kSecXPCOpCopyCircleJoiningBlob,
245 kSecXPCOpJoinWithCircleJoiningBlob,
246 kSecXPCOpAccountHasPublicKey,
247 kSecXPCOpAccountIsNew,
248 /* after this is free for all */
249 kSecXPCOpWhoAmI,
250 kSecXPCOpTransmogrifyToSyncBubble,
251 kSecXPCOpTransmogrifyToSystemKeychain,
252 kSecXPCOpWrapToBackupSliceKeyBagForView,
253 sec_item_update_token_items_id,
254 kSecXPCOpDeleteUserView,
255 sec_trust_store_copy_all_id,
256 sec_trust_store_copy_usage_constraints_id,
257 sec_delete_items_with_access_groups_id,
258 kSecXPCOpIsThisDeviceLastBackup,
259 sec_keychain_backup_keybag_uuid_id,
260 kSecXPCOpPeersHaveViewsEnabled,
261 };
262
263
264 typedef struct {
265 SecTaskRef task;
266 CFArrayRef accessGroups;
267 bool allowSystemKeychain;
268 bool allowSyncBubbleKeychain;
269 bool isNetworkExtension;
270 uid_t uid;
271 CFDataRef musr;
272 #if TARGET_OS_EMBEDDED
273 keybag_handle_t keybag;
274 #endif
275 #if TARGET_OS_IPHONE
276 bool inMultiUser;
277 int activeUser;
278 #endif
279 } SecurityClient;
280
281
282 extern SecurityClient * SecSecurityClientGet(void);
283 #if TARGET_OS_IOS
284 void SecSecuritySetMusrMode(bool mode, uid_t uid, int activeUser);
285 #endif
286
287 struct securityd {
288 bool (*sec_item_add)(CFDictionaryRef attributes, SecurityClient *client, CFTypeRef *result, CFErrorRef* error);
289 bool (*sec_item_copy_matching)(CFDictionaryRef query, SecurityClient *client, CFTypeRef *result, CFErrorRef* error);
290 bool (*sec_item_update)(CFDictionaryRef query, CFDictionaryRef attributesToUpdate, SecurityClient *client, CFErrorRef* error);
291 bool (*sec_item_delete)(CFDictionaryRef query, SecurityClient *client, CFErrorRef* error);
292 bool (*sec_add_shared_web_credential)(CFDictionaryRef attributes, SecurityClient *client, const audit_token_t *clientAuditToken, CFStringRef appID, CFArrayRef accessGroups, CFTypeRef *result, CFErrorRef *error);
293 bool (*sec_copy_shared_web_credential)(CFDictionaryRef query, SecurityClient *client, const audit_token_t *clientAuditToken, CFStringRef appID, CFArrayRef accessGroups, CFTypeRef *result, CFErrorRef *error);
294 SecTrustStoreRef (*sec_trust_store_for_domain)(CFStringRef domainName, CFErrorRef* error); // TODO: remove, has no msg id
295 bool (*sec_trust_store_contains)(SecTrustStoreRef ts, CFDataRef digest, bool *contains, CFErrorRef* error);
296 bool (*sec_trust_store_set_trust_settings)(SecTrustStoreRef ts, SecCertificateRef certificate, CFTypeRef trustSettingsDictOrArray, CFErrorRef* error);
297 bool (*sec_trust_store_remove_certificate)(SecTrustStoreRef ts, CFDataRef digest, CFErrorRef* error);
298 bool (*sec_truststore_remove_all)(SecTrustStoreRef ts, CFErrorRef* error); // TODO: remove, has no msg id
299 bool (*sec_item_delete_all)(CFErrorRef* error);
300 SecTrustResultType (*sec_trust_evaluate)(CFArrayRef certificates, CFArrayRef anchors, bool anchorsOnly, bool keychainsAllowed, CFArrayRef policies, CFArrayRef responses, CFArrayRef SCTs, CFArrayRef trustedLogs, CFAbsoluteTime verifyTime, __unused CFArrayRef accessGroups, CFArrayRef *details, CFDictionaryRef *info, SecCertificatePathRef *chain, CFErrorRef *error);
301 CFDataRef (*sec_keychain_backup)(SecurityClient *client, CFDataRef keybag, CFDataRef passcode, CFErrorRef* error);
302 bool (*sec_keychain_restore)(CFDataRef backup, SecurityClient *client, CFDataRef keybag, CFDataRef passcode, CFErrorRef* error);
303 CFDictionaryRef (*sec_keychain_backup_syncable)(CFDictionaryRef backup_in, CFDataRef keybag, CFDataRef passcode, CFErrorRef* error);
304 bool (*sec_keychain_restore_syncable)(CFDictionaryRef backup, CFDataRef keybag, CFDataRef passcode, CFErrorRef* error);
305 CFArrayRef (*sec_item_backup_copy_names)(CFErrorRef *error);
306 int (*sec_item_backup_handoff_fd)(CFStringRef backupName, CFErrorRef *error);
307 bool (*sec_item_backup_set_confirmed_manifest)(CFStringRef backupName, CFDataRef keybagDigest, CFDataRef manifest, CFErrorRef *error);
308 bool (*sec_item_backup_restore)(CFStringRef backupName, CFStringRef peerID, CFDataRef keybag, CFDataRef secret, CFDataRef backup, CFErrorRef *error);
309 int (*sec_ota_pki_asset_version)(CFErrorRef* error);
310 CFDataRef (*sec_otr_session_create_remote)(CFDataRef publicPeerId, CFErrorRef* error);
311 bool (*sec_otr_session_process_packet_remote)(CFDataRef sessionData, CFDataRef inputPacket, CFDataRef* outputSessionData, CFDataRef* outputPacket, bool *readyForMessages, CFErrorRef* error);
312 bool (*soscc_TryUserCredentials)(CFStringRef user_label, CFDataRef user_password, CFErrorRef *error);
313 bool (*soscc_SetUserCredentials)(CFStringRef user_label, CFDataRef user_password, CFErrorRef *error);
314 bool (*soscc_SetUserCredentialsAndDSID)(CFStringRef user_label, CFDataRef user_password, CFStringRef dsid, CFErrorRef *error);
315 bool (*soscc_CanAuthenticate)(CFErrorRef *error);
316 bool (*soscc_PurgeUserCredentials)(CFErrorRef *error);
317 SOSCCStatus (*soscc_ThisDeviceIsInCircle)(CFErrorRef* error);
318 bool (*soscc_RequestToJoinCircle)(CFErrorRef* error);
319 bool (*soscc_RequestToJoinCircleAfterRestore)(CFErrorRef* error);
320 bool (*soscc_RequestEnsureFreshParameters)(CFErrorRef* error);
321 CFStringRef (*soscc_GetAllTheRings)(CFErrorRef *error);
322 bool (*soscc_ApplyToARing)(CFStringRef ringName, CFErrorRef* error);
323 bool (*soscc_WithdrawlFromARing)(CFStringRef ringName, CFErrorRef* error);
324 bool (*soscc_EnableRing)(CFStringRef ringName, CFErrorRef* error);
325 SOSRingStatus (*soscc_RingStatus)(CFStringRef ringName, CFErrorRef* error);
326 CFStringRef (*soscc_CopyDeviceID)(CFErrorRef* error);
327 bool (*soscc_SetDeviceID)(CFStringRef IDS, CFErrorRef *error);
328 HandleIDSMessageReason (*soscc_HandleIDSMessage)(CFDictionaryRef IDS, CFErrorRef *error);
329 bool (*soscc_CheckIDSRegistration)(CFStringRef message, CFErrorRef *error);
330 bool (*soscc_PingTest)(CFStringRef message, CFErrorRef *error);
331 bool (*soscc_GetIDSIDFromIDS)(CFErrorRef *error);
332 bool (*soscc_SetToNew)(CFErrorRef *error);
333 bool (*soscc_ResetToOffering)(CFErrorRef* error);
334 bool (*soscc_ResetToEmpty)(CFErrorRef* error);
335 SOSViewResultCode (*soscc_View)(CFStringRef view, SOSViewActionCode action, CFErrorRef *error);
336 bool (*soscc_ViewSet)(CFSetRef enabledViews, CFSetRef disabledViews);
337 SOSSecurityPropertyResultCode (*soscc_SecurityProperty)(CFStringRef property, SOSSecurityPropertyActionCode action, CFErrorRef *error);
338 bool (*soscc_RegisterSingleRecoverySecret)(CFDataRef backupSlice, bool forV0Only, CFErrorRef *error);
339 bool (*soscc_RemoveThisDeviceFromCircle)(CFErrorRef* error);
340 bool (*soscc_RemovePeersFromCircle)(CFArrayRef peers, CFErrorRef* error);
341 bool (*soscc_LoggedOutOfAccount)(CFErrorRef* error);
342 bool (*soscc_BailFromCircle)(uint64_t limit_in_seconds, CFErrorRef* error);
343 bool (*soscc_AcceptApplicants)(CFArrayRef applicants, CFErrorRef* error);
344 bool (*soscc_RejectApplicants)(CFArrayRef applicants, CFErrorRef* error);
345 SOSPeerInfoRef (*soscc_SetNewPublicBackupKey)(CFDataRef pubKey, CFErrorRef *error);
346 bool (*soscc_ValidateUserPublic)(CFErrorRef* error);
347 CFArrayRef (*soscc_CopyGenerationPeerInfo)(CFErrorRef* error);
348 CFArrayRef (*soscc_CopyApplicantPeerInfo)(CFErrorRef* error);
349 CFArrayRef (*soscc_CopyValidPeerPeerInfo)(CFErrorRef* error);
350 CFArrayRef (*soscc_CopyNotValidPeerPeerInfo)(CFErrorRef* error);
351 CFArrayRef (*soscc_CopyRetirementPeerInfo)(CFErrorRef* error);
352 CFArrayRef (*soscc_CopyViewUnawarePeerInfo)(CFErrorRef* error);
353 CFArrayRef (*soscc_CopyEngineState)(CFErrorRef* error);
354 // Not sure why these are below the last entry in the enum order above, but they are:
355 CFArrayRef (*soscc_CopyPeerInfo)(CFErrorRef* error);
356 CFArrayRef (*soscc_CopyConcurringPeerInfo)(CFErrorRef* error);
357 CFStringRef (*soscc_CopyIncompatibilityInfo)(CFErrorRef* error);
358 enum DepartureReason (*soscc_GetLastDepartureReason)(CFErrorRef* error);
359 bool (*soscc_SetLastDepartureReason)(enum DepartureReason, CFErrorRef* error);
360 CFArrayRef (*ota_CopyEscrowCertificates)(uint32_t escrowRootType, CFErrorRef* error);
361 int (*sec_ota_pki_get_new_asset)(CFErrorRef* error);
362 SyncWithAllPeersReason (*soscc_ProcessSyncWithAllPeers)(CFErrorRef* error);
363 bool (*soscc_EnsurePeerRegistration)(CFErrorRef* error);
364 bool (*sec_roll_keys)(bool force, CFErrorRef* error);
365 CFArrayRef (*sec_keychain_sync_update_message)(CFDictionaryRef update, CFErrorRef *error);
366 CFPropertyListRef (*sec_get_log_settings)(CFErrorRef* error);
367 bool (*sec_set_xpc_log_settings)(CFTypeRef type, CFErrorRef* error);
368 bool (*sec_set_circle_log_settings)(CFTypeRef type, CFErrorRef* error);
369 SOSPeerInfoRef (*soscc_CopyMyPeerInfo)(CFErrorRef*);
370 bool (*soscc_SetHSA2AutoAcceptInfo)(CFDataRef, CFErrorRef*);
371 bool (*soscc_WaitForInitialSync)(CFErrorRef*);
372 CFArrayRef (*soscc_CopyYetToSyncViewsList)(CFErrorRef*);
373 bool (*soscc_SetEscrowRecords)(CFStringRef escrow_label, uint64_t tries, CFErrorRef *error);
374 CFDictionaryRef (*soscc_CopyEscrowRecords)(CFErrorRef *error);
375 bool (*soscc_PeerAvailability)(CFErrorRef *error);
376 bool (*sosbskb_WrapToBackupSliceKeyBagForView)(CFStringRef viewName, CFDataRef input, CFDataRef* output, CFDataRef* bskbEncoded, CFErrorRef* error);
377 CFDataRef (*soscc_CopyAccountState)(CFErrorRef *error);
378 bool (*soscc_DeleteAccountState)(CFErrorRef *error);
379 CFDataRef (*soscc_CopyEngineData)(CFErrorRef *error);
380 bool (*soscc_DeleteEngineState)(CFErrorRef *error);
381 SOSPeerInfoRef (*soscc_CopyApplicant)(CFErrorRef *error);
382 CFDataRef (*soscc_CopyCircleJoiningBlob)(SOSPeerInfoRef applicant, CFErrorRef *error);
383 bool (*soscc_JoinWithCircleJoiningBlob)(CFDataRef joiningBlob, CFErrorRef *error);
384 bool (*soscc_AccountHasPublicKey)(CFErrorRef *error);
385 bool (*soscc_AccountIsNew)(CFErrorRef *error);
386 bool (*sec_item_update_token_items)(CFStringRef tokenID, CFArrayRef query, SecurityClient *client, CFErrorRef* error);
387 bool (*sec_trust_store_copy_all)(SecTrustStoreRef ts, CFArrayRef *trustStoreContents, CFErrorRef *error);
388 bool (*sec_trust_store_copy_usage_constraints)(SecTrustStoreRef ts, CFDataRef digest, CFArrayRef *usageConstraints, CFErrorRef *error);
389 bool (*sec_delete_items_with_access_groups)(CFArrayRef bundleIDs, SecurityClient *client, CFErrorRef *error);
390 bool (*soscc_IsThisDeviceLastBackup)(CFErrorRef *error);
391 bool (*soscc_requestSyncWithPeerOverKVS)(CFStringRef peerID, CFErrorRef *error);
392 bool (*soscc_requestSyncWithPeerOverIDS)(CFStringRef peerID, CFErrorRef *error);
393 CFBooleanRef (*soscc_SOSCCPeersHaveViewsEnabled)(CFArrayRef views, CFErrorRef *error);
394 };
395
396 extern struct securityd *gSecurityd;
397
398 CFArrayRef SecAccessGroupsGetCurrent(void);
399
400 // TODO Rename me
401 CFStringRef SOSCCGetOperationDescription(enum SecXPCOperation op);
402 xpc_object_t securityd_message_with_reply_sync(xpc_object_t message, CFErrorRef *error);
403 xpc_object_t securityd_create_message(enum SecXPCOperation op, CFErrorRef *error);
404 bool securityd_message_no_error(xpc_object_t message, CFErrorRef *error);
405
406
407 bool securityd_send_sync_and_do(enum SecXPCOperation op, CFErrorRef *error,
408 bool (^add_to_message)(xpc_object_t message, CFErrorRef* error),
409 bool (^handle_response)(xpc_object_t response, CFErrorRef* error));
410
411 // For testing only, never call this in a threaded program!
412 void SecServerSetMachServiceName(const char *name);
413
414
415 #endif /* _SECURITYD_CLIENT_H_ */
mirror of Security