]> git.saurik.com Git - apple/security.git/blob - OSX/sec/securityd/SecItemServer.h
Security-57740.31.2.tar.gz
[apple/security.git] / OSX / sec / securityd / SecItemServer.h
1 /*
2 * Copyright (c) 2007-2009,2012-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*!
25 @header SecItemServer
26 The functions provided in SecItemServer.h provide an interface to
27 the backend for SecItem APIs in the server.
28 */
29
30 #ifndef _SECURITYD_SECITEMSERVER_H_
31 #define _SECURITYD_SECITEMSERVER_H_
32
33 #include <CoreFoundation/CoreFoundation.h>
34 #include <Security/SecureObjectSync/SOSCircle.h>
35 #include <securityd/SecDbQuery.h>
36 #include <utilities/SecDb.h>
37 #include <TargetConditionals.h>
38 #include "securityd_client.h"
39
40
41 __BEGIN_DECLS
42
43 bool _SecItemAdd(CFDictionaryRef attributes, SecurityClient *client, CFTypeRef *result, CFErrorRef *error);
44 bool _SecItemCopyMatching(CFDictionaryRef query, SecurityClient *client, CFTypeRef *result, CFErrorRef *error);
45 bool _SecItemUpdate(CFDictionaryRef query, CFDictionaryRef attributesToUpdate, SecurityClient *client, CFErrorRef *error);
46 bool _SecItemDelete(CFDictionaryRef query, SecurityClient *client, CFErrorRef *error);
47 bool _SecItemDeleteAll(CFErrorRef *error);
48 bool _SecItemServerDeleteAllWithAccessGroups(CFArrayRef accessGroups, SecurityClient *client, CFErrorRef *error);
49
50 bool _SecServerRestoreKeychain(CFErrorRef *error);
51 bool _SecServerMigrateKeychain(int32_t handle_in, CFDataRef data_in, int32_t *handle_out, CFDataRef *data_out, CFErrorRef *error);
52 CFDataRef _SecServerKeychainCreateBackup(SecurityClient *client, CFDataRef keybag, CFDataRef passcode, CFErrorRef *error);
53 bool _SecServerKeychainRestore(CFDataRef backup, SecurityClient *client, CFDataRef keybag, CFDataRef passcode, CFErrorRef *error);
54 CFStringRef _SecServerBackupCopyUUID(CFDataRef backup, CFErrorRef *error);
55
56 bool _SecItemUpdateTokenItems(CFStringRef tokenID, CFArrayRef items, SecurityClient *client, CFErrorRef *error);
57
58 CF_RETURNS_RETAINED CFArrayRef _SecServerKeychainSyncUpdateMessage(CFDictionaryRef updates, CFErrorRef *error);
59 bool _SecServerKeychainSyncUpdateIDSMessage(CFDictionaryRef updates, CFErrorRef *error);
60 CF_RETURNS_RETAINED CFDictionaryRef _SecServerBackupSyncable(CFDictionaryRef backup, CFDataRef keybag, CFDataRef password, CFErrorRef *error);
61
62 int SecServerKeychainTakeOverBackupFD(CFStringRef backupName, CFErrorRef *error);
63
64 bool _SecServerRestoreSyncable(CFDictionaryRef backup, CFDataRef keybag, CFDataRef password, CFErrorRef *error);
65
66 #if TARGET_OS_IOS
67 bool _SecServerTransmogrifyToSystemKeychain(SecurityClient *client, CFErrorRef *error);
68 bool _SecServerTransmogrifyToSyncBubble(CFArrayRef services, uid_t uid, SecurityClient *client, CFErrorRef *error);
69 bool _SecServerDeleteMUSERViews(SecurityClient *client, uid_t uid, CFErrorRef *error);
70
71 bool _SecAddSharedWebCredential(CFDictionaryRef attributes, SecurityClient *client, const audit_token_t *clientAuditToken, CFStringRef appID, CFArrayRef domains, CFTypeRef *result, CFErrorRef *error);
72 bool _SecCopySharedWebCredential(CFDictionaryRef query, SecurityClient *client, const audit_token_t *clientAuditToken, CFStringRef appID, CFArrayRef domains, CFTypeRef *result, CFErrorRef *error);
73 #endif /* TARGET_OS_IOS */
74
75 // Hack to log objects from inside SOS code
76 void SecItemServerAppendItemDescription(CFMutableStringRef desc, CFDictionaryRef object);
77
78 SecDbRef SecKeychainDbCreate(CFStringRef path);
79
80 void
81 _SecServerDatabaseSetup(void);
82
83
84 /* For whitebox testing only */
85 void SecKeychainDbReset(dispatch_block_t inbetween);
86
87
88 SOSDataSourceFactoryRef SecItemDataSourceFactoryGetDefault(void);
89
90 /* FIXME: there is a specific type for keybag handle (keybag_handle_t)
91 but it's not defined for simulator so we just use an int32_t */
92 void SecItemServerSetKeychainKeybag(int32_t keybag);
93 void SecItemServerResetKeychainKeybag(void);
94
95 void SecItemServerSetKeychainChangedNotification(const char *notification_name);
96
97 CFStringRef __SecKeychainCopyPath(void);
98
99 bool _SecServerRollKeys(bool force, SecurityClient *client, CFErrorRef *error);
100 bool _SecServerRollKeysGlue(bool force, CFErrorRef *error);
101
102 struct _SecServerKeyStats {
103 unsigned long items;
104 CFIndex maxDataSize;
105 CFIndex averageSize;
106 };
107
108 bool _SecServerGetKeyStats(const SecDbClass *qclass, struct _SecServerKeyStats *stats);
109
110
111
112
113 // Should all be blocks called from SecItemDb
114 bool match_item(SecDbConnectionRef dbt, Query *q, CFArrayRef accessGroups, CFDictionaryRef item);
115 bool itemInAccessGroup(CFDictionaryRef item, CFArrayRef accessGroups);
116 void SecKeychainChanged(bool syncWithPeers);
117
118 extern void (*SecTaskDiagnoseEntitlements)(CFArrayRef accessGroups);
119
120 __END_DECLS
121
122 #endif /* _SECURITYD_SECITEMSERVER_H_ */