keychain/SecureObjectSync/SOSBackupSliceKeyBag.h

   1 /*
   2  * Copyright (c) 2015 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 /*!
  25  @header SOSBackupSliceKeyBag.h - View Bags - backup bags for views
  26  */
  27
  28 #ifndef _sec_SOSBackupSliceKeyBag_
  29 #define _sec_SOSBackupSliceKeyBag_
  30
  31 #include <CoreFoundation/CoreFoundation.h>
  32 #include <Security/SecureObjectSync/SOSPeerInfo.h>
  33
  34 extern CFStringRef bskbRkbgPrefix;
  35
  36 CFDataRef SOSRKNullKey(void);
  37
  38 // We don't have a portable header (particularly for the SIM) so for now we define the one type we need.
  39 // This should be fixed when we get a portable AKS interface.
  40 typedef int32_t bskb_keybag_handle_t;
  41
  42 typedef struct CF_BRIDGED_TYPE(id) __OpaqueSOSBackupSliceKeyBag *SOSBackupSliceKeyBagRef;
  43
  44 SOSBackupSliceKeyBagRef SOSBackupSliceKeyBagCreate(CFAllocatorRef allocator, CFSetRef peers, CFErrorRef* error);
  45 SOSBackupSliceKeyBagRef SOSBackupSliceKeyBagCreateDirect(CFAllocatorRef allocator, CFDataRef aks_bag, CFErrorRef *error);
  46
  47 SOSBackupSliceKeyBagRef SOSBackupSliceKeyBagCreateWithAdditionalKeys(CFAllocatorRef allocator,
  48                                                                      CFSetRef /*SOSPeerInfoRef*/ peers,
  49                                                                      CFDictionaryRef /*CFStringRef (prefix) CFDataRef (keydata) */ additionalKeys,
  50                                                                      CFErrorRef* error);
  51
  52 SOSBackupSliceKeyBagRef SOSBackupSliceKeyBagCreateFromData(CFAllocatorRef allocator, CFDataRef data, CFErrorRef *error);
  53
  54 CFDataRef SOSBSKBCopyEncoded(SOSBackupSliceKeyBagRef BackupSliceKeyBag, CFErrorRef* error);
  55
  56 //
  57 bool SOSBSKBIsDirect(SOSBackupSliceKeyBagRef backupSliceKeyBag);
  58
  59 CFSetRef SOSBSKBGetPeers(SOSBackupSliceKeyBagRef backupSliceKeyBag);
  60
  61 int SOSBSKBCountPeers(SOSBackupSliceKeyBagRef backupSliceKeyBag);
  62
  63 bool SOSBSKBPeerIsInKeyBag(SOSBackupSliceKeyBagRef backupSliceKeyBag, SOSPeerInfoRef pi);
  64 bool SOSBKSBKeyIsInKeyBag(SOSBackupSliceKeyBagRef backupSliceKeyBag, CFDataRef publicKey);
  65 bool SOSBKSBPeerBackupKeyIsInKeyBag(SOSBackupSliceKeyBagRef backupSliceKeyBag, SOSPeerInfoRef pi);
  66 bool SOSBSKBAllPeersBackupKeysAreInKeyBag(SOSBackupSliceKeyBagRef backupSliceKeyBag, CFSetRef peers);
  67 bool SOSBKSBPrefixedKeyIsInKeyBag(SOSBackupSliceKeyBagRef backupSliceKeyBag, CFStringRef prefix, CFDataRef publicKey);
  68
  69 // Keybag fetching
  70 CFDataRef SOSBSKBCopyAKSBag(SOSBackupSliceKeyBagRef backupSliceKeyBag, CFErrorRef* error);
  71
  72
  73 // Der encoding
  74 const uint8_t* der_decode_BackupSliceKeyBag(CFAllocatorRef allocator,
  75                                   SOSBackupSliceKeyBagRef* BackupSliceKeyBag, CFErrorRef *error,
  76                                   const uint8_t* der, const uint8_t *der_end);
  77
  78 size_t der_sizeof_BackupSliceKeyBag(SOSBackupSliceKeyBagRef BackupSliceKeyBag, CFErrorRef *error);
  79 uint8_t* der_encode_BackupSliceKeyBag(SOSBackupSliceKeyBagRef BackupSliceKeyBag, CFErrorRef *error,
  80                             const uint8_t *der, uint8_t *der_end);
  81
  82 bskb_keybag_handle_t SOSBSKBLoadLocked(SOSBackupSliceKeyBagRef backupSliceKeyBag,
  83                                        CFErrorRef *error);
  84
  85 bskb_keybag_handle_t SOSBSKBLoadAndUnlockWithPeerIDAndSecret(SOSBackupSliceKeyBagRef backupSliceKeyBag,
  86                                                              CFStringRef peerID, CFDataRef peerSecret,
  87                                                              CFErrorRef *error);
  88
  89 bskb_keybag_handle_t SOSBSKBLoadAndUnlockWithPeerSecret(SOSBackupSliceKeyBagRef backupSliceKeyBag,
  90                                                         SOSPeerInfoRef peer, CFDataRef peerSecret,
  91                                                         CFErrorRef *error);
  92
  93 bskb_keybag_handle_t SOSBSKBLoadAndUnlockWithDirectSecret(SOSBackupSliceKeyBagRef backupSliceKeyBag,
  94                                                           CFDataRef directSecret,
  95                                                           CFErrorRef *error);
  96
  97 bskb_keybag_handle_t SOSBSKBLoadAndUnlockWithWrappingSecret(SOSBackupSliceKeyBagRef backupSliceKeyBag,
  98                                                             CFDataRef wrappingSecret,
  99                                                             CFErrorRef *error);
 100
 101 // Utilities for backup keys
 102 bool SOSBSKBIsGoodBackupPublic(CFDataRef publicKey, CFErrorRef *error);
 103
 104 CFDataRef SOSBSKBCopyRecoveryKey(SOSBackupSliceKeyBagRef bskb);
 105 bool SOSBSKBHasRecoveryKey(SOSBackupSliceKeyBagRef bskb);
 106 bool SOSBSKBHasThisRecoveryKey(SOSBackupSliceKeyBagRef bskb, CFDataRef backupKey);
 107
 108 #endif /* defined(_sec_SOSBackupSliceKeyBag_) */