]> git.saurik.com Git - apple/security.git/blob - keychain/SecureObjectSync/SOSRingUtils.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-59306.11.20.tar.gz
[apple/security.git] / keychain / SecureObjectSync / SOSRingUtils.h
1 //
2 // SOSRingUtils.h
3 // sec
4 //
5 // Created by Richard Murphy on 1/28/15.
6 //
7 //
8
9 #ifndef _sec_SOSRingUtils_
10 #define _sec_SOSRingUtils_
11
12 #include <CoreFoundation/CFRuntime.h>
13 #include <CoreFoundation/CoreFoundation.h>
14 #include <utilities/SecCFWrappers.h>
15 #include "keychain/SecureObjectSync/SOSGenCount.h"
16 #include "SOSRing.h"
17
18 #define ALLOCATOR NULL
19
20
21 struct __OpaqueSOSRing {
22 CFRuntimeBase _base;
23 CFMutableDictionaryRef unSignedInformation;
24 CFMutableDictionaryRef signedInformation;
25 CFMutableDictionaryRef signatures; // Signatures keyed by peerid
26 CFMutableDictionaryRef data; // Anything for ring-specific rule support
27 };
28
29 static inline
30 void SOSRingAssertStable(SOSRingRef ring)
31 {
32 assert(ring);
33 assert(ring->unSignedInformation);
34 assert(ring->signedInformation);
35 assert(ring->signatures);
36 assert(ring->data);
37 }
38
39 static inline
40 bool SOSRingIsStable(SOSRingRef ring) {
41 return (ring) && (ring->unSignedInformation) && (ring->signedInformation) && (ring->signatures)&& (ring->data);
42 }
43
44 /* unSignedInformation Dictionary Keys */
45 extern CFStringRef sApplicantsKey;
46 extern CFStringRef sRejectionsKey;
47 extern CFStringRef sRetiredKey;
48 extern CFStringRef sLastPeerToModifyKey;
49
50 /* signedInformation Dictionary Keys */
51 extern CFStringRef sNameKey;
52 extern CFStringRef sVersion;
53 extern CFStringRef sTypeKey;
54 extern CFStringRef sIdentifierKey;
55 extern CFStringRef sGenerationKey;
56 extern CFStringRef sPeerIDsKey;
57 extern CFStringRef sRingVersionKey;
58
59 CF_RETURNS_RETAINED SOSRingRef SOSRingAllocate(void);
60 SOSRingRef SOSRingCreate_Internal(CFStringRef name, SOSRingType type, CFErrorRef *error);
61 SOSRingRef SOSRingCopyRing(SOSRingRef original, CFErrorRef *error);
62
63 bool SOSRingRemoveSignatures(SOSRingRef ring, CFErrorRef *error);
64 bool SOSRingVerifySignatureExists(SOSRingRef ring, SecKeyRef pubKey, CFErrorRef *error);
65 bool SOSRingVerify(SOSRingRef ring, SecKeyRef pubKey, CFErrorRef *error);
66 bool SOSRingVerifyPeerSigned(SOSRingRef ring, SOSPeerInfoRef peer, CFErrorRef *error);
67 bool SOSRingGenerationSign_Internal(SOSRingRef ring, SecKeyRef privKey, CFErrorRef *error);
68 bool SOSRingConcordanceSign_Internal(SOSRingRef ring, SecKeyRef privKey, CFErrorRef *error);
69 SOSConcordanceStatus GetSignersStatus(CFSetRef peers, SOSRingRef signersRing, SOSRingRef statusRing,
70 SecKeyRef userPubkey, CFStringRef excludePeerID, CFErrorRef *error);
71 SOSConcordanceStatus GetSignersStatus_Transitive(CFSetRef peers, SOSRingRef signersRing, SOSRingRef statusRing,
72 SecKeyRef userPubkey, CFStringRef excludePeerID, CFErrorRef *error);
73 SOSConcordanceStatus SOSRingUserKeyConcordanceTrust(SOSFullPeerInfoRef me, CFSetRef peers, SOSRingRef knownRing, SOSRingRef proposedRing,
74 SecKeyRef knownPubkey, SecKeyRef userPubkey,
75 CFStringRef excludePeerID, CFErrorRef *error);
76 SOSConcordanceStatus SOSRingPeerKeyConcordanceTrust(SOSFullPeerInfoRef me, CFSetRef peers, SOSRingRef knownRing, SOSRingRef proposedRing,
77 __unused SecKeyRef knownPubkey, SecKeyRef userPubkey,
78 CFStringRef excludePeerID, CFErrorRef *error);
79
80 bool SOSRingHasPeerWithID(SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
81
82 int SOSRingCountPeers(SOSRingRef ring);
83 CFStringRef SOSRingCopySignerList(SOSRingRef ring);
84 CFDictionaryRef SOSRingCopyPeerIDList(SOSRingRef ring);
85
86
87 int SOSRingCountApplicants(SOSRingRef ring);
88 bool SOSRingHasApplicant(SOSRingRef ring, CFStringRef peerID);
89 CFMutableSetRef SOSRingCopyApplicants(SOSRingRef ring);
90
91 int SOSRingCountRejections(SOSRingRef ring);
92 bool SOSRingHasRejection(SOSRingRef ring, CFStringRef peerID);
93 CFMutableSetRef SOSRingCopyRejections(SOSRingRef ring);
94 bool SOSRingHasPeerWithID(SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
95
96 // Use this to determine whether a ring your interogating is the "same one" that you think you're going to change.
97 bool SOSRingIsSame(SOSRingRef ring1, SOSRingRef ring2);
98
99 const char *SOSRingGetNameC(SOSRingRef ring);
100
101 void SOSRingGenerationIncrement(SOSRingRef ring);
102 bool SOSRingIsOlderGeneration(SOSRingRef olderRing, SOSRingRef newerRing);
103 void SOSRingGenerationCreateWithBaseline(SOSRingRef newring, SOSRingRef baseline);
104
105 bool SOSRingSetApplicants(SOSRingRef ring, CFMutableSetRef applicants);
106
107 bool SOSRingSetLastModifier(SOSRingRef ring, CFStringRef peerID);
108
109 bool SOSRingResetToEmpty_Internal(SOSRingRef ring, CFErrorRef *error);
110 bool SOSRingIsEmpty_Internal(SOSRingRef ring);
111 bool SOSRingIsOffering_Internal(SOSRingRef ring);
112
113
114 bool SOSRingAddApplicant(SOSRingRef ring, CFStringRef peerid);
115 bool SOSRingRemoveApplicant(SOSRingRef ring, CFStringRef peerid);
116
117 bool SOSRingAddRejection(SOSRingRef ring, CFStringRef peerid);
118 bool SOSRingRemoveRejection(SOSRingRef ring, CFStringRef peerid);
119 CFDataRef SOSRingGetPayload_Internal(SOSRingRef ring);
120 bool SOSRingSetPayload_Internal(SOSRingRef ring, CFDataRef payload);
121 CFSetRef SOSRingGetBackupViewset_Internal(SOSRingRef ring);
122 bool SOSRingSetBackupViewset_Internal(SOSRingRef ring, CFSetRef viewSet);
123 bool SOSRingSetPeerIDs(SOSRingRef ring, CFMutableSetRef peers);
124 int SOSRingCountPeerIDs(SOSRingRef ring);
125 bool SOSRingHasPeerID(SOSRingRef ring, CFStringRef peerID);
126 CFMutableSetRef SOSRingCopyPeerIDs(SOSRingRef ring);
127 void SOSRingAddAll(SOSRingRef ring, CFSetRef peerInfosOrIDs);
128 bool SOSRingAddPeerID(SOSRingRef ring, CFStringRef peerid);
129 bool SOSRingRemovePeerID(SOSRingRef ring, CFStringRef peerid);
130 void SOSRingForEachPeerID(SOSRingRef ring, void (^action)(CFStringRef peerID));
131
132 size_t SOSRingGetDEREncodedSize(SOSRingRef ring, CFErrorRef *error);
133 uint8_t* SOSRingEncodeToDER(SOSRingRef ring, CFErrorRef* error, const uint8_t* der, uint8_t* der_end);
134 SOSRingRef SOSRingCreateFromDER(CFErrorRef* error, const uint8_t** der_p, const uint8_t *der_end);
135
136 CFDictionaryRef SOSRingCreateRetirementTicket(SOSFullPeerInfoRef fpi, CFErrorRef *error);
137
138 #if 0
139 int SOSRingCountActivePeers(SOSCircleRef circle, SOSRingRef ring);
140 int SOSRingCountActiveValidPeers(SOSCircleRef circle, SOSRingRef ring, SecKeyRef pubkey);
141 int SOSRingCountRetiredPeers(SOSCircleRef circle, SOSRingRef ring);
142 void SOSRingForEachPeer(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
143 void SOSRingForEachRetiredPeer(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
144 void SOSRingForEachActivePeer(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
145 void SOSRingForEachActiveValidPeer(SOSCircleRef circle, SOSRingRef ring, SecKeyRef user_public_key, void (^action)(SOSPeerInfoRef peer));
146 SOSPeerInfoRef SOSRingCopyPeerWithID(SOSCircleRef circle, SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
147 bool SOSRingHasActivePeerWithID(SOSCircleRef circle, SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
148 bool SOSRingHasActiveValidPeerWithID(SOSCircleRef circle, SOSRingRef ring, CFStringRef peerid, SecKeyRef user_public_key, CFErrorRef *error);
149 void SOSRingForEachApplicant(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
150 bool SOSRingResetToOffering_Internal(SOSCircleRef circle, SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error);
151 #endif
152
153 #endif /* defined(_sec_SOSRingUtils_) */
mirror of Security