keychain/ot/OTBottledPeerSigned.h

   1 /*
   2  * Copyright (c) 2017 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #if OCTAGON
  25 #import <Foundation/Foundation.h>
  26 #import "OTBottledPeer.h"
  27 #import "OTBottledPeerRecord.h"
  28
  29 NS_ASSUME_NONNULL_BEGIN
  30
  31 @interface OTBottledPeerSigned : NSObject
  32 @property (nonatomic, readonly) OTBottledPeer*  bp;
  33 @property (nonatomic, readonly) NSData*         signatureUsingEscrowKey;
  34 @property (nonatomic, readonly) NSData*         signatureUsingPeerKey;
  35 @property (nonatomic, readonly) NSData*         escrowSigningSPKI;
  36
  37 - (instancetype) init NS_UNAVAILABLE;
  38
  39 // Create signatures
  40 - (nullable instancetype) initWithBottledPeer:(OTBottledPeer*)bp
  41                            escrowedSigningKey:(SFECKeyPair *)escrowedSigningKey
  42                                peerSigningKey:(SFECKeyPair *)peerSigningKey
  43                                         error:(NSError**)error;
  44
  45 // Verify signatures, or return nil
  46 - (nullable instancetype) initWithBottledPeer:(OTBottledPeer*)bp
  47                          signatureUsingEscrow:(NSData*)signatureUsingEscrow
  48                         signatureUsingPeerKey:(NSData*)signatureUsingPeerKey
  49                         escrowedSigningPubKey:(SFECPublicKey *)escrowedSigningPubKey
  50                                         error:(NSError**)error;
  51
  52 // Convenience wrapper, verifies signatures
  53 - (nullable instancetype) initWithBottledPeerRecord:(OTBottledPeerRecord *)record
  54                                          escrowKeys:(OTEscrowKeys *)escrowKeys
  55                                               error:(NSError**)error;
  56
  57 - (OTBottledPeerRecord *)asRecord:(NSString*)escrowRecordID;
  58 + (BOOL) verifyBottleSignature:(NSData*)data signature:(NSData*)signature key:(_SFECPublicKey*) pubKey error:(NSError**)error;
  59
  60 @end
  61
  62 NS_ASSUME_NONNULL_END
  63
  64 #endif