OSX/sec/SOSCircle/SecureObjectSync/SOSRingBasic.m

   1 //
   2 //  SOSRingBasic.c
   3 //  sec
   4 //
   5 //  Created by Richard Murphy on 3/3/15.
   6 //
   7 //
   8
   9 #include "SOSRingBasic.h"
  10
  11 #include <AssertMacros.h>
  12
  13 #include <Security/SecureObjectSync/SOSInternal.h>
  14 #include <Security/SecureObjectSync/SOSPeerInfoInternal.h>
  15 #include <Security/SecureObjectSync/SOSPeerInfoCollections.h>
  16 #include <Security/SecureObjectSync/SOSCircle.h>
  17 #include <Security/SecFramework.h>
  18
  19 #include <Security/SecKey.h>
  20 #include <Security/SecKeyPriv.h>
  21 #include <CoreFoundation/CoreFoundation.h>
  22
  23 #include <utilities/SecCFWrappers.h>
  24
  25 #include <stdlib.h>
  26 #include <assert.h>
  27
  28 #include "SOSRingUtils.h"
  29 #include "SOSRingTypes.h"
  30
  31 // MARK: Basic Ring Ops
  32
  33 SOSRingRef SOSRingCreate_Basic(CFStringRef name, CFStringRef myPeerID, CFErrorRef *error) {
  34     return SOSRingCreate_ForType(name, kSOSRingBase, myPeerID, error);
  35 }
  36
  37 bool SOSRingResetToEmpty_Basic(SOSRingRef ring, CFStringRef myPeerID, CFErrorRef *error) {
  38     return SOSRingResetToEmpty_Internal(ring, error) && SOSRingSetLastModifier(ring, myPeerID);
  39 }
  40
  41 bool SOSRingResetToOffering_Basic(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
  42     CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
  43     SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
  44     bool retval = priv && myPeerID &&
  45     SOSRingResetToEmpty_Internal(ring, error) &&
  46     SOSRingAddPeerID(ring, myPeerID) &&
  47     SOSRingSetLastModifier(ring, myPeerID) &&
  48     SOSRingGenerationSign_Internal(ring, priv, error);
  49     if(user_privkey) SOSRingConcordanceSign_Internal(ring, user_privkey, error);
  50     CFReleaseNull(priv);
  51     return retval;
  52 }
  53
  54 SOSRingStatus SOSRingDeviceIsInRing_Basic(SOSRingRef ring, CFStringRef peerID) {
  55     if(SOSRingHasPeerID(ring, peerID)) return kSOSRingMember;
  56     if(SOSRingHasApplicant(ring, peerID)) return kSOSRingApplicant;
  57     if(SOSRingHasRejection(ring, peerID)) return kSOSRingReject;
  58     return kSOSRingNotInRing;
  59 }
  60
  61 bool SOSRingApply_Basic(SOSRingRef ring, SecKeyRef user_pubkey, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
  62     bool retval = false;
  63     CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
  64     SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
  65     require_action_quiet(SOSRingDeviceIsInRing_Basic(ring, myPeerID) == kSOSRingNotInRing, errOut, secnotice("ring", "Already associated with ring"));
  66     retval = priv && myPeerID &&
  67         SOSRingAddPeerID(ring, myPeerID) &&
  68         SOSRingSetLastModifier(ring, myPeerID) &&
  69         SOSRingGenerationSign_Internal(ring, priv, error);
  70 errOut:
  71     CFReleaseNull(priv);
  72     return retval;
  73
  74 }
  75
  76 bool SOSRingWithdraw_Basic(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
  77     CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
  78     if(SOSRingHasPeerID(ring, myPeerID)) {
  79         SOSRingRemovePeerID(ring, myPeerID);
  80     } else if(SOSRingHasApplicant(ring, myPeerID)) {
  81         SOSRingRemoveApplicant(ring, myPeerID);
  82     } else if(SOSRingHasRejection(ring, myPeerID)) {
  83         SOSRingRemoveRejection(ring, myPeerID);
  84     } else {
  85         SOSCreateError(kSOSErrorPeerNotFound, CFSTR("Not associated with Ring"), NULL, error);
  86         return false;
  87     }
  88     SOSRingSetLastModifier(ring, myPeerID);
  89
  90     SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
  91     SOSRingGenerationSign_Internal(ring, priv, error);
  92     if(user_privkey) SOSRingConcordanceSign_Internal(ring, user_privkey, error);
  93     CFReleaseNull(priv);
  94     return true;
  95 }
  96
  97 bool SOSRingGenerationSign_Basic(SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
  98     CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
  99     SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
 100     bool retval = priv && myPeerID &&
 101     SOSRingSetLastModifier(ring, myPeerID) &&
 102     SOSRingGenerationSign_Internal(ring, priv, error);
 103     if(user_privkey) SOSRingConcordanceSign_Internal(ring, user_privkey, error);
 104     CFReleaseNull(priv);
 105     return retval;
 106 }
 107
 108 bool SOSRingConcordanceSign_Basic(SOSRingRef ring, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
 109     CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
 110     SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
 111     bool retval = priv && myPeerID &&
 112     SOSRingSetLastModifier(ring, myPeerID) &&
 113     SOSRingConcordanceSign_Internal(ring, priv, error);
 114     CFReleaseNull(priv);
 115     return retval;
 116 }
 117
 118 bool SOSRingSetPayload_Basic(SOSRingRef ring, SecKeyRef user_privkey, CFDataRef payload, SOSFullPeerInfoRef requestor, CFErrorRef *error) {
 119     CFStringRef myPeerID = SOSPeerInfoGetPeerID(SOSFullPeerInfoGetPeerInfo(requestor));
 120     SecKeyRef priv = SOSFullPeerInfoCopyDeviceKey(requestor, error);
 121     bool retval = priv && myPeerID &&
 122     SOSRingSetLastModifier(ring, myPeerID) &&
 123     SOSRingSetPayload_Internal(ring, payload) &&
 124     SOSRingGenerationSign_Internal(ring, priv, error);
 125     if(user_privkey) SOSRingConcordanceSign_Internal(ring, user_privkey, error);
 126     CFReleaseNull(priv);
 127     return retval;
 128 }
 129
 130 CFDataRef SOSRingGetPayload_Basic(SOSRingRef ring, CFErrorRef *error) {
 131     return SOSRingGetPayload_Internal(ring);
 132 }
 133
 134
 135 ringFuncStruct basic = {
 136     "Basic",
 137     1,
 138     SOSRingCreate_Basic,
 139     SOSRingResetToEmpty_Basic,
 140     SOSRingResetToOffering_Basic,
 141     SOSRingDeviceIsInRing_Basic,
 142     SOSRingApply_Basic,
 143     SOSRingWithdraw_Basic,
 144     SOSRingGenerationSign_Basic,
 145     SOSRingConcordanceSign_Basic,
 146     SOSRingPeerKeyConcordanceTrust,
 147     NULL,
 148     NULL,
 149     SOSRingSetPayload_Basic,
 150     SOSRingGetPayload_Basic,
 151 };