keychain/ckks/CKKSManifest.h

   1 /*
   2  * Copyright (c) 2016 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #if OCTAGON
  25
  26 #import <Foundation/Foundation.h>
  27 #import <SecurityFoundation/SFKey.h>
  28 #import "CKKSRecordHolder.h"
  29
  30 NS_ASSUME_NONNULL_BEGIN
  31
  32 extern NSString* const CKKSManifestZoneKey;
  33 extern NSString* const CKKSManifestSignerIDKey;
  34 extern NSString* const CKKSManifestGenCountKey;
  35
  36 @class CKKSManifestMasterRecord;
  37 @class CKRecord;
  38 @class CKKSItem;
  39 @class CKKSCurrentItemPointer;
  40
  41 @interface CKKSManifest : CKKSCKRecordHolder
  42
  43 @property (readonly, class) NSUInteger greatestKnownGenerationCount;
  44
  45 @property (nonatomic, readonly) NSData* digestValue;
  46 @property (nonatomic, readonly) NSUInteger generationCount;
  47 @property (nonatomic, readonly) NSString* signerID;
  48
  49 + (void)performWithAccountInfo:(void (^)(void))action;
  50
  51 + (bool)shouldSyncManifests;
  52 + (bool)shouldEnforceManifests;
  53
  54 + (nullable instancetype)manifestForZone:(NSString*)zone peerID:(NSString*)peerID error:(NSError**)error;
  55 + (nullable instancetype)manifestForRecordName:(NSString*)recordName error:(NSError**)error;
  56 + (nullable instancetype)latestTrustedManifestForZone:(NSString*)zone error:(NSError**)error;
  57
  58 - (BOOL)updateWithRecord:(CKRecord*)record error:(NSError**)error;
  59
  60 - (BOOL)validateWithError:(NSError**)error;
  61 - (BOOL)validateItem:(CKKSItem*)item withError:(NSError**)error;
  62 - (BOOL)validateCurrentItem:(CKKSCurrentItemPointer*)currentItem withError:(NSError**)error;
  63 - (BOOL)itemUUIDExistsInManifest:(NSString*)uuid;
  64 - (BOOL)contentsAreEqualToManifest:(CKKSManifest*)otherManifest;
  65
  66 @end
  67
  68 @interface CKKSPendingManifest : CKKSManifest
  69
  70 @property (readonly, getter=isReadyToCommmit) BOOL readyToCommit;
  71
  72 - (nullable CKKSManifest*)commitToDatabaseWithError:(NSError**)error;
  73
  74 @end
  75
  76 @interface CKKSEgoManifest : CKKSManifest
  77
  78 + (nullable CKKSEgoManifest*)tryCurrentEgoManifestForZone:(NSString*)zone;
  79 + (nullable instancetype)newManifestForZone:(NSString*)zone
  80                                   withItems:(NSArray<CKKSItem*>*)items
  81                             peerManifestIDs:(NSArray<NSString*>*)peerManifestIDs
  82                                currentItems:(NSDictionary*)currentItems
  83                                       error:(NSError**)error;
  84
  85 - (void)updateWithNewOrChangedRecords:(NSArray<CKRecord*>*)newOrChangedRecords
  86                      deletedRecordIDs:(NSArray<CKRecordID*>*)deletedRecordIDs;
  87 - (void)setCurrentItemUUID:(NSString*)newCurrentItemUUID forIdentifier:(NSString*)currentPointerIdentifier;
  88
  89 - (NSArray<CKRecord*>*)allCKRecordsWithZoneID:(CKRecordZoneID*)zoneID;
  90
  91 @end
  92
  93 // ----------------------------------------------------
  94 // Declarations for unit tests
  95
  96 @class CKKSManifestInjectionPointHelper;
  97
  98 @interface CKKSManifest (UnitTesting)
  99
 100 - (void)nilAllIvars;
 101
 102 @end
 103
 104 @interface CKKSEgoManifest (UnitTesting)
 105
 106 + (nullable instancetype)newFakeManifestForZone:(NSString*)zone
 107                                 withItemRecords:(NSArray<CKRecord*>*)itemRecords
 108                                    currentItems:(NSDictionary*)currentItems
 109                                        signerID:(NSString*)signerID
 110                                         keyPair:(SFECKeyPair*)keyPair
 111                                           error:(NSError**)error;
 112
 113 @end
 114
 115 @interface CKKSManifestInjectionPointHelper : NSObject
 116
 117 @property (class) BOOL ignoreChanges;  // turn to YES to have changes to the database get ignored by CKKSManifest to support negative testing
 118
 119 + (void)registerEgoPeerID:(NSString*)egoPeerID keyPair:(SFECKeyPair*)keyPair;
 120
 121 @end
 122
 123 NS_ASSUME_NONNULL_END
 124
 125 #endif