Security-57336.1.9.tar.gz

[apple/security.git] / OSX / sec / SOSCircle / SecureObjectSync / SOSRingUtils.h

diff --git a/OSX/sec/SOSCircle/SecureObjectSync/SOSRingUtils.h b/OSX/sec/SOSCircle/SecureObjectSync/SOSRingUtils.h
new file mode 100644 (file)
index 0000000..d8912c8
--- /dev/null
+++ b/OSX/sec/SOSCircle/SecureObjectSync/SOSRingUtils.h
@@ -0,0 +1,146 @@
+//
+//  SOSRingUtils.h
+//  sec
+//
+//  Created by Richard Murphy on 1/28/15.
+//
+//
+
+#ifndef _sec_SOSRingUtils_
+#define _sec_SOSRingUtils_
+
+#include <CoreFoundation/CFRuntime.h>
+#include <CoreFoundation/CoreFoundation.h>
+#include <utilities/SecCFWrappers.h>
+#include <Security/SecureObjectSync/SOSGenCount.h>
+#include "SOSRing.h"
+
+#define ALLOCATOR NULL
+
+
+struct __OpaqueSOSRing {
+    CFRuntimeBase _base;
+    CFMutableDictionaryRef unSignedInformation;
+    CFMutableDictionaryRef signedInformation;
+    CFMutableDictionaryRef signatures;      // Signatures keyed by peerid
+    CFMutableDictionaryRef data;            // Anything for ring-specific rule support
+};
+
+static inline
+void SOSRingAssertStable(SOSRingRef ring)
+{
+    assert(ring);
+    assert(ring->unSignedInformation);
+    assert(ring->signedInformation);
+    assert(ring->signatures);
+    assert(ring->data);
+}
+
+/* unSignedInformation Dictionary Keys */
+extern CFStringRef sApplicantsKey;
+extern CFStringRef sRejectionsKey;
+extern CFStringRef sRetiredKey;
+extern CFStringRef sLastPeerToModifyKey;
+
+/* signedInformation Dictionary Keys */
+extern CFStringRef sNameKey;
+extern CFStringRef sVersion;
+extern CFStringRef sTypeKey;
+extern CFStringRef sIdentifierKey;
+extern CFStringRef sGenerationKey;
+extern CFStringRef sPeerIDsKey;
+extern CFStringRef sRingVersionKey;
+
+SOSRingRef SOSRingAllocate(void);
+SOSRingRef SOSRingCreate_Internal(CFStringRef name, SOSRingType type, CFErrorRef *error);
+SOSRingRef SOSRingCopyRing(SOSRingRef original, CFErrorRef *error);
+
+bool SOSRingVerifySignatureExists(SOSRingRef ring, SecKeyRef pubKey, CFErrorRef *error);
+bool SOSRingVerify(SOSRingRef ring, SecKeyRef pubKey, CFErrorRef *error);
+bool SOSRingVerifyPeerSigned(SOSRingRef ring, SOSPeerInfoRef peer, CFErrorRef *error);
+bool SOSRingGenerationSign_Internal(SOSRingRef ring, SecKeyRef privKey, CFErrorRef *error);
+bool SOSRingConcordanceSign_Internal(SOSRingRef ring, SecKeyRef privKey, CFErrorRef *error);
+SOSConcordanceStatus GetSignersStatus(CFSetRef peers, SOSRingRef signersRing, SOSRingRef statusRing,
+                                      SecKeyRef userPubkey, CFStringRef excludePeerID, CFErrorRef *error);
+SOSConcordanceStatus GetSignersStatus_Transitive(CFSetRef peers, SOSRingRef signersRing, SOSRingRef statusRing,
+                                                 SecKeyRef userPubkey, CFStringRef excludePeerID, CFErrorRef *error);
+SOSConcordanceStatus SOSRingUserKeyConcordanceTrust(SOSFullPeerInfoRef me, CFSetRef peers, SOSRingRef knownRing, SOSRingRef proposedRing,
+                                                    SecKeyRef knownPubkey, SecKeyRef userPubkey,
+                                                    CFStringRef excludePeerID, CFErrorRef *error);
+SOSConcordanceStatus SOSRingPeerKeyConcordanceTrust(SOSFullPeerInfoRef me, CFSetRef peers, SOSRingRef knownRing, SOSRingRef proposedRing,
+                                                    __unused SecKeyRef knownPubkey, SecKeyRef userPubkey,
+                                                    CFStringRef excludePeerID, CFErrorRef *error);
+
+bool SOSRingHasPeerWithID(SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
+
+int SOSRingCountPeers(SOSRingRef ring);
+CFStringRef SOSRingSignerList(SOSRingRef ring);
+CFDictionaryRef SOSRingPeerIDList(SOSRingRef ring);
+
+
+int SOSRingCountApplicants(SOSRingRef ring);
+bool SOSRingHasApplicant(SOSRingRef ring, CFStringRef peerID);
+CFMutableSetRef SOSRingCopyApplicants(SOSRingRef ring);
+
+int SOSRingCountRejections(SOSRingRef ring);
+bool SOSRingHasRejection(SOSRingRef ring, CFStringRef peerID);
+CFMutableSetRef SOSRingCopyRejections(SOSRingRef ring);
+bool SOSRingHasPeerWithID(SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
+
+// Use this to determine whether a ring your interogating is the "same one" that you think you're going to change.
+bool SOSRingIsSame(SOSRingRef ring1, SOSRingRef ring2);
+
+const char *SOSRingGetNameC(SOSRingRef ring);
+
+void SOSRingGenerationIncrement(SOSRingRef ring);
+bool SOSRingIsOlderGeneration(SOSRingRef olderRing, SOSRingRef newerRing);
+
+bool SOSRingSetApplicants(SOSRingRef ring, CFMutableSetRef applicants);
+
+bool SOSRingSetLastModifier(SOSRingRef ring, CFStringRef peerID);
+
+bool SOSRingResetToEmpty_Internal(SOSRingRef ring, CFErrorRef *error);
+bool SOSRingIsEmpty_Internal(SOSRingRef ring);
+bool SOSRingIsOffering_Internal(SOSRingRef ring);
+
+
+bool SOSRingAddApplicant(SOSRingRef ring, CFStringRef peerid);
+bool SOSRingRemoveApplicant(SOSRingRef ring, CFStringRef peerid);
+
+bool SOSRingAddRejection(SOSRingRef ring, CFStringRef peerid);
+bool SOSRingRemoveRejection(SOSRingRef ring, CFStringRef peerid);
+CFDataRef SOSRingGetPayload_Internal(SOSRingRef ring);
+bool SOSRingSetPayload_Internal(SOSRingRef ring, CFDataRef payload);
+CFSetRef SOSRingGetBackupViewset_Internal(SOSRingRef ring);
+bool SOSRingSetBackupViewset_Internal(SOSRingRef ring, CFSetRef viewSet);
+bool SOSRingSetPeerIDs(SOSRingRef ring, CFMutableSetRef peers);
+int SOSRingCountPeerIDs(SOSRingRef ring);
+bool SOSRingHasPeerID(SOSRingRef ring, CFStringRef peerID);
+CFMutableSetRef SOSRingCopyPeerIDs(SOSRingRef ring);
+void SOSRingAddAll(SOSRingRef ring, CFSetRef peerInfosOrIDs);
+bool SOSRingAddPeerID(SOSRingRef ring, CFStringRef peerid);
+bool SOSRingRemovePeerID(SOSRingRef ring, CFStringRef peerid);
+void SOSRingForEachPeerID(SOSRingRef ring, void (^action)(CFStringRef peerID));
+
+size_t SOSRingGetDEREncodedSize(SOSRingRef ring, CFErrorRef *error);
+uint8_t* SOSRingEncodeToDER(SOSRingRef ring, CFErrorRef* error, const uint8_t* der, uint8_t* der_end);
+SOSRingRef SOSRingCreateFromDER(CFErrorRef* error, const uint8_t** der_p, const uint8_t *der_end);
+
+CFDictionaryRef SOSRingCreateRetirementTicket(SOSFullPeerInfoRef fpi, CFErrorRef *error);
+
+#if 0
+int SOSRingCountActivePeers(SOSCircleRef circle, SOSRingRef ring);
+int SOSRingCountActiveValidPeers(SOSCircleRef circle, SOSRingRef ring, SecKeyRef pubkey);
+int SOSRingCountRetiredPeers(SOSCircleRef circle, SOSRingRef ring);
+void SOSRingForEachPeer(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
+void SOSRingForEachRetiredPeer(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
+void SOSRingForEachActivePeer(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
+void SOSRingForEachActiveValidPeer(SOSCircleRef circle, SOSRingRef ring, SecKeyRef user_public_key, void (^action)(SOSPeerInfoRef peer));
+SOSPeerInfoRef SOSRingCopyPeerWithID(SOSCircleRef circle, SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
+bool SOSRingHasActivePeerWithID(SOSCircleRef circle, SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
+bool SOSRingHasActiveValidPeerWithID(SOSCircleRef circle, SOSRingRef ring, CFStringRef peerid, SecKeyRef user_public_key, CFErrorRef *error);
+void SOSRingForEachApplicant(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
+bool SOSRingResetToOffering_Internal(SOSCircleRef circle, SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error);
+#endif
+
+#endif /* defined(_sec_SOSRingUtils_) */