-//
-// SOSRingUtils.h
-// sec
-//
-// Created by Richard Murphy on 1/28/15.
-//
-//
-
-#ifndef _sec_SOSRingUtils_
-#define _sec_SOSRingUtils_
-
-#include <CoreFoundation/CFRuntime.h>
-#include <CoreFoundation/CoreFoundation.h>
-#include <utilities/SecCFWrappers.h>
-#include <Security/SecureObjectSync/SOSGenCount.h>
-#include "SOSRing.h"
-
-#define ALLOCATOR NULL
-
-
-struct __OpaqueSOSRing {
- CFRuntimeBase _base;
- CFMutableDictionaryRef unSignedInformation;
- CFMutableDictionaryRef signedInformation;
- CFMutableDictionaryRef signatures; // Signatures keyed by peerid
- CFMutableDictionaryRef data; // Anything for ring-specific rule support
-};
-
-static inline
-void SOSRingAssertStable(SOSRingRef ring)
-{
- assert(ring);
- assert(ring->unSignedInformation);
- assert(ring->signedInformation);
- assert(ring->signatures);
- assert(ring->data);
-}
-
-static inline
-bool SOSRingIsStable(SOSRingRef ring) {
- return (ring) && (ring->unSignedInformation) && (ring->signedInformation) && (ring->signatures)&& (ring->data);
-}
-
-/* unSignedInformation Dictionary Keys */
-extern CFStringRef sApplicantsKey;
-extern CFStringRef sRejectionsKey;
-extern CFStringRef sRetiredKey;
-extern CFStringRef sLastPeerToModifyKey;
-
-/* signedInformation Dictionary Keys */
-extern CFStringRef sNameKey;
-extern CFStringRef sVersion;
-extern CFStringRef sTypeKey;
-extern CFStringRef sIdentifierKey;
-extern CFStringRef sGenerationKey;
-extern CFStringRef sPeerIDsKey;
-extern CFStringRef sRingVersionKey;
-
-CF_RETURNS_RETAINED SOSRingRef SOSRingAllocate(void);
-SOSRingRef SOSRingCreate_Internal(CFStringRef name, SOSRingType type, CFErrorRef *error);
-SOSRingRef SOSRingCopyRing(SOSRingRef original, CFErrorRef *error);
-
-bool SOSRingVerifySignatureExists(SOSRingRef ring, SecKeyRef pubKey, CFErrorRef *error);
-bool SOSRingVerify(SOSRingRef ring, SecKeyRef pubKey, CFErrorRef *error);
-bool SOSRingVerifyPeerSigned(SOSRingRef ring, SOSPeerInfoRef peer, CFErrorRef *error);
-bool SOSRingGenerationSign_Internal(SOSRingRef ring, SecKeyRef privKey, CFErrorRef *error);
-bool SOSRingConcordanceSign_Internal(SOSRingRef ring, SecKeyRef privKey, CFErrorRef *error);
-SOSConcordanceStatus GetSignersStatus(CFSetRef peers, SOSRingRef signersRing, SOSRingRef statusRing,
- SecKeyRef userPubkey, CFStringRef excludePeerID, CFErrorRef *error);
-SOSConcordanceStatus GetSignersStatus_Transitive(CFSetRef peers, SOSRingRef signersRing, SOSRingRef statusRing,
- SecKeyRef userPubkey, CFStringRef excludePeerID, CFErrorRef *error);
-SOSConcordanceStatus SOSRingUserKeyConcordanceTrust(SOSFullPeerInfoRef me, CFSetRef peers, SOSRingRef knownRing, SOSRingRef proposedRing,
- SecKeyRef knownPubkey, SecKeyRef userPubkey,
- CFStringRef excludePeerID, CFErrorRef *error);
-SOSConcordanceStatus SOSRingPeerKeyConcordanceTrust(SOSFullPeerInfoRef me, CFSetRef peers, SOSRingRef knownRing, SOSRingRef proposedRing,
- __unused SecKeyRef knownPubkey, SecKeyRef userPubkey,
- CFStringRef excludePeerID, CFErrorRef *error);
-
-bool SOSRingHasPeerWithID(SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
-
-int SOSRingCountPeers(SOSRingRef ring);
-CFStringRef SOSRingCopySignerList(SOSRingRef ring);
-CFDictionaryRef SOSRingCopyPeerIDList(SOSRingRef ring);
-
-
-int SOSRingCountApplicants(SOSRingRef ring);
-bool SOSRingHasApplicant(SOSRingRef ring, CFStringRef peerID);
-CFMutableSetRef SOSRingCopyApplicants(SOSRingRef ring);
-
-int SOSRingCountRejections(SOSRingRef ring);
-bool SOSRingHasRejection(SOSRingRef ring, CFStringRef peerID);
-CFMutableSetRef SOSRingCopyRejections(SOSRingRef ring);
-bool SOSRingHasPeerWithID(SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
-
-// Use this to determine whether a ring your interogating is the "same one" that you think you're going to change.
-bool SOSRingIsSame(SOSRingRef ring1, SOSRingRef ring2);
-
-const char *SOSRingGetNameC(SOSRingRef ring);
-
-void SOSRingGenerationIncrement(SOSRingRef ring);
-bool SOSRingIsOlderGeneration(SOSRingRef olderRing, SOSRingRef newerRing);
-void SOSRingGenerationCreateWithBaseline(SOSRingRef newring, SOSRingRef baseline);
-
-bool SOSRingSetApplicants(SOSRingRef ring, CFMutableSetRef applicants);
-
-bool SOSRingSetLastModifier(SOSRingRef ring, CFStringRef peerID);
-
-bool SOSRingResetToEmpty_Internal(SOSRingRef ring, CFErrorRef *error);
-bool SOSRingIsEmpty_Internal(SOSRingRef ring);
-bool SOSRingIsOffering_Internal(SOSRingRef ring);
-
-
-bool SOSRingAddApplicant(SOSRingRef ring, CFStringRef peerid);
-bool SOSRingRemoveApplicant(SOSRingRef ring, CFStringRef peerid);
-
-bool SOSRingAddRejection(SOSRingRef ring, CFStringRef peerid);
-bool SOSRingRemoveRejection(SOSRingRef ring, CFStringRef peerid);
-CFDataRef SOSRingGetPayload_Internal(SOSRingRef ring);
-bool SOSRingSetPayload_Internal(SOSRingRef ring, CFDataRef payload);
-CFSetRef SOSRingGetBackupViewset_Internal(SOSRingRef ring);
-bool SOSRingSetBackupViewset_Internal(SOSRingRef ring, CFSetRef viewSet);
-bool SOSRingSetPeerIDs(SOSRingRef ring, CFMutableSetRef peers);
-int SOSRingCountPeerIDs(SOSRingRef ring);
-bool SOSRingHasPeerID(SOSRingRef ring, CFStringRef peerID);
-CFMutableSetRef SOSRingCopyPeerIDs(SOSRingRef ring);
-void SOSRingAddAll(SOSRingRef ring, CFSetRef peerInfosOrIDs);
-bool SOSRingAddPeerID(SOSRingRef ring, CFStringRef peerid);
-bool SOSRingRemovePeerID(SOSRingRef ring, CFStringRef peerid);
-void SOSRingForEachPeerID(SOSRingRef ring, void (^action)(CFStringRef peerID));
-
-size_t SOSRingGetDEREncodedSize(SOSRingRef ring, CFErrorRef *error);
-uint8_t* SOSRingEncodeToDER(SOSRingRef ring, CFErrorRef* error, const uint8_t* der, uint8_t* der_end);
-SOSRingRef SOSRingCreateFromDER(CFErrorRef* error, const uint8_t** der_p, const uint8_t *der_end);
-
-CFDictionaryRef SOSRingCreateRetirementTicket(SOSFullPeerInfoRef fpi, CFErrorRef *error);
-
-#if 0
-int SOSRingCountActivePeers(SOSCircleRef circle, SOSRingRef ring);
-int SOSRingCountActiveValidPeers(SOSCircleRef circle, SOSRingRef ring, SecKeyRef pubkey);
-int SOSRingCountRetiredPeers(SOSCircleRef circle, SOSRingRef ring);
-void SOSRingForEachPeer(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
-void SOSRingForEachRetiredPeer(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
-void SOSRingForEachActivePeer(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
-void SOSRingForEachActiveValidPeer(SOSCircleRef circle, SOSRingRef ring, SecKeyRef user_public_key, void (^action)(SOSPeerInfoRef peer));
-SOSPeerInfoRef SOSRingCopyPeerWithID(SOSCircleRef circle, SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
-bool SOSRingHasActivePeerWithID(SOSCircleRef circle, SOSRingRef ring, CFStringRef peerid, CFErrorRef *error);
-bool SOSRingHasActiveValidPeerWithID(SOSCircleRef circle, SOSRingRef ring, CFStringRef peerid, SecKeyRef user_public_key, CFErrorRef *error);
-void SOSRingForEachApplicant(SOSCircleRef circle, SOSRingRef ring, void (^action)(SOSPeerInfoRef peer));
-bool SOSRingResetToOffering_Internal(SOSCircleRef circle, SOSRingRef ring, SecKeyRef user_privkey, SOSFullPeerInfoRef requestor, CFErrorRef *error);
-#endif
-
-#endif /* defined(_sec_SOSRingUtils_) */
projects / apple / security.git / blobdiff