--- /dev/null
+/*
+ * Copyright (c) 2012-2014 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+
+#ifndef _SOSPEERINFO_H_
+#define _SOSPEERINFO_H_
+
+#include <CoreFoundation/CoreFoundation.h>
+#include <Security/SecKey.h>
+#include <CommonCrypto/CommonDigestSPI.h>
+#include <corecrypto/ccdigest.h>
+
+#include <Security/SecureObjectSync/SOSTypes.h>
+
+__BEGIN_DECLS
+
+typedef struct __OpaqueSOSPeerInfo *SOSPeerInfoRef;
+
+// Bumped to 3 from 2 so we can identify pre-iCDP peers and add the proper views.
+#define PEERINFO_CURRENT_VERSION 3
+
+enum {
+ kSOSPeerVersion = 2,
+ kSOSPeerV2BaseVersion = 2,
+};
+
+
+enum {
+ SOSPeerCmpPubKeyHash = 0,
+ SOSPeerCmpName = 1,
+};
+typedef uint32_t SOSPeerInfoCmpSelect;
+
+CFTypeID SOSPeerInfoGetTypeID(void);
+
+static inline bool isSOSPeerInfo(CFTypeRef obj) {
+ return obj && (CFGetTypeID(obj) == SOSPeerInfoGetTypeID());
+}
+
+static inline SOSPeerInfoRef asSOSPeerInfo(CFTypeRef obj) {
+ return isSOSPeerInfo(obj) ? (SOSPeerInfoRef) obj : NULL;
+}
+
+SOSPeerInfoRef SOSPeerInfoCreate(CFAllocatorRef allocator, CFDictionaryRef gestalt, CFDataRef backup_key, SecKeyRef signingKey, SecKeyRef octagonSigningKey, SecKeyRef octagonPeerEncryptionKey, CFErrorRef* error);
+
+SOSPeerInfoRef SOSPeerInfoCreateWithTransportAndViews(CFAllocatorRef allocator, CFDictionaryRef gestalt, CFDataRef backup_key,
+ CFStringRef IDSID, CFStringRef transportType, CFBooleanRef preferIDS,
+ CFBooleanRef preferFragmentation, CFBooleanRef preferAckModel, CFSetRef enabledViews, SecKeyRef signingKey, SecKeyRef octagonSigningKey, SecKeyRef octagonPeerEncryptionKey, CFErrorRef* error);
+
+SOSPeerInfoRef SOSPeerInfoCreateCloudIdentity(CFAllocatorRef allocator, CFDictionaryRef gestalt, SecKeyRef signingKey, CFErrorRef* error);
+
+SOSPeerInfoRef SOSPeerInfoCreateCopy(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFErrorRef* error);
+SOSPeerInfoRef SOSPeerInfoCreateCurrentCopy(CFAllocatorRef allocator, SOSPeerInfoRef toCopy,
+ CFStringRef IDSID, CFStringRef transportType, CFBooleanRef preferIDS, CFBooleanRef preferFragmentation, CFBooleanRef preferAckModel, CFSetRef enabledViews,
+ SecKeyRef signingKey, CFErrorRef* error);
+bool SOSPeerInfoVersionIsCurrent(SOSPeerInfoRef pi);
+bool SOSPeerInfoVersionHasV2Data(SOSPeerInfoRef pi);
+SOSPeerInfoRef SOSPeerInfoCopyWithGestaltUpdate(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFDictionaryRef gestalt, SecKeyRef signingKey, CFErrorRef* error);
+SOSPeerInfoRef SOSPeerInfoCopyWithBackupKeyUpdate(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFDataRef backupKey, SecKeyRef signingKey, CFErrorRef* error);
+SOSPeerInfoRef SOSPeerInfoCopyWithEscrowRecordUpdate(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFStringRef dsid, CFDictionaryRef escrowRecord, SecKeyRef signingKey, CFErrorRef *error);
+SOSPeerInfoRef SOSPeerInfoCopyWithReplacedEscrowRecords(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, CFDictionaryRef escrowRecords, SecKeyRef signingKey, CFErrorRef *error);
+
+
+SOSPeerInfoRef SOSPeerInfoCopyWithViewsChange(CFAllocatorRef allocator, SOSPeerInfoRef toCopy,
+ SOSViewActionCode action, CFStringRef viewname, SOSViewResultCode *retval,
+ SecKeyRef signingKey, CFErrorRef* error);
+SOSPeerInfoRef SOSPeerInfoCopyAsApplication(SOSPeerInfoRef pi, SecKeyRef userkey, SecKeyRef peerkey, CFErrorRef *error);
+
+SOSPeerInfoRef SOSPeerInfoCopyWithPing(CFAllocatorRef allocator, SOSPeerInfoRef toCopy, SecKeyRef signingKey, CFErrorRef* error);
+SOSPeerInfoRef SOSPeerInfoCopyAsApplication(SOSPeerInfoRef pi, SecKeyRef userkey, SecKeyRef peerkey, CFErrorRef *error);
+
+bool SOSPeerInfoUpdateDigestWithPublicKeyBytes(SOSPeerInfoRef peer, const struct ccdigest_info *di,
+ ccdigest_ctx_t ctx, CFErrorRef *error);
+bool SOSPeerInfoUpdateDigestWithDescription(SOSPeerInfoRef peer, const struct ccdigest_info *di,
+ ccdigest_ctx_t ctx, CFErrorRef *error);
+
+bool SOSPeerInfoApplicationVerify(SOSPeerInfoRef pi, SecKeyRef userkey, CFErrorRef *error);
+
+CF_RETURNS_RETAINED CFDateRef SOSPeerInfoGetApplicationDate(SOSPeerInfoRef pi);
+
+
+//
+// Transfered Data
+//
+bool SOSPeerInfoHasBackupKey(SOSPeerInfoRef peer);
+CFDataRef SOSPeerInfoCopyBackupKey(SOSPeerInfoRef peer);
+CFMutableDictionaryRef SOSPeerInfoCopyEscrowRecord(SOSPeerInfoRef peer);
+
+//
+// DER Import Export
+//
+SOSPeerInfoRef SOSPeerInfoCreateFromDER(CFAllocatorRef allocator, CFErrorRef* error,
+ const uint8_t** der_p, const uint8_t *der_end);
+
+SOSPeerInfoRef SOSPeerInfoCreateFromData(CFAllocatorRef allocator, CFErrorRef* error,
+ CFDataRef peerinfo_data);
+
+size_t SOSPeerInfoGetDEREncodedSize(SOSPeerInfoRef peer, CFErrorRef *error);
+uint8_t* SOSPeerInfoEncodeToDER(SOSPeerInfoRef peer, CFErrorRef* error,
+ const uint8_t* der, uint8_t* der_end);
+
+CFDataRef SOSPeerInfoCopyEncodedData(SOSPeerInfoRef peer, CFAllocatorRef allocator, CFErrorRef *error);
+
+//
+// Gestalt info about the peer. It was fetched by the implementation on the other side.
+// probably has what you're looking for..
+//
+CFTypeRef SOSPeerInfoLookupGestaltValue(SOSPeerInfoRef pi, CFStringRef key);
+CFDictionaryRef SOSPeerInfoCopyPeerGestalt(SOSPeerInfoRef pi);
+CFDictionaryRef SOSPeerGetGestalt(SOSPeerInfoRef pi);
+CFStringRef SOSPeerInfoGetPeerName(SOSPeerInfoRef peer);
+
+//
+// Syntactic Sugar for some commone ones, might get deprectated at this level.
+//
+
+CFStringRef SOSPeerInfoGetPeerDeviceType(SOSPeerInfoRef peer);
+CFIndex SOSPeerInfoGetPeerProtocolVersion(SOSPeerInfoRef peer);
+
+
+// Stringified ID for this peer, not human readable.
+CFStringRef SOSPeerInfoGetPeerID(SOSPeerInfoRef peer);
+bool SOSPeerInfoPeerIDEqual(SOSPeerInfoRef pi, CFStringRef myPeerID);
+
+CFIndex SOSPeerInfoGetVersion(SOSPeerInfoRef peer);
+
+//
+// Peer Info Gestalt Helpers
+//
+CFStringRef SOSPeerGestaltGetName(CFDictionaryRef gestalt);
+
+// These are Mobile Gestalt questions. Not all Gestalt questions are carried.
+CFTypeRef SOSPeerGestaltGetAnswer(CFDictionaryRef gestalt, CFStringRef question);
+
+SecKeyRef SOSPeerInfoCopyPubKey(SOSPeerInfoRef peer, CFErrorRef *error);
+SecKeyRef SOSPeerInfoCopyOctagonSigningPublicKey(SOSPeerInfoRef peer, CFErrorRef* error);
+SecKeyRef SOSPeerInfoCopyOctagonEncryptionPublicKey(SOSPeerInfoRef peer, CFErrorRef* error);
+void SOSPeerInfoSetOctagonKeysInDescription(SOSPeerInfoRef peer, SecKeyRef octagonSigningKey,
+ SecKeyRef octagonEncryptionKey, CFErrorRef *error);
+CFDataRef SOSPeerInfoGetAutoAcceptInfo(SOSPeerInfoRef peer);
+
+CFComparisonResult SOSPeerInfoCompareByID(const void *val1, const void *val2, void *context);
+CFComparisonResult SOSPeerInfoCompareByApplicationDate(const void *val1, const void *val2, void *context);
+
+SOSPeerInfoRef SOSPeerInfoCreateRetirementTicket(CFAllocatorRef allocator, SecKeyRef privKey, SOSPeerInfoRef peer, CFErrorRef *error);
+
+CFStringRef SOSPeerInfoInspectRetirementTicket(SOSPeerInfoRef pi, CFErrorRef *error);
+
+bool SOSPeerInfoRetireRetirementTicket(size_t max_days, SOSPeerInfoRef pi);
+
+CF_RETURNS_RETAINED CFDateRef SOSPeerInfoGetRetirementDate(SOSPeerInfoRef pi);
+
+bool SOSPeerInfoIsRetirementTicket(SOSPeerInfoRef pi);
+
+bool SOSPeerInfoIsCloudIdentity(SOSPeerInfoRef pi);
+
+CF_RETURNS_RETAINED SOSPeerInfoRef SOSPeerInfoUpgradeSignatures(CFAllocatorRef allocator, SecKeyRef privKey, SecKeyRef perKey, SOSPeerInfoRef peer, CFErrorRef *error);
+
+SOSViewResultCode SOSPeerInfoViewStatus(SOSPeerInfoRef pi, CFStringRef view, CFErrorRef *error);
+
+CFSetRef SOSPeerInfoGetPermittedViews(SOSPeerInfoRef peer);
+bool SOSPeerInfoIsEnabledView(SOSPeerInfoRef peer, CFStringRef viewName);
+CFMutableSetRef SOSPeerInfoCopyEnabledViews(SOSPeerInfoRef peer);
+void SOSPeerInfoWithEnabledViewSet(SOSPeerInfoRef pi, void (^operation)(CFSetRef enabled));
+uint64_t SOSViewBitmaskFromSet(CFSetRef views);
+uint64_t SOSPeerInfoViewBitMask(SOSPeerInfoRef pi);
+
+bool SOSPeerInfoKVSOnly(SOSPeerInfoRef pi);
+CFStringRef SOSPeerInfoCopyTransportType(SOSPeerInfoRef peer);
+CFStringRef SOSPeerInfoCopyDeviceID(SOSPeerInfoRef peer);
+
+/* octagon keys */
+SOSPeerInfoRef CF_RETURNS_RETAINED
+SOSPeerInfoSetOctagonSigningKey(CFAllocatorRef allocator,
+ SOSPeerInfoRef toCopy,
+ SecKeyRef octagonSigningKey,
+ SecKeyRef signingKey,
+ CFErrorRef *error);
+
+SOSPeerInfoRef CF_RETURNS_RETAINED
+SOSPeerInfoSetOctagonEncryptionKey(CFAllocatorRef allocator,
+ SOSPeerInfoRef toCopy,
+ SecKeyRef octagonEncryptionKey,
+ SecKeyRef signingKey,
+ CFErrorRef *error);
+
+SOSPeerInfoRef CF_RETURNS_RETAINED
+SOSPeerInfoSetOctagonKeys(CFAllocatorRef allocator,
+ SOSPeerInfoRef toCopy,
+ SecKeyRef octagonSigningKey,
+ SecKeyRef octagonEncryptionKey,
+ SecKeyRef signingKey,
+ CFErrorRef *error);
+
+CFStringRef SOSPeerInfoCopySerialNumber(SOSPeerInfoRef pi);
+
+void SOSPeerInfoLogState(char *category, SOSPeerInfoRef pi, SecKeyRef pubKey, CFStringRef myPID, char sigchr);
+
+enum {
+ SOSPeerInfo_unknown = 0,
+ SOSPeerInfo_iCloud = 1,
+ SOSPeerInfo_iOS = 2,
+ SOSPeerInfo_macOS = 3,
+ SOSPeerInfo_watchOS = 4,
+ SOSPeerInfo_tvOS = 5,
+};
+typedef uint32_t SOSPeerInfoDeviceClass;
+
+SOSPeerInfoDeviceClass SOSPeerInfoGetClass(SOSPeerInfoRef pi);
+
+bool SOSPeerInfoSign(SecKeyRef privKey, SOSPeerInfoRef peer, CFErrorRef *error);
+
+__END_DECLS
+
+#endif
projects / apple / security.git / blobdiff