TrustedPeersHelperProtocol.h [plain text]
#import <Foundation/Foundation.h>
#import <TrustedPeers/TrustedPeers.h>
#import "keychain/ckks/CKKSKeychainBackedKey.h"
#import "keychain/ckks/CKKSTLKShare.h"
#import "keychain/ot/OTConstants.h"
NS_ASSUME_NONNULL_BEGIN
@interface TrustedPeersHelperPeerState : NSObject <NSSecureCoding>
@property (nullable) NSString* peerID;
@property BOOL identityIsPreapproved;
@property TPPeerStatus peerStatus;
@property BOOL memberChanges;
@property BOOL unknownMachineIDsPresent;
@property (nullable) NSString* osVersion;
- (instancetype)initWithPeerID:(NSString* _Nullable)peerID
isPreapproved:(BOOL)isPreapproved
status:(TPPeerStatus)peerStatus
memberChanges:(BOOL)memberChanges
unknownMachineIDs:(BOOL)unknownMachineIDs
osVersion:(NSString * _Nullable)osVersion;
@end
@interface TrustedPeersHelperPeer : NSObject <NSSecureCoding>
@property (nullable) NSString* peerID;
@property (nullable) NSData* signingSPKI;
@property (nullable) NSData* encryptionSPKI;
@property (nullable) NSSet<NSString*>* viewList;
- (instancetype)initWithPeerID:(NSString*)peerID
signingSPKI:(NSData*)signingSPKI
encryptionSPKI:(NSData*)encryptionSPKI
viewList:(NSSet<NSString*>*)viewList;
@end
@interface TrustedPeersHelperEgoPeerStatus : NSObject <NSSecureCoding>
@property TPPeerStatus egoStatus;
@property NSString* _Nullable egoPeerID;
@property (assign) uint64_t numberOfPeersInOctagon;
@property NSDictionary<NSString*, NSNumber*>* viablePeerCountsByModelID;
@property NSDictionary<NSString*, NSNumber*>* peerCountsByMachineID;
@property BOOL isExcluded;
@property BOOL isLocked;
- (instancetype)initWithEgoPeerID:(NSString* _Nullable)egoPeerID
status:(TPPeerStatus)egoStatus
viablePeerCountsByModelID:(NSDictionary<NSString*, NSNumber*>*)viablePeerCountsByModelID
peerCountsByMachineID:(NSDictionary<NSString*, NSNumber*>*)peerCountsByMachineID
isExcluded:(BOOL)isExcluded
isLocked:(BOOL)isLocked;
@end
@protocol TrustedPeersHelperProtocol
- (void)pingWithReply:(void (^)(void))reply;
- (void)dumpWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(NSDictionary * _Nullable, NSError * _Nullable))reply;
- (void)departByDistrustingSelfWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(NSError * _Nullable))reply;
- (void)distrustPeerIDsWithContainer:(NSString *)container
context:(NSString *)context
peerIDs:(NSSet<NSString*>*)peerIDs
reply:(void (^)(NSError * _Nullable))reply;
- (void)trustStatusWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(TrustedPeersHelperEgoPeerStatus *status,
NSError* _Nullable error))reply;
- (void)resetWithContainer:(NSString *)container
context:(NSString *)context
resetReason:(CuttlefishResetReason)reason
reply:(void (^)(NSError * _Nullable error))reply;
- (void)localResetWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(NSError * _Nullable error))reply;
- (void)setAllowedMachineIDsWithContainer:(NSString *)container
context:(NSString *)context
allowedMachineIDs:(NSSet<NSString*> *)allowedMachineIDs
reply:(void (^)(BOOL listDifferences, NSError * _Nullable error))reply;
- (void)addAllowedMachineIDsWithContainer:(NSString *)container
context:(NSString *)context
machineIDs:(NSArray<NSString*> *)machineIDs
reply:(void (^)(NSError * _Nullable error))reply;
- (void)removeAllowedMachineIDsWithContainer:(NSString *)container
context:(NSString *)context
machineIDs:(NSArray<NSString*> *)machineIDs
reply:(void (^)(NSError * _Nullable error))reply;
- (void)fetchAllowedMachineIDsWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(NSSet<NSString*>* _Nullable machineIDs, NSError* _Nullable error))reply;
- (void)fetchEgoEpochWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(unsigned long long epoch,
NSError * _Nullable error))reply;
- (void)prepareWithContainer:(NSString *)container
context:(NSString *)context
epoch:(unsigned long long)epoch
machineID:(NSString *)machineID
bottleSalt:(NSString *)bottleSalt
bottleID:(NSString *)bottleID
modelID:(NSString *)modelID
deviceName:(nullable NSString*)deviceName
serialNumber:(NSString *)serialNumber
osVersion:(NSString *)osVersion
policyVersion:(nullable NSNumber *)policyVersion
policySecrets:(nullable NSDictionary<NSString*,NSData*> *)policySecrets
signingPrivKeyPersistentRef:(nullable NSData *)spkPr
encPrivKeyPersistentRef:(nullable NSData*)epkPr
reply:(void (^)(NSString * _Nullable peerID,
NSData * _Nullable permanentInfo,
NSData * _Nullable permanentInfoSig,
NSData * _Nullable stableInfo,
NSData * _Nullable stableInfoSig,
NSError * _Nullable error))reply;
- (void)establishWithContainer:(NSString *)container
context:(NSString *)context
ckksKeys:(NSArray<CKKSKeychainBackedKeySet*> *)viewKeySets
tlkShares:(NSArray<CKKSTLKShare*> *)tlkShares
preapprovedKeys:(nullable NSArray<NSData*> *)preapprovedKeys
reply:(void (^)(NSString * _Nullable peerID,
NSArray<CKRecord*>* _Nullable keyHierarchyRecords,
NSError * _Nullable error))reply;
- (void)vouchWithContainer:(NSString *)container
context:(NSString *)context
peerID:(NSString *)peerID
permanentInfo:(NSData *)permanentInfo
permanentInfoSig:(NSData *)permanentInfoSig
stableInfo:(NSData *)stableInfo
stableInfoSig:(NSData *)stableInfoSig
ckksKeys:(NSArray<CKKSKeychainBackedKeySet*> *)viewKeySets
reply:(void (^)(NSData * _Nullable voucher,
NSData * _Nullable voucherSig,
NSError * _Nullable error))reply;
- (void)preflightVouchWithBottleWithContainer:(NSString *)container
context:(NSString *)context
bottleID:(NSString*)bottleID
reply:(void (^)(NSString* _Nullable peerID,
NSError * _Nullable error))reply;
- (void)vouchWithBottleWithContainer:(NSString *)container
context:(NSString *)context
bottleID:(NSString*)bottleID
entropy:(NSData*)entropy
bottleSalt:(NSString*)bottleSalt
tlkShares:(NSArray<CKKSTLKShare*> *)tlkShares
reply:(void (^)(NSData * _Nullable voucher,
NSData * _Nullable voucherSig,
NSError * _Nullable error))reply;
- (void)vouchWithRecoveryKeyWithContainer:(NSString *)container
context:(NSString *)context
recoveryKey:(NSString*)recoveryKey
salt:(NSString*)salt
tlkShares:(NSArray<CKKSTLKShare*> *)tlkShares
reply:(void (^)(NSData * _Nullable voucher,
NSData * _Nullable voucherSig,
NSError * _Nullable error))reply;
- (void)joinWithContainer:(NSString *)container
context:(NSString *)context
voucherData:(NSData *)voucherData
voucherSig:(NSData *)voucherSig
ckksKeys:(NSArray<CKKSKeychainBackedKeySet*> *)viewKeySets
tlkShares:(NSArray<CKKSTLKShare*> *)tlkShares
preapprovedKeys:(NSArray<NSData*> *)preapprovedKeys
reply:(void (^)(NSString * _Nullable peerID,
NSArray<CKRecord*>* _Nullable keyHierarchyRecords,
NSError * _Nullable error))reply;
- (void)preflightPreapprovedJoinWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(BOOL launchOkay,
NSError * _Nullable error))reply;
- (void)attemptPreapprovedJoinWithContainer:(NSString *)container
context:(NSString *)context
ckksKeys:(NSArray<CKKSKeychainBackedKeySet*> *)ckksKeys
tlkShares:(NSArray<CKKSTLKShare*> *)tlkShares
preapprovedKeys:(NSArray<NSData*> *)preapprovedKeys
reply:(void (^)(NSString * _Nullable peerID,
NSArray<CKRecord*>* _Nullable keyHierarchyRecords,
NSError * _Nullable error))reply;
- (void)updateWithContainer:(NSString *)container
context:(NSString *)context
deviceName:(nullable NSString *)deviceName
serialNumber:(nullable NSString *)serialNumber
osVersion:(nullable NSString *)osVersion
policyVersion:(nullable NSNumber *)policyVersion
policySecrets:(nullable NSDictionary<NSString*,NSData*> *)policySecrets
reply:(void (^)(TrustedPeersHelperPeerState* _Nullable peerState, NSError * _Nullable error))reply;
- (void)setPreapprovedKeysWithContainer:(NSString *)container
context:(NSString *)context
preapprovedKeys:(NSArray<NSData*> *)preapprovedKeys
reply:(void (^)(NSError * _Nullable error))reply;
- (void)updateTLKsWithContainer:(NSString *)container
context:(NSString *)context
ckksKeys:(NSArray<CKKSKeychainBackedKeySet*> *)ckksKeys
tlkShares:(NSArray<CKKSTLKShare*> *)tlkShares
reply:(void (^)(NSArray<CKRecord*>* _Nullable keyHierarchyRecords, NSError * _Nullable error))reply;
- (void)fetchViableBottlesWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(NSArray<NSString*>* _Nullable sortedBottleIDs, NSArray<NSString*>* _Nullable sortedPartialBottleIDs, NSError* _Nullable error))reply;
- (void)fetchEscrowContentsWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(NSData* _Nullable entropy,
NSString* _Nullable bottleID,
NSData* _Nullable signingPublicKey,
NSError* _Nullable error))reply;
- (void)fetchPolicyDocumentsWithContainer:(NSString*)container
context:(NSString*)context
keys:(NSDictionary<NSNumber*,NSString*>*)keys
reply:(void (^)(NSDictionary<NSNumber*,NSArray<NSString*>*>* _Nullable entries,
NSError * _Nullable error))reply;
- (void)fetchPolicyWithContainer:(NSString*)container
context:(NSString*)context
reply:(void (^)(TPPolicy * _Nullable policy,
NSError * _Nullable error))reply;
- (void)validatePeersWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(NSDictionary * _Nullable, NSError * _Nullable))reply;
- (void)fetchTrustStateWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(TrustedPeersHelperPeerState* _Nullable selfPeerState,
NSArray<TrustedPeersHelperPeer*>* _Nullable trustedPeers,
NSError* _Nullable error))reply;
- (void)setRecoveryKeyWithContainer:(NSString *)container
context:(NSString *)context
recoveryKey:(NSString *)recoveryKey
salt:(NSString *)salt
ckksKeys:(NSArray<CKKSKeychainBackedKeySet*> *)ckksKeys
reply:(void (^)(NSError* _Nullable error))reply;
- (void)reportHealthWithContainer:(NSString *)container
context:(NSString *)context
stateMachineState:(NSString *)state
trustState:(NSString *)trustState
reply:(void (^)(NSError* _Nullable error))reply;
- (void)pushHealthInquiryWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(NSError* _Nullable error))reply;
- (void)getViewsWithContainer:(NSString *)container
context:(NSString *)context
inViews:(NSArray<NSString*>*)inViews
reply:(void (^)(NSArray<NSString*>* _Nullable, NSError* _Nullable))reply;
- (void)requestHealthCheckWithContainer:(NSString *)container
context:(NSString *)context
requiresEscrowCheck:(BOOL)requiresEscrowCheck
reply:(void (^)(BOOL postRepairCFU, BOOL postEscrowCFU, BOOL resetOctagon, NSError* _Nullable))reply;
- (void)getSupportAppInfoWithContainer:(NSString *)container
context:(NSString *)context
reply:(void (^)(NSData * _Nullable, NSError * _Nullable))reply;
@end
NSXPCInterface* TrustedPeersHelperSetupProtocol(NSXPCInterface* interface);
NS_ASSUME_NONNULL_END