1  //
 2  //  SOSAccountCircles.c
 3  //  sec
 4  //
 5  
 6  #include "keychain/SecureObjectSync/SOSAccountPriv.h"
 7  #import "keychain/SecureObjectSync/SOSTransport.h"
 8  #import "keychain/SecureObjectSync/SOSTransportKeyParameter.h"
 9  #import "keychain/SecureObjectSync/SOSTransportMessageKVS.h"
10  #import "keychain/SecureObjectSync/SOSTransportCircleKVS.h"
11  #import "keychain/SecureObjectSync/SOSTransportCircleCK.h"
12  #import "keychain/SecureObjectSync/SOSAccountTrust.h"
13  #import "keychain/SecureObjectSync/SOSAccountTrustClassic.h"
14  #import "keychain/SecureObjectSync/SOSAccountTrustClassic+Expansion.h"
15  #import "keychain/SecureObjectSync/SOSAccountTrustClassic+Circle.h"
16  
17  #include "keychain/SecureObjectSync/SOSPeerInfoCollections.h"
18  #include "SOSCloudKeychainClient.h"
19  
20  //
21  // MARK: Circle management
22  //
23  
24  
25  SOSCircleRef CF_RETURNS_RETAINED SOSAccountEnsureCircle(SOSAccount* a, CFStringRef name, CFErrorRef *error)
26  {
27      CFErrorRef localError = NULL;
28      SOSAccountTrustClassic *trust = a.trust;
29      SOSCircleRef circle = trust.trustedCircle;
30  
31      if (circle == NULL) {
32          circle = SOSCircleCreate(NULL, name, NULL);
33          a.key_interests_need_updating = true;
34          [trust setTrustedCircle:circle];
35      } else {
36          CFRetainSafe(circle);
37      }
38  
39      require_action_quiet(circle || !isSOSErrorCoded(localError, kSOSErrorIncompatibleCircle), fail,
40                           if (error) { *error = localError; localError = NULL; });
41     
42  fail:
43      CFReleaseNull(localError);
44      return circle;
45  }
46  
47  bool SOSAccountEvaluateKeysAndCircle(SOSAccountTransaction *txn, CFErrorRef *error) {
48      // if the userKey signature on the circle doesn't work with the new userkey
49      if([txn.account.trust isInCircleOnly:nil]) {
50          return SOSAccountGenerationSignatureUpdate(txn.account, error);
51      }
52      return true;
53  }