Logo Search packages:      
Sourcecode: virtualbox-ose version File versions  Download package

securestorage.h

/*
 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


//
// securestorage - client interface to CSP DLs and their operations
//
#ifndef _H_CDSA_CLIENT_SECURESTORAGE
#define _H_CDSA_CLIENT_SECURESTORAGE  1

#include <security_cdsa_client/cspclient.h>
#include <security_cdsa_client/dlclient.h>
#include <security_cdsa_client/keyclient.h>

namespace Security
{

namespace CssmClient
{

//
// A CSP and a DL attachment of the same subservice
//
// This gives us 2 Object instances, but we make sure that have the same
// mImpl.  Currently this class has no behaviour, but it will get some in
// the future.
//
class CSPDLImpl : public CSPImpl, public DLImpl
{
public:
      CSPDLImpl(const Guid &guid);
      CSPDLImpl(const Module &module);
      virtual ~CSPDLImpl();

      // Object methods.
      bool isActive() const { return CSPImpl::isActive() || DLImpl::isActive(); }

      virtual Allocator &allocator() const;
      virtual void allocator(Allocator &alloc);

      virtual bool operator <(const CSPDLImpl &other) const;
      virtual bool operator ==(const CSPDLImpl &other) const;

      // Attachment methods.
      virtual CSSM_SERVICE_MASK subserviceMask() const;
      virtual void subserviceId(uint32 id);

      uint32 subserviceId() const { return CSPImpl::subserviceId(); }
      CSSM_ATTACH_FLAGS cspFlags() const { return CSPImpl::flags(); }
      void cspFlags(CSSM_ATTACH_FLAGS f) { CSPImpl::flags(f); }
      CSSM_ATTACH_FLAGS dlFlags() const { return DLImpl::flags(); }
      void dlFlags(CSSM_ATTACH_FLAGS f) { DLImpl::flags(f); }

      void attach() { CSPImpl::attach(); DLImpl::attach(); }
      void detach() { CSPImpl::detach(); DLImpl::detach(); }
      bool attached() const { return CSPImpl::attached() || DLImpl::attached(); }

      Module module() const { return CSPImpl::module(); }
      const Guid &guid() const { return CSPImpl::guid(); }
      CSSM_MODULE_HANDLE cspHandle() { return CSPImpl::handle(); }
      CSSM_MODULE_HANDLE dlHandle() { return DLImpl::handle(); }

      CssmSubserviceUid subserviceUid() const
      { return CSPImpl::subserviceUid(); }

private:
};


class CSPDL : public CSP, public DL
{
public:
      typedef CSPDLImpl Impl;

      explicit CSPDL(Impl *impl) : CSP(impl), DL(impl) {}
      CSPDL(const Guid &guid) : CSP(new Impl(guid)), DL(&CSP::impl<Impl>()) {}
      CSPDL(const Module &module)
            : CSP(new Impl(module)), DL(&CSP::impl<Impl>()) {}

      //template <class _Impl> _Impl &impl() const
      //{ return CSP::impl<_Impl>(); }

      Impl *get() const { return &CSP::impl<Impl>(); }
      Impl *operator ->() const { return &CSP::impl<Impl>(); }
      Impl &operator *() const { return CSP::impl<Impl>(); }

      // Conversion operators must be here
      bool operator !() const { return !get(); }
      operator bool() const { return get(); }

      bool operator <(const CSPDL &other) const
      { return *this && other ? **this < *other : get() < other.get(); }
      bool operator ==(const CSPDL &other) const
      { return *this && other ? **this == *other : get() == other.get(); }
};


//
// SSCSPDL -- Secure storage class
//
class SSCSPDLImpl : public CSPDLImpl
{
public:
      SSCSPDLImpl(const Guid &guid);
      SSCSPDLImpl(const Module &module);
      virtual ~SSCSPDLImpl();

      // DbMaker
      DbImpl *newDb(const char *inDbName, const CSSM_NET_ADDRESS *inDbLocation);
private:
};

class SSCSPDL : public CSPDL 
{
public:
      typedef SSCSPDLImpl Impl;

      explicit SSCSPDL(Impl *impl) : CSPDL(impl) {}
      SSCSPDL(const Guid &guid) : CSPDL(new Impl(guid)) {}
      SSCSPDL(const Module &module) : CSPDL(new Impl(module)) {}

      Impl *operator ->() const { return &CSP::impl<Impl>(); }
      Impl &operator *() const { return CSP::impl<Impl>(); }
};


//
// SSDbImpl --  A Security Storage Db object.
//
class SSGroup;
class SSDbUniqueRecord;

class SSDbImpl : public DbImpl
{
public:
      SSDbImpl(const SSCSPDL &cspdl,
                   const char *inDbName, const CSSM_NET_ADDRESS *inDbLocation);
      virtual ~SSDbImpl();

      void create();
      void open();

      SSDbUniqueRecord insert(CSSM_DB_RECORDTYPE recordType,
                                          const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes,
                                          const CSSM_DATA *data,
                                          const CSSM_RESOURCE_CONTROL_CONTEXT *rc = NULL);

      SSDbUniqueRecord insert(CSSM_DB_RECORDTYPE recordType,
                                          const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes,
                                          const CSSM_DATA *data, const SSGroup &group,
                                          const CSSM_ACCESS_CREDENTIALS *cred);

      // DbCursorMaker
      DbCursorImpl *newDbCursor(const CSSM_QUERY &query,
                                            Allocator &allocator);
      DbCursorImpl *newDbCursor(uint32 capacity, Allocator &allocator);

      // SSDbUniqueRecordMaker
      DbUniqueRecordImpl *newDbUniqueRecord();

      CSP csp() { return parent<CSP>(); }
};

class SSDb : public Db
{
public:
      typedef SSDbImpl Impl;

      explicit SSDb(Impl *impl) : Db(impl) {}
      SSDb(const SSCSPDL &cspdl, const char *inDbName,
             const CSSM_NET_ADDRESS *inDbLocation = NULL)
            : Db(cspdl->newDb(inDbName, inDbLocation)) {}

      Impl *operator ->() const { return &impl<Impl>(); }
      Impl &operator *() const { return impl<Impl>(); }
};


//
// SSGroup -- Group key with acl, used to protect a group of items.
//
class SSGroupImpl : public KeyImpl
{
public:
      SSGroupImpl(const SSDb &ssDb, const CSSM_DATA &dataBlob);
      SSGroupImpl(const SSDb &ssDb,
                        const CSSM_RESOURCE_CONTROL_CONTEXT *credAndAclEntry);

      static bool isGroup(const CSSM_DATA &dataBlob);

      const CssmData label() const;
      void decodeDataBlob(const CSSM_DATA &dataBlob,
                                    const CSSM_ACCESS_CREDENTIALS *cred,
                                    Allocator &allocator, CSSM_DATA &data);
      void encodeDataBlob(const CSSM_DATA *data,
                                    const CSSM_ACCESS_CREDENTIALS *cred,
                                    CssmDataContainer &dataBlob);

private:
      // Constants
      enum
      {
            // Label prefix for a secure storage group
            kGroupMagic = FOUR_CHAR_CODE('ssgp'),

            // Size of label (including prefix)
            kLabelSize = 20,

            // Size of IV
            kIVSize = 8
      };

      CSSM_DB_ATTR_DECL(kLabel);

      CssmDataContainer mLabel;
};

class SSGroup : public Key
{
public:
      typedef SSGroupImpl Impl;
      explicit SSGroup(Impl *impl) : Key(impl) {}

      SSGroup() : Key(NULL) {}

      // Create a new group.
      SSGroup(const SSDb &ssDb,
                  const CSSM_RESOURCE_CONTROL_CONTEXT *credAndAclEntry)
      : Key(new Impl(ssDb, credAndAclEntry)) {}

      // Lookup an existing group based on a dataBlob.
      SSGroup(const SSDb &ssDb, const CSSM_DATA &dataBlob)
      : Key(new Impl(ssDb, dataBlob)) {}

      Impl *operator ->() const { return &impl<Impl>(); }
      Impl &operator *() const { return impl<Impl>(); }
};


//
// SSDbCursor -- Cursor for iterating over Securely Stored records (or keys)
//
class SSDbCursorImpl : public DbDbCursorImpl
{
public:
      SSDbCursorImpl(const Db &db, const CSSM_QUERY &query,
                           Allocator &allocator);
      SSDbCursorImpl(const Db &db, uint32 capacity,
                           Allocator &allocator);

      bool next(DbAttributes *attributes, ::CssmDataContainer *data,
                    DbUniqueRecord &uniqueId);
      bool next(DbAttributes *attributes, ::CssmDataContainer *data,
                    DbUniqueRecord &uniqueId, const CSSM_ACCESS_CREDENTIALS *cred);
      bool nextKey(DbAttributes *attributes, Key &key, DbUniqueRecord &uniqueId);
      //bool nextGroup(DbAttributes *attributes, SSGroup &group, DbUniqueRecord &uniqueId);

      SSDb database() { return parent<SSDb>(); }
protected:
      void activate();
      void deactivate();
};

class SSDbCursor : public DbCursor
{
public:
      typedef SSDbCursorImpl Impl;

      explicit SSDbCursor(Impl *impl) : DbCursor(impl) {}
      SSDbCursor(const SSDb &ssDb, const CSSM_QUERY &query,
                     Allocator &allocator = Allocator::standard())
            : DbCursor(ssDb->newDbCursor(query, allocator)) {}
      SSDbCursor(const SSDb &ssDb, const uint32 capacity = 0,
                     Allocator &allocator = Allocator::standard())
            : DbCursor(ssDb->newDbCursor(capacity, allocator)) {}

      Impl *operator ->() const { return &impl<Impl>(); }
      Impl &operator *() const { return impl<Impl>(); }
};


//
// SSDbUniqueRecord
//
class SSDbUniqueRecordImpl : public DbUniqueRecordImpl
{
public:
      SSDbUniqueRecordImpl(const Db &db);
      virtual ~SSDbUniqueRecordImpl();

      void deleteRecord();
      void deleteRecord(const CSSM_ACCESS_CREDENTIALS *cred);
      void modify(CSSM_DB_RECORDTYPE recordType,
                        const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes,
                        const CSSM_DATA *data,
                        CSSM_DB_MODIFY_MODE modifyMode);
      void modify(CSSM_DB_RECORDTYPE recordType,
                        const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes,
                        const CSSM_DATA *data,
                        CSSM_DB_MODIFY_MODE modifyMode,
                        const CSSM_ACCESS_CREDENTIALS *cred);
      void get(DbAttributes *attributes, ::CssmDataContainer *data);
      void get(DbAttributes *attributes, ::CssmDataContainer *data,
                   const CSSM_ACCESS_CREDENTIALS *cred);

      SSDb database() { return parent<SSDb>(); }

      // Return the group that this record is in.
      SSGroup group();
};

class SSDbUniqueRecord : public DbUniqueRecord
{
public:
      typedef SSDbUniqueRecordImpl Impl;

      explicit SSDbUniqueRecord(Impl *impl) : DbUniqueRecord(impl) {}
      SSDbUniqueRecord(const SSDb &ssDb)
            : DbUniqueRecord(ssDb->newDbUniqueRecord()) {}

      Impl *operator ->() const { return &impl<Impl>(); }
      Impl &operator *() const { return impl<Impl>(); }
};

}; // end namespace CssmClient

} // end namespace Security

#endif //_H_CDSA_CLIENT_SECURESTORAGE

Generated by  Doxygen 1.6.0   Back to index