[apple/security.git] / OSX / libsecurity_cssm / lib / manager.h

/*
 * Copyright (c) 2000-2001,2003-2004,2011,2014 Apple Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */


//
// manager - CSSM manager/supervisor objects.
//
#ifndef _H_MANAGER
#define _H_MANAGER

#include "modloader.h"
#include <security_cdsa_utilities/callback.h>
#include "cssmmds.h"
#include "attachfactory.h"


//
// The CssmManager class embodies one instance of CSSM. It can interact with multiple
// callers in multiple threads.
// As far as CssmManager is concerned, it doesn't mind for multiple instances of it to
// exist. Such instances are strictly separated; they do not share anything (module info,
// attachments, callbacks, etc.) and live their lives in splendid isolation. Of course,
// other subsystems they deal with (e.g. the ModuleLoader) may multiplex them, but such
// components should take pains not to "leak" information from one CssmManager instance
// to another.
//
class CssmManager : public AttachmentFactory {
    NOCOPY(CssmManager)
    static const CSSM_GUID theGuidForCssmItself;
public:
    CssmManager();
    virtual ~CssmManager();
    
    void initialize (const CSSM_VERSION &version,
                     CSSM_PRIVILEGE_SCOPE scope,
                     const Guid &callerGuid,
                     CSSM_KEY_HIERARCHY keyHierarchy,
                     CSSM_PVC_MODE &pvcPolicy);
    bool terminate();

    void loadModule (const Guid &guid,
                     CSSM_KEY_HIERARCHY keyHierarchy,
                     const ModuleCallback &callback);
    void unloadModule (const Guid &guid,
                       const ModuleCallback &callback);

    void introduce(const Guid &guid, CSSM_KEY_HIERARCHY keyHierarchy);
    void unIntroduce(const Guid &guid);

    //
    // Polite inquiries
    //

    // these values are constant (after init time) and need no locking
    const Guid &callerGuid() const { return mCallerGuid; }
    CSSM_PRIVILEGE_SCOPE privilegeScope() const { return mPrivilegeScope; }
    CSSM_KEY_HIERARCHY keyHierarchy() const { return mKeyHierarchy; }
    CSSM_PVC_MODE pvcMode() const { return mPvcPolicy; }

    //@@@ for these two, consider locking (as of the C shims AND the transition layer use)
    const CSSM_PRIVILEGE &getPrivilege() const { return mPrivilege; }
    void setPrivilege(const CSSM_PRIVILEGE &priv) { mPrivilege = priv; }

public:
    Module *getModule(const Guid &guid);

private:
    typedef map<Guid, Module *> ModuleMap;
    ModuleMap moduleMap;

    Mutex mLock;					// object lock
    unsigned int initCount;			// number of times successfully initialized
    
private:
    ModuleLoader loader;			// our ticket to module land

private:
    // state acquired from initialize (instance constants - not guarded)
    CSSM_PRIVILEGE_SCOPE mPrivilegeScope;
    CSSM_KEY_HIERARCHY mKeyHierarchy;
    CSSM_PVC_MODE mPvcPolicy;
    Guid mCallerGuid;

    // persistent state of the CSSM (guarded by module lock)
    CSSM_PRIVILEGE mPrivilege;		// established privileges

private:
    void checkVersion(const CSSM_VERSION &version);
};

#ifdef _CPP_MANAGER
# pragma export off
#endif

#endif //_H_MANAGER
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2000-2001,2003-2004,2011,2014 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24
	25	//
	26	// manager - CSSM manager/supervisor objects.
	27	//
	28	#ifndef _H_MANAGER
	29	#define _H_MANAGER
	30
	31	#include "modloader.h"
	32	#include <security_cdsa_utilities/callback.h>
	33	#include "cssmmds.h"
	34	#include "attachfactory.h"
	35
	36
	37	//
	38	// The CssmManager class embodies one instance of CSSM. It can interact with multiple
	39	// callers in multiple threads.
	40	// As far as CssmManager is concerned, it doesn't mind for multiple instances of it to
	41	// exist. Such instances are strictly separated; they do not share anything (module info,
	42	// attachments, callbacks, etc.) and live their lives in splendid isolation. Of course,
	43	// other subsystems they deal with (e.g. the ModuleLoader) may multiplex them, but such
	44	// components should take pains not to "leak" information from one CssmManager instance
	45	// to another.
	46	//
	47	class CssmManager : public AttachmentFactory {
	48	NOCOPY(CssmManager)
	49	static const CSSM_GUID theGuidForCssmItself;
	50	public:
	51	CssmManager();
	52	virtual ~CssmManager();
	53
	54	void initialize (const CSSM_VERSION &version,
	55	CSSM_PRIVILEGE_SCOPE scope,
	56	const Guid &callerGuid,
	57	CSSM_KEY_HIERARCHY keyHierarchy,
	58	CSSM_PVC_MODE &pvcPolicy);
	59	bool terminate();
	60
	61	void loadModule (const Guid &guid,
	62	CSSM_KEY_HIERARCHY keyHierarchy,
	63	const ModuleCallback &callback);
	64	void unloadModule (const Guid &guid,
	65	const ModuleCallback &callback);
	66
67	void introduce(const Guid &guid, CSSM_KEY_HIERARCHY keyHierarchy);
68	void unIntroduce(const Guid &guid);
69
70	//
71	// Polite inquiries
72	//
73
74	// these values are constant (after init time) and need no locking
75	const Guid &callerGuid() const { return mCallerGuid; }
76	CSSM_PRIVILEGE_SCOPE privilegeScope() const { return mPrivilegeScope; }
77	CSSM_KEY_HIERARCHY keyHierarchy() const { return mKeyHierarchy; }
78	CSSM_PVC_MODE pvcMode() const { return mPvcPolicy; }
79
80	//@@@ for these two, consider locking (as of the C shims AND the transition layer use)
81	const CSSM_PRIVILEGE &getPrivilege() const { return mPrivilege; }
82	void setPrivilege(const CSSM_PRIVILEGE &priv) { mPrivilege = priv; }
83
84	public:
85	Module *getModule(const Guid &guid);
86
87	private:
88	typedef map<Guid, Module *> ModuleMap;
89	ModuleMap moduleMap;
90
91	Mutex mLock; // object lock
92	unsigned int initCount; // number of times successfully initialized
93
94	private:
95	ModuleLoader loader; // our ticket to module land
96
97	private:
98	// state acquired from initialize (instance constants - not guarded)
99	CSSM_PRIVILEGE_SCOPE mPrivilegeScope;
100	CSSM_KEY_HIERARCHY mKeyHierarchy;
101	CSSM_PVC_MODE mPvcPolicy;
102	Guid mCallerGuid;
103
104	// persistent state of the CSSM (guarded by module lock)
105	CSSM_PRIVILEGE mPrivilege; // established privileges
106
107	private:
108	void checkVersion(const CSSM_VERSION &version);
109	};
110
111	#ifdef _CPP_MANAGER
112	# pragma export off
113	#endif
114
115	#endif //_H_MANAGER