projects / apple / security.git / blame
| Commit | Line | Data |
|---|---|---|
| b1ab9ed8 | 1 | /* |
| d8f41ccd | 2 | * Copyright (c) 2004,2011,2014 Apple Inc. All Rights Reserved. |
| b1ab9ed8 A |
3 | * |
| 4 | * @APPLE_LICENSE_HEADER_START@ | |
| 5 | * | |
| 6 | * This file contains Original Code and/or Modifications of Original Code | |
| 7 | * as defined in and that are subject to the Apple Public Source License | |
| 8 | * Version 2.0 (the 'License'). You may not use this file except in | |
| 9 | * compliance with the License. Please obtain a copy of the License at | |
| 10 | * http://www.opensource.apple.com/apsl/ and read it before using this | |
| 11 | * file. | |
| 12 | * | |
| 13 | * The Original Code and all software distributed under the License are | |
| 14 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | |
| 15 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, | |
| 16 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | |
| 17 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. | |
| 18 | * Please see the License for the specific language governing rights and | |
| 19 | * limitations under the License. | |
| 20 | * | |
| 21 | * @APPLE_LICENSE_HEADER_END@ | |
| 22 | * | |
| 23 | */ | |
| 24 | ||
| 25 | ||
| 26 | // | |
| 27 | // C++ gate to "Muscle" smartcard interface layer | |
| 28 | // | |
| 29 | // Note: This is written to go together with <pcsc++.h>, rather than stand on | |
| 30 | // its own. It doesn't represent a "all Muscle" view of the card world. | |
| 31 | // | |
| 32 | #ifndef _H_MUSCLE_PP | |
| 33 | #define _H_MUSCLE_PP | |
| 34 | ||
| 866f8763 A |
35 | #include <TargetConditionals.h> |
| 36 | ||
| 37 | #if TARGET_OS_OSX | |
| 38 | ||
| b1ab9ed8 A |
39 | #include <security_utilities/refcount.h> |
| 40 | #include <security_utilities/pcsc++.h> | |
| 41 | #include <PCSC/musclecard.h> | |
| 42 | #include <set> | |
| 43 | ||
| 44 | ||
| 45 | namespace Security { | |
| 46 | namespace Muscle { | |
| 47 | ||
| 48 | ||
| 49 | // | |
| 50 | // Muscle-domain error exceptions | |
| 51 | // | |
| 52 | class Error : public CommonError { | |
| 53 | public: | |
| 54 | Error(MSC_RV err); | |
| 55 | ||
| 56 | const MSC_RV error; | |
| 57 | OSStatus osStatus() const; | |
| 58 | int unixError() const; | |
| 59 | const char *what () const throw (); | |
| 60 | ||
| 61 | static void check(MSC_RV err) { if (err != MSC_SUCCESS) throwMe(err); } | |
| 62 | static void throwMe(MSC_RV err); | |
| 63 | }; | |
| 64 | ||
| 65 | ||
| 66 | // | |
| 67 | // Unified ACLs of the Muscle kind | |
| 68 | // | |
| 69 | class ACL { | |
| 70 | public: | |
| 71 | typedef MSCUShort16 Value; | |
| 72 | ||
| 73 | ACL(Value write = MSC_AUT_ALL, Value read = MSC_AUT_ALL, Value erase = MSC_AUT_ALL); | |
| 74 | ||
| 75 | ACL() { mRead = mWrite = mErase = MSC_AUT_ALL; } | |
| 76 | ||
| 77 | operator MSCKeyACL () const; | |
| 78 | operator MSCObjectACL () const; | |
| 79 | ||
| 80 | Value read() const { return mRead; } | |
| 81 | bool read(Value mask) const { return mRead & mask; } | |
| 82 | Value &read() { return mRead; } | |
| 83 | Value write() const { return mWrite; } | |
| 84 | bool write(Value mask) const { return mWrite & mask; } | |
| 85 | Value &write() { return mWrite; } | |
| 86 | Value erase() const { return mErase; } | |
| 87 | bool erase(Value mask) const { return mErase & mask; } | |
| 88 | Value &erase() { return mErase; } | |
| 89 | // erase is "use" on keys; they're synonymous | |
| 90 | Value use() const { return mErase; } | |
| 91 | bool use(Value mask) const { return mErase & mask; } | |
| 92 | Value &use() { return mErase; } | |
| 93 | ||
| 94 | string form(char ue) const; | |
| 95 | ||
| 96 | private: | |
| 97 | MSCUShort16 mRead; | |
| 98 | MSCUShort16 mWrite; | |
| 99 | MSCUShort16 mErase; | |
| 100 | }; | |
| 101 | ||
| 102 | ||
| 103 | // | |
| 104 | // Muscle item representations (keys and objects unified, the cheap way) | |
| 105 | // | |
| 106 | class CardItem : public RefCount { | |
| 107 | protected: | |
| 108 | CardItem() { } | |
| 109 | ||
| 110 | public: | |
| 111 | virtual ~CardItem(); | |
| 112 | ||
| 113 | virtual unsigned size() const = 0; | |
| 114 | virtual const char *name() const = 0; | |
| 115 | ||
| 116 | virtual const ACL &acl() const = 0; | |
| 117 | virtual ACL &acl() = 0; | |
| 118 | ||
| 119 | virtual void debugDump() = 0; | |
| 120 | ||
| 121 | bool operator < (const CardItem &other) const { return this < &other; } | |
| 122 | }; | |
| 123 | ||
| 124 | class Key : public CardItem, public MSCKeyInfo { | |
| 125 | public: | |
| 126 | Key(const MSCKeyInfo &info); | |
| 127 | ||
| 128 | unsigned id() const { return this->keyNum; } | |
| 129 | const char *name() const; | |
| 130 | unsigned type() const { return this->keyType; } | |
| 131 | unsigned size() const; | |
| 132 | unsigned mode() const { return this->keyPolicy.cipherMode; } | |
| 133 | unsigned operations() const { return this->keyPolicy.cipherDirection; } | |
| 134 | ||
| 135 | const ACL &acl() const; | |
| 136 | ACL &acl(); | |
| 137 | ||
| 138 | void debugDump(); | |
| 139 | ||
| 140 | private: | |
| 141 | char mKeyName[8]; // made-up name "Kn" | |
| 142 | }; | |
| 143 | ||
| 144 | class Object : public CardItem, public MSCObjectInfo { | |
| 145 | public: | |
| 146 | Object(const MSCObjectInfo &info) : MSCObjectInfo(info) { } | |
| 147 | ||
| 148 | const char *name() const; | |
| 149 | unsigned size() const; | |
| 150 | ||
| 151 | const ACL &acl() const; | |
| 152 | ACL &acl(); | |
| 153 | ||
| 154 | void debugDump(); | |
| 155 | }; | |
| 156 | ||
| 157 | ||
| 158 | // | |
| 159 | // A Muscle connection to a card. | |
| 160 | // This is NOT a PodWrapper (for MSCTokenConnection or anything else). | |
| 161 | // | |
| 162 | class Transaction; | |
| 163 | ||
| 164 | class Connection : public MSCTokenConnection, public MSCStatusInfo { | |
| 165 | public: | |
| 166 | Connection(); | |
| 167 | ~Connection(); | |
| 168 | ||
| 169 | void open(const PCSC::ReaderState &reader, unsigned share = MSC_SHARE_EXCLUSIVE); | |
| 170 | void close(); | |
| 171 | ||
| 172 | operator bool () const { return mIsOpen; } | |
| 173 | ||
| 174 | void begin(Transaction *trans = NULL); | |
| 175 | void end(Transaction *trans = NULL); | |
| 176 | Transaction *currentTransaction() const; | |
| 177 | ||
| 178 | typedef set<RefPointer<CardItem> > ItemSet; | |
| 179 | void getItems(ItemSet &items, bool getKeys = true, bool getOthers = true); | |
| 180 | ||
| 181 | void updateStatus(); | |
| 182 | ||
| 183 | private: | |
| 184 | bool mIsOpen; | |
| 185 | Transaction *mCurrentTransaction; | |
| 186 | }; | |
| 187 | ||
| 188 | ||
| 189 | class Transaction { | |
| 190 | public: | |
| 191 | Transaction(Connection &con); | |
| 192 | ~Transaction(); | |
| 193 | ||
| 194 | Connection &connection; | |
| 195 | }; | |
| 196 | ||
| 197 | ||
| 198 | } // namespace Muscle | |
| 199 | } // namespace Security | |
| 200 | ||
| 866f8763 | 201 | #endif //TARGET_OS_OSX |
| b1ab9ed8 | 202 | #endif //_H_MUSCLE_PP |