[apple/security.git] / cdsa / cdsa_utilities / cssmaclpod.h

/*
 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


//
// cssmaclpod - enhanced PodWrappers for ACL-related CSSM data structures
//
#ifndef _CSSMACLPOD
#define _CSSMACLPOD

#include <Security/utilities.h>
#include <Security/cssmlist.h>
#include <Security/cssmalloc.h>

#ifdef _CPP_CSSMACLPOD
#pragma export on
#endif

namespace Security
{

// a nicer name for an authorization tag
typedef CSSM_ACL_AUTHORIZATION_TAG AclAuthorization;
typedef set<AclAuthorization> AclAuthorizationSet;


//
// Enhanced POD Wrappers for the public ACL-related CSSM structures
//
class AuthorizationGroup : public PodWrapper<AuthorizationGroup, CSSM_AUTHORIZATIONGROUP> {
public:
	AuthorizationGroup() { NumberOfAuthTags = 0; }
	AuthorizationGroup(AclAuthorization auth);
	explicit AuthorizationGroup(const AclAuthorizationSet &, CssmAllocator &alloc);
	
    bool empty() const			{ return NumberOfAuthTags == 0; }
	unsigned int count() const	{ return NumberOfAuthTags; }
	CSSM_ACL_AUTHORIZATION_TAG operator [] (unsigned ix) const
	{ assert(ix < count()); return AuthTags[ix]; }
	
	bool contains(CSSM_ACL_AUTHORIZATION_TAG tag) const;
	operator AclAuthorizationSet () const;
};

class AclOwnerPrototype;

class AclEntryPrototype : public PodWrapper<AclEntryPrototype, CSSM_ACL_ENTRY_PROTOTYPE> {
public:
	AclEntryPrototype() { memset(this, 0, sizeof(*this)); }
	AclEntryPrototype(const AclOwnerPrototype &proto);
	AclEntryPrototype(const CSSM_LIST &subj, bool delegate = false)
	{ memset(this, 0, sizeof(*this)); TypedSubject = subj; Delegate = delegate; }
	
	TypedList &subject() { return TypedList::overlay(TypedSubject); }
	const TypedList &subject() const { return TypedList::overlay(TypedSubject); }
	bool delegate() const { return Delegate; }
	char *tag() { return EntryTag; }
	const char *tag() const { return EntryTag; }
	AuthorizationGroup &authorization() { return AuthorizationGroup::overlay(Authorization); }
	const AuthorizationGroup &authorization() const
	{ return AuthorizationGroup::overlay(Authorization); }
};

class AclOwnerPrototype : public PodWrapper<AclOwnerPrototype, CSSM_ACL_OWNER_PROTOTYPE> {
public:
	AclOwnerPrototype() { }
	explicit AclOwnerPrototype(const AclEntryPrototype &proto)
	{ TypedSubject = proto.subject(); Delegate = proto.delegate(); }
	
	TypedList &subject() { return TypedList::overlay(TypedSubject); }
	const TypedList &subject() const { return TypedList::overlay(TypedSubject); }
	bool delegate() const { return Delegate; }
};

class AclEntryInfo : public PodWrapper<AclEntryInfo, CSSM_ACL_ENTRY_INFO> {
public:
	AclEntryPrototype &proto() { return AclEntryPrototype::overlay(EntryPublicInfo); }
	const AclEntryPrototype &proto()
	const { return AclEntryPrototype::overlay(EntryPublicInfo); }
	
	operator AclEntryPrototype &() { return proto(); }
	operator const AclEntryPrototype &() const { return proto(); }

	CSSM_ACL_HANDLE &handle() { return EntryHandle; }
	const CSSM_ACL_HANDLE &handle() const { return EntryHandle; }
};

class AclEntryInput : public PodWrapper<AclEntryInput, CSSM_ACL_ENTRY_INPUT> {
public:
	AclEntryInput() { memset(this, 0, sizeof(*this)); }
	AclEntryInput(const AclEntryPrototype &prot)
	{ Prototype = prot; Callback = NULL; CallerContext = NULL; }

	AclEntryPrototype &proto() { return AclEntryPrototype::overlay(Prototype); }
	const AclEntryPrototype &proto() const { return AclEntryPrototype::overlay(Prototype); }
	//@@@ not supporting callback features (yet)
};

class AclEdit : public PodWrapper<AclEdit, CSSM_ACL_EDIT> {
public:
	AclEdit(CSSM_ACL_EDIT_MODE m, CSSM_ACL_HANDLE h, const AclEntryInput *data)
	{ EditMode = m; OldEntryHandle = h; NewEntry = data; }
	AclEdit(const AclEntryInput &add)
	{ EditMode = CSSM_ACL_EDIT_MODE_ADD; OldEntryHandle = CSSM_INVALID_HANDLE; NewEntry = &add; }
	AclEdit(CSSM_ACL_HANDLE h, const AclEntryInput &modify)
	{ EditMode = CSSM_ACL_EDIT_MODE_REPLACE; OldEntryHandle = h; NewEntry = &modify; }
	AclEdit(CSSM_ACL_HANDLE h)
	{ EditMode = CSSM_ACL_EDIT_MODE_DELETE; OldEntryHandle = h; NewEntry = NULL; }
	
	CSSM_ACL_EDIT_MODE mode() const { return EditMode; }
	CSSM_ACL_HANDLE handle() const { return OldEntryHandle; }
	const AclEntryInput *newEntry() const { return AclEntryInput::overlay(NewEntry); }
};


//
// Allocating versions of Acl structures
//
class AutoAclOwnerPrototype {
	NOCOPY(AutoAclOwnerPrototype)
public:
	// allocator can be set after construction
	AutoAclOwnerPrototype(CssmAllocator *allocator = NULL) : mAllocator(allocator) { }
	~AutoAclOwnerPrototype();
	
	operator CSSM_ACL_OWNER_PROTOTYPE *() { return mAclOwnerPrototype; }

	void allocator(CssmAllocator &allocator);

private:
	AclOwnerPrototype *mAclOwnerPrototype;
	CssmAllocator *mAllocator;
};


class AutoAclEntryInfoList {
	NOCOPY(AutoAclEntryInfoList)
public:
	// allocator can be set after construction
	AutoAclEntryInfoList(CssmAllocator *allocator = NULL)
    : mAclEntryInfo(NULL), mNumberOfAclEntries(0), mAllocator(allocator) { }
	~AutoAclEntryInfoList();

	operator CSSM_ACL_ENTRY_INFO_PTR *() { return &CSSM_ACL_ENTRY_INFO_PTR(mAclEntryInfo); }
	operator uint32 *() { return &mNumberOfAclEntries; }

	void allocator(CssmAllocator &allocator);

	const AclEntryInfo &at(uint32 ix) const { return mAclEntryInfo[ix]; }
	const AclEntryInfo &operator[](uint32 ix) const
	{ assert(ix < mNumberOfAclEntries); return mAclEntryInfo[ix]; }

	uint32 size() const { return mNumberOfAclEntries; }

private:
	AclEntryInfo *mAclEntryInfo;
	uint32 mNumberOfAclEntries;
	CssmAllocator *mAllocator;
};


//
// Walkers for the CSSM API structure types
//
namespace DataWalkers {

// AclEntryInput
template <class Action>
AclEntryInput *walk(Action &operate, AclEntryInput * &input)
{
	operate(input);
	walk(operate, *input);
	return input;
}

template <class Action>
void walk(Action &operate, AclEntryInput &input)
{ walk(operate, input.proto()); }

// AclEntryInfo
template <class Action>
void walk(Action &operate, AclEntryInfo &info)
{ walk(operate, info.proto()); }

template <class Action>
void walk(Action &operate, const AclEntryInfo &info)
{ walk(operate, const_cast<AclEntryInfo &>(info)); }

// AclEntryPrototype
template <class Action>
void walk(Action &operate, AclEntryPrototype &proto)
{
	walk(operate, proto.subject());
	operate(proto.Authorization.AuthTags,
		sizeof(CSSM_ACL_AUTHORIZATION_TAG) * proto.Authorization.NumberOfAuthTags);
	//@@@ ignoring validity period
}

template <class Action>
AclEntryPrototype *walk(Action &operate, AclEntryPrototype * &proto)
{
	operate(proto);
	walk(operate, *proto);
	return proto;
}

// AclOwnerPrototype
template <class Action>
void walk(Action &operate, AclOwnerPrototype &proto)
{
	walk(operate, proto.subject());
}

template <class Action>
AclOwnerPrototype *walk(Action &operate, AclOwnerPrototype * &proto)
{
	operate(proto);
	walk(operate, *proto);
	return proto;
}


} // end namespace DataWalkers

} // end namespace Security

#ifdef _CPP_CSSMACLPOD
#pragma export off
#endif


#endif //_CSSMACLPOD
Commit	Line	Data
bac41a7b A	1	/*
	2	* Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	//
	20	// cssmaclpod - enhanced PodWrappers for ACL-related CSSM data structures
	21	//
	22	#ifndef _CSSMACLPOD
	23	#define _CSSMACLPOD
	24
	25	#include <Security/utilities.h>
	26	#include <Security/cssmlist.h>
	27	#include <Security/cssmalloc.h>
	28
	29	#ifdef _CPP_CSSMACLPOD
	30	#pragma export on
	31	#endif
	32
	33	namespace Security
	34	{
	35
	36	// a nicer name for an authorization tag
	37	typedef CSSM_ACL_AUTHORIZATION_TAG AclAuthorization;
	38	typedef set<AclAuthorization> AclAuthorizationSet;
	39
	40
	41	//
	42	// Enhanced POD Wrappers for the public ACL-related CSSM structures
	43	//
	44	class AuthorizationGroup : public PodWrapper<AuthorizationGroup, CSSM_AUTHORIZATIONGROUP> {
	45	public:
	46	AuthorizationGroup() { NumberOfAuthTags = 0; }
	47	AuthorizationGroup(AclAuthorization auth);
	48	explicit AuthorizationGroup(const AclAuthorizationSet &, CssmAllocator &alloc);
	49
	50	bool empty() const { return NumberOfAuthTags == 0; }
	51	unsigned int count() const { return NumberOfAuthTags; }
	52	CSSM_ACL_AUTHORIZATION_TAG operator [] (unsigned ix) const
	53	{ assert(ix < count()); return AuthTags[ix]; }
	54
	55	bool contains(CSSM_ACL_AUTHORIZATION_TAG tag) const;
	56	operator AclAuthorizationSet () const;
	57	};
	58
	59	class AclOwnerPrototype;
	60
	61	class AclEntryPrototype : public PodWrapper<AclEntryPrototype, CSSM_ACL_ENTRY_PROTOTYPE> {
	62	public:
	63	AclEntryPrototype() { memset(this, 0, sizeof(*this)); }
	64	AclEntryPrototype(const AclOwnerPrototype &proto);
65	AclEntryPrototype(const CSSM_LIST &subj, bool delegate = false)
66	{ memset(this, 0, sizeof(*this)); TypedSubject = subj; Delegate = delegate; }
67
68	TypedList &subject() { return TypedList::overlay(TypedSubject); }
69	const TypedList &subject() const { return TypedList::overlay(TypedSubject); }
70	bool delegate() const { return Delegate; }
71	char *tag() { return EntryTag; }
72	const char *tag() const { return EntryTag; }
73	AuthorizationGroup &authorization() { return AuthorizationGroup::overlay(Authorization); }
74	const AuthorizationGroup &authorization() const
75	{ return AuthorizationGroup::overlay(Authorization); }
76	};
77
78	class AclOwnerPrototype : public PodWrapper<AclOwnerPrototype, CSSM_ACL_OWNER_PROTOTYPE> {
79	public:
80	AclOwnerPrototype() { }
81	explicit AclOwnerPrototype(const AclEntryPrototype &proto)
82	{ TypedSubject = proto.subject(); Delegate = proto.delegate(); }
83
84	TypedList &subject() { return TypedList::overlay(TypedSubject); }
85	const TypedList &subject() const { return TypedList::overlay(TypedSubject); }
86	bool delegate() const { return Delegate; }
87	};
88
89	class AclEntryInfo : public PodWrapper<AclEntryInfo, CSSM_ACL_ENTRY_INFO> {
90	public:
91	AclEntryPrototype &proto() { return AclEntryPrototype::overlay(EntryPublicInfo); }
92	const AclEntryPrototype &proto()
93	const { return AclEntryPrototype::overlay(EntryPublicInfo); }
94
95	operator AclEntryPrototype &() { return proto(); }
96	operator const AclEntryPrototype &() const { return proto(); }
97
98	CSSM_ACL_HANDLE &handle() { return EntryHandle; }
99	const CSSM_ACL_HANDLE &handle() const { return EntryHandle; }
100	};
101
102	class AclEntryInput : public PodWrapper<AclEntryInput, CSSM_ACL_ENTRY_INPUT> {
103	public:
104	AclEntryInput() { memset(this, 0, sizeof(*this)); }
105	AclEntryInput(const AclEntryPrototype &prot)
106	{ Prototype = prot; Callback = NULL; CallerContext = NULL; }
107
108	AclEntryPrototype &proto() { return AclEntryPrototype::overlay(Prototype); }
109	const AclEntryPrototype &proto() const { return AclEntryPrototype::overlay(Prototype); }
110	//@@@ not supporting callback features (yet)
111	};
112
113	class AclEdit : public PodWrapper<AclEdit, CSSM_ACL_EDIT> {
114	public:
115	AclEdit(CSSM_ACL_EDIT_MODE m, CSSM_ACL_HANDLE h, const AclEntryInput *data)
116	{ EditMode = m; OldEntryHandle = h; NewEntry = data; }
117	AclEdit(const AclEntryInput &add)
118	{ EditMode = CSSM_ACL_EDIT_MODE_ADD; OldEntryHandle = CSSM_INVALID_HANDLE; NewEntry = &add; }
119	AclEdit(CSSM_ACL_HANDLE h, const AclEntryInput &modify)
120	{ EditMode = CSSM_ACL_EDIT_MODE_REPLACE; OldEntryHandle = h; NewEntry = &modify; }
121	AclEdit(CSSM_ACL_HANDLE h)
122	{ EditMode = CSSM_ACL_EDIT_MODE_DELETE; OldEntryHandle = h; NewEntry = NULL; }
123
124	CSSM_ACL_EDIT_MODE mode() const { return EditMode; }
125	CSSM_ACL_HANDLE handle() const { return OldEntryHandle; }
126	const AclEntryInput *newEntry() const { return AclEntryInput::overlay(NewEntry); }
127	};
128
129
130	//
131	// Allocating versions of Acl structures
132	//
133	class AutoAclOwnerPrototype {
134	NOCOPY(AutoAclOwnerPrototype)
135	public:
136	// allocator can be set after construction
137	AutoAclOwnerPrototype(CssmAllocator *allocator = NULL) : mAllocator(allocator) { }
138	~AutoAclOwnerPrototype();
139
140	operator CSSM_ACL_OWNER_PROTOTYPE *() { return mAclOwnerPrototype; }
141
142	void allocator(CssmAllocator &allocator);
143
144	private:
145	AclOwnerPrototype *mAclOwnerPrototype;
146	CssmAllocator *mAllocator;
147	};
148
149
150	class AutoAclEntryInfoList {
151	NOCOPY(AutoAclEntryInfoList)
152	public:
153	// allocator can be set after construction
154	AutoAclEntryInfoList(CssmAllocator *allocator = NULL)
155	: mAclEntryInfo(NULL), mNumberOfAclEntries(0), mAllocator(allocator) { }
156	~AutoAclEntryInfoList();
157
158	operator CSSM_ACL_ENTRY_INFO_PTR *() { return &CSSM_ACL_ENTRY_INFO_PTR(mAclEntryInfo); }
159	operator uint32 *() { return &mNumberOfAclEntries; }
160
161	void allocator(CssmAllocator &allocator);
162
163	const AclEntryInfo &at(uint32 ix) const { return mAclEntryInfo[ix]; }
164	const AclEntryInfo &operator[](uint32 ix) const
165	{ assert(ix < mNumberOfAclEntries); return mAclEntryInfo[ix]; }
166
167	uint32 size() const { return mNumberOfAclEntries; }
168
169	private:
170	AclEntryInfo *mAclEntryInfo;
171	uint32 mNumberOfAclEntries;
172	CssmAllocator *mAllocator;
173	};
174
175
176	//
177	// Walkers for the CSSM API structure types
178	//
179	namespace DataWalkers {
180
181	// AclEntryInput
182	template <class Action>
183	AclEntryInput walk(Action &operate, AclEntryInput &input)
184	{
185	operate(input);
186	walk(operate, *input);
187	return input;
188	}
189
190	template <class Action>
191	void walk(Action &operate, AclEntryInput &input)
192	{ walk(operate, input.proto()); }
193
194	// AclEntryInfo
195	template <class Action>
196	void walk(Action &operate, AclEntryInfo &info)
197	{ walk(operate, info.proto()); }
198
199	template <class Action>
200	void walk(Action &operate, const AclEntryInfo &info)
201	{ walk(operate, const_cast<AclEntryInfo &>(info)); }
202
203	// AclEntryPrototype
204	template <class Action>
205	void walk(Action &operate, AclEntryPrototype &proto)
206	{
207	walk(operate, proto.subject());
208	operate(proto.Authorization.AuthTags,
209	sizeof(CSSM_ACL_AUTHORIZATION_TAG) * proto.Authorization.NumberOfAuthTags);
210	//@@@ ignoring validity period
211	}
212
213	template <class Action>
214	AclEntryPrototype walk(Action &operate, AclEntryPrototype &proto)
215	{
216	operate(proto);
217	walk(operate, *proto);
218	return proto;
219	}
220
221	// AclOwnerPrototype
222	template <class Action>
223	void walk(Action &operate, AclOwnerPrototype &proto)
224	{
225	walk(operate, proto.subject());
226	}
227
228	template <class Action>
229	AclOwnerPrototype walk(Action &operate, AclOwnerPrototype &proto)
230	{
231	operate(proto);
232	walk(operate, *proto);
233	return proto;
234	}
235
236
237	} // end namespace DataWalkers
238
239	} // end namespace Security
240
241	#ifdef _CPP_CSSMACLPOD
242	#pragma export off
243	#endif
244
245
246	#endif //_CSSMACLPOD