[apple/security.git] / OSX / libsecurity_keychain / lib / ACL.h

/*
 * Copyright (c) 2002-2004,2011,2014 Apple Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

//
// ACL.h - ACL control wrappers
//
#ifndef _SECURITY_ACL_H_
#define _SECURITY_ACL_H_

#include <Security/SecACL.h>
#include <security_cdsa_utilities/cssmaclpod.h>
#include <security_cdsa_client/aclclient.h>
#include <security_cdsa_utilities/cssmdata.h>
#include <security_utilities/seccfobject.h>
#include "SecCFTypes.h"

#include <vector>

namespace Security {
namespace KeychainCore {

using CssmClient::AclBearer;

class Access;
class TrustedApplication;


//
// An ACL Entry for an Access object
//
class ACL : public SecCFObject {
	NOCOPY(ACL)
public:
	SECCFFUNCTIONS(ACL, SecACLRef, errSecInvalidItemRef, gTypes().ACL)

    // Query AclBearer for ACL entry matching tag. Will throw if there is not exactly 1 entry.
    ACL(const AclBearer &aclBearer, const char *selectionTag,
             Allocator &alloc = Allocator::standard());
	// create from CSSM layer ACL entry
	ACL(const AclEntryInfo &info,
		Allocator &alloc = Allocator::standard());
	// create from CSSM layer owner prototype
	ACL(const AclOwnerPrototype &owner,
		Allocator &alloc = Allocator::standard());
	// create an "any" ACL
	ACL(Allocator &alloc = Allocator::standard());
	// create from "standard form" arguments (with empty application list)
	ACL(string description, const CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR &promptSelector,
		Allocator &alloc = Allocator::standard());
    // create an "integrity" ACL
    ACL(const CssmData &digest, Allocator &alloc = Allocator::standard());
    
    virtual ~ACL();

	Allocator &allocator;
	
	enum State {
		unchanged,					// unchanged from source
		inserted,					// new
		modified,					// was changed (replace)
		deleted						// was deleted (now invalid)
	};
	State state() const { return mState; }
	
	enum Form {
		invalidForm,				// invalid
		customForm,					// not a recognized format (but valid)
		allowAllForm,				// indiscriminate
		appListForm,				// list of apps + prompt confirm
        integrityForm               // hashed integrity of item attributes
	};
	Form form() const { return mForm; }
	void form(Form f) { mForm = f; }
	
    void setIntegrity(const CssmData& integrity);
    const CssmData& integrity();

public:
	AclAuthorizationSet &authorizations()	{ return mAuthorizations; }
	bool authorizes(AclAuthorization right);
    bool authorizesSpecifically(AclAuthorization right);
	void setAuthorization(CSSM_ACL_AUTHORIZATION_TAG auth)
	{ mAuthorizations.clear(); mAuthorizations.insert(auth); }
	
	typedef vector< SecPointer<TrustedApplication> > ApplicationList;
	ApplicationList &applications()
	{ assert(form() == appListForm); return mAppList; }
	void addApplication(TrustedApplication *app);
	
	CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR &promptSelector()	{ return mPromptSelector; }
	string &promptDescription()							{ return mPromptDescription; }
	
	CSSM_ACL_HANDLE entryHandle() const	{ return mCssmHandle; }
	
	static const CSSM_ACL_HANDLE ownerHandle = 0xff0e2743;	// pseudo-handle for owner ACL
	bool isOwner() const			{ return mCssmHandle == ownerHandle; }
	void makeOwner()				{ mCssmHandle = ownerHandle; }
	
	void modify();					// mark modified (update on commit)
	void remove();					// mark removed (delete on commit)
	
	// produce chunk copies of CSSM forms; caller takes ownership
	void copyAclEntry(AclEntryPrototype &proto, Allocator &alloc = Allocator::standard());
	void copyAclOwner(AclOwnerPrototype &proto, Allocator &alloc = Allocator::standard());
	
public:
	void setAccess(AclBearer &target, bool update = false,
		const AccessCredentials *cred = NULL);

public:
	struct ParseError { };
	
public:
	static const CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR defaultSelector;
	
private:
	void parse(const TypedList &subject);
	void parsePrompt(const TypedList &subject);
	void makeSubject();
	void clearSubjects(Form newForm);

private:
	State mState;					// change state
	Form mForm;						// format type

	// AclEntryPrototype fields (minus subject, which is virtually constructed)
	CSSM_ACL_HANDLE mCssmHandle;	// CSSM entry handle (for updates)
	string mEntryTag;				// CSSM entry tag (64 bytes or so, they say)
	bool mDelegate;					// CSSM delegate flag
	AclAuthorizationSet mAuthorizations; // rights for this ACL entry
	
	// composite AclEntryPrototype (constructed when needed)
	TypedList *mSubjectForm;
	
	// following values valid only if form() == appListForm
	ApplicationList mAppList;		// list of trusted applications
    CssmAutoData mIntegrity;          // digest for integrityForm ACL entries
	CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR mPromptSelector; // selector field of PROMPT subject
	string mPromptDescription;		// description field of PROMPT subject
	Mutex mMutex;
};


} // end namespace KeychainCore
} // end namespace Security

#endif // !_SECURITY_ACL_H_
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2002-2004,2011,2014 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24	//
	25	// ACL.h - ACL control wrappers
	26	//
	27	#ifndef _SECURITY_ACL_H_
	28	#define _SECURITY_ACL_H_
	29
	30	#include <Security/SecACL.h>
	31	#include <security_cdsa_utilities/cssmaclpod.h>
	32	#include <security_cdsa_client/aclclient.h>
	33	#include <security_cdsa_utilities/cssmdata.h>
	34	#include <security_utilities/seccfobject.h>
	35	#include "SecCFTypes.h"
	36
	37	#include <vector>
	38
	39	namespace Security {
	40	namespace KeychainCore {
	41
	42	using CssmClient::AclBearer;
	43
	44	class Access;
	45	class TrustedApplication;
	46
	47
	48	//
	49	// An ACL Entry for an Access object
	50	//
	51	class ACL : public SecCFObject {
	52	NOCOPY(ACL)
	53	public:
	54	SECCFFUNCTIONS(ACL, SecACLRef, errSecInvalidItemRef, gTypes().ACL)
	55
e3d460c9 A	56	// Query AclBearer for ACL entry matching tag. Will throw if there is not exactly 1 entry.
	57	ACL(const AclBearer &aclBearer, const char *selectionTag,
	58	Allocator &alloc = Allocator::standard());
b1ab9ed8	59	// create from CSSM layer ACL entry
e3d460c9	60	ACL(const AclEntryInfo &info,
b1ab9ed8 A	61	Allocator &alloc = Allocator::standard());
b1ab9ed8 A	62	// create from CSSM layer owner prototype
e3d460c9	63	ACL(const AclOwnerPrototype &owner,
b1ab9ed8 A	64	Allocator &alloc = Allocator::standard());
b1ab9ed8 A	65	// create an "any" ACL
e3d460c9	66	ACL(Allocator &alloc = Allocator::standard());
b1ab9ed8	67	// create from "standard form" arguments (with empty application list)
e3d460c9	68	ACL(string description, const CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR &promptSelector,
b1ab9ed8	69	Allocator &alloc = Allocator::standard());
e3d460c9 A	70	// create an "integrity" ACL
	71	ACL(const CssmData &digest, Allocator &alloc = Allocator::standard());
	72
b1ab9ed8	73	virtual ~ACL();
e3d460c9	74
b1ab9ed8 A	75	Allocator &allocator;
	76
	77	enum State {
	78	unchanged, // unchanged from source
	79	inserted, // new
	80	modified, // was changed (replace)
	81	deleted // was deleted (now invalid)
	82	};
	83	State state() const { return mState; }
	84
	85	enum Form {
	86	invalidForm, // invalid
	87	customForm, // not a recognized format (but valid)
	88	allowAllForm, // indiscriminate
e3d460c9 A	89	appListForm, // list of apps + prompt confirm
e3d460c9 A	90	integrityForm // hashed integrity of item attributes
b1ab9ed8 A	91	};
	92	Form form() const { return mForm; }
	93	void form(Form f) { mForm = f; }
	94
e3d460c9 A	95	void setIntegrity(const CssmData& integrity);
	96	const CssmData& integrity();
	97
b1ab9ed8 A	98	public:
	99	AclAuthorizationSet &authorizations() { return mAuthorizations; }
	100	bool authorizes(AclAuthorization right);
e3d460c9	101	bool authorizesSpecifically(AclAuthorization right);
b1ab9ed8 A	102	void setAuthorization(CSSM_ACL_AUTHORIZATION_TAG auth)
	103	{ mAuthorizations.clear(); mAuthorizations.insert(auth); }
	104
	105	typedef vector< SecPointer<TrustedApplication> > ApplicationList;
	106	ApplicationList &applications()
	107	{ assert(form() == appListForm); return mAppList; }
	108	void addApplication(TrustedApplication *app);
	109
	110	CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR &promptSelector() { return mPromptSelector; }
	111	string &promptDescription() { return mPromptDescription; }
	112
	113	CSSM_ACL_HANDLE entryHandle() const { return mCssmHandle; }
	114
	115	static const CSSM_ACL_HANDLE ownerHandle = 0xff0e2743; // pseudo-handle for owner ACL
	116	bool isOwner() const { return mCssmHandle == ownerHandle; }
	117	void makeOwner() { mCssmHandle = ownerHandle; }
	118
	119	void modify(); // mark modified (update on commit)
	120	void remove(); // mark removed (delete on commit)
	121
	122	// produce chunk copies of CSSM forms; caller takes ownership
	123	void copyAclEntry(AclEntryPrototype &proto, Allocator &alloc = Allocator::standard());
	124	void copyAclOwner(AclOwnerPrototype &proto, Allocator &alloc = Allocator::standard());
	125
	126	public:
	127	void setAccess(AclBearer &target, bool update = false,
	128	const AccessCredentials *cred = NULL);
	129
	130	public:
	131	struct ParseError { };
	132
	133	public:
	134	static const CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR defaultSelector;
	135
	136	private:
	137	void parse(const TypedList &subject);
	138	void parsePrompt(const TypedList &subject);
	139	void makeSubject();
	140	void clearSubjects(Form newForm);
	141
	142	private:
	143	State mState; // change state
	144	Form mForm; // format type
	145
	146	// AclEntryPrototype fields (minus subject, which is virtually constructed)
	147	CSSM_ACL_HANDLE mCssmHandle; // CSSM entry handle (for updates)
	148	string mEntryTag; // CSSM entry tag (64 bytes or so, they say)
	149	bool mDelegate; // CSSM delegate flag
	150	AclAuthorizationSet mAuthorizations; // rights for this ACL entry
	151
	152	// composite AclEntryPrototype (constructed when needed)
	153	TypedList *mSubjectForm;
	154
	155	// following values valid only if form() == appListForm
	156	ApplicationList mAppList; // list of trusted applications
e3d460c9	157	CssmAutoData mIntegrity; // digest for integrityForm ACL entries
b1ab9ed8 A	158	CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR mPromptSelector; // selector field of PROMPT subject
	159	string mPromptDescription; // description field of PROMPT subject
	160	Mutex mMutex;
	161	};
	162
	163
	164	} // end namespace KeychainCore
	165	} // end namespace Security
	166
	167	#endif // !_SECURITY_ACL_H_