securityd/src/tokend.h

   1 /*
   2  * Copyright (c) 2004-2006 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 //
  26 // tokend - internal tracker for a tokend smartcard driver process
  27 //
  28 #ifndef _H_TOKEND
  29 #define _H_TOKEND
  30
  31 #include "structure.h"
  32 #include "child.h"
  33 #include "tokencache.h"
  34 #include <security_utilities/pcsc++.h>
  35 #include <security_utilities/osxcode.h>
  36 #include <security_tokend_client/tdclient.h>
  37
  38
  39 //
  40 // A Mix-in for classes that can receive (progated) fault nofications
  41 //
  42 class FaultRelay {
  43 public:
  44         virtual ~FaultRelay();
  45         virtual void relayFault(bool async) = 0;
  46 };
  47
  48
  49 //
  50 // A TokenDaemon object is the ServerChild object representing the real
  51 // tokend process driving a token. It provides the only (official) communications
  52 // and control point between securityd and that tokend.
  53 //
  54 // TokenDaemon is sufficiently aware to track changes in its tokend, particularly
  55 // any sudden, violent, agonizing death it may have suffered.
  56 // If TokenDaemon communications with its tokend break down for any rason, it declares
  57 // a FAULT condition and cuts off any further attempts at communication. There is no way
  58 // to recover from a FAULT condition. (You can create a new TokenDaemon and try again,
  59 // of course.) Fault is propagated to the owner object through a simple callback scheme.
  60 //
  61 // If TokenDaemon is destroyed while its process is still alive, it will (try to) kill
  62 // it right there and then. That's good enough for hard error recovery, though you may
  63 // try to let it down easier to allow it to save its caches and wind down. Caller's choice.
  64 //
  65 // NB: If you ever want to make TokenDaemon BE a Bundle, you must switch NodeCore
  66 // AND OSXCode to virtually derive RefCount.
  67 //
  68 class TokenDaemon : public PerGlobal, public ServerChild, public Tokend::ClientSession {
  69 public:
  70         TokenDaemon(RefPointer<Bundle> code,
  71                 const std::string &reader, const PCSC::ReaderState &state, TokenCache &cache);
  72         virtual ~TokenDaemon();
  73
  74         bool faulted() const { return mFaulted; }
  75         void fault(bool async, const char *reason);
  76
  77         void faultRelay(FaultRelay *rcv)                { mFaultRelay = rcv; }
  78
  79         string bundlePath() const { return mMe->canonicalPath(); }
  80         string bundleIdentifier() const { return mMe->identifier(); }
  81         uint32 maxScore() const;
  82
  83         Score score() const                     { return mScore; }
  84         bool hasTokenUid() const        { return !mTokenUid.empty(); }
  85         std::string tokenUid() const;
  86
  87         uid_t uid() const                       { return mUid; }
  88         gid_t gid() const                       { return mGid; }
  89
  90         // startup phase calls
  91         using ClientSession::probe;
  92         bool probe();
  93
  94         IFDUMP(void dumpNode());
  95
  96 protected:
  97         void childAction();
  98         void dying();
  99
 100         void fault();                           // relay from Tokend::ClientSession
 101
 102 private:
 103         RefPointer<Bundle> mMe; // code object for the tokend (it's an Application)
 104         std::string mReaderName;        // PCSC name of reader we're working with
 105         PCSC::ReaderState mState;       // card state at time of creation (not updated after that)
 106
 107         // fault processing
 108         FaultRelay *mFaultRelay;        // forward initial fault declarations to this object
 109         bool mFaulted;                          // fault condition
 110
 111         // returned by tokend scoring system
 112         bool mProbed;                           // probe() has succeeded; mScore/mTokenUid valid
 113         Score mScore;                           // token support score as returned by probe()
 114         std::string mTokenUid;          // tokenUid as returned by probe(), may be empty
 115
 116         // credentials of underlying process
 117         uid_t mUid;                                     // uid of tokend process
 118         gid_t mGid;                                     // gid of tokend process
 119 };
 120
 121
 122 #endif //_H_TOKEND