2 * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
20 // StorageManager.h -- Working with multiple keychains
22 #ifndef _SECURITY_STORAGEMANAGER_H_
23 #define _SECURITY_STORAGEMANAGER_H_
27 #include <Security/multidldb.h>
28 #include <Security/DLDBListCFPref.h>
29 #include <Security/Keychains.h>
30 #include <Security/KeyItem.h>
31 #include <Security/Authorization.h>
33 #define kKeychainRenamedSuffix "_renamed"
38 namespace KeychainCore
43 NOCOPY(StorageManager
)
45 typedef vector
<Keychain
> KeychainList
;
46 typedef vector
<DLDbIdentifier
> DLDbList
;
51 //bool onlist(const Keychain & keychain);
53 // These will call addAndNotify() if the specified keychain already exists
54 Keychain
make(const char *fullPathName
);
55 Keychain
make(const char *fullPathName
, bool add
);
56 Keychain
makeLoginAuthUI(Item
&item
);
57 void created(const Keychain
&keychain
); // Be notified a Keychain just got created.
62 void add(const Keychain
& keychainToAdd
); // Only add if not there yet. Doesn't write out CFPref
64 // Vector-like methods.
66 Keychain
at(unsigned int ix
);
67 Keychain
operator[](unsigned int ix
);
69 KCCursor
createCursor(const SecKeychainAttributeList
*attrList
);
70 KCCursor
createCursor(SecItemClass itemClass
, const SecKeychainAttributeList
*attrList
);
72 // Create KC if it doesn't exist, add to cache, but don't modify search list.
73 Keychain
keychain(const DLDbIdentifier
&dLDbIdentifier
);
75 // Same as keychain(const DLDbIdentifier &) but assumes mLock is already held.
76 Keychain
_keychain(const DLDbIdentifier
&dLDbIdentifier
);
78 // Create KC if it doesn't exist, add it to the search list if it exists and is not already on it.
79 Keychain
makeKeychain(const DLDbIdentifier
&dLDbIdentifier
, bool add
= true);
82 // Keychain list maintenance
84 // remove kcsToRemove from the search list
85 void remove(const KeychainList
&kcsToRemove
, bool deleteDb
= false);
87 void getSearchList(KeychainList
&keychainList
);
88 void setSearchList(const KeychainList
&keychainList
);
90 void getSearchList(SecPreferencesDomain domain
, KeychainList
&keychainList
);
91 void setSearchList(SecPreferencesDomain domain
, const KeychainList
&keychainList
);
93 void rename(Keychain keychain
, const char* newName
);
94 void renameUnique(Keychain keychain
, CFStringRef newName
);
96 // Iff keychainOrArray is NULL return the default KeychainList in keychainList otherwise
97 // if keychainOrArray is a CFArrayRef containing SecKeychainRef's convernt it to KeychainList,
98 // if keychainOrArray is a SecKeychainRef return a KeychainList with one element.
99 void optionalSearchList(CFTypeRef keychainOrArray
, KeychainList
&keychainList
);
101 // Convert CFArrayRef of SecKeychainRef's a KeychainList. The array must not be NULL
102 static void convertToKeychainList(CFArrayRef keychainArray
, KeychainList
&keychainList
);
104 // Convert KeychainList to a CFArrayRef of SecKeychainRef's.
105 static CFArrayRef
convertFromKeychainList(const KeychainList
&keychainList
);
107 // Login keychain support
108 void login(AuthorizationRef authRef
, UInt32 nameLength
, const char* name
);
109 void login(ConstStringPtr name
, ConstStringPtr password
);
110 void login(UInt32 nameLength
, const void *name
, UInt32 passwordLength
, const void *password
);
112 void changeLoginPassword(ConstStringPtr oldPassword
, ConstStringPtr newPassword
);
113 void changeLoginPassword(UInt32 oldPasswordLength
, const void *oldPassword
, UInt32 newPasswordLength
, const void *newPassword
);
115 void resetKeychain(Boolean resetSearchList
);
117 Keychain
defaultKeychain();
118 Keychain
defaultKeychainUI(Item
&item
);
119 void defaultKeychain(const Keychain
&keychain
);
121 Keychain
loginKeychain();
122 void loginKeychain(Keychain keychain
);
124 Keychain
defaultKeychain(SecPreferencesDomain domain
);
125 void defaultKeychain(SecPreferencesDomain domain
, const Keychain
&keychain
);
127 SecPreferencesDomain
domain() { return mDomain
; }
128 void domain(SecPreferencesDomain newDomain
);
130 // To be called by KeychainImpl destructor only.
131 void removeKeychain(const DLDbIdentifier
&dLDbIdentifier
, KeychainImpl
*keychainImpl
);
134 typedef map
<DLDbIdentifier
, KeychainImpl
*> KeychainMap
;
136 static void convertList(DLDbList
&ids
, const KeychainList
&kcs
);
137 void convertList(KeychainList
&kcs
, const DLDbList
&ids
);
139 // Only add if not there yet. Writes out CFPref and broadcasts KCPrefListChanged notification
140 void addAndNotify(const Keychain
& keychainToAdd
);
142 // set default credentials for opening a keychain
143 void setDefaultCredentials(const CssmClient::Db
&db
);
145 DLDbListCFPref mSavedList
;
146 DLDbListCFPref mCommonList
;
147 SecPreferencesDomain mDomain
; // current domain (in mSavedList and cache fields)
148 KeychainMap mKeychains
; // the cache of Keychains
152 } // end namespace KeychainCore
154 } // end namespace Security
156 #endif // !_SECURITY_STORAGEMANAGER_H_
projects / apple / security.git / blob