]> git.saurik.com Git - apple/security.git/blob - Keychain/Keychains.h
projects / apple / security.git / blob
? search:


4d585c1deaf6fc36202b5186496b859a8dd95604
[apple/security.git] / Keychain / Keychains.h
1 /*
2 * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18 //
19 // Keychains.h - The Keychain class
20 //
21 #ifndef _SECURITY_KEYCHAINS_H_
22 #define _SECURITY_KEYCHAINS_H_
23
24 #include <Security/cspclient.h>
25 #include <Security/dlclient.h>
26 #include <Security/refcount.h>
27 #include <Security/utilities.h>
28 #include <Security/DLDBListCFPref.h>
29 #include <Security/SecRuntime.h>
30 #include <Security/SecKeychain.h>
31 #include <Security/SecKeychainItem.h>
32 #include <memory>
33
34 namespace Security
35 {
36
37 namespace KeychainCore
38 {
39
40 class KCCursor;
41 class Item;
42 class PrimaryKey;
43 class StorageManager;
44
45
46 class KeychainSchemaImpl : public RefCount
47 {
48 NOCOPY(KeychainSchemaImpl)
49 public:
50 friend class KeychainSchema;
51 protected:
52 KeychainSchemaImpl(const CssmClient::Db &db);
53 public:
54 ~KeychainSchemaImpl();
55
56 CSSM_DB_ATTRIBUTE_FORMAT attributeFormatFor(CSSM_DB_RECORDTYPE recordType, uint32 attributeId) const;
57 const CssmAutoDbRecordAttributeInfo &primaryKeyInfosFor(CSSM_DB_RECORDTYPE recordType) const;
58
59 bool operator <(const KeychainSchemaImpl &other) const;
60 bool operator ==(const KeychainSchemaImpl &other) const;
61
62 void getAttributeInfoForRecordType(CSSM_DB_RECORDTYPE recordType, SecKeychainAttributeInfo **Info) const;
63 CssmDbAttributeInfo attributeInfoFor(CSSM_DB_RECORDTYPE recordType, uint32 attributeId) const;
64 bool hasAttribute(CSSM_DB_RECORDTYPE recordType, uint32 attributeId) const;
65
66 private:
67 typedef map<CSSM_DB_RECORDTYPE, CssmAutoDbRecordAttributeInfo *> PrimaryKeyInfoMap;
68 PrimaryKeyInfoMap mPrimaryKeyInfoMap;
69
70 typedef map<uint32, CSSM_DB_ATTRIBUTE_FORMAT> RelationInfoMap;
71 typedef map<CSSM_DB_RECORDTYPE, RelationInfoMap> DatabaseInfoMap;
72 DatabaseInfoMap mDatabaseInfoMap;
73 private:
74 const RelationInfoMap &relationInfoMapFor(CSSM_DB_RECORDTYPE recordType) const;
75 };
76
77
78 class KeychainSchema : public RefPointer<KeychainSchemaImpl>
79 {
80 public:
81 KeychainSchema() {}
82 KeychainSchema(KeychainSchemaImpl *impl) : RefPointer<KeychainSchemaImpl>(impl) {}
83 KeychainSchema(const CssmClient::Db &db) : RefPointer<KeychainSchemaImpl>(new KeychainSchemaImpl(db)) {}
84
85 bool operator <(const KeychainSchema &other) const
86 { return ptr && other.ptr ? *ptr < *other.ptr : ptr < other.ptr; }
87 bool operator ==(const KeychainSchema &other) const
88 { return ptr && other.ptr ? *ptr == *other.ptr : ptr == other.ptr; }
89
90 private:
91 typedef KeychainSchemaImpl Impl;
92 };
93
94
95 class KeychainImpl : public SecCFObject
96 {
97 NOCOPY(KeychainImpl)
98 public:
99 SECCFFUNCTIONS(KeychainImpl, SecKeychainRef, errSecInvalidKeychain)
100
101 friend class Keychain;
102 friend class ItemImpl;
103 protected:
104 KeychainImpl(const CssmClient::Db &db);
105
106 protected:
107 // Methods called by ItemImpl;
108 void didUpdate(ItemImpl *inItemImpl, PrimaryKey &oldPK,
109 PrimaryKey &newPK);
110
111 public:
112 virtual ~KeychainImpl() throw();
113
114 bool operator ==(const KeychainImpl &) const;
115
116 // Item calls
117 void add(Item &item); // item must not be persistant. Item will change.
118 void deleteItem(Item &item); // item must be persistant.
119
120 // Keychain calls
121 void create(UInt32 passwordLength, const void *inPassword);
122 void create(ConstStringPtr inPassword);
123 void create();
124 void create(const ResourceControlContext *rcc);
125 void open(); // There is no close since the client lib deals with that itself. might throw
126
127 // Locking and unlocking a keychain.
128 void lock();
129 void unlock();
130 void unlock(const CssmData &password);
131 void unlock(ConstStringPtr password); // @@@ This has a length limit, we should remove it.
132
133 void getSettings(uint32 &outIdleTimeOut, bool &outLockOnSleep);
134 void setSettings(uint32 inIdleTimeOut, bool inLockOnSleep);
135
136 // Passing in NULL for either oldPassword or newPassword will cause them to be prompted for.
137 // To specify a zero length password in either case the oldPasswordLength or newPasswordLength
138 // value must be 0 and the oldPassword or newPassword must not be NULL.
139 void changePassphrase(UInt32 oldPasswordLength, const void *oldPassword,
140 UInt32 newPasswordLength, const void *newPassword);
141 void changePassphrase(ConstStringPtr oldPassword, ConstStringPtr newPassword);
142
143 void authenticate(const CSSM_ACCESS_CREDENTIALS *cred); // Does not do an unlock.
144
145 const char *name() const { return mDb->name(); }
146 UInt32 status() const;
147 bool exists();
148 bool isActive() const;
149
150 KCCursor createCursor(const SecKeychainAttributeList *attrList);
151 KCCursor createCursor(SecItemClass itemClass, const SecKeychainAttributeList *attrList);
152 CssmClient::Db database() { return mDb; }
153 DLDbIdentifier dLDbIdentifier() const { return mDb->dlDbIdentifier(); }
154
155 CssmClient::CSP csp();
156
157 PrimaryKey makePrimaryKey(CSSM_DB_RECORDTYPE recordType, CssmClient::DbUniqueRecord &uniqueId);
158 void gatherPrimaryKeyAttributes(CssmClient::DbAttributes& primaryKeyAttrs);
159
160 const CssmAutoDbRecordAttributeInfo &primaryKeyInfosFor(CSSM_DB_RECORDTYPE recordType);
161
162 Item item(const PrimaryKey& primaryKey);
163 Item item(CSSM_DB_RECORDTYPE recordType, CssmClient::DbUniqueRecord &uniqueId);
164
165 CssmDbAttributeInfo attributeInfoFor(CSSM_DB_RECORDTYPE recordType, UInt32 tag);
166 void getAttributeInfoForItemID(CSSM_DB_RECORDTYPE itemID, SecKeychainAttributeInfo **Info);
167 static void freeAttributeInfo(SecKeychainAttributeInfo *Info);
168 KeychainSchema keychainSchema();
169 void resetSchema();
170 void didDeleteItem(const ItemImpl *inItemImpl);
171
172 private:
173 void addItem(const PrimaryKey &primaryKey, ItemImpl *dbItemImpl);
174 void removeItem(const PrimaryKey &primaryKey, const ItemImpl *inItemImpl);
175
176 CssmClient::Db mDb;
177 Mutex mDbItemMapLock;
178 typedef map<PrimaryKey, ItemImpl *> DbItemMap;
179 DbItemMap mDbItemMap;
180
181 KeychainSchema mKeychainSchema;
182 };
183
184
185 class Keychain : public SecPointer<KeychainImpl>
186 {
187 public:
188 Keychain() {}
189 Keychain(KeychainImpl *impl) : SecPointer<KeychainImpl>(impl) {}
190
191 static Keychain optional(SecKeychainRef handle);
192
193 private:
194 friend class StorageManager;
195 Keychain(const CssmClient::Db &db)
196 : SecPointer<KeychainImpl>(new KeychainImpl(db)) {}
197
198 typedef KeychainImpl Impl;
199 };
200
201
202 } // end namespace KeychainCore
203
204 } // end namespace Security
205
206 #endif // !_SECURITY_KEYCHAINS_H_
mirror of Security