]> git.saurik.com Git - apple/security.git/blob - cdsa/cdsa_utilities/cssmaclpod.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-54.1.tar.gz
[apple/security.git] / cdsa / cdsa_utilities / cssmaclpod.h
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 //
20 // cssmaclpod - enhanced PodWrappers for ACL-related CSSM data structures
21 //
22 #ifndef _CSSMACLPOD
23 #define _CSSMACLPOD
24
25 #include <Security/utilities.h>
26 #include <Security/cssmlist.h>
27 #include <Security/cssmalloc.h>
28
29 #ifdef _CPP_CSSMACLPOD
30 #pragma export on
31 #endif
32
33 namespace Security
34 {
35
36 // a nicer name for an authorization tag
37 typedef CSSM_ACL_AUTHORIZATION_TAG AclAuthorization;
38 typedef std::set<AclAuthorization> AclAuthorizationSet;
39
40
41 //
42 // Enhanced POD Wrappers for the public ACL-related CSSM structures
43 //
44 class AuthorizationGroup : public PodWrapper<AuthorizationGroup, CSSM_AUTHORIZATIONGROUP> {
45 public:
46 AuthorizationGroup() { NumberOfAuthTags = 0; }
47 AuthorizationGroup(AclAuthorization auth);
48
49 explicit AuthorizationGroup(const AclAuthorizationSet &, CssmAllocator &alloc);
50 void destroy(CssmAllocator &alloc);
51
52 bool empty() const { return NumberOfAuthTags == 0; }
53 unsigned int count() const { return NumberOfAuthTags; }
54 CSSM_ACL_AUTHORIZATION_TAG operator [] (unsigned ix) const
55 { assert(ix < count()); return AuthTags[ix]; }
56
57 bool contains(CSSM_ACL_AUTHORIZATION_TAG tag) const;
58 operator AclAuthorizationSet () const;
59 };
60
61 class AclOwnerPrototype;
62
63 class AclEntryPrototype : public PodWrapper<AclEntryPrototype, CSSM_ACL_ENTRY_PROTOTYPE> {
64 public:
65 AclEntryPrototype() { clearPod(); }
66 explicit AclEntryPrototype(const AclOwnerPrototype &proto);
67 AclEntryPrototype(const CSSM_LIST &subj, bool delegate = false)
68 { clearPod(); TypedSubject = subj; Delegate = delegate; }
69
70 TypedList &subject() { return TypedList::overlay(TypedSubject); }
71 const TypedList &subject() const { return TypedList::overlay(TypedSubject); }
72 bool delegate() const { return Delegate; }
73 char *tag() { return EntryTag; }
74 const char *tag() const { return EntryTag; }
75 void tag(const char *tagString);
76 AuthorizationGroup &authorization() { return AuthorizationGroup::overlay(Authorization); }
77 const AuthorizationGroup &authorization() const
78 { return AuthorizationGroup::overlay(Authorization); }
79 };
80
81 class AclOwnerPrototype : public PodWrapper<AclOwnerPrototype, CSSM_ACL_OWNER_PROTOTYPE> {
82 public:
83 AclOwnerPrototype() { clearPod(); }
84 explicit AclOwnerPrototype(const AclEntryPrototype &proto)
85 { TypedSubject = proto.subject(); Delegate = proto.delegate(); }
86 AclOwnerPrototype(const CSSM_LIST &subj, bool delegate = false)
87 { TypedSubject = subj; Delegate = delegate; }
88
89 TypedList &subject() { return TypedList::overlay(TypedSubject); }
90 const TypedList &subject() const { return TypedList::overlay(TypedSubject); }
91 bool delegate() const { return Delegate; }
92 };
93
94 class AclEntryInfo : public PodWrapper<AclEntryInfo, CSSM_ACL_ENTRY_INFO> {
95 public:
96 AclEntryPrototype &proto() { return AclEntryPrototype::overlay(EntryPublicInfo); }
97 const AclEntryPrototype &proto()
98 const { return AclEntryPrototype::overlay(EntryPublicInfo); }
99
100 operator AclEntryPrototype &() { return proto(); }
101 operator const AclEntryPrototype &() const { return proto(); }
102
103 CSSM_ACL_HANDLE &handle() { return EntryHandle; }
104 const CSSM_ACL_HANDLE &handle() const { return EntryHandle; }
105 };
106
107 class AclEntryInput : public PodWrapper<AclEntryInput, CSSM_ACL_ENTRY_INPUT> {
108 public:
109 AclEntryInput() { clearPod(); }
110 AclEntryInput(const AclEntryPrototype &prot)
111 { Prototype = prot; Callback = NULL; CallerContext = NULL; }
112
113 AclEntryPrototype &proto() { return AclEntryPrototype::overlay(Prototype); }
114 const AclEntryPrototype &proto() const { return AclEntryPrototype::overlay(Prototype); }
115 //@@@ not supporting callback features (yet)
116 };
117
118 class AclEdit : public PodWrapper<AclEdit, CSSM_ACL_EDIT> {
119 public:
120 AclEdit(CSSM_ACL_EDIT_MODE m, CSSM_ACL_HANDLE h, const AclEntryInput *data)
121 { EditMode = m; OldEntryHandle = h; NewEntry = data; }
122 AclEdit(const AclEntryInput &add)
123 { EditMode = CSSM_ACL_EDIT_MODE_ADD; OldEntryHandle = CSSM_INVALID_HANDLE; NewEntry = &add; }
124 AclEdit(CSSM_ACL_HANDLE h, const AclEntryInput &modify)
125 { EditMode = CSSM_ACL_EDIT_MODE_REPLACE; OldEntryHandle = h; NewEntry = &modify; }
126 AclEdit(CSSM_ACL_HANDLE h)
127 { EditMode = CSSM_ACL_EDIT_MODE_DELETE; OldEntryHandle = h; NewEntry = NULL; }
128
129 CSSM_ACL_EDIT_MODE mode() const { return EditMode; }
130 CSSM_ACL_HANDLE handle() const { return OldEntryHandle; }
131 const AclEntryInput *newEntry() const { return AclEntryInput::overlay(NewEntry); }
132 };
133
134
135 //
136 // Allocating versions of Acl structures
137 //
138 class AutoAclOwnerPrototype {
139 NOCOPY(AutoAclOwnerPrototype)
140 public:
141 // allocator can be set after construction
142 AutoAclOwnerPrototype(CssmAllocator *allocator = NULL)
143 : mAclOwnerPrototype(NULL), mAllocator(allocator) { }
144 ~AutoAclOwnerPrototype();
145
146 operator CSSM_ACL_OWNER_PROTOTYPE *() { return make(); }
147 AclOwnerPrototype &operator * () { return *make(); }
148
149 void allocator(CssmAllocator &allocator);
150
151 private:
152 AclOwnerPrototype *mAclOwnerPrototype;
153 CssmAllocator *mAllocator;
154
155 AclOwnerPrototype *make();
156 };
157
158
159 class AutoAclEntryInfoList {
160 NOCOPY(AutoAclEntryInfoList)
161 public:
162 // allocator can be set after construction
163 AutoAclEntryInfoList(CssmAllocator *allocator = NULL)
164 : mAclEntryInfo(NULL), mNumberOfAclEntries(0), mAllocator(allocator) { }
165 ~AutoAclEntryInfoList();
166
167 operator CSSM_ACL_ENTRY_INFO_PTR *() { return &CSSM_ACL_ENTRY_INFO_PTR(mAclEntryInfo); }
168 operator uint32 *() { return &mNumberOfAclEntries; }
169
170 void allocator(CssmAllocator &allocator);
171
172 const AclEntryInfo &at(uint32 ix) const { return mAclEntryInfo[ix]; }
173 const AclEntryInfo &operator[](uint32 ix) const
174 { assert(ix < mNumberOfAclEntries); return mAclEntryInfo[ix]; }
175 AclEntryInfo &operator[](uint32 ix)
176 { assert(ix < mNumberOfAclEntries); return mAclEntryInfo[ix]; }
177
178 uint32 size() const { return mNumberOfAclEntries; } // obsolete
179 uint32 count() const { return mNumberOfAclEntries; }
180 AclEntryInfo *entries() const { return mAclEntryInfo; }
181
182 private:
183 AclEntryInfo *mAclEntryInfo;
184 uint32 mNumberOfAclEntries;
185 CssmAllocator *mAllocator;
186 };
187
188 class AutoAuthorizationGroup : public AuthorizationGroup {
189 public:
190 AutoAuthorizationGroup(CssmAllocator &alloc) : allocator(alloc) { }
191 explicit AutoAuthorizationGroup(const AclAuthorizationSet &set,
192 CssmAllocator &alloc) : AuthorizationGroup(set, alloc), allocator(alloc) { }
193 ~AutoAuthorizationGroup() { destroy(allocator); }
194
195 CssmAllocator &allocator;
196 };
197
198
199 //
200 // Walkers for the CSSM API structure types
201 //
202 namespace DataWalkers {
203
204 // AclEntryInput
205 template <class Action>
206 AclEntryInput *walk(Action &operate, AclEntryInput * &input)
207 {
208 operate(input);
209 walk(operate, *input);
210 return input;
211 }
212
213 template <class Action>
214 void walk(Action &operate, AclEntryInput &input)
215 { walk(operate, input.proto()); }
216
217 // AclEntryInfo
218 template <class Action>
219 void walk(Action &operate, AclEntryInfo &info)
220 { walk(operate, info.proto()); }
221
222 template <class Action>
223 void walk(Action &operate, const AclEntryInfo &info)
224 { walk(operate, const_cast<AclEntryInfo &>(info)); }
225
226 // AclEntryPrototype
227 template <class Action>
228 void walk(Action &operate, AclEntryPrototype &proto)
229 {
230 walk(operate, proto.subject());
231 operate(proto.Authorization.AuthTags,
232 sizeof(CSSM_ACL_AUTHORIZATION_TAG) * proto.Authorization.NumberOfAuthTags);
233 //@@@ ignoring validity period
234 }
235
236 template <class Action>
237 AclEntryPrototype *walk(Action &operate, AclEntryPrototype * &proto)
238 {
239 operate(proto);
240 walk(operate, *proto);
241 return proto;
242 }
243
244 // AclOwnerPrototype
245 template <class Action>
246 void walk(Action &operate, AclOwnerPrototype &proto)
247 {
248 walk(operate, proto.subject());
249 }
250
251 template <class Action>
252 AclOwnerPrototype *walk(Action &operate, AclOwnerPrototype * &proto)
253 {
254 operate(proto);
255 walk(operate, *proto);
256 return proto;
257 }
258
259
260 } // end namespace DataWalkers
261
262 } // end namespace Security
263
264 #ifdef _CPP_CSSMACLPOD
265 #pragma export off
266 #endif
267
268
269 #endif //_CSSMACLPOD
mirror of Security