2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
20 // manager - CSSM manager/supervisor objects.
25 #include <Security/modloader.h>
26 #include <Security/callback.h>
28 #include "attachfactory.h"
32 // The CssmManager class embodies one instance of CSSM. It can interact with multiple
33 // callers in multiple threads.
34 // As far as CssmManager is concerned, it doesn't mind for multiple instances of it to
35 // exist. Such instances are strictly separated; they do not share anything (module info,
36 // attachments, callbacks, etc.) and live their lives in splendid isolation. Of course,
37 // other subsystems they deal with (e.g. the ModuleLoader) may multiplex them, but such
38 // components should take pains not to "leak" information from one CssmManager instance
41 class CssmManager
: public MdsComponent
, public AttachmentFactory
{
43 static const CSSM_GUID theGuidForCssmItself
;
46 virtual ~CssmManager();
48 void initialize (const CSSM_VERSION
&version
,
49 CSSM_PRIVILEGE_SCOPE scope
,
50 const Guid
&callerGuid
,
51 CSSM_KEY_HIERARCHY keyHierarchy
,
52 CSSM_PVC_MODE
&pvcPolicy
);
55 void loadModule (const Guid
&guid
,
56 CSSM_KEY_HIERARCHY keyHierarchy
,
57 const ModuleCallback
&callback
);
58 void unloadModule (const Guid
&guid
,
59 const ModuleCallback
&callback
);
61 void introduce(const Guid
&guid
, CSSM_KEY_HIERARCHY keyHierarchy
);
62 void unIntroduce(const Guid
&guid
);
68 // these values are constant (after init time) and need no locking
69 const Guid
&callerGuid() const { return mCallerGuid
; }
70 CSSM_PRIVILEGE_SCOPE
privilegeScope() const { return mPrivilegeScope
; }
71 CSSM_KEY_HIERARCHY
keyHierarchy() const { return mKeyHierarchy
; }
72 CSSM_PVC_MODE
pvcMode() const { return mPvcPolicy
; }
74 //@@@ for these two, consider locking (as of the C shims AND the transition layer use)
75 const CSSM_PRIVILEGE
&getPrivilege() const { return mPrivilege
; }
76 void setPrivilege(const CSSM_PRIVILEGE
&priv
) { mPrivilege
= priv
; }
79 Module
*getModule(const Guid
&guid
);
82 typedef map
<Guid
, Module
*> ModuleMap
;
85 Mutex mLock
; // object lock
86 unsigned int initCount
; // number of times successfully initialized
89 ModuleLoader loader
; // our ticket to module land
92 // state acquired from initialize (instance constants - not guarded)
93 CSSM_PRIVILEGE_SCOPE mPrivilegeScope
;
94 CSSM_KEY_HIERARCHY mKeyHierarchy
;
95 CSSM_PVC_MODE mPvcPolicy
;
98 // persistent state of the CSSM (guarded by module lock)
99 CSSM_PRIVILEGE mPrivilege
; // established privileges
102 void checkVersion(const CSSM_VERSION
&version
);
projects / apple / security.git / blob