cdsa/cdsa_utilities/cssmaclpod.h

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 //
  20 // cssmaclpod - enhanced PodWrappers for ACL-related CSSM data structures
  21 //
  22 #ifndef _CSSMACLPOD
  23 #define _CSSMACLPOD
  24
  25 #include <Security/utilities.h>
  26 #include <Security/cssmlist.h>
  27 #include <Security/cssmalloc.h>
  28
  29 #ifdef _CPP_CSSMACLPOD
  30 #pragma export on
  31 #endif
  32
  33 namespace Security
  34 {
  35
  36 // a nicer name for an authorization tag
  37 typedef CSSM_ACL_AUTHORIZATION_TAG AclAuthorization;
  38 typedef set<AclAuthorization> AclAuthorizationSet;
  39
  40
  41 //
  42 // Enhanced POD Wrappers for the public ACL-related CSSM structures
  43 //
  44 class AuthorizationGroup : public PodWrapper<AuthorizationGroup, CSSM_AUTHORIZATIONGROUP> {
  45 public:
  46         AuthorizationGroup() { NumberOfAuthTags = 0; }
  47         AuthorizationGroup(AclAuthorization auth);
  48         explicit AuthorizationGroup(const AclAuthorizationSet &, CssmAllocator &alloc);
  49
  50     bool empty() const                  { return NumberOfAuthTags == 0; }
  51         unsigned int count() const      { return NumberOfAuthTags; }
  52         CSSM_ACL_AUTHORIZATION_TAG operator [] (unsigned ix) const
  53         { assert(ix < count()); return AuthTags[ix]; }
  54
  55         bool contains(CSSM_ACL_AUTHORIZATION_TAG tag) const;
  56         operator AclAuthorizationSet () const;
  57 };
  58
  59 class AclOwnerPrototype;
  60
  61 class AclEntryPrototype : public PodWrapper<AclEntryPrototype, CSSM_ACL_ENTRY_PROTOTYPE> {
  62 public:
  63         AclEntryPrototype() { memset(this, 0, sizeof(*this)); }
  64         AclEntryPrototype(const AclOwnerPrototype &proto);
  65         AclEntryPrototype(const CSSM_LIST &subj, bool delegate = false)
  66         { memset(this, 0, sizeof(*this)); TypedSubject = subj; Delegate = delegate; }
  67
  68         TypedList &subject() { return TypedList::overlay(TypedSubject); }
  69         const TypedList &subject() const { return TypedList::overlay(TypedSubject); }
  70         bool delegate() const { return Delegate; }
  71         char *tag() { return EntryTag; }
  72         const char *tag() const { return EntryTag; }
  73         AuthorizationGroup &authorization() { return AuthorizationGroup::overlay(Authorization); }
  74         const AuthorizationGroup &authorization() const
  75         { return AuthorizationGroup::overlay(Authorization); }
  76 };
  77
  78 class AclOwnerPrototype : public PodWrapper<AclOwnerPrototype, CSSM_ACL_OWNER_PROTOTYPE> {
  79 public:
  80         AclOwnerPrototype() { }
  81         explicit AclOwnerPrototype(const AclEntryPrototype &proto)
  82         { TypedSubject = proto.subject(); Delegate = proto.delegate(); }
  83
  84         TypedList &subject() { return TypedList::overlay(TypedSubject); }
  85         const TypedList &subject() const { return TypedList::overlay(TypedSubject); }
  86         bool delegate() const { return Delegate; }
  87 };
  88
  89 class AclEntryInfo : public PodWrapper<AclEntryInfo, CSSM_ACL_ENTRY_INFO> {
  90 public:
  91         AclEntryPrototype &proto() { return AclEntryPrototype::overlay(EntryPublicInfo); }
  92         const AclEntryPrototype &proto()
  93         const { return AclEntryPrototype::overlay(EntryPublicInfo); }
  94
  95         operator AclEntryPrototype &() { return proto(); }
  96         operator const AclEntryPrototype &() const { return proto(); }
  97
  98         CSSM_ACL_HANDLE &handle() { return EntryHandle; }
  99         const CSSM_ACL_HANDLE &handle() const { return EntryHandle; }
 100 };
 101
 102 class AclEntryInput : public PodWrapper<AclEntryInput, CSSM_ACL_ENTRY_INPUT> {
 103 public:
 104         AclEntryInput() { memset(this, 0, sizeof(*this)); }
 105         AclEntryInput(const AclEntryPrototype &prot)
 106         { Prototype = prot; Callback = NULL; CallerContext = NULL; }
 107
 108         AclEntryPrototype &proto() { return AclEntryPrototype::overlay(Prototype); }
 109         const AclEntryPrototype &proto() const { return AclEntryPrototype::overlay(Prototype); }
 110         //@@@ not supporting callback features (yet)
 111 };
 112
 113 class AclEdit : public PodWrapper<AclEdit, CSSM_ACL_EDIT> {
 114 public:
 115         AclEdit(CSSM_ACL_EDIT_MODE m, CSSM_ACL_HANDLE h, const AclEntryInput *data)
 116         { EditMode = m; OldEntryHandle = h; NewEntry = data; }
 117         AclEdit(const AclEntryInput &add)
 118         { EditMode = CSSM_ACL_EDIT_MODE_ADD; OldEntryHandle = CSSM_INVALID_HANDLE; NewEntry = &add; }
 119         AclEdit(CSSM_ACL_HANDLE h, const AclEntryInput &modify)
 120         { EditMode = CSSM_ACL_EDIT_MODE_REPLACE; OldEntryHandle = h; NewEntry = &modify; }
 121         AclEdit(CSSM_ACL_HANDLE h)
 122         { EditMode = CSSM_ACL_EDIT_MODE_DELETE; OldEntryHandle = h; NewEntry = NULL; }
 123
 124         CSSM_ACL_EDIT_MODE mode() const { return EditMode; }
 125         CSSM_ACL_HANDLE handle() const { return OldEntryHandle; }
 126         const AclEntryInput *newEntry() const { return AclEntryInput::overlay(NewEntry); }
 127 };
 128
 129
 130 //
 131 // Allocating versions of Acl structures
 132 //
 133 class AutoAclOwnerPrototype {
 134         NOCOPY(AutoAclOwnerPrototype)
 135 public:
 136         // allocator can be set after construction
 137         AutoAclOwnerPrototype(CssmAllocator *allocator = NULL) : mAllocator(allocator) { }
 138         ~AutoAclOwnerPrototype();
 139
 140         operator CSSM_ACL_OWNER_PROTOTYPE *() { return mAclOwnerPrototype; }
 141
 142         void allocator(CssmAllocator &allocator);
 143
 144 private:
 145         AclOwnerPrototype *mAclOwnerPrototype;
 146         CssmAllocator *mAllocator;
 147 };
 148
 149
 150 class AutoAclEntryInfoList {
 151         NOCOPY(AutoAclEntryInfoList)
 152 public:
 153         // allocator can be set after construction
 154         AutoAclEntryInfoList(CssmAllocator *allocator = NULL)
 155     : mAclEntryInfo(NULL), mNumberOfAclEntries(0), mAllocator(allocator) { }
 156         ~AutoAclEntryInfoList();
 157
 158         operator CSSM_ACL_ENTRY_INFO_PTR *() { return &CSSM_ACL_ENTRY_INFO_PTR(mAclEntryInfo); }
 159         operator uint32 *() { return &mNumberOfAclEntries; }
 160
 161         void allocator(CssmAllocator &allocator);
 162
 163         const AclEntryInfo &at(uint32 ix) const { return mAclEntryInfo[ix]; }
 164         const AclEntryInfo &operator[](uint32 ix) const
 165         { assert(ix < mNumberOfAclEntries); return mAclEntryInfo[ix]; }
 166
 167         uint32 size() const { return mNumberOfAclEntries; }
 168
 169 private:
 170         AclEntryInfo *mAclEntryInfo;
 171         uint32 mNumberOfAclEntries;
 172         CssmAllocator *mAllocator;
 173 };
 174
 175
 176 //
 177 // Walkers for the CSSM API structure types
 178 //
 179 namespace DataWalkers {
 180
 181 // AclEntryInput
 182 template <class Action>
 183 AclEntryInput *walk(Action &operate, AclEntryInput * &input)
 184 {
 185         operate(input);
 186         walk(operate, *input);
 187         return input;
 188 }
 189
 190 template <class Action>
 191 void walk(Action &operate, AclEntryInput &input)
 192 { walk(operate, input.proto()); }
 193
 194 // AclEntryInfo
 195 template <class Action>
 196 void walk(Action &operate, AclEntryInfo &info)
 197 { walk(operate, info.proto()); }
 198
 199 template <class Action>
 200 void walk(Action &operate, const AclEntryInfo &info)
 201 { walk(operate, const_cast<AclEntryInfo &>(info)); }
 202
 203 // AclEntryPrototype
 204 template <class Action>
 205 void walk(Action &operate, AclEntryPrototype &proto)
 206 {
 207         walk(operate, proto.subject());
 208         operate(proto.Authorization.AuthTags,
 209                 sizeof(CSSM_ACL_AUTHORIZATION_TAG) * proto.Authorization.NumberOfAuthTags);
 210         //@@@ ignoring validity period
 211 }
 212
 213 template <class Action>
 214 AclEntryPrototype *walk(Action &operate, AclEntryPrototype * &proto)
 215 {
 216         operate(proto);
 217         walk(operate, *proto);
 218         return proto;
 219 }
 220
 221 // AclOwnerPrototype
 222 template <class Action>
 223 void walk(Action &operate, AclOwnerPrototype &proto)
 224 {
 225         walk(operate, proto.subject());
 226 }
 227
 228 template <class Action>
 229 AclOwnerPrototype *walk(Action &operate, AclOwnerPrototype * &proto)
 230 {
 231         operate(proto);
 232         walk(operate, *proto);
 233         return proto;
 234 }
 235
 236
 237 } // end namespace DataWalkers
 238
 239 } // end namespace Security
 240
 241 #ifdef _CPP_CSSMACLPOD
 242 #pragma export off
 243 #endif
 244
 245
 246 #endif //_CSSMACLPOD