Keychain/TrustItem.h

   1 /*
   2  * Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18 //
  19 // TrustStore.h - Abstract interface to permanent user trust assignments
  20 //
  21 #ifndef _SECURITY_TRUSTITEM_H_
  22 #define _SECURITY_TRUSTITEM_H_
  23
  24 #include <Security/utilities.h>
  25 #include <Security/Certificate.h>
  26 #include <Security/Policies.h>
  27 #include <Security/SecTrust.h>
  28
  29
  30 // unique keychain item attributes for user trust records
  31 enum {
  32     kSecTrustCertAttr                            = 'tcrt',
  33     kSecTrustPolicyAttr                          = 'tpol'
  34 };
  35
  36
  37 namespace Security {
  38 namespace KeychainCore {
  39
  40
  41 //
  42 // A trust item in a keychain.
  43 // Currently, Item constructors do not explicitly generate this subclass.
  44 // They don't need to, since our ownly user (TrustStore) can deal with
  45 // the generic Item class just fine.
  46 // If we ever need Item to produce UserTrustItem impls, we would need to
  47 // add constructors from primary key (see Certificate for an example).
  48 //
  49 class UserTrustItem : public ItemImpl {
  50         NOCOPY(UserTrustItem)
  51 public:
  52         struct TrustData {
  53                 uint32 version;                                 // version mark
  54                 SecTrustUserSetting trust;              // user's trust choice
  55         };
  56         static const uint32 currentVersion = 0x101;
  57
  58 public:
  59         // new item constructor
  60     UserTrustItem(Certificate *cert, Policy *policy, const TrustData &trust);
  61     virtual ~UserTrustItem() throw();
  62
  63         TrustData trust();
  64
  65 public:
  66         static void makeCertIndex(Certificate *cert, CssmOwnedData &index);
  67
  68 protected:
  69         virtual PrimaryKey add(Keychain &keychain);
  70
  71         void populateAttributes();
  72
  73 private:
  74         SecPointer<Certificate> mCertificate;
  75         SecPointer<Policy> mPolicy;
  76 };
  77
  78
  79 } // end namespace KeychainCore
  80 } // end namespace Security
  81
  82 #endif // !_SECURITY_TRUSTITEM_H_