+++ /dev/null
-/*
- * Copyright (c) 2000-2001,2003-2004 Apple Computer, Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-
-
-//
-// manager - CSSM manager/supervisor objects.
-//
-#ifndef _H_MANAGER
-#define _H_MANAGER
-
-#include "modloader.h"
-#include <security_cdsa_utilities/callback.h>
-#include "cssmmds.h"
-#include "attachfactory.h"
-
-
-//
-// The CssmManager class embodies one instance of CSSM. It can interact with multiple
-// callers in multiple threads.
-// As far as CssmManager is concerned, it doesn't mind for multiple instances of it to
-// exist. Such instances are strictly separated; they do not share anything (module info,
-// attachments, callbacks, etc.) and live their lives in splendid isolation. Of course,
-// other subsystems they deal with (e.g. the ModuleLoader) may multiplex them, but such
-// components should take pains not to "leak" information from one CssmManager instance
-// to another.
-//
-class CssmManager : public AttachmentFactory {
- NOCOPY(CssmManager)
- static const CSSM_GUID theGuidForCssmItself;
-public:
- CssmManager();
- virtual ~CssmManager();
-
- void initialize (const CSSM_VERSION &version,
- CSSM_PRIVILEGE_SCOPE scope,
- const Guid &callerGuid,
- CSSM_KEY_HIERARCHY keyHierarchy,
- CSSM_PVC_MODE &pvcPolicy);
- bool terminate();
-
- void loadModule (const Guid &guid,
- CSSM_KEY_HIERARCHY keyHierarchy,
- const ModuleCallback &callback);
- void unloadModule (const Guid &guid,
- const ModuleCallback &callback);
-
- void introduce(const Guid &guid, CSSM_KEY_HIERARCHY keyHierarchy);
- void unIntroduce(const Guid &guid);
-
- //
- // Polite inquiries
- //
-
- // these values are constant (after init time) and need no locking
- const Guid &callerGuid() const { return mCallerGuid; }
- CSSM_PRIVILEGE_SCOPE privilegeScope() const { return mPrivilegeScope; }
- CSSM_KEY_HIERARCHY keyHierarchy() const { return mKeyHierarchy; }
- CSSM_PVC_MODE pvcMode() const { return mPvcPolicy; }
-
- //@@@ for these two, consider locking (as of the C shims AND the transition layer use)
- const CSSM_PRIVILEGE &getPrivilege() const { return mPrivilege; }
- void setPrivilege(const CSSM_PRIVILEGE &priv) { mPrivilege = priv; }
-
-public:
- Module *getModule(const Guid &guid);
-
-private:
- typedef map<Guid, Module *> ModuleMap;
- ModuleMap moduleMap;
-
- Mutex mLock; // object lock
- unsigned int initCount; // number of times successfully initialized
-
-private:
- ModuleLoader loader; // our ticket to module land
-
-private:
- // state acquired from initialize (instance constants - not guarded)
- CSSM_PRIVILEGE_SCOPE mPrivilegeScope;
- CSSM_KEY_HIERARCHY mKeyHierarchy;
- CSSM_PVC_MODE mPvcPolicy;
- Guid mCallerGuid;
-
- // persistent state of the CSSM (guarded by module lock)
- CSSM_PRIVILEGE mPrivilege; // established privileges
-
-private:
- void checkVersion(const CSSM_VERSION &version);
-};
-
-#ifdef _CPP_MANAGER
-# pragma export off
-#endif
-
-#endif //_H_MANAGER
projects / apple / security.git / blobdiff