1/* Copyright (c) 2012-2013 Apple Inc. All Rights Reserved. */ 2 3#ifndef _SECURITY_AUTH_AGENT_H_ 4#define _SECURITY_AUTH_AGENT_H_ 5 6#if defined(__cplusplus) 7extern "C" { 8#endif 9 10typedef enum _PluginState { 11 init, 12 created, 13 current, 14 deactivating, 15 active, 16 interrupting, 17 mechinterrupting, 18 dead 19} PluginState; 20 21typedef enum { 22 privilegedAuthHost, 23 securityAgent, 24 userAuthHost 25} AuthHostType; 26 27// 28// Unified reason codes transmitted to SecurityAgent (and internationalized there) 29// 30enum Reason { 31 noReason = 0, // no reason (not used, used as a NULL) 32 unknownReason, // something else (catch-all internal error) 33 34 // reasons for asking for a new passphrase 35 newDatabase = 11, // need passphrase for a new database 36 changePassphrase, // changing passphrase for existing database 37 38 // reasons for retrying an unlock query 39 invalidPassphrase = 21, // passphrase was wrong 40 41 // reasons for retrying a new passphrase query 42 passphraseIsNull = 31, // empty passphrase 43 passphraseTooSimple, // passphrase is not complex enough 44 passphraseRepeated, // passphrase was used before (must use new one) 45 passphraseUnacceptable, // passphrase unacceptable for some other reason 46 oldPassphraseWrong, // the old passphrase given is wrong 47 48 // reasons for retrying an authorization query 49 userNotInGroup = 41, // authenticated user not in needed group 50 unacceptableUser, // authenticated user unacceptable for some other reason 51 52 // reasons for canceling a staged query 53 tooManyTries = 61, // too many failed attempts to get it right 54 noLongerNeeded, // the queried item is no longer needed 55 keychainAddFailed, // the requested itemed couldn't be added to the keychain 56 generalErrorCancel, // something went wrong so we have to give up now 57 58 worldChanged = 101 59}; 60 61typedef enum { 62 tool = 'TOOL', 63 bundle = 'BNDL', 64 unknown = 'UNKN' 65} RequestorType; 66 67AUTH_WARN_RESULT AUTH_MALLOC AUTH_NONNULL_ALL AUTH_RETURNS_RETAINED 68agent_t agent_create(engine_t engine, mechanism_t mech, auth_token_t auth, process_t proc, bool firstMech); 69 70AUTH_NONNULL_ALL 71uint64_t agent_run(agent_t,auth_items_t hints, auth_items_t context, auth_items_t immutable_hints); 72 73AUTH_NONNULL_ALL 74auth_items_t agent_get_hints(agent_t); 75 76AUTH_NONNULL_ALL 77auth_items_t agent_get_context(agent_t); 78 79AUTH_NONNULL_ALL 80void agent_deactivate(agent_t); 81 82AUTH_NONNULL_ALL 83void agent_destroy(agent_t); 84 85AUTH_NONNULL_ALL 86PluginState agent_get_state(agent_t); 87 88AUTH_NONNULL_ALL 89mechanism_t agent_get_mechanism(agent_t); 90 91AUTH_NONNULL_ALL 92void agent_recieve(agent_t); 93 94AUTH_NONNULL_ALL 95void 96agent_notify_interrupt(agent_t agent); 97 98AUTH_NONNULL_ALL 99void 100agent_clear_interrupt(agent_t agent); 101 102#if defined(__cplusplus) 103} 104#endif 105 106#endif /* !_SECURITY_AUTH_AGENT_H_ */ 107