1/* 2 * Copyright (c) 2000,2002-2006,2011,2014 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 25/* 26 * AuthorizationData.h 27 * Authorization 28 */ 29 30#ifndef _H_AUTHORIZATIONDATA 31#define _H_AUTHORIZATIONDATA 1 32 33#include <Security/Authorization.h> 34#include <Security/AuthorizationPlugin.h> 35#include <security_cdsa_utilities/cssmdata.h> 36#include <CoreFoundation/CFDate.h> 37 38#include <security_utilities/refcount.h> 39#include <security_utilities/alloc.h> 40 41#include <map> 42#include <set> 43#include <string> 44 45// ptrdiff_t needed, so including STL type closest 46#include <vector> 47 48// @@@ Should consider making the various types better citizens by taking an Allocator, for now values are wiped. 49 50namespace Authorization 51{ 52 53class AuthValueOverlay : public AuthorizationValue 54{ 55public: 56 AuthValueOverlay(const string& stringValue) { length = stringValue.length(); data = const_cast<char *>(stringValue.c_str()); } 57 AuthValueOverlay(UInt32 inLength, void *inData) { length = inLength; data = inData; } 58}; 59 60class AuthValueRef; 61 62class AuthValue : public RefCount 63{ 64 friend class AuthValueRef; 65private: 66 AuthValue(const AuthValue& value) {} 67protected: 68 AuthValue(const AuthorizationValue &value); 69 AuthValue(UInt32 length, void *data); 70public: 71 AuthValue &operator = (const AuthValue &other); 72 ~AuthValue(); 73 void fillInAuthorizationValue(AuthorizationValue &value); 74 const AuthorizationValue& value() const { return mValue; } 75private: 76 AuthorizationValue mValue; 77 mutable bool mOwnsValue; 78}; 79 80// AuthValueRef impl 81class AuthValueRef : public RefPointer<AuthValue> 82{ 83public: 84 AuthValueRef(const AuthValue &value); 85 AuthValueRef(const AuthorizationValue &value); 86 AuthValueRef(UInt32 length, void *data); 87}; 88 89 90// vector should become a member with accessors 91class AuthValueVector : public vector<AuthValueRef> 92{ 93public: 94 AuthValueVector() {} 95 ~AuthValueVector() {} 96 97 AuthValueVector &operator = (const AuthorizationValueVector& valueVector); 98 99 void copy(AuthorizationValueVector **data, size_t *length) const; 100}; 101 102 103 104class AuthItemRef; 105 106class AuthItem : public RefCount 107{ 108 friend class AuthItemRef; 109private: 110 AuthItem(const AuthItem& item); 111protected: 112 AuthItem(const AuthorizationItem &item); 113 AuthItem(AuthorizationString name); 114 AuthItem(AuthorizationString name, AuthorizationValue value); 115 AuthItem(AuthorizationString name, AuthorizationValue value, AuthorizationFlags flags); 116 117 bool operator < (const AuthItem &other) const; 118 119public: 120 AuthItem &operator = (const AuthItem &other); 121 ~AuthItem(); 122 123 void fillInAuthorizationItem(AuthorizationItem &item); 124 125 AuthorizationString name() const { return mName; } 126 const AuthorizationValue& value() const { return mValue; } 127 string stringValue() const { return string(static_cast<char *>(mValue.data), mValue.length); } 128 AuthorizationFlags flags() const { return mFlags; } 129 void setFlags(AuthorizationFlags inFlags) { mFlags = inFlags; }; 130 131private: 132 AuthorizationString mName; 133 AuthorizationValue mValue; 134 AuthorizationFlags mFlags; 135 mutable bool mOwnsName; 136 mutable bool mOwnsValue; 137 138public: 139 bool getBool(bool &value); 140 bool getString(string &value); 141 bool getCssmData(CssmAutoData &value); 142}; 143 144class AuthItemRef : public RefPointer<AuthItem> 145{ 146public: 147 AuthItemRef(const AuthorizationItem &item); 148 AuthItemRef(AuthorizationString name); 149 AuthItemRef(AuthorizationString name, AuthorizationValue value, AuthorizationFlags flags = 0); 150 151 bool operator < (const AuthItemRef &other) const 152 { 153 return **this < *other; 154 } 155}; 156 157// set should become a member with accessors 158class AuthItemSet : public set<AuthItemRef> 159{ 160public: 161 AuthItemSet(); 162 ~AuthItemSet(); 163 AuthItemSet(const AuthorizationItemSet *item); 164 AuthItemSet(const AuthItemSet& itemSet); 165 166 AuthItemSet &operator = (const AuthorizationItemSet& itemSet); 167 AuthItemSet &operator = (const AuthItemSet& itemSet); 168 169 void copy(AuthorizationItemSet *&data, size_t &length, Allocator &alloc = Allocator::standard()) const; 170 AuthorizationItemSet *copy() const; 171 172 char *firstItemName; 173 174public: 175 AuthItem *find(const char *name); 176 177private: 178 void duplicate(const AuthItemSet& itemSet); 179}; 180 181class FindAuthItemByRightName 182{ 183public: 184 FindAuthItemByRightName(const char *find_name) : name(find_name) { } 185 186 bool operator()( const AuthItemRef& authitem ) 187 { 188 return (!strcmp(name, authitem->name())); 189 } 190 bool operator()( const AuthorizationItem* authitem ) 191 { 192 return (!strcmp(name, authitem->name)); 193 } 194 195private: 196 const char *name; 197}; 198 199}; // namespace Authorization 200 201#endif /* ! _H_AUTHORIZATIONDATA */ 202