1/* 2 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved. 3 * 4 * The contents of this file constitute Original Code as defined in and are 5 * subject to the Apple Public Source License Version 1.2 (the 'License'). 6 * You may not use this file except in compliance with the License. Please obtain 7 * a copy of the License at http://www.apple.com/publicsource and read it before 8 * using this file. 9 * 10 * This Original Code and all software distributed under the License are 11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS 12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT 13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the 15 * specific language governing rights and limitations under the License. 16 */ 17 18 19// 20// SSDLSession.h - DL session for security server CSP/DL. 21// 22#ifndef _H_SSDLSESSION 23#define _H_SSDLSESSION 24 25#include <security_cdsa_plugin/DLsession.h> 26 27#include "SSDatabase.h" 28 29class CSPDLPlugin; 30class SSCSPDLSession; 31 32class SSDLSession : public DLPluginSession 33{ 34public: 35 SSCSPDLSession &mSSCSPDLSession; 36 37 SSDLSession(CSSM_MODULE_HANDLE handle, 38 CSPDLPlugin &plug, 39 const CSSM_VERSION &version, 40 uint32 subserviceId, 41 CSSM_SERVICE_TYPE subserviceType, 42 CSSM_ATTACH_FLAGS attachFlags, 43 const CSSM_UPCALLS &upcalls, 44 DatabaseManager &databaseManager, 45 SSCSPDLSession &ssCSPDLSession); 46 ~SSDLSession(); 47 48 SecurityServer::ClientSession &clientSession() 49 { return mClientSession; } 50 void GetDbNames(CSSM_NAME_LIST_PTR &NameList); 51 void FreeNameList(CSSM_NAME_LIST &NameList); 52 void DbDelete(const char *DbName, 53 const CSSM_NET_ADDRESS *DbLocation, 54 const AccessCredentials *AccessCred); 55 void DbCreate(const char *DbName, 56 const CSSM_NET_ADDRESS *DbLocation, 57 const CSSM_DBINFO &DBInfo, 58 CSSM_DB_ACCESS_TYPE AccessRequest, 59 const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry, 60 const void *OpenParameters, 61 CSSM_DB_HANDLE &DbHandle); 62 void CreateWithBlob(const char *DbName, 63 const CSSM_NET_ADDRESS *DbLocation, 64 const CSSM_DBINFO &DBInfo, 65 CSSM_DB_ACCESS_TYPE AccessRequest, 66 const void *OpenParameters, 67 const CSSM_DATA &blob, 68 CSSM_DB_HANDLE &DbHandle); 69 void DbOpen(const char *DbName, 70 const CSSM_NET_ADDRESS *DbLocation, 71 CSSM_DB_ACCESS_TYPE AccessRequest, 72 const AccessCredentials *AccessCred, 73 const void *OpenParameters, 74 CSSM_DB_HANDLE &DbHandle); 75 void DbClose(CSSM_DB_HANDLE DBHandle); 76 void CreateRelation(CSSM_DB_HANDLE DBHandle, 77 CSSM_DB_RECORDTYPE RelationID, 78 const char *RelationName, 79 uint32 NumberOfAttributes, 80 const CSSM_DB_SCHEMA_ATTRIBUTE_INFO *pAttributeInfo, 81 uint32 NumberOfIndexes, 82 const CSSM_DB_SCHEMA_INDEX_INFO &pIndexInfo); 83 void DestroyRelation(CSSM_DB_HANDLE DBHandle, 84 CSSM_DB_RECORDTYPE RelationID); 85 86 void Authenticate(CSSM_DB_HANDLE DBHandle, 87 CSSM_DB_ACCESS_TYPE AccessRequest, 88 const AccessCredentials &AccessCred); 89 void GetDbAcl(CSSM_DB_HANDLE DBHandle, 90 const CSSM_STRING *SelectionTag, 91 uint32 &NumberOfAclInfos, 92 CSSM_ACL_ENTRY_INFO_PTR &AclInfos); 93 void ChangeDbAcl(CSSM_DB_HANDLE DBHandle, 94 const AccessCredentials &AccessCred, 95 const CSSM_ACL_EDIT &AclEdit); 96 void GetDbOwner(CSSM_DB_HANDLE DBHandle, 97 CSSM_ACL_OWNER_PROTOTYPE &Owner); 98 void ChangeDbOwner(CSSM_DB_HANDLE DBHandle, 99 const AccessCredentials &AccessCred, 100 const CSSM_ACL_OWNER_PROTOTYPE &NewOwner); 101 void GetDbNameFromHandle(CSSM_DB_HANDLE DBHandle, 102 char **DbName); 103 void DataInsert(CSSM_DB_HANDLE DBHandle, 104 CSSM_DB_RECORDTYPE RecordType, 105 const CSSM_DB_RECORD_ATTRIBUTE_DATA *Attributes, 106 const CssmData *Data, 107 CSSM_DB_UNIQUE_RECORD_PTR &UniqueId); 108 void DataDelete(CSSM_DB_HANDLE DBHandle, 109 const CSSM_DB_UNIQUE_RECORD &UniqueRecordIdentifier); 110 void DataModify(CSSM_DB_HANDLE DBHandle, 111 CSSM_DB_RECORDTYPE RecordType, 112 CSSM_DB_UNIQUE_RECORD &UniqueRecordIdentifier, 113 const CSSM_DB_RECORD_ATTRIBUTE_DATA *AttributesToBeModified, 114 const CssmData *DataToBeModified, 115 CSSM_DB_MODIFY_MODE ModifyMode); 116 CSSM_HANDLE DataGetFirst(CSSM_DB_HANDLE DBHandle, 117 const CssmQuery *Query, 118 CSSM_DB_RECORD_ATTRIBUTE_DATA_PTR Attributes, 119 CssmData *Data, 120 CSSM_DB_UNIQUE_RECORD_PTR &UniqueId); 121 bool DataGetNext(CSSM_DB_HANDLE DBHandle, 122 CSSM_HANDLE ResultsHandle, 123 CSSM_DB_RECORD_ATTRIBUTE_DATA_PTR Attributes, 124 CssmData *Data, 125 CSSM_DB_UNIQUE_RECORD_PTR &UniqueId); 126 void DataAbortQuery(CSSM_DB_HANDLE DBHandle, 127 CSSM_HANDLE ResultsHandle); 128 void DataGetFromUniqueRecordId(CSSM_DB_HANDLE DBHandle, 129 const CSSM_DB_UNIQUE_RECORD &UniqueRecord, 130 CSSM_DB_RECORD_ATTRIBUTE_DATA_PTR Attributes, 131 CssmData *Data); 132 void FreeUniqueRecord(CSSM_DB_HANDLE DBHandle, 133 CSSM_DB_UNIQUE_RECORD &UniqueRecord); 134 void PassThrough(CSSM_DB_HANDLE DBHandle, 135 uint32 PassThroughId, 136 const void *InputParams, 137 void **OutputParams); 138 139 Allocator &allocator() { return *static_cast<DatabaseSession *>(this); } 140 141 SSDatabase findDbHandle(CSSM_DB_HANDLE inDbHandle); 142protected: 143 CSSM_DB_HANDLE makeDbHandle(SSDatabase &inDb); 144 SSDatabase killDbHandle(CSSM_DB_HANDLE inDbHandle); 145 146 CSSM_DB_ATTRIBUTE_DATA_PTR reconstructRecordFromBlob (const CSSM_DATA& blob, 147 CssmDataContainer &recordData, 148 uint32 &numAttributes); 149 150 void getWrappedAttributesAndData (SSDatabase &db, 151 CSSM_DB_RECORDTYPE recordType, 152 CSSM_DB_UNIQUE_RECORD_PTR recordPtr, 153 CssmDataContainer &output, 154 CSSM_DATA *blobData); 155 156 void unwrapAttributesAndData (uint32 &numAttributes, 157 CSSM_DB_ATTRIBUTE_DATA_PTR &attributes, 158 CSSM_DATA &data, 159 CSSM_DATA &input); 160 161 void cleanupAttributes (uint32 numAttributes, CSSM_DB_ATTRIBUTE_DATA_PTR attributes); 162 163 void getUniqueIdForSymmetricKey (SSDatabase &db, CSSM_DATA &label, 164 CSSM_DB_UNIQUE_RECORD_PTR &uniqueRecord); 165 166 void getCorrespondingSymmetricKey (SSDatabase &db, CSSM_DATA& label, CssmDataContainer &key); 167 168 void doGetWithoutEncryption (SSDatabase &db, const void* inInputParams, void **outOutputParams); 169 void doModifyWithoutEncryption (SSDatabase &db, const void* inInputParams, void **outOutputParams); 170 void doInsertWithoutEncryption (SSDatabase &db, const void* inInputParams, void** outOutputParams); 171 void doConvertRecordIdentifier (SSDatabase &db, const void* inInputParams, void **outOutputParams); 172 173 Mutex mDbHandleLock; 174 typedef map<CSSM_DB_HANDLE, SSDatabase> DbHandleMap; 175 DbHandleMap mDbHandleMap; 176 177 CSSM_DB_UNIQUE_RECORD_PTR makeSSUniqueRecord(SSUniqueRecord &uniqueId); 178 SSUniqueRecord killSSUniqueRecord(CSSM_DB_UNIQUE_RECORD &inUniqueRecord); 179 SSUniqueRecord findSSUniqueRecord(const CSSM_DB_UNIQUE_RECORD &inUniqueRecord); 180 181 CSSM_DB_UNIQUE_RECORD_PTR createUniqueRecord(CSSM_HANDLE ref); 182 CSSM_HANDLE parseUniqueRecord(const CSSM_DB_UNIQUE_RECORD &inUniqueRecord); 183 void freeUniqueRecord(CSSM_DB_UNIQUE_RECORD &inUniqueRecord); 184 185 Mutex mSSUniqueRecordLock; 186 typedef map<CSSM_HANDLE, SSUniqueRecord> SSUniqueRecordMap; 187 SSUniqueRecordMap mSSUniqueRecordMap; 188 189 CssmClient::DL mDL; 190 SecurityServer::ClientSession mClientSession; 191}; 192 193 194#endif // _H_SSDLSESSION 195