1/* 2 * Copyright (c) 2000-2001,2011-2014 Apple Inc. All Rights Reserved. 3 * 4 * The contents of this file constitute Original Code as defined in and are 5 * subject to the Apple Public Source License Version 1.2 (the 'License'). 6 * You may not use this file except in compliance with the License. Please obtain 7 * a copy of the License at http://www.apple.com/publicsource and read it before 8 * using this file. 9 * 10 * This Original Code and all software distributed under the License are 11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS 12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT 13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the 15 * specific language governing rights and limitations under the License. 16 */ 17 18 19// 20// SSDatabase.h - Security Server database object 21// 22#ifndef _H_SSDATABASE_ 23#define _H_SSDATABASE_ 24 25#include <security_cdsa_client/dlclient.h> 26#include <security_utilities/unix++.h> 27#include <securityd_client/ssclient.h> 28 29class SSCSPDLSession; 30class SSUniqueRecord; 31 32// 33// Protected please ignore this class unless subclassing SSDatabase. 34// 35class SSDatabase; 36 37class SSDatabaseImpl : public CssmClient::DbImpl 38{ 39public: 40 static const char *const DBBlobRelationName; 41 static const CSSM_DB_RECORDTYPE DBBlobRelationID = 42 CSSM_DB_RECORDTYPE_APP_DEFINED_START + 0x8000; 43 44public: 45 SSDatabaseImpl(SecurityServer::ClientSession &inClientSession, 46 const CssmClient::DL &dl, 47 const char *inDbName, const CSSM_NET_ADDRESS *inDbLocation); 48 virtual ~SSDatabaseImpl(); 49 50 void create(const DLDbIdentifier &dlDbIdentifier); 51 void createWithBlob(const DLDbIdentifier &dlDbIdentifier, const CSSM_DATA &blob); 52 void open(const DLDbIdentifier &dlDbIdentifier); 53 SSUniqueRecord insert(CSSM_DB_RECORDTYPE recordType, 54 const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes, 55 const CSSM_DATA *data, bool); 56 void authenticate(CSSM_DB_ACCESS_TYPE inAccessRequest, 57 const CSSM_ACCESS_CREDENTIALS *inAccessCredentials); 58 59 // Passthrough functions (only implemented by AppleCSPDL). 60 void lock(); 61 void unlock(); 62 void unlock(const CSSM_DATA &password); 63 void stash(); 64 void stashCheck(); 65 void getSettings(uint32 &outIdleTimeout, bool &outLockOnSleep); 66 void setSettings(uint32 inIdleTimeout, bool inLockOnSleep); 67 bool isLocked(); 68 void changePassphrase(const CSSM_ACCESS_CREDENTIALS *cred); 69 void recode(const CssmData &data, const CssmData &extraData); 70 // DbUniqueRecordMaker 71 CssmClient::DbUniqueRecordImpl *newDbUniqueRecord(); 72 73 // New methods not inherited from DbImpl 74 SecurityServer::DbHandle dbHandle(); 75 76 void getRecordIdentifier(const CSSM_DB_UNIQUE_RECORD_PTR uniqueRecord, CSSM_DATA &data); 77 void copyBlob(CSSM_DATA &blob); 78 79protected: 80 CssmClient::DbUniqueRecord getDbBlobId(CssmDataContainer *dbb = NULL); 81 void commonCreate (const DLDbIdentifier &dlDbIdentifier, bool &autocommit); 82 83private: 84 // 5 minute default autolock time 85 static const uint32 kDefaultIdleTimeout = 5 * 60; 86 static const uint8 kDefaultLockOnSleep = true; 87 static const unsigned kNumIDWords = 4; 88 89 DLDbIdentifier mIdentifier; 90 UnixPlusPlus::ForkMonitor mForked; 91 92 SecurityServer::ClientSession &mClientSession; 93 SecurityServer::DbHandle mSSDbHandle; 94}; 95 96 97// 98// SSDatabase -- A Security Server aware Db object. 99// 100class SSDatabase : public CssmClient::Db 101{ 102public: 103 typedef SSDatabaseImpl Impl; 104 105 explicit SSDatabase(SSDatabaseImpl *impl) : CssmClient::Db(impl) {} 106 SSDatabase() : CssmClient::Db(NULL) {} 107 SSDatabase(SecurityServer::ClientSession &inClientSession, 108 const CssmClient::DL &dl, 109 const char *inDbName, const CSSM_NET_ADDRESS *inDbLocation) 110 : CssmClient::Db(new SSDatabaseImpl(inClientSession, dl, inDbName, inDbLocation)) {} 111 112 SSDatabaseImpl *operator ->() const { return &impl<SSDatabaseImpl>(); } 113 SSDatabaseImpl &operator *() const { return impl<SSDatabaseImpl>(); } 114 115 // For convinience only 116 SecurityServer::DbHandle dbHandle() { return (*this) ? (*this)->dbHandle() : SecurityServer::noDb; } 117}; 118 119 120class SSUniqueRecordImpl : public CssmClient::DbUniqueRecordImpl 121{ 122public: 123 SSUniqueRecordImpl(const SSDatabase &db); 124 virtual ~SSUniqueRecordImpl(); 125 126 SSDatabase database() const; 127}; 128 129 130class SSUniqueRecord : public CssmClient::DbUniqueRecord 131{ 132public: 133 typedef SSUniqueRecordImpl Impl; 134 135 explicit SSUniqueRecord(SSUniqueRecordImpl *impl) : CssmClient::DbUniqueRecord(impl) {} 136 SSUniqueRecord() : CssmClient::DbUniqueRecord(NULL) {} 137 SSUniqueRecord(const SSDatabase &db) : CssmClient::DbUniqueRecord(new SSUniqueRecordImpl(db)) {} 138 139 SSUniqueRecordImpl *operator ->() const { return &impl<SSUniqueRecordImpl>(); } 140 SSUniqueRecordImpl &operator *() const { return impl<SSUniqueRecordImpl>(); } 141}; 142 143 144#endif // _H_SSDATABASE_ 145