1/* 2 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved. 3 * 4 * The contents of this file constitute Original Code as defined in and are 5 * subject to the Apple Public Source License Version 1.2 (the 'License'). 6 * You may not use this file except in compliance with the License. Please obtain 7 * a copy of the License at http://www.apple.com/publicsource and read it before 8 * using this file. 9 * 10 * This Original Code and all software distributed under the License are 11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS 12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT 13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the 15 * specific language governing rights and limitations under the License. 16 */ 17 18 19// 20// keychainacl - Keychain-related ACL and credential forms 21// 22#ifndef _KEYCHAINACL 23#define _KEYCHAINACL 24 25#include <Security/cssm.h> 26#include <security_cdsa_utilities/cssmaclpod.h> 27#include <security_cdsa_utilities/cssmcred.h> 28#include <security_cdsa_utilities/cssmalloc.h> 29 30#ifdef _CPP_KEYCHAINACL 31# pragma export on 32#endif 33 34 35namespace Security 36{ 37 38namespace CssmClient 39{ 40 41class KeychainAclFactory 42{ 43public: 44 KeychainAclFactory(Allocator &alloc); 45 ~KeychainAclFactory(); 46 47 Allocator &allocator; 48 49public: 50 // 51 // Create credentials. These functions return AccessCredentials pointers. 52 // 53 const AccessCredentials *nullCredentials(); 54 const AccessCredentials *keychainPromptCredentials(); 55 const AccessCredentials *keychainPromptUnlockCredentials(); 56 const AutoCredentials *passwordChangeCredentials(const CssmData &password); 57 const AutoCredentials *passwordUnlockCredentials(const CssmData &password); 58 59public: 60 // 61 // Create initial ACLs. Pass those to resource creation functions. 62 // 63 AclEntryInput *keychainPromptOwner(const CssmData &description); 64 AclEntryInput *anyOwner(); 65 void release(AclEntryInput *input); 66 67public: 68 // 69 // Edit ACLs (in external form, as TypedLists) 70 // 71 void comment(TypedList &subject); 72 void uncomment(TypedList &subject); 73 74private: 75 AutoCredentials nullCred; 76 AutoCredentials kcCred; 77 AutoCredentials kcUnlockCred; 78}; 79 80 81} // end namespace CssmClient 82 83} // end namespace Security 84 85#ifdef _CPP_KEYCHAINACL 86# pragma export off 87#endif 88 89#endif //_KEYCHAINACL 90