1/* 2 * Copyright (c) 2000-2001,2003-2004,2011,2014 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 25// 26// manager - CSSM manager/supervisor objects. 27// 28#ifndef _H_MANAGER 29#define _H_MANAGER 30 31#include "modloader.h" 32#include <security_cdsa_utilities/callback.h> 33#include "cssmmds.h" 34#include "attachfactory.h" 35 36 37// 38// The CssmManager class embodies one instance of CSSM. It can interact with multiple 39// callers in multiple threads. 40// As far as CssmManager is concerned, it doesn't mind for multiple instances of it to 41// exist. Such instances are strictly separated; they do not share anything (module info, 42// attachments, callbacks, etc.) and live their lives in splendid isolation. Of course, 43// other subsystems they deal with (e.g. the ModuleLoader) may multiplex them, but such 44// components should take pains not to "leak" information from one CssmManager instance 45// to another. 46// 47class CssmManager : public AttachmentFactory { 48 NOCOPY(CssmManager) 49 static const CSSM_GUID theGuidForCssmItself; 50public: 51 CssmManager(); 52 virtual ~CssmManager(); 53 54 void initialize (const CSSM_VERSION &version, 55 CSSM_PRIVILEGE_SCOPE scope, 56 const Guid &callerGuid, 57 CSSM_KEY_HIERARCHY keyHierarchy, 58 CSSM_PVC_MODE &pvcPolicy); 59 bool terminate(); 60 61 void loadModule (const Guid &guid, 62 CSSM_KEY_HIERARCHY keyHierarchy, 63 const ModuleCallback &callback); 64 void unloadModule (const Guid &guid, 65 const ModuleCallback &callback); 66 67 void introduce(const Guid &guid, CSSM_KEY_HIERARCHY keyHierarchy); 68 void unIntroduce(const Guid &guid); 69 70 // 71 // Polite inquiries 72 // 73 74 // these values are constant (after init time) and need no locking 75 const Guid &callerGuid() const { return mCallerGuid; } 76 CSSM_PRIVILEGE_SCOPE privilegeScope() const { return mPrivilegeScope; } 77 CSSM_KEY_HIERARCHY keyHierarchy() const { return mKeyHierarchy; } 78 CSSM_PVC_MODE pvcMode() const { return mPvcPolicy; } 79 80 //@@@ for these two, consider locking (as of the C shims AND the transition layer use) 81 const CSSM_PRIVILEGE &getPrivilege() const { return mPrivilege; } 82 void setPrivilege(const CSSM_PRIVILEGE &priv) { mPrivilege = priv; } 83 84public: 85 Module *getModule(const Guid &guid); 86 87private: 88 typedef map<Guid, Module *> ModuleMap; 89 ModuleMap moduleMap; 90 91 Mutex mLock; // object lock 92 unsigned int initCount; // number of times successfully initialized 93 94private: 95 ModuleLoader loader; // our ticket to module land 96 97private: 98 // state acquired from initialize (instance constants - not guarded) 99 CSSM_PRIVILEGE_SCOPE mPrivilegeScope; 100 CSSM_KEY_HIERARCHY mKeyHierarchy; 101 CSSM_PVC_MODE mPvcPolicy; 102 Guid mCallerGuid; 103 104 // persistent state of the CSSM (guarded by module lock) 105 CSSM_PRIVILEGE mPrivilege; // established privileges 106 107private: 108 void checkVersion(const CSSM_VERSION &version); 109}; 110 111#ifdef _CPP_MANAGER 112# pragma export off 113#endif 114 115#endif //_H_MANAGER 116