1/* 2 * Copyright (c) 2004,2011,2014 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24// 25// defaultcreds - default computations for keychain open credentials 26// 27#ifndef _SECURITY_DEFAULTCREDS_H 28#define _SECURITY_DEFAULTCREDS_H 29 30#include "SecBase.h" 31#include <security_cdsa_utilities/cssmcred.h> 32#include <security_utilities/trackingallocator.h> 33#include <security_cdsa_client/dlclient.h> 34#include <security_cdsa_client/dl_standard.h> 35#include <vector> 36#include <set> 37 38 39namespace Security { 40namespace KeychainCore { 41 42 43class Keychain; 44class KeychainImpl; 45class Item; 46 47 48// 49// DefaultCredentials is a self-constructing AccessCredentials variant 50// that performs the magic "where are ways to unlock this keychain?" search. 51// 52class DefaultCredentials : public TrackingAllocator, public AutoCredentials { 53public: 54 DefaultCredentials(KeychainImpl *kcImpl, Allocator &alloc = Allocator::standard()); 55 56 bool operator () (CssmClient::Db database); 57 58 void clear(); 59 60private: 61 typedef vector<Keychain> KeychainList; 62 63 void keyReferral(const CssmClient::UnlockReferralRecord &ref); 64 bool unlockKey(const CssmClient::UnlockReferralRecord &ref, const KeychainList &list); 65 66 KeychainList fallbackSearchList(const DLDbIdentifier &ident); 67 68private: 69 bool mMade; // we did it already 70 set<Item> mNeededItems; // Items we need to keep around for unlock use 71 KeychainImpl *mKeychainImpl; 72}; 73 74 75} // end namespace KeychainCore 76} // end namespace Security 77 78#endif // !_SECURITY_DEFAULTCREDS_H 79