1/* 2 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved. 3 * 4 * The contents of this file constitute Original Code as defined in and are 5 * subject to the Apple Public Source License Version 1.2 (the 'License'). 6 * You may not use this file except in compliance with the License. Please obtain 7 * a copy of the License at http://www.apple.com/publicsource and read it before 8 * using this file. 9 * 10 * This Original Code and all software distributed under the License are 11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS 12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT 13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the 15 * specific language governing rights and limitations under the License. 16 */ 17 18 19// 20// SSKey.h - CSP-wide SSKey base class 21// 22#ifndef _H_SSKEY_ 23#define _H_SSKEY_ 24 25#include <security_cdsa_plugin/CSPsession.h> 26 27#include "SSDatabase.h" 28 29#include <security_cdsa_client/dlclient.h> 30#include <securityd_client/ssclient.h> 31 32namespace Security 33{ 34 35class CssmKey; 36 37} // end namespace Security 38 39class SSCSPSession; 40class SSCSPDLSession; 41class SSDLSession; 42 43class SSKey : public ReferencedKey 44{ 45public: 46 SSKey(SSCSPSession &session, SecurityServer::KeyHandle keyHandle, 47 CssmKey &ioKey, SSDatabase &inSSDatabase, uint32 inKeyAttr, 48 const CssmData *inKeyLabel); 49 SSKey(SSDLSession &session, CssmKey &ioKey, SSDatabase &inSSDatabase, 50 const SSUniqueRecord &uniqueId, CSSM_DB_RECORDTYPE recordType, 51 CssmData &keyBlob); 52 53 virtual ~SSKey(); 54 void free(const AccessCredentials *accessCred, CssmKey &ioKey, 55 CSSM_BOOL deleteKey); 56 57 SecurityServer::ClientSession &clientSession(); 58 59 /* Might return SecurityServer::noKey if the key has not yet been instantiated. */ 60 SecurityServer::KeyHandle optionalKeyHandle() const; 61 62 /* Will instantiate the key if needed. */ 63 SecurityServer::KeyHandle keyHandle(); 64 65 // ACL retrieval and change operations 66 void getOwner(CSSM_ACL_OWNER_PROTOTYPE &owner, Allocator &allocator); 67 void changeOwner(const AccessCredentials &accessCred, 68 const AclOwnerPrototype &newOwner); 69 void getAcl(const char *selectionTag, uint32 &numberOfAclInfos, 70 AclEntryInfo *&aclInfos, Allocator &allocator); 71 void changeAcl(const AccessCredentials &accessCred, 72 const AclEdit &aclEdit); 73 74 // Reencode and write to disk if we are a persistant key. 75 void didChangeAcl(); 76 77private: 78 Allocator &mAllocator; 79 SecurityServer::KeyHandle mKeyHandle; 80 SSDatabase mSSDatabase; 81 SSUniqueRecord mUniqueId; 82 CSSM_DB_RECORDTYPE mRecordType; 83 SecurityServer::ClientSession &mClientSession; 84}; 85 86 87#endif // _H_SSKEY_ 88