1/* 2 * Copyright (c) 2004,2011-2012,2014 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 25// 26// SDKey.h - CSP-wide SDKey base class 27// 28#ifndef _H_SDKEY_ 29#define _H_SDKEY_ 30 31#include <securityd_client/ssclient.h> 32#include <security_cdsa_plugin/CSPsession.h> 33 34namespace Security 35{ 36 37class CssmKey; 38 39} // end namespace Security 40 41class SDCSPSession; 42class SDCSPDLSession; 43class SDDLSession; 44 45class SDKey : public ReferencedKey 46{ 47public: 48 SDKey(SDCSPSession &session, SecurityServer::KeyHandle keyHandle, 49 CssmKey &ioKey, CSSM_DB_HANDLE inDBHandle, uint32 inKeyAttr, 50 const CssmData *inKeyLabel); 51 SDKey(SDDLSession &session, CssmKey &ioKey, SecurityServer::KeyHandle hKey, CSSM_DB_HANDLE inDBHandle, 52 SecurityServer::RecordHandle record, CSSM_DB_RECORDTYPE recordType, 53 CssmData &keyBlob); 54 55 virtual ~SDKey(); 56 void free(const AccessCredentials *accessCred, CssmKey &ioKey, 57 CSSM_BOOL deleteKey); 58 59 SecurityServer::ClientSession &clientSession(); 60 61 /* Might return SecurityServer::noKey if the key has not yet been instantiated. */ 62 SecurityServer::KeyHandle optionalKeyHandle() const; 63 64 /* Will instantiate the key if needed. */ 65 SecurityServer::KeyHandle keyHandle(); 66 67 // ACL retrieval and change operations 68 void getOwner(CSSM_ACL_OWNER_PROTOTYPE &owner, Allocator &allocator); 69 void changeOwner(const AccessCredentials &accessCred, 70 const AclOwnerPrototype &newOwner); 71 void getAcl(const char *selectionTag, uint32 &numberOfAclInfos, 72 AclEntryInfo *&aclInfos, Allocator &allocator); 73 void changeAcl(const AccessCredentials &accessCred, 74 const AclEdit &aclEdit); 75 76private: 77 Allocator &mAllocator; 78 SecurityServer::KeyHandle mKeyHandle; 79 CSSM_DB_HANDLE mDatabase; 80 SecurityServer::RecordHandle mRecord; 81 SecurityServer::ClientSession &mClientSession; 82}; 83 84 85#endif // _H_SDKEY_ 86