1/* 2 * Copyright (c) 2004-2006 Apple Computer, Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 25// 26// tokend - internal tracker for a tokend smartcard driver process 27// 28#ifndef _H_TOKEND 29#define _H_TOKEND 30 31#include "structure.h" 32#include "child.h" 33#include "tokencache.h" 34#include <security_utilities/pcsc++.h> 35#include <security_utilities/osxcode.h> 36#include <security_tokend_client/tdclient.h> 37 38 39// 40// A Mix-in for classes that can receive (progated) fault nofications 41// 42class FaultRelay { 43public: 44 virtual ~FaultRelay(); 45 virtual void relayFault(bool async) = 0; 46}; 47 48 49// 50// A TokenDaemon object is the ServerChild object representing the real 51// tokend process driving a token. It provides the only (official) communications 52// and control point between securityd and that tokend. 53// 54// TokenDaemon is sufficiently aware to track changes in its tokend, particularly 55// any sudden, violent, agonizing death it may have suffered. 56// If TokenDaemon communications with its tokend break down for any rason, it declares 57// a FAULT condition and cuts off any further attempts at communication. There is no way 58// to recover from a FAULT condition. (You can create a new TokenDaemon and try again, 59// of course.) Fault is propagated to the owner object through a simple callback scheme. 60// 61// If TokenDaemon is destroyed while its process is still alive, it will (try to) kill 62// it right there and then. That's good enough for hard error recovery, though you may 63// try to let it down easier to allow it to save its caches and wind down. Caller's choice. 64// 65// NB: If you ever want to make TokenDaemon BE a Bundle, you must switch NodeCore 66// AND OSXCode to virtually derive RefCount. 67// 68class TokenDaemon : public PerGlobal, public ServerChild, public Tokend::ClientSession { 69public: 70 TokenDaemon(RefPointer<Bundle> code, 71 const std::string &reader, const PCSC::ReaderState &state, TokenCache &cache); 72 virtual ~TokenDaemon(); 73 74 bool faulted() const { return mFaulted; } 75 void fault(bool async, const char *reason); 76 77 void faultRelay(FaultRelay *rcv) { mFaultRelay = rcv; } 78 79 string bundlePath() const { return mMe->canonicalPath(); } 80 string bundleIdentifier() const { return mMe->identifier(); } 81 uint32 maxScore() const; 82 83 Score score() const { return mScore; } 84 bool hasTokenUid() const { return !mTokenUid.empty(); } 85 std::string tokenUid() const; 86 87 uid_t uid() const { return mUid; } 88 gid_t gid() const { return mGid; } 89 90 // startup phase calls 91 using ClientSession::probe; 92 bool probe(); 93 94 IFDUMP(void dumpNode()); 95 96protected: 97 void childAction(); 98 void dying(); 99 100 void fault(); // relay from Tokend::ClientSession 101 102private: 103 RefPointer<Bundle> mMe; // code object for the tokend (it's an Application) 104 std::string mReaderName; // PCSC name of reader we're working with 105 PCSC::ReaderState mState; // card state at time of creation (not updated after that) 106 107 // fault processing 108 FaultRelay *mFaultRelay; // forward initial fault declarations to this object 109 bool mFaulted; // fault condition 110 111 // returned by tokend scoring system 112 bool mProbed; // probe() has succeeded; mScore/mTokenUid valid 113 Score mScore; // token support score as returned by probe() 114 std::string mTokenUid; // tokenUid as returned by probe(), may be empty 115 116 // credentials of underlying process 117 uid_t mUid; // uid of tokend process 118 gid_t mGid; // gid of tokend process 119}; 120 121 122#endif //_H_TOKEND 123