1/*
2 * Copyright (c) 2004-2006 Apple Computer, Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25//
26// tokend - internal tracker for a tokend smartcard driver process
27//
28#ifndef _H_TOKEND
29#define _H_TOKEND
30
31#include "structure.h"
32#include "child.h"
33#include "tokencache.h"
34#include <security_utilities/pcsc++.h>
35#include <security_utilities/osxcode.h>
36#include <security_tokend_client/tdclient.h>
37
38
39//
40// A Mix-in for classes that can receive (progated) fault nofications
41//
42class FaultRelay {
43public:
44	virtual ~FaultRelay();
45	virtual void relayFault(bool async) = 0;
46};
47
48
49//
50// A TokenDaemon object is the ServerChild object representing the real
51// tokend process driving a token. It provides the only (official) communications
52// and control point between securityd and that tokend.
53//
54// TokenDaemon is sufficiently aware to track changes in its tokend, particularly
55// any sudden, violent, agonizing death it may have suffered.
56// If TokenDaemon communications with its tokend break down for any rason, it declares
57// a FAULT condition and cuts off any further attempts at communication. There is no way
58// to recover from a FAULT condition. (You can create a new TokenDaemon and try again,
59// of course.) Fault is propagated to the owner object through a simple callback scheme.
60//
61// If TokenDaemon is destroyed while its process is still alive, it will (try to) kill
62// it right there and then. That's good enough for hard error recovery, though you may
63// try to let it down easier to allow it to save its caches and wind down. Caller's choice.
64//
65// NB: If you ever want to make TokenDaemon BE a Bundle, you must switch NodeCore
66// AND OSXCode to virtually derive RefCount.
67//
68class TokenDaemon : public PerGlobal, public ServerChild, public Tokend::ClientSession {
69public:
70	TokenDaemon(RefPointer<Bundle> code,
71		const std::string &reader, const PCSC::ReaderState &state, TokenCache &cache);
72	virtual ~TokenDaemon();
73
74	bool faulted() const { return mFaulted; }
75	void fault(bool async, const char *reason);
76
77	void faultRelay(FaultRelay *rcv)		{ mFaultRelay = rcv; }
78
79	string bundlePath() const { return mMe->canonicalPath(); }
80	string bundleIdentifier() const { return mMe->identifier(); }
81	uint32 maxScore() const;
82
83	Score score() const			{ return mScore; }
84	bool hasTokenUid() const	{ return !mTokenUid.empty(); }
85	std::string tokenUid() const;
86
87	uid_t uid() const			{ return mUid; }
88	gid_t gid() const			{ return mGid; }
89
90	// startup phase calls
91	using ClientSession::probe;
92	bool probe();
93
94	IFDUMP(void dumpNode());
95
96protected:
97	void childAction();
98	void dying();
99
100	void fault();				// relay from Tokend::ClientSession
101
102private:
103	RefPointer<Bundle> mMe; // code object for the tokend (it's an Application)
104	std::string mReaderName;	// PCSC name of reader we're working with
105	PCSC::ReaderState mState;	// card state at time of creation (not updated after that)
106
107	// fault processing
108	FaultRelay *mFaultRelay;	// forward initial fault declarations to this object
109	bool mFaulted;				// fault condition
110
111	// returned by tokend scoring system
112	bool mProbed;				// probe() has succeeded; mScore/mTokenUid valid
113	Score mScore;				// token support score as returned by probe()
114	std::string mTokenUid;		// tokenUid as returned by probe(), may be empty
115
116	// credentials of underlying process
117	uid_t mUid;					// uid of tokend process
118	gid_t mGid;					// gid of tokend process
119};
120
121
122#endif //_H_TOKEND
123