1/* 2 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 25// 26// tokencache - persistent (on-disk) hardware token directory 27// 28#ifndef _H_TOKENCACHE 29#define _H_TOKENCACHE 30 31#include <security_utilities/refcount.h> 32#include <Security/cssm.h> 33 34 35// 36// A little helper 37// 38class Rooted { 39public: 40 Rooted() { } 41 Rooted(const char *root) : mRoot(root) { } 42 Rooted(const string &root) : mRoot(root) { } 43 44 string root() const { return mRoot; } 45 string path(const char *sub) const; 46 string path(const string &sub) const { return path(sub.c_str()); } 47 48protected: 49 void root(const string &s); 50 51private: 52 string mRoot; // root of this tree 53}; 54 55 56// 57// An on-disk cache area. 58// You'll only want a single one, though nothing keeps you from 59// making multiples if you like. 60// 61class TokenCache : public Rooted { 62public: 63 TokenCache(const char *root); 64 ~TokenCache(); 65 66 uid_t tokendUid() const { return mTokendUid; } 67 gid_t tokendGid() const { return mTokendGid; } 68 69public: 70 class Token : public RefCount, public Rooted { 71 public: 72 friend class TokenCache; 73 Token(TokenCache &cache, const std::string &uid); 74 Token(TokenCache &cache); 75 ~Token(); 76 77 enum Type { existing, created, temporary }; 78 Type type() const { return mType; } 79 80 TokenCache &cache; 81 uint32 subservice() const { return mSubservice; } 82 string workPath() const; 83 string cachePath() const; 84 85 string printName() const; 86 void printName(const string &name); 87 88 uid_t tokendUid() const { return cache.tokendUid(); } 89 gid_t tokendGid() const { return cache.tokendGid(); } 90 91 protected: 92 void init(Type type); 93 94 private: 95 uint32 mSubservice; // subservice id assigned 96 Type mType; // type of Token cache entry 97 }; 98 99public: 100 uint32 allocateSubservice(); 101 102private: 103 enum Owner { securityd, tokend }; 104 void makedir(const char *path, int flags, mode_t mode, Owner owner); 105 void makedir(const string &path, int flags, mode_t mode, Owner owner) 106 { return makedir(path.c_str(), flags, mode, owner); } 107 108private: 109 uint32 mLastSubservice; // last subservice id issued 110 111 uid_t mTokendUid; // uid of daemons accessing this token cache 112 gid_t mTokendGid; // gid of daemons accessing this token cache 113}; 114 115 116#endif //_H_TOKENCACHE 117