#ifndef _H_CDSA_CLIENT_ACLCLIENT
#define _H_CDSA_CLIENT_ACLCLIENT 1
#include <Security/cssmaclpod.h>
#include <Security/cssmacl.h>
#include <Security/cssmcred.h>
#include <Security/refcount.h>
#include <Security/globalizer.h>
namespace Security {
namespace CssmClient {
class CSP;
class AclBearer : public virtual RefCount {
public:
virtual ~AclBearer();
virtual void getAcl(AutoAclEntryInfoList &aclInfos,
const char *selectionTag = NULL) const = 0;
virtual void changeAcl(const CSSM_ACL_EDIT &aclEdit,
const CSSM_ACCESS_CREDENTIALS *cred = NULL) = 0;
void addAcl(const AclEntryInput &input, const CSSM_ACCESS_CREDENTIALS *cred = NULL);
void changeAcl(CSSM_ACL_HANDLE handle, const AclEntryInput &input,
const CSSM_ACCESS_CREDENTIALS *cred = NULL);
void deleteAcl(CSSM_ACL_HANDLE handle, const CSSM_ACCESS_CREDENTIALS *cred = NULL);
void deleteAcl(const char *tag = NULL, const CSSM_ACCESS_CREDENTIALS *cred = NULL);
virtual void getOwner(AutoAclOwnerPrototype &owner) const = 0;
virtual void changeOwner(const CSSM_ACL_OWNER_PROTOTYPE &newOwner,
const CSSM_ACCESS_CREDENTIALS *cred = NULL) = 0;
};
class KeyAclBearer : public AclBearer {
public:
KeyAclBearer(CSSM_CSP_HANDLE cspH, CSSM_KEY &theKey, CssmAllocator &alloc)
: csp(cspH), key(theKey), allocator(alloc) { }
const CSSM_CSP_HANDLE csp;
CSSM_KEY &key;
CssmAllocator &allocator;
protected:
void getAcl(AutoAclEntryInfoList &aclInfos,
const char *selectionTag = NULL) const;
void changeAcl(const CSSM_ACL_EDIT &aclEdit,
const CSSM_ACCESS_CREDENTIALS *cred = NULL);
void getOwner(AutoAclOwnerPrototype &owner) const;
void changeOwner(const CSSM_ACL_OWNER_PROTOTYPE &newOwner,
const CSSM_ACCESS_CREDENTIALS *cred = NULL);
};
class AclFactory {
public:
AclFactory();
virtual ~AclFactory();
const AccessCredentials *nullCred() const;
const AccessCredentials *promptCred() const;
const AccessCredentials *unlockCred() const;
protected:
class KeychainCredentials {
public:
KeychainCredentials(CssmAllocator &alloc)
: allocator(alloc), mCredentials(new AutoCredentials(alloc)) { }
virtual ~KeychainCredentials();
CssmAllocator &allocator;
operator const AccessCredentials* () { return mCredentials; }
protected:
AutoCredentials *mCredentials;
};
public:
class PassphraseUnlockCredentials : public KeychainCredentials {
public:
PassphraseUnlockCredentials (const CssmData& password, CssmAllocator& allocator);
};
class PasswordChangeCredentials : public KeychainCredentials {
public:
PasswordChangeCredentials (const CssmData& password, CssmAllocator& allocator);
};
public:
class AnyResourceContext : public ResourceControlContext {
public:
AnyResourceContext(const CSSM_ACCESS_CREDENTIALS *cred = NULL);
private:
ListElement mAny;
CSSM_ACL_AUTHORIZATION_TAG mTag;
};
};
} }
#endif // _H_CDSA_CLIENT_ACLCLIENT