#ifndef _ACLSUPPORT_H_
#define _ACLSUPPORT_H_
#include <Security/cssmdata.h>
#include <Security/threading.h>
#include <Security/cssmalloc.h>
#include <Security/refcount.h>
#include <Security/keyclient.h>
#include <vector>
namespace Security
{
namespace CssmClient
{
class TrustedApplicationImpl : public RefCount
{
public:
TrustedApplicationImpl(const CssmData &signature, const CssmData &comment, bool enabled);
TrustedApplicationImpl(const char *path, const CssmData &comment, bool enabled);
const CssmData &signature() const;
const CssmData &comment() const;
bool enabled() const;
void enabled(bool enabled);
bool sameSignature(const char *path); CssmAutoData calcSignature(const char *path);
private:
CssmAutoData mSignature;
CssmAutoData mComment;
bool mEnabled;
};
class TrustedApplication : public RefPointer<TrustedApplicationImpl>
{
public:
TrustedApplication();
TrustedApplication(const CssmData &signature, const CssmData &comment, bool enabled = true);
TrustedApplication(const char *path, const CssmData &comment, bool enabled = true);
};
class KeychainACL : public vector<TrustedApplication>
{
public:
KeychainACL(const Key &key);
void commit();
void anyAllow(bool allow);
bool anyAllow() const;
void alwaysAskUser(bool allow);
bool alwaysAskUser() const;
bool isCustomACL() const;
void label(const CssmData &label);
private:
void initialize();
Key mKey;
bool mAnyAllow;
bool mAlwaysAskUser;
bool mIsCustomACL;
CssmAutoData mLabel;
CSSM_ACL_HANDLE mHandle;
};
};
}
#endif // _ACLSUPPORT_H_