#ifndef _ACL_PREAUTH
#define _ACL_PREAUTH
#include <security_cdsa_utilities/cssmacl.h>
#include <string>
namespace Security {
namespace PreAuthorizationAcls {
class OriginMaker : public AclSubject::Maker {
protected:
typedef LowLevelMemoryUtilities::Reader Reader;
typedef LowLevelMemoryUtilities::Writer Writer;
public:
OriginMaker() : AclSubject::Maker(CSSM_ACL_SUBJECT_TYPE_PREAUTH) { }
AclSubject *make(const TypedList &list) const;
AclSubject *make(AclSubject::Version version, Reader &pub, Reader &priv) const;
};
class SourceMaker : public AclSubject::Maker {
protected:
typedef LowLevelMemoryUtilities::Reader Reader;
typedef LowLevelMemoryUtilities::Writer Writer;
public:
SourceMaker() : AclSubject::Maker(CSSM_ACL_SUBJECT_TYPE_PREAUTH_SOURCE) { }
AclSubject *make(const TypedList &list) const;
AclSubject *make(AclSubject::Version version, Reader &pub, Reader &priv) const;
};
class Environment : public virtual AclValidationEnvironment {
public:
virtual ObjectAcl *preAuthSource() = 0;
};
class OriginAclSubject : public AclSubject {
public:
bool validate(const AclValidationContext &ctx) const;
CssmList toList(Allocator &alloc) const;
OriginAclSubject(AclAuthorization auth);
void exportBlob(Writer::Counter &pub, Writer::Counter &priv);
void exportBlob(Writer &pub, Writer &priv);
IFDUMP(void debugDump() const);
private:
AclAuthorization mAuthTag; };
class SourceAclSubject : public AclSubject {
public:
bool validate(const AclValidationContext &ctx) const;
CssmList toList(Allocator &alloc) const;
SourceAclSubject(AclSubject *subSubject,
CSSM_ACL_PREAUTH_TRACKING_STATE state = CSSM_ACL_PREAUTH_TRACKING_UNKNOWN);
void exportBlob(Writer::Counter &pub, Writer::Counter &priv);
void exportBlob(Writer &pub, Writer &priv);
IFDUMP(void debugDump() const);
private:
struct Store {
bool accepted; };
bool trackingKnown() const { return !(mTrackingState & CSSM_ACL_PREAUTH_TRACKING_UNKNOWN); }
bool trackingAuthorized() const { return mTrackingState & CSSM_ACL_PREAUTH_TRACKING_AUTHORIZED; }
unsigned int trackingRetries() const
{ assert(trackingKnown()); return mTrackingState & CSSM_ACL_PREAUTH_TRACKING_COUNT_MASK; }
private:
RefPointer<AclSubject> mSourceSubject; CSSM_ACL_PREAUTH_TRACKING_STATE mTrackingState; };
} }
#endif //_ACL_PREAUTH