chaps/token_manager_client.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef CHAPS_TOKEN_MANAGER_CLIENT_H_
 #define CHAPS_TOKEN_MANAGER_CLIENT_H_

 #include <memory>
 #include <string>
 #include <vector>

 #include <base/macros.h>

 #include "brillo/secure_blob.h"
 #include "chaps/chaps.h"
 #include "chaps/token_manager_interface.h"
 #include "pkcs11/cryptoki.h"

 namespace chaps {

 class ChapsProxyImpl;

 // TokenManagerClient is an implementation of TokenManagerInterface which sends
 // the token management calls to the Chaps daemon. Example usage:
 //   TokenManagerClient client;
 //   client.OpenIsolate(&my_isolate_credential, &new_isolate_created);
 //   client.LoadToken(my_isolate_credential,
 //                    "path/to/token",
 //                    "1234",
 //                    "MyTokenLabel",
 //                    &slot_id);
 // Users of this class must instantiate AtExitManager, as the class relies on
 // its presence.
 class EXPORT_SPEC TokenManagerClient : public TokenManagerInterface {
  public:
   TokenManagerClient();
   virtual ~TokenManagerClient();

   // TokenManagerInterface methods.
   bool OpenIsolate(brillo::SecureBlob* isolate_credential,
                    bool* new_isolate_created) override;
   void CloseIsolate(const brillo::SecureBlob& isolate_credential) override;
   bool LoadToken(const brillo::SecureBlob& isolate_credential,
                  const base::FilePath& path,
                  const brillo::SecureBlob& auth_data,
                  const std::string& label,
                  int* slot_id) override;
   void UnloadToken(const brillo::SecureBlob& isolate_credential,
                    const base::FilePath& path) override;
   void ChangeTokenAuthData(const base::FilePath& path,
                            const brillo::SecureBlob& old_auth_data,
                            const brillo::SecureBlob& new_auth_data) override;
   bool GetTokenPath(const brillo::SecureBlob& isolate_credential,
                     int slot_id,
                     base::FilePath* path) override;

   // Convenience method, not on TokenManagerInterface.
   // Returns true on success, false on failure. If it succeeds, stores a list of
   // the paths of all loaded tokens in |results|.
   virtual bool GetTokenList(const brillo::SecureBlob& isolate_credential,
                             std::vector<std::string>* results);

  private:
   std::unique_ptr<ChapsProxyImpl> proxy_;

   // Attempts to connect to the Chaps daemon. Returns true on success.
   bool Connect();

   DISALLOW_COPY_AND_ASSIGN(TokenManagerClient);
 };

 }  // namespace chaps

 #endif  // CHAPS_TOKEN_MANAGER_CLIENT_H_
	// Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef CHAPS_TOKEN_MANAGER_CLIENT_H_
	#define CHAPS_TOKEN_MANAGER_CLIENT_H_

	#include <memory>
	#include <string>
	#include <vector>

	#include <base/macros.h>

	#include "brillo/secure_blob.h"
	#include "chaps/chaps.h"
	#include "chaps/token_manager_interface.h"
	#include "pkcs11/cryptoki.h"

	namespace chaps {

	class ChapsProxyImpl;

	// TokenManagerClient is an implementation of TokenManagerInterface which sends
	// the token management calls to the Chaps daemon. Example usage:
	// TokenManagerClient client;
	// client.OpenIsolate(&my_isolate_credential, &new_isolate_created);
	// client.LoadToken(my_isolate_credential,
	// "path/to/token",
	// "1234",
	// "MyTokenLabel",
	// &slot_id);
	// Users of this class must instantiate AtExitManager, as the class relies on
	// its presence.
	class EXPORT_SPEC TokenManagerClient : public TokenManagerInterface {
	public:
	TokenManagerClient();
	virtual ~TokenManagerClient();

	// TokenManagerInterface methods.
	bool OpenIsolate(brillo::SecureBlob* isolate_credential,
	bool* new_isolate_created) override;
	void CloseIsolate(const brillo::SecureBlob& isolate_credential) override;
	bool LoadToken(const brillo::SecureBlob& isolate_credential,
	const base::FilePath& path,
	const brillo::SecureBlob& auth_data,
	const std::string& label,
	int* slot_id) override;
	void UnloadToken(const brillo::SecureBlob& isolate_credential,
	const base::FilePath& path) override;
	void ChangeTokenAuthData(const base::FilePath& path,
	const brillo::SecureBlob& old_auth_data,
	const brillo::SecureBlob& new_auth_data) override;
	bool GetTokenPath(const brillo::SecureBlob& isolate_credential,
	int slot_id,
	base::FilePath* path) override;

	// Convenience method, not on TokenManagerInterface.
	// Returns true on success, false on failure. If it succeeds, stores a list of
	// the paths of all loaded tokens in \|results\|.
	virtual bool GetTokenList(const brillo::SecureBlob& isolate_credential,
	std::vector<std::string>* results);

	private:
	std::unique_ptr<ChapsProxyImpl> proxy_;

	// Attempts to connect to the Chaps daemon. Returns true on success.
	bool Connect();

	DISALLOW_COPY_AND_ASSIGN(TokenManagerClient);
	};

	} // namespace chaps

	#endif // CHAPS_TOKEN_MANAGER_CLIENT_H_