source: libabac/abac.h @ d56e51b

abac0-leakabac0-meicompt_changesgec13mei-idmei-rt0-nmei_rt0mei_rt2mei_rt2_fix_1meiyap-rt1meiyap1rt2tvf-new-xml
Last change on this file since d56e51b was 11e3eb7, checked in by Mike Ryan <mikeryan@…>, 14 years ago

return binary representations of ID and attr certs in abac_chunk_t
suitable for passing off to libabac
supported in perl and python natively
closes #9
  • Property mode set to 100644
File size: 2.9 KB
RevLine 
[90d20f0]1#ifndef __ABAC_H__
2#define __ABAC_H__
3
[11e3eb7]4#include <abac_common.h>
5
[390f749]6typedef struct _abac_context_t abac_context_t;
[401a054]7typedef struct _abac_credential_t abac_credential_t;
[1743825]8typedef struct _abac_role_t abac_role_t;
[90d20f0]9
[0bf0e67]10/*
11 * ABAC functions, operating on an ABAC context.
12 */
[390f749]13abac_context_t *abac_context_new(void);
14abac_context_t *abac_context_dup(abac_context_t *ctx);
15void abac_context_free(abac_context_t *ctx);
[90d20f0]16
[0779c99]17/* see the bottom of the file for possible return codes */
[390f749]18int abac_context_load_id_file(abac_context_t *ctx, char *filename);
19int abac_context_load_id_chunk(abac_context_t *ctx, abac_chunk_t cert);
20int abac_context_load_attribute_file(abac_context_t *ctx, char *filename);
21int abac_context_load_attribute_chunk(abac_context_t *ctx, abac_chunk_t cert);
[90d20f0]22
[03b3293]23/* load an entire directory full of certs */
[390f749]24void abac_context_load_directory(abac_context_t *ctx, char *path);
[03b3293]25
[401a054]26/* abac query, returns a NULL-terminated array of credentials on success, NULL on fail */
[4e426c9]27abac_credential_t **abac_context_query(abac_context_t *ctx, char *role, char *principal, int *success);
[3c4fd68]28
29/* get all the credentials from the context, returns a NULL-terminated array of credentials */
30abac_credential_t **abac_context_credentials(abac_context_t *ctx);
31
32/* use this to free the results of either of the previous two functions */
33void abac_context_credentials_free(abac_credential_t **credentials);
[90d20f0]34
[0bf0e67]35/*
[401a054]36 * Operations on credentials
[0bf0e67]37 */
[401a054]38abac_role_t *abac_credential_head(abac_credential_t *cred);
39abac_role_t *abac_credential_tail(abac_credential_t *cred);
40abac_chunk_t abac_credential_attribute_cert(abac_credential_t *cred);
41abac_chunk_t abac_credential_issuer_cert(abac_credential_t *cred);
[0bf0e67]42
[401a054]43abac_credential_t *abac_credential_dup(abac_credential_t *cred);
44void abac_credential_free(abac_credential_t *cred);
[0bf0e67]45
46/*
47 * Operations on roles.
48 */
[dcc1a8e]49abac_role_t *abac_role_principal_new(char *principal);
50abac_role_t *abac_role_role_new(char *principal, char *abac_role_name);
51abac_role_t *abac_role_linking_new(char *principal, char *linked_role, char *abac_role_name);
[0bf0e67]52
[dcc1a8e]53void abac_role_free(abac_role_t *role);
[0bf0e67]54
[dcc1a8e]55abac_role_t *abac_role_from_string(char *string);
56abac_role_t *abac_role_dup(abac_role_t *role);
[0bf0e67]57
[dcc1a8e]58int abac_role_is_principal(abac_role_t *role);
59int abac_role_is_role(abac_role_t *role);
60int abac_role_is_linking(abac_role_t *role);
[9a411d7]61int abac_role_is_intersection(abac_role_t *role);
[0bf0e67]62
[dcc1a8e]63char *abac_role_string(abac_role_t *role);
64char *abac_role_linked_role(abac_role_t *role);
65char *abac_role_role_name(abac_role_t *role);
66char *abac_role_principal(abac_role_t *role);
[0bf0e67]67
[dcc1a8e]68char *abac_role_attr_key(abac_role_t *head_role, abac_role_t *tail_role);
[0bf0e67]69
[0779c99]70/*
71 * Error codes for loading certificates.
72 */
73#define ABAC_CERT_SUCCESS           0   // certificate loaded, all is well
74#define ABAC_CERT_INVALID           -1  // invalid format; also file not found
75#define ABAC_CERT_BAD_SIG           -2  // invalid signature
76#define ABAC_CERT_MISSING_ISSUER    -3  // missing ID cert that issued the attribute cert
77
[90d20f0]78#endif /* __ABAC_H__ */
Note: See TracBrowser for help on using the repository browser.