]> git.saurik.com Git - apple/security.git/blob - OSX/sec/securityd/SecItemSchema.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57740.20.22.tar.gz
[apple/security.git] / OSX / sec / securityd / SecItemSchema.c
1 /*
2 * Copyright (c) 2006-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * SecItemSchema.c - CoreFoundation-based constants and functions for
26 access to Security items (certificates, keys, identities, and
27 passwords.)
28 */
29
30 #include "SecItemSchema.h"
31 #include <securityd/SecDbKeychainItem.h>
32
33 // MARK -
34 // MARK Keychain version 6 schema
35
36 #define __FLAGS(ARG, ...) SECDBFLAGS(__VA_ARGS__)
37 #define SECDBFLAGS(ARG, ...) __FLAGS_##ARG | __FLAGS(__VA_ARGS__)
38
39 #define SecDbFlags(P,L,I,S,A,D,R,C,H,B,Z,E,N,U,V) (__FLAGS_##P|__FLAGS_##L|__FLAGS_##I|__FLAGS_##S|__FLAGS_##A|__FLAGS_##D|__FLAGS_##R|__FLAGS_##C|__FLAGS_##H|__FLAGS_##B|__FLAGS_##Z|__FLAGS_##E|__FLAGS_##N|__FLAGS_##U|__FLAGS_##V)
40
41 #define __FLAGS_ 0
42 #define __FLAGS_P kSecDbPrimaryKeyFlag
43 #define __FLAGS_L kSecDbInFlag
44 #define __FLAGS_I kSecDbIndexFlag
45 #define __FLAGS_S kSecDbSHA1ValueInFlag
46 #define __FLAGS_A kSecDbReturnAttrFlag
47 #define __FLAGS_D kSecDbReturnDataFlag
48 #define __FLAGS_R kSecDbReturnRefFlag
49 #define __FLAGS_C kSecDbInCryptoDataFlag
50 #define __FLAGS_H kSecDbInHashFlag
51 #define __FLAGS_B kSecDbInBackupFlag
52 #define __FLAGS_Z kSecDbDefault0Flag
53 #define __FLAGS_E kSecDbDefaultEmptyFlag
54 #define __FLAGS_N kSecDbNotNullFlag
55 #define __FLAGS_U kSecDbInAuthenticatedDataFlag
56 #define __FLAGS_V0 kSecDbSyncPrimaryKeyV0
57 #define __FLAGS_V2 (kSecDbSyncPrimaryKeyV0 | kSecDbSyncPrimaryKeyV2)
58
59 // ,-------------- P : Part of primary key
60 // / ,------------- L : Stored in local database
61 // / / ,------------ I : Attribute wants an index in the database
62 // / / / ,----------- S : SHA1 hashed attribute value in database (implies L)
63 // / / / / ,---------- A : Returned to client as attribute in queries
64 // / / / / / ,--------- D : Returned to client as data in queries
65 // / / / / / / ,-------- R : Returned to client as ref/persistent ref in queries
66 // / / / / / / / ,------- C : Part of encrypted blob
67 // / / / / / / / / ,------ H : Attribute is part of item SHA1 hash (Implied by C)
68 // / / / / / / / / / ,----- B : Attribute is part of iTunes/iCloud backup bag
69 // / / / / / / / / / / ,---- Z : Attribute has a default value of 0
70 // / / / / / / / / / / / ,--- E : Attribute has a default value of "" or empty data
71 // / / / / / / / / / / / / ,-- N : Attribute must have a value
72 // / / / / / / / / / / / / / ,- U : Attribute is stored in authenticated, but not necessarily encrypted data
73 // / / / / / / / / / / / / / / - S : Sync primpary key version
74 // / / / / / / / / / / / / / / /
75 // | | | | | | | | | | | | | | |
76 // common to all | | | | | | | | | | | | | | |
77 SECDB_ATTR(v6rowid, "rowid", RowId, SecDbFlags( ,L, , , , ,R, , ,B, , , , , ), NULL, NULL);
78 SECDB_ATTR(v6cdat, "cdat", CreationDate, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), SecDbKeychainItemCopyCurrentDate, NULL);
79 SECDB_ATTR(v6mdat, "mdat",ModificationDate,SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), SecDbKeychainItemCopyCurrentDate, NULL);
80 SECDB_ATTR(v6labl, "labl", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , , ), NULL, NULL);
81 SECDB_ATTR(v6data, "data", EncryptedData, SecDbFlags( ,L, , , , , , , ,B, , , , , ), SecDbKeychainItemCopyEncryptedData, NULL);
82 SECDB_ATTR(v6agrp, "agrp", String, SecDbFlags(P,L, , ,A, , , ,H, , , ,N,U,V0), NULL, NULL);
83 SECDB_ATTR(v6pdmn, "pdmn", Access, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
84 SECDB_ATTR(v6sync, "sync", Sync, SecDbFlags(P,L,I, ,A, , , ,H, ,Z, ,N,U,V0), NULL, NULL);
85 SECDB_ATTR(v6tomb, "tomb", Tomb, SecDbFlags( ,L, , , , , , ,H, ,Z, ,N,U, ), NULL, NULL);
86 SECDB_ATTR(v6sha1, "sha1", SHA1, SecDbFlags( ,L,I, ,A, ,R, , , , , , , , ), SecDbKeychainItemCopySHA1, NULL);
87 SECDB_ATTR(v6accc, "accc", AccessControl, SecDbFlags( , , , ,A, , , , , , , , , , ), NULL, NULL);
88 SECDB_ATTR(v6v_Data, "v_Data", Data, SecDbFlags( , , , , ,D, ,C,H, , , , , , ), NULL, NULL);
89 SECDB_ATTR(v6v_pk, "v_pk", PrimaryKey, SecDbFlags( , , , , , , , , , , , , , , ), SecDbKeychainItemCopyPrimaryKey, NULL);
90 SECDB_ATTR(v7vwht, "vwht", String, SecDbFlags(P,L, , ,A, , , ,H, , , , ,U,V2), NULL, NULL);
91 SECDB_ATTR(v7tkid, "tkid", String, SecDbFlags(P,L, , ,A, , , ,H, , , , ,U,V2), NULL, NULL);
92 SECDB_ATTR(v7utomb, "u_Tomb", UTomb, SecDbFlags( , , , , , , , , , , , , , , ), NULL, NULL);
93 SECDB_ATTR(v8musr, "musr", UUID, SecDbFlags(P,L,I, , , , , , , , , ,N,U, ), NULL, NULL);
94 // genp and inet and keys | | | | | | | | | | | | | | |
95 SECDB_ATTR(v6crtr, "crtr", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
96 SECDB_ATTR(v6alis, "alis", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , , ), NULL, NULL);
97 // genp and inet | | | | | | | | | | | | | | |
98 SECDB_ATTR(v6desc, "desc", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , , ), NULL, NULL);
99 SECDB_ATTR(v6icmt, "icmt", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , , ), NULL, NULL);
100 SECDB_ATTR(v6type, "type", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
101 SECDB_ATTR(v6invi, "invi", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
102 SECDB_ATTR(v6nega, "nega", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
103 SECDB_ATTR(v6cusi, "cusi", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
104 SECDB_ATTR(v6prot, "prot", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , , ), NULL, NULL);
105 SECDB_ATTR(v6scrp, "scrp", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
106 SECDB_ATTR(v6acct, "acct", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ,V0), NULL, NULL);
107 // genp only | | | | | | | | | | | | | | |
108 SECDB_ATTR(v6svce, "svce", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ,V0), NULL, NULL);
109 SECDB_ATTR(v6gena, "gena", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , , ), NULL, NULL);
110 // inet only | | | | | | | | | | | | | | |
111 SECDB_ATTR(v6sdmn, "sdmn", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ,V0), NULL, NULL);
112 SECDB_ATTR(v6srvr, "srvr", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ,V0), NULL, NULL);
113 SECDB_ATTR(v6ptcl, "ptcl", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ,V0), NULL, NULL);
114 SECDB_ATTR(v6atyp, "atyp", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ,V0), NULL, NULL);
115 SECDB_ATTR(v6port, "port", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ,V0), NULL, NULL);
116 SECDB_ATTR(v6path, "path", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ,V0), NULL, NULL);
117 // cert only | | | | | | | | | | | | | | |
118 SECDB_ATTR(v6ctyp, "ctyp", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ,V0), NULL, NULL);
119 SECDB_ATTR(v6cenc, "cenc", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
120 SECDB_ATTR(v6subj, "subj", Data, SecDbFlags( ,L,I,S,A, , ,C,H, , , , , , ), NULL, NULL);
121 SECDB_ATTR(v6issr, "issr", Data, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ,V0), NULL, NULL);
122 SECDB_ATTR(v6slnr, "slnr", Data, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ,V0), NULL, NULL);
123 SECDB_ATTR(v6skid, "skid", Data, SecDbFlags( ,L,I,S,A, , ,C,H, , , , , , ), NULL, NULL);
124 SECDB_ATTR(v6pkhh, "pkhh", Data, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ), NULL, NULL);
125 // cert attributes that share names with common ones but have different flags
126 SECDB_ATTR(v6certalis, "alis", Blob, SecDbFlags( ,L,I,S,A, , ,C,H, , , , , , ), NULL, NULL);
127 // keys only | | | | | | | | | | | | | | |
128 SECDB_ATTR(v6kcls, "kcls", Number, SecDbFlags(P,L,I,S,A, , ,C,H, ,Z, ,N, ,V0), NULL, NULL);
129 SECDB_ATTR(v6perm, "perm", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
130 SECDB_ATTR(v6priv, "priv", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
131 SECDB_ATTR(v6modi, "modi", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
132 SECDB_ATTR(v6klbl, "klbl", Data, SecDbFlags(P,L,I, ,A, , ,C,H, , ,E,N, ,V0), NULL, NULL);
133 SECDB_ATTR(v6atag, "atag", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ,V0), NULL, NULL);
134 SECDB_ATTR(v6bsiz, "bsiz", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ,V0), NULL, NULL);
135 SECDB_ATTR(v6esiz, "esiz", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ,V0), NULL, NULL);
136 SECDB_ATTR(v6sdat, "sdat", Date, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ,V0), NULL, NULL);
137 SECDB_ATTR(v6edat, "edat", Date, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ,V0), NULL, NULL);
138 SECDB_ATTR(v6sens, "sens", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
139 SECDB_ATTR(v6asen, "asen", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
140 SECDB_ATTR(v6extr, "extr", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
141 SECDB_ATTR(v6next, "next", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
142 SECDB_ATTR(v6encr, "encr", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ), NULL, NULL);
143 SECDB_ATTR(v6decr, "decr", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ), NULL, NULL);
144 SECDB_ATTR(v6drve, "drve", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ), NULL, NULL);
145 SECDB_ATTR(v6sign, "sign", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ), NULL, NULL);
146 SECDB_ATTR(v6vrfy, "vrfy", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ), NULL, NULL);
147 SECDB_ATTR(v6snrc, "snrc", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
148 SECDB_ATTR(v6vyrc, "vyrc", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ), NULL, NULL);
149 SECDB_ATTR(v6wrap, "wrap", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ), NULL, NULL);
150 SECDB_ATTR(v6unwp, "unwp", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ), NULL, NULL);
151 // keys attributes that share names with common ones but have different flags
152 SECDB_ATTR(v6keytype, "type", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ,V0), NULL, NULL);
153 SECDB_ATTR(v6keycrtr, "crtr", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ,V0), NULL, NULL);
154 // | | | | | | | | | | | | | | |
155 SECDB_ATTR(v6version, "version", Number, SecDbFlags(P,L, , , , , , , , , , ,N, , ), NULL, NULL);
156 SECDB_ATTR(v91minor, "minor", Number, SecDbFlags( ,L, , , , , , , , ,Z, ,N, , ), NULL, NULL);
157
158 const SecDbClass genp_class = {
159 .name = CFSTR("genp"),
160 .attrs = {
161 &v6rowid,
162 &v6cdat,
163 &v6mdat,
164 &v6desc,
165 &v6icmt,
166 &v6crtr,
167 &v6type,
168 &v6scrp,
169 &v6labl,
170 &v6alis,
171 &v6invi,
172 &v6nega,
173 &v6cusi,
174 &v6prot,
175 &v6acct,
176 &v6svce,
177 &v6gena,
178 &v6data,
179 &v6agrp,
180 &v6pdmn,
181 &v6sync,
182 &v6tomb,
183 &v6sha1,
184 &v7vwht,
185 &v7tkid,
186 &v6v_Data,
187 &v6v_pk,
188 &v6accc,
189 &v7utomb,
190 &v8musr,
191 0
192 },
193 };
194
195 const SecDbClass inet_class = {
196 .name = CFSTR("inet"),
197 .attrs = {
198 &v6rowid,
199 &v6cdat,
200 &v6mdat,
201 &v6desc,
202 &v6icmt,
203 &v6crtr,
204 &v6type,
205 &v6scrp,
206 &v6labl,
207 &v6alis,
208 &v6invi,
209 &v6nega,
210 &v6cusi,
211 &v6prot,
212 &v6acct,
213 &v6sdmn,
214 &v6srvr,
215 &v6ptcl,
216 &v6atyp,
217 &v6port,
218 &v6path,
219 &v6data,
220 &v6agrp,
221 &v6pdmn,
222 &v6sync,
223 &v6tomb,
224 &v6sha1,
225 &v7vwht,
226 &v7tkid,
227 &v6v_Data,
228 &v6v_pk,
229 &v6accc,
230 &v7utomb,
231 &v8musr,
232 0
233 },
234 };
235
236 const SecDbClass cert_class = {
237 .name = CFSTR("cert"),
238 .attrs = {
239 &v6rowid,
240 &v6cdat,
241 &v6mdat,
242 &v6ctyp,
243 &v6cenc,
244 &v6labl,
245 &v6certalis,
246 &v6subj,
247 &v6issr,
248 &v6slnr,
249 &v6skid,
250 &v6pkhh,
251 &v6data,
252 &v6agrp,
253 &v6pdmn,
254 &v6sync,
255 &v6tomb,
256 &v6sha1,
257 &v7vwht,
258 &v7tkid,
259 &v6v_Data,
260 &v6v_pk,
261 &v6accc,
262 &v7utomb,
263 &v8musr,
264 0
265 },
266 };
267
268 const SecDbClass keys_class = {
269 .name = CFSTR("keys"),
270 .attrs = {
271 &v6rowid,
272 &v6cdat,
273 &v6mdat,
274 &v6kcls,
275 &v6labl,
276 &v6alis,
277 &v6perm,
278 &v6priv,
279 &v6modi,
280 &v6klbl,
281 &v6atag,
282 &v6keycrtr,
283 &v6keytype,
284 &v6bsiz,
285 &v6esiz,
286 &v6sdat,
287 &v6edat,
288 &v6sens,
289 &v6asen,
290 &v6extr,
291 &v6next,
292 &v6encr,
293 &v6decr,
294 &v6drve,
295 &v6sign,
296 &v6vrfy,
297 &v6snrc,
298 &v6vyrc,
299 &v6wrap,
300 &v6unwp,
301 &v6data,
302 &v6agrp,
303 &v6pdmn,
304 &v6sync,
305 &v6tomb,
306 &v6sha1,
307 &v7vwht,
308 &v7tkid,
309 &v6v_Data,
310 &v6v_pk,
311 &v6accc,
312 &v7utomb,
313 &v8musr,
314 0
315 }
316 };
317
318 const SecDbClass tversion_class = {
319 .name = CFSTR("tversion"),
320 .attrs = {
321 &v6rowid,
322 &v6version,
323 &v91minor,
324 0
325 }
326 };
327
328 /* An identity which is really a cert + a key, so all cert and keys attrs are
329 allowed. */
330 const SecDbClass identity_class = {
331 .name = CFSTR("idnt"),
332 .attrs = {
333 0
334 },
335 };
336
337 /*
338 * Version 9.1 (iOS 10.0 and OSX 10.11.8/10.12 addded minor version.
339 */
340 const SecDbSchema v9_1_schema = {
341 .majorVersion = 9,
342 .minorVersion = 1,
343 .classes = {
344 &genp_class,
345 &inet_class,
346 &cert_class,
347 &keys_class,
348 &tversion_class,
349 0
350 }
351 };
352
353 const SecDbClass v9genp_class = {
354 .name = CFSTR("genp9"),
355 .attrs = {
356 &v6rowid,
357 &v6cdat,
358 &v6mdat,
359 &v6desc,
360 &v6icmt,
361 &v6crtr,
362 &v6type,
363 &v6scrp,
364 &v6labl,
365 &v6alis,
366 &v6invi,
367 &v6nega,
368 &v6cusi,
369 &v6prot,
370 &v6acct,
371 &v6svce,
372 &v6gena,
373 &v6data,
374 &v6agrp,
375 &v6pdmn,
376 &v6sync,
377 &v6tomb,
378 &v6sha1,
379 &v7vwht,
380 &v7tkid,
381 &v6v_Data,
382 &v6v_pk,
383 &v6accc,
384 &v7utomb,
385 &v8musr,
386 0
387 },
388 };
389
390 const SecDbClass v9inet_class = {
391 .name = CFSTR("inet9"),
392 .attrs = {
393 &v6rowid,
394 &v6cdat,
395 &v6mdat,
396 &v6desc,
397 &v6icmt,
398 &v6crtr,
399 &v6type,
400 &v6scrp,
401 &v6labl,
402 &v6alis,
403 &v6invi,
404 &v6nega,
405 &v6cusi,
406 &v6prot,
407 &v6acct,
408 &v6sdmn,
409 &v6srvr,
410 &v6ptcl,
411 &v6atyp,
412 &v6port,
413 &v6path,
414 &v6data,
415 &v6agrp,
416 &v6pdmn,
417 &v6sync,
418 &v6tomb,
419 &v6sha1,
420 &v7vwht,
421 &v7tkid,
422 &v6v_Data,
423 &v6v_pk,
424 &v6accc,
425 &v7utomb,
426 &v8musr,
427 0
428 },
429 };
430
431 const SecDbClass v9cert_class = {
432 .name = CFSTR("cert9"),
433 .attrs = {
434 &v6rowid,
435 &v6cdat,
436 &v6mdat,
437 &v6ctyp,
438 &v6cenc,
439 &v6labl,
440 &v6certalis,
441 &v6subj,
442 &v6issr,
443 &v6slnr,
444 &v6skid,
445 &v6pkhh,
446 &v6data,
447 &v6agrp,
448 &v6pdmn,
449 &v6sync,
450 &v6tomb,
451 &v6sha1,
452 &v7vwht,
453 &v7tkid,
454 &v6v_Data,
455 &v6v_pk,
456 &v6accc,
457 &v7utomb,
458 &v8musr,
459 0
460 },
461 };
462
463 const SecDbClass v9keys_class = {
464 .name = CFSTR("keys9"),
465 .attrs = {
466 &v6rowid,
467 &v6cdat,
468 &v6mdat,
469 &v6kcls,
470 &v6labl,
471 &v6alis,
472 &v6perm,
473 &v6priv,
474 &v6modi,
475 &v6klbl,
476 &v6atag,
477 &v6keycrtr,
478 &v6keytype,
479 &v6bsiz,
480 &v6esiz,
481 &v6sdat,
482 &v6edat,
483 &v6sens,
484 &v6asen,
485 &v6extr,
486 &v6next,
487 &v6encr,
488 &v6decr,
489 &v6drve,
490 &v6sign,
491 &v6vrfy,
492 &v6snrc,
493 &v6vyrc,
494 &v6wrap,
495 &v6unwp,
496 &v6data,
497 &v6agrp,
498 &v6pdmn,
499 &v6sync,
500 &v6tomb,
501 &v6sha1,
502 &v7vwht,
503 &v7tkid,
504 &v6v_Data,
505 &v6v_pk,
506 &v6accc,
507 &v7utomb,
508 &v8musr,
509 0
510 }
511 };
512
513 const SecDbClass v5tversion_class = {
514 .name = CFSTR("tversion5"),
515 .attrs = {
516 &v6version,
517 0
518 }
519 };
520
521 /* Version 9 (iOS 9.3 and OSX 10.11.5) database schema
522 * Same contents as v8 tables; table names changed to force upgrade
523 * and correct default values in table.
524 */
525 const SecDbSchema v9_schema = {
526 .majorVersion = 9,
527 .classes = {
528 &v9genp_class,
529 &v9inet_class,
530 &v9cert_class,
531 &v9keys_class,
532 &v5tversion_class,
533 0
534 }
535 };
536
537 // Version 8 (Internal release iOS 9.3 and OSX 10.11.5) database schema
538 const SecDbClass v8genp_class = {
539 .name = CFSTR("genp8"),
540 .attrs = {
541 &v6rowid,
542 &v6cdat,
543 &v6mdat,
544 &v6desc,
545 &v6icmt,
546 &v6crtr,
547 &v6type,
548 &v6scrp,
549 &v6labl,
550 &v6alis,
551 &v6invi,
552 &v6nega,
553 &v6cusi,
554 &v6prot,
555 &v6acct,
556 &v6svce,
557 &v6gena,
558 &v6data,
559 &v6agrp,
560 &v6pdmn,
561 &v6sync,
562 &v6tomb,
563 &v6sha1,
564 &v7vwht,
565 &v7tkid,
566 &v6v_Data,
567 &v6v_pk,
568 &v6accc,
569 &v7utomb,
570 &v8musr,
571 0
572 },
573 };
574
575 const SecDbClass v8inet_class = {
576 .name = CFSTR("inet8"),
577 .attrs = {
578 &v6rowid,
579 &v6cdat,
580 &v6mdat,
581 &v6desc,
582 &v6icmt,
583 &v6crtr,
584 &v6type,
585 &v6scrp,
586 &v6labl,
587 &v6alis,
588 &v6invi,
589 &v6nega,
590 &v6cusi,
591 &v6prot,
592 &v6acct,
593 &v6sdmn,
594 &v6srvr,
595 &v6ptcl,
596 &v6atyp,
597 &v6port,
598 &v6path,
599 &v6data,
600 &v6agrp,
601 &v6pdmn,
602 &v6sync,
603 &v6tomb,
604 &v6sha1,
605 &v7vwht,
606 &v7tkid,
607 &v6v_Data,
608 &v6v_pk,
609 &v6accc,
610 &v7utomb,
611 &v8musr,
612 0
613 },
614 };
615
616 const SecDbClass v8cert_class = {
617 .name = CFSTR("cert8"),
618 .attrs = {
619 &v6rowid,
620 &v6cdat,
621 &v6mdat,
622 &v6ctyp,
623 &v6cenc,
624 &v6labl,
625 &v6certalis,
626 &v6subj,
627 &v6issr,
628 &v6slnr,
629 &v6skid,
630 &v6pkhh,
631 &v6data,
632 &v6agrp,
633 &v6pdmn,
634 &v6sync,
635 &v6tomb,
636 &v6sha1,
637 &v7vwht,
638 &v7tkid,
639 &v6v_Data,
640 &v6v_pk,
641 &v6accc,
642 &v7utomb,
643 &v8musr,
644 0
645 },
646 };
647
648 const SecDbClass v8keys_class = {
649 .name = CFSTR("keys8"),
650 .attrs = {
651 &v6rowid,
652 &v6cdat,
653 &v6mdat,
654 &v6kcls,
655 &v6labl,
656 &v6alis,
657 &v6perm,
658 &v6priv,
659 &v6modi,
660 &v6klbl,
661 &v6atag,
662 &v6keycrtr,
663 &v6keytype,
664 &v6bsiz,
665 &v6esiz,
666 &v6sdat,
667 &v6edat,
668 &v6sens,
669 &v6asen,
670 &v6extr,
671 &v6next,
672 &v6encr,
673 &v6decr,
674 &v6drve,
675 &v6sign,
676 &v6vrfy,
677 &v6snrc,
678 &v6vyrc,
679 &v6wrap,
680 &v6unwp,
681 &v6data,
682 &v6agrp,
683 &v6pdmn,
684 &v6sync,
685 &v6tomb,
686 &v6sha1,
687 &v7vwht,
688 &v7tkid,
689 &v6v_Data,
690 &v6v_pk,
691 &v6accc,
692 &v7utomb,
693 &v8musr,
694 0
695 }
696 };
697
698 const SecDbSchema v8_schema = {
699 .majorVersion = 8,
700 .classes = {
701 &v8genp_class,
702 &v8inet_class,
703 &v8cert_class,
704 &v8keys_class,
705 &v5tversion_class,
706 0
707 }
708 };
709
710 // Version 7 (iOS 9 and OSX 10.11) database schema
711 const SecDbClass v7genp_class = {
712 .name = CFSTR("genp7"),
713 .attrs = {
714 &v6rowid,
715 &v6cdat,
716 &v6mdat,
717 &v6desc,
718 &v6icmt,
719 &v6crtr,
720 &v6type,
721 &v6scrp,
722 &v6labl,
723 &v6alis,
724 &v6invi,
725 &v6nega,
726 &v6cusi,
727 &v6prot,
728 &v6acct,
729 &v6svce,
730 &v6gena,
731 &v6data,
732 &v6agrp,
733 &v6pdmn,
734 &v6sync,
735 &v6tomb,
736 &v6sha1,
737 &v7vwht,
738 &v7tkid,
739 &v6v_Data,
740 &v6v_pk,
741 &v6accc,
742 &v7utomb,
743 0
744 },
745 };
746
747 const SecDbClass v7inet_class = {
748 .name = CFSTR("inet7"),
749 .attrs = {
750 &v6rowid,
751 &v6cdat,
752 &v6mdat,
753 &v6desc,
754 &v6icmt,
755 &v6crtr,
756 &v6type,
757 &v6scrp,
758 &v6labl,
759 &v6alis,
760 &v6invi,
761 &v6nega,
762 &v6cusi,
763 &v6prot,
764 &v6acct,
765 &v6sdmn,
766 &v6srvr,
767 &v6ptcl,
768 &v6atyp,
769 &v6port,
770 &v6path,
771 &v6data,
772 &v6agrp,
773 &v6pdmn,
774 &v6sync,
775 &v6tomb,
776 &v6sha1,
777 &v7vwht,
778 &v7tkid,
779 &v6v_Data,
780 &v6v_pk,
781 &v6accc,
782 &v7utomb,
783 0
784 },
785 };
786
787 const SecDbClass v7cert_class = {
788 .name = CFSTR("cert7"),
789 .attrs = {
790 &v6rowid,
791 &v6cdat,
792 &v6mdat,
793 &v6ctyp,
794 &v6cenc,
795 &v6labl,
796 &v6certalis,
797 &v6subj,
798 &v6issr,
799 &v6slnr,
800 &v6skid,
801 &v6pkhh,
802 &v6data,
803 &v6agrp,
804 &v6pdmn,
805 &v6sync,
806 &v6tomb,
807 &v6sha1,
808 &v7vwht,
809 &v7tkid,
810 &v6v_Data,
811 &v6v_pk,
812 &v6accc,
813 &v7utomb,
814 0
815 },
816 };
817
818 const SecDbClass v7keys_class = {
819 .name = CFSTR("keys7"),
820 .attrs = {
821 &v6rowid,
822 &v6cdat,
823 &v6mdat,
824 &v6kcls,
825 &v6labl,
826 &v6alis,
827 &v6perm,
828 &v6priv,
829 &v6modi,
830 &v6klbl,
831 &v6atag,
832 &v6keycrtr,
833 &v6keytype,
834 &v6bsiz,
835 &v6esiz,
836 &v6sdat,
837 &v6edat,
838 &v6sens,
839 &v6asen,
840 &v6extr,
841 &v6next,
842 &v6encr,
843 &v6decr,
844 &v6drve,
845 &v6sign,
846 &v6vrfy,
847 &v6snrc,
848 &v6vyrc,
849 &v6wrap,
850 &v6unwp,
851 &v6data,
852 &v6agrp,
853 &v6pdmn,
854 &v6sync,
855 &v6tomb,
856 &v6sha1,
857 &v7vwht,
858 &v7tkid,
859 &v6v_Data,
860 &v6v_pk,
861 &v6accc,
862 &v7utomb,
863 0
864 }
865 };
866
867
868 const SecDbSchema v7_schema = {
869 .majorVersion = 7,
870 .classes = {
871 &v7genp_class,
872 &v7inet_class,
873 &v7cert_class,
874 &v7keys_class,
875 &v5tversion_class,
876 0
877 }
878 };
879
880
881 // Version 6 (iOS 7 and OSX 10.9) database schema
882 static const SecDbClass v6genp_class = {
883 .name = CFSTR("genp6"),
884 .attrs = {
885 &v6rowid,
886 &v6cdat,
887 &v6mdat,
888 &v6desc,
889 &v6icmt,
890 &v6crtr,
891 &v6type,
892 &v6scrp,
893 &v6labl,
894 &v6alis,
895 &v6invi,
896 &v6nega,
897 &v6cusi,
898 &v6prot,
899 &v6acct,
900 &v6svce,
901 &v6gena,
902 &v6data,
903 &v6agrp,
904 &v6pdmn,
905 &v6sync,
906 &v6tomb,
907 &v6sha1,
908 &v6v_Data,
909 &v6v_pk,
910 &v6accc,
911 0
912 },
913 };
914
915 static const SecDbClass v6inet_class = {
916 .name = CFSTR("inet6"),
917 .attrs = {
918 &v6rowid,
919 &v6cdat,
920 &v6mdat,
921 &v6desc,
922 &v6icmt,
923 &v6crtr,
924 &v6type,
925 &v6scrp,
926 &v6labl,
927 &v6alis,
928 &v6invi,
929 &v6nega,
930 &v6cusi,
931 &v6prot,
932 &v6acct,
933 &v6sdmn,
934 &v6srvr,
935 &v6ptcl,
936 &v6atyp,
937 &v6port,
938 &v6path,
939 &v6data,
940 &v6agrp,
941 &v6pdmn,
942 &v6sync,
943 &v6tomb,
944 &v6sha1,
945 &v6v_Data,
946 &v6v_pk,
947 &v6accc,
948 0
949 },
950 };
951
952 static const SecDbClass v6cert_class = {
953 .name = CFSTR("cert6"),
954 .attrs = {
955 &v6rowid,
956 &v6cdat,
957 &v6mdat,
958 &v6ctyp,
959 &v6cenc,
960 &v6labl,
961 &v6certalis,
962 &v6subj,
963 &v6issr,
964 &v6slnr,
965 &v6skid,
966 &v6pkhh,
967 &v6data,
968 &v6agrp,
969 &v6pdmn,
970 &v6sync,
971 &v6tomb,
972 &v6sha1,
973 &v6v_Data,
974 &v6v_pk,
975 &v6accc,
976 0
977 },
978 };
979
980 static const SecDbClass v6keys_class = {
981 .name = CFSTR("keys6"),
982 .attrs = {
983 &v6rowid,
984 &v6cdat,
985 &v6mdat,
986 &v6kcls,
987 &v6labl,
988 &v6alis,
989 &v6perm,
990 &v6priv,
991 &v6modi,
992 &v6klbl,
993 &v6atag,
994 &v6keycrtr,
995 &v6keytype,
996 &v6bsiz,
997 &v6esiz,
998 &v6sdat,
999 &v6edat,
1000 &v6sens,
1001 &v6asen,
1002 &v6extr,
1003 &v6next,
1004 &v6encr,
1005 &v6decr,
1006 &v6drve,
1007 &v6sign,
1008 &v6vrfy,
1009 &v6snrc,
1010 &v6vyrc,
1011 &v6wrap,
1012 &v6unwp,
1013 &v6data,
1014 &v6agrp,
1015 &v6pdmn,
1016 &v6sync,
1017 &v6tomb,
1018 &v6sha1,
1019 &v6v_Data,
1020 &v6v_pk,
1021 &v6accc,
1022 0
1023 }
1024 };
1025
1026 static const SecDbSchema v6_schema = {
1027 .majorVersion = 6,
1028 .classes = {
1029 &v6genp_class,
1030 &v6inet_class,
1031 &v6cert_class,
1032 &v6keys_class,
1033 &v5tversion_class,
1034 0
1035 }
1036 };
1037
1038
1039 // Version 5 (iOS 5 & iOS 6) database schema.
1040 static const SecDbClass v5genp_class = {
1041 .name = CFSTR("genp5"),
1042 .attrs = {
1043 &v6rowid,
1044 &v6cdat,
1045 &v6mdat,
1046 &v6desc,
1047 &v6icmt,
1048 &v6crtr,
1049 &v6type,
1050 &v6scrp,
1051 &v6labl,
1052 &v6alis,
1053 &v6invi,
1054 &v6nega,
1055 &v6cusi,
1056 &v6prot,
1057 &v6acct,
1058 &v6svce,
1059 &v6gena,
1060 &v6data,
1061 &v6agrp,
1062 &v6pdmn,
1063 &v6v_Data,
1064 0
1065 },
1066 };
1067
1068 static const SecDbClass v5inet_class = {
1069 .name = CFSTR("inet5"),
1070 .attrs = {
1071 &v6rowid,
1072 &v6cdat,
1073 &v6mdat,
1074 &v6desc,
1075 &v6icmt,
1076 &v6crtr,
1077 &v6type,
1078 &v6scrp,
1079 &v6labl,
1080 &v6alis,
1081 &v6invi,
1082 &v6nega,
1083 &v6cusi,
1084 &v6prot,
1085 &v6acct,
1086 &v6sdmn,
1087 &v6srvr,
1088 &v6ptcl,
1089 &v6atyp,
1090 &v6port,
1091 &v6path,
1092 &v6data,
1093 &v6agrp,
1094 &v6pdmn,
1095 &v6v_Data,
1096 0
1097 },
1098 };
1099
1100 static const SecDbClass v5cert_class = {
1101 .name = CFSTR("cert5"),
1102 .attrs = {
1103 &v6rowid,
1104 &v6cdat,
1105 &v6mdat,
1106 &v6ctyp,
1107 &v6cenc,
1108 &v6labl,
1109 &v6certalis,
1110 &v6subj,
1111 &v6issr,
1112 &v6slnr,
1113 &v6skid,
1114 &v6pkhh,
1115 &v6data,
1116 &v6agrp,
1117 &v6pdmn,
1118 &v6v_Data,
1119 0
1120 },
1121 };
1122
1123 static const SecDbClass v5keys_class = {
1124 .name = CFSTR("keys5"),
1125 .attrs = {
1126 &v6rowid,
1127 &v6cdat,
1128 &v6mdat,
1129 &v6kcls,
1130 &v6labl,
1131 &v6alis,
1132 &v6perm,
1133 &v6priv,
1134 &v6modi,
1135 &v6klbl,
1136 &v6atag,
1137 &v6keycrtr,
1138 &v6keytype,
1139 &v6bsiz,
1140 &v6esiz,
1141 &v6sdat,
1142 &v6edat,
1143 &v6sens,
1144 &v6asen,
1145 &v6extr,
1146 &v6next,
1147 &v6encr,
1148 &v6decr,
1149 &v6drve,
1150 &v6sign,
1151 &v6vrfy,
1152 &v6snrc,
1153 &v6vyrc,
1154 &v6wrap,
1155 &v6unwp,
1156 &v6data,
1157 &v6agrp,
1158 &v6pdmn,
1159 &v6v_Data,
1160 0
1161 }
1162 };
1163
1164 static const SecDbSchema v5_schema = {
1165 .majorVersion = 5,
1166 .classes = {
1167 &v5genp_class,
1168 &v5inet_class,
1169 &v5cert_class,
1170 &v5keys_class,
1171 &v5tversion_class,
1172 0
1173 }
1174 };
1175
1176 const SecDbSchema *kc_schemas[] = {
1177 &v9_1_schema,
1178 &v9_schema,
1179 &v8_schema,
1180 &v7_schema,
1181 &v6_schema,
1182 &v5_schema,
1183 0
1184 };
mirror of Security