2 * Copyright (c) 2006-2014 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 * SecItemSchema.c - CoreFoundation-based constants and functions for
26 access to Security items (certificates, keys, identities, and
30 #include "SecItemSchema.h"
31 #include <securityd/SecDbKeychainItem.h>
32 #include <keychain/ckks/CKKS.h>
35 // MARK Keychain version 6 schema
37 #define __FLAGS(ARG, ...) SECDBFLAGS(__VA_ARGS__)
38 #define SECDBFLAGS(ARG, ...) __FLAGS_##ARG | __FLAGS(__VA_ARGS__)
40 #define SecDbFlags(P,L,I,S,A,D,R,C,H,B,Z,E,N,U,V,Y) (__FLAGS_##P|__FLAGS_##L|__FLAGS_##I|__FLAGS_##S|__FLAGS_##A|__FLAGS_##D|__FLAGS_##R|__FLAGS_##C|__FLAGS_##H|__FLAGS_##B|__FLAGS_##Z|__FLAGS_##E|__FLAGS_##N|__FLAGS_##U|__FLAGS_##V|__FLAGS_##Y)
43 #define __FLAGS_P kSecDbPrimaryKeyFlag
44 #define __FLAGS_L kSecDbInFlag
45 #define __FLAGS_I kSecDbIndexFlag
46 #define __FLAGS_S kSecDbSHA1ValueInFlag
47 #define __FLAGS_A kSecDbReturnAttrFlag
48 #define __FLAGS_D kSecDbReturnDataFlag
49 #define __FLAGS_R kSecDbReturnRefFlag
50 #define __FLAGS_C kSecDbInCryptoDataFlag
51 #define __FLAGS_H kSecDbInHashFlag
52 #define __FLAGS_B kSecDbInBackupFlag
53 #define __FLAGS_Z kSecDbDefault0Flag
54 #define __FLAGS_E kSecDbDefaultEmptyFlag
55 #define __FLAGS_N kSecDbNotNullFlag
56 #define __FLAGS_U kSecDbInAuthenticatedDataFlag
57 #define __FLAGS_V0 kSecDbSyncPrimaryKeyV0
58 #define __FLAGS_V2 (kSecDbSyncPrimaryKeyV0 | kSecDbSyncPrimaryKeyV2)
59 #define __FLAGS_Y kSecDbSyncFlag
61 // ,----------------- P : Part of primary key
62 // / ,---------------- L : Stored in local database
63 // / / ,--------------- I : Attribute wants an index in the database
64 // / / / ,-------------- S : SHA1 hashed attribute value in database (implies L)
65 // / / / / ,------------- A : Returned to client as attribute in queries
66 // / / / / / ,------------ D : Returned to client as data in queries
67 // / / / / / / ,----------- R : Returned to client as ref/persistent ref in queries
68 // / / / / / / / ,---------- C : Part of encrypted blob
69 // / / / / / / / / ,--------- H : Attribute is part of item SHA1 hash (Implied by C)
70 // / / / / / / / / / ,-------- B : Attribute is part of iTunes/iCloud backup bag
71 // / / / / / / / / / / ,------- Z : Attribute has a default value of 0
72 // / / / / / / / / / / / ,------ E : Attribute has a default value of "" or empty data
73 // / / / / / / / / / / / / ,----- N : Attribute must have a value
74 // / / / / / / / / / / / / / ,---- U : Attribute is stored in authenticated, but not necessarily encrypted data
75 // / / / / / / / / / / / / / / ,--- V0: Sync primary key version
76 // / / / / / / / / / / / / / / / ,- Y : Attribute should be synced
77 // | | | | | | | | | | | | | | | |
78 // common to all | | | | | | | | | | | | | | | |
79 SECDB_ATTR(v6rowid
, "rowid", RowId
, SecDbFlags( ,L
, , , , ,R
, , ,B
, , , , , , ), NULL
, NULL
);
80 SECDB_ATTR(v6cdat
, "cdat", CreationDate
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), SecDbKeychainItemCopyCurrentDate
, NULL
);
81 SECDB_ATTR(v6mdat
, "mdat",ModificationDate
,SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), SecDbKeychainItemCopyCurrentDate
, NULL
);
82 SECDB_ATTR(v6labl
, "labl", Blob
, SecDbFlags( ,L
, ,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
83 SECDB_ATTR(v6data
, "data", EncryptedData
, SecDbFlags( ,L
, , , , , , , ,B
, , , , , , ), SecDbKeychainItemCopyEncryptedData
, NULL
);
84 SECDB_ATTR(v6agrp
, "agrp", String
, SecDbFlags(P
,L
, , ,A
, , , ,H
, , , ,N
,U
,V0
,Y
), NULL
, NULL
);
85 SECDB_ATTR(v6pdmn
, "pdmn", Access
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
86 SECDB_ATTR(v6sync
, "sync", Sync
, SecDbFlags(P
,L
,I
, ,A
, , , ,H
, ,Z
, ,N
,U
,V0
, ), NULL
, NULL
);
87 SECDB_ATTR(v6tomb
, "tomb", Tomb
, SecDbFlags( ,L
, , , , , , ,H
, ,Z
, ,N
,U
, ,Y
), NULL
, NULL
);
88 SECDB_ATTR(v6sha1
, "sha1", SHA1
, SecDbFlags( ,L
,I
, ,A
, ,R
, , , , , , , , ,Y
), SecDbKeychainItemCopySHA1
, NULL
);
89 SECDB_ATTR(v6accc
, "accc", AccessControl
, SecDbFlags( , , , ,A
, , , , , , , , , , , ), NULL
, NULL
);
90 SECDB_ATTR(v6v_Data
, "v_Data", Data
, SecDbFlags( , , , , ,D
, ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
91 SECDB_ATTR(v6v_pk
, "v_pk", PrimaryKey
, SecDbFlags( , , , , , , , , , , , , , , , ), SecDbKeychainItemCopyPrimaryKey
, NULL
);
92 SECDB_ATTR(v7vwht
, "vwht", String
, SecDbFlags(P
,L
, , ,A
, , , ,H
, , , , ,U
,V2
,Y
), NULL
, NULL
);
93 SECDB_ATTR(v7tkid
, "tkid", String
, SecDbFlags(P
,L
, , ,A
, , , ,H
, , , , ,U
,V2
,Y
), NULL
, NULL
);
94 SECDB_ATTR(v7utomb
, "u_Tomb", UTomb
, SecDbFlags( , , , , , , , , , , , , , , , ), NULL
, NULL
);
95 SECDB_ATTR(v8musr
, "musr", UUID
, SecDbFlags(P
,L
,I
, , , , , , , , , ,N
,U
, ,Y
), NULL
, NULL
);
96 // genp and inet and keys | | | | | | | | | | | | | | | |
97 SECDB_ATTR(v6crtr
, "crtr", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
98 SECDB_ATTR(v6alis
, "alis", Blob
, SecDbFlags( ,L
, ,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
99 // genp and inet | | | | | | | | | | | | | | | |
100 SECDB_ATTR(v6desc
, "desc", Blob
, SecDbFlags( ,L
, ,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
101 SECDB_ATTR(v6icmt
, "icmt", Blob
, SecDbFlags( ,L
, ,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
102 SECDB_ATTR(v6type
, "type", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
103 SECDB_ATTR(v6invi
, "invi", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
104 SECDB_ATTR(v6nega
, "nega", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
105 SECDB_ATTR(v6cusi
, "cusi", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
106 SECDB_ATTR(v6prot
, "prot", Blob
, SecDbFlags( ,L
, ,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
107 SECDB_ATTR(v6scrp
, "scrp", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
108 SECDB_ATTR(v6acct
, "acct", Blob
, SecDbFlags(P
,L
, ,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
109 // genp only | | | | | | | | | | | | | | | |
110 SECDB_ATTR(v6svce
, "svce", Blob
, SecDbFlags(P
,L
, ,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
111 SECDB_ATTR(v6gena
, "gena", Blob
, SecDbFlags( ,L
, ,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
112 // inet only | | | | | | | | | | | | | | | |
113 SECDB_ATTR(v6sdmn
, "sdmn", Blob
, SecDbFlags(P
,L
, ,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
114 SECDB_ATTR(v6srvr
, "srvr", Blob
, SecDbFlags(P
,L
, ,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
115 SECDB_ATTR(v6ptcl
, "ptcl", Number
, SecDbFlags(P
,L
, , ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
116 SECDB_ATTR(v6atyp
, "atyp", Blob
, SecDbFlags(P
,L
, ,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
117 SECDB_ATTR(v6port
, "port", Number
, SecDbFlags(P
,L
, , ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
118 SECDB_ATTR(v6path
, "path", Blob
, SecDbFlags(P
,L
, ,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
119 // cert only | | | | | | | | | | | | | | | |
120 SECDB_ATTR(v6ctyp
, "ctyp", Number
, SecDbFlags(P
,L
, , ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
121 SECDB_ATTR(v6cenc
, "cenc", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
122 SECDB_ATTR(v6subj
, "subj", Data
, SecDbFlags( ,L
,I
,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
123 SECDB_ATTR(v6issr
, "issr", Data
, SecDbFlags(P
,L
, ,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
124 SECDB_ATTR(v6slnr
, "slnr", Data
, SecDbFlags(P
,L
, ,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
125 SECDB_ATTR(v6skid
, "skid", Data
, SecDbFlags( ,L
,I
,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
126 SECDB_ATTR(v6pkhh
, "pkhh", Data
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
127 // cert attributes that share names with common ones but have different flags
128 SECDB_ATTR(v6certalis
, "alis", Blob
, SecDbFlags( ,L
,I
,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
129 // keys only | | | | | | | | | | | | | | | |
130 SECDB_ATTR(v6kcls
, "kcls", Number
, SecDbFlags(P
,L
,I
,S
,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
131 SECDB_ATTR(v6perm
, "perm", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
132 SECDB_ATTR(v6priv
, "priv", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
133 SECDB_ATTR(v6modi
, "modi", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
134 SECDB_ATTR(v6klbl
, "klbl", Data
, SecDbFlags(P
,L
,I
, ,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
135 SECDB_ATTR(v6atag
, "atag", Blob
, SecDbFlags(P
,L
, ,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
136 SECDB_ATTR(v6bsiz
, "bsiz", Number
, SecDbFlags(P
,L
, , ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
137 SECDB_ATTR(v6esiz
, "esiz", Number
, SecDbFlags(P
,L
, , ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
138 SECDB_ATTR(v6sdat
, "sdat", Date
, SecDbFlags(P
,L
, , ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
139 SECDB_ATTR(v6edat
, "edat", Date
, SecDbFlags(P
,L
, , ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
140 SECDB_ATTR(v6sens
, "sens", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
141 SECDB_ATTR(v6asen
, "asen", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
142 SECDB_ATTR(v6extr
, "extr", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
143 SECDB_ATTR(v6next
, "next", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
144 SECDB_ATTR(v6encr
, "encr", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
145 SECDB_ATTR(v6decr
, "decr", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
146 SECDB_ATTR(v6drve
, "drve", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
147 SECDB_ATTR(v6sign
, "sign", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
148 SECDB_ATTR(v6vrfy
, "vrfy", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
149 SECDB_ATTR(v6snrc
, "snrc", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
150 SECDB_ATTR(v6vyrc
, "vyrc", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
151 SECDB_ATTR(v6wrap
, "wrap", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
152 SECDB_ATTR(v6unwp
, "unwp", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
153 // keys attributes that share names with common ones but have different flags
154 SECDB_ATTR(v6keytype
, "type", Number
, SecDbFlags(P
,L
, , ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
155 SECDB_ATTR(v6keycrtr
, "crtr", Number
, SecDbFlags(P
,L
, , ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
156 // | | | | | | | | | | | | | | |
157 SECDB_ATTR(v6version
, "version", Number
, SecDbFlags(P
,L
, , , , , , , , , , ,N
, , ,Y
), NULL
, NULL
);
158 SECDB_ATTR(v91minor
, "minor", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
, , ,Y
), NULL
, NULL
);
160 SECDB_ATTR(v10_1pcsservice
, "pcss", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
161 SECDB_ATTR(v10_1pcspublickey
, "pcsk", Blob
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
162 SECDB_ATTR(v10_1pcspublicidentity
,"pcsi", Blob
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
164 SECDB_ATTR(v10itemuuid
, "UUID", String
, SecDbFlags( ,L
, , , , , , , , , , , ,U
, , ), NULL
, NULL
);
165 SECDB_ATTR(v10syncuuid
, "UUID", String
, SecDbFlags(P
,L
, , , , , , , , , , , ,U
, , ), NULL
, NULL
);
166 SECDB_ATTR(v10parentKeyUUID
, "parentKeyUUID", String
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
167 SECDB_ATTR(v10currentKeyUUID
,"currentKeyUUID",String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
168 SECDB_ATTR(v10wrappedkey
, "wrappedkey", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
169 SECDB_ATTR(v10encrypteditem
, "encitem", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
170 SECDB_ATTR(v10gencount
, "gencount", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
, , , ), NULL
, NULL
);
171 SECDB_ATTR(v10action
, "action", String
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
172 SECDB_ATTR(v10state
, "state", String
, SecDbFlags(P
,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
173 SECDB_ATTR(v10waituntiltime
, "waituntil", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
174 SECDB_ATTR(v10encodedCKRecord
, "ckrecord", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
175 SECDB_ATTR(v10_1wasCurrent
, "wascurrent", Number
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
176 SECDB_ATTR(v10accessgroup
, "accessgroup", String
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
177 SECDB_ATTR(v10keyclass
, "keyclass", String
, SecDbFlags(P
,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
178 SECDB_ATTR(v10currentkey
, "currentkey", Number
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
179 SECDB_ATTR(v10ckzone
, "ckzone", String
, SecDbFlags(P
,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
180 SECDB_ATTR(v10ckzonecreated
, "ckzonecreated", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, , ,N
, , ), NULL
, NULL
);
181 SECDB_ATTR(v10ckzonesubscribed
,"ckzonesubscribed", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
, , , ), NULL
, NULL
);
182 SECDB_ATTR(v10ratelimiter
, "ratelimiter", Blob
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
183 SECDB_ATTR(v10changetoken
, "changetoken", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
184 SECDB_ATTR(v10lastfetchtime
, "lastfetch", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
185 SECDB_ATTR(v10itempersistentref
,"persistref", UUID
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
186 SECDB_ATTR(v10sysbound
, "sysb", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, ,Z
, , , , , ), NULL
, NULL
);
187 SECDB_ATTR(v10encryptionver
, "encver", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
,U
, , ), NULL
, NULL
);
189 SECDB_ATTR(v10primaryKey
, "primaryKey", String
, SecDbFlags(P
,L
, , ,A
, , , , , , , ,N
,U
, , ), NULL
, NULL
);
190 SECDB_ATTR(v10publickeyHash
, "publickeyHash", Blob
, SecDbFlags(P
,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
191 SECDB_ATTR(v10publickey
, "publickey", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
192 SECDB_ATTR(v10backupData
, "backupData", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
194 SECDB_ATTR(v10_1digest
, "digest", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
195 SECDB_ATTR(v10_1signatures
, "signatures", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
196 SECDB_ATTR(v10_1signerID
, "signerID", String
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
197 SECDB_ATTR(v10_1leafIDs
, "leafIDs", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
198 SECDB_ATTR(v10_1peerManIDs
, "peerManifests", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
199 SECDB_ATTR(v10_1entryDigests
,"entryDigests", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
200 SECDB_ATTR(v10_2currentItems
,"currentItems", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
201 SECDB_ATTR(v10_2futureData
, "futureData", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
202 SECDB_ATTR(v10_2schema
, "schema", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
203 SECDB_ATTR(v10_1encRecord
, "ckrecord", Blob
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
205 SECDB_ATTR(v10_1keyArchiveHash
, "key_archive_hash", String
, SecDbFlags(P
,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
206 SECDB_ATTR(v10_1keyArchive
, "key_archive", String
, SecDbFlags(P
,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
207 SECDB_ATTR(v10_1archivedKey
, "archived_key", String
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
208 SECDB_ATTR(v10_1keyArchiveName
, "keyarchive_name", String
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
209 SECDB_ATTR(v10_1optionalEncodedCKRecord
, "ckrecord", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
210 SECDB_ATTR(v10_1archiveEscrowID
,"archive_escrowid", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
212 SECDB_ATTR(v10_1itempersistentref
,"persistref", UUID
, SecDbFlags( ,L
,I
, , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
214 SECDB_ATTR(v10_1currentItemUUID
,"currentItemUUID",String
, SecDbFlags(P
,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
215 SECDB_ATTR(v10_4currentItemUUID
,"currentItemUUID",String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
216 SECDB_ATTR(v10_1currentPtrIdentifier
,"identifier",String
, SecDbFlags(P
,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
218 SECDB_ATTR(v10_2device
, "device", String
, SecDbFlags(P
,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
219 SECDB_ATTR(v10_2peerid
, "peerid", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
220 SECDB_ATTR(v10_2circleStatus
,"circlestatus", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
221 SECDB_ATTR(v10_2keyState
, "keystate", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
222 SECDB_ATTR(v10_2currentTLK
, "currentTLK", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
223 SECDB_ATTR(v10_2currentClassA
,"currentClassA",String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
224 SECDB_ATTR(v10_2currentClassC
,"currentClassC",String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
226 SECDB_ATTR(v10_4lastFixup
, "lastfixup", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, , ,N
, , ), NULL
, NULL
);
228 SECDB_ATTR(v10_5senderPeerID
,"senderpeerid", String
, SecDbFlags(P
,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
229 SECDB_ATTR(v10_5recvPeerID
, "recvpeerid", String
, SecDbFlags(P
,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
230 SECDB_ATTR(v10_5recvPubKey
, "recvpubenckey", Blob
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
231 SECDB_ATTR(v10_5curve
, "curve", Number
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
232 SECDB_ATTR(v10_5poisoned
, "poisoned", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
, , , ), NULL
, NULL
);
233 SECDB_ATTR(v10_5epoch
, "epoch", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
, , , ), NULL
, NULL
);
234 SECDB_ATTR(v10_5signature
, "signature", Blob
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
235 SECDB_ATTR(v10_5version
, "version", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
,U
, , ), NULL
, NULL
);
237 const SecDbClass v10_5_tlkshare_class
= {
238 .name
= CFSTR("tlkshare"),
258 const SecDbClass v10_4_current_item_class
= {
259 .name
= CFSTR("currentitems"),
263 &v10_1currentPtrIdentifier
,
264 &v10_4currentItemUUID
,
271 const SecDbClass v10_4_ckstate_class
= {
272 .name
= CFSTR("ckstate"),
277 &v10ckzonesubscribed
,
286 const SecDbClass v10_3_ckdevicestate_class
= {
287 .name
= CFSTR("ckdevicestate"),
303 const SecDbClass v10_2_ckmanifest_class
= {
304 .name
= CFSTR("ckmanifest"),
322 const SecDbClass v10_2_pending_manifest_class
= {
323 .name
= CFSTR("pending_manifest"),
341 const SecDbClass v10_1_ckmanifest_class
= {
342 .name
= CFSTR("ckmanifest"),
357 const SecDbClass v10_1_pending_manifest_class
= {
358 .name
= CFSTR("pending_manifest"),
373 const SecDbClass v10_1_ckmanifest_leaf_class
= {
374 .name
= CFSTR("ckmanifest_leaf"),
386 const SecDbClass v10_1_pending_manifest_leaf_class
= {
387 .name
= CFSTR("pending_manifest_leaf"),
399 const SecDbClass v10_1_genp_class
= {
400 .name
= CFSTR("genp"),
437 &v10_1pcspublicidentity
,
438 &v10_1itempersistentref
,
443 const SecDbClass v10_1_inet_class
= {
444 .name
= CFSTR("inet"),
485 &v10_1pcspublicidentity
,
486 &v10_1itempersistentref
,
491 const SecDbClass v10_1_cert_class
= {
492 .name
= CFSTR("cert"),
524 &v10_1pcspublicidentity
,
525 &v10_1itempersistentref
,
530 const SecDbClass v10_1_keys_class
= {
531 .name
= CFSTR("keys"),
581 &v10_1pcspublicidentity
,
582 &v10_1itempersistentref
,
587 const SecDbClass v10_0_tversion_class
= {
588 .name
= CFSTR("tversion"),
598 const SecDbClass v10_2_outgoing_queue_class
= {
599 .name
= CFSTR("outgoingqueue"),
613 &v10_1optionalEncodedCKRecord
,
616 &v10_1pcspublicidentity
,
621 const SecDbClass v10_2_incoming_queue_class
= {
622 .name
= CFSTR("incomingqueue"),
634 &v10_1optionalEncodedCKRecord
,
637 &v10_1pcspublicidentity
,
643 const SecDbClass v10_1_outgoing_queue_class
= {
644 .name
= CFSTR("outgoingqueue"),
660 &v10_1pcspublicidentity
,
665 const SecDbClass v10_1_incoming_queue_class
= {
666 .name
= CFSTR("incomingqueue"),
680 &v10_1pcspublicidentity
,
686 const SecDbClass v10_0_outgoing_queue_class
= {
687 .name
= CFSTR("outgoingqueue"),
705 const SecDbClass v10_0_incoming_queue_class
= {
706 .name
= CFSTR("incomingqueue"),
722 const SecDbClass v10_0_sync_key_class
= {
723 .name
= CFSTR("synckeys"),
738 // Stores the "Current Key" records, and parentKeyUUID refers to items in the synckeys table
739 // Wouldn't foreign keys be nice?
740 const SecDbClass v10_0_current_key_class
= {
741 .name
= CFSTR("currentkeys"),
752 const SecDbClass v10_1_current_item_class
= {
753 .name
= CFSTR("currentitems"),
757 &v10_1currentPtrIdentifier
,
758 &v10_1currentItemUUID
,
765 const SecDbClass v10_1_ckmirror_class
= {
766 .name
= CFSTR("ckmirror"),
780 &v10_1pcspublicidentity
,
785 const SecDbClass v10_0_ckmirror_class
= {
786 .name
= CFSTR("ckmirror"),
801 const SecDbClass v10_0_ckstate_class
= {
802 .name
= CFSTR("ckstate"),
807 &v10ckzonesubscribed
,
816 /* Primary keys: v10primaryKey, v8musr */
817 const SecDbClass v10_0_item_backup_class
= {
818 .name
= CFSTR("item_backup"),
822 &v10primaryKey
, // Primary key of the original item, from v6v_pk
824 &v6sha1
, // Hash of the original item
825 &v10backupData
, // Data wrapped to backup keybag
826 &v6pkhh
, // Hash of the public key of the backup bag [v10publickeyHash]
831 /* Backup Keybag table */
832 /* Primary keys: v10publickeyHash, v8musr */
833 const SecDbClass v10_0_backup_keybag_class
= {
834 .name
= CFSTR("backup_keybag"),
838 &v10publickeyHash
, // Hash of the public key of the backup bag
840 &v10publickey
, // Public key for the asymmetric backup bag
841 &v6agrp
, // Used for backup agent
846 const SecDbClass v10_1_backup_keyarchive_class
= {
847 .name
= CFSTR("backup_keyarchive"),
850 &v10_1keyArchiveHash
, // Hash of the key archive
852 &v10_1keyArchive
, // Serialised key archive
854 &v10_1optionalEncodedCKRecord
,
855 &v10_1archiveEscrowID
,
860 const SecDbClass v10_1_current_archived_keys_class
= {
861 .name
= CFSTR("archived_key_backup"),
868 &v10_1keyArchiveHash
,
871 &v10_1optionalEncodedCKRecord
,
872 &v10_1archiveEscrowID
,
877 const SecDbClass v10_1_current_keyarchive_class
= {
878 .name
= CFSTR("currentkeyarchives"),
881 &v10_1keyArchiveHash
,
882 &v10_1keyArchiveName
,
887 /* An identity which is really a cert + a key, so all cert and keys attrs are
889 const SecDbClass v_identity_class
= {
890 .name
= CFSTR("idnt"),
901 const SecDbSchema v10_5_schema
= {
909 &v10_0_tversion_class
,
910 &v10_2_outgoing_queue_class
,
911 &v10_2_incoming_queue_class
,
912 &v10_0_sync_key_class
,
913 &v10_1_ckmirror_class
,
914 &v10_0_current_key_class
,
915 &v10_4_ckstate_class
,
916 &v10_0_item_backup_class
,
917 &v10_0_backup_keybag_class
,
918 &v10_2_ckmanifest_class
,
919 &v10_2_pending_manifest_class
,
920 &v10_1_ckmanifest_leaf_class
,
921 &v10_1_backup_keyarchive_class
,
922 &v10_1_current_keyarchive_class
,
923 &v10_1_current_archived_keys_class
,
924 &v10_1_pending_manifest_leaf_class
,
925 &v10_4_current_item_class
,
926 &v10_3_ckdevicestate_class
,
927 &v10_5_tlkshare_class
,
936 const SecDbSchema v10_4_schema
= {
944 &v10_0_tversion_class
,
945 &v10_2_outgoing_queue_class
,
946 &v10_2_incoming_queue_class
,
947 &v10_0_sync_key_class
,
948 &v10_1_ckmirror_class
,
949 &v10_0_current_key_class
,
950 &v10_4_ckstate_class
,
951 &v10_0_item_backup_class
,
952 &v10_0_backup_keybag_class
,
953 &v10_2_ckmanifest_class
,
954 &v10_2_pending_manifest_class
,
955 &v10_1_ckmanifest_leaf_class
,
956 &v10_1_backup_keyarchive_class
,
957 &v10_1_current_keyarchive_class
,
958 &v10_1_current_archived_keys_class
,
959 &v10_1_pending_manifest_leaf_class
,
960 &v10_4_current_item_class
,
961 &v10_3_ckdevicestate_class
,
969 const SecDbSchema v10_3_schema
= {
977 &v10_0_tversion_class
,
978 &v10_2_outgoing_queue_class
,
979 &v10_2_incoming_queue_class
,
980 &v10_0_sync_key_class
,
981 &v10_1_ckmirror_class
,
982 &v10_0_current_key_class
,
983 &v10_0_ckstate_class
,
984 &v10_0_item_backup_class
,
985 &v10_0_backup_keybag_class
,
986 &v10_2_ckmanifest_class
,
987 &v10_2_pending_manifest_class
,
988 &v10_1_ckmanifest_leaf_class
,
989 &v10_1_backup_keyarchive_class
,
990 &v10_1_current_keyarchive_class
,
991 &v10_1_current_archived_keys_class
,
992 &v10_1_pending_manifest_leaf_class
,
993 &v10_1_current_item_class
,
994 &v10_3_ckdevicestate_class
,
1002 const SecDbSchema v10_2_schema
= {
1010 &v10_0_tversion_class
,
1011 &v10_2_outgoing_queue_class
,
1012 &v10_2_incoming_queue_class
,
1013 &v10_0_sync_key_class
,
1014 &v10_1_ckmirror_class
,
1015 &v10_0_current_key_class
,
1016 &v10_0_ckstate_class
,
1017 &v10_0_item_backup_class
,
1018 &v10_0_backup_keybag_class
,
1019 &v10_2_ckmanifest_class
,
1020 &v10_2_pending_manifest_class
,
1021 &v10_1_ckmanifest_leaf_class
,
1022 &v10_1_backup_keyarchive_class
,
1023 &v10_1_current_keyarchive_class
,
1024 &v10_1_current_archived_keys_class
,
1025 &v10_1_pending_manifest_leaf_class
,
1026 &v10_1_current_item_class
,
1034 const SecDbSchema v10_1_schema
= {
1042 &v10_0_tversion_class
,
1043 &v10_1_outgoing_queue_class
,
1044 &v10_1_incoming_queue_class
,
1045 &v10_0_sync_key_class
,
1046 &v10_1_ckmirror_class
,
1047 &v10_0_current_key_class
,
1048 &v10_0_ckstate_class
,
1049 &v10_0_item_backup_class
,
1050 &v10_0_backup_keybag_class
,
1051 &v10_1_ckmanifest_class
,
1052 &v10_1_pending_manifest_class
,
1053 &v10_1_ckmanifest_leaf_class
,
1054 &v10_1_backup_keyarchive_class
,
1055 &v10_1_current_keyarchive_class
,
1056 &v10_1_current_archived_keys_class
,
1057 &v10_1_pending_manifest_leaf_class
,
1058 &v10_1_current_item_class
,
1067 const SecDbClass v10_0_genp_class
= {
1068 .name
= CFSTR("genp"),
1102 &v10itempersistentref
,
1108 const SecDbClass v10_0_inet_class
= {
1109 .name
= CFSTR("inet"),
1147 &v10itempersistentref
,
1153 const SecDbClass v10_0_cert_class
= {
1154 .name
= CFSTR("cert"),
1183 &v10itempersistentref
,
1189 const SecDbClass v10_0_keys_class
= {
1190 .name
= CFSTR("keys"),
1237 &v10itempersistentref
,
1243 const SecDbSchema v10_0_schema
= {
1251 &v10_0_tversion_class
,
1252 &v10_0_outgoing_queue_class
,
1253 &v10_0_incoming_queue_class
,
1254 &v10_0_sync_key_class
,
1255 &v10_0_ckmirror_class
,
1256 &v10_0_current_key_class
,
1257 &v10_0_ckstate_class
,
1258 &v10_0_item_backup_class
,
1259 &v10_0_backup_keybag_class
,
1264 const SecDbClass v9_1_tversion_class
= {
1265 .name
= CFSTR("tversion91"),
1275 const SecDbClass v9_1_genp_class
= {
1276 .name
= CFSTR("genp91"),
1313 const SecDbClass v9_1_inet_class
= {
1314 .name
= CFSTR("inet91"),
1355 const SecDbClass v9_1_cert_class
= {
1356 .name
= CFSTR("cert91"),
1388 const SecDbClass v9_1_keys_class
= {
1389 .name
= CFSTR("keys91"),
1440 * Version 9.1 (iOS 10.0 and OSX 10.11.8/10.12 addded minor version.
1442 const SecDbSchema v9_1_schema
= {
1450 &v9_1_tversion_class
,
1455 const SecDbClass v9genp_class
= {
1456 .name
= CFSTR("genp9"),
1493 const SecDbClass v9inet_class
= {
1494 .name
= CFSTR("inet9"),
1535 const SecDbClass v9cert_class
= {
1536 .name
= CFSTR("cert9"),
1568 const SecDbClass v9keys_class
= {
1569 .name
= CFSTR("keys9"),
1619 const SecDbClass v5tversion_class
= {
1620 .name
= CFSTR("tversion5"),
1628 /* Version 9 (iOS 9.3 and OSX 10.11.5) database schema
1629 * Same contents as v8 tables; table names changed to force upgrade
1630 * and correct default values in table.
1632 const SecDbSchema v9_schema
= {
1644 // Version 8 (Internal release iOS 9.3 and OSX 10.11.5) database schema
1645 const SecDbClass v8genp_class
= {
1646 .name
= CFSTR("genp8"),
1683 const SecDbClass v8inet_class
= {
1684 .name
= CFSTR("inet8"),
1725 const SecDbClass v8cert_class
= {
1726 .name
= CFSTR("cert8"),
1758 const SecDbClass v8keys_class
= {
1759 .name
= CFSTR("keys8"),
1809 const SecDbSchema v8_schema
= {
1821 // Version 7 (iOS 9 and OSX 10.11) database schema
1822 const SecDbClass v7genp_class
= {
1823 .name
= CFSTR("genp7"),
1859 const SecDbClass v7inet_class
= {
1860 .name
= CFSTR("inet7"),
1900 const SecDbClass v7cert_class
= {
1901 .name
= CFSTR("cert7"),
1932 const SecDbClass v7keys_class
= {
1933 .name
= CFSTR("keys7"),
1983 const SecDbSchema v7_schema
= {
1996 // Version 6 (iOS 7 and OSX 10.9) database schema
1997 static const SecDbClass v6genp_class
= {
1998 .name
= CFSTR("genp6"),
2031 static const SecDbClass v6inet_class
= {
2032 .name
= CFSTR("inet6"),
2069 static const SecDbClass v6cert_class
= {
2070 .name
= CFSTR("cert6"),
2098 static const SecDbClass v6keys_class
= {
2099 .name
= CFSTR("keys6"),
2145 static const SecDbSchema v6_schema
= {
2158 // Version 5 (iOS 5 & iOS 6) database schema.
2159 static const SecDbClass v5genp_class
= {
2160 .name
= CFSTR("genp5"),
2188 static const SecDbClass v5inet_class
= {
2189 .name
= CFSTR("inet5"),
2221 static const SecDbClass v5cert_class
= {
2222 .name
= CFSTR("cert5"),
2245 static const SecDbClass v5keys_class
= {
2246 .name
= CFSTR("keys5"),
2287 static const SecDbSchema v5_schema
= {
2299 SecDbSchema
const * const * kc_schemas
= NULL
;
2301 const SecDbSchema
*v10_kc_schemas
[] = {
2317 const SecDbSchema
* const * all_schemas() {
2318 return v10_kc_schemas
;
2321 const SecDbSchema
* current_schema() {
2322 // For now, the current schema is the first in the list.
2323 return all_schemas()[0];
2326 // class accessors for current schema.
2327 static const SecDbClass
* find_class(const SecDbSchema
* schema
, CFStringRef class_name
) {
2328 for (const SecDbClass
* const *pclass
= schema
->classes
; *pclass
; ++pclass
) {
2329 if( CFEqualSafe((*pclass
)->name
, class_name
) ) {
2336 const SecDbClass
* genp_class() {
2337 static const SecDbClass
* genp
= NULL
;
2338 static dispatch_once_t onceToken
;
2339 dispatch_once(&onceToken
, ^{
2340 genp
= find_class(current_schema(), CFSTR("genp"));
2344 const SecDbClass
* inet_class() {
2345 static const SecDbClass
* inet
= NULL
;
2346 static dispatch_once_t onceToken
;
2347 dispatch_once(&onceToken
, ^{
2348 inet
= find_class(current_schema(), CFSTR("inet"));
2352 const SecDbClass
* cert_class() {
2353 static const SecDbClass
* cert
= NULL
;
2354 static dispatch_once_t onceToken
;
2355 dispatch_once(&onceToken
, ^{
2356 cert
= find_class(current_schema(), CFSTR("cert"));
2360 const SecDbClass
* keys_class() {
2361 static const SecDbClass
* keys
= NULL
;
2362 static dispatch_once_t onceToken
;
2363 dispatch_once(&onceToken
, ^{
2364 keys
= find_class(current_schema(), CFSTR("keys"));
2369 // Not really a class per-se
2370 const SecDbClass
* identity_class() {
2371 return &v_identity_class
;
2374 // Class with 1 element in it which is the database version->
2375 const SecDbClass
* tversion_class() {
2376 static const SecDbClass
* tversion
= NULL
;
2377 static dispatch_once_t onceToken
;
2378 dispatch_once(&onceToken
, ^{
2379 tversion
= find_class(current_schema(), CFSTR("tversion"));