]> git.saurik.com Git - apple/security.git/blob - OSX/sec/securityd/SecItemSchema.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-58286.200.222.tar.gz
[apple/security.git] / OSX / sec / securityd / SecItemSchema.c
1 /*
2 * Copyright (c) 2006-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * SecItemSchema.c - CoreFoundation-based constants and functions for
26 access to Security items (certificates, keys, identities, and
27 passwords.)
28 */
29
30 #include "SecItemSchema.h"
31 #include <securityd/SecDbKeychainItem.h>
32 #include <keychain/ckks/CKKS.h>
33
34 // MARK -
35 // MARK Keychain version 6 schema
36
37 #define __FLAGS(ARG, ...) SECDBFLAGS(__VA_ARGS__)
38 #define SECDBFLAGS(ARG, ...) __FLAGS_##ARG | __FLAGS(__VA_ARGS__)
39
40 #define SecDbFlags(P,L,I,S,A,D,R,C,H,B,Z,E,N,U,V,Y) (__FLAGS_##P|__FLAGS_##L|__FLAGS_##I|__FLAGS_##S|__FLAGS_##A|__FLAGS_##D|__FLAGS_##R|__FLAGS_##C|__FLAGS_##H|__FLAGS_##B|__FLAGS_##Z|__FLAGS_##E|__FLAGS_##N|__FLAGS_##U|__FLAGS_##V|__FLAGS_##Y)
41
42 #define __FLAGS_ 0
43 #define __FLAGS_P kSecDbPrimaryKeyFlag
44 #define __FLAGS_L kSecDbInFlag
45 #define __FLAGS_I kSecDbIndexFlag
46 #define __FLAGS_S kSecDbSHA1ValueInFlag
47 #define __FLAGS_A kSecDbReturnAttrFlag
48 #define __FLAGS_D kSecDbReturnDataFlag
49 #define __FLAGS_R kSecDbReturnRefFlag
50 #define __FLAGS_C kSecDbInCryptoDataFlag
51 #define __FLAGS_H kSecDbInHashFlag
52 #define __FLAGS_B kSecDbInBackupFlag
53 #define __FLAGS_Z kSecDbDefault0Flag
54 #define __FLAGS_E kSecDbDefaultEmptyFlag
55 #define __FLAGS_N kSecDbNotNullFlag
56 #define __FLAGS_U kSecDbInAuthenticatedDataFlag
57 #define __FLAGS_V0 kSecDbSyncPrimaryKeyV0
58 #define __FLAGS_V2 (kSecDbSyncPrimaryKeyV0 | kSecDbSyncPrimaryKeyV2)
59 #define __FLAGS_Y kSecDbSyncFlag
60
61 // ,----------------- P : Part of primary key
62 // / ,---------------- L : Stored in local database
63 // / / ,--------------- I : Attribute wants an index in the database
64 // / / / ,-------------- S : SHA1 hashed attribute value in database (implies L)
65 // / / / / ,------------- A : Returned to client as attribute in queries
66 // / / / / / ,------------ D : Returned to client as data in queries
67 // / / / / / / ,----------- R : Returned to client as ref/persistent ref in queries
68 // / / / / / / / ,---------- C : Part of encrypted blob
69 // / / / / / / / / ,--------- H : Attribute is part of item SHA1 hash (Implied by C)
70 // / / / / / / / / / ,-------- B : Attribute is part of iTunes/iCloud backup bag
71 // / / / / / / / / / / ,------- Z : Attribute has a default value of 0
72 // / / / / / / / / / / / ,------ E : Attribute has a default value of "" or empty data
73 // / / / / / / / / / / / / ,----- N : Attribute must have a value
74 // / / / / / / / / / / / / / ,---- U : Attribute is stored in authenticated, but not necessarily encrypted data
75 // / / / / / / / / / / / / / / ,--- V0: Sync primary key version
76 // / / / / / / / / / / / / / / / ,- Y : Attribute should be synced
77 // | | | | | | | | | | | | | | | |
78 // common to all | | | | | | | | | | | | | | | |
79 SECDB_ATTR(v6rowid, "rowid", RowId, SecDbFlags( ,L, , , , ,R, , ,B, , , , , , ), NULL, NULL);
80 SECDB_ATTR(v6cdat, "cdat", CreationDate, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), SecDbKeychainItemCopyCurrentDate, NULL);
81 SECDB_ATTR(v6mdat, "mdat",ModificationDate,SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), SecDbKeychainItemCopyCurrentDate, NULL);
82 SECDB_ATTR(v6labl, "labl", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , , ,Y), NULL, NULL);
83 SECDB_ATTR(v6data, "data", EncryptedData, SecDbFlags( ,L, , , , , , , ,B, , , , , , ), SecDbKeychainItemCopyEncryptedData, NULL);
84 SECDB_ATTR(v6agrp, "agrp", String, SecDbFlags(P,L,I, ,A, , , ,H, , , ,N,U,V0,Y), NULL, NULL);
85 SECDB_ATTR(v6pdmn, "pdmn", Access, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
86 SECDB_ATTR(v6sync, "sync", Sync, SecDbFlags(P,L,I, ,A, , , ,H, ,Z, ,N,U,V0, ), NULL, NULL);
87 SECDB_ATTR(v6tomb, "tomb", Tomb, SecDbFlags( ,L, , , , , , ,H, ,Z, ,N,U, ,Y), NULL, NULL);
88 SECDB_ATTR(v6sha1, "sha1", SHA1, SecDbFlags( ,L,I, ,A, ,R, , , , , , , , ,Y), SecDbKeychainItemCopySHA1, NULL);
89 SECDB_ATTR(v6accc, "accc", AccessControl, SecDbFlags( , , , ,A, , , , , , , , , , , ), NULL, NULL);
90 SECDB_ATTR(v6v_Data, "v_Data", Data, SecDbFlags( , , , , ,D, ,C,H, , , , , , ,Y), NULL, NULL);
91 SECDB_ATTR(v6v_pk, "v_pk", PrimaryKey, SecDbFlags( , , , , , , , , , , , , , , , ), SecDbKeychainItemCopyPrimaryKey, NULL);
92 SECDB_ATTR(v7vwht, "vwht", String, SecDbFlags(P,L,I, ,A, , , ,H, , , , ,U,V2,Y), NULL, NULL);
93 SECDB_ATTR(v7tkid, "tkid", String, SecDbFlags(P,L,I, ,A, , , ,H, , , , ,U,V2,Y), NULL, NULL);
94 SECDB_ATTR(v7utomb, "u_Tomb", UTomb, SecDbFlags( , , , , , , , , , , , , , , , ), NULL, NULL);
95 SECDB_ATTR(v8musr, "musr", UUID, SecDbFlags(P,L,I, , , , , , , , , ,N,U, ,Y), NULL, NULL);
96 // genp and inet and keys | | | | | | | | | | | | | | | |
97 SECDB_ATTR(v6crtr, "crtr", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
98 SECDB_ATTR(v6alis, "alis", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , , ,Y), NULL, NULL);
99 // genp and inet | | | | | | | | | | | | | | | |
100 SECDB_ATTR(v6desc, "desc", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , , ,Y), NULL, NULL);
101 SECDB_ATTR(v6icmt, "icmt", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , , ,Y), NULL, NULL);
102 SECDB_ATTR(v6type, "type", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
103 SECDB_ATTR(v6invi, "invi", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
104 SECDB_ATTR(v6nega, "nega", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
105 SECDB_ATTR(v6cusi, "cusi", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
106 SECDB_ATTR(v6prot, "prot", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , , ,Y), NULL, NULL);
107 SECDB_ATTR(v6scrp, "scrp", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
108 SECDB_ATTR(v6acct, "acct", Blob, SecDbFlags(P,L,I,S,A, , ,C,H, , ,E,N, ,V0,Y), NULL, NULL);
109 // genp only | | | | | | | | | | | | | | | |
110 SECDB_ATTR(v6svce, "svce", Blob, SecDbFlags(P,L,I,S,A, , ,C,H, , ,E,N, ,V0,Y), NULL, NULL);
111 SECDB_ATTR(v6gena, "gena", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , , ,Y), NULL, NULL);
112 // inet only | | | | | | | | | | | | | | | |
113 SECDB_ATTR(v6sdmn, "sdmn", Blob, SecDbFlags(P,L,I,S,A, , ,C,H, , ,E,N, ,V0,Y), NULL, NULL);
114 SECDB_ATTR(v6srvr, "srvr", Blob, SecDbFlags(P,L,I,S,A, , ,C,H, , ,E,N, ,V0,Y), NULL, NULL);
115 SECDB_ATTR(v6ptcl, "ptcl", Number, SecDbFlags(P,L,I, ,A, , ,C,H, ,Z, ,N, ,V0,Y), NULL, NULL);
116 SECDB_ATTR(v6atyp, "atyp", Blob, SecDbFlags(P,L,I,S,A, , ,C,H, , ,E,N, ,V0,Y), NULL, NULL);
117 SECDB_ATTR(v6port, "port", Number, SecDbFlags(P,L,I, ,A, , ,C,H, ,Z, ,N, ,V0,Y), NULL, NULL);
118 SECDB_ATTR(v6path, "path", Blob, SecDbFlags(P,L,I,S,A, , ,C,H, , ,E,N, ,V0,Y), NULL, NULL);
119 // cert only | | | | | | | | | | | | | | | |
120 SECDB_ATTR(v6ctyp, "ctyp", Number, SecDbFlags(P,L,I, ,A, , ,C,H, ,Z, ,N, ,V0,Y), NULL, NULL);
121 SECDB_ATTR(v6cenc, "cenc", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
122 SECDB_ATTR(v6subj, "subj", Data, SecDbFlags( ,L,I,S,A, , ,C,H, , , , , , ,Y), NULL, NULL);
123 SECDB_ATTR(v6issr, "issr", Data, SecDbFlags(P,L,I,S,A, , ,C,H, , ,E,N, ,V0,Y), NULL, NULL);
124 SECDB_ATTR(v6slnr, "slnr", Data, SecDbFlags(P,L,I,S,A, , ,C,H, , ,E,N, ,V0,Y), NULL, NULL);
125 SECDB_ATTR(v6skid, "skid", Data, SecDbFlags( ,L,I,S,A, , ,C,H, , , , , , ,Y), NULL, NULL);
126 SECDB_ATTR(v6pkhh, "pkhh", Data, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
127 // cert attributes that share names with common ones but have different flags
128 SECDB_ATTR(v6certalis, "alis", Blob, SecDbFlags( ,L,I,S,A, , ,C,H, , , , , , ,Y), NULL, NULL);
129 // keys only | | | | | | | | | | | | | | | |
130 SECDB_ATTR(v6kcls, "kcls", Number, SecDbFlags(P,L,I,S,A, , ,C,H, ,Z, ,N, ,V0,Y), NULL, NULL);
131 SECDB_ATTR(v6perm, "perm", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
132 SECDB_ATTR(v6priv, "priv", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
133 SECDB_ATTR(v6modi, "modi", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
134 SECDB_ATTR(v6klbl, "klbl", Data, SecDbFlags(P,L,I, ,A, , ,C,H, , ,E,N, ,V0,Y), NULL, NULL);
135 SECDB_ATTR(v6atag, "atag", Blob, SecDbFlags(P,L,I,S,A, , ,C,H, , ,E,N, ,V0,Y), NULL, NULL);
136 SECDB_ATTR(v6bsiz, "bsiz", Number, SecDbFlags(P,L,I, ,A, , ,C,H, ,Z, ,N, ,V0,Y), NULL, NULL);
137 SECDB_ATTR(v6esiz, "esiz", Number, SecDbFlags(P,L,I, ,A, , ,C,H, ,Z, ,N, ,V0,Y), NULL, NULL);
138 SECDB_ATTR(v6sdat, "sdat", Date, SecDbFlags(P,L,I, ,A, , ,C,H, ,Z, ,N, ,V0,Y), NULL, NULL);
139 SECDB_ATTR(v6edat, "edat", Date, SecDbFlags(P,L,I, ,A, , ,C,H, ,Z, ,N, ,V0,Y), NULL, NULL);
140 SECDB_ATTR(v6sens, "sens", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
141 SECDB_ATTR(v6asen, "asen", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
142 SECDB_ATTR(v6extr, "extr", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
143 SECDB_ATTR(v6next, "next", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
144 SECDB_ATTR(v6encr, "encr", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
145 SECDB_ATTR(v6decr, "decr", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
146 SECDB_ATTR(v6drve, "drve", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
147 SECDB_ATTR(v6sign, "sign", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
148 SECDB_ATTR(v6vrfy, "vrfy", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
149 SECDB_ATTR(v6snrc, "snrc", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
150 SECDB_ATTR(v6vyrc, "vyrc", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
151 SECDB_ATTR(v6wrap, "wrap", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
152 SECDB_ATTR(v6unwp, "unwp", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
153 // keys attributes that share names with common ones but have different flags
154 SECDB_ATTR(v6keytype, "type", Number, SecDbFlags(P,L,I, ,A, , ,C,H, ,Z, ,N, ,V0,Y), NULL, NULL);
155 SECDB_ATTR(v6keycrtr, "crtr", Number, SecDbFlags(P,L,I, ,A, , ,C,H, ,Z, ,N, ,V0,Y), NULL, NULL);
156 // | | | | | | | | | | | | | | |
157 SECDB_ATTR(v6version, "version", Number, SecDbFlags(P,L,I, , , , , , , , , ,N, , ,Y), NULL, NULL);
158 SECDB_ATTR(v91minor, "minor", Number, SecDbFlags( ,L, , , , , , , , ,Z, ,N, , ,Y), NULL, NULL);
159
160 SECDB_ATTR(v10_1pcsservice, "pcss", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
161 SECDB_ATTR(v10_1pcspublickey, "pcsk", Blob, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
162 SECDB_ATTR(v10_1pcspublicidentity,"pcsi", Blob, SecDbFlags( ,L, , ,A, , ,C,H, , , , , , ,Y), NULL, NULL);
163
164 SECDB_ATTR(v10itemuuid, "UUID", String, SecDbFlags( ,L,I, , , , , , , , , , ,U, , ), NULL, NULL);
165 SECDB_ATTR(v10syncuuid, "UUID", String, SecDbFlags(P,L,I, , , , , , , , , , ,U, , ), NULL, NULL);
166 SECDB_ATTR(v10parentKeyUUID, "parentKeyUUID", String, SecDbFlags( ,L,I, , , , , , , , , ,N, , , ), NULL, NULL);
167 SECDB_ATTR(v10currentKeyUUID,"currentKeyUUID",String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
168 SECDB_ATTR(v10wrappedkey, "wrappedkey", Blob, SecDbFlags( ,L, , , , , , , , , , ,N, , , ), NULL, NULL);
169 SECDB_ATTR(v10encrypteditem, "encitem", Blob, SecDbFlags( ,L, , , , , , , , , , ,N, , , ), NULL, NULL);
170 SECDB_ATTR(v10gencount, "gencount", Number, SecDbFlags( ,L, , , , , , , , ,Z, ,N, , , ), NULL, NULL);
171 SECDB_ATTR(v10action, "action", String, SecDbFlags( ,L,I, , , , , , , , , ,N, , , ), NULL, NULL);
172 SECDB_ATTR(v10state, "state", String, SecDbFlags(P,L,I, , , , , , , , , ,N, , , ), NULL, NULL);
173 SECDB_ATTR(v10waituntiltime, "waituntil", String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
174 SECDB_ATTR(v10encodedCKRecord, "ckrecord", Blob, SecDbFlags( ,L, , , , , , , , , , ,N, , , ), NULL, NULL);
175 SECDB_ATTR(v10_1wasCurrent, "wascurrent", Number, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
176 SECDB_ATTR(v10accessgroup, "accessgroup", String, SecDbFlags( ,L,I, , , , , , , , , ,N, , , ), NULL, NULL);
177 SECDB_ATTR(v10keyclass, "keyclass", String, SecDbFlags(P,L,I, , , , , , , , , ,N, , , ), NULL, NULL);
178 SECDB_ATTR(v10currentkey, "currentkey", Number, SecDbFlags( ,L, , , , , , , , , , ,N, , , ), NULL, NULL);
179 SECDB_ATTR(v10ckzone, "ckzone", String, SecDbFlags(P,L,I, , , , , , , , , ,N,U, , ), NULL, NULL);
180 SECDB_ATTR(v10ckzonecreated, "ckzonecreated", Number, SecDbFlags( ,L, , , , , , , , ,Z, , ,N, , ), NULL, NULL);
181 SECDB_ATTR(v10ckzonesubscribed,"ckzonesubscribed", Number, SecDbFlags( ,L, , , , , , , , ,Z, ,N, , , ), NULL, NULL);
182 SECDB_ATTR(v10ratelimiter, "ratelimiter", Blob, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
183 SECDB_ATTR(v10changetoken, "changetoken", String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
184 SECDB_ATTR(v10lastfetchtime, "lastfetch", String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
185 SECDB_ATTR(v10itempersistentref,"persistref", UUID, SecDbFlags( ,L, , , , , , , , , , ,N, , , ), NULL, NULL);
186 SECDB_ATTR(v10sysbound, "sysb", Number, SecDbFlags( ,L, , ,A, , ,C,H, ,Z, , , , , ), NULL, NULL);
187 SECDB_ATTR(v10encryptionver, "encver", Number, SecDbFlags( ,L, , , , , , , , ,Z, ,N,U, , ), NULL, NULL);
188
189 SECDB_ATTR(v10primaryKey, "primaryKey", String, SecDbFlags(P,L,I, ,A, , , , , , , ,N,U, , ), NULL, NULL);
190 SECDB_ATTR(v10publickeyHash, "publickeyHash", Blob, SecDbFlags(P,L,I, , , , , , , , , ,N,U, , ), NULL, NULL);
191 SECDB_ATTR(v10publickey, "publickey", Blob, SecDbFlags( ,L, , , , , , , , , , ,N, , , ), NULL, NULL);
192 SECDB_ATTR(v10backupData, "backupData", Blob, SecDbFlags( ,L, , , , , , , , , , ,N, , , ), NULL, NULL);
193
194 SECDB_ATTR(v10_1digest, "digest", Blob, SecDbFlags( ,L, , , , , , , , , , ,N,U, , ), NULL, NULL);
195 SECDB_ATTR(v10_1signatures, "signatures", Blob, SecDbFlags( ,L, , , , , , , , , , ,N,U, , ), NULL, NULL);
196 SECDB_ATTR(v10_1signerID, "signerID", String, SecDbFlags( ,L, , , , , , , , , , ,N,U, , ), NULL, NULL);
197 SECDB_ATTR(v10_1leafIDs, "leafIDs", Blob, SecDbFlags( ,L, , , , , , , , , , ,N,U, , ), NULL, NULL);
198 SECDB_ATTR(v10_1peerManIDs, "peerManifests", Blob, SecDbFlags( ,L, , , , , , , , , , ,N,U, , ), NULL, NULL);
199 SECDB_ATTR(v10_1entryDigests,"entryDigests", Blob, SecDbFlags( ,L, , , , , , , , , , ,N,U, , ), NULL, NULL);
200 SECDB_ATTR(v10_2currentItems,"currentItems", Blob, SecDbFlags( ,L, , , , , , , , , , ,N,U, , ), NULL, NULL);
201 SECDB_ATTR(v10_2futureData, "futureData", Blob, SecDbFlags( ,L, , , , , , , , , , ,N, , , ), NULL, NULL);
202 SECDB_ATTR(v10_2schema, "schema", Blob, SecDbFlags( ,L, , , , , , , , , , ,N,U, , ), NULL, NULL);
203 SECDB_ATTR(v10_1encRecord, "ckrecord", Blob, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
204
205 SECDB_ATTR(v10_1keyArchiveHash, "key_archive_hash", String, SecDbFlags(P,L,I, , , , , , , , , ,N, , , ), NULL, NULL);
206 SECDB_ATTR(v10_1keyArchive, "key_archive", String, SecDbFlags(P,L,I, , , , , , , , , ,N, , , ), NULL, NULL);
207 SECDB_ATTR(v10_1archivedKey, "archived_key", String, SecDbFlags( ,L, , , , , , , , , , ,N, , , ), NULL, NULL);
208 SECDB_ATTR(v10_1keyArchiveName, "keyarchive_name", String, SecDbFlags( ,L, , , , , , , , , , ,N, , , ), NULL, NULL);
209 SECDB_ATTR(v10_1optionalEncodedCKRecord, "ckrecord", String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
210 SECDB_ATTR(v10_1archiveEscrowID,"archive_escrowid", String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
211
212 SECDB_ATTR(v10_1itempersistentref,"persistref", UUID, SecDbFlags( ,L,I, , , , , , , , , ,N,U, , ), NULL, NULL);
213
214 SECDB_ATTR(v10_1currentItemUUID,"currentItemUUID",String, SecDbFlags(P,L,I, , , , , , , , , , , , , ), NULL, NULL);
215 SECDB_ATTR(v10_4currentItemUUID,"currentItemUUID",String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
216 SECDB_ATTR(v10_1currentPtrIdentifier,"identifier",String, SecDbFlags(P,L,I, , , , , , , , , , , , , ), NULL, NULL);
217
218 SECDB_ATTR(v10_2device, "device", String, SecDbFlags(P,L,I, , , , , , , , , , , , , ), NULL, NULL);
219 SECDB_ATTR(v10_2peerid, "peerid", String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
220 SECDB_ATTR(v10_2circleStatus,"circlestatus", String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
221 SECDB_ATTR(v10_2keyState, "keystate", String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
222 SECDB_ATTR(v10_2currentTLK, "currentTLK", String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
223 SECDB_ATTR(v10_2currentClassA,"currentClassA",String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
224 SECDB_ATTR(v10_2currentClassC,"currentClassC",String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
225
226 SECDB_ATTR(v10_4lastFixup, "lastfixup", Number, SecDbFlags( ,L, , , , , , , , ,Z, , ,N, , ), NULL, NULL);
227
228 SECDB_ATTR(v10_5senderPeerID,"senderpeerid", String, SecDbFlags(P,L,I, , , , , , , , , , , , , ), NULL, NULL);
229 SECDB_ATTR(v10_5recvPeerID, "recvpeerid", String, SecDbFlags(P,L,I, , , , , , , , , , , , , ), NULL, NULL);
230 SECDB_ATTR(v10_5recvPubKey, "recvpubenckey", Blob, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
231 SECDB_ATTR(v10_5curve, "curve", Number, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
232 SECDB_ATTR(v10_5poisoned, "poisoned", Number, SecDbFlags( ,L, , , , , , , , ,Z, ,N, , , ), NULL, NULL);
233 SECDB_ATTR(v10_5epoch, "epoch", Number, SecDbFlags( ,L, , , , , , , , ,Z, ,N, , , ), NULL, NULL);
234 SECDB_ATTR(v10_5signature, "signature", Blob, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
235 SECDB_ATTR(v10_5version, "version", Number, SecDbFlags( ,L, , , , , , , , ,Z, ,N,U, , ), NULL, NULL);
236
237 SECDB_ATTR(v11_1osversion, "osversion", String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
238 SECDB_ATTR(v11_1lastunlock, "lastunlock", String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
239
240 SECDB_ATTR(v11_2actualKeyclass, "actualKeyclass", String, SecDbFlags( ,L, , , , , , , , , , , , , , ), NULL, NULL);
241
242 const SecDbClass v11_2_metadatakeys_class = {
243 .name = CFSTR("metadatakeys"),
244 .itemclass = false,
245 .attrs = {
246 &v10keyclass,
247 &v11_2actualKeyclass,
248 &v6data,
249 0
250 }
251 };
252
253 const SecDbClass v11_1_ckdevicestate_class = {
254 .name = CFSTR("ckdevicestate"),
255 .itemclass = false,
256 .attrs = {
257 &v10ckzone,
258 &v10_2device,
259 &v11_1osversion,
260 &v11_1lastunlock,
261 &v10_2peerid,
262 &v10_2circleStatus,
263 &v10_2keyState,
264 &v10_2currentTLK,
265 &v10_2currentClassA,
266 &v10_2currentClassC,
267 &v10_1encRecord,
268 0
269 }
270 };
271
272 const SecDbClass v11_metadatakeys_class = {
273 .name = CFSTR("metadatakeys"),
274 .itemclass = false,
275 .attrs = {
276 &v10keyclass,
277 &v6data,
278 0
279 }
280 };
281
282 const SecDbClass v10_5_tlkshare_class = {
283 .name = CFSTR("tlkshare"),
284 .itemclass = false,
285 .attrs = {
286 &v10ckzone,
287 &v10syncuuid,
288 &v10_5senderPeerID,
289 &v10_5recvPeerID,
290 &v10_5recvPubKey,
291 &v10_5curve,
292 &v10_5poisoned,
293 &v10_5epoch,
294 &v10wrappedkey,
295 &v10_5signature,
296 &v10_1encRecord,
297 &v10_5version,
298 0
299 }
300 };
301
302
303 const SecDbClass v10_4_current_item_class = {
304 .name = CFSTR("currentitems"),
305 .itemclass = false,
306 .attrs = {
307 &v10ckzone,
308 &v10_1currentPtrIdentifier,
309 &v10_4currentItemUUID,
310 &v10state,
311 &v10encodedCKRecord,
312 0
313 }
314 };
315
316 const SecDbClass v10_4_ckstate_class = {
317 .name = CFSTR("ckstate"),
318 .itemclass = false,
319 .attrs = {
320 &v10ckzone,
321 &v10ckzonecreated,
322 &v10ckzonesubscribed,
323 &v10lastfetchtime,
324 &v10changetoken,
325 &v10ratelimiter,
326 &v10_4lastFixup,
327 0
328 }
329 };
330
331 const SecDbClass v10_3_ckdevicestate_class = {
332 .name = CFSTR("ckdevicestate"),
333 .itemclass = false,
334 .attrs = {
335 &v10ckzone,
336 &v10_2device,
337 &v10_2peerid,
338 &v10_2circleStatus,
339 &v10_2keyState,
340 &v10_2currentTLK,
341 &v10_2currentClassA,
342 &v10_2currentClassC,
343 &v10_1encRecord,
344 0
345 }
346 };
347
348 const SecDbClass v10_2_ckmanifest_class = {
349 .name = CFSTR("ckmanifest"),
350 .itemclass = false,
351 .attrs = {
352 &v10ckzone,
353 &v10gencount,
354 &v10_1digest,
355 &v10_1signatures,
356 &v10_1signerID,
357 &v10_1leafIDs,
358 &v10_1peerManIDs,
359 &v10_2currentItems,
360 &v10_2futureData,
361 &v10_2schema,
362 &v10_1encRecord,
363 0
364 }
365 };
366
367 const SecDbClass v10_2_pending_manifest_class = {
368 .name = CFSTR("pending_manifest"),
369 .itemclass = false,
370 .attrs = {
371 &v10ckzone,
372 &v10gencount,
373 &v10_1digest,
374 &v10_1signatures,
375 &v10_1signerID,
376 &v10_1leafIDs,
377 &v10_1peerManIDs,
378 &v10_2currentItems,
379 &v10_2futureData,
380 &v10_2schema,
381 &v10_1encRecord,
382 0
383 }
384 };
385
386 const SecDbClass v10_1_ckmanifest_class = {
387 .name = CFSTR("ckmanifest"),
388 .itemclass = false,
389 .attrs = {
390 &v10ckzone,
391 &v10gencount,
392 &v10_1digest,
393 &v10_1signatures,
394 &v10_1signerID,
395 &v10_1leafIDs,
396 &v10_1peerManIDs,
397 &v10_1encRecord,
398 0
399 }
400 };
401
402 const SecDbClass v10_1_pending_manifest_class = {
403 .name = CFSTR("pending_manifest"),
404 .itemclass = false,
405 .attrs = {
406 &v10ckzone,
407 &v10gencount,
408 &v10_1digest,
409 &v10_1signatures,
410 &v10_1signerID,
411 &v10_1leafIDs,
412 &v10_1peerManIDs,
413 &v10_1encRecord,
414 0
415 }
416 };
417
418 const SecDbClass v10_1_ckmanifest_leaf_class = {
419 .name = CFSTR("ckmanifest_leaf"),
420 .itemclass = false,
421 .attrs = {
422 &v10ckzone,
423 &v10syncuuid,
424 &v10_1digest,
425 &v10_1entryDigests,
426 &v10_1encRecord,
427 0
428 }
429 };
430
431 const SecDbClass v10_1_pending_manifest_leaf_class = {
432 .name = CFSTR("pending_manifest_leaf"),
433 .itemclass = false,
434 .attrs = {
435 &v10ckzone,
436 &v10syncuuid,
437 &v10_1digest,
438 &v10_1entryDigests,
439 &v10_1encRecord,
440 0
441 }
442 };
443
444 const SecDbClass v10_1_genp_class = {
445 .name = CFSTR("genp"),
446 .itemclass = true,
447 .attrs = {
448 &v6rowid,
449 &v6cdat,
450 &v6mdat,
451 &v6desc,
452 &v6icmt,
453 &v6crtr,
454 &v6type,
455 &v6scrp,
456 &v6labl,
457 &v6alis,
458 &v6invi,
459 &v6nega,
460 &v6cusi,
461 &v6prot,
462 &v6acct,
463 &v6svce,
464 &v6gena,
465 &v6data,
466 &v6agrp,
467 &v6pdmn,
468 &v6sync,
469 &v6tomb,
470 &v6sha1,
471 &v7vwht,
472 &v7tkid,
473 &v6v_Data,
474 &v6v_pk,
475 &v6accc,
476 &v7utomb,
477 &v8musr,
478 &v10itemuuid,
479 &v10sysbound,
480 &v10_1pcsservice,
481 &v10_1pcspublickey,
482 &v10_1pcspublicidentity,
483 &v10_1itempersistentref,
484 0
485 },
486 };
487
488 const SecDbClass v10_1_inet_class = {
489 .name = CFSTR("inet"),
490 .itemclass = true,
491 .attrs = {
492 &v6rowid,
493 &v6cdat,
494 &v6mdat,
495 &v6desc,
496 &v6icmt,
497 &v6crtr,
498 &v6type,
499 &v6scrp,
500 &v6labl,
501 &v6alis,
502 &v6invi,
503 &v6nega,
504 &v6cusi,
505 &v6prot,
506 &v6acct,
507 &v6sdmn,
508 &v6srvr,
509 &v6ptcl,
510 &v6atyp,
511 &v6port,
512 &v6path,
513 &v6data,
514 &v6agrp,
515 &v6pdmn,
516 &v6sync,
517 &v6tomb,
518 &v6sha1,
519 &v7vwht,
520 &v7tkid,
521 &v6v_Data,
522 &v6v_pk,
523 &v6accc,
524 &v7utomb,
525 &v8musr,
526 &v10itemuuid,
527 &v10sysbound,
528 &v10_1pcsservice,
529 &v10_1pcspublickey,
530 &v10_1pcspublicidentity,
531 &v10_1itempersistentref,
532 0
533 },
534 };
535
536 const SecDbClass v10_1_cert_class = {
537 .name = CFSTR("cert"),
538 .itemclass = true,
539 .attrs = {
540 &v6rowid,
541 &v6cdat,
542 &v6mdat,
543 &v6ctyp,
544 &v6cenc,
545 &v6labl,
546 &v6certalis,
547 &v6subj,
548 &v6issr,
549 &v6slnr,
550 &v6skid,
551 &v6pkhh,
552 &v6data,
553 &v6agrp,
554 &v6pdmn,
555 &v6sync,
556 &v6tomb,
557 &v6sha1,
558 &v7vwht,
559 &v7tkid,
560 &v6v_Data,
561 &v6v_pk,
562 &v6accc,
563 &v7utomb,
564 &v8musr,
565 &v10itemuuid,
566 &v10sysbound,
567 &v10_1pcsservice,
568 &v10_1pcspublickey,
569 &v10_1pcspublicidentity,
570 &v10_1itempersistentref,
571 0
572 },
573 };
574
575 const SecDbClass v10_1_keys_class = {
576 .name = CFSTR("keys"),
577 .itemclass = true,
578 .attrs = {
579 &v6rowid,
580 &v6cdat,
581 &v6mdat,
582 &v6kcls,
583 &v6labl,
584 &v6alis,
585 &v6perm,
586 &v6priv,
587 &v6modi,
588 &v6klbl,
589 &v6atag,
590 &v6keycrtr,
591 &v6keytype,
592 &v6bsiz,
593 &v6esiz,
594 &v6sdat,
595 &v6edat,
596 &v6sens,
597 &v6asen,
598 &v6extr,
599 &v6next,
600 &v6encr,
601 &v6decr,
602 &v6drve,
603 &v6sign,
604 &v6vrfy,
605 &v6snrc,
606 &v6vyrc,
607 &v6wrap,
608 &v6unwp,
609 &v6data,
610 &v6agrp,
611 &v6pdmn,
612 &v6sync,
613 &v6tomb,
614 &v6sha1,
615 &v7vwht,
616 &v7tkid,
617 &v6v_Data,
618 &v6v_pk,
619 &v6accc,
620 &v7utomb,
621 &v8musr,
622 &v10itemuuid,
623 &v10sysbound,
624 &v10_1pcsservice,
625 &v10_1pcspublickey,
626 &v10_1pcspublicidentity,
627 &v10_1itempersistentref,
628 0
629 }
630 };
631
632 const SecDbClass v10_0_tversion_class = {
633 .name = CFSTR("tversion"),
634 .itemclass = false,
635 .attrs = {
636 &v6rowid,
637 &v6version,
638 &v91minor,
639 0
640 }
641 };
642
643 const SecDbClass v10_2_outgoing_queue_class = {
644 .name = CFSTR("outgoingqueue"),
645 .itemclass = false,
646 .attrs = {
647 &v10ckzone,
648 &v10syncuuid,
649 &v10parentKeyUUID,
650 &v10action,
651 &v10state,
652 &v10waituntiltime,
653 &v10accessgroup,
654 &v10gencount,
655 &v10wrappedkey,
656 &v10encrypteditem,
657 &v10encryptionver,
658 &v10_1optionalEncodedCKRecord,
659 &v10_1pcsservice,
660 &v10_1pcspublickey,
661 &v10_1pcspublicidentity,
662 0
663 }
664 };
665
666 const SecDbClass v10_2_incoming_queue_class = {
667 .name = CFSTR("incomingqueue"),
668 .itemclass = false,
669 .attrs = {
670 &v10ckzone,
671 &v10syncuuid,
672 &v10parentKeyUUID,
673 &v10action,
674 &v10state,
675 &v10gencount,
676 &v10wrappedkey,
677 &v10encrypteditem,
678 &v10encryptionver,
679 &v10_1optionalEncodedCKRecord,
680 &v10_1pcsservice,
681 &v10_1pcspublickey,
682 &v10_1pcspublicidentity,
683 0
684 }
685 };
686
687
688 const SecDbClass v10_1_outgoing_queue_class = {
689 .name = CFSTR("outgoingqueue"),
690 .itemclass = false,
691 .attrs = {
692 &v10ckzone,
693 &v10syncuuid,
694 &v10parentKeyUUID,
695 &v10action,
696 &v10state,
697 &v10waituntiltime,
698 &v10accessgroup,
699 &v10gencount,
700 &v10wrappedkey,
701 &v10encrypteditem,
702 &v10encryptionver,
703 &v10_1pcsservice,
704 &v10_1pcspublickey,
705 &v10_1pcspublicidentity,
706 0
707 }
708 };
709
710 const SecDbClass v10_1_incoming_queue_class = {
711 .name = CFSTR("incomingqueue"),
712 .itemclass = false,
713 .attrs = {
714 &v10ckzone,
715 &v10syncuuid,
716 &v10parentKeyUUID,
717 &v10action,
718 &v10state,
719 &v10gencount,
720 &v10wrappedkey,
721 &v10encrypteditem,
722 &v10encryptionver,
723 &v10_1pcsservice,
724 &v10_1pcspublickey,
725 &v10_1pcspublicidentity,
726 0
727 }
728 };
729
730
731 const SecDbClass v10_0_outgoing_queue_class = {
732 .name = CFSTR("outgoingqueue"),
733 .itemclass = false,
734 .attrs = {
735 &v10ckzone,
736 &v10syncuuid,
737 &v10parentKeyUUID,
738 &v10action,
739 &v10state,
740 &v10waituntiltime,
741 &v10accessgroup,
742 &v10gencount,
743 &v10wrappedkey,
744 &v10encrypteditem,
745 &v10encryptionver,
746 0
747 }
748 };
749
750 const SecDbClass v10_0_incoming_queue_class = {
751 .name = CFSTR("incomingqueue"),
752 .itemclass = false,
753 .attrs = {
754 &v10ckzone,
755 &v10syncuuid,
756 &v10parentKeyUUID,
757 &v10action,
758 &v10state,
759 &v10gencount,
760 &v10wrappedkey,
761 &v10encrypteditem,
762 &v10encryptionver,
763 0
764 }
765 };
766
767 const SecDbClass v10_0_sync_key_class = {
768 .name = CFSTR("synckeys"),
769 .itemclass = false,
770 .attrs = {
771 &v10ckzone,
772 &v10syncuuid,
773 &v10keyclass,
774 &v10currentkey,
775 &v10parentKeyUUID,
776 &v10state,
777 &v10wrappedkey,
778 &v10encodedCKRecord,
779 0
780 }
781 };
782
783 // Stores the "Current Key" records, and parentKeyUUID refers to items in the synckeys table
784 // Wouldn't foreign keys be nice?
785 const SecDbClass v10_0_current_key_class = {
786 .name = CFSTR("currentkeys"),
787 .itemclass = false,
788 .attrs = {
789 &v10ckzone,
790 &v10keyclass,
791 &v10currentKeyUUID,
792 &v10encodedCKRecord,
793 0
794 }
795 };
796
797 const SecDbClass v10_1_current_item_class = {
798 .name = CFSTR("currentitems"),
799 .itemclass = false,
800 .attrs = {
801 &v10ckzone,
802 &v10_1currentPtrIdentifier,
803 &v10_1currentItemUUID,
804 &v10state,
805 &v10encodedCKRecord,
806 0
807 }
808 };
809
810 const SecDbClass v10_1_ckmirror_class = {
811 .name = CFSTR("ckmirror"),
812 .itemclass = false,
813 .attrs = {
814 &v10ckzone,
815 &v10syncuuid,
816 &v10parentKeyUUID,
817 &v10gencount,
818 &v10wrappedkey,
819 &v10encrypteditem,
820 &v10encodedCKRecord,
821 &v10encryptionver,
822 &v10_1wasCurrent,
823 &v10_1pcsservice,
824 &v10_1pcspublickey,
825 &v10_1pcspublicidentity,
826 0
827 }
828 };
829
830 const SecDbClass v10_0_ckmirror_class = {
831 .name = CFSTR("ckmirror"),
832 .itemclass = false,
833 .attrs = {
834 &v10ckzone,
835 &v10syncuuid,
836 &v10parentKeyUUID,
837 &v10gencount,
838 &v10wrappedkey,
839 &v10encrypteditem,
840 &v10encodedCKRecord,
841 &v10encryptionver,
842 0
843 }
844 };
845
846 const SecDbClass v10_0_ckstate_class = {
847 .name = CFSTR("ckstate"),
848 .itemclass = false,
849 .attrs = {
850 &v10ckzone,
851 &v10ckzonecreated,
852 &v10ckzonesubscribed,
853 &v10lastfetchtime,
854 &v10changetoken,
855 &v10ratelimiter,
856 0
857 }
858 };
859
860 /* Backup table */
861 /* Primary keys: v10primaryKey, v8musr */
862 const SecDbClass v10_0_item_backup_class = {
863 .name = CFSTR("item_backup"),
864 .itemclass = false,
865 .attrs = {
866 &v6rowid,
867 &v10primaryKey, // Primary key of the original item, from v6v_pk
868 &v8musr, //
869 &v6sha1, // Hash of the original item
870 &v10backupData, // Data wrapped to backup keybag
871 &v6pkhh, // Hash of the public key of the backup bag [v10publickeyHash]
872 0
873 }
874 };
875
876 /* Backup Keybag table */
877 /* Primary keys: v10publickeyHash, v8musr */
878 const SecDbClass v10_0_backup_keybag_class = {
879 .name = CFSTR("backup_keybag"),
880 .itemclass = false,
881 .attrs = {
882 &v6rowid,
883 &v10publickeyHash, // Hash of the public key of the backup bag
884 &v8musr, //
885 &v10publickey, // Public key for the asymmetric backup bag
886 &v6agrp, // Used for backup agent
887 0
888 }
889 };
890
891 const SecDbClass v10_1_backup_keyarchive_class = {
892 .name = CFSTR("backup_keyarchive"),
893 .itemclass = false,
894 .attrs = {
895 &v10_1keyArchiveHash, // Hash of the key archive
896 &v8musr, //
897 &v10_1keyArchive, // Serialised key archive
898 &v10ckzone,
899 &v10_1optionalEncodedCKRecord,
900 &v10_1archiveEscrowID,
901 0
902 }
903 };
904
905 const SecDbClass v10_1_current_archived_keys_class = {
906 .name = CFSTR("archived_key_backup"),
907 .itemclass = false,
908 .attrs = {
909 &v6pdmn,
910 &v10syncuuid,
911 &v8musr,
912 &v6agrp,
913 &v10_1keyArchiveHash,
914 &v10_1archivedKey,
915 &v10ckzone,
916 &v10_1optionalEncodedCKRecord,
917 &v10_1archiveEscrowID,
918 0
919 }
920 };
921
922 const SecDbClass v10_1_current_keyarchive_class = {
923 .name = CFSTR("currentkeyarchives"),
924 .itemclass = false,
925 .attrs = {
926 &v10_1keyArchiveHash,
927 &v10_1keyArchiveName,
928 0
929 }
930 };
931
932 /* An identity which is really a cert + a key, so all cert and keys attrs are
933 allowed. */
934 const SecDbClass v_identity_class = {
935 .name = CFSTR("idnt"),
936 .itemclass = true,
937 .attrs = {
938 0
939 },
940 };
941
942 /*
943 * Version 11.4 (Add some more indexes)
944 */
945 const SecDbSchema v11_4_schema = {
946 .majorVersion = 11,
947 .minorVersion = 4,
948 .classes = {
949 &v10_1_genp_class,
950 &v10_1_inet_class,
951 &v10_1_cert_class,
952 &v10_1_keys_class,
953 &v10_0_tversion_class,
954 &v10_2_outgoing_queue_class,
955 &v10_2_incoming_queue_class,
956 &v10_0_sync_key_class,
957 &v10_1_ckmirror_class,
958 &v10_0_current_key_class,
959 &v10_4_ckstate_class,
960 &v10_0_item_backup_class,
961 &v10_0_backup_keybag_class,
962 &v10_2_ckmanifest_class,
963 &v10_2_pending_manifest_class,
964 &v10_1_ckmanifest_leaf_class,
965 &v10_1_backup_keyarchive_class,
966 &v10_1_current_keyarchive_class,
967 &v10_1_current_archived_keys_class,
968 &v10_1_pending_manifest_leaf_class,
969 &v10_4_current_item_class,
970 &v11_1_ckdevicestate_class,
971 &v10_5_tlkshare_class,
972 &v11_2_metadatakeys_class,
973 0
974 }
975 };
976
977 /*
978 * Version 11.3 (no changes, restores the use of indexes in upgrade code. Gotta go fast!)
979 */
980 const SecDbSchema v11_3_schema = {
981 .majorVersion = 11,
982 .minorVersion = 3,
983 .classes = {
984 &v10_1_genp_class,
985 &v10_1_inet_class,
986 &v10_1_cert_class,
987 &v10_1_keys_class,
988 &v10_0_tversion_class,
989 &v10_2_outgoing_queue_class,
990 &v10_2_incoming_queue_class,
991 &v10_0_sync_key_class,
992 &v10_1_ckmirror_class,
993 &v10_0_current_key_class,
994 &v10_4_ckstate_class,
995 &v10_0_item_backup_class,
996 &v10_0_backup_keybag_class,
997 &v10_2_ckmanifest_class,
998 &v10_2_pending_manifest_class,
999 &v10_1_ckmanifest_leaf_class,
1000 &v10_1_backup_keyarchive_class,
1001 &v10_1_current_keyarchive_class,
1002 &v10_1_current_archived_keys_class,
1003 &v10_1_pending_manifest_leaf_class,
1004 &v10_4_current_item_class,
1005 &v11_1_ckdevicestate_class,
1006 &v10_5_tlkshare_class,
1007 &v11_2_metadatakeys_class,
1008 0
1009 }
1010 };
1011
1012 /*
1013 * Version 11.2
1014 */
1015 const SecDbSchema v11_2_schema = {
1016 .majorVersion = 11,
1017 .minorVersion = 2,
1018 .classes = {
1019 &v10_1_genp_class,
1020 &v10_1_inet_class,
1021 &v10_1_cert_class,
1022 &v10_1_keys_class,
1023 &v10_0_tversion_class,
1024 &v10_2_outgoing_queue_class,
1025 &v10_2_incoming_queue_class,
1026 &v10_0_sync_key_class,
1027 &v10_1_ckmirror_class,
1028 &v10_0_current_key_class,
1029 &v10_4_ckstate_class,
1030 &v10_0_item_backup_class,
1031 &v10_0_backup_keybag_class,
1032 &v10_2_ckmanifest_class,
1033 &v10_2_pending_manifest_class,
1034 &v10_1_ckmanifest_leaf_class,
1035 &v10_1_backup_keyarchive_class,
1036 &v10_1_current_keyarchive_class,
1037 &v10_1_current_archived_keys_class,
1038 &v10_1_pending_manifest_leaf_class,
1039 &v10_4_current_item_class,
1040 &v11_1_ckdevicestate_class,
1041 &v10_5_tlkshare_class,
1042 &v11_2_metadatakeys_class,
1043 0
1044 }
1045 };
1046
1047 /*
1048 * Version 11.1
1049 */
1050 const SecDbSchema v11_1_schema = {
1051 .majorVersion = 11,
1052 .minorVersion = 1,
1053 .classes = {
1054 &v10_1_genp_class,
1055 &v10_1_inet_class,
1056 &v10_1_cert_class,
1057 &v10_1_keys_class,
1058 &v10_0_tversion_class,
1059 &v10_2_outgoing_queue_class,
1060 &v10_2_incoming_queue_class,
1061 &v10_0_sync_key_class,
1062 &v10_1_ckmirror_class,
1063 &v10_0_current_key_class,
1064 &v10_4_ckstate_class,
1065 &v10_0_item_backup_class,
1066 &v10_0_backup_keybag_class,
1067 &v10_2_ckmanifest_class,
1068 &v10_2_pending_manifest_class,
1069 &v10_1_ckmanifest_leaf_class,
1070 &v10_1_backup_keyarchive_class,
1071 &v10_1_current_keyarchive_class,
1072 &v10_1_current_archived_keys_class,
1073 &v10_1_pending_manifest_leaf_class,
1074 &v10_4_current_item_class,
1075 &v11_1_ckdevicestate_class,
1076 &v10_5_tlkshare_class,
1077 &v11_metadatakeys_class,
1078 0
1079 }
1080 };
1081
1082 /*
1083 * Version 11
1084 */
1085 const SecDbSchema v11_schema = {
1086 .majorVersion = 11,
1087 .minorVersion = 0,
1088 .classes = {
1089 &v10_1_genp_class,
1090 &v10_1_inet_class,
1091 &v10_1_cert_class,
1092 &v10_1_keys_class,
1093 &v10_0_tversion_class,
1094 &v10_2_outgoing_queue_class,
1095 &v10_2_incoming_queue_class,
1096 &v10_0_sync_key_class,
1097 &v10_1_ckmirror_class,
1098 &v10_0_current_key_class,
1099 &v10_4_ckstate_class,
1100 &v10_0_item_backup_class,
1101 &v10_0_backup_keybag_class,
1102 &v10_2_ckmanifest_class,
1103 &v10_2_pending_manifest_class,
1104 &v10_1_ckmanifest_leaf_class,
1105 &v10_1_backup_keyarchive_class,
1106 &v10_1_current_keyarchive_class,
1107 &v10_1_current_archived_keys_class,
1108 &v10_1_pending_manifest_leaf_class,
1109 &v10_4_current_item_class,
1110 &v10_3_ckdevicestate_class,
1111 &v10_5_tlkshare_class,
1112 &v11_metadatakeys_class,
1113 0
1114 }
1115 };
1116
1117
1118 /*
1119 * Version 10.5
1120 */
1121 const SecDbSchema v10_5_schema = {
1122 .majorVersion = 10,
1123 .minorVersion = 5,
1124 .classes = {
1125 &v10_1_genp_class,
1126 &v10_1_inet_class,
1127 &v10_1_cert_class,
1128 &v10_1_keys_class,
1129 &v10_0_tversion_class,
1130 &v10_2_outgoing_queue_class,
1131 &v10_2_incoming_queue_class,
1132 &v10_0_sync_key_class,
1133 &v10_1_ckmirror_class,
1134 &v10_0_current_key_class,
1135 &v10_4_ckstate_class,
1136 &v10_0_item_backup_class,
1137 &v10_0_backup_keybag_class,
1138 &v10_2_ckmanifest_class,
1139 &v10_2_pending_manifest_class,
1140 &v10_1_ckmanifest_leaf_class,
1141 &v10_1_backup_keyarchive_class,
1142 &v10_1_current_keyarchive_class,
1143 &v10_1_current_archived_keys_class,
1144 &v10_1_pending_manifest_leaf_class,
1145 &v10_4_current_item_class,
1146 &v10_3_ckdevicestate_class,
1147 &v10_5_tlkshare_class,
1148 0
1149 }
1150 };
1151
1152 /*
1153 * Version 10.4
1154 */
1155 const SecDbSchema v10_4_schema = {
1156 .majorVersion = 10,
1157 .minorVersion = 4,
1158 .classes = {
1159 &v10_1_genp_class,
1160 &v10_1_inet_class,
1161 &v10_1_cert_class,
1162 &v10_1_keys_class,
1163 &v10_0_tversion_class,
1164 &v10_2_outgoing_queue_class,
1165 &v10_2_incoming_queue_class,
1166 &v10_0_sync_key_class,
1167 &v10_1_ckmirror_class,
1168 &v10_0_current_key_class,
1169 &v10_4_ckstate_class,
1170 &v10_0_item_backup_class,
1171 &v10_0_backup_keybag_class,
1172 &v10_2_ckmanifest_class,
1173 &v10_2_pending_manifest_class,
1174 &v10_1_ckmanifest_leaf_class,
1175 &v10_1_backup_keyarchive_class,
1176 &v10_1_current_keyarchive_class,
1177 &v10_1_current_archived_keys_class,
1178 &v10_1_pending_manifest_leaf_class,
1179 &v10_4_current_item_class,
1180 &v10_3_ckdevicestate_class,
1181 0
1182 }
1183 };
1184
1185 /*
1186 * Version 10.3
1187 */
1188 const SecDbSchema v10_3_schema = {
1189 .majorVersion = 10,
1190 .minorVersion = 3,
1191 .classes = {
1192 &v10_1_genp_class,
1193 &v10_1_inet_class,
1194 &v10_1_cert_class,
1195 &v10_1_keys_class,
1196 &v10_0_tversion_class,
1197 &v10_2_outgoing_queue_class,
1198 &v10_2_incoming_queue_class,
1199 &v10_0_sync_key_class,
1200 &v10_1_ckmirror_class,
1201 &v10_0_current_key_class,
1202 &v10_0_ckstate_class,
1203 &v10_0_item_backup_class,
1204 &v10_0_backup_keybag_class,
1205 &v10_2_ckmanifest_class,
1206 &v10_2_pending_manifest_class,
1207 &v10_1_ckmanifest_leaf_class,
1208 &v10_1_backup_keyarchive_class,
1209 &v10_1_current_keyarchive_class,
1210 &v10_1_current_archived_keys_class,
1211 &v10_1_pending_manifest_leaf_class,
1212 &v10_1_current_item_class,
1213 &v10_3_ckdevicestate_class,
1214 0
1215 }
1216 };
1217
1218 /*
1219 * Version 10.2
1220 */
1221 const SecDbSchema v10_2_schema = {
1222 .majorVersion = 10,
1223 .minorVersion = 2,
1224 .classes = {
1225 &v10_1_genp_class,
1226 &v10_1_inet_class,
1227 &v10_1_cert_class,
1228 &v10_1_keys_class,
1229 &v10_0_tversion_class,
1230 &v10_2_outgoing_queue_class,
1231 &v10_2_incoming_queue_class,
1232 &v10_0_sync_key_class,
1233 &v10_1_ckmirror_class,
1234 &v10_0_current_key_class,
1235 &v10_0_ckstate_class,
1236 &v10_0_item_backup_class,
1237 &v10_0_backup_keybag_class,
1238 &v10_2_ckmanifest_class,
1239 &v10_2_pending_manifest_class,
1240 &v10_1_ckmanifest_leaf_class,
1241 &v10_1_backup_keyarchive_class,
1242 &v10_1_current_keyarchive_class,
1243 &v10_1_current_archived_keys_class,
1244 &v10_1_pending_manifest_leaf_class,
1245 &v10_1_current_item_class,
1246 0
1247 }
1248 };
1249
1250 /*
1251 * Version 10.1
1252 */
1253 const SecDbSchema v10_1_schema = {
1254 .majorVersion = 10,
1255 .minorVersion = 1,
1256 .classes = {
1257 &v10_1_genp_class,
1258 &v10_1_inet_class,
1259 &v10_1_cert_class,
1260 &v10_1_keys_class,
1261 &v10_0_tversion_class,
1262 &v10_1_outgoing_queue_class,
1263 &v10_1_incoming_queue_class,
1264 &v10_0_sync_key_class,
1265 &v10_1_ckmirror_class,
1266 &v10_0_current_key_class,
1267 &v10_0_ckstate_class,
1268 &v10_0_item_backup_class,
1269 &v10_0_backup_keybag_class,
1270 &v10_1_ckmanifest_class,
1271 &v10_1_pending_manifest_class,
1272 &v10_1_ckmanifest_leaf_class,
1273 &v10_1_backup_keyarchive_class,
1274 &v10_1_current_keyarchive_class,
1275 &v10_1_current_archived_keys_class,
1276 &v10_1_pending_manifest_leaf_class,
1277 &v10_1_current_item_class,
1278 0
1279 }
1280 };
1281
1282 /*
1283 * Version 10.0
1284 */
1285
1286 const SecDbClass v10_0_genp_class = {
1287 .name = CFSTR("genp"),
1288 .itemclass = true,
1289 .attrs = {
1290 &v6rowid,
1291 &v6cdat,
1292 &v6mdat,
1293 &v6desc,
1294 &v6icmt,
1295 &v6crtr,
1296 &v6type,
1297 &v6scrp,
1298 &v6labl,
1299 &v6alis,
1300 &v6invi,
1301 &v6nega,
1302 &v6cusi,
1303 &v6prot,
1304 &v6acct,
1305 &v6svce,
1306 &v6gena,
1307 &v6data,
1308 &v6agrp,
1309 &v6pdmn,
1310 &v6sync,
1311 &v6tomb,
1312 &v6sha1,
1313 &v7vwht,
1314 &v7tkid,
1315 &v6v_Data,
1316 &v6v_pk,
1317 &v6accc,
1318 &v7utomb,
1319 &v8musr,
1320 &v10itemuuid,
1321 &v10itempersistentref,
1322 &v10sysbound,
1323 0
1324 },
1325 };
1326
1327 const SecDbClass v10_0_inet_class = {
1328 .name = CFSTR("inet"),
1329 .itemclass = true,
1330 .attrs = {
1331 &v6rowid,
1332 &v6cdat,
1333 &v6mdat,
1334 &v6desc,
1335 &v6icmt,
1336 &v6crtr,
1337 &v6type,
1338 &v6scrp,
1339 &v6labl,
1340 &v6alis,
1341 &v6invi,
1342 &v6nega,
1343 &v6cusi,
1344 &v6prot,
1345 &v6acct,
1346 &v6sdmn,
1347 &v6srvr,
1348 &v6ptcl,
1349 &v6atyp,
1350 &v6port,
1351 &v6path,
1352 &v6data,
1353 &v6agrp,
1354 &v6pdmn,
1355 &v6sync,
1356 &v6tomb,
1357 &v6sha1,
1358 &v7vwht,
1359 &v7tkid,
1360 &v6v_Data,
1361 &v6v_pk,
1362 &v6accc,
1363 &v7utomb,
1364 &v8musr,
1365 &v10itemuuid,
1366 &v10itempersistentref,
1367 &v10sysbound,
1368 0
1369 },
1370 };
1371
1372 const SecDbClass v10_0_cert_class = {
1373 .name = CFSTR("cert"),
1374 .itemclass = true,
1375 .attrs = {
1376 &v6rowid,
1377 &v6cdat,
1378 &v6mdat,
1379 &v6ctyp,
1380 &v6cenc,
1381 &v6labl,
1382 &v6certalis,
1383 &v6subj,
1384 &v6issr,
1385 &v6slnr,
1386 &v6skid,
1387 &v6pkhh,
1388 &v6data,
1389 &v6agrp,
1390 &v6pdmn,
1391 &v6sync,
1392 &v6tomb,
1393 &v6sha1,
1394 &v7vwht,
1395 &v7tkid,
1396 &v6v_Data,
1397 &v6v_pk,
1398 &v6accc,
1399 &v7utomb,
1400 &v8musr,
1401 &v10itemuuid,
1402 &v10itempersistentref,
1403 &v10sysbound,
1404 0
1405 },
1406 };
1407
1408 const SecDbClass v10_0_keys_class = {
1409 .name = CFSTR("keys"),
1410 .itemclass = true,
1411 .attrs = {
1412 &v6rowid,
1413 &v6cdat,
1414 &v6mdat,
1415 &v6kcls,
1416 &v6labl,
1417 &v6alis,
1418 &v6perm,
1419 &v6priv,
1420 &v6modi,
1421 &v6klbl,
1422 &v6atag,
1423 &v6keycrtr,
1424 &v6keytype,
1425 &v6bsiz,
1426 &v6esiz,
1427 &v6sdat,
1428 &v6edat,
1429 &v6sens,
1430 &v6asen,
1431 &v6extr,
1432 &v6next,
1433 &v6encr,
1434 &v6decr,
1435 &v6drve,
1436 &v6sign,
1437 &v6vrfy,
1438 &v6snrc,
1439 &v6vyrc,
1440 &v6wrap,
1441 &v6unwp,
1442 &v6data,
1443 &v6agrp,
1444 &v6pdmn,
1445 &v6sync,
1446 &v6tomb,
1447 &v6sha1,
1448 &v7vwht,
1449 &v7tkid,
1450 &v6v_Data,
1451 &v6v_pk,
1452 &v6accc,
1453 &v7utomb,
1454 &v8musr,
1455 &v10itemuuid,
1456 &v10itempersistentref,
1457 &v10sysbound,
1458 0
1459 }
1460 };
1461
1462 const SecDbSchema v10_0_schema = {
1463 .majorVersion = 10,
1464 .minorVersion = 0,
1465 .classes = {
1466 &v10_0_genp_class,
1467 &v10_0_inet_class,
1468 &v10_0_cert_class,
1469 &v10_0_keys_class,
1470 &v10_0_tversion_class,
1471 &v10_0_outgoing_queue_class,
1472 &v10_0_incoming_queue_class,
1473 &v10_0_sync_key_class,
1474 &v10_0_ckmirror_class,
1475 &v10_0_current_key_class,
1476 &v10_0_ckstate_class,
1477 &v10_0_item_backup_class,
1478 &v10_0_backup_keybag_class,
1479 0
1480 }
1481 };
1482
1483 const SecDbClass v9_1_tversion_class = {
1484 .name = CFSTR("tversion91"),
1485 .itemclass = false,
1486 .attrs = {
1487 &v6rowid,
1488 &v6version,
1489 &v91minor,
1490 0
1491 }
1492 };
1493
1494 const SecDbClass v9_1_genp_class = {
1495 .name = CFSTR("genp91"),
1496 .itemclass = true,
1497 .attrs = {
1498 &v6rowid,
1499 &v6cdat,
1500 &v6mdat,
1501 &v6desc,
1502 &v6icmt,
1503 &v6crtr,
1504 &v6type,
1505 &v6scrp,
1506 &v6labl,
1507 &v6alis,
1508 &v6invi,
1509 &v6nega,
1510 &v6cusi,
1511 &v6prot,
1512 &v6acct,
1513 &v6svce,
1514 &v6gena,
1515 &v6data,
1516 &v6agrp,
1517 &v6pdmn,
1518 &v6sync,
1519 &v6tomb,
1520 &v6sha1,
1521 &v7vwht,
1522 &v7tkid,
1523 &v6v_Data,
1524 &v6v_pk,
1525 &v6accc,
1526 &v7utomb,
1527 &v8musr,
1528 0
1529 },
1530 };
1531
1532 const SecDbClass v9_1_inet_class = {
1533 .name = CFSTR("inet91"),
1534 .itemclass = true,
1535 .attrs = {
1536 &v6rowid,
1537 &v6cdat,
1538 &v6mdat,
1539 &v6desc,
1540 &v6icmt,
1541 &v6crtr,
1542 &v6type,
1543 &v6scrp,
1544 &v6labl,
1545 &v6alis,
1546 &v6invi,
1547 &v6nega,
1548 &v6cusi,
1549 &v6prot,
1550 &v6acct,
1551 &v6sdmn,
1552 &v6srvr,
1553 &v6ptcl,
1554 &v6atyp,
1555 &v6port,
1556 &v6path,
1557 &v6data,
1558 &v6agrp,
1559 &v6pdmn,
1560 &v6sync,
1561 &v6tomb,
1562 &v6sha1,
1563 &v7vwht,
1564 &v7tkid,
1565 &v6v_Data,
1566 &v6v_pk,
1567 &v6accc,
1568 &v7utomb,
1569 &v8musr,
1570 0
1571 },
1572 };
1573
1574 const SecDbClass v9_1_cert_class = {
1575 .name = CFSTR("cert91"),
1576 .itemclass = true,
1577 .attrs = {
1578 &v6rowid,
1579 &v6cdat,
1580 &v6mdat,
1581 &v6ctyp,
1582 &v6cenc,
1583 &v6labl,
1584 &v6certalis,
1585 &v6subj,
1586 &v6issr,
1587 &v6slnr,
1588 &v6skid,
1589 &v6pkhh,
1590 &v6data,
1591 &v6agrp,
1592 &v6pdmn,
1593 &v6sync,
1594 &v6tomb,
1595 &v6sha1,
1596 &v7vwht,
1597 &v7tkid,
1598 &v6v_Data,
1599 &v6v_pk,
1600 &v6accc,
1601 &v7utomb,
1602 &v8musr,
1603 0
1604 },
1605 };
1606
1607 const SecDbClass v9_1_keys_class = {
1608 .name = CFSTR("keys91"),
1609 .itemclass = true,
1610 .attrs = {
1611 &v6rowid,
1612 &v6cdat,
1613 &v6mdat,
1614 &v6kcls,
1615 &v6labl,
1616 &v6alis,
1617 &v6perm,
1618 &v6priv,
1619 &v6modi,
1620 &v6klbl,
1621 &v6atag,
1622 &v6keycrtr,
1623 &v6keytype,
1624 &v6bsiz,
1625 &v6esiz,
1626 &v6sdat,
1627 &v6edat,
1628 &v6sens,
1629 &v6asen,
1630 &v6extr,
1631 &v6next,
1632 &v6encr,
1633 &v6decr,
1634 &v6drve,
1635 &v6sign,
1636 &v6vrfy,
1637 &v6snrc,
1638 &v6vyrc,
1639 &v6wrap,
1640 &v6unwp,
1641 &v6data,
1642 &v6agrp,
1643 &v6pdmn,
1644 &v6sync,
1645 &v6tomb,
1646 &v6sha1,
1647 &v7vwht,
1648 &v7tkid,
1649 &v6v_Data,
1650 &v6v_pk,
1651 &v6accc,
1652 &v7utomb,
1653 &v8musr,
1654 0
1655 }
1656 };
1657
1658 /*
1659 * Version 9.1 (iOS 10.0 and OSX 10.11.8/10.12 addded minor version.
1660 */
1661 const SecDbSchema v9_1_schema = {
1662 .majorVersion = 9,
1663 .minorVersion = 1,
1664 .classes = {
1665 &v9_1_genp_class,
1666 &v9_1_inet_class,
1667 &v9_1_cert_class,
1668 &v9_1_keys_class,
1669 &v9_1_tversion_class,
1670 0
1671 }
1672 };
1673
1674 const SecDbClass v9genp_class = {
1675 .name = CFSTR("genp9"),
1676 .itemclass = true,
1677 .attrs = {
1678 &v6rowid,
1679 &v6cdat,
1680 &v6mdat,
1681 &v6desc,
1682 &v6icmt,
1683 &v6crtr,
1684 &v6type,
1685 &v6scrp,
1686 &v6labl,
1687 &v6alis,
1688 &v6invi,
1689 &v6nega,
1690 &v6cusi,
1691 &v6prot,
1692 &v6acct,
1693 &v6svce,
1694 &v6gena,
1695 &v6data,
1696 &v6agrp,
1697 &v6pdmn,
1698 &v6sync,
1699 &v6tomb,
1700 &v6sha1,
1701 &v7vwht,
1702 &v7tkid,
1703 &v6v_Data,
1704 &v6v_pk,
1705 &v6accc,
1706 &v7utomb,
1707 &v8musr,
1708 0
1709 },
1710 };
1711
1712 const SecDbClass v9inet_class = {
1713 .name = CFSTR("inet9"),
1714 .itemclass = true,
1715 .attrs = {
1716 &v6rowid,
1717 &v6cdat,
1718 &v6mdat,
1719 &v6desc,
1720 &v6icmt,
1721 &v6crtr,
1722 &v6type,
1723 &v6scrp,
1724 &v6labl,
1725 &v6alis,
1726 &v6invi,
1727 &v6nega,
1728 &v6cusi,
1729 &v6prot,
1730 &v6acct,
1731 &v6sdmn,
1732 &v6srvr,
1733 &v6ptcl,
1734 &v6atyp,
1735 &v6port,
1736 &v6path,
1737 &v6data,
1738 &v6agrp,
1739 &v6pdmn,
1740 &v6sync,
1741 &v6tomb,
1742 &v6sha1,
1743 &v7vwht,
1744 &v7tkid,
1745 &v6v_Data,
1746 &v6v_pk,
1747 &v6accc,
1748 &v7utomb,
1749 &v8musr,
1750 0
1751 },
1752 };
1753
1754 const SecDbClass v9cert_class = {
1755 .name = CFSTR("cert9"),
1756 .itemclass = true,
1757 .attrs = {
1758 &v6rowid,
1759 &v6cdat,
1760 &v6mdat,
1761 &v6ctyp,
1762 &v6cenc,
1763 &v6labl,
1764 &v6certalis,
1765 &v6subj,
1766 &v6issr,
1767 &v6slnr,
1768 &v6skid,
1769 &v6pkhh,
1770 &v6data,
1771 &v6agrp,
1772 &v6pdmn,
1773 &v6sync,
1774 &v6tomb,
1775 &v6sha1,
1776 &v7vwht,
1777 &v7tkid,
1778 &v6v_Data,
1779 &v6v_pk,
1780 &v6accc,
1781 &v7utomb,
1782 &v8musr,
1783 0
1784 },
1785 };
1786
1787 const SecDbClass v9keys_class = {
1788 .name = CFSTR("keys9"),
1789 .itemclass = true,
1790 .attrs = {
1791 &v6rowid,
1792 &v6cdat,
1793 &v6mdat,
1794 &v6kcls,
1795 &v6labl,
1796 &v6alis,
1797 &v6perm,
1798 &v6priv,
1799 &v6modi,
1800 &v6klbl,
1801 &v6atag,
1802 &v6keycrtr,
1803 &v6keytype,
1804 &v6bsiz,
1805 &v6esiz,
1806 &v6sdat,
1807 &v6edat,
1808 &v6sens,
1809 &v6asen,
1810 &v6extr,
1811 &v6next,
1812 &v6encr,
1813 &v6decr,
1814 &v6drve,
1815 &v6sign,
1816 &v6vrfy,
1817 &v6snrc,
1818 &v6vyrc,
1819 &v6wrap,
1820 &v6unwp,
1821 &v6data,
1822 &v6agrp,
1823 &v6pdmn,
1824 &v6sync,
1825 &v6tomb,
1826 &v6sha1,
1827 &v7vwht,
1828 &v7tkid,
1829 &v6v_Data,
1830 &v6v_pk,
1831 &v6accc,
1832 &v7utomb,
1833 &v8musr,
1834 0
1835 }
1836 };
1837
1838 const SecDbClass v5tversion_class = {
1839 .name = CFSTR("tversion5"),
1840 .itemclass = false,
1841 .attrs = {
1842 &v6version,
1843 0
1844 }
1845 };
1846
1847 /* Version 9 (iOS 9.3 and OSX 10.11.5) database schema
1848 * Same contents as v8 tables; table names changed to force upgrade
1849 * and correct default values in table.
1850 */
1851 const SecDbSchema v9_schema = {
1852 .majorVersion = 9,
1853 .classes = {
1854 &v9genp_class,
1855 &v9inet_class,
1856 &v9cert_class,
1857 &v9keys_class,
1858 &v5tversion_class,
1859 0
1860 }
1861 };
1862
1863 // Version 8 (Internal release iOS 9.3 and OSX 10.11.5) database schema
1864 const SecDbClass v8genp_class = {
1865 .name = CFSTR("genp8"),
1866 .itemclass = true,
1867 .attrs = {
1868 &v6rowid,
1869 &v6cdat,
1870 &v6mdat,
1871 &v6desc,
1872 &v6icmt,
1873 &v6crtr,
1874 &v6type,
1875 &v6scrp,
1876 &v6labl,
1877 &v6alis,
1878 &v6invi,
1879 &v6nega,
1880 &v6cusi,
1881 &v6prot,
1882 &v6acct,
1883 &v6svce,
1884 &v6gena,
1885 &v6data,
1886 &v6agrp,
1887 &v6pdmn,
1888 &v6sync,
1889 &v6tomb,
1890 &v6sha1,
1891 &v7vwht,
1892 &v7tkid,
1893 &v6v_Data,
1894 &v6v_pk,
1895 &v6accc,
1896 &v7utomb,
1897 &v8musr,
1898 0
1899 },
1900 };
1901
1902 const SecDbClass v8inet_class = {
1903 .name = CFSTR("inet8"),
1904 .itemclass = true,
1905 .attrs = {
1906 &v6rowid,
1907 &v6cdat,
1908 &v6mdat,
1909 &v6desc,
1910 &v6icmt,
1911 &v6crtr,
1912 &v6type,
1913 &v6scrp,
1914 &v6labl,
1915 &v6alis,
1916 &v6invi,
1917 &v6nega,
1918 &v6cusi,
1919 &v6prot,
1920 &v6acct,
1921 &v6sdmn,
1922 &v6srvr,
1923 &v6ptcl,
1924 &v6atyp,
1925 &v6port,
1926 &v6path,
1927 &v6data,
1928 &v6agrp,
1929 &v6pdmn,
1930 &v6sync,
1931 &v6tomb,
1932 &v6sha1,
1933 &v7vwht,
1934 &v7tkid,
1935 &v6v_Data,
1936 &v6v_pk,
1937 &v6accc,
1938 &v7utomb,
1939 &v8musr,
1940 0
1941 },
1942 };
1943
1944 const SecDbClass v8cert_class = {
1945 .name = CFSTR("cert8"),
1946 .itemclass = true,
1947 .attrs = {
1948 &v6rowid,
1949 &v6cdat,
1950 &v6mdat,
1951 &v6ctyp,
1952 &v6cenc,
1953 &v6labl,
1954 &v6certalis,
1955 &v6subj,
1956 &v6issr,
1957 &v6slnr,
1958 &v6skid,
1959 &v6pkhh,
1960 &v6data,
1961 &v6agrp,
1962 &v6pdmn,
1963 &v6sync,
1964 &v6tomb,
1965 &v6sha1,
1966 &v7vwht,
1967 &v7tkid,
1968 &v6v_Data,
1969 &v6v_pk,
1970 &v6accc,
1971 &v7utomb,
1972 &v8musr,
1973 0
1974 },
1975 };
1976
1977 const SecDbClass v8keys_class = {
1978 .name = CFSTR("keys8"),
1979 .itemclass = true,
1980 .attrs = {
1981 &v6rowid,
1982 &v6cdat,
1983 &v6mdat,
1984 &v6kcls,
1985 &v6labl,
1986 &v6alis,
1987 &v6perm,
1988 &v6priv,
1989 &v6modi,
1990 &v6klbl,
1991 &v6atag,
1992 &v6keycrtr,
1993 &v6keytype,
1994 &v6bsiz,
1995 &v6esiz,
1996 &v6sdat,
1997 &v6edat,
1998 &v6sens,
1999 &v6asen,
2000 &v6extr,
2001 &v6next,
2002 &v6encr,
2003 &v6decr,
2004 &v6drve,
2005 &v6sign,
2006 &v6vrfy,
2007 &v6snrc,
2008 &v6vyrc,
2009 &v6wrap,
2010 &v6unwp,
2011 &v6data,
2012 &v6agrp,
2013 &v6pdmn,
2014 &v6sync,
2015 &v6tomb,
2016 &v6sha1,
2017 &v7vwht,
2018 &v7tkid,
2019 &v6v_Data,
2020 &v6v_pk,
2021 &v6accc,
2022 &v7utomb,
2023 &v8musr,
2024 0
2025 }
2026 };
2027
2028 const SecDbSchema v8_schema = {
2029 .majorVersion = 8,
2030 .classes = {
2031 &v8genp_class,
2032 &v8inet_class,
2033 &v8cert_class,
2034 &v8keys_class,
2035 &v5tversion_class,
2036 0
2037 }
2038 };
2039
2040 // Version 7 (iOS 9 and OSX 10.11) database schema
2041 const SecDbClass v7genp_class = {
2042 .name = CFSTR("genp7"),
2043 .itemclass = true,
2044 .attrs = {
2045 &v6rowid,
2046 &v6cdat,
2047 &v6mdat,
2048 &v6desc,
2049 &v6icmt,
2050 &v6crtr,
2051 &v6type,
2052 &v6scrp,
2053 &v6labl,
2054 &v6alis,
2055 &v6invi,
2056 &v6nega,
2057 &v6cusi,
2058 &v6prot,
2059 &v6acct,
2060 &v6svce,
2061 &v6gena,
2062 &v6data,
2063 &v6agrp,
2064 &v6pdmn,
2065 &v6sync,
2066 &v6tomb,
2067 &v6sha1,
2068 &v7vwht,
2069 &v7tkid,
2070 &v6v_Data,
2071 &v6v_pk,
2072 &v6accc,
2073 &v7utomb,
2074 0
2075 },
2076 };
2077
2078 const SecDbClass v7inet_class = {
2079 .name = CFSTR("inet7"),
2080 .itemclass = true,
2081 .attrs = {
2082 &v6rowid,
2083 &v6cdat,
2084 &v6mdat,
2085 &v6desc,
2086 &v6icmt,
2087 &v6crtr,
2088 &v6type,
2089 &v6scrp,
2090 &v6labl,
2091 &v6alis,
2092 &v6invi,
2093 &v6nega,
2094 &v6cusi,
2095 &v6prot,
2096 &v6acct,
2097 &v6sdmn,
2098 &v6srvr,
2099 &v6ptcl,
2100 &v6atyp,
2101 &v6port,
2102 &v6path,
2103 &v6data,
2104 &v6agrp,
2105 &v6pdmn,
2106 &v6sync,
2107 &v6tomb,
2108 &v6sha1,
2109 &v7vwht,
2110 &v7tkid,
2111 &v6v_Data,
2112 &v6v_pk,
2113 &v6accc,
2114 &v7utomb,
2115 0
2116 },
2117 };
2118
2119 const SecDbClass v7cert_class = {
2120 .name = CFSTR("cert7"),
2121 .itemclass = true,
2122 .attrs = {
2123 &v6rowid,
2124 &v6cdat,
2125 &v6mdat,
2126 &v6ctyp,
2127 &v6cenc,
2128 &v6labl,
2129 &v6certalis,
2130 &v6subj,
2131 &v6issr,
2132 &v6slnr,
2133 &v6skid,
2134 &v6pkhh,
2135 &v6data,
2136 &v6agrp,
2137 &v6pdmn,
2138 &v6sync,
2139 &v6tomb,
2140 &v6sha1,
2141 &v7vwht,
2142 &v7tkid,
2143 &v6v_Data,
2144 &v6v_pk,
2145 &v6accc,
2146 &v7utomb,
2147 0
2148 },
2149 };
2150
2151 const SecDbClass v7keys_class = {
2152 .name = CFSTR("keys7"),
2153 .itemclass = true,
2154 .attrs = {
2155 &v6rowid,
2156 &v6cdat,
2157 &v6mdat,
2158 &v6kcls,
2159 &v6labl,
2160 &v6alis,
2161 &v6perm,
2162 &v6priv,
2163 &v6modi,
2164 &v6klbl,
2165 &v6atag,
2166 &v6keycrtr,
2167 &v6keytype,
2168 &v6bsiz,
2169 &v6esiz,
2170 &v6sdat,
2171 &v6edat,
2172 &v6sens,
2173 &v6asen,
2174 &v6extr,
2175 &v6next,
2176 &v6encr,
2177 &v6decr,
2178 &v6drve,
2179 &v6sign,
2180 &v6vrfy,
2181 &v6snrc,
2182 &v6vyrc,
2183 &v6wrap,
2184 &v6unwp,
2185 &v6data,
2186 &v6agrp,
2187 &v6pdmn,
2188 &v6sync,
2189 &v6tomb,
2190 &v6sha1,
2191 &v7vwht,
2192 &v7tkid,
2193 &v6v_Data,
2194 &v6v_pk,
2195 &v6accc,
2196 &v7utomb,
2197 0
2198 }
2199 };
2200
2201
2202 const SecDbSchema v7_schema = {
2203 .majorVersion = 7,
2204 .classes = {
2205 &v7genp_class,
2206 &v7inet_class,
2207 &v7cert_class,
2208 &v7keys_class,
2209 &v5tversion_class,
2210 0
2211 }
2212 };
2213
2214
2215 // Version 6 (iOS 7 and OSX 10.9) database schema
2216 static const SecDbClass v6genp_class = {
2217 .name = CFSTR("genp6"),
2218 .itemclass = true,
2219 .attrs = {
2220 &v6rowid,
2221 &v6cdat,
2222 &v6mdat,
2223 &v6desc,
2224 &v6icmt,
2225 &v6crtr,
2226 &v6type,
2227 &v6scrp,
2228 &v6labl,
2229 &v6alis,
2230 &v6invi,
2231 &v6nega,
2232 &v6cusi,
2233 &v6prot,
2234 &v6acct,
2235 &v6svce,
2236 &v6gena,
2237 &v6data,
2238 &v6agrp,
2239 &v6pdmn,
2240 &v6sync,
2241 &v6tomb,
2242 &v6sha1,
2243 &v6v_Data,
2244 &v6v_pk,
2245 &v6accc,
2246 0
2247 },
2248 };
2249
2250 static const SecDbClass v6inet_class = {
2251 .name = CFSTR("inet6"),
2252 .itemclass = true,
2253 .attrs = {
2254 &v6rowid,
2255 &v6cdat,
2256 &v6mdat,
2257 &v6desc,
2258 &v6icmt,
2259 &v6crtr,
2260 &v6type,
2261 &v6scrp,
2262 &v6labl,
2263 &v6alis,
2264 &v6invi,
2265 &v6nega,
2266 &v6cusi,
2267 &v6prot,
2268 &v6acct,
2269 &v6sdmn,
2270 &v6srvr,
2271 &v6ptcl,
2272 &v6atyp,
2273 &v6port,
2274 &v6path,
2275 &v6data,
2276 &v6agrp,
2277 &v6pdmn,
2278 &v6sync,
2279 &v6tomb,
2280 &v6sha1,
2281 &v6v_Data,
2282 &v6v_pk,
2283 &v6accc,
2284 0
2285 },
2286 };
2287
2288 static const SecDbClass v6cert_class = {
2289 .name = CFSTR("cert6"),
2290 .itemclass = true,
2291 .attrs = {
2292 &v6rowid,
2293 &v6cdat,
2294 &v6mdat,
2295 &v6ctyp,
2296 &v6cenc,
2297 &v6labl,
2298 &v6certalis,
2299 &v6subj,
2300 &v6issr,
2301 &v6slnr,
2302 &v6skid,
2303 &v6pkhh,
2304 &v6data,
2305 &v6agrp,
2306 &v6pdmn,
2307 &v6sync,
2308 &v6tomb,
2309 &v6sha1,
2310 &v6v_Data,
2311 &v6v_pk,
2312 &v6accc,
2313 0
2314 },
2315 };
2316
2317 static const SecDbClass v6keys_class = {
2318 .name = CFSTR("keys6"),
2319 .itemclass = true,
2320 .attrs = {
2321 &v6rowid,
2322 &v6cdat,
2323 &v6mdat,
2324 &v6kcls,
2325 &v6labl,
2326 &v6alis,
2327 &v6perm,
2328 &v6priv,
2329 &v6modi,
2330 &v6klbl,
2331 &v6atag,
2332 &v6keycrtr,
2333 &v6keytype,
2334 &v6bsiz,
2335 &v6esiz,
2336 &v6sdat,
2337 &v6edat,
2338 &v6sens,
2339 &v6asen,
2340 &v6extr,
2341 &v6next,
2342 &v6encr,
2343 &v6decr,
2344 &v6drve,
2345 &v6sign,
2346 &v6vrfy,
2347 &v6snrc,
2348 &v6vyrc,
2349 &v6wrap,
2350 &v6unwp,
2351 &v6data,
2352 &v6agrp,
2353 &v6pdmn,
2354 &v6sync,
2355 &v6tomb,
2356 &v6sha1,
2357 &v6v_Data,
2358 &v6v_pk,
2359 &v6accc,
2360 0
2361 }
2362 };
2363
2364 static const SecDbSchema v6_schema = {
2365 .majorVersion = 6,
2366 .classes = {
2367 &v6genp_class,
2368 &v6inet_class,
2369 &v6cert_class,
2370 &v6keys_class,
2371 &v5tversion_class,
2372 0
2373 }
2374 };
2375
2376
2377 // Version 5 (iOS 5 & iOS 6) database schema.
2378 static const SecDbClass v5genp_class = {
2379 .name = CFSTR("genp5"),
2380 .itemclass = true,
2381 .attrs = {
2382 &v6rowid,
2383 &v6cdat,
2384 &v6mdat,
2385 &v6desc,
2386 &v6icmt,
2387 &v6crtr,
2388 &v6type,
2389 &v6scrp,
2390 &v6labl,
2391 &v6alis,
2392 &v6invi,
2393 &v6nega,
2394 &v6cusi,
2395 &v6prot,
2396 &v6acct,
2397 &v6svce,
2398 &v6gena,
2399 &v6data,
2400 &v6agrp,
2401 &v6pdmn,
2402 &v6v_Data,
2403 0
2404 },
2405 };
2406
2407 static const SecDbClass v5inet_class = {
2408 .name = CFSTR("inet5"),
2409 .itemclass = true,
2410 .attrs = {
2411 &v6rowid,
2412 &v6cdat,
2413 &v6mdat,
2414 &v6desc,
2415 &v6icmt,
2416 &v6crtr,
2417 &v6type,
2418 &v6scrp,
2419 &v6labl,
2420 &v6alis,
2421 &v6invi,
2422 &v6nega,
2423 &v6cusi,
2424 &v6prot,
2425 &v6acct,
2426 &v6sdmn,
2427 &v6srvr,
2428 &v6ptcl,
2429 &v6atyp,
2430 &v6port,
2431 &v6path,
2432 &v6data,
2433 &v6agrp,
2434 &v6pdmn,
2435 &v6v_Data,
2436 0
2437 },
2438 };
2439
2440 static const SecDbClass v5cert_class = {
2441 .name = CFSTR("cert5"),
2442 .itemclass = true,
2443 .attrs = {
2444 &v6rowid,
2445 &v6cdat,
2446 &v6mdat,
2447 &v6ctyp,
2448 &v6cenc,
2449 &v6labl,
2450 &v6certalis,
2451 &v6subj,
2452 &v6issr,
2453 &v6slnr,
2454 &v6skid,
2455 &v6pkhh,
2456 &v6data,
2457 &v6agrp,
2458 &v6pdmn,
2459 &v6v_Data,
2460 0
2461 },
2462 };
2463
2464 static const SecDbClass v5keys_class = {
2465 .name = CFSTR("keys5"),
2466 .itemclass = true,
2467 .attrs = {
2468 &v6rowid,
2469 &v6cdat,
2470 &v6mdat,
2471 &v6kcls,
2472 &v6labl,
2473 &v6alis,
2474 &v6perm,
2475 &v6priv,
2476 &v6modi,
2477 &v6klbl,
2478 &v6atag,
2479 &v6keycrtr,
2480 &v6keytype,
2481 &v6bsiz,
2482 &v6esiz,
2483 &v6sdat,
2484 &v6edat,
2485 &v6sens,
2486 &v6asen,
2487 &v6extr,
2488 &v6next,
2489 &v6encr,
2490 &v6decr,
2491 &v6drve,
2492 &v6sign,
2493 &v6vrfy,
2494 &v6snrc,
2495 &v6vyrc,
2496 &v6wrap,
2497 &v6unwp,
2498 &v6data,
2499 &v6agrp,
2500 &v6pdmn,
2501 &v6v_Data,
2502 0
2503 }
2504 };
2505
2506 static const SecDbSchema v5_schema = {
2507 .majorVersion = 5,
2508 .classes = {
2509 &v5genp_class,
2510 &v5inet_class,
2511 &v5cert_class,
2512 &v5keys_class,
2513 &v5tversion_class,
2514 0
2515 }
2516 };
2517
2518 SecDbSchema const * const * kc_schemas = NULL;
2519
2520 const SecDbSchema *v10_kc_schemas[] = {
2521 &v11_4_schema,
2522 &v11_3_schema,
2523 &v11_2_schema,
2524 &v11_1_schema,
2525 &v11_schema,
2526 &v10_5_schema,
2527 &v10_4_schema,
2528 &v10_3_schema,
2529 &v10_2_schema,
2530 &v10_1_schema,
2531 &v10_0_schema,
2532 &v9_1_schema,
2533 &v9_schema,
2534 &v8_schema,
2535 &v7_schema,
2536 &v6_schema,
2537 &v5_schema,
2538 0
2539 };
2540
2541 const SecDbSchema * const * all_schemas() {
2542 return v10_kc_schemas;
2543 }
2544
2545 const SecDbSchema* current_schema() {
2546 // For now, the current schema is the first in the list.
2547 return all_schemas()[0];
2548 }
2549
2550 // class accessors for current schema.
2551 static const SecDbClass* find_class(const SecDbSchema* schema, CFStringRef class_name) {
2552 for (const SecDbClass * const *pclass = schema->classes; *pclass; ++pclass) {
2553 if( CFEqualSafe((*pclass)->name, class_name) ) {
2554 return *pclass;
2555 }
2556 }
2557 return NULL;
2558 }
2559
2560 const SecDbClass* genp_class() {
2561 static const SecDbClass* genp = NULL;
2562 static dispatch_once_t onceToken;
2563 dispatch_once(&onceToken, ^{
2564 genp = find_class(current_schema(), CFSTR("genp"));
2565 });
2566 return genp;
2567 }
2568 const SecDbClass* inet_class() {
2569 static const SecDbClass* inet = NULL;
2570 static dispatch_once_t onceToken;
2571 dispatch_once(&onceToken, ^{
2572 inet = find_class(current_schema(), CFSTR("inet"));
2573 });
2574 return inet;
2575 }
2576 const SecDbClass* cert_class() {
2577 static const SecDbClass* cert = NULL;
2578 static dispatch_once_t onceToken;
2579 dispatch_once(&onceToken, ^{
2580 cert = find_class(current_schema(), CFSTR("cert"));
2581 });
2582 return cert;
2583 }
2584 const SecDbClass* keys_class() {
2585 static const SecDbClass* keys = NULL;
2586 static dispatch_once_t onceToken;
2587 dispatch_once(&onceToken, ^{
2588 keys = find_class(current_schema(), CFSTR("keys"));
2589 });
2590 return keys;
2591 }
2592
2593 // Not really a class per-se
2594 const SecDbClass* identity_class() {
2595 return &v_identity_class;
2596 }
2597
2598 // Class with 1 element in it which is the database version->
2599 const SecDbClass* tversion_class() {
2600 static const SecDbClass* tversion = NULL;
2601 static dispatch_once_t onceToken;
2602 dispatch_once(&onceToken, ^{
2603 tversion = find_class(current_schema(), CFSTR("tversion"));
2604 });
2605 return tversion;
2606 }
2607
2608
mirror of Security