SecurityTests/cspxutils/dbTool/dbAttrs.cpp

   1 /* Copyright (c) 2002-2003,2006,2008 Apple Inc.
   2  *
   3  * dbAttrs.cpp - Apple DL/DB/Keychain attributes and name/value pairs.
   4  *               The attribute lists here are not necessarily complete lists
   5  *                               of the attrs in any given schema; they are only the ones we want
   6  *                           to examine with dbTool.
   7  */
   8
   9 #include "dbAttrs.h"
  10 #include <Security/cssmapple.h>
  11 #include <Security/SecKeychainItem.h>
  12 #include <Security/cssmapplePriv.h>
  13 #include <security_cdsa_utilities/Schema.h>
  14
  15 /* declare a CSSM_DB_ATTRIBUTE_INFO with NAME_AS_STRING */
  16 #define DB_ATTRIBUTE(name, type) \
  17         {  CSSM_DB_ATTRIBUTE_NAME_AS_STRING, \
  18            {(char *)#name}, \
  19            CSSM_DB_ATTRIBUTE_FORMAT_ ## type \
  20         }
  21
  22 /* declare a CSSM_DB_ATTRIBUTE_INFO with NAME_AS_INTEGER */
  23 #define DB_INT_ATTRIBUTE(name, type) \
  24         {  CSSM_DB_ATTRIBUTE_NAME_AS_INTEGER, \
  25            { (char *)name }, \
  26            CSSM_DB_ATTRIBUTE_FORMAT_ ## type \
  27         }
  28
  29
  30 /* declare one entry in a table of nameValuePairs */
  31 #define NVP(attr)               {attr, #attr}
  32
  33 /* the NULL entry which terminates all nameValuePair tables */
  34 #define NVP_END                 {0, NULL}
  35
  36 /* declare a RelationInfo */
  37 #define RELATION_INFO(relationId, attributes, nameValues) \
  38         { relationId, \
  39           #relationId, \
  40           sizeof(attributes) / sizeof(CSSM_DB_ATTRIBUTE_INFO), \
  41           attributes, \
  42           nameValues }
  43
  44 /* CSSM_DB_RECORDTYPE names */
  45 const NameValuePair recordTypeNames[] =
  46 {
  47         NVP(CSSM_DL_DB_SCHEMA_INFO),
  48         NVP(CSSM_DL_DB_SCHEMA_INDEXES),
  49         NVP(CSSM_DL_DB_SCHEMA_ATTRIBUTES),
  50         NVP(CSSM_DL_DB_SCHEMA_PARSING_MODULE),
  51         NVP(CSSM_DL_DB_RECORD_ANY),
  52         NVP(CSSM_DL_DB_RECORD_CERT),
  53         NVP(CSSM_DL_DB_RECORD_CRL),
  54         NVP(CSSM_DL_DB_RECORD_POLICY),
  55         NVP(CSSM_DL_DB_RECORD_GENERIC),
  56         NVP(CSSM_DL_DB_RECORD_PUBLIC_KEY),
  57         NVP(CSSM_DL_DB_RECORD_PRIVATE_KEY),
  58         NVP(CSSM_DL_DB_RECORD_SYMMETRIC_KEY),
  59         NVP(CSSM_DL_DB_RECORD_ALL_KEYS),
  60         /* Apple-specific */
  61         NVP(CSSM_DL_DB_RECORD_GENERIC_PASSWORD),
  62         NVP(CSSM_DL_DB_RECORD_INTERNET_PASSWORD),
  63         NVP(CSSM_DL_DB_RECORD_APPLESHARE_PASSWORD),
  64         NVP(CSSM_DL_DB_RECORD_X509_CERTIFICATE),
  65         NVP(CSSM_DL_DB_RECORD_X509_CRL),
  66         NVP(CSSM_DL_DB_RECORD_USER_TRUST),
  67         /* private to AppleCSPDL */
  68         NVP(DBBlobRelationID),
  69         /* private to Sec layer */
  70         NVP(CSSM_DL_DB_RECORD_UNLOCK_REFERRAL),
  71         NVP(CSSM_DL_DB_RECORD_EXTENDED_ATTRIBUTE),
  72         NVP_END
  73 };
  74
  75 /* CSSM_CERT_TYPE names */
  76 const NameValuePair certTypeNames[] =
  77 {
  78         NVP(CSSM_CERT_UNKNOWN),
  79         NVP(CSSM_CERT_X_509v1),
  80         NVP(CSSM_CERT_X_509v2),
  81         NVP(CSSM_CERT_X_509v3),
  82         NVP(CSSM_CERT_PGP),
  83         NVP(CSSM_CERT_SPKI),
  84         NVP(CSSM_CERT_SDSIv1),
  85         NVP(CSSM_CERT_Intel),
  86         NVP(CSSM_CERT_X_509_ATTRIBUTE),
  87         NVP(CSSM_CERT_X9_ATTRIBUTE),
  88         NVP(CSSM_CERT_TUPLE),
  89         NVP(CSSM_CERT_ACL_ENTRY),
  90         NVP(CSSM_CERT_MULTIPLE),
  91         NVP_END
  92 };
  93
  94 /* CSSM_CERT_ENCODING names */
  95 const NameValuePair certEncodingNames[] =
  96 {
  97         NVP(CSSM_CERT_ENCODING_UNKNOWN),
  98         NVP(CSSM_CERT_ENCODING_CUSTOM),
  99         NVP(CSSM_CERT_ENCODING_BER),
 100         NVP(CSSM_CERT_ENCODING_DER),
 101         NVP(CSSM_CERT_ENCODING_NDR),
 102         NVP(CSSM_CERT_ENCODING_SEXPR),
 103         NVP(CSSM_CERT_ENCODING_PGP),
 104         NVP(CSSM_CERT_ENCODING_MULTIPLE),
 105         NVP_END
 106 };
 107
 108 /* CSSM_CRL_TYPE names */
 109 const NameValuePair crlTypeNames[] =
 110 {
 111         NVP(CSSM_CRL_TYPE_UNKNOWN),
 112         NVP(CSSM_CRL_TYPE_X_509v1),
 113         NVP(CSSM_CRL_TYPE_X_509v2),
 114         NVP(CSSM_CRL_TYPE_SPKI),
 115         NVP(CSSM_CRL_TYPE_MULTIPLE),
 116         NVP_END
 117 };
 118
 119 /* CSSM_CRL_ENCODING names */
 120 const NameValuePair crlEncodingNames[] =
 121 {
 122         NVP(CSSM_CRL_ENCODING_UNKNOWN),
 123         NVP(CSSM_CRL_ENCODING_CUSTOM),
 124         NVP(CSSM_CRL_ENCODING_BER),
 125         NVP(CSSM_CRL_ENCODING_DER),
 126         NVP(CSSM_CRL_ENCODING_BLOOM),
 127         NVP(CSSM_CRL_ENCODING_SEXPR),
 128         NVP(CSSM_CRL_ENCODING_MULTIPLE),
 129         NVP_END
 130 };
 131
 132
 133 /* CSSM_ALGORITHMS names */
 134 const NameValuePair algIdNames[] =
 135 {
 136         NVP(CSSM_ALGID_NONE),
 137         NVP(CSSM_ALGID_DES),
 138         NVP(CSSM_ALGID_DESX),
 139         NVP(CSSM_ALGID_3DES_3KEY_EDE),
 140         NVP(CSSM_ALGID_3DES_3KEY),
 141         NVP(CSSM_ALGID_RC2),
 142         NVP(CSSM_ALGID_RC5),
 143         NVP(CSSM_ALGID_RC4),
 144         NVP(CSSM_ALGID_RSA),
 145         NVP(CSSM_ALGID_DSA),
 146         NVP(CSSM_ALGID_FEE),
 147         NVP_END
 148 };
 149
 150 /* CSSM_DL_DB_SCHEMA_INFO */
 151 static const CSSM_DB_ATTRIBUTE_INFO schemaInfoAttrs[] = {
 152         DB_ATTRIBUTE(RelationID, UINT32),
 153         DB_ATTRIBUTE(RelationName, STRING),
 154 };
 155
 156 static const NameValuePair *schemaInfoNvp[] = {
 157         recordTypeNames,
 158         NULL
 159 };
 160
 161 const RelationInfo schemaInfoRelation =
 162         RELATION_INFO(CSSM_DL_DB_SCHEMA_INFO,
 163                 schemaInfoAttrs,
 164                 schemaInfoNvp);
 165
 166 /* CSSM_DL_DB_RECORD_ALL_KEYS (partial) */
 167 static const CSSM_DB_ATTRIBUTE_INFO allKeysAttrs[] = {
 168         DB_ATTRIBUTE(KeyClass, UINT32),
 169         DB_ATTRIBUTE(KeyType, UINT32),
 170         DB_ATTRIBUTE(PrintName, BLOB),
 171         DB_ATTRIBUTE(Alias, BLOB),
 172         DB_ATTRIBUTE(Permanent, UINT32),
 173         DB_ATTRIBUTE(Private, UINT32),
 174         DB_ATTRIBUTE(Modifiable, UINT32),
 175         DB_ATTRIBUTE(Label, BLOB),
 176         DB_ATTRIBUTE(ApplicationTag, BLOB),
 177         DB_ATTRIBUTE(KeyCreator, BLOB),
 178         DB_ATTRIBUTE(KeySizeInBits, UINT32),
 179         DB_ATTRIBUTE(EffectiveKeySize, UINT32),
 180         DB_ATTRIBUTE(StartDate, BLOB),
 181         DB_ATTRIBUTE(EndDate, BLOB),
 182         DB_ATTRIBUTE(Sensitive, UINT32),
 183         DB_ATTRIBUTE(AlwaysSensitive, UINT32),
 184         DB_ATTRIBUTE(Extractable, UINT32),
 185         DB_ATTRIBUTE(NeverExtractable, UINT32),
 186         DB_ATTRIBUTE(Encrypt, UINT32),
 187         DB_ATTRIBUTE(Decrypt, UINT32),
 188         DB_ATTRIBUTE(Derive, UINT32),
 189         DB_ATTRIBUTE(Sign, UINT32),
 190         DB_ATTRIBUTE(Verify, UINT32),
 191         DB_ATTRIBUTE(SignRecover, UINT32),
 192         DB_ATTRIBUTE(VerifyRecover, UINT32),
 193         DB_ATTRIBUTE(Wrap, UINT32),
 194         DB_ATTRIBUTE(Unwrap, UINT32),
 195 };
 196
 197 static const NameValuePair *allKeysNvp[] = {
 198         recordTypeNames,                /* KeyClass - in this context,
 199                                                          * a subset of these */
 200         algIdNames,
 201         NULL,
 202         NULL,
 203         NULL,
 204         NULL,
 205         NULL,
 206         NULL,
 207         NULL,
 208         NULL,
 209         NULL,
 210         NULL,
 211         NULL,
 212         NULL,
 213         NULL,
 214         NULL,
 215         NULL,
 216         NULL,
 217         NULL,
 218         NULL,
 219         NULL,
 220         NULL,
 221         NULL,
 222         NULL,
 223         NULL,
 224         NULL,
 225         NULL
 226 };
 227
 228 const RelationInfo allKeysRelation =
 229         RELATION_INFO(CSSM_DL_DB_RECORD_ALL_KEYS,
 230                 allKeysAttrs,
 231                 allKeysNvp);
 232
 233 /* CSSM_DL_DB_RECORD_ANY, with the few attrs that all records have in common */
 234 static const CSSM_DB_ATTRIBUTE_INFO anyRecordAttrs[] = {
 235         DB_ATTRIBUTE(PrintName, BLOB)
 236 };
 237
 238 static const NameValuePair *anyRecordNvp[] = {
 239         NULL
 240 };
 241
 242 const RelationInfo anyRecordRelation =
 243         RELATION_INFO(CSSM_DL_DB_RECORD_ANY,
 244                 anyRecordAttrs,
 245                 anyRecordNvp);
 246
 247 /* CSSM_DL_DB_RECORD_CERT - obsolete */
 248 static const CSSM_DB_ATTRIBUTE_INFO certRecordAttrs[] = {
 249         DB_ATTRIBUTE(CertType, UINT32),
 250         DB_ATTRIBUTE(CertEncoding, UINT32),
 251         DB_ATTRIBUTE(PrintName, BLOB),
 252         DB_ATTRIBUTE(Alias, BLOB),
 253         DB_ATTRIBUTE(CertIdentity, BLOB),
 254         DB_ATTRIBUTE(KeyLabel, BLOB)
 255 };
 256
 257 static const NameValuePair *certRecordNvp[] = {
 258         certTypeNames,
 259         certEncodingNames,
 260         NULL,
 261         NULL,
 262         NULL,
 263         NULL
 264 };
 265
 266 const RelationInfo certRecordRelation =
 267         RELATION_INFO(CSSM_DL_DB_RECORD_CERT,
 268                 certRecordAttrs,
 269                 certRecordNvp);
 270
 271 /* Apple-specific CSSM_DL_DB_RECORD_X509_CERTIFICATE */
 272 static const CSSM_DB_ATTRIBUTE_INFO x509CertRecordAttrs[] = {
 273         DB_ATTRIBUTE(CertType, UINT32),
 274         DB_ATTRIBUTE(CertEncoding, UINT32),
 275         DB_ATTRIBUTE(PrintName, BLOB),
 276         DB_ATTRIBUTE(Alias, BLOB),
 277         DB_ATTRIBUTE(Subject, BLOB),
 278         DB_ATTRIBUTE(Issuer, BLOB),
 279         DB_ATTRIBUTE(SerialNumber, BLOB),
 280         DB_ATTRIBUTE(SubjectKeyIdentifier, BLOB),
 281         DB_ATTRIBUTE(PublicKeyHash, BLOB)
 282 };
 283
 284 static const NameValuePair *x509CertRecordNvp[] = {
 285         certTypeNames,
 286         certEncodingNames,
 287         NULL,
 288         NULL,
 289         NULL,
 290         NULL,
 291         NULL,
 292         NULL,
 293         NULL
 294 };
 295
 296 const RelationInfo x509CertRecordRelation =
 297         RELATION_INFO(CSSM_DL_DB_RECORD_X509_CERTIFICATE,
 298                 x509CertRecordAttrs,
 299                 x509CertRecordNvp);
 300
 301
 302 /* Apple-specific CSSM_DL_DB_RECORD_X509_CRL */
 303 static const CSSM_DB_ATTRIBUTE_INFO x509CrlRecordAttrs[] = {
 304         DB_ATTRIBUTE(CrlType, UINT32),
 305         DB_ATTRIBUTE(CrlEncoding, UINT32),
 306         DB_ATTRIBUTE(PrintName, BLOB),
 307         DB_ATTRIBUTE(Alias, BLOB),
 308         DB_ATTRIBUTE(Issuer, BLOB),
 309         DB_ATTRIBUTE(ThisUpdate, BLOB),
 310         DB_ATTRIBUTE(NextUpdate, BLOB),
 311         DB_ATTRIBUTE(URI, BLOB),
 312         DB_ATTRIBUTE(CrlNumber, UINT32),
 313         DB_ATTRIBUTE(DeltaCrlNumber, UINT32),
 314 };
 315
 316 static const NameValuePair *x509CrlRecordNvp[] = {
 317         crlTypeNames,
 318         crlEncodingNames,
 319         NULL,
 320         NULL,
 321         NULL,
 322         NULL,
 323         NULL,
 324         NULL,
 325         NULL
 326 };
 327
 328 const RelationInfo x509CrlRecordRelation =
 329         RELATION_INFO(CSSM_DL_DB_RECORD_X509_CRL,
 330                 x509CrlRecordAttrs,
 331                 x509CrlRecordNvp);
 332
 333
 334 /* generic keychain template, when recordType unknown  */
 335 static const CSSM_DB_ATTRIBUTE_INFO genericKcAttrs[] = {
 336         DB_INT_ATTRIBUTE(kSecInvisibleItemAttr, SINT32),
 337         DB_ATTRIBUTE(PrintName, BLOB),
 338         DB_INT_ATTRIBUTE(kSecDescriptionItemAttr, BLOB),
 339         DB_INT_ATTRIBUTE(kSecTypeItemAttr, UINT32),
 340         /* more to come */
 341 };
 342
 343 static const NameValuePair *genericKcNvp[] = {
 344         NULL,
 345         NULL,
 346         NULL,
 347         NULL,
 348         NULL
 349 };
 350
 351 const RelationInfo genericKcRelation =
 352         RELATION_INFO(0,                        // not used!
 353                 genericKcAttrs,
 354                 genericKcNvp);
 355
 356 /* UserTrust */
 357 static const CSSM_DB_ATTRIBUTE_INFO userTrustAttrs[] = {
 358         DB_ATTRIBUTE(TrustedCertificate, BLOB),
 359         DB_ATTRIBUTE(TrustedPolicy, BLOB),
 360         DB_ATTRIBUTE(PrintName, BLOB),
 361 };
 362
 363 static const NameValuePair *userTrustNvp[] = {
 364         NULL,
 365         NULL,
 366         NULL,
 367         NULL,
 368 };
 369
 370 const RelationInfo userTrustRelation =
 371         RELATION_INFO(CSSM_DL_DB_RECORD_USER_TRUST,
 372                 userTrustAttrs,
 373                 userTrustNvp);
 374
 375 /* remainder added after the schema were publicly available via Schema.h */
 376
 377 /* unlock referral record */
 378
 379 using namespace Security;
 380 using namespace KeychainCore;
 381
 382 static const CSSM_DB_ATTRIBUTE_INFO unlockReferralRecordAttrs[] =
 383 {
 384         Schema::kUnlockReferralType,
 385         Schema::kUnlockReferralDbName,
 386         Schema::kUnlockReferralDbGuid,
 387         Schema::kUnlockReferralDbSSID,
 388         Schema::kUnlockReferralDbSSType,
 389         Schema::kUnlockReferralDbNetname,
 390         Schema::kUnlockReferralKeyLabel,
 391         Schema::kUnlockReferralKeyAppTag,
 392         Schema::kUnlockReferralPrintName,
 393         Schema::kUnlockReferralAlias
 394 };
 395
 396 const NameValuePair referralTypeNames[] =
 397 {
 398         NVP(CSSM_APPLE_UNLOCK_TYPE_KEY_DIRECT),
 399         NVP(CSSM_APPLE_UNLOCK_TYPE_WRAPPED_PRIVATE),
 400         NVP_END
 401 };
 402
 403
 404 static const NameValuePair *referralNvp[] = {
 405         referralTypeNames,
 406         NULL,
 407         NULL,
 408         NULL,
 409         NULL,
 410         NULL,
 411         NULL,
 412         NULL,
 413         NULL,
 414         NULL
 415 };
 416
 417 const RelationInfo referralRecordRelation =
 418         RELATION_INFO(CSSM_DL_DB_RECORD_UNLOCK_REFERRAL,
 419                 unlockReferralRecordAttrs,
 420                 referralNvp);
 421
 422 /* extended attribute record */
 423 static const CSSM_DB_ATTRIBUTE_INFO extendedAttrRecordAttrs[] =
 424 {
 425         Schema::kExtendedAttributeRecordType,
 426         Schema::kExtendedAttributeItemID,
 427         Schema::kExtendedAttributeAttributeName,
 428         Schema::kExtendedAttributeModDate,
 429         Schema::kExtendedAttributeAttributeValue
 430 };
 431
 432 static const NameValuePair *extendedAttrNvp[] = {
 433         recordTypeNames,
 434         NULL,
 435         NULL,
 436         NULL,
 437         NULL
 438 };
 439
 440 const RelationInfo extendedAttrRelation =
 441         RELATION_INFO(CSSM_DL_DB_RECORD_EXTENDED_ATTRIBUTE,
 442                 extendedAttrRecordAttrs,
 443                 extendedAttrNvp);
 444