2 * Copyright (c) 2006-2014 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 * SecItemSchema.c - CoreFoundation-based constants and functions for
26 access to Security items (certificates, keys, identities, and
30 #include "SecItemSchema.h"
31 #include <securityd/SecDbKeychainItem.h>
32 #include <keychain/ckks/CKKS.h>
33 #include "CheckV12DevEnabled.h"
36 // MARK Keychain version 6 schema
38 #define __FLAGS(ARG, ...) SECDBFLAGS(__VA_ARGS__)
39 #define SECDBFLAGS(ARG, ...) __FLAGS_##ARG | __FLAGS(__VA_ARGS__)
41 #define SecDbFlags(P,L,I,S,A,D,R,C,H,B,Z,E,N,U,V,Y) (__FLAGS_##P|__FLAGS_##L|__FLAGS_##I|__FLAGS_##S|__FLAGS_##A|__FLAGS_##D|__FLAGS_##R|__FLAGS_##C|__FLAGS_##H|__FLAGS_##B|__FLAGS_##Z|__FLAGS_##E|__FLAGS_##N|__FLAGS_##U|__FLAGS_##V|__FLAGS_##Y)
44 #define __FLAGS_P kSecDbPrimaryKeyFlag
45 #define __FLAGS_L kSecDbInFlag
46 #define __FLAGS_I kSecDbIndexFlag
47 #define __FLAGS_S kSecDbSHA1ValueInFlag
48 #define __FLAGS_A kSecDbReturnAttrFlag
49 #define __FLAGS_D kSecDbReturnDataFlag
50 #define __FLAGS_R kSecDbReturnRefFlag
51 #define __FLAGS_C kSecDbInCryptoDataFlag
52 #define __FLAGS_H kSecDbInHashFlag
53 #define __FLAGS_B kSecDbInBackupFlag
54 #define __FLAGS_Z kSecDbDefault0Flag
55 #define __FLAGS_E kSecDbDefaultEmptyFlag
56 #define __FLAGS_N kSecDbNotNullFlag
57 #define __FLAGS_U kSecDbInAuthenticatedDataFlag
58 #define __FLAGS_V0 kSecDbSyncPrimaryKeyV0
59 #define __FLAGS_V2 (kSecDbSyncPrimaryKeyV0 | kSecDbSyncPrimaryKeyV2)
60 #define __FLAGS_Y kSecDbSyncFlag
62 // ,----------------- P : Part of primary key
63 // / ,---------------- L : Stored in local database
64 // / / ,--------------- I : Attribute wants an index in the database
65 // / / / ,-------------- S : SHA1 hashed attribute value in database (implies L)
66 // / / / / ,------------- A : Returned to client as attribute in queries
67 // / / / / / ,------------ D : Returned to client as data in queries
68 // / / / / / / ,----------- R : Returned to client as ref/persistent ref in queries
69 // / / / / / / / ,---------- C : Part of encrypted blob
70 // / / / / / / / / ,--------- H : Attribute is part of item SHA1 hash (Implied by C)
71 // / / / / / / / / / ,-------- B : Attribute is part of iTunes/iCloud backup bag
72 // / / / / / / / / / / ,------- Z : Attribute has a default value of 0
73 // / / / / / / / / / / / ,------ E : Attribute has a default value of "" or empty data
74 // / / / / / / / / / / / / ,----- N : Attribute must have a value
75 // / / / / / / / / / / / / / ,---- U : Attribute is stored in authenticated, but not necessarily encrypted data
76 // / / / / / / / / / / / / / / ,--- V0: Sync primary key version
77 // / / / / / / / / / / / / / / / ,- Y : Attribute should be synced
78 // | | | | | | | | | | | | | | | |
79 // common to all | | | | | | | | | | | | | | | |
80 SECDB_ATTR(v6rowid
, "rowid", RowId
, SecDbFlags( ,L
, , , , ,R
, , ,B
, , , , , , ), NULL
, NULL
);
81 SECDB_ATTR(v6cdat
, "cdat", CreationDate
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), SecDbKeychainItemCopyCurrentDate
, NULL
);
82 SECDB_ATTR(v6mdat
, "mdat",ModificationDate
,SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), SecDbKeychainItemCopyCurrentDate
, NULL
);
83 SECDB_ATTR(v6labl
, "labl", Blob
, SecDbFlags( ,L
, ,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
84 SECDB_ATTR(v6data
, "data", EncryptedData
, SecDbFlags( ,L
, , , , , , , ,B
, , , , , , ), SecDbKeychainItemCopyEncryptedData
, NULL
);
85 SECDB_ATTR(v6agrp
, "agrp", String
, SecDbFlags(P
,L
,I
, ,A
, , , ,H
, , , ,N
,U
,V0
,Y
), NULL
, NULL
);
86 SECDB_ATTR(v6pdmn
, "pdmn", Access
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
87 SECDB_ATTR(v6sync
, "sync", Sync
, SecDbFlags(P
,L
,I
, ,A
, , , ,H
, ,Z
, ,N
,U
,V0
, ), NULL
, NULL
);
88 SECDB_ATTR(v6tomb
, "tomb", Tomb
, SecDbFlags( ,L
, , , , , , ,H
, ,Z
, ,N
,U
, ,Y
), NULL
, NULL
);
89 SECDB_ATTR(v6sha1
, "sha1", SHA1
, SecDbFlags( ,L
,I
, ,A
, ,R
, , , , , , , , ,Y
), SecDbKeychainItemCopySHA1
, NULL
);
90 SECDB_ATTR(v6accc
, "accc", AccessControl
, SecDbFlags( , , , ,A
, , , , , , , , , , , ), NULL
, NULL
);
91 SECDB_ATTR(v6v_Data
, "v_Data", Data
, SecDbFlags( , , , , ,D
, ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
92 SECDB_ATTR(v6v_pk
, "v_pk", PrimaryKey
, SecDbFlags( , , , , , , , , , , , , , , , ), SecDbKeychainItemCopyPrimaryKey
, NULL
);
93 SECDB_ATTR(v7vwht
, "vwht", String
, SecDbFlags(P
,L
,I
, ,A
, , , ,H
, , , , ,U
,V2
,Y
), NULL
, NULL
);
94 SECDB_ATTR(v7tkid
, "tkid", String
, SecDbFlags(P
,L
,I
, ,A
, , , ,H
, , , , ,U
,V2
,Y
), NULL
, NULL
);
95 SECDB_ATTR(v7utomb
, "u_Tomb", UTomb
, SecDbFlags( , , , , , , , , , , , , , , , ), NULL
, NULL
);
96 SECDB_ATTR(v8musr
, "musr", UUID
, SecDbFlags(P
,L
,I
, , , , , , , , , ,N
,U
, ,Y
), NULL
, NULL
);
97 // genp and inet and keys | | | | | | | | | | | | | | | |
98 SECDB_ATTR(v6crtr
, "crtr", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
99 SECDB_ATTR(v6alis
, "alis", Blob
, SecDbFlags( ,L
, ,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
100 // genp and inet | | | | | | | | | | | | | | | |
101 SECDB_ATTR(v6desc
, "desc", Blob
, SecDbFlags( ,L
, ,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
102 SECDB_ATTR(v6icmt
, "icmt", Blob
, SecDbFlags( ,L
, ,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
103 SECDB_ATTR(v6type
, "type", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
104 SECDB_ATTR(v6invi
, "invi", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
105 SECDB_ATTR(v6nega
, "nega", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
106 SECDB_ATTR(v6cusi
, "cusi", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
107 SECDB_ATTR(v6prot
, "prot", Blob
, SecDbFlags( ,L
, ,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
108 SECDB_ATTR(v6scrp
, "scrp", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
109 SECDB_ATTR(v6acct
, "acct", Blob
, SecDbFlags(P
,L
,I
,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
110 // genp only | | | | | | | | | | | | | | | |
111 SECDB_ATTR(v6svce
, "svce", Blob
, SecDbFlags(P
,L
,I
,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
112 SECDB_ATTR(v6gena
, "gena", Blob
, SecDbFlags( ,L
, ,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
113 // inet only | | | | | | | | | | | | | | | |
114 SECDB_ATTR(v6sdmn
, "sdmn", Blob
, SecDbFlags(P
,L
,I
,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
115 SECDB_ATTR(v6srvr
, "srvr", Blob
, SecDbFlags(P
,L
,I
,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
116 SECDB_ATTR(v6ptcl
, "ptcl", Number
, SecDbFlags(P
,L
,I
, ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
117 SECDB_ATTR(v6atyp
, "atyp", Blob
, SecDbFlags(P
,L
,I
,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
118 SECDB_ATTR(v6port
, "port", Number
, SecDbFlags(P
,L
,I
, ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
119 SECDB_ATTR(v6path
, "path", Blob
, SecDbFlags(P
,L
,I
,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
120 // cert only | | | | | | | | | | | | | | | |
121 SECDB_ATTR(v6ctyp
, "ctyp", Number
, SecDbFlags(P
,L
,I
, ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
122 SECDB_ATTR(v6cenc
, "cenc", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
123 SECDB_ATTR(v6subj
, "subj", Data
, SecDbFlags( ,L
,I
,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
124 SECDB_ATTR(v6issr
, "issr", Data
, SecDbFlags(P
,L
,I
,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
125 SECDB_ATTR(v6slnr
, "slnr", Data
, SecDbFlags(P
,L
,I
,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
126 SECDB_ATTR(v6skid
, "skid", Data
, SecDbFlags( ,L
,I
,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
127 SECDB_ATTR(v6pkhh
, "pkhh", Data
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
128 // cert attributes that share names with common ones but have different flags
129 SECDB_ATTR(v6certalis
, "alis", Blob
, SecDbFlags( ,L
,I
,S
,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
130 // keys only | | | | | | | | | | | | | | | |
131 SECDB_ATTR(v6kcls
, "kcls", Number
, SecDbFlags(P
,L
,I
,S
,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
132 SECDB_ATTR(v6perm
, "perm", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
133 SECDB_ATTR(v6priv
, "priv", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
134 SECDB_ATTR(v6modi
, "modi", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
135 SECDB_ATTR(v6klbl
, "klbl", Data
, SecDbFlags(P
,L
,I
, ,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
136 SECDB_ATTR(v6atag
, "atag", Blob
, SecDbFlags(P
,L
,I
,S
,A
, , ,C
,H
, , ,E
,N
, ,V0
,Y
), NULL
, NULL
);
137 SECDB_ATTR(v6bsiz
, "bsiz", Number
, SecDbFlags(P
,L
,I
, ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
138 SECDB_ATTR(v6esiz
, "esiz", Number
, SecDbFlags(P
,L
,I
, ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
139 SECDB_ATTR(v6sdat
, "sdat", Date
, SecDbFlags(P
,L
,I
, ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
140 SECDB_ATTR(v6edat
, "edat", Date
, SecDbFlags(P
,L
,I
, ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
141 SECDB_ATTR(v6sens
, "sens", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
142 SECDB_ATTR(v6asen
, "asen", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
143 SECDB_ATTR(v6extr
, "extr", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
144 SECDB_ATTR(v6next
, "next", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
145 SECDB_ATTR(v6encr
, "encr", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
146 SECDB_ATTR(v6decr
, "decr", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
147 SECDB_ATTR(v6drve
, "drve", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
148 SECDB_ATTR(v6sign
, "sign", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
149 SECDB_ATTR(v6vrfy
, "vrfy", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
150 SECDB_ATTR(v6snrc
, "snrc", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
151 SECDB_ATTR(v6vyrc
, "vyrc", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
152 SECDB_ATTR(v6wrap
, "wrap", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
153 SECDB_ATTR(v6unwp
, "unwp", Number
, SecDbFlags( ,L
,I
, ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
154 // keys attributes that share names with common ones but have different flags
155 SECDB_ATTR(v6keytype
, "type", Number
, SecDbFlags(P
,L
,I
, ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
156 SECDB_ATTR(v6keycrtr
, "crtr", Number
, SecDbFlags(P
,L
,I
, ,A
, , ,C
,H
, ,Z
, ,N
, ,V0
,Y
), NULL
, NULL
);
157 // | | | | | | | | | | | | | | |
158 SECDB_ATTR(v6version
, "version", Number
, SecDbFlags(P
,L
,I
, , , , , , , , , ,N
, , ,Y
), NULL
, NULL
);
159 SECDB_ATTR(v91minor
, "minor", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
, , ,Y
), NULL
, NULL
);
161 SECDB_ATTR(v10_1pcsservice
, "pcss", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
162 SECDB_ATTR(v10_1pcspublickey
, "pcsk", Blob
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
163 SECDB_ATTR(v10_1pcspublicidentity
,"pcsi", Blob
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, , , , , , ,Y
), NULL
, NULL
);
165 SECDB_ATTR(v10itemuuid
, "UUID", String
, SecDbFlags( ,L
,I
, , , , , , , , , , ,U
, , ), NULL
, NULL
);
166 SECDB_ATTR(v10syncuuid
, "UUID", String
, SecDbFlags(P
,L
,I
, , , , , , , , , , ,U
, , ), NULL
, NULL
);
167 SECDB_ATTR(v10parentKeyUUID
, "parentKeyUUID", String
, SecDbFlags( ,L
,I
, , , , , , , , , ,N
, , , ), NULL
, NULL
);
168 SECDB_ATTR(v10currentKeyUUID
,"currentKeyUUID",String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
169 SECDB_ATTR(v10wrappedkey
, "wrappedkey", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
170 SECDB_ATTR(v10encrypteditem
, "encitem", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
171 SECDB_ATTR(v10gencount
, "gencount", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
, , , ), NULL
, NULL
);
172 SECDB_ATTR(v10action
, "action", String
, SecDbFlags( ,L
,I
, , , , , , , , , ,N
, , , ), NULL
, NULL
);
173 SECDB_ATTR(v10state
, "state", String
, SecDbFlags(P
,L
,I
, , , , , , , , , ,N
, , , ), NULL
, NULL
);
174 SECDB_ATTR(v10waituntiltime
, "waituntil", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
175 SECDB_ATTR(v10encodedCKRecord
, "ckrecord", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
176 SECDB_ATTR(v10_1wasCurrent
, "wascurrent", Number
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
177 SECDB_ATTR(v10accessgroup
, "accessgroup", String
, SecDbFlags( ,L
,I
, , , , , , , , , ,N
, , , ), NULL
, NULL
);
178 SECDB_ATTR(v10keyclass
, "keyclass", String
, SecDbFlags(P
,L
,I
, , , , , , , , , ,N
, , , ), NULL
, NULL
);
179 SECDB_ATTR(v10currentkey
, "currentkey", Number
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
180 SECDB_ATTR(v10ckzone
, "ckzone", String
, SecDbFlags(P
,L
,I
, , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
181 SECDB_ATTR(v10ckzonecreated
, "ckzonecreated", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, , ,N
, , ), NULL
, NULL
);
182 SECDB_ATTR(v10ckzonesubscribed
,"ckzonesubscribed", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
, , , ), NULL
, NULL
);
183 SECDB_ATTR(v10ratelimiter
, "ratelimiter", Blob
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
184 SECDB_ATTR(v10changetoken
, "changetoken", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
185 SECDB_ATTR(v10lastfetchtime
, "lastfetch", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
186 SECDB_ATTR(v10itempersistentref
,"persistref", UUID
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
187 SECDB_ATTR(v10sysbound
, "sysb", Number
, SecDbFlags( ,L
, , ,A
, , ,C
,H
, ,Z
, , , , , ), NULL
, NULL
);
188 SECDB_ATTR(v10encryptionver
, "encver", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
,U
, , ), NULL
, NULL
);
190 SECDB_ATTR(v10primaryKey
, "primaryKey", String
, SecDbFlags(P
,L
,I
, ,A
, , , , , , , ,N
,U
, , ), NULL
, NULL
);
191 SECDB_ATTR(v10publickeyHash
, "publickeyHash", Blob
, SecDbFlags(P
,L
,I
, , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
192 SECDB_ATTR(v10publickey
, "publickey", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
193 SECDB_ATTR(v10backupData
, "backupData", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
195 SECDB_ATTR(v10_1digest
, "digest", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
196 SECDB_ATTR(v10_1signatures
, "signatures", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
197 SECDB_ATTR(v10_1signerID
, "signerID", String
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
198 SECDB_ATTR(v10_1leafIDs
, "leafIDs", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
199 SECDB_ATTR(v10_1peerManIDs
, "peerManifests", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
200 SECDB_ATTR(v10_1entryDigests
,"entryDigests", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
201 SECDB_ATTR(v10_2currentItems
,"currentItems", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
202 SECDB_ATTR(v10_2futureData
, "futureData", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
203 SECDB_ATTR(v10_2schema
, "schema", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
204 SECDB_ATTR(v10_1encRecord
, "ckrecord", Blob
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
206 SECDB_ATTR(v10_1keyArchiveHash
, "key_archive_hash", String
, SecDbFlags(P
,L
,I
, , , , , , , , , ,N
, , , ), NULL
, NULL
);
207 SECDB_ATTR(v10_1keyArchive
, "key_archive", String
, SecDbFlags(P
,L
,I
, , , , , , , , , ,N
, , , ), NULL
, NULL
);
208 SECDB_ATTR(v10_1archivedKey
, "archived_key", String
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
209 SECDB_ATTR(v10_1keyArchiveName
, "keyarchive_name", String
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
210 SECDB_ATTR(v10_1optionalEncodedCKRecord
, "ckrecord", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
211 SECDB_ATTR(v10_1archiveEscrowID
,"archive_escrowid", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
213 SECDB_ATTR(v10_1itempersistentref
,"persistref", UUID
, SecDbFlags( ,L
,I
, , , , , , , , , ,N
,U
, , ), NULL
, NULL
);
215 SECDB_ATTR(v10_1currentItemUUID
,"currentItemUUID",String
, SecDbFlags(P
,L
,I
, , , , , , , , , , , , , ), NULL
, NULL
);
216 SECDB_ATTR(v10_4currentItemUUID
,"currentItemUUID",String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
217 SECDB_ATTR(v10_1currentPtrIdentifier
,"identifier",String
, SecDbFlags(P
,L
,I
, , , , , , , , , , , , , ), NULL
, NULL
);
219 SECDB_ATTR(v10_2device
, "device", String
, SecDbFlags(P
,L
,I
, , , , , , , , , , , , , ), NULL
, NULL
);
220 SECDB_ATTR(v10_2peerid
, "peerid", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
221 SECDB_ATTR(v10_2circleStatus
,"circlestatus", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
222 SECDB_ATTR(v10_2keyState
, "keystate", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
223 SECDB_ATTR(v10_2currentTLK
, "currentTLK", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
224 SECDB_ATTR(v10_2currentClassA
,"currentClassA",String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
225 SECDB_ATTR(v10_2currentClassC
,"currentClassC",String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
227 SECDB_ATTR(v10_4lastFixup
, "lastfixup", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, , ,N
, , ), NULL
, NULL
);
229 SECDB_ATTR(v10_5senderPeerID
,"senderpeerid", String
, SecDbFlags(P
,L
,I
, , , , , , , , , , , , , ), NULL
, NULL
);
230 SECDB_ATTR(v10_5recvPeerID
, "recvpeerid", String
, SecDbFlags(P
,L
,I
, , , , , , , , , , , , , ), NULL
, NULL
);
231 SECDB_ATTR(v10_5recvPubKey
, "recvpubenckey", Blob
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
232 SECDB_ATTR(v10_5curve
, "curve", Number
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
233 SECDB_ATTR(v10_5poisoned
, "poisoned", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
, , , ), NULL
, NULL
);
234 SECDB_ATTR(v10_5epoch
, "epoch", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
, , , ), NULL
, NULL
);
235 SECDB_ATTR(v10_5signature
, "signature", Blob
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
236 SECDB_ATTR(v10_5version
, "version", Number
, SecDbFlags( ,L
, , , , , , , , ,Z
, ,N
,U
, , ), NULL
, NULL
);
238 SECDB_ATTR(v11_1osversion
, "osversion", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
239 SECDB_ATTR(v11_1lastunlock
, "lastunlock", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
241 SECDB_ATTR(v11_2actualKeyclass
, "actualKeyclass", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
243 SECDB_ATTR(v11_5octagonpeerid
, "octagonpeerid", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
244 SECDB_ATTR(v11_5octagonStatus
, "octagonstatus", String
, SecDbFlags( ,L
, , , , , , , , , , , , , , ), NULL
, NULL
);
246 SECDB_ATTR(v12_backupUUIDPrimary
, "backupUUID", UUID
, SecDbFlags(P
,L
,I
, , , , , , , , , ,N
, , , ), NULL
, NULL
);
247 SECDB_ATTR(v12_backupUUID
, "backupUUID", UUID
, SecDbFlags( ,L
,I
, , , , , , , , ,E
, , , , ), NULL
, NULL
);
248 SECDB_ATTR(v12_backupBag
, "backupbag", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
249 SECDB_ATTR(v12_defaultValue
, "defaultvalue", Number
, SecDbFlags( ,L
,I
, , , , , , , ,Z
, , , , , ), NULL
, NULL
);
250 SECDB_ATTR(v12_keyClassSigningKey
, "signingkey", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
251 SECDB_ATTR(v12_recoveryType
, "recoverytype", String
, SecDbFlags(P
,L
,I
, , , , , , , , , ,N
, , , ), NULL
, NULL
);
252 SECDB_ATTR(v12_recoverySet
, "recoveryset", Blob
, SecDbFlags( ,L
, , , , , , , , , , ,N
, , , ), NULL
, NULL
);
253 SECDB_ATTR(v12_metadatakeydata
, "metadatakeydata", Blob
, SecDbFlags( ,L
, , , , , , , , , ,E
, , , , ), NULL
, NULL
);
255 const SecDbClass v12_backupbags_class
= {
256 .name
= CFSTR("backupbags"),
259 &v12_backupUUIDPrimary
, // primary
266 const SecDbClass v12_backupkeyclasssigningkeys_class
= {
267 .name
= CFSTR("backupkeyclasssigningkeys"),
270 &v10keyclass
, // primary
271 &v12_backupUUIDPrimary
, // primary
272 &v12_keyClassSigningKey
,
277 const SecDbClass v12_backuprecoverysets_class
= {
278 .name
= CFSTR("backuprecoverysets"),
281 &v12_backupUUIDPrimary
, // primary
282 &v12_recoveryType
, // primary
288 const SecDbClass v12_metadatakeys_class
= {
289 .name
= CFSTR("metadatakeys"),
293 &v11_2actualKeyclass
,
295 &v12_metadatakeydata
,
300 const SecDbClass v12_genp_class
= {
301 .name
= CFSTR("genp"),
338 &v10_1pcspublicidentity
,
339 &v10_1itempersistentref
,
345 const SecDbClass v12_inet_class
= {
346 .name
= CFSTR("inet"),
387 &v10_1pcspublicidentity
,
388 &v10_1itempersistentref
,
394 const SecDbClass v12_cert_class
= {
395 .name
= CFSTR("cert"),
427 &v10_1pcspublicidentity
,
428 &v10_1itempersistentref
,
434 const SecDbClass v12_keys_class
= {
435 .name
= CFSTR("keys"),
485 &v10_1pcspublicidentity
,
486 &v10_1itempersistentref
,
492 const SecDbClass v11_5_ckdevicestate_class
= {
493 .name
= CFSTR("ckdevicestate"),
513 const SecDbClass v11_2_metadatakeys_class
= {
514 .name
= CFSTR("metadatakeys"),
518 &v11_2actualKeyclass
,
524 const SecDbClass v11_1_ckdevicestate_class
= {
525 .name
= CFSTR("ckdevicestate"),
543 const SecDbClass v11_metadatakeys_class
= {
544 .name
= CFSTR("metadatakeys"),
553 const SecDbClass v10_5_tlkshare_class
= {
554 .name
= CFSTR("tlkshare"),
574 const SecDbClass v10_4_current_item_class
= {
575 .name
= CFSTR("currentitems"),
579 &v10_1currentPtrIdentifier
,
580 &v10_4currentItemUUID
,
587 const SecDbClass v10_4_ckstate_class
= {
588 .name
= CFSTR("ckstate"),
593 &v10ckzonesubscribed
,
602 const SecDbClass v10_3_ckdevicestate_class
= {
603 .name
= CFSTR("ckdevicestate"),
619 const SecDbClass v10_2_ckmanifest_class
= {
620 .name
= CFSTR("ckmanifest"),
638 const SecDbClass v10_2_pending_manifest_class
= {
639 .name
= CFSTR("pending_manifest"),
657 const SecDbClass v10_1_ckmanifest_class
= {
658 .name
= CFSTR("ckmanifest"),
673 const SecDbClass v10_1_pending_manifest_class
= {
674 .name
= CFSTR("pending_manifest"),
689 const SecDbClass v10_1_ckmanifest_leaf_class
= {
690 .name
= CFSTR("ckmanifest_leaf"),
702 const SecDbClass v10_1_pending_manifest_leaf_class
= {
703 .name
= CFSTR("pending_manifest_leaf"),
715 const SecDbClass v10_1_genp_class
= {
716 .name
= CFSTR("genp"),
753 &v10_1pcspublicidentity
,
754 &v10_1itempersistentref
,
759 const SecDbClass v10_1_inet_class
= {
760 .name
= CFSTR("inet"),
801 &v10_1pcspublicidentity
,
802 &v10_1itempersistentref
,
807 const SecDbClass v10_1_cert_class
= {
808 .name
= CFSTR("cert"),
840 &v10_1pcspublicidentity
,
841 &v10_1itempersistentref
,
846 const SecDbClass v10_1_keys_class
= {
847 .name
= CFSTR("keys"),
897 &v10_1pcspublicidentity
,
898 &v10_1itempersistentref
,
903 const SecDbClass v10_0_tversion_class
= {
904 .name
= CFSTR("tversion"),
914 const SecDbClass v10_2_outgoing_queue_class
= {
915 .name
= CFSTR("outgoingqueue"),
929 &v10_1optionalEncodedCKRecord
,
932 &v10_1pcspublicidentity
,
937 const SecDbClass v10_2_incoming_queue_class
= {
938 .name
= CFSTR("incomingqueue"),
950 &v10_1optionalEncodedCKRecord
,
953 &v10_1pcspublicidentity
,
959 const SecDbClass v10_1_outgoing_queue_class
= {
960 .name
= CFSTR("outgoingqueue"),
976 &v10_1pcspublicidentity
,
981 const SecDbClass v10_1_incoming_queue_class
= {
982 .name
= CFSTR("incomingqueue"),
996 &v10_1pcspublicidentity
,
1002 const SecDbClass v10_0_outgoing_queue_class
= {
1003 .name
= CFSTR("outgoingqueue"),
1021 const SecDbClass v10_0_incoming_queue_class
= {
1022 .name
= CFSTR("incomingqueue"),
1038 const SecDbClass v10_0_sync_key_class
= {
1039 .name
= CFSTR("synckeys"),
1049 &v10encodedCKRecord
,
1054 // Stores the "Current Key" records, and parentKeyUUID refers to items in the synckeys table
1055 // Wouldn't foreign keys be nice?
1056 const SecDbClass v10_0_current_key_class
= {
1057 .name
= CFSTR("currentkeys"),
1063 &v10encodedCKRecord
,
1068 const SecDbClass v10_1_current_item_class
= {
1069 .name
= CFSTR("currentitems"),
1073 &v10_1currentPtrIdentifier
,
1074 &v10_1currentItemUUID
,
1076 &v10encodedCKRecord
,
1081 const SecDbClass v10_1_ckmirror_class
= {
1082 .name
= CFSTR("ckmirror"),
1091 &v10encodedCKRecord
,
1096 &v10_1pcspublicidentity
,
1101 const SecDbClass v10_0_ckmirror_class
= {
1102 .name
= CFSTR("ckmirror"),
1111 &v10encodedCKRecord
,
1117 const SecDbClass v10_0_ckstate_class
= {
1118 .name
= CFSTR("ckstate"),
1123 &v10ckzonesubscribed
,
1132 /* Primary keys: v10primaryKey, v8musr */
1133 /* This table is currently unused */
1134 const SecDbClass v10_0_item_backup_class
= {
1135 .name
= CFSTR("item_backup"),
1139 &v10primaryKey
, // Primary key of the original item, from v6v_pk
1141 &v6sha1
, // Hash of the original item
1142 &v10backupData
, // Data wrapped to backup keybag
1143 &v6pkhh
, // Hash of the public key of the backup bag [v10publickeyHash]
1148 /* Backup Keybag table */
1149 /* Primary keys: v10publickeyHash, v8musr */
1150 /* This table is currently unused */
1151 const SecDbClass v10_0_backup_keybag_class
= {
1152 .name
= CFSTR("backup_keybag"),
1156 &v10publickeyHash
, // Hash of the public key of the backup bag
1158 &v10publickey
, // Public key for the asymmetric backup bag
1159 &v6agrp
, // Used for backup agent
1164 const SecDbClass v10_1_backup_keyarchive_class
= {
1165 .name
= CFSTR("backup_keyarchive"),
1168 &v10_1keyArchiveHash
, // Hash of the key archive
1170 &v10_1keyArchive
, // Serialised key archive
1172 &v10_1optionalEncodedCKRecord
,
1173 &v10_1archiveEscrowID
,
1178 const SecDbClass v10_1_current_archived_keys_class
= {
1179 .name
= CFSTR("archived_key_backup"),
1186 &v10_1keyArchiveHash
,
1189 &v10_1optionalEncodedCKRecord
,
1190 &v10_1archiveEscrowID
,
1195 const SecDbClass v10_1_current_keyarchive_class
= {
1196 .name
= CFSTR("currentkeyarchives"),
1199 &v10_1keyArchiveHash
,
1200 &v10_1keyArchiveName
,
1205 /* An identity which is really a cert + a key, so all cert and keys attrs are
1207 const SecDbClass v_identity_class
= {
1208 .name
= CFSTR("idnt"),
1217 * Add backup/restore mechanism
1219 const SecDbSchema v12_0_schema
= {
1227 &v10_0_tversion_class
,
1228 &v10_2_outgoing_queue_class
,
1229 &v10_2_incoming_queue_class
,
1230 &v10_0_sync_key_class
,
1231 &v10_1_ckmirror_class
,
1232 &v10_0_current_key_class
,
1233 &v10_4_ckstate_class
,
1234 &v10_0_item_backup_class
,
1235 &v10_0_backup_keybag_class
,
1236 &v10_2_ckmanifest_class
,
1237 &v10_2_pending_manifest_class
,
1238 &v10_1_ckmanifest_leaf_class
,
1239 &v10_1_backup_keyarchive_class
,
1240 &v10_1_current_keyarchive_class
,
1241 &v10_1_current_archived_keys_class
,
1242 &v10_1_pending_manifest_leaf_class
,
1243 &v10_4_current_item_class
,
1244 &v11_5_ckdevicestate_class
,
1245 &v10_5_tlkshare_class
,
1246 &v12_metadatakeys_class
,
1247 &v12_backupbags_class
,
1248 &v12_backupkeyclasssigningkeys_class
,
1249 &v12_backuprecoverysets_class
,
1255 * Version 11.5 (Add octagon fields to device state)
1257 const SecDbSchema v11_5_schema
= {
1265 &v10_0_tversion_class
,
1266 &v10_2_outgoing_queue_class
,
1267 &v10_2_incoming_queue_class
,
1268 &v10_0_sync_key_class
,
1269 &v10_1_ckmirror_class
,
1270 &v10_0_current_key_class
,
1271 &v10_4_ckstate_class
,
1272 &v10_0_item_backup_class
,
1273 &v10_0_backup_keybag_class
,
1274 &v10_2_ckmanifest_class
,
1275 &v10_2_pending_manifest_class
,
1276 &v10_1_ckmanifest_leaf_class
,
1277 &v10_1_backup_keyarchive_class
,
1278 &v10_1_current_keyarchive_class
,
1279 &v10_1_current_archived_keys_class
,
1280 &v10_1_pending_manifest_leaf_class
,
1281 &v10_4_current_item_class
,
1282 &v11_5_ckdevicestate_class
,
1283 &v10_5_tlkshare_class
,
1284 &v11_2_metadatakeys_class
,
1291 * Version 11.4 (Add some more indexes)
1293 const SecDbSchema v11_4_schema
= {
1301 &v10_0_tversion_class
,
1302 &v10_2_outgoing_queue_class
,
1303 &v10_2_incoming_queue_class
,
1304 &v10_0_sync_key_class
,
1305 &v10_1_ckmirror_class
,
1306 &v10_0_current_key_class
,
1307 &v10_4_ckstate_class
,
1308 &v10_0_item_backup_class
,
1309 &v10_0_backup_keybag_class
,
1310 &v10_2_ckmanifest_class
,
1311 &v10_2_pending_manifest_class
,
1312 &v10_1_ckmanifest_leaf_class
,
1313 &v10_1_backup_keyarchive_class
,
1314 &v10_1_current_keyarchive_class
,
1315 &v10_1_current_archived_keys_class
,
1316 &v10_1_pending_manifest_leaf_class
,
1317 &v10_4_current_item_class
,
1318 &v11_1_ckdevicestate_class
,
1319 &v10_5_tlkshare_class
,
1320 &v11_2_metadatakeys_class
,
1326 * Version 11.3 (no changes, restores the use of indexes in upgrade code. Gotta go fast!)
1328 const SecDbSchema v11_3_schema
= {
1336 &v10_0_tversion_class
,
1337 &v10_2_outgoing_queue_class
,
1338 &v10_2_incoming_queue_class
,
1339 &v10_0_sync_key_class
,
1340 &v10_1_ckmirror_class
,
1341 &v10_0_current_key_class
,
1342 &v10_4_ckstate_class
,
1343 &v10_0_item_backup_class
,
1344 &v10_0_backup_keybag_class
,
1345 &v10_2_ckmanifest_class
,
1346 &v10_2_pending_manifest_class
,
1347 &v10_1_ckmanifest_leaf_class
,
1348 &v10_1_backup_keyarchive_class
,
1349 &v10_1_current_keyarchive_class
,
1350 &v10_1_current_archived_keys_class
,
1351 &v10_1_pending_manifest_leaf_class
,
1352 &v10_4_current_item_class
,
1353 &v11_1_ckdevicestate_class
,
1354 &v10_5_tlkshare_class
,
1355 &v11_2_metadatakeys_class
,
1363 const SecDbSchema v11_2_schema
= {
1371 &v10_0_tversion_class
,
1372 &v10_2_outgoing_queue_class
,
1373 &v10_2_incoming_queue_class
,
1374 &v10_0_sync_key_class
,
1375 &v10_1_ckmirror_class
,
1376 &v10_0_current_key_class
,
1377 &v10_4_ckstate_class
,
1378 &v10_0_item_backup_class
,
1379 &v10_0_backup_keybag_class
,
1380 &v10_2_ckmanifest_class
,
1381 &v10_2_pending_manifest_class
,
1382 &v10_1_ckmanifest_leaf_class
,
1383 &v10_1_backup_keyarchive_class
,
1384 &v10_1_current_keyarchive_class
,
1385 &v10_1_current_archived_keys_class
,
1386 &v10_1_pending_manifest_leaf_class
,
1387 &v10_4_current_item_class
,
1388 &v11_1_ckdevicestate_class
,
1389 &v10_5_tlkshare_class
,
1390 &v11_2_metadatakeys_class
,
1398 const SecDbSchema v11_1_schema
= {
1406 &v10_0_tversion_class
,
1407 &v10_2_outgoing_queue_class
,
1408 &v10_2_incoming_queue_class
,
1409 &v10_0_sync_key_class
,
1410 &v10_1_ckmirror_class
,
1411 &v10_0_current_key_class
,
1412 &v10_4_ckstate_class
,
1413 &v10_0_item_backup_class
,
1414 &v10_0_backup_keybag_class
,
1415 &v10_2_ckmanifest_class
,
1416 &v10_2_pending_manifest_class
,
1417 &v10_1_ckmanifest_leaf_class
,
1418 &v10_1_backup_keyarchive_class
,
1419 &v10_1_current_keyarchive_class
,
1420 &v10_1_current_archived_keys_class
,
1421 &v10_1_pending_manifest_leaf_class
,
1422 &v10_4_current_item_class
,
1423 &v11_1_ckdevicestate_class
,
1424 &v10_5_tlkshare_class
,
1425 &v11_metadatakeys_class
,
1433 const SecDbSchema v11_schema
= {
1441 &v10_0_tversion_class
,
1442 &v10_2_outgoing_queue_class
,
1443 &v10_2_incoming_queue_class
,
1444 &v10_0_sync_key_class
,
1445 &v10_1_ckmirror_class
,
1446 &v10_0_current_key_class
,
1447 &v10_4_ckstate_class
,
1448 &v10_0_item_backup_class
,
1449 &v10_0_backup_keybag_class
,
1450 &v10_2_ckmanifest_class
,
1451 &v10_2_pending_manifest_class
,
1452 &v10_1_ckmanifest_leaf_class
,
1453 &v10_1_backup_keyarchive_class
,
1454 &v10_1_current_keyarchive_class
,
1455 &v10_1_current_archived_keys_class
,
1456 &v10_1_pending_manifest_leaf_class
,
1457 &v10_4_current_item_class
,
1458 &v10_3_ckdevicestate_class
,
1459 &v10_5_tlkshare_class
,
1460 &v11_metadatakeys_class
,
1469 const SecDbSchema v10_5_schema
= {
1477 &v10_0_tversion_class
,
1478 &v10_2_outgoing_queue_class
,
1479 &v10_2_incoming_queue_class
,
1480 &v10_0_sync_key_class
,
1481 &v10_1_ckmirror_class
,
1482 &v10_0_current_key_class
,
1483 &v10_4_ckstate_class
,
1484 &v10_0_item_backup_class
,
1485 &v10_0_backup_keybag_class
,
1486 &v10_2_ckmanifest_class
,
1487 &v10_2_pending_manifest_class
,
1488 &v10_1_ckmanifest_leaf_class
,
1489 &v10_1_backup_keyarchive_class
,
1490 &v10_1_current_keyarchive_class
,
1491 &v10_1_current_archived_keys_class
,
1492 &v10_1_pending_manifest_leaf_class
,
1493 &v10_4_current_item_class
,
1494 &v10_3_ckdevicestate_class
,
1495 &v10_5_tlkshare_class
,
1503 const SecDbSchema v10_4_schema
= {
1511 &v10_0_tversion_class
,
1512 &v10_2_outgoing_queue_class
,
1513 &v10_2_incoming_queue_class
,
1514 &v10_0_sync_key_class
,
1515 &v10_1_ckmirror_class
,
1516 &v10_0_current_key_class
,
1517 &v10_4_ckstate_class
,
1518 &v10_0_item_backup_class
,
1519 &v10_0_backup_keybag_class
,
1520 &v10_2_ckmanifest_class
,
1521 &v10_2_pending_manifest_class
,
1522 &v10_1_ckmanifest_leaf_class
,
1523 &v10_1_backup_keyarchive_class
,
1524 &v10_1_current_keyarchive_class
,
1525 &v10_1_current_archived_keys_class
,
1526 &v10_1_pending_manifest_leaf_class
,
1527 &v10_4_current_item_class
,
1528 &v10_3_ckdevicestate_class
,
1536 const SecDbSchema v10_3_schema
= {
1544 &v10_0_tversion_class
,
1545 &v10_2_outgoing_queue_class
,
1546 &v10_2_incoming_queue_class
,
1547 &v10_0_sync_key_class
,
1548 &v10_1_ckmirror_class
,
1549 &v10_0_current_key_class
,
1550 &v10_0_ckstate_class
,
1551 &v10_0_item_backup_class
,
1552 &v10_0_backup_keybag_class
,
1553 &v10_2_ckmanifest_class
,
1554 &v10_2_pending_manifest_class
,
1555 &v10_1_ckmanifest_leaf_class
,
1556 &v10_1_backup_keyarchive_class
,
1557 &v10_1_current_keyarchive_class
,
1558 &v10_1_current_archived_keys_class
,
1559 &v10_1_pending_manifest_leaf_class
,
1560 &v10_1_current_item_class
,
1561 &v10_3_ckdevicestate_class
,
1569 const SecDbSchema v10_2_schema
= {
1577 &v10_0_tversion_class
,
1578 &v10_2_outgoing_queue_class
,
1579 &v10_2_incoming_queue_class
,
1580 &v10_0_sync_key_class
,
1581 &v10_1_ckmirror_class
,
1582 &v10_0_current_key_class
,
1583 &v10_0_ckstate_class
,
1584 &v10_0_item_backup_class
,
1585 &v10_0_backup_keybag_class
,
1586 &v10_2_ckmanifest_class
,
1587 &v10_2_pending_manifest_class
,
1588 &v10_1_ckmanifest_leaf_class
,
1589 &v10_1_backup_keyarchive_class
,
1590 &v10_1_current_keyarchive_class
,
1591 &v10_1_current_archived_keys_class
,
1592 &v10_1_pending_manifest_leaf_class
,
1593 &v10_1_current_item_class
,
1601 const SecDbSchema v10_1_schema
= {
1609 &v10_0_tversion_class
,
1610 &v10_1_outgoing_queue_class
,
1611 &v10_1_incoming_queue_class
,
1612 &v10_0_sync_key_class
,
1613 &v10_1_ckmirror_class
,
1614 &v10_0_current_key_class
,
1615 &v10_0_ckstate_class
,
1616 &v10_0_item_backup_class
,
1617 &v10_0_backup_keybag_class
,
1618 &v10_1_ckmanifest_class
,
1619 &v10_1_pending_manifest_class
,
1620 &v10_1_ckmanifest_leaf_class
,
1621 &v10_1_backup_keyarchive_class
,
1622 &v10_1_current_keyarchive_class
,
1623 &v10_1_current_archived_keys_class
,
1624 &v10_1_pending_manifest_leaf_class
,
1625 &v10_1_current_item_class
,
1634 const SecDbClass v10_0_genp_class
= {
1635 .name
= CFSTR("genp"),
1669 &v10itempersistentref
,
1675 const SecDbClass v10_0_inet_class
= {
1676 .name
= CFSTR("inet"),
1714 &v10itempersistentref
,
1720 const SecDbClass v10_0_cert_class
= {
1721 .name
= CFSTR("cert"),
1750 &v10itempersistentref
,
1756 const SecDbClass v10_0_keys_class
= {
1757 .name
= CFSTR("keys"),
1804 &v10itempersistentref
,
1810 const SecDbSchema v10_0_schema
= {
1818 &v10_0_tversion_class
,
1819 &v10_0_outgoing_queue_class
,
1820 &v10_0_incoming_queue_class
,
1821 &v10_0_sync_key_class
,
1822 &v10_0_ckmirror_class
,
1823 &v10_0_current_key_class
,
1824 &v10_0_ckstate_class
,
1825 &v10_0_item_backup_class
,
1826 &v10_0_backup_keybag_class
,
1831 const SecDbClass v9_1_tversion_class
= {
1832 .name
= CFSTR("tversion91"),
1842 const SecDbClass v9_1_genp_class
= {
1843 .name
= CFSTR("genp91"),
1880 const SecDbClass v9_1_inet_class
= {
1881 .name
= CFSTR("inet91"),
1922 const SecDbClass v9_1_cert_class
= {
1923 .name
= CFSTR("cert91"),
1955 const SecDbClass v9_1_keys_class
= {
1956 .name
= CFSTR("keys91"),
2007 * Version 9.1 (iOS 10.0 and OSX 10.11.8/10.12 addded minor version.
2009 const SecDbSchema v9_1_schema
= {
2017 &v9_1_tversion_class
,
2022 const SecDbClass v9genp_class
= {
2023 .name
= CFSTR("genp9"),
2060 const SecDbClass v9inet_class
= {
2061 .name
= CFSTR("inet9"),
2102 const SecDbClass v9cert_class
= {
2103 .name
= CFSTR("cert9"),
2135 const SecDbClass v9keys_class
= {
2136 .name
= CFSTR("keys9"),
2186 const SecDbClass v5tversion_class
= {
2187 .name
= CFSTR("tversion5"),
2195 /* Version 9 (iOS 9.3 and OSX 10.11.5) database schema
2196 * Same contents as v8 tables; table names changed to force upgrade
2197 * and correct default values in table.
2199 const SecDbSchema v9_schema
= {
2211 // Version 8 (Internal release iOS 9.3 and OSX 10.11.5) database schema
2212 const SecDbClass v8genp_class
= {
2213 .name
= CFSTR("genp8"),
2250 const SecDbClass v8inet_class
= {
2251 .name
= CFSTR("inet8"),
2292 const SecDbClass v8cert_class
= {
2293 .name
= CFSTR("cert8"),
2325 const SecDbClass v8keys_class
= {
2326 .name
= CFSTR("keys8"),
2376 const SecDbSchema v8_schema
= {
2388 // Version 7 (iOS 9 and OSX 10.11) database schema
2389 const SecDbClass v7genp_class
= {
2390 .name
= CFSTR("genp7"),
2426 const SecDbClass v7inet_class
= {
2427 .name
= CFSTR("inet7"),
2467 const SecDbClass v7cert_class
= {
2468 .name
= CFSTR("cert7"),
2499 const SecDbClass v7keys_class
= {
2500 .name
= CFSTR("keys7"),
2550 const SecDbSchema v7_schema
= {
2563 // Version 6 (iOS 7 and OSX 10.9) database schema
2564 static const SecDbClass v6genp_class
= {
2565 .name
= CFSTR("genp6"),
2598 static const SecDbClass v6inet_class
= {
2599 .name
= CFSTR("inet6"),
2636 static const SecDbClass v6cert_class
= {
2637 .name
= CFSTR("cert6"),
2665 static const SecDbClass v6keys_class
= {
2666 .name
= CFSTR("keys6"),
2712 static const SecDbSchema v6_schema
= {
2725 // Version 5 (iOS 5 & iOS 6) database schema.
2726 static const SecDbClass v5genp_class
= {
2727 .name
= CFSTR("genp5"),
2755 static const SecDbClass v5inet_class
= {
2756 .name
= CFSTR("inet5"),
2788 static const SecDbClass v5cert_class
= {
2789 .name
= CFSTR("cert5"),
2812 static const SecDbClass v5keys_class
= {
2813 .name
= CFSTR("keys5"),
2854 static const SecDbSchema v5_schema
= {
2866 SecDbSchema
const * const * kc_schemas
= NULL
;
2868 const SecDbSchema
*v10_kc_schemas_dev
[] = {
2891 const SecDbSchema
*v10_kc_schemas
[] = {
2913 const SecDbSchema
* const * all_schemas() {
2914 static dispatch_once_t onceToken
;
2915 dispatch_once(&onceToken
, ^{
2916 if (checkV12DevEnabled()) {
2917 secwarning("SecItemSchema: v12 development enabled, returning experimental schema");
2919 secnotice("SecItemSchema", "v12 development disabled, returning production schemas");
2922 if (checkV12DevEnabled() != 0) {
2923 return v10_kc_schemas_dev
;
2925 return v10_kc_schemas
;
2929 const SecDbSchema
* current_schema() {
2930 // For now, the current schema is the first in the list.
2931 return all_schemas()[0];
2934 // class accessors for current schema.
2935 static const SecDbClass
* find_class(const SecDbSchema
* schema
, CFStringRef class_name
) {
2936 for (const SecDbClass
* const *pclass
= schema
->classes
; *pclass
; ++pclass
) {
2937 if( CFEqualSafe((*pclass
)->name
, class_name
) ) {
2944 const SecDbClass
* genp_class() {
2945 static const SecDbClass
* genp
= NULL
;
2946 static dispatch_once_t onceToken
;
2947 dispatch_once(&onceToken
, ^{
2948 genp
= find_class(current_schema(), CFSTR("genp"));
2952 const SecDbClass
* inet_class() {
2953 static const SecDbClass
* inet
= NULL
;
2954 static dispatch_once_t onceToken
;
2955 dispatch_once(&onceToken
, ^{
2956 inet
= find_class(current_schema(), CFSTR("inet"));
2960 const SecDbClass
* cert_class() {
2961 static const SecDbClass
* cert
= NULL
;
2962 static dispatch_once_t onceToken
;
2963 dispatch_once(&onceToken
, ^{
2964 cert
= find_class(current_schema(), CFSTR("cert"));
2968 const SecDbClass
* keys_class() {
2969 static const SecDbClass
* keys
= NULL
;
2970 static dispatch_once_t onceToken
;
2971 dispatch_once(&onceToken
, ^{
2972 keys
= find_class(current_schema(), CFSTR("keys"));
2977 // Not really a class per-se
2978 const SecDbClass
* identity_class() {
2979 return &v_identity_class
;
2982 // Class with 1 element in it which is the database version->
2983 const SecDbClass
* tversion_class() {
2984 static const SecDbClass
* tversion
= NULL
;
2985 static dispatch_once_t onceToken
;
2986 dispatch_once(&onceToken
, ^{
2987 tversion
= find_class(current_schema(), CFSTR("tversion"));