]> git.saurik.com Git - apple/security.git/blob - Security/sec/securityd/SecItemSchema.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57031.1.35.tar.gz
[apple/security.git] / Security / sec / securityd / SecItemSchema.c
1 /*
2 * Copyright (c) 2006-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * SecItemSchema.c - CoreFoundation-based constants and functions for
26 access to Security items (certificates, keys, identities, and
27 passwords.)
28 */
29
30 #include "SecItemSchema.h"
31
32 // MARK -
33 // MARK Keychain version 6 schema
34
35 #define __FLAGS(ARG, ...) SECDBFLAGS(__VA_ARGS__)
36 #define SECDBFLAGS(ARG, ...) __FLAGS_##ARG | __FLAGS(__VA_ARGS__)
37
38 #define SecDbFlags(P,L,I,S,A,D,R,C,H,B,Z,E,N,U) (__FLAGS_##P|__FLAGS_##L|__FLAGS_##I|__FLAGS_##S|__FLAGS_##A|__FLAGS_##D|__FLAGS_##R|__FLAGS_##C|__FLAGS_##H|__FLAGS_##B|__FLAGS_##Z|__FLAGS_##E|__FLAGS_##N|__FLAGS_##U)
39
40 #define __FLAGS_ 0
41 #define __FLAGS_P kSecDbPrimaryKeyFlag
42 #define __FLAGS_L kSecDbInFlag
43 #define __FLAGS_I kSecDbIndexFlag
44 #define __FLAGS_S kSecDbSHA1ValueInFlag
45 #define __FLAGS_A kSecDbReturnAttrFlag
46 #define __FLAGS_D kSecDbReturnDataFlag
47 #define __FLAGS_R kSecDbReturnRefFlag
48 #define __FLAGS_C kSecDbInCryptoDataFlag
49 #define __FLAGS_H kSecDbInHashFlag
50 #define __FLAGS_B kSecDbInBackupFlag
51 #define __FLAGS_Z kSecDbDefault0Flag
52 #define __FLAGS_E kSecDbDefaultEmptyFlag
53 #define __FLAGS_N kSecDbNotNullFlag
54 #define __FLAGS_U kSecDbInAuthenticatedDataFlag
55
56 // ,-------------- P : Part of primary key
57 // / ,------------- L : Stored in local database
58 // / / ,------------ I : Attribute wants an index in the database
59 // / / / ,----------- S : SHA1 hashed attribute value in database (implies L)
60 // / / / / ,---------- A : Returned to client as attribute in queries
61 // / / / / / ,--------- D : Returned to client as data in queries
62 // / / / / / / ,-------- R : Returned to client as ref/persistant ref in queries
63 // / / / / / / / ,------- C : Part of encrypted blob
64 // / / / / / / / / ,------ H : Attribute is part of item SHA1 hash (Implied by C)
65 // / / / / / / / / / ,----- B : Attribute is part of iTunes/iCloud backup bag
66 // / / / / / / / / / / ,---- Z : Attribute has a default value of 0
67 // / / / / / / / / / / / ,--- E : Attribute has a default value of "" or empty data
68 // / / / / / / / / / / / / ,-- N : Attribute must have a value
69 // / / / / / / / / / / / / / ,- U : Attribute is stored in authenticated, but not necessarily encrypted data
70 // / / / / / / / / / / / / / /
71 // / / / / / / / / / / / / / /
72 // | | | | | | | | | | | | | |
73 // common to all | | | | | | | | | | | | | |
74 SECDB_ATTR(v6rowid, "rowid", RowId, SecDbFlags( ,L, , , , ,R, , ,B, , , , ));
75 SECDB_ATTR(v6cdat, "cdat", CreationDate, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
76 SECDB_ATTR(v6mdat, "mdat",ModificationDate,SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
77 SECDB_ATTR(v6labl, "labl", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , ));
78 SECDB_ATTR(v6data, "data", EncryptedData, SecDbFlags( ,L, , , , , , , ,B, , , , ));
79 SECDB_ATTR(v6agrp, "agrp", String, SecDbFlags(P,L, , ,A, , , ,H, , , , ,U));
80 SECDB_ATTR(v6pdmn, "pdmn", Access, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
81 SECDB_ATTR(v6sync, "sync", Sync, SecDbFlags(P,L,I, ,A, , , ,H, ,Z, ,N,U));
82 SECDB_ATTR(v6tomb, "tomb", Tomb, SecDbFlags( ,L, , , , , , ,H, ,Z, ,N,U));
83 SECDB_ATTR(v6sha1, "sha1", SHA1, SecDbFlags( ,L,I, ,A, ,R, , , , , , , ));
84 SECDB_ATTR(v6accc, "accc", AccessControl, SecDbFlags( , , , ,A, , , , , , , , , ));
85 SECDB_ATTR(v6v_Data, "v_Data", Data, SecDbFlags( , , , , ,D, ,C,H, , , , , ));
86 SECDB_ATTR(v6v_pk, "v_pk", PrimaryKey, SecDbFlags( , , , , , , , , , , , , , ));
87 // genp and inet and keys | | | | | | | | | | | | |
88 SECDB_ATTR(v6crtr, "crtr", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
89 SECDB_ATTR(v6alis, "alis", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , ));
90 // genp and inet | | | | | | | | | | | | |
91 SECDB_ATTR(v6desc, "desc", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , ));
92 SECDB_ATTR(v6icmt, "icmt", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , ));
93 SECDB_ATTR(v6type, "type", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
94 SECDB_ATTR(v6invi, "invi", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
95 SECDB_ATTR(v6nega, "nega", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
96 SECDB_ATTR(v6cusi, "cusi", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
97 SECDB_ATTR(v6prot, "prot", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , ));
98 SECDB_ATTR(v6scrp, "scrp", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
99 SECDB_ATTR(v6acct, "acct", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ));
100 // genp only | | | | | | | | | | | | |
101 SECDB_ATTR(v6svce, "svce", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ));
102 SECDB_ATTR(v6gena, "gena", Blob, SecDbFlags( ,L, ,S,A, , ,C,H, , , , , ));
103 // inet only | | | | | | | | | | | | |
104 SECDB_ATTR(v6sdmn, "sdmn", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ));
105 SECDB_ATTR(v6srvr, "srvr", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ));
106 SECDB_ATTR(v6ptcl, "ptcl", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ));
107 SECDB_ATTR(v6atyp, "atyp", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ));
108 SECDB_ATTR(v6port, "port", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ));
109 SECDB_ATTR(v6path, "path", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ));
110 // cert only | | | | | | | | | | | | |
111 SECDB_ATTR(v6ctyp, "ctyp", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ));
112 SECDB_ATTR(v6cenc, "cenc", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
113 SECDB_ATTR(v6subj, "subj", Data, SecDbFlags( ,L,I,S,A, , ,C,H, , , , , ));
114 SECDB_ATTR(v6issr, "issr", Data, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ));
115 SECDB_ATTR(v6slnr, "slnr", Data, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ));
116 SECDB_ATTR(v6skid, "skid", Data, SecDbFlags( ,L,I,S,A, , ,C,H, , , , , ));
117 SECDB_ATTR(v6pkhh, "pkhh", Data, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , ));
118 // cert attributes that share names with common ones but have different flags
119 SECDB_ATTR(v6certalis, "alis", Blob, SecDbFlags( ,L,I,S,A, , ,C,H, , , , , ));
120 // keys only | | | | | | | | | | | | |
121 SECDB_ATTR(v6kcls, "kcls", Number, SecDbFlags(P,L,I,S,A, , ,C,H, ,Z, ,N, ));
122 SECDB_ATTR(v6perm, "perm", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
123 SECDB_ATTR(v6priv, "priv", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
124 SECDB_ATTR(v6modi, "modi", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
125 SECDB_ATTR(v6klbl, "klbl", Data, SecDbFlags(P,L,I, ,A, , ,C,H, , ,E,N, ));
126 SECDB_ATTR(v6atag, "atag", Blob, SecDbFlags(P,L, ,S,A, , ,C,H, , ,E,N, ));
127 SECDB_ATTR(v6bsiz, "bsiz", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ));
128 SECDB_ATTR(v6esiz, "esiz", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ));
129 SECDB_ATTR(v6sdat, "sdat", Date, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ));
130 SECDB_ATTR(v6edat, "edat", Date, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ));
131 SECDB_ATTR(v6sens, "sens", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
132 SECDB_ATTR(v6asen, "asen", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
133 SECDB_ATTR(v6extr, "extr", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
134 SECDB_ATTR(v6next, "next", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
135 SECDB_ATTR(v6encr, "encr", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , ));
136 SECDB_ATTR(v6decr, "decr", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , ));
137 SECDB_ATTR(v6drve, "drve", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , ));
138 SECDB_ATTR(v6sign, "sign", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , ));
139 SECDB_ATTR(v6vrfy, "vrfy", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , ));
140 SECDB_ATTR(v6snrc, "snrc", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
141 SECDB_ATTR(v6vyrc, "vyrc", Number, SecDbFlags( ,L, , ,A, , ,C,H, , , , , ));
142 SECDB_ATTR(v6wrap, "wrap", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , ));
143 SECDB_ATTR(v6unwp, "unwp", Number, SecDbFlags( ,L,I, ,A, , ,C,H, , , , , ));
144 // keys attributes that share names with common ones but have different flags
145 SECDB_ATTR(v6keytype, "type", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ));
146 SECDB_ATTR(v6keycrtr, "crtr", Number, SecDbFlags(P,L, , ,A, , ,C,H, ,Z, ,N, ));
147
148 const SecDbClass genp_class = {
149 .name = CFSTR("genp"),
150 .attrs = {
151 &v6rowid,
152 &v6cdat,
153 &v6mdat,
154 &v6desc,
155 &v6icmt,
156 &v6crtr,
157 &v6type,
158 &v6scrp,
159 &v6labl,
160 &v6alis,
161 &v6invi,
162 &v6nega,
163 &v6cusi,
164 &v6prot,
165 &v6acct,
166 &v6svce,
167 &v6gena,
168 &v6data,
169 &v6agrp,
170 &v6pdmn,
171 &v6sync,
172 &v6tomb,
173 &v6sha1,
174 &v6v_Data,
175 &v6v_pk,
176 &v6accc,
177 NULL
178 },
179 };
180
181 const SecDbClass inet_class = {
182 .name = CFSTR("inet"),
183 .attrs = {
184 &v6rowid,
185 &v6cdat,
186 &v6mdat,
187 &v6desc,
188 &v6icmt,
189 &v6crtr,
190 &v6type,
191 &v6scrp,
192 &v6labl,
193 &v6alis,
194 &v6invi,
195 &v6nega,
196 &v6cusi,
197 &v6prot,
198 &v6acct,
199 &v6sdmn,
200 &v6srvr,
201 &v6ptcl,
202 &v6atyp,
203 &v6port,
204 &v6path,
205 &v6data,
206 &v6agrp,
207 &v6pdmn,
208 &v6sync,
209 &v6tomb,
210 &v6sha1,
211 &v6v_Data,
212 &v6v_pk,
213 &v6accc,
214 0
215 },
216 };
217
218 const SecDbClass cert_class = {
219 .name = CFSTR("cert"),
220 .attrs = {
221 &v6rowid,
222 &v6cdat,
223 &v6mdat,
224 &v6ctyp,
225 &v6cenc,
226 &v6labl,
227 &v6certalis,
228 &v6subj,
229 &v6issr,
230 &v6slnr,
231 &v6skid,
232 &v6pkhh,
233 &v6data,
234 &v6agrp,
235 &v6pdmn,
236 &v6sync,
237 &v6tomb,
238 &v6sha1,
239 &v6v_Data,
240 &v6v_pk,
241 &v6accc,
242 0
243 },
244 };
245
246 const SecDbClass keys_class = {
247 .name = CFSTR("keys"),
248 .attrs = {
249 &v6rowid,
250 &v6cdat,
251 &v6mdat,
252 &v6kcls,
253 &v6labl,
254 &v6alis,
255 &v6perm,
256 &v6priv,
257 &v6modi,
258 &v6klbl,
259 &v6atag,
260 &v6keycrtr,
261 &v6keytype,
262 &v6bsiz,
263 &v6esiz,
264 &v6sdat,
265 &v6edat,
266 &v6sens,
267 &v6asen,
268 &v6extr,
269 &v6next,
270 &v6encr,
271 &v6decr,
272 &v6drve,
273 &v6sign,
274 &v6vrfy,
275 &v6snrc,
276 &v6vyrc,
277 &v6wrap,
278 &v6unwp,
279 &v6data,
280 &v6agrp,
281 &v6pdmn,
282 &v6sync,
283 &v6tomb,
284 &v6sha1,
285 &v6v_Data,
286 &v6v_pk,
287 &v6accc,
288 0
289 }
290 };
291
292 /* An identity which is really a cert + a key, so all cert and keys attrs are
293 allowed. */
294 const SecDbClass identity_class = {
295 .name = CFSTR("idnt"),
296 .attrs = {
297 0
298 },
299 };
mirror of Security