X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..7e6b461318c8a779d91381531435a68ee4e8b6ed:/OSX/libsecurityd/lib/ssblob.h

diff --git a/OSX/libsecurityd/lib/ssblob.h b/OSX/libsecurityd/lib/ssblob.h
index d05f2b73..145d376c 100644
--- a/OSX/libsecurityd/lib/ssblob.h
+++ b/OSX/libsecurityd/lib/ssblob.h
@@ -75,12 +75,21 @@ public:
     
     static const uint32 magicNumber = 0xfade0711;
 
+    static const uint32 version_none = 0x0;                 // dummy value for default parameters. Never set this as an actual version.
     static const uint32 version_MacOS_10_0 = 0x00000100;	// MacOS 10.0.x
     static const uint32 version_MacOS_10_1 = 0x00000101;	// MacOS 10.1.x and on
-    static const uint32 currentVersion = version_MacOS_10_0;
+    static const uint32 version_partition = 0x00000200;		// MacOS 10.11.4 and on, supporting partitioning
+    static const uint32 currentVersion = version_partition;
     
+    static uint32 getCurrentVersion();
+
+    //Returns the version this database should be, given its filesystem location (as dbName)
+    static uint32 getCurrentVersionForDb(const char* dbName);
+
+    static bool pathInHomeLibraryKeychains(const string& path);
 public:
-    void initialize(uint32 version = currentVersion);
+    void initialize();
+    void initialize(uint32 version);
 	bool isValid() const;
     void validate(CSSM_RETURN failureCode) const;
 	
@@ -217,6 +226,36 @@ public:
 };
 
 
+//
+// This class implements a "system keychain unlock record" store
+//
+class SystemKeychainKey {
+public:
+    SystemKeychainKey(const char *path);
+    ~SystemKeychainKey();
+
+    bool matches(const DbBlob::Signature &signature);
+    CssmKey &key();
+
+    // returns true if we have actually retrieved the key
+    bool valid();
+
+private:
+    std::string mPath;                  // path to file
+    CssmKey mKey;                       // proper CssmKey with data in mBlob
+
+    bool mValid;                        // mBlob was validly read from mPath
+    UnlockBlob mBlob;                   // contents of mPath as last read
+
+    Time::Absolute mCachedDate;         // modify date of file when last read
+    Time::Absolute mUpdateThreshold;    // cutoff threshold for checking again
+
+    static const int checkDelay = 1;    // seconds minimum delay between update checks
+
+    bool update();
+};
+
+
 } // end namespace SecurityServer
 } // end namespace Security