#ifndef _SECURITYD_SECITEMSERVER_H_
#define _SECURITYD_SECITEMSERVER_H_
#include <CoreFoundation/CoreFoundation.h>
#include "keychain/SecureObjectSync/SOSCircle.h"
#include "keychain/securityd/SecDbQuery.h"
#include "utilities/SecDb.h"
#include <TargetConditionals.h>
#include "sec/ipc/securityd_client.h"
__BEGIN_DECLS
bool _SecItemAdd(CFDictionaryRef attributes, SecurityClient *client, CFTypeRef *result, CFErrorRef *error);
bool _SecItemCopyMatching(CFDictionaryRef query, SecurityClient *client, CFTypeRef *result, CFErrorRef *error);
bool _SecItemUpdate(CFDictionaryRef query, CFDictionaryRef attributesToUpdate, SecurityClient *client, CFErrorRef *error);
bool _SecItemDelete(CFDictionaryRef query, SecurityClient *client, CFErrorRef *error);
bool _SecItemDeleteAll(CFErrorRef *error);
bool _SecItemServerDeleteAllWithAccessGroups(CFArrayRef accessGroups, SecurityClient *client, CFErrorRef *error);
bool _SecServerRestoreKeychain(CFErrorRef *error);
bool _SecServerMigrateKeychain(int32_t handle_in, CFDataRef data_in, int32_t *handle_out, CFDataRef *data_out, CFErrorRef *error);
CFDataRef _SecServerKeychainCreateBackup(SecurityClient *client, CFDataRef keybag, CFDataRef passcode, bool emcs, CFErrorRef *error);
bool _SecServerKeychainRestore(CFDataRef backup, SecurityClient *client, CFDataRef keybag, CFDataRef passcode, CFErrorRef *error);
CFStringRef _SecServerBackupCopyUUID(CFDataRef backup, CFErrorRef *error);
bool _SecServerBackupKeybagAdd(SecurityClient *client, CFDataRef passcode, CFDataRef *identifier, CFDataRef *pathinfo, CFErrorRef *error);
bool _SecServerBackupKeybagDelete(CFDictionaryRef attributes, bool deleteAll, CFErrorRef *error);
bool _SecItemUpdateTokenItemsForAccessGroups(CFStringRef tokenID, CFArrayRef accessGroups, CFArrayRef items, SecurityClient *client, CFErrorRef *error);
CF_RETURNS_RETAINED CFArrayRef _SecServerKeychainSyncUpdateMessage(CFDictionaryRef updates, CFErrorRef *error);
CF_RETURNS_RETAINED CFDictionaryRef _SecServerBackupSyncable(CFDictionaryRef backup, CFDataRef keybag, CFDataRef password, CFErrorRef *error);
int SecServerKeychainTakeOverBackupFD(CFStringRef backupName, CFErrorRef *error);
bool _SecServerRestoreSyncable(CFDictionaryRef backup, CFDataRef keybag, CFDataRef password, CFErrorRef *error);
#if TARGET_OS_IOS
bool _SecServerTransmogrifyToSystemKeychain(SecurityClient *client, CFErrorRef *error);
bool _SecServerTransmogrifyToSyncBubble(CFArrayRef services, uid_t uid, SecurityClient *client, CFErrorRef *error);
bool _SecServerDeleteMUSERViews(SecurityClient *client, uid_t uid, CFErrorRef *error);
#endif
#if SHAREDWEBCREDENTIALS
bool _SecAddSharedWebCredential(CFDictionaryRef attributes, SecurityClient *client, const audit_token_t *clientAuditToken, CFStringRef appID, CFArrayRef domains, CFTypeRef *result, CFErrorRef *error);
bool _SecCopySharedWebCredential(CFDictionaryRef query, SecurityClient *client, const audit_token_t *clientAuditToken, CFStringRef appID, CFArrayRef domains, CFTypeRef *result, CFErrorRef *error);
#endif
void SecItemServerAppendItemDescription(CFMutableStringRef desc, CFDictionaryRef object);
SecDbRef SecKeychainDbCreate(CFStringRef path, CFErrorRef* error);
SecDbRef SecKeychainDbInitialize(SecDbRef db);
bool kc_with_dbt(bool writeAndRead, CFErrorRef *error, bool (^perform)(SecDbConnectionRef dbt));
bool kc_with_dbt_non_item_tables(bool writeAndRead, CFErrorRef* error, bool (^perform)(SecDbConnectionRef dbt)); bool kc_with_custom_db(bool writeAndRead, bool usesItemTables, SecDbRef db, CFErrorRef *error, bool (^perform)(SecDbConnectionRef dbt));
void SecKeychainDbForceClose(void);
void SecKeychainDbReset(dispatch_block_t inbetween);
SOSDataSourceFactoryRef SecItemDataSourceFactoryGetDefault(void);
void SecItemServerSetKeychainKeybag(int32_t keybag);
void SecItemServerResetKeychainKeybag(void);
void SecItemServerSetKeychainChangedNotification(const char *notification_name);
CFStringRef __SecKeychainCopyPath(void);
bool _SecServerRollKeys(bool force, SecurityClient *client, CFErrorRef *error);
bool _SecServerRollKeysGlue(bool force, CFErrorRef *error);
#define SecServerInitialSyncCredentialFlagTLK (1 << 0)
#define SecServerInitialSyncCredentialFlagPCS (1 << 1)
#define SecServerInitialSyncCredentialFlagPCSNonCurrent (1 << 2)
#define SecServerInitialSyncCredentialFlagBluetoothMigration (1 << 3)
CFArrayRef _SecServerCopyInitialSyncCredentials(uint32_t flags, CFErrorRef *error);
bool _SecServerImportInitialSyncCredentials(CFArrayRef array, CFErrorRef *error);
CF_RETURNS_RETAINED CFArrayRef _SecItemCopyParentCertificates(CFDataRef normalizedIssuer, CFArrayRef accessGroups, CFErrorRef *error);
bool _SecItemCertificateExists(CFDataRef normalizedIssuer, CFDataRef serialNumber, CFArrayRef accessGroups, CFErrorRef *error);
bool SecKeychainDbGetVersion(SecDbConnectionRef dbt, int *version, CFErrorRef *error);
bool match_item(SecDbConnectionRef dbt, Query *q, CFArrayRef accessGroups, CFDictionaryRef item);
bool accessGroupsAllows(CFArrayRef accessGroups, CFStringRef accessGroup, SecurityClient* client);
bool itemInAccessGroup(CFDictionaryRef item, CFArrayRef accessGroups);
void SecKeychainChanged(void);
void deleteCorruptedItemAsync(SecDbConnectionRef dbt, CFStringRef tablename, sqlite_int64 rowid);
__END_DECLS
#endif