SecDbBackupManager.h [plain text]
#define SECDB_BACKUPS_ENABLED ((TARGET_OS_OSX || TARGET_OS_IOS || TARGET_OS_MACCATALYST) && !TARGET_OS_SIMULATOR && !TARGET_DARWINOS)
#if __OBJC2__
#import <Foundation/Foundation.h>
#import <SecurityFoundation/SFKey.h>
#import "SecAKSObjCWrappers.h"
#import "CheckV12DevEnabled.h"
NS_ASSUME_NONNULL_BEGIN
typedef NS_ENUM(NSInteger, SecDbBackupRecoveryType) {
SecDbBackupRecoveryTypeInvalid = -1,
SecDbBackupRecoveryTypeAKS = 1,
SecDbBackupRecoveryTypeCylon = 2,
SecDbBackupRecoveryTypeRecoveryKey = 3,
};
extern NSString* const KeychainBackupsErrorDomain;
typedef NS_ENUM(NSInteger, SecDbBackupErrorCode) {
SecDbBackupUnknownError = -1,
SecDbBackupSuccess = 0,
SecDbBackupAKSFailure,
SecDbBackupCryptoFailure,
SecDbBackupWriteFailure,
SecDbBackupDeserializationFailure,
SecDbBackupSetupFailure,
SecDbBackupNoBackupBagFound,
SecDbBackupNoKCSKFound,
SecDbBackupDuplicateBagFound,
SecDbBackupMultipleDefaultBagsFound,
SecDbBackupMalformedBagDataOnDisk,
SecDbBackupMalformedKCSKDataOnDisk,
SecDbBackupMalformedUUIDDataOnDisk,
SecDbBackupUUIDMismatch,
SecDbBackupDataMismatch,
SecDbBackupUnknownOption,
SecDbBackupKeychainLocked,
SecDbBackupInvalidArgument,
SecDbBackupNotSupported,
SecDbBackupInternalError,
SecDbBackupTestCodeFailure = 255, };
@interface SecDbBackupWrappedKey : NSObject <NSSecureCoding>
@property (nonatomic) NSData* wrappedKey;
@property (nonatomic) NSData* baguuid;
@end
@interface SecDbBackupManager : NSObject
+ (instancetype _Nullable)manager;
- (instancetype)init NS_UNAVAILABLE;
- (NSData* _Nullable)currentBackupBagUUID;
- (SecDbBackupWrappedKey* _Nullable)wrapItemKey:(SFAESKey*)key forKeyclass:(keyclass_t)keyclass error:(NSError**)error;
- (SecDbBackupWrappedKey* _Nullable)wrapMetadataKey:(SFAESKey*)key forKeyclass:(keyclass_t)keyclass error:(NSError**)error;
- (void)verifyBackupIntegrity:(bool)lightweight
completion:(void (^)(NSDictionary<NSString*, NSString*>* results, NSError* _Nullable error))completion;
@end
NS_ASSUME_NONNULL_END
#endif // __OBJC2__
bool SecDbBackupCreateOrLoadBackupInfrastructure(CFErrorRef _Nullable * _Nonnull error);
void SecDbResetBackupManager(void);