RubyGems - apple-data - Versions diffs - 1.0.611 → 1.0.613 - Mend

apple-data 1.0.611 → 1.0.613

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

data/share/nvram.yaml CHANGED Viewed

@@ -4,6 +4,13 @@ metadata:
   credits:
   collections:
   - nvram_variables
+nvram_scopes:
+  system:
+    description: For Apple Silicon Macs - The SFR / System Level NVRAM
+    uuid: 40A0DDD2-77F8-4392-B4A3-1E7304206516
+  common:
+    description: For Apple Silicon Macs - The Per OS or Non-SFR / System NVRAM
+    uuid:
 nvram_variables:
   _csegbufsz_experiment:
   _libmalloc_experiment:
@@ -63,6 +70,9 @@ nvram_variables:
   bluetoothInternalControllerInfo:
   BluetoothUHEDevices:
   board-id:
+  boop-storage-nonces:
+    scopes:
+    - system
   boot-args:
     description: String passed to the XNU kernel at boot (M1's do filter this though)
     type: string
@@ -99,7 +109,7 @@ nvram_variables:
   boot-stage:
   boot-volume:
   bootdelay:
-    description: Seconds to pause before autoboot
+    description: Seconds to pause before `auto-boot`
     type: number
     persistent: true
   BOSCatalogURL:
@@ -109,6 +119,11 @@ nvram_variables:
   build-version:
   cam-use-ext-ldo:
   com.apple.System.boot-nonce:
+    description: The persisted random seed that is hashed to become APNonce.  While
+      this value is not changed, the APNonce remains the same.  When a device is booted
+      from DFU, a new value is computed for this which is later in restore saved to
+      ensure that the APTicket remains valid.  Upgrades to APTicket will generate
+      a new nonce value.
   com.apple.System.fp-state:
   com.apple.System.sep.art:
   com.apple.System.tz0-size:
@@ -250,6 +265,12 @@ nvram_variables:
     - PPC
   IOBusyInterest:
   IODeviceMemory:
+  IONVRAM-FORCESYNCNOW-PROPERTY:
+    description: 'Embedded still throttles NVRAM commits via kIONVRAMSyncNowPropertyKey,
+      but some clients still need a stricter NVRAM commit contract. Please use this
+      with care.
+      '
   IOPlatformActiveAction:
   IOPlatformHaltRestartAction:
   IOPlatformPanicAction:
@@ -288,6 +309,7 @@ nvram_variables:
   oem-logo:
   oem-logo?:
   one-time-boot-command:
+    description: A boot command to be used on the next reboot, which is then cleared
   ota-anomalies:
   ota-brain-version:
   ota-breadcrumbs:
@@ -356,6 +378,7 @@ nvram_variables:
   pmgr_cpu_override:
   pmgr_gpu_override:
   policy-nonce-digests:
+    description: The hashed digests of the recoveryOS, remote and local policies.
   pre-recovery-ota-failure-uuid:
   preferred-count:
     scopes:
@@ -366,7 +389,7 @@ nvram_variables:
   preserve-debuggability:
   prev-lang-diags:kbd:
   prev-lang:kbd:
-    description: Default keyboard layout
+    description: The last selected language and keyboard layout pair
     type: string
     scopes:
     - common
@@ -425,6 +448,7 @@ nvram_variables:
   security-password:
   selftest-#megs:
     type: number
+  sep-debug-args:
   serverip:
   SleepWakeFailurePanic:
   SleepWakeFailureString:

data/share/pki.yaml CHANGED Viewed

@@ -7,8 +7,8 @@ metadata:
   - keys
   - oids
 certificate_names:
-  dcrt: device certificate
-  dcrt-oid: device owner certificate
+  dcrt: Device Identity Certificate
+  dcrt-oid: Device Owner Identity Certificate
   lcrt: Lynx / Secure Storage for SEP Certificate
   pcrt: product/production certificate?
   rcrt: remote/recovery certificate?
@@ -50,6 +50,8 @@ oids:
     - FDRDC-UCRT-SUBCA
     ous:
     - ucrt Leaf Certificate
+  1.2.840.113635.100.11.1:
+    description: Component Certificate - Component Type
   1.2.840.113635.100.4.1:
     symbol: oidAppleExtendedKeyUsageCodeSigning
   1.2.840.113635.100.4.1.1:
@@ -167,6 +169,8 @@ oids:
     symbol: oidAppleCertExtAppleServerAuthenticationPPQProdQA
   1.2.840.113635.100.6.27.3.2:
     symbol: oidAppleCertExtAppleServerAuthenticationPPQProd
+  1.2.840.113635.100.6.27.32:
+    description: Apple SSL Certificate
   1.2.840.113635.100.6.27.4.1:
     symbol: oidAppleCertExtAppleServerAuthenticationIDSProdQA
   1.2.840.113635.100.6.27.4.2:
@@ -197,6 +201,8 @@ oids:
       for Accessing the Production Apple Push Service
   1.2.840.113635.100.6.30:
     symbol: oidAppleCertExtAppleSMPEncryption
+  1.2.840.113635.100.6.36:
+    description: Made for iDevice (MFi) - Authentication v3
   1.2.840.113635.100.6.38.1:
     symbol: oidAppleCertExtApplePPQSigningProdQA
   1.2.840.113635.100.6.38.2:
@@ -217,11 +223,18 @@ oids:
   1.2.840.113635.100.6.5.2:
     apple_description: Apple iTunes Store Certificates for Signing Requests to Purchase
       for the iTS
+  1.2.840.113635.100.6.59.1:
+    description: Software Authentication GeneralCapabilities
+  1.2.840.113635.100.6.71.1:
+    description: Made for iDevice (MFi) - Authentication v4 - Apple Accessory Properties
+      Extension
   1.2.840.113635.100.7.1.1:
     apple_description: 'Apple FairPlay certificate extended Application Authentication
       & Authorization: Policy'
   1.2.840.113635.100.8:
-    description: Local Policy OID Root
+    description: Apple Local Device Attestation (BAA)
+  1.2.840.113635.100.8.2:
+    symbol: CTOidItemAppleDeviceAttestationNonce
   1.2.840.113635.100.8.4:
     description: Contains a sequence of integer values.  Some are 0, some are 1, others
       appear to be int32 bitmasks.
@@ -234,10 +247,11 @@ oids:
     - Basic Attestation User Sub CA2
     ous:
     - BAA Certification
-    symbol:
+    symbol: CTOidItemAppleDeviceAttestationHardwareProperties
   1.2.840.113635.100.8.5:
     description: Similar in nature to `1.2.840.113635.100.8.4`. Non-integer values
       observed of `ssca`.
+    symbol: CTOidItemAppleDeviceAttestationKeyUsageProperties
     is_asn_body: true
     is_extension: true
     found_in:
@@ -248,7 +262,8 @@ oids:
     ous:
     - BAA Certification
   1.2.840.113635.100.8.7:
-    description: ASN1 data for the version of macOS for the issued under (e.g. 12.2)
+    description: Information about the OS environment that performed that local attestation
+    symbol: CTOidItemAppleDeviceAttestationDeviceOSInformation
     is_asn_body: true
     is_extension: true
     found_in:
@@ -331,7 +346,11 @@ roots:
       ZFF10-SDOM1-TssLive-ManifestKey-ExtraContent-Global-RevA-DataCenter:
         subject_key_id: 041442FEAB470561CE2A7471B55AC0D81AB7536F4B36
   Apple Secure Boot Root CA - G2:
+    description: Primary iDevice SecureROM - Root of Trust
+    subordinate_cas:
+      T6031-SDOM1-TssLive-ManifestKey-RevA-DataCenter:
   Apple Secure Boot Root CA - G6:
+    description: Seems to be a CA for local policy signatures of boot firmware
     subordinate_cas:
       T6031-SDOM1-RecoveryBoot-RevA-Factory:
         description:
@@ -351,3 +370,6 @@ roots:
       FDR-SS-CM-E1:
   FDR-CA1-ROOT-CM:
   FDR-DC-SSL-ROOT:
+  Apple DDI Secure Boot Root CA - G1:
+    subordinate_cas:
+      ZFF10-SDOM1-TssLive-ManifestKey-ExtraContent-RevA-DataCenter:

data/share/storage.yaml ADDED Viewed

@@ -0,0 +1,54 @@
+---
+metadata:
+  description:
+  credits:
+  collections:
+non_volatile_storage:
+  NVMe:
+    parts:
+      fsys:
+        dsecription: The user filesystem.
+      EAN:
+      diagnostics:
+  NAND:
+    parts:
+      none:
+        title:
+      boot:
+        title: Boot Block
+      diag:
+        title: Diagnostic Data
+      scfg:
+        title: System Config
+      firm:
+        title: Firmware
+      nvrm:
+        title: Firmware
+      fsys:
+        title: Filesystem
+      plog:
+        title: Effaceable
+      fbbt:
+        title: Bad Block Table
+  NOR:
+  EAN:
+    description: Emulated Apple NOR?
+    parts:
+  SysCfg:
+  nvram:
+    parts:
+      anvram: ARM NVRAM (Default for iDevices)
+      rnvram: Intel NVRAM (For devices with a T2)
+      system: The "system" layer NVRAM for Apple Silicon (for the domain of the SFR
+        and core APTicket)
+      common: Classical NVRAM for OS specific installs
+    formats:
+      NVV3:
+  ramrod_shadow:
+    formats:
+      nvram.plist:
+  xarts:
+    formats:
+      GigaLocker:
+  SEP:
+    description: The Lynx or Ocelot directly attached to the SEP

data/share/syscfg.yaml CHANGED Viewed

@@ -8,6 +8,7 @@ metadata:
   - entitlements
 stores:
   0Cfg:
+    description: Hypervisor Domain 0 SysCfg
   ADCL:
     name: Apple Display Calibration Store
   ADDA:

data/share/terms.yaml CHANGED Viewed

@@ -17,10 +17,14 @@ term_list:
   - title: 64bit ARM v8+ Architecture
   aarch64e:
   - title: 64bit ARM v8.3+ Architecture with Pointer Authentication
+  AASP:
+  - title: Apple Authorised Service Partner
   ACC:
   - title: Apple Core Cluster
   ACE:
   - title: USB-C Port Controller
+  ACM:
+  - title: Apple Credential Manager Service
   AES:
   - title: Advanced Encryption Standard
   AGX:
@@ -29,6 +33,8 @@ term_list:
   - title: Apple Hardware Test
   AID:
   - title: Apple ID
+  AKS:
+  - title: Apple Key Storage Service
   AltDSID:
   AMCC:
   - title: Apple Memory Cache Controller
@@ -39,7 +45,7 @@ term_list:
   ANE:
   - title: Apple Neural Engine
   anpi:
-  - title:
+  - title: Apple NCM Private Interface
   ANS:
   - title: Apple NAND Storage
   AOP:
@@ -85,7 +91,7 @@ term_list:
   AWDL:
   - title: Apple Wireless Direct Link
   BAA:
-  - title: Basic Attestation Authority (BAA)
+  - title: Basic Attestation Authority (BAA) - Used for Local Policy signing
   baseband:
   - title:
     see:
@@ -106,6 +112,9 @@ term_list:
     - APNonce
   BootKC:
   BootPolicy:
+  BootROM:
+  - see: SEPROM
+  - see: SecureROM
   bridge:
   bridgeOS:
   BRK:
@@ -127,12 +136,14 @@ term_list:
   CPSR:
   CRAM:
   - title: Cache-as-RAM
+  CRC:
+  - title: Cyclic Redundancy Check
   CRNG:
   - title: Cryptographic Random Number Generator
-  cs:
-  - title: Code Signing
   CS:
   - title: Code Signing
+  cs:
+  - title: Code Signing
   CSPRNG:
   - title: Cryptographically Secure Pseudorandom Number Generator
   CSR:
@@ -140,10 +151,13 @@ term_list:
     see:
     - sip
   CTRR:
+  - title: Configurable Text Readonly Region
   DART:
   - title: Device Address Resolution Table
   DCC:
   - title: Debug Communications Channel
+  dcrt:
+  - title: Device Certificate
   defaults:
   DEP:
   - title: Data Execute Prevention
@@ -177,6 +191,11 @@ term_list:
   - title: Error Checking and Correction
   eCore:
   - title: Efficiency Core
+  EEPROM:
+  - title: Electronically Erasable Programmable Read Only Memory
+  EffaceableStorage:
+  - title: Effaceable Storage
+    description:
   EFI:
   - title: Extensible Firmware Interface
   EHCI:
@@ -200,6 +219,10 @@ term_list:
   - title: Embedded Subscriber Identification Module
     see:
     - SIM
+  eSPI:
+  - title: Enhanced Serial Peripheral Interconnect
+    description: Used by the T2 to provide MacEFI to the Intel Chip
+    url: https://www.intel.com/content/dam/support/us/en/documents/software/chipset-software/327432-004_espi_base_specification_rev1.0_cb.pdf
   eUICC:
   - title: Embedded Universal Integrated Circuit Card
     see:
@@ -232,6 +255,8 @@ term_list:
       '
   Framework:
+  fuOS:
+  - title: Fully Unsigned OS
   FW:
   - see:
     - FireWire
@@ -246,6 +271,10 @@ term_list:
       '
   GENTER:
   GEXIT:
+  GID:
+  - title: Group Identity Key (Chip group key)
+    description: An AES key used to encrypt objects for all Apple CPUs with the same
+      CHIP identity
   gif:
   GL0:
   - title: Guarded Level 0
@@ -257,6 +286,8 @@ term_list:
     - GXF
   GXF:
   - title: Guarded Execution Feature
+  HDCP:
+  - title: High Definition Content Protection
   HFS:
   - title: Hierarchical File System (HFS/HFS+)
     description:
@@ -336,6 +367,18 @@ term_list:
     description: A Mach-O Object containing a series of KEXTs (Kernel Extensions)
       to be loaded alongside the kernel itself.  Usually one of three types, the Boot,
       the System and the Auxiliary.
+  KernelIdentityProtection:
+  - title: Kernel Identity Protection
+    description: After the operating system kernel completes initialization, Kernel
+      Integrity Protection (KIP) is enabled to help prevent modifications of kernel
+      and driver code. The memory controller provides a protected physical memory
+      region that iBoot uses to load the kernel and kernel extensions. After startup
+      is complete, the memory controller denies writes to the protected physical memory
+      region. The Application Processor’s Memory Management Unit (MMU) is configured
+      to help prevent mapping privileged code from physical memory outside the protected
+      memory region and to help prevent writeable mappings of physical memory within
+      the kernel memory region. To prevent reconfiguration, the hardware used to enable
+      KIP is locked after the boot process is complete.
   kext:
   - title: Kernel Extension
   key:
@@ -358,6 +401,8 @@ term_list:
       for correctness.  This ensures that the kernel guarantees are mathematically
       verified against defects.
   launchd:
+  lcrt:
+  - title: Lynx (SEP Secure Storage) Certificate
   LDM:
   - title: Lock Down Mode
   LLB:
@@ -395,6 +440,8 @@ term_list:
   LSB:
   - title: Least Significant Byte/Bit
   - title: Lower Side-Band
+  LVDS:
+  - title: Low Voltage Differential Signaling
   LZFSE:
   mach:
   mach_port:
@@ -412,11 +459,15 @@ term_list:
   MMU:
   - title: Memory Management Unit
   MRI:
+  - title: Mobile Resource Inspector
+    see:
+    - diags
   MRtI:
   MSB:
   - title: Most Significant Byte/Bit
   msm:
   - title: Qualcomm Baseband (Models are MSM) Motorola SoC Modem?
+  - title: Thunderbolt IP - Cactus Ridge Thunderbolt Controller
   MSR:
   - title: Model/Machine Specific Register
     see:
@@ -432,6 +483,8 @@ term_list:
   nbIF:
   - title: Nearby Interface Type
     context: nearbyd
+  NHI:
+  - title: Native Host Interface
   Nm:
   - title: User Assigned Name
   nmi:
@@ -454,6 +507,8 @@ term_list:
   - title: Other Architecture Handler (Rosetta2)
   OHCI:
   - title: Open Host Controller Interface (USB)
+  OIC:
+  - title: Owner Identity Certificate
   oic:
   - title: Owner Identity Certificate (OIC)
   oid:
@@ -560,6 +615,10 @@ term_list:
     - DRAM
     - CRAM
     - SRAM
+  ramrod:
+  - title: Ramrod Plugin
+    description: A plugin to `patchd` (the OTA system) to allow for full restores
+      via the OTA system.  (Such as with the Watch which lacks consumer USB connections).
   recovery:
   reg:
   - see: register
@@ -569,6 +628,8 @@ term_list:
   RemoteXPC:
   restore:
   Rosetta:
+  RSA:
+  - title: RSA (Rivest–Shamir–Adleman) Public Key Cryptography
   rsep:
   - title: Restore SEP Firmware Image
   RSSI:
@@ -618,6 +679,11 @@ term_list:
       in the nvram variable `csr-status`.
     see:
     - CSR
+  SKP:
+  - title: Sealed Key Protection
+  SKS:
+  - title: Secure Key Store Service
+  SMBus:
   SMC:
   - title: System Management Controller
   - title: Secure Monitor Call (el3)
@@ -640,6 +706,10 @@ term_list:
       models made use of a smaller (in the few megabytes range) NOR chip to load iBoot,
       and stored the user's data on a larger NAND flash chip. In newer devices the
       NOR/SPI flash is synthetic and provided by ANS2/3.
+  SPIFlash:
+  - title: Serial Peripheral Interconnect Flash Memory Protocol
+    see:
+    - NOR
   SPMI:
   - title: System Power Management Interface
     url: https://www.mipi.org/specifications/system-power-management-interface
@@ -701,6 +771,7 @@ term_list:
   TDM:
   - title: Target Disk Mode
   tfp0:
+  - title: Task for PID 0 (Kernel)
   trpk:
   - title: Trusted Public Keys
     description: Occurs in `trst` objects
@@ -721,7 +792,13 @@ term_list:
     - tz1
   - title: Time Zone
   tz0:
+  - title: TrustZone for SEP
+  SCIP:
+    - title: System Coprocessor Integrity Protection
+  KIP:
+    - title: Kernel Integrity Protection
   tz1:
+  - title: TrustZone for AP (Trusted Boot Monitor)
   UART:
   - title: Universal Asynchronous Receiver / Transmitter
   ucrt:
@@ -730,6 +807,9 @@ term_list:
   - title: Universal Integrated Circuit Card
     see:
     - sim
+  UID:
+  - title: User Identity Key (Device specific key)
+    description: A unique AES key per device.
   uik:
   - title: User Identity Key (UIK)
   UIKit:

data/share/uuid.yaml ADDED Viewed

@@ -0,0 +1,11 @@
+---
+uuids:
+  40A0DDD2-77F8-4392-B4A3-1E7304206516:
+    description: System Firmware NVRAM Scope
+  3D3287DE-280D-4619-AAAB-D97469CA9C71:
+    description: Primary System Recovery
+  C8858560-55AC-400F-BBB9-C9220A8DAC0D:
+    description: Fallback Recovery
+metadata:
+  description:
+  credits: []

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: apple-data
 version: !ruby/object:Gem::Version
-  version: 1.0.611
+  version: 1.0.613
 platform: ruby
 authors:
 - Rick Mark
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-02-24 00:00:00.000000000 Z
+date: 2024-02-27 00:00:00.000000000 Z
 dependencies: []
 description: |2
       This package includes machine readable data about Apple platforms maintained by hack-different.
@@ -268,9 +268,11 @@ files:
 - share/services.yaml
 - share/sip.yaml
 - share/smc.yaml
+- share/storage.yaml
 - share/syscfg.yaml
 - share/terms.yaml
 - share/tipw_sync.yaml
+- share/uuid.yaml
 - share/vmapple.yaml
 homepage: https://docs.hackdiffe.rent
 licenses: