apple-data 1.0.627 → 1.0.629

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e09bbdb36c01d1537c95dd27e41d6f51973c6b5adfeadfc5aefe285885a7baea
-  data.tar.gz: 0f84832c4ff3f51c1530c88fb78409040c24c598c0a065ad84bf761d93b3f3aa
+  metadata.gz: 7ccec50a6440b05805fb2139a50c19abcfa15433b0f33c93a0564b934446fb9c
+  data.tar.gz: 062551007e74d609abe1c4858040a25f63656345256ddf2eefce434fee62fafa
 SHA512:
-  metadata.gz: e049aa109923c74bc5674293dbc7cb8e7cdb07a4bec508e1f73acd724f8bc0a5de9aa3a5f9ae6c24678abd2a3c2fdc77ae1874fe0fcb07f68347adab1cc50d46
-  data.tar.gz: dedabf2ca8f995c3a1f4079d047cb73245a302c57e34bf4c2ed15a8ed16d289309429f5c55942e4eba034b053f0f405fcb34d42864bb8d83943fcb70bf06e0d7
+  metadata.gz: e52bb4d0d08328bb56a946cffa4f597f765610e20b7adad4f8f1db8721f843c7a528c724da39abadba7634cb6f97af2d0ae2543aadf42db403e2b410f48b4f2f
+  data.tar.gz: ff8cd17c5f061a4c5078a3db242b5871873e89c88f6c02428c5940e3616e94c09ecf765a98a4bd47cd16b8752eab4f0e7a50b1832cb828edf9d0b55b63b27e5f

data/lib/apple_data/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module AppleData
-  VERSION = '1.0.627'
+  VERSION = '1.0.629'
 end

data/share/baseband.yaml

@@ -6,6 +6,46 @@ metadata:
   - product_basebands
 esim:
   root_keys:
+baseband_behaviors:
+- FlashPSI-Version
+- ModemStack-Digest
+- ModemStack-Length
+- RamPSI-Version
+- FlashPSI-SecPackDigest
+- ModemStack-SecPackDigest
+- FlashPSI-Digest
+- EBL-Digest
+- RamPSI-PartialDigest
+- FlashPSI-PartialDigest
+- RamPSI-Blob
+- RestoreRamPSI-Blob
+- PSI-Blob
+- RestorePSI-Blob
+- PSI2-Blob
+- RestorePSI2-Blob
+- FlashPSI-Blob
+- BBTicket
+- DBL-Version
+- DBL-PartialDigest
+- ENANDPRG-Version
+- ENANDPRG-PartialDigest
+- DBL-Blob
+- ENANDPRG-Blob
+- OSBL-DownloadDigest
+- AMSS-DownloadDigest
+- AMSS-HashTableDigest
+- PartitionTable-Digest
+- eDBL-Version
+- eDBL-PartialDigest
+- eDBL-Blob
+- RestoreDBL-Version
+- RestoreDBL-PartialDigest
+- RestoreDBL-Blob
+- DSP1-DownloadDigest
+- DSP1-HashTableDigest
+- DSP2-DownloadDigest
+- DSP2-HashTableDigest
+- SBL1-Version
 products: {}
 product_basebands:
   iPad11,2:

data/share/bundles.yaml

@@ -5,46 +5,82 @@ metadata:
   collections:
   - bundles
 bundles:
+  app_mode_loader:
   com.apple.accessibility.universalAccessAuthWarn:
   com.apple.AirPlayUIAgent:
   com.apple.appkit.xpc.openAndSavePanelService:
   com.apple.AppSSOAgent:
   com.apple.AppStore:
+  com.apple.appstore.AppDownloadLauncher:
+  com.apple.apreceivermac:
   com.apple.AquaAppearanceHelper:
   com.apple.AssistantServices:
+  com.apple.Authorization.LAContextAuthorizationTestApp:
   com.apple.AVKit.RoutePickerViewService:
+  com.apple.avkittester:
+  com.apple.bni.AppleNetInstall:
+  com.apple.Cauldron:
   com.apple.controlcenter:
   com.apple.controlstrip:
   com.apple.CoreLocationAgent:
   com.apple.coreservices.uiagent:
   com.apple.CoreSimulator.CoreSimulatorService:
   com.apple.CoreSimulator.SimulatorTrampoline:
+  com.apple.dashboardlauncher:
+  com.apple.DCSD:
   com.apple.dock:
   com.apple.dock.extra:
+  com.apple.dt.uxi.client:
   com.apple.dt.Xcode:
+  com.apple.dt.XCPreviewAgent:
+  com.apple.factory.SNIFF:
   com.apple.finder:
+  com.apple.finder.Open-iCloudDrive:
+  com.apple.frontrowlauncher:
+  com.apple.FruitBasket:
+  com.apple.green-restore:
   com.apple.imdpersistence.IMDPersistenceAgent:
   com.apple.imtransferservices.IMTransferAgent:
   com.apple.inputmethod.EmojiFunctionRowItem:
+  com.apple.internal.ApplePayAutomation:
+  com.apple.internal.Blade.xctrunner:
+  com.apple.internal.CarDisplaySim:
+  com.apple.iOS-Menu:
+  com.apple.iPhoneMenu:
+  com.apple.iRemoteX:
+  com.apple.ist.Radar7:
+  com.apple.jett.Switch:
   com.apple.LocalAuthentication.UIAgent:
   com.apple.locationd:
   com.apple.locationmenu:
   com.apple.loginwindow:
   com.apple.LookupViewService:
+  com.apple.macFieldDiags.DiagsLoader:
   com.apple.nbagent:
   com.apple.notificationcenterui:
   com.apple.NowPlayingTouchUI:
   com.apple.OSDUIHelper:
   com.apple.PowerChime:
+  com.apple.PowerWarriorX:
   com.apple.Preferences:
+  com.apple.PurpleCrashReporter:
+  com.apple.PurplePod:
+  com.apple.purpleRegister:
+  com.apple.PurpleRestore:
   com.apple.quicklook.QuickLookUIService:
   com.apple.QuickLookThumbnailing.extension.ThumbnailExtension-macOS:
   com.apple.QuickLookUIFramework.QLPreviewGenerationExtension:
+  com.apple.Redwood.app.SafeViewAgent:
+  com.apple.remoteinstallmacosx:
   com.apple.Safari:
   com.apple.Safari.SandboxBroker:
+  com.apple.ScreenShotr:
   com.apple.security.Keychain-Circle-Notification:
   com.apple.SoftwareUpdateNotificationManager:
   com.apple.Spotlight:
+  com.apple.stack:
+  com.apple.SumacUI:
+  com.apple.SwiftUIColorGrid:
   com.apple.systemuiserver:
   com.apple.talagent:
   com.apple.Terminal:
@@ -52,6 +88,8 @@ bundles:
   com.apple.TextInputSwitcher:
   com.apple.TV:
   com.apple.UIKitSystemApp:
+  com.apple.UIKitSystemApp.HelloWorld:
+  com.apple.usbqa.USBProber:
   com.apple.ViewBridgeAuxiliary:
   com.apple.WebKit.GPU:
   com.apple.WebKit.Networking:

data/share/coprocessor.yaml

@@ -25,7 +25,6 @@ provisioning:
   kAMAuthinstallProvisioningICCID:
   kAMAuthinstallProvisioningMANIFESTDATA:
   kAMAuthinstallProvisioningRequest:
-
 install:
   monet:
     kAMAuthInstallMonetLocalDefaultTrustURL:
@@ -127,7 +126,6 @@ application_processor:
     kAMAuthInstallTagCryptex1Version:
     kAMAuthInstallTagCryptex1PreauthorizationVersion:
     kAMAuthInstallTagCryptex1FakeRoot:
-
   options:
     kAMAuthInstallApParameterAllowMixAndMatch:
     kAMAuthInstallApParameterApInternalUseOnlySW:
@@ -200,8 +198,13 @@ application_processor:
     kAMAuthInstallApImg4LocalTicketTagnsrv:
     kAMAuthInstallApImg4LocalTicketTagrsep:
     kAMAuthInstallApImg4LocalTicketTagsepi:
-
 secondary_cores:
+  AppleNandStorage:
+    type: aarch64
+    description: Processor that presents NVMe to the AP and provides both NVMe storage
+      as well as emulated SPI flash for early boot.  This
+    firmware_type: ansf
+    restore_firmware_type: rans
   AppleTypeCRetimer:
     options:
       kATCRTTicketNameFormat:
@@ -221,53 +224,6 @@ secondary_cores:
       kATCRTHardwareIDKeyChipID:
       kATCRTDeviceInfoKeyHardwareID:
       kATCRTDeviceInfoKeyInfoArray:
-  TCON:
-    options:
-      kAppleTCONCommonIORegPropProdFuseValue:
-      kAppleTCONCommonIORegPropNonce:
-      kAppleTCONCommonIORegPropECID:
-      kAppleTCONCommonIORegPropPRODStatus:
-      kAppleTCONCommonIORegPropSDOMStatus:
-      kAppleTCONCommonIORegPropFirmwareVer:
-      kAppleTCONCommonIORegPropBundleVer:
-      kAppleTCONCommonIORegPropDeviceID:
-      kAppleTCONCommonOptionFuseProd:
-      kAppleTCONCommonOptionFuseSDOM:
-      kAppleTCONCommonOptionSkipSameVersion:
-      kAppleTCONCommonOptionInternalBundle:
-      kAppleTCONCommonTagBuildIdentityPathKey:
-      kAppleTCONCommonTagBuildIdentityInfoKey:
-      kAppleTCONCommonTagMeasurementDigest:
-  TCON2:
-    options:
-  Vynal:
-    options:
-      kAMAuthInstallPROverrideVinylFirmwareKey:
-      kAMAuthInstallTagVinylApProductionMode:
-      kAMAuthInstallTagVinylRootKeyID:
-      kAMAuthInstallTagVinylDigest:
-      kAMAuthInstallTagVinylNonce:
-      kAMAuthInstallTagVinylMain:
-      kAMAuthInstallTagVinylGold:
-      kAMAuthInstallTagVinylEID:
-      kAMAuthInstallTagVinylChipID:
-      kAMAuthInstallTagVinylTicketResponse:
-      kAMAuthInstallTagVinylTicket:
-      kAMAuthInstallVinylIm4pVersion:
-      kAMAuthInstallVinyl4CCManpMain:
-      kAMAuthInstallVinyl4CCManpGold:
-      kAMAuthInstallTagVinylVendorAuthDataGold:
-      kAMAuthInstallTagVinylVendorAuthDataMain:
-      kAMAuthInstallTagVinylFwLoaderVersionPlist:
-      kAMAuthInstallTagVinylRootKeyIdentifierPlist:
-
-
-  AppleNandStorage:
-    type: aarch64
-    description: Processor that presents NVMe to the AP and provides both NVMe storage
-      as well as emulated SPI flash for early boot.  This
-    firmware_type: ansf
-    restore_firmware_type: rans
   Baseband:
     description: Comes from multiple vendors, encoded in `bbfw` file.  See `baseband.yaml`
       for more info.
@@ -393,12 +349,88 @@ secondary_cores:
       kAMAuthInstallTagBbAppsDownloadDigest:
       kAMAuthInstallTagBbDsp3HashSectionDigest:
       kAMAuthInstallTagBbDsp3DownloadDigest:
-
+  eUICC:
+    options:
+      eUICCprofileObjectSpec:
+      eUICCprofileOptionSpec:
+      eUICCcertChainSpec:
+      eUICCSignIdPayloadSpec:
+      eUICCPCFObjectSpec:
+      eUICCPCFValueSpec:
+      eUICCPCFValueDataSpec:
+    tags:
+      kAMAuthInstallTagEuiccCSN:
+      kAMAuthInstallTagEuiccMainNonce:
+      kAMAuthInstallTagEuiccGoldNonce:
+      kAMAuthInstallTagEuiccTicketVersion:
+      kAMAuthInstallTagEuiccCertIdentifier:
+      kAMAuthInstallTagEuiccSignedTicketMain:
+      kAMAuthInstallTagEuiccSignedTicketGold:
+      kAMAuthInstallTagEuiccChipID:
+      kAMAuthInstallTagEuiccFirmwareLoaderVersion:
+      kAMAuthInstallTagEuiccSignedProfileMain:
+      kAMAuthInstallTagEuiccSignedProfileGold:
   ImageSignalProcessor:
     firmware_type: ispf
     description: Image Signal Processor
   Juliet:
     description: The Infared FaceID camera
+  kT200:
+    kT200CertificationURL:
+    kT200PersonalizationOption;:
+    kT200RestoreSystemPartition:
+    kT200SkipFirmwareMapStore:
+    kT200TagRequestFirmwareTicket:
+    kT200TagResponseFirmwareTicket:
+    kT200DeviceInfoChipID:
+    kT200DeviceInfoNonce:
+    kT200DeviceInfoUniqueID:
+    kT200DeviceInfoRevision:
+    kT200DeviceInfoProductionMode:
+    kT200DeviceInfoUpdateType:
+    kT200DeviceInfoChemistryID:
+    kT200DeviceInfoLocalSigningID:
+    kT200DeviceHWVersion:
+    kT200UpdaterOptions:
+    kT200TagChipID:
+    kT200TagBoardID:
+    kT200TagNonce:
+    kT200TagUniqueID:
+    kT200TagRevision:
+    kT200TagProductionMode:
+    kT200TagCertificateEpoch:
+    kT200TagFAEnable:
+    kT200TagVNVEnable:
+    kT200TagFWOverWrite:
+    kT200TagEFFV:
+    kT200TagFAEnableOption:
+    kT200TagVNVEnableOption:
+    kT200TagFWSkipSameVersion:
+    kT200TagRollbackFWVer:
+    kT200TagPreflight:
+    kT200TagMeasurementFirmware:
+    kT200TagMeasurementFirmwarePlist:
+    kT200TagDerFirmwarePlist:
+    kT200TagBoardId:
+    kT200MeasurementDictFirmware:
+    kT200DigestDERDictFirmware:
+    kT200TagMeasurementDigest:
+    kT200OptionDebugArgs:
+    kT200OptionUpdateType:
+    kT200OptionFirmwareData:
+    kT200OptionFirmwareIsOverride:
+    kT200OptionOptions:
+    kT200OptionRestoreInternal:
+    kT200OptionDeviceInfo:
+    kT200OptionBuildIdentity:
+    kT200OptionTicket:
+    kT200OptionRequest:
+    kT200OptionSourceBundlePath:
+    kT200OptionDestBundlePath:
+    kT200ReturnTagsInBI:
+    kT200ReturnTagsInTssResponse:
+    kT200BuildIdentityInfoKey:
+    kT200BuildIdentityPathKey:
   Maggie:
     description: Ultra low power FPGA (iCE5LP4K) / Lattice iCEcube2
     firmware_type: magg
@@ -406,16 +438,6 @@ secondary_cores:
     description: The FaceID assembly
     options:
       kAMAuthInstallTagPearlCertificationRootPub:
-  x86:
-    options:
-      kAMAuthInstallTagX86ProductionMode:
-      kAMAuthInstallTagX86SecurityMode:
-      kAMAuthInstallTagX86Nonce:
-      kAMAuthInstallTagX86UseGlobalSigning:
-      kAMAuthInstallTagX86AllowMixAndMatch:
-      kAMAuthInstallTagX86OSLongVersion:
-      kAMAuthInstallTagX86Img4Ticket:
-      kAMAuthInstallTagX86RequestImg4Ticket:
   PowerManagementProcessor:
     type: arm7m
     description: Power Management Processor.  Provides ARM Cortex-M processor for
@@ -424,27 +446,51 @@ secondary_cores:
       `volume-up-debounce` and `volume-down-debounce`.  There have been reported copies
       of debug firmwares in the wild which might avoid such power sequencing.
     firmware_type: pmpf
-  eUICC:
+  PS190:
     options:
-      eUICCprofileObjectSpec:
-      eUICCprofileOptionSpec:
-      eUICCcertChainSpec:
-      eUICCSignIdPayloadSpec:
-      eUICCPCFObjectSpec:
-      eUICCPCFValueSpec:
-      eUICCPCFValueDataSpec:
+      kPS190SecurityDomainTagFormat:
+      kPS190BoardIDTagFormat:
+      kPS190FirmwareTagFormat:
+      kPS190SecurityDomainTagSuffix:
+      kPS190BoardIDTagSuffix:
+      kPS190FirmwareTagSuffix:
+      kPS190TagNameFormatString:
+      kPS190TicketNameFormatString:
+      kPS190FirmwareKeySecurityDomain:
+      kPS190FirmwareKeyBoardID:
+      kPS190FirmwareKeyFirmwareData:
+    info:
+      kPS190DeviceInfoKeyApplicationProcessorInfo:
+      kPS190DeviceInfoKeyFWFeatureConfig:
+      kPS190DeviceInfokeyUseHDCPEntitlement:
+      kPS190DeviceInfoKeyDebugEnableOverride:
+      kPS190DeviceInfoKeyTagNumber:
+      kPS190DeviceInfoKeyTicketName:
+      kPS190DeviceInfoKeyAuthlistFormattedECID:
+      kPS190DeviceInfoKeyNeedsOTPProgramming:
+      kPS190DeviceInfoKeyRequiresPersonalization:
+      kPS190DeviceInfoKeySecurityMode:
+      kPS190DeviceInfoKeySecurityDomain:
+      kPS190DeviceInfoKeyRealHDCPKeysPresent:
+      kPS190DeviceInfoKeyProductionMode:
+      kPS190DeviceInfoKeyNonce:
+      kPS190DeviceInfokeyECID:
+      kPS190DeviceInfoKeyDebugDisable:
+      kPS190DeviceInfoKeyChipID:
+      kPS190DeviceInfoKeyCertificateEpoch:
+      kPS190DeviceInfoKeyBoardID:
+      kPS190DeviceInfoKeyHardwareID:
+      kPS190DeviceInfoKeyInfoArray:
+  Rose:
     tags:
-      kAMAuthInstallTagEuiccCSN:
-      kAMAuthInstallTagEuiccMainNonce:
-      kAMAuthInstallTagEuiccGoldNonce:
-      kAMAuthInstallTagEuiccTicketVersion:
-      kAMAuthInstallTagEuiccCertIdentifier:
-      kAMAuthInstallTagEuiccSignedTicketMain:
-      kAMAuthInstallTagEuiccSignedTicketGold:
-      kAMAuthInstallTagEuiccChipID:
-      kAMAuthInstallTagEuiccFirmwareLoaderVersion:
-      kAMAuthInstallTagEuiccSignedProfileMain:
-      kAMAuthInstallTagEuiccSignedProfileGold:
+      kRoseTagDigest:
+      kRoseTagMeasurementRTKitOS:
+      kRoseTagMeasurementSwBinDsp1:
+    options:
+      kRoseSwDsp1:
+      kRoseRtkitos:
+      kRoseRestoreRtkitos:
+      kRoseRtkitosICNF:
   Savage:
     description:
     options:
@@ -475,8 +521,6 @@ secondary_cores:
       kSavageReturnTagsInTssResponse:
       kSavageBuildIdentityInfoKey:
       kSavageBuildIdentityPathKey:
-
-
     tags:
       kSavageTagRequestTicket:
       kSavageTagResponseTicket:
@@ -524,96 +568,6 @@ secondary_cores:
       kSavageTagMeasurementBFProdPatchVT:
       kSavageMeasurementDictPatch:
       kSavageMeasurementDictPatchVT:
-  Veridian:
-    type: arm7m
-    is_rtkit: false
-    stack_size: 24576
-    ram_base: 536870912
-    mmio_base: 1073741824
-  Vinyl:
-    description: |
-      the eUICC or eSIM Contains a ZIP file with various hash specifiers, each containing two directories.  One `recovery` is seemingly empty (strange as this would imply a bad eUICC can never be recovered but also is consistent with observed behaviour of a eSIM surviving DFU recovery).  Update seems to contain two folders "main" and "gold".
-      These folders contain a `firmware.der` as well as a `profile.bin`
-      These folders contain a number of "root keys" as defined in the eUICC spec.
-    firmware_packing:
-    - zip
-  Yonkers:
-    description:
-    options:
-      kYonkersPreflightRequiredOption:
-      kYonkersOptions:
-      kYonkersSkipOption:
-      kYonkersFirmwareData:
-      kYonkersTagRequestTicket:
-      kYonkersTagResponseTicket:
-      kYonkersDeviceInfo:
-      kYonkersTagDeviceBoardID:
-      kYonkersTagDeviceChipID:
-      kYonkersTagDeviceNonce:
-      kYonkersTagDeviceECID:
-      kYonkersTagDeviceFabRevision:
-      kYonkersTagDeviceProductionMode:
-      kYonkersTagDeviceRootPublicKeyIdentifier:
-      kYonkersTagPatchEpoch:
-      kYonkersTagSepObject:
-      kYonkersTagReadECKey:
-      kYonkersTagWriteECKey:
-      kYonkersTagWriteECID:
-      kYonkersTagWriteEpoch:
-      kYonkersTagReadGID:
-      kYonkersTagReadFWKey:
-      kYonkersTagAllowOfflineBoot:
-      kYonkersTagTempDemote:
-      kYonkersTagAccessSensor:
-      kYonkersTagAccessSecurity:
-      kYonkersTagFADemote:
-      kYonkersTagDebugStatus:
-      kYonkersTagProvisioning:
-  Rose:
-    tags:
-      kRoseTagDigest:
-      kRoseTagMeasurementRTKitOS:
-      kRoseTagMeasurementSwBinDsp1:
-    options:
-      kRoseSwDsp1:
-      kRoseRtkitos:
-      kRoseRestoreRtkitos:
-      kRoseRtkitosICNF:
-  PS190:
-    options:
-      kPS190SecurityDomainTagFormat:
-      kPS190BoardIDTagFormat:
-      kPS190FirmwareTagFormat:
-      kPS190SecurityDomainTagSuffix:
-      kPS190BoardIDTagSuffix:
-      kPS190FirmwareTagSuffix:
-      kPS190TagNameFormatString:
-      kPS190TicketNameFormatString:
-      kPS190FirmwareKeySecurityDomain:
-      kPS190FirmwareKeyBoardID:
-      kPS190FirmwareKeyFirmwareData:
-    info:
-      kPS190DeviceInfoKeyApplicationProcessorInfo:
-      kPS190DeviceInfoKeyFWFeatureConfig:
-      kPS190DeviceInfokeyUseHDCPEntitlement:
-      kPS190DeviceInfoKeyDebugEnableOverride:
-      kPS190DeviceInfoKeyTagNumber:
-      kPS190DeviceInfoKeyTicketName:
-      kPS190DeviceInfoKeyAuthlistFormattedECID:
-      kPS190DeviceInfoKeyNeedsOTPProgramming:
-      kPS190DeviceInfoKeyRequiresPersonalization:
-      kPS190DeviceInfoKeySecurityMode:
-      kPS190DeviceInfoKeySecurityDomain:
-      kPS190DeviceInfoKeyRealHDCPKeysPresent:
-      kPS190DeviceInfoKeyProductionMode:
-      kPS190DeviceInfoKeyNonce:
-      kPS190DeviceInfokeyECID:
-      kPS190DeviceInfoKeyDebugDisable:
-      kPS190DeviceInfoKeyChipID:
-      kPS190DeviceInfoKeyCertificateEpoch:
-      kPS190DeviceInfoKeyBoardID:
-      kPS190DeviceInfoKeyHardwareID:
-      kPS190DeviceInfoKeyInfoArray:
   SecureEnclaveProcessor:
     options:
       kSEOptionDebugSESA:
@@ -663,63 +617,100 @@ secondary_cores:
       kSETagMeasurementUpdatePayload:
       kSETagMeasurementDevHash:
       kSETagMeasurementProdHash:
-  kT200:
-    kT200CertificationURL:
-    kT200PersonalizationOption;:
-    kT200RestoreSystemPartition:
-    kT200SkipFirmwareMapStore:
-    kT200TagRequestFirmwareTicket:
-    kT200TagResponseFirmwareTicket:
-    kT200DeviceInfoChipID:
-    kT200DeviceInfoNonce:
-    kT200DeviceInfoUniqueID:
-    kT200DeviceInfoRevision:
-    kT200DeviceInfoProductionMode:
-    kT200DeviceInfoUpdateType:
-    kT200DeviceInfoChemistryID:
-    kT200DeviceInfoLocalSigningID:
-    kT200DeviceHWVersion:
-    kT200UpdaterOptions:
-    kT200TagChipID:
-    kT200TagBoardID:
-    kT200TagNonce:
-    kT200TagUniqueID:
-    kT200TagRevision:
-    kT200TagProductionMode:
-    kT200TagCertificateEpoch:
-    kT200TagFAEnable:
-    kT200TagVNVEnable:
-    kT200TagFWOverWrite:
-    kT200TagEFFV:
-    kT200TagFAEnableOption:
-    kT200TagVNVEnableOption:
-    kT200TagFWSkipSameVersion:
-    kT200TagRollbackFWVer:
-    kT200TagPreflight:
-    kT200TagMeasurementFirmware:
-    kT200TagMeasurementFirmwarePlist:
-    kT200TagDerFirmwarePlist:
-    kT200TagBoardId:
-    kT200MeasurementDictFirmware:
-    kT200DigestDERDictFirmware:
-    kT200TagMeasurementDigest:
-    kT200OptionDebugArgs:
-    kT200OptionUpdateType:
-    kT200OptionFirmwareData:
-    kT200OptionFirmwareIsOverride:
-    kT200OptionOptions:
-    kT200OptionRestoreInternal:
-    kT200OptionDeviceInfo:
-    kT200OptionBuildIdentity:
-    kT200OptionTicket:
-    kT200OptionRequest:
-    kT200OptionSourceBundlePath:
-    kT200OptionDestBundlePath:
-    kT200ReturnTagsInBI:
-    kT200ReturnTagsInTssResponse:
-    kT200BuildIdentityInfoKey:
-    kT200BuildIdentityPathKey:
-
+  TCON:
+    options:
+      kAppleTCONCommonIORegPropProdFuseValue:
+      kAppleTCONCommonIORegPropNonce:
+      kAppleTCONCommonIORegPropECID:
+      kAppleTCONCommonIORegPropPRODStatus:
+      kAppleTCONCommonIORegPropSDOMStatus:
+      kAppleTCONCommonIORegPropFirmwareVer:
+      kAppleTCONCommonIORegPropBundleVer:
+      kAppleTCONCommonIORegPropDeviceID:
+      kAppleTCONCommonOptionFuseProd:
+      kAppleTCONCommonOptionFuseSDOM:
+      kAppleTCONCommonOptionSkipSameVersion:
+      kAppleTCONCommonOptionInternalBundle:
+      kAppleTCONCommonTagBuildIdentityPathKey:
+      kAppleTCONCommonTagBuildIdentityInfoKey:
+      kAppleTCONCommonTagMeasurementDigest:
+  TCON2:
+    options:
+  Veridian:
+    type: arm7m
+    is_rtkit: false
+    stack_size: 24576
+    ram_base: 536870912
+    mmio_base: 1073741824
+  Vinyl:
+    description: |
+      the eUICC or eSIM Contains a ZIP file with various hash specifiers, each containing two directories.  One `recovery` is seemingly empty (strange as this would imply a bad eUICC can never be recovered but also is consistent with observed behaviour of a eSIM surviving DFU recovery).  Update seems to contain two folders "main" and "gold".
+      These folders contain a `firmware.der` as well as a `profile.bin`
+      These folders contain a number of "root keys" as defined in the eUICC spec.
+    firmware_packing:
+    - zip
+  Vynal:
+    options:
+      kAMAuthInstallPROverrideVinylFirmwareKey:
+      kAMAuthInstallTagVinylApProductionMode:
+      kAMAuthInstallTagVinylRootKeyID:
+      kAMAuthInstallTagVinylDigest:
+      kAMAuthInstallTagVinylNonce:
+      kAMAuthInstallTagVinylMain:
+      kAMAuthInstallTagVinylGold:
+      kAMAuthInstallTagVinylEID:
+      kAMAuthInstallTagVinylChipID:
+      kAMAuthInstallTagVinylTicketResponse:
+      kAMAuthInstallTagVinylTicket:
+      kAMAuthInstallVinylIm4pVersion:
+      kAMAuthInstallVinyl4CCManpMain:
+      kAMAuthInstallVinyl4CCManpGold:
+      kAMAuthInstallTagVinylVendorAuthDataGold:
+      kAMAuthInstallTagVinylVendorAuthDataMain:
+      kAMAuthInstallTagVinylFwLoaderVersionPlist:
+      kAMAuthInstallTagVinylRootKeyIdentifierPlist:
+  x86:
+    options:
+      kAMAuthInstallTagX86ProductionMode:
+      kAMAuthInstallTagX86SecurityMode:
+      kAMAuthInstallTagX86Nonce:
+      kAMAuthInstallTagX86UseGlobalSigning:
+      kAMAuthInstallTagX86AllowMixAndMatch:
+      kAMAuthInstallTagX86OSLongVersion:
+      kAMAuthInstallTagX86Img4Ticket:
+      kAMAuthInstallTagX86RequestImg4Ticket:
+  Yonkers:
+    description:
+    options:
+      kYonkersPreflightRequiredOption:
+      kYonkersOptions:
+      kYonkersSkipOption:
+      kYonkersFirmwareData:
+      kYonkersTagRequestTicket:
+      kYonkersTagResponseTicket:
+      kYonkersDeviceInfo:
+      kYonkersTagDeviceBoardID:
+      kYonkersTagDeviceChipID:
+      kYonkersTagDeviceNonce:
+      kYonkersTagDeviceECID:
+      kYonkersTagDeviceFabRevision:
+      kYonkersTagDeviceProductionMode:
+      kYonkersTagDeviceRootPublicKeyIdentifier:
+      kYonkersTagPatchEpoch:
+      kYonkersTagSepObject:
+      kYonkersTagReadECKey:
+      kYonkersTagWriteECKey:
+      kYonkersTagWriteECID:
+      kYonkersTagWriteEpoch:
+      kYonkersTagReadGID:
+      kYonkersTagReadFWKey:
+      kYonkersTagAllowOfflineBoot:
+      kYonkersTagTempDemote:
+      kYonkersTagAccessSensor:
+      kYonkersTagAccessSecurity:
+      kYonkersTagFADemote:
+      kYonkersTagDebugStatus:
+      kYonkersTagProvisioning:
 other:
   keys:
     KeyCellIDSkip:

data/share/fdr.yaml

@@ -4,6 +4,35 @@ metadata:
   credits:
   collections:
   - fdr_properties
+fdr_modes:
+  '':
+    description: Objects for the device directly, indicates no factory process or
+      mode in use.
+  mansta:
+    description: The "Management Station", or factory station being used to configure
+      a device at an Apple factory using factory tooling and images
+  mandev:
+    description: The "Managed Device", or the device attached to the `mansta` to be
+      configured or tested at a factory
+fdr_objects:
+  trst:
+    description: The trust object establishes the signing root for FDR objects, the
+      SSL CA for connections to FDR, the set of revoked keys, as well as trusted public
+      keys
+  fCfg:
+  eCfg:
+  dCfg:
+  appv:
+  ADCL:
+  FSCl:
+  HmCA:
+  hop0:
+  lcrt:
+  NvMR:
+  sePk:
+  pcrt:
+  scrt:
+  seal:
 fdr_properties:
   ADCL:
     description: Raw Panel / Coverglass

data/share/img4.yaml

@@ -12,6 +12,62 @@ metadata:
   - core
   - types
   - cryptex_properties
+unmapped:
+- ApRelaxedImageVerification
+- "@BCert"
+- "@Managed"
+- "@AlternateSU"
+- Ap,UseGlobalSigning
+- AllowNeRDBoot
+- NeRDEpoch
+- PermitNeRDPivot
+- Ap,OSEnvironment
+- Ap,CurrentOSSecurityVersion
+- Ap,MinimumOSSecurityVersion
+- Ap,EnableGroundhog
+- Ap,SoftwareUpdateDeviceID
+- ApCertificateEpoch
+- ApLeafCertStatus
+- BuildString
+- Name
+- UID_MODE
+- "@Cryptex1,Ticket"
+- Cryptex1,Ticket
+- Cryptex1,ChipID
+- Cryptex1,ProductClass
+- Cryptex1,UseProductClass
+- Cryptex1,Nonce
+- Cryptex1,NonceDomain
+- Cryptex1,ProductionMode
+- Cryptex1,UseGlobalSigning
+- Cryptex1,Version
+- Cryptex1,FakeRoot
+- PearlCertificationRootPub
+- x86,ProductionMode
+- x86,SecurityMode
+- x86,Nonce
+- x86,UseGlobalSigning
+- x86,AllowMixAndMatch
+- x86,OSLongVersion
+- x86,Ticket
+- "@x86,Ticket"
+- "@Locality"
+- "@BBTicket"
+- BbSNUM
+- BbGoldCertId
+- BbSkeyId
+- BbNonce
+- BpApBindingDigest
+- BbServerNonce
+- BbVendorData
+- BbFieldDiagsEnable
+- "@EUICCTicket"
+- EuiccMainTicket
+- EuiccGoldTicket
+- EUICCSignedProfileMain
+- EUICCSignedProfileGold
+- BbAntennaType
+- BbBehavior
 core:
   IM4M:
     description: Image4 Manifest Object (No payload, only manifest).  IM4M, verion,
@@ -29,6 +85,7 @@ core:
   OBJP:
     description: Object Properties - Values that may be assigned per "object" (firmwares)
       that contain a `DGST`
+    name: ObjectPayloadPropertyDigest
     type: sequence
 types:
   digest-object:
@@ -38,7 +95,9 @@ types:
       additional properties per object, some of which are standard and others that
       are object specific.
     common_properties:
-      DGST: The cryptographic digest of the object
+      DGST:
+        description: The cryptographic digest of the object
+        name: Digest
       EKEY:
         description: Effective Key Access - The effective access to teh SEP, used
           to protect data during demotion.  Effective chip promoted
@@ -101,6 +160,7 @@ types:
           with a `secb` object with a `trst` object), `rssl` (Factory SSL root CA),
           `rvok` (Revocation list) and `trpk` (trusted public keys?)
 lpol_properties:
+  AMNM:
   auxi:
     title: Auxiliary Image4 Manifest Hash (`auxi`)
     description: After the system verifies that the UAKL hash matches what’s found
@@ -151,6 +211,15 @@ lpol_properties:
     access:
       write:
       - macOS
+  bat0:
+  bat1:
+  batf:
+  BNCH:
+  BORD:
+  CEPO:
+  chg0:
+  chg1:
+  CHIP:
   coih:
     title: CustomOS Image4 Manifest Hash (coih)
     description: The `coih` is an SHA384 hash of CustomOS Image4 manifest. The payload
@@ -162,8 +231,20 @@ lpol_properties:
     access:
       write:
       - 1TR
+  CPRO:
+  CSEC:
+  DGST:
+  diag:
+  DPRO:
+  DSEC:
+  dtre:
+  ECID:
+  EPRO:
+  ESEC:
   gaid:
     description: Gaia Authentication ID (Apple Internal)
+  glyc:
+  glyp:
   hrlp:
     title: Has Secure Enclave Signed recoveryOS Local Policy (hrlp)
     description: The `hrlp` indicates whether or not the `prot` value is the measurement
@@ -176,6 +257,9 @@ lpol_properties:
       - 1TR
       - recoveryOS
       - macOS
+  ibot:
+  illb:
+  krnl:
   kuid:
     title: Key encryption key (KEK) Group UUID (kuid)
     description: The kuid indicates the volume that was booted. The key encryption
@@ -189,10 +273,13 @@ lpol_properties:
       - 1TR
       - recoveryOS
       - macOS
+  LCST:
+  LNCH:
   lobo:
     description: Local Boot Object.  Indicates that the object is to be used as the
       target of a local boot only and not provided by the server for remote / DFU
       boots.
+  logo:
   lpnh:
     title: LocalPolicy Nonce Hash (lpnh)
     description: The lpnh is used for anti-replay of the LocalPolicy. This is an SHA384
@@ -228,6 +315,7 @@ lpol_properties:
       intention of what operating system the user has created a LocalPolicy for. Users
       change the nsih value implicitly when they perform a software update.
     type: binary
+    name: Ap,NextStageCryptex1IM4MHash
     subtype: sha2-384
     context:
       lpol:
@@ -236,6 +324,7 @@ lpol_properties:
       - 1TR
       - recoveryOS
       - macOS
+  nsrv:
   prot:
     title: Paired recoveryOS Trusted Boot Policy Measurement (prot)
     description: A paired recoveryOS Trusted Boot Policy Measurement (TBPM) is a special
@@ -251,6 +340,8 @@ lpol_properties:
       - 1TR
       - recoveryOS
       - macOS
+  recm:
+  RNCH:
   rolp:
     description: recoveryOS local policy
     type: boolean
@@ -285,6 +376,9 @@ lpol_properties:
       - 1TR
       - recoveryOS
       - macOS
+  rsep:
+  SDOM:
+  sepi:
   sip0:
     title: System Integrity Protection (SIP) 0 Status - Overall
     description: The sip0 holds the existing System Integrity Protection (SIP) policy
@@ -324,10 +418,13 @@ lpol_properties:
     description: Secure Multi-Boot 3 - DEP-allowed MDM Control
   smb5:
     description: Unknown - but known to exist in Factory signing
+  snon:
   snuf:
     description: Software Nonce For Update Freshness
   spih:
     description: Cryptex1 Image4 Hash
+  tbmr:
+  tbms:
   vuid:
     title: APFS volume group UUID (vuid)
     description: The vuid indicates the volume group the kernel should use as root.
@@ -373,12 +470,14 @@ cryptex_properties:
   pave:
     description: Pre-authorization Version (XNU) The version of a pre-authorized Cryptex.
     type: string
+    name: Cryptex1,PreauthorizationVersion
     roots:
     - ExtraContent
   snuf:
     description: SoftwareNonceForUpdateFreshness
   styp:
     description: Crytpex Subtype
+    name: Cryptex1,SubType
     type: u32
     alias:
     - cryptex subtype
@@ -386,10 +485,12 @@ cryptex_properties:
     - ExtraContent
   type:
     description: Cryptex Type
+    name: Cryptex1,Type
     type: integer
     roots:
     - ExtraContent
   UDID:
+    name: Cryptex1,UDID
     description: universal device identifier
   vnum:
     description: Version Number - Update Maximum
@@ -539,8 +640,10 @@ manifest_properties:
     description: Internal Use Only Software
   iuou:
     description: Internal Use Only Unit
+    name: Ap,InternalUseOnlyUnit
   LNCH:
     description: Local Policy Next Cryptographic Hash
+    name: ApLocalNonceHash
   love:
     title: Long Operating System Version (love)
     description: The love indicates the OS version that the LocalPolicy is created
@@ -548,6 +651,7 @@ manifest_properties:
       creation and is used to enforce recoveryOS pairing restrictions.
     type: string
     example: 21.3.66.0.0,0
+    name: Ap,OSLongVersion
     access:
       write:
       - 1TR
@@ -557,6 +661,7 @@ manifest_properties:
     - ManifestKey-DataCenter
   lpol:
     description: Local Policy
+  manx:
   mmap:
     description: Memory Map
   Mod#:
@@ -567,6 +672,7 @@ manifest_properties:
   prtp:
     description: Product Type String
     type: string
+    name: Ap,ProductType
     example: iPhone16,2
     roots:
     - ManifestKey-DataCenter
@@ -589,9 +695,18 @@ manifest_properties:
     description: Research mode
   rsch:
     description: research mode
+  rso0:
+    name: Ap,RestoreSecurityOverrides0
+  rso1:
+    name: Ap,RestoreSecurityOverrides1
+  rso2:
+    name: Ap,RestoreSecurityOverrides2
+  rso3:
+    name: Ap,RestoreSecurityOverrides3
   sdkp:
     description: SDK Platform
     type: string
+    name: Ap,SDKPlatform
     roots:
     - ManifestKey-DataCenter
     values:
@@ -613,11 +728,12 @@ manifest_properties:
   seid:
     description: Secure Enclave ID - Root Domain
   sika:
-    description: System Identity Key Access
+    description: System Identity Key Access/Attestation?
+    name: Ap,SikaFuse
   SNON:
     description: SEP Nonce
   snon:
-    description: SEP Nonce
+    description: SEP Nonce (Yes it differs by case)
   SrNm:
     description: Unit Serial Number
     manifest: true
@@ -630,6 +746,7 @@ manifest_properties:
     description: Server nonce
   tatp:
     description: Target Type (board name)
+    name: Ap,TargetType
     roots:
     - ManifestKey-DataCenter
   TMac:
@@ -903,12 +1020,14 @@ img4_tags:
     description:
   aciw:
     description:
+  adba:
   ADCL:
     description: Apple Display Calibration
   ader:
     description:
   agfi:
     description:
+  anid:
   anrd:
     description: Apple Notarized Ram Disk
   aofi:
@@ -921,10 +1040,13 @@ img4_tags:
     description:
   auac:
     description:
+  batf:
+  berb:
   BLDS:
     description: Boot LocalPolicy Digest String?
   bles:
     description:
+  BNCN:
   cfel:
     description:
     firmware_name: CFELoader
@@ -969,6 +1091,7 @@ img4_tags:
     description: Emulated GID3 Nonce
   eg3t:
     description: Emulated GID3 Type
+  eply:
   esca:
     description: Emulated System Certificate Authority
   fdrs:
@@ -983,10 +1106,15 @@ img4_tags:
     description:
   ftot:
     description: Factory Trust/FIPS Test? - Other / Original Trust
+  fuos:
+  gdmg:
+  ginf:
   ging:
     description:
   glyc:
     description: Gyroscope Calibration
+  gtcd:
+  gtgv:
   hash:
     description:
   hclo:
@@ -1016,6 +1144,7 @@ img4_tags:
     description: Locker - Used for Effaceable Storage end Obliteration
   lphp:
     description: Local Policy Hash Protection?
+  lpol:
   ltrs:
     description: Local TrustStore Recovery System?
   manx:
@@ -1044,7 +1173,8 @@ img4_tags:
   ooth:
     description: Other OS Translator (Rosetta) Hash?
   osev:
-    description: Other System (Rosetta) Environment?
+    description: Operating System Environment
+    name: Ap,OSEnvironment
   osrd:
     description: Other System (Rosetta) Ramdisk?
   otes:
@@ -1069,26 +1199,22 @@ img4_tags:
     description:
   prid:
     description: Encrypted Private Key / Private Key Info / Private Recovery Identity?
+  prot:
   ptrp:
   rbmt:
     description: Restore Boot Monitor?
     firmware_name: RBM
   rddg:
     description: Ramdisk for Debugging
-  rso0:
-    description:
-  rso1:
-    description:
-  rso2:
-    description:
-  rso3:
-    description:
+  refk:
   rtpf:
     description:
   slvn:
     description:
+  snid:
   SPTM:
     description: Secure Page Table Monitor
+  srvn:
   ssca:
     description: SEP Subject Certificate Authority?
   ster:
@@ -1117,3 +1243,54 @@ img4_tags:
     description: VMWare?
   xugs:
     description: x64 User System Disk
+der:
+  uikp:
+    description: UIK Public
+  kid:
+    description: Key UUID
+  aonm:
+    description: AON Mask
+  rkm:
+    description: Ref Key Mask / Key Ref MAC (message authentication code)
+  bid:
+    description: Key BID
+  cpo:
+    description: Key ACL Constraint Policy
+  ckon:
+    description: Key ACL Constraint K of N (Shamir Key Split)
+  cup:
+    description: Key ACL Constraint User Passcode
+  kv:
+    description: Key Version
+  kt:
+    description: Key Type
+  pub:
+    description: Public Key
+  id:
+    description: Key ID
+  ag:
+    description: Access Groups
+  p:
+    description: Passcode
+  iter:
+    description: Iterations (Hash Rounds)
+  acmh:
+    description: ACM (Apple Credential Manager) Handle
+  wk:
+    description: Wrapped Key
+  pad:
+    description: Key Padding (Block alignment bytes)
+  tag:
+    description: Key Tag
+  ed:
+    description: External Data
+  pd:
+    description: Protected Data
+  ad:
+    description: Authentication Data
+  d:
+    description: Data
+  bc:
+    description: Keybag Class
+  rk:
+    description: Key Ref Key

data/share/local_policy.yaml

@@ -0,0 +1,6 @@
+---
+metadata:
+  description: The Apple Secure Multi-Boot Schema (Apple Silicon Only) and Local Policy
+    System
+  credits:
+  - rickmark

data/share/sip.yaml

@@ -21,15 +21,16 @@ csr_flags:
     always_enforced: true
   CSR_ALLOW_APPLE_INTERNAL:
     value: 16
-    description:
+    description: Allows for AppleInternal (non-production signed code)
     disable_default: true
   CSR_ALLOW_DEVICE_CONFIGURATION:
     value: 128
-    description:
+    description: This indicates that the device is booted into a mode whereby `bputil`
+      will allow changes
     always_enforced: true
   CSR_ALLOW_EXECUTABLE_POLICY_OVERRIDE:
     value: 1024
-    description: override spctl or executable policy
+    description: override trust-cache or executable policy
   CSR_ALLOW_KERNEL_DEBUGGER:
     value: 8
     description: allow using the kernel debugger (KDP) - requires configuring the
@@ -37,14 +38,14 @@ csr_flags:
     disable_default: true
   CSR_ALLOW_TASK_FOR_PID:
     value: 4
-    description: allow getting the pid task, required for debugging
+    description: allow getting the pid task, required for privileged debugging
     disable_default: true
   CSR_ALLOW_UNAPPROVED_KEXTS:
     value: 512
     description: do not require kext approval (managed in the T2 when it exists)
   CSR_ALLOW_UNAUTHENTICATED_ROOT:
     value: 2048
-    description:
+    description: Permits the root filesystem to lack SSV (signed system volume) protection
   CSR_ALLOW_UNRESTRICTED_DTRACE:
     aliases:
     - CSR_ALLOW_DESTRUCTIVE_DTRACE
@@ -64,3 +65,36 @@ csr_flags:
     value: 1
     description: allow loading kernel extensions that are not signed
     disable_default: true
+csrutil:
+  flags:
+    "--no-internal":
+    "--with":
+    "--without":
+  options:
+    basesystem:
+      name: BaseSystem Verification
+      flag: CSR_ALLOW_ANY_RECOVERY_OS
+    nvram:
+      name: NVRAM Protections
+      flag: CSR_ALLOW_UNRESTRICTED_NVRAM
+    debug:
+      name:
+      flag: CSR_ALLOW_KERNEL_DEBUGGER
+    dtrace:
+      name: DTrace Restrictions
+      flag: CSR_ALLOW_UNRESTRICTED_DTRACE
+    fs:
+      name: Filesystem Protections
+      flag: CSR_ALLOW_UNRESTRICTED_FS
+    kext:
+      name: Kext Signing
+      flag: CSR_ALLOW_UNTRUSTED_KEXTS
+  commands:
+    status:
+      description: Shows
+    enable:
+    disable:
+    netboot:
+    report:
+    authenticated-root:
+    verify-factory-sip:

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: apple-data
 version: !ruby/object:Gem::Version
-  version: 1.0.627
+  version: 1.0.629
 platform: ruby
 authors:
 - Rick Mark
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-03-09 00:00:00.000000000 Z
+date: 2024-03-11 00:00:00.000000000 Z
 dependencies: []
 description: |2
       This package includes machine readable data about Apple platforms maintained by hack-different.
@@ -251,6 +251,7 @@ files:
 - share/keys.yaml
 - share/launchd/services_bridgeOS_6.1.yaml
 - share/lightning.yaml
+- share/local_policy.yaml
 - share/lockdownd.yaml
 - share/mach_o.yaml
 - share/mobile_assets.yaml