]> git.saurik.com Git - apple/security.git/blob - keychain/ot/tests/octagon/Pairing/OctagonPairingTests+ProximitySetup.swift
projects / apple / security.git / blob
? search:


47786d254236188189324ab9c37ad67ccec88550
[apple/security.git] / keychain / ot / tests / octagon / Pairing / OctagonPairingTests+ProximitySetup.swift
1 #if OCTAGON
2
3 extension OctagonPairingTests {
4
5 func assertSOSSuccess() {
6 XCTAssertNotNil(self.fcInitiator?.accountPrivateKey, "no accountPrivateKey in fcInitiator")
7 XCTAssertNotNil(self.fcAcceptor?.accountPrivateKey, "no accountPrivateKey in fcAcceptor")
8 XCTAssert(CFEqualSafe(self.fcInitiator.accountPrivateKey, self.fcAcceptor.accountPrivateKey), "no accountPrivateKey not same in both")
9
10 XCTAssert(SOSCircleHasPeer(self.circle, self.fcInitiator.peerInfo(), nil), "HasPeer 1")
11 // XCTAssert(SOSCircleHasPeer(self.circle, self.fcAcceptor.peerInfo(), nil), "HasPeer 2") <rdar://problem/54040068>
12 }
13
14 func tlkInPairingChannel(packet: Data) throws -> Bool {
15 let plist = try self.pairingPacketToPlist(packet: packet)
16
17 guard let arrayOfItems = (plist["d"] as? [[String: Any]]) else {
18 return false
19 }
20
21 var foundTLK = false
22 arrayOfItems.forEach { item in
23 guard let agrp = (item["agrp"] as? String) else {
24 return
25 }
26 guard let cls = (item["class"] as? String) else {
27 return
28 }
29 if cls == "inet" && agrp == "com.apple.security.ckks" {
30 foundTLK = true
31 }
32 }
33 return foundTLK
34 }
35
36 func testJoin() {
37 self.startCKAccountStatusMock()
38
39 /*Setup acceptor first*/
40
41 self.getAcceptorInCircle()
42
43 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
44
45 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
46
47 clientStateMachine.startOctagonStateMachine()
48 initiator1Context.startOctagonStateMachine()
49
50 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
51
52 let rpcEpochCallbacks = self.expectation(description: "rpcEpoch callback occurs")
53 clientStateMachine.rpcEpoch(self.cuttlefishContextForAcceptor) { epoch, error in
54 XCTAssertNil(error, "error should be nil")
55 XCTAssertTrue(epoch == 1, "epoch should be 1")
56 rpcEpochCallbacks.fulfill()
57 }
58 self.wait(for: [rpcEpochCallbacks], timeout: 10)
59
60 let signInCallback = self.expectation(description: "trigger sign in")
61 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
62 XCTAssertNil(error, "error should be nil")
63 signInCallback.fulfill()
64 }
65 self.wait(for: [signInCallback], timeout: 10)
66
67 /* now initiator's turn*/
68 /* calling prepare identity*/
69 let rpcInitiatorPrepareCallback = self.expectation(description: "rpcPrepare callback occurs")
70
71 var p = String()
72 var pI = Data()
73 var pIS = Data()
74 var sI = Data()
75 var sIS = Data()
76
77 initiator1Context.rpcPrepareIdentityAsApplicant(with: self.initiatorPairingConfig, epoch: 1) { peerID, permanentInfo, permanentInfoSig, stableInfo, stableInfoSig, error in
78 XCTAssertNil(error, "Should be no error calling 'prepare'")
79 XCTAssertNotNil(peerID, "Prepare should have returned a peerID")
80 XCTAssertNotNil(permanentInfo, "Prepare should have returned a permanentInfo")
81 XCTAssertNotNil(permanentInfoSig, "Prepare should have returned a permanentInfoSig")
82 XCTAssertNotNil(stableInfo, "Prepare should have returned a stableInfo")
83 XCTAssertNotNil(stableInfoSig, "Prepare should have returned a stableInfoSig")
84
85 p = peerID!
86 pI = permanentInfo!
87 pIS = permanentInfoSig!
88 sI = stableInfo!
89 sIS = stableInfoSig!
90
91 rpcInitiatorPrepareCallback.fulfill()
92 }
93
94 self.wait(for: [rpcInitiatorPrepareCallback], timeout: 10)
95
96 self.assertEnters(context: self.cuttlefishContext, state: OctagonStateInitiatorAwaitingVoucher, within: 10 * NSEC_PER_SEC)
97
98 /* calling voucher */
99 let rpcVoucherCallback = self.expectation(description: "rpcVoucher callback occurs")
100
101 var v = Data(count: 0)
102 var vS = Data(count: 0)
103
104 clientStateMachine.rpcVoucher(self.cuttlefishContextForAcceptor, peerID: p, permanentInfo: pI, permanentInfoSig: pIS, stableInfo: sI, stableInfoSig: sIS) { voucher, voucherSig, error in
105 XCTAssertNotNil(v, "Prepare should have returned a voucher")
106 XCTAssertNotNil(vS, "Prepare should have returned a voucherSig")
107 XCTAssertNil(error, "error should be nil")
108
109 v = voucher
110 vS = voucherSig
111
112 rpcVoucherCallback.fulfill()
113
114 XCTAssertEqual(0, (clientStateMachine.stateConditions[OctagonStateAcceptorDone] as! CKKSCondition).wait(10 * NSEC_PER_SEC), "State machine should enter 'OctagonStateAcceptorDone'")
115 }
116
117 self.wait(for: [rpcVoucherCallback], timeout: 10)
118
119 self.assertConsidersSelfUntrusted(context: self.cuttlefishContext)
120
121 /* calling Join */
122 let rpcJoinCallbackOccurs = self.expectation(description: "rpcJoin callback occurs")
123
124 self.cuttlefishContext.rpcJoin(v, vouchSig: vS) { error in
125 XCTAssertNil(error, "error should be nil")
126 rpcJoinCallbackOccurs.fulfill()
127 }
128
129 self.wait(for: [rpcJoinCallbackOccurs], timeout: 10)
130 XCTAssertEqual(self.fakeCuttlefishServer.state.bottles.count, 2, "should be 2 bottles")
131
132 XCTAssertEqual(0, (clientStateMachine.stateConditions[OctagonStateAcceptorDone] as! CKKSCondition).wait(10 * NSEC_PER_SEC), "State machine should enter 'OctagonStateAcceptorDone'")
133
134 self.assertEnters(context: self.cuttlefishContext, state: OctagonStateReady, within: 10 * NSEC_PER_SEC)
135 self.assertConsidersSelfTrusted(context: self.cuttlefishContext)
136 self.verifyDatabaseMocks()
137
138 self.assertSelfTLKSharesInCloudKit(context: self.cuttlefishContext)
139 self.assertTLKSharesInCloudKit(receiver: self.cuttlefishContextForAcceptor, sender: self.cuttlefishContext)
140
141 self.assertAllCKKSViews(enter: SecCKKSZoneKeyStateReady, within: 10 * NSEC_PER_SEC)
142 }
143
144 func testJoinRetry() {
145 self.startCKAccountStatusMock()
146
147 /*Setup acceptor first*/
148
149 self.getAcceptorInCircle()
150
151 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
152
153 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
154
155 clientStateMachine.startOctagonStateMachine()
156 initiator1Context.startOctagonStateMachine()
157
158 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
159
160 let rpcEpochCallbacks = self.expectation(description: "rpcEpoch callback occurs")
161 clientStateMachine.rpcEpoch(self.cuttlefishContextForAcceptor) { epoch, error in
162 XCTAssertNil(error, "error should be nil")
163 XCTAssertTrue(epoch == 1, "epoch should be 1")
164 rpcEpochCallbacks.fulfill()
165 }
166 self.wait(for: [rpcEpochCallbacks], timeout: 10)
167
168 let signInCallback = self.expectation(description: "trigger sign in")
169 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
170 XCTAssertNil(error, "error should be nil")
171 signInCallback.fulfill()
172 }
173 self.wait(for: [signInCallback], timeout: 10)
174
175 /* now initiator's turn*/
176 /* calling prepare identity*/
177 let rpcInitiatorPrepareCallback = self.expectation(description: "rpcPrepare callback occurs")
178
179 var p = String()
180 var pI = Data()
181 var pIS = Data()
182 var sI = Data()
183 var sIS = Data()
184
185 initiator1Context.rpcPrepareIdentityAsApplicant(with: self.initiatorPairingConfig, epoch: 1) { peerID, permanentInfo, permanentInfoSig, stableInfo, stableInfoSig, error in
186 XCTAssertNil(error, "Should be no error calling 'prepare'")
187 XCTAssertNotNil(peerID, "Prepare should have returned a peerID")
188 XCTAssertNotNil(permanentInfo, "Prepare should have returned a permanentInfo")
189 XCTAssertNotNil(permanentInfoSig, "Prepare should have returned a permanentInfoSig")
190 XCTAssertNotNil(stableInfo, "Prepare should have returned a stableInfo")
191 XCTAssertNotNil(stableInfoSig, "Prepare should have returned a stableInfoSig")
192
193 p = peerID!
194 pI = permanentInfo!
195 pIS = permanentInfoSig!
196 sI = stableInfo!
197 sIS = stableInfoSig!
198
199 rpcInitiatorPrepareCallback.fulfill()
200 }
201
202 self.wait(for: [rpcInitiatorPrepareCallback], timeout: 10)
203
204 self.assertEnters(context: self.cuttlefishContext, state: OctagonStateInitiatorAwaitingVoucher, within: 10 * NSEC_PER_SEC)
205
206 /* calling voucher */
207 let rpcVoucherCallback = self.expectation(description: "rpcVoucher callback occurs")
208
209 var v = Data(count: 0)
210 var vS = Data(count: 0)
211
212 clientStateMachine.rpcVoucher(self.cuttlefishContextForAcceptor, peerID: p, permanentInfo: pI, permanentInfoSig: pIS, stableInfo: sI, stableInfoSig: sIS) { voucher, voucherSig, error in
213 XCTAssertNotNil(v, "Prepare should have returned a voucher")
214 XCTAssertNotNil(vS, "Prepare should have returned a voucherSig")
215 XCTAssertNil(error, "error should be nil")
216
217 v = voucher
218 vS = voucherSig
219
220 rpcVoucherCallback.fulfill()
221
222 XCTAssertEqual(0, (clientStateMachine.stateConditions[OctagonStateAcceptorDone] as! CKKSCondition).wait(10 * NSEC_PER_SEC), "State machine should enter 'OctagonStateAcceptorDone'")
223 }
224
225 self.wait(for: [rpcVoucherCallback], timeout: 10)
226
227 self.assertConsidersSelfUntrusted(context: self.cuttlefishContext)
228
229 /* calling Join */
230 let ckError = FakeCuttlefishServer.makeCloudKitCuttlefishError(code: .transactionalFailure)
231 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
232 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
233 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
234 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
235 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
236
237 let rpcJoinCallbackOccurs = self.expectation(description: "rpcJoin callback occurs")
238
239 self.cuttlefishContext.rpcJoin(v, vouchSig: vS) { error in
240 XCTAssertNil(error, "error should be nil")
241 rpcJoinCallbackOccurs.fulfill()
242 }
243
244 self.wait(for: [rpcJoinCallbackOccurs], timeout: 64)
245 XCTAssertEqual(self.fakeCuttlefishServer.state.bottles.count, 2, "should be 2 bottles")
246
247 XCTAssertEqual(0, (clientStateMachine.stateConditions[OctagonStateAcceptorDone] as! CKKSCondition).wait(10 * NSEC_PER_SEC), "State machine should enter 'OctagonStateAcceptorDone'")
248
249 self.assertEnters(context: self.cuttlefishContext, state: OctagonStateReady, within: 10 * NSEC_PER_SEC)
250 self.assertConsidersSelfTrusted(context: self.cuttlefishContext)
251 self.verifyDatabaseMocks()
252
253 self.assertSelfTLKSharesInCloudKit(context: self.cuttlefishContext)
254 self.assertTLKSharesInCloudKit(receiver: self.cuttlefishContextForAcceptor, sender: self.cuttlefishContext)
255
256 self.assertAllCKKSViews(enter: SecCKKSZoneKeyStateReady, within: 10 * NSEC_PER_SEC)
257 }
258
259 func testJoinRetryFail() {
260 self.startCKAccountStatusMock()
261
262 /*Setup acceptor first*/
263
264 self.getAcceptorInCircle()
265
266 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
267
268 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
269
270 clientStateMachine.startOctagonStateMachine()
271 initiator1Context.startOctagonStateMachine()
272
273 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
274
275 let rpcEpochCallbacks = self.expectation(description: "rpcEpoch callback occurs")
276 clientStateMachine.rpcEpoch(self.cuttlefishContextForAcceptor) { epoch, error in
277 XCTAssertNil(error, "error should be nil")
278 XCTAssertTrue(epoch == 1, "epoch should be 1")
279 rpcEpochCallbacks.fulfill()
280 }
281 self.wait(for: [rpcEpochCallbacks], timeout: 10)
282
283 let signInCallback = self.expectation(description: "trigger sign in")
284 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
285 XCTAssertNil(error, "error should be nil")
286 signInCallback.fulfill()
287 }
288 self.wait(for: [signInCallback], timeout: 10)
289
290 /* now initiator's turn*/
291 /* calling prepare identity*/
292 let rpcInitiatorPrepareCallback = self.expectation(description: "rpcPrepare callback occurs")
293
294 var p = String()
295 var pI = Data()
296 var pIS = Data()
297 var sI = Data()
298 var sIS = Data()
299
300 initiator1Context.rpcPrepareIdentityAsApplicant(with: self.initiatorPairingConfig, epoch: 1) { peerID, permanentInfo, permanentInfoSig, stableInfo, stableInfoSig, error in
301 XCTAssertNil(error, "Should be no error calling 'prepare'")
302 XCTAssertNotNil(peerID, "Prepare should have returned a peerID")
303 XCTAssertNotNil(permanentInfo, "Prepare should have returned a permanentInfo")
304 XCTAssertNotNil(permanentInfoSig, "Prepare should have returned a permanentInfoSig")
305 XCTAssertNotNil(stableInfo, "Prepare should have returned a stableInfo")
306 XCTAssertNotNil(stableInfoSig, "Prepare should have returned a stableInfoSig")
307
308 p = peerID!
309 pI = permanentInfo!
310 pIS = permanentInfoSig!
311 sI = stableInfo!
312 sIS = stableInfoSig!
313
314 rpcInitiatorPrepareCallback.fulfill()
315 }
316
317 self.wait(for: [rpcInitiatorPrepareCallback], timeout: 10)
318
319 self.assertEnters(context: self.cuttlefishContext, state: OctagonStateInitiatorAwaitingVoucher, within: 10 * NSEC_PER_SEC)
320
321 /* calling voucher */
322 let rpcVoucherCallback = self.expectation(description: "rpcVoucher callback occurs")
323
324 var v = Data(count: 0)
325 var vS = Data(count: 0)
326
327 clientStateMachine.rpcVoucher(self.cuttlefishContextForAcceptor, peerID: p, permanentInfo: pI, permanentInfoSig: pIS, stableInfo: sI, stableInfoSig: sIS) { voucher, voucherSig, error in
328 XCTAssertNotNil(v, "Prepare should have returned a voucher")
329 XCTAssertNotNil(vS, "Prepare should have returned a voucherSig")
330 XCTAssertNil(error, "error should be nil")
331
332 v = voucher
333 vS = voucherSig
334
335 rpcVoucherCallback.fulfill()
336
337 XCTAssertEqual(0, (clientStateMachine.stateConditions[OctagonStateAcceptorDone] as! CKKSCondition).wait(10 * NSEC_PER_SEC), "State machine should enter 'OctagonStateAcceptorDone'")
338 }
339
340 self.wait(for: [rpcVoucherCallback], timeout: 10)
341
342 self.assertConsidersSelfUntrusted(context: self.cuttlefishContext)
343
344 /* calling Join */
345 let ckError = FakeCuttlefishServer.makeCloudKitCuttlefishError(code: .transactionalFailure)
346 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
347 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
348 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
349 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
350 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
351 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
352 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
353 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
354 self.fakeCuttlefishServer.nextJoinErrors.append(ckError)
355
356 let rpcJoinCallbackOccurs = self.expectation(description: "rpcJoin callback occurs")
357
358 self.cuttlefishContext.rpcJoin(v, vouchSig: vS) { error in
359 XCTAssertNotNil(error, "error should be set")
360 rpcJoinCallbackOccurs.fulfill()
361 }
362 self.wait(for: [rpcJoinCallbackOccurs], timeout: 35)
363 }
364
365 func testJoinWithCKKSConflict() {
366 self.startCKAccountStatusMock()
367
368 /*Setup acceptor first*/
369
370 self.getAcceptorInCircle()
371
372 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
373
374 self.silentFetchesAllowed = false
375 self.expectCKFetchAndRun {
376 self.putFakeKeyHierarchiesInCloudKit()
377 self.putFakeDeviceStatusesInCloudKit()
378 self.silentFetchesAllowed = true
379 }
380
381 clientStateMachine.startOctagonStateMachine()
382 self.cuttlefishContext.startOctagonStateMachine()
383
384 self.assertEnters(context: self.cuttlefishContext, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
385
386 let rpcEpochCallbacks = self.expectation(description: "rpcEpoch callback occurs")
387 clientStateMachine.rpcEpoch(self.cuttlefishContextForAcceptor) { epoch, error in
388 XCTAssertNil(error, "error should be nil")
389 XCTAssertTrue(epoch == 1, "epoch should be 1")
390 rpcEpochCallbacks.fulfill()
391 }
392 self.wait(for: [rpcEpochCallbacks], timeout: 10)
393
394 let signInCallback = self.expectation(description: "trigger sign in")
395 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
396 XCTAssertNil(error, "error should be nil")
397 signInCallback.fulfill()
398 }
399 self.wait(for: [signInCallback], timeout: 10)
400
401 /* now initiator's turn*/
402 /* calling prepare identity*/
403 let rpcInitiatorPrepareCallback = self.expectation(description: "rpcPrepare callback occurs")
404
405 var p = String()
406 var pI = Data()
407 var pIS = Data()
408 var sI = Data()
409 var sIS = Data()
410
411 self.cuttlefishContext.rpcPrepareIdentityAsApplicant(with: self.initiatorPairingConfig, epoch: 1) { peerID, permanentInfo, permanentInfoSig, stableInfo, stableInfoSig, error in
412 XCTAssertNil(error, "Should be no error calling 'prepare'")
413 XCTAssertNotNil(peerID, "Prepare should have returned a peerID")
414 XCTAssertNotNil(permanentInfo, "Prepare should have returned a permanentInfo")
415 XCTAssertNotNil(permanentInfoSig, "Prepare should have returned a permanentInfoSig")
416 XCTAssertNotNil(stableInfo, "Prepare should have returned a stableInfo")
417 XCTAssertNotNil(stableInfoSig, "Prepare should have returned a stableInfoSig")
418
419 p = peerID!
420 pI = permanentInfo!
421 pIS = permanentInfoSig!
422 sI = stableInfo!
423 sIS = stableInfoSig!
424
425 rpcInitiatorPrepareCallback.fulfill()
426 }
427
428 self.wait(for: [rpcInitiatorPrepareCallback], timeout: 10)
429
430 self.assertEnters(context: self.cuttlefishContext, state: OctagonStateInitiatorAwaitingVoucher, within: 10 * NSEC_PER_SEC)
431
432 /* calling voucher */
433 let rpcVoucherCallback = self.expectation(description: "rpcVoucher callback occurs")
434
435 var v = Data(count: 0)
436 var vS = Data(count: 0)
437
438 clientStateMachine.rpcVoucher(self.cuttlefishContextForAcceptor, peerID: p, permanentInfo: pI, permanentInfoSig: pIS, stableInfo: sI, stableInfoSig: sIS) { voucher, voucherSig, error in
439 XCTAssertNotNil(v, "Prepare should have returned a voucher")
440 XCTAssertNotNil(vS, "Prepare should have returned a voucherSig")
441 XCTAssertNil(error, "error should be nil")
442
443 v = voucher
444 vS = voucherSig
445
446 rpcVoucherCallback.fulfill()
447
448 XCTAssertEqual(0, (clientStateMachine.stateConditions[OctagonStateAcceptorDone] as! CKKSCondition).wait(10 * NSEC_PER_SEC), "State machine should enter 'OctagonStateAcceptorDone'")
449 }
450
451 self.wait(for: [rpcVoucherCallback], timeout: 10)
452
453 self.assertConsidersSelfUntrusted(context: self.cuttlefishContext)
454
455 /* calling Join */
456 let rpcJoinCallbackOccurs = self.expectation(description: "rpcJoin callback occurs")
457
458 self.cuttlefishContext.rpcJoin(v, vouchSig: vS) { error in
459 XCTAssertNil(error, "error should be nil")
460 rpcJoinCallbackOccurs.fulfill()
461 }
462
463 self.wait(for: [rpcJoinCallbackOccurs], timeout: 10)
464 XCTAssertEqual(self.fakeCuttlefishServer.state.bottles.count, 2, "should be 2 bottles")
465
466 XCTAssertEqual(0, (clientStateMachine.stateConditions[OctagonStateAcceptorDone] as! CKKSCondition).wait(10 * NSEC_PER_SEC), "State machine should enter 'OctagonStateAcceptorDone'")
467
468 self.assertEnters(context: self.cuttlefishContext, state: OctagonStateReady, within: 10 * NSEC_PER_SEC)
469 self.assertConsidersSelfTrusted(context: self.cuttlefishContext)
470
471 self.assertAllCKKSViews(enter: SecCKKSZoneKeyStateWaitForTLK, within: 10 * NSEC_PER_SEC)
472 self.verifyDatabaseMocks()
473 }
474
475 func testNextJoiningMessageInterface() {
476 self.startCKAccountStatusMock()
477
478 /*Setup acceptor first*/
479 self.getAcceptorInCircle()
480
481 let rpcEpochCallbackOccurs = self.expectation(description: "rpcEpoch callback occurs")
482
483 self.manager.rpcEpoch(with: self.acceptorPairingConfig) { epoch, error in
484 XCTAssertNil(error, "error should be nil")
485 XCTAssertEqual(epoch, 1, "epoch should be nil")
486 rpcEpochCallbackOccurs.fulfill()
487 }
488 self.wait(for: [rpcEpochCallbackOccurs], timeout: 10)
489
490 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
491 initiator1Context.startOctagonStateMachine()
492
493 let (acceptor, initiator) = self.setupPairingEndpoints(withPairNumber: "1", initiatorContextID: OTDefaultContext, acceptorContextID: self.contextForAcceptor, initiatorUniqueID: self.initiatorName, acceptorUniqueID: "acceptor-1")
494
495 XCTAssertNotNil(acceptor, "acceptor should not be nil")
496 XCTAssertNotNil(initiator, "initiator should not be nil")
497
498 let signInCallback = self.expectation(description: "trigger sign in")
499 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
500 XCTAssertNil(error, "error should be nil")
501 signInCallback.fulfill()
502 }
503 self.wait(for: [signInCallback], timeout: 10)
504
505 self.assertEnters(context: self.cuttlefishContext, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
506
507 let rpcSecondInitiatorJoiningMessageCallBack = self.expectation(description: "creating prepare message callback")
508 var peerID = ""
509 var permanentInfo = Data(count: 0)
510 var permanentInfoSig = Data(count: 0)
511 var stableInfo = Data(count: 0)
512 var stableInfoSig = Data(count: 0)
513
514 self.manager.rpcPrepareIdentityAsApplicant(with: self.initiatorPairingConfig) { pID, pI, pISig, sI, sISig, error in
515 XCTAssertNotNil(pID, "peer ID should not be nil")
516 XCTAssertNotNil(pI, "permanentInfo should not be nil")
517 XCTAssertNotNil(pISig, "permanentInfo Signature should not be nil")
518 XCTAssertNotNil(sI, "stable info should not be nil")
519 XCTAssertNotNil(sISig, "stable info signature should not be nil")
520
521 peerID = pID!
522 permanentInfo = pI!
523 permanentInfoSig = pISig!
524 stableInfo = sI!
525 stableInfoSig = sISig!
526 XCTAssertNil(error, "error should be nil")
527 rpcSecondInitiatorJoiningMessageCallBack.fulfill()
528 }
529 self.wait(for: [rpcSecondInitiatorJoiningMessageCallBack], timeout: 10)
530
531 var voucher = Data(count: 0)
532 var voucherSig = Data(count: 0)
533
534 let voucherCallback = self.expectation(description: "creating voucher message callback")
535 self.manager.rpcVoucher(with: self.acceptorPairingConfig, peerID: peerID, permanentInfo: permanentInfo, permanentInfoSig: permanentInfoSig, stableInfo: stableInfo, stableInfoSig: stableInfoSig ) { v, vS, error in
536 XCTAssertNil(error, "error should be nil")
537 voucher = v
538 voucherSig = vS
539 voucherCallback.fulfill()
540 }
541 self.wait(for: [voucherCallback], timeout: 10)
542
543 let rpcJoinCallback = self.expectation(description: "joining octagon callback")
544 self.manager.rpcJoin(with: self.initiatorPairingConfig, vouchData: voucher, vouchSig: voucherSig) { error in
545 XCTAssertNil(error, "error should be nil")
546 rpcJoinCallback.fulfill()
547 }
548 self.wait(for: [rpcJoinCallback], timeout: 10)
549
550 self.assertEnters(context: self.cuttlefishContext, state: OctagonStateReady, within: 10 * NSEC_PER_SEC)
551 self.assertEnters(context: self.cuttlefishContextForAcceptor, state: OctagonStateReady, within: 10 * NSEC_PER_SEC)
552 self.assertConsidersSelfTrusted(context: self.cuttlefishContext)
553 self.assertConsidersSelfTrusted(context: self.cuttlefishContextForAcceptor)
554 XCTAssertEqual(self.fakeCuttlefishServer.state.bottles.count, 2, "should be 2 bottles")
555 self.verifyDatabaseMocks()
556 }
557
558 func testEpochFetching() {
559 self.startCKAccountStatusMock()
560
561 /*Setup acceptor first*/
562
563 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
564 self.getAcceptorInCircle()
565
566 let rpcEpochCallbacks = self.expectation(description: "rpcEpoch callback occurs")
567 clientStateMachine.startOctagonStateMachine()
568 clientStateMachine.rpcEpoch(self.cuttlefishContextForAcceptor) { epoch, error in
569 XCTAssertNil(error, "error should be nil")
570 XCTAssertTrue(epoch == 1, "epoch should be 1")
571 rpcEpochCallbacks.fulfill()
572 }
573
574 self.wait(for: [rpcEpochCallbacks], timeout: 10)
575 XCTAssertEqual(0, (clientStateMachine.stateConditions[OctagonStateAcceptorAwaitingIdentity] as! CKKSCondition).wait(10 * NSEC_PER_SEC), "State machine should enter 'OctagonStateAcceptorAwaitingIdentity'")
576 }
577
578 func testVoucherCreation() {
579 self.startCKAccountStatusMock()
580
581 /*Setup acceptor first*/
582
583 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
584 self.getAcceptorInCircle()
585
586 let rpcEpochCallbacks = self.expectation(description: "rpcEpoch callback occurs")
587 clientStateMachine.startOctagonStateMachine()
588 clientStateMachine.rpcEpoch(self.cuttlefishContextForAcceptor) { epoch, error in
589 XCTAssertNil(error, "error should be nil")
590 XCTAssertTrue(epoch == 1, "epoch should be 1")
591 rpcEpochCallbacks.fulfill()
592 }
593
594 self.wait(for: [rpcEpochCallbacks], timeout: 10)
595 XCTAssertEqual(0, (clientStateMachine.stateConditions[OctagonStateAcceptorAwaitingIdentity] as! CKKSCondition).wait(10 * NSEC_PER_SEC), "State machine should enter 'OctagonStateAcceptorAwaitingIdentity'")
596
597 let signInCallback = self.expectation(description: "trigger sign in")
598 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
599 XCTAssertNil(error, "error should be nil")
600 signInCallback.fulfill()
601 }
602 self.wait(for: [signInCallback], timeout: 10)
603
604 self.assertEnters(context: self.cuttlefishContext, state: OctagonStateMachineNotStarted, within: 10 * NSEC_PER_SEC)
605
606 /* now initiator's turn*/
607 self.manager.startOctagonStateMachine(self.cuttlefishContext.containerName, context: self.cuttlefishContext.contextID) { _ in
608 }
609
610 /* calling prepare identity*/
611 let rpcInitiatorPrepareCallback = self.expectation(description: "rpcPrepare callback occurs")
612
613 var p = String()
614 var pI = Data()
615 var pIS = Data()
616 var sI = Data()
617 var sIS = Data()
618
619 self.cuttlefishContext.rpcPrepareIdentityAsApplicant(with: self.initiatorPairingConfig, epoch: 1) { peerID, permanentInfo, permanentInfoSig, stableInfo, stableInfoSig, error in
620 XCTAssertNil(error, "Should be no error calling 'prepare'")
621 XCTAssertNotNil(peerID, "Prepare should have returned a peerID")
622 XCTAssertNotNil(permanentInfo, "Prepare should have returned a permanentInfo")
623 XCTAssertNotNil(permanentInfoSig, "Prepare should have returned a permanentInfoSig")
624 XCTAssertNotNil(stableInfo, "Prepare should have returned a stableInfo")
625 XCTAssertNotNil(stableInfoSig, "Prepare should have returned a stableInfoSig")
626
627 p = peerID!
628 pI = permanentInfo!
629 pIS = permanentInfoSig!
630 sI = stableInfo!
631 sIS = stableInfoSig!
632
633 rpcInitiatorPrepareCallback.fulfill()
634 }
635
636 self.wait(for: [rpcInitiatorPrepareCallback], timeout: 10)
637
638 self.assertEnters(context: self.cuttlefishContext, state: OctagonStateInitiatorAwaitingVoucher, within: 10 * NSEC_PER_SEC)
639
640 /* calling voucher */
641 let rpcVoucherCallback = self.expectation(description: "rpcVoucher callback occurs")
642
643 var v = Data(count: 0)
644 var vS = Data(count: 0)
645
646 clientStateMachine.rpcVoucher(self.cuttlefishContextForAcceptor, peerID: p, permanentInfo: pI, permanentInfoSig: pIS, stableInfo: sI, stableInfoSig: sIS) { voucher, voucherSig, error in
647 XCTAssertNotNil(v, "Prepare should have returned a voucher")
648 XCTAssertNotNil(vS, "Prepare should have returned a voucherSIg")
649 XCTAssertNil(error, "error should be nil")
650
651 v = voucher
652 vS = voucherSig
653
654 rpcVoucherCallback.fulfill()
655 }
656
657 self.wait(for: [rpcVoucherCallback], timeout: 10)
658 XCTAssertEqual(0, (clientStateMachine.stateConditions[OctagonStateAcceptorDone] as! CKKSCondition).wait(10 * NSEC_PER_SEC), "State machine should enter 'OctagonStateAcceptorDone'")
659 }
660
661 func testPrepareTimeoutIfStateMachineUnstarted() {
662 self.startCKAccountStatusMock()
663
664 let rpcCallbackOccurs = self.expectation(description: "rpcPrepare callback occurs")
665 self.initiatorPairingConfig.timeout = Int64(2 * NSEC_PER_SEC)
666
667 self.cuttlefishContext.rpcPrepareIdentityAsApplicant(with: self.initiatorPairingConfig, epoch: 1) { peerID, permanentInfo, permanentInfoSig, stableInfo, stableInfoSig, error in
668 XCTAssertNotNil(error, "Should be an error calling 'prepare'")
669 XCTAssertEqual(error?._domain, CKKSResultErrorDomain, "Error domain should be CKKSResultErrorDomain")
670 XCTAssertEqual(error?._code ?? -1, CKKSResultTimedOut, "Error result should be CKKSResultTimedOut")
671
672 XCTAssertNil(peerID, "Prepare should not have returned a peerID")
673 XCTAssertNil(permanentInfo, "Prepare should not have returned a permanentInfo")
674 XCTAssertNil(permanentInfoSig, "Prepare should not have returned a permanentInfoSig")
675 XCTAssertNil(stableInfo, "Prepare should not have returned a stableInfo")
676 XCTAssertNil(stableInfoSig, "Prepare should not have returned a stableInfoSig")
677
678 rpcCallbackOccurs.fulfill()
679 }
680
681 self.wait(for: [rpcCallbackOccurs], timeout: 10)
682 }
683
684 func testProximitySetupUsingCliqueOctagonAndSOS() {
685 self.startCKAccountStatusMock()
686
687 OctagonSetPlatformSupportsSOS(true)
688 OctagonSetIsEnabled(true)
689
690 self.getAcceptorInCircle()
691
692 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
693
694 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
695
696 clientStateMachine.startOctagonStateMachine()
697 initiator1Context.startOctagonStateMachine()
698
699 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
700
701 let (acceptor, initiator) = self.setupPairingEndpoints(withPairNumber: "1", initiatorContextID: OTDefaultContext, acceptorContextID: self.contextForAcceptor, initiatorUniqueID: self.initiatorName, acceptorUniqueID: "acceptor-2")
702
703 XCTAssertNotNil(acceptor, "acceptor should not be nil")
704 XCTAssertNotNil(initiator, "initiator should not be nil")
705
706 let signInCallback = self.expectation(description: "trigger sign in")
707 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
708 XCTAssertNil(error, "error should be nil")
709 signInCallback.fulfill()
710 }
711 self.wait(for: [signInCallback], timeout: 10)
712
713 /* INITIATOR FIRST RTT JOINING MESSAGE*/
714 let initiatorFirstPacket = self.sendPairingExpectingReply(channel: initiator, packet: nil, reason: "session initiation")
715
716 /* ACCEPTOR FIRST RTT EPOCH*/
717 let acceptorEpochPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorFirstPacket, reason: "epoch return")
718
719 /* INITIATOR SECOND RTT PREPARE*/
720 let initiatorPreparedIdentityPacket = self.sendPairingExpectingReply(channel: initiator, packet: acceptorEpochPacket, reason: "prepared identity")
721
722 /* ACCEPTOR SECOND RTT */
723 let acceptorVoucherPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorPreparedIdentityPacket, reason: "epoch return")
724
725 /* INITIATOR THIRD STEP*/
726 let initiatorThirdPacket = self.sendPairingExpectingReply(channel: initiator, packet: acceptorVoucherPacket, reason: "intitiator third packet")
727
728 /* ACCEPTOR THIRD STEP */
729 let acceptorThirdPacket = self.sendPairingExpectingCompletionAndReply(channel: acceptor, packet: initiatorThirdPacket, reason: "acceptor third packet")
730 XCTAssertFalse(try self.tlkInPairingChannel(packet: acceptorThirdPacket), "pairing channel should NOT transport TLKs for SOS+Octagon")
731
732 /* INITIATOR FOURTH STEP*/
733 self.sendPairingExpectingCompletion(channel: initiator, packet: acceptorThirdPacket, reason: "final packet receipt")
734
735 // pairing completes here
736
737 assertAllCKKSViews(enter: SecCKKSZoneKeyStateReady, within: 10 * NSEC_PER_SEC)
738
739 clientStateMachine.notifyContainerChange()
740
741 // Initiator should join!
742 self.assertEnters(context: initiator1Context, state: OctagonStateReady, within: 10 * NSEC_PER_SEC)
743 self.assertConsidersSelfTrusted(context: initiator1Context)
744 self.verifyDatabaseMocks()
745
746 let initiatorDumpCallback = self.expectation(description: "initiatorDumpCallback callback occurs")
747 self.tphClient.dump(withContainer: self.cuttlefishContext.containerName, context: self.cuttlefishContext.contextID) { dump, _ in
748 XCTAssertNotNil(dump, "dump should not be nil")
749 let egoSelf = dump!["self"] as? [String: AnyObject]
750 XCTAssertNotNil(egoSelf, "egoSelf should not be nil")
751 let dynamicInfo = egoSelf!["dynamicInfo"] as? [String: AnyObject]
752 XCTAssertNotNil(dynamicInfo, "dynamicInfo should not be nil")
753 let included = dynamicInfo!["included"] as? [String]
754 XCTAssertNotNil(included, "included should not be nil")
755 XCTAssertEqual(included!.count, 2, "should be 2 peer ids")
756
757 initiatorDumpCallback.fulfill()
758 }
759 self.wait(for: [initiatorDumpCallback], timeout: 10)
760
761 let acceptorDumpCallback = self.expectation(description: "acceptorDumpCallback callback occurs")
762 self.tphClient.dump(withContainer: self.cuttlefishContext.containerName, context: self.contextForAcceptor) { dump, _ in
763 XCTAssertNotNil(dump, "dump should not be nil")
764 let egoSelf = dump!["self"] as? [String: AnyObject]
765 XCTAssertNotNil(egoSelf, "egoSelf should not be nil")
766 let dynamicInfo = egoSelf!["dynamicInfo"] as? [String: AnyObject]
767 XCTAssertNotNil(dynamicInfo, "dynamicInfo should not be nil")
768 let included = dynamicInfo!["included"] as? [String]
769 XCTAssertNotNil(included, "included should not be nil")
770 XCTAssertEqual(included!.count, 2, "should be 2 peer ids")
771 acceptorDumpCallback.fulfill()
772 }
773 self.wait(for: [acceptorDumpCallback], timeout: 10)
774
775 XCTAssertEqual(self.fakeCuttlefishServer.state.bottles.count, 2, "should be 2 bottles")
776
777 self.assertSOSSuccess()
778 }
779
780 func testProximitySetupUsingCliqueOctagonOnly() throws {
781 OctagonSetPlatformSupportsSOS(false)
782 OctagonSetIsEnabled(true)
783 self.startCKAccountStatusMock()
784
785 self.getAcceptorInCircle()
786
787 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
788
789 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
790
791 clientStateMachine.startOctagonStateMachine()
792 initiator1Context.startOctagonStateMachine()
793
794 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
795
796 let (acceptor, initiator) = self.setupPairingEndpoints(withPairNumber: "1", initiatorContextID: OTDefaultContext, acceptorContextID: self.contextForAcceptor, initiatorUniqueID: self.initiatorName, acceptorUniqueID: "acceptor-2")
797
798 XCTAssertNotNil(acceptor, "acceptor should not be nil")
799 XCTAssertNotNil(initiator, "initiator should not be nil")
800
801 let signInCallback = self.expectation(description: "trigger sign in")
802 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
803 XCTAssertNil(error, "error should be nil")
804 signInCallback.fulfill()
805 }
806 self.wait(for: [signInCallback], timeout: 10)
807
808 /* INITIATOR FIRST RTT JOINING MESSAGE*/
809 let initiatorFirstPacket = self.sendPairingExpectingReply(channel: initiator, packet: nil, reason: "session initiation")
810
811 /* ACCEPTOR FIRST RTT EPOCH*/
812 let acceptorEpochPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorFirstPacket, reason: "epoch return")
813
814 /* INITIATOR SECOND RTT PREPARE*/
815 let initiatorPreparedIdentityPacket = self.sendPairingExpectingReply(channel: initiator, packet: acceptorEpochPacket, reason: "prepared identity")
816
817 /* ACCEPTOR SECOND RTT */
818 let acceptorVoucherPacket = self.sendPairingExpectingCompletionAndReply(channel: acceptor, packet: initiatorPreparedIdentityPacket, reason: "acceptor third packet")
819
820 // the tlks are in the 3rd roundtrip, but lets check here too
821 XCTAssertFalse(try self.tlkInPairingChannel(packet: acceptorVoucherPacket), "pairing channel should not transport TLKs for octagon")
822
823 /* INITIATOR THIRD STEP*/
824 self.sendPairingExpectingCompletion(channel: initiator, packet: acceptorVoucherPacket, reason: "final packet receipt")
825
826 assertAllCKKSViews(enter: SecCKKSZoneKeyStateReady, within: 10 * NSEC_PER_SEC)
827
828 clientStateMachine.notifyContainerChange()
829
830 // Initiator should join!
831 self.assertEnters(context: initiator1Context, state: OctagonStateReady, within: 10 * NSEC_PER_SEC)
832 self.assertConsidersSelfTrusted(context: initiator1Context)
833 self.verifyDatabaseMocks()
834
835 let initiatorDumpCallback = self.expectation(description: "initiatorDumpCallback callback occurs")
836 self.tphClient.dump(withContainer: self.cuttlefishContext.containerName, context: self.cuttlefishContext.contextID) { dump, _ in
837 XCTAssertNotNil(dump, "dump should not be nil")
838 let egoSelf = dump!["self"] as? [String: AnyObject]
839 XCTAssertNotNil(egoSelf, "egoSelf should not be nil")
840 let dynamicInfo = egoSelf!["dynamicInfo"] as? [String: AnyObject]
841 XCTAssertNotNil(dynamicInfo, "dynamicInfo should not be nil")
842 let included = dynamicInfo!["included"] as? [String]
843 XCTAssertNotNil(included, "included should not be nil")
844 XCTAssertEqual(included!.count, 2, "should be 2 peer ids")
845
846 initiatorDumpCallback.fulfill()
847 }
848 self.wait(for: [initiatorDumpCallback], timeout: 10)
849
850 let acceptorDumpCallback = self.expectation(description: "acceptorDumpCallback callback occurs")
851 self.tphClient.dump(withContainer: self.cuttlefishContext.containerName, context: self.contextForAcceptor) { dump, _ in
852 XCTAssertNotNil(dump, "dump should not be nil")
853 let egoSelf = dump!["self"] as? [String: AnyObject]
854 XCTAssertNotNil(egoSelf, "egoSelf should not be nil")
855 let dynamicInfo = egoSelf!["dynamicInfo"] as? [String: AnyObject]
856 XCTAssertNotNil(dynamicInfo, "dynamicInfo should not be nil")
857 let included = dynamicInfo!["included"] as? [String]
858 XCTAssertNotNil(included, "included should not be nil")
859 XCTAssertEqual(included!.count, 2, "should be 2 peer ids")
860 acceptorDumpCallback.fulfill()
861 }
862 self.wait(for: [acceptorDumpCallback], timeout: 10)
863
864 XCTAssertEqual(self.fakeCuttlefishServer.state.bottles.count, 2, "should be 2 bottles")
865 }
866
867 func testProximitySetupUsingCliqueSOSOnly() {
868 OctagonSetPlatformSupportsSOS(true)
869 OctagonSetIsEnabled(false)
870 self.startCKAccountStatusMock()
871
872 self.getAcceptorInCircle()
873
874 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
875
876 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
877
878 clientStateMachine.startOctagonStateMachine()
879 initiator1Context.startOctagonStateMachine()
880
881 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
882
883 let (acceptor, initiator) = self.setupPairingEndpoints(withPairNumber: "1",
884 initiatorContextID: OTDefaultContext,
885 acceptorContextID: self.contextForAcceptor,
886 initiatorUniqueID: self.initiatorName,
887 acceptorUniqueID: "acceptor-2")
888
889 XCTAssertNotNil(acceptor, "acceptor should not be nil")
890 XCTAssertNotNil(initiator, "initiator should not be nil")
891
892 let signInCallback = self.expectation(description: "trigger sign in")
893 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
894 XCTAssertNil(error, "error should be nil")
895 signInCallback.fulfill()
896 }
897 self.wait(for: [signInCallback], timeout: 10)
898
899 /* INITIATOR FIRST RTT JOINING MESSAGE*/
900 let initiatorFirstPacket = self.sendPairingExpectingReply(channel: initiator, packet: nil, reason: "session initiation")
901
902 /* ACCEPTOR FIRST RTT EPOCH*/
903 let acceptorEpochPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorFirstPacket, reason: "epoch return")
904
905 /* INITIATOR SECOND RTT PREPARE*/
906 let initiatorPreparedIdentityPacket = self.sendPairingExpectingReply(channel: initiator, packet: acceptorEpochPacket, reason: "prepared identity")
907
908 /* ACCEPTOR SECOND RTT */
909 let acceptorVoucherPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorPreparedIdentityPacket, reason: "epoch return")
910
911 // the tlks are in the 3rd roundtrip, but lets check here too
912 XCTAssertFalse(try self.tlkInPairingChannel(packet: acceptorVoucherPacket), "pairing channel should transport TLKs for SOS not 2nd step though")
913
914 /* INITIATOR THIRD STEP*/
915 let initiatorThirdPacket = self.sendPairingExpectingReply(channel: initiator, packet: acceptorVoucherPacket, reason: "intitiator third packet")
916
917 /* ACCEPTOR THIRD STEP */
918 let acceptorThirdPacket = self.sendPairingExpectingCompletionAndReply(channel: acceptor, packet: initiatorThirdPacket, reason: "acceptor third packet")
919
920 XCTAssertTrue(try self.tlkInPairingChannel(packet: acceptorThirdPacket), "pairing channel should transport TLKs for SOS")
921
922 /* INITIATOR FORTH STEP*/
923 self.sendPairingExpectingCompletion(channel: initiator, packet: acceptorThirdPacket, reason: "final packet receipt")
924
925 self.assertSOSSuccess()
926 }
927
928 func testProximitySetupOctagonAndSOSWithSOSFailure() {
929 //ensure Octagon protocol continues even if SOS fails in some way.
930 OctagonSetPlatformSupportsSOS(true)
931 OctagonSetIsEnabled(true)
932 self.startCKAccountStatusMock()
933
934 self.getAcceptorInCircle()
935
936 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
937
938 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
939
940 clientStateMachine.startOctagonStateMachine()
941 initiator1Context.startOctagonStateMachine()
942
943 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
944
945 let (acceptor, initiator) = self.setupPairingEndpoints(withPairNumber: "1", initiatorContextID: OTDefaultContext, acceptorContextID: self.contextForAcceptor, initiatorUniqueID: self.initiatorName, acceptorUniqueID: "acceptor-2")
946
947 XCTAssertNotNil(acceptor, "acceptor should not be nil")
948 XCTAssertNotNil(initiator, "initiator should not be nil")
949
950 initiator.setSOSMessageFailForTesting(true)
951 acceptor.setSOSMessageFailForTesting(true)
952
953 let signInCallback = self.expectation(description: "trigger sign in")
954 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
955 XCTAssertNil(error, "error should be nil")
956 signInCallback.fulfill()
957 }
958 self.wait(for: [signInCallback], timeout: 10)
959
960 /* INITIATOR FIRST RTT JOINING MESSAGE*/
961 let initiatorFirstPacket = self.sendPairingExpectingReply(channel: initiator, packet: nil, reason: "session initiation")
962
963 /* ACCEPTOR FIRST RTT EPOCH*/
964 let acceptorEpochPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorFirstPacket, reason: "epoch return")
965
966 /* INITIATOR SECOND RTT PREPARE*/
967 let initiatorPreparedIdentityPacket = self.sendPairingExpectingReply(channel: initiator, packet: acceptorEpochPacket, reason: "prepared identity")
968
969 /* ACCEPTOR SECOND RTT */
970 let acceptorVoucherPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorPreparedIdentityPacket, reason: "epoch return")
971
972 /* INITIATOR THIRD STEP*/
973 _ = self.sendPairingExpectingReply(channel: initiator, packet: acceptorVoucherPacket, reason: "intitiator third packet")
974
975 assertAllCKKSViews(enter: SecCKKSZoneKeyStateReady, within: 10 * NSEC_PER_SEC)
976
977 clientStateMachine.notifyContainerChange()
978
979 // Initiator should join!
980 self.assertEnters(context: initiator1Context, state: OctagonStateReady, within: 10 * NSEC_PER_SEC)
981 self.assertConsidersSelfTrusted(context: initiator1Context)
982 self.verifyDatabaseMocks()
983
984 let initiatorDumpCallback = self.expectation(description: "initiatorDumpCallback callback occurs")
985 self.tphClient.dump(withContainer: self.cuttlefishContext.containerName, context: self.cuttlefishContext.contextID) { dump, _ in
986 XCTAssertNotNil(dump, "dump should not be nil")
987 let egoSelf = dump!["self"] as? [String: AnyObject]
988 XCTAssertNotNil(egoSelf, "egoSelf should not be nil")
989 let dynamicInfo = egoSelf!["dynamicInfo"] as? [String: AnyObject]
990 XCTAssertNotNil(dynamicInfo, "dynamicInfo should not be nil")
991 let included = dynamicInfo!["included"] as? [String]
992 XCTAssertNotNil(included, "included should not be nil")
993 XCTAssertEqual(included!.count, 2, "should be 2 peer ids")
994
995 initiatorDumpCallback.fulfill()
996 }
997 self.wait(for: [initiatorDumpCallback], timeout: 10)
998
999 let acceptorDumpCallback = self.expectation(description: "acceptorDumpCallback callback occurs")
1000 self.tphClient.dump(withContainer: self.cuttlefishContext.containerName, context: self.contextForAcceptor) { dump, _ in
1001 XCTAssertNotNil(dump, "dump should not be nil")
1002 let egoSelf = dump!["self"] as? [String: AnyObject]
1003 XCTAssertNotNil(egoSelf, "egoSelf should not be nil")
1004 let dynamicInfo = egoSelf!["dynamicInfo"] as? [String: AnyObject]
1005 XCTAssertNotNil(dynamicInfo, "dynamicInfo should not be nil")
1006 let included = dynamicInfo!["included"] as? [String]
1007 XCTAssertNotNil(included, "included should not be nil")
1008 XCTAssertEqual(included!.count, 2, "should be 2 peer ids")
1009 acceptorDumpCallback.fulfill()
1010 }
1011 self.wait(for: [acceptorDumpCallback], timeout: 10)
1012
1013 XCTAssertEqual(self.fakeCuttlefishServer.state.bottles.count, 2, "should be 2 bottles")
1014 }
1015
1016 func testProximitySetupOctagonAndSOSWithOcatagonInitiatorMessage1Failure() {
1017 //ensure Octagon protocol halts if enabled and encounters a failure
1018 OctagonSetPlatformSupportsSOS(true)
1019 OctagonSetIsEnabled(true)
1020 self.startCKAccountStatusMock()
1021
1022 self.getAcceptorInCircle()
1023
1024 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
1025
1026 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
1027
1028 clientStateMachine.startOctagonStateMachine()
1029 initiator1Context.startOctagonStateMachine()
1030
1031 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
1032
1033 let (acceptor, initiator) = self.setupPairingEndpoints(withPairNumber: "1", initiatorContextID: OTDefaultContext, acceptorContextID: self.contextForAcceptor, initiatorUniqueID: self.initiatorName, acceptorUniqueID: "acceptor-2")
1034
1035 XCTAssertNotNil(acceptor, "acceptor should not be nil")
1036 XCTAssertNotNil(initiator, "initiator should not be nil")
1037
1038 initiator.setOctagonMessageFailForTesting(true)
1039
1040 let signInCallback = self.expectation(description: "trigger sign in")
1041 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
1042 XCTAssertNil(error, "error should be nil")
1043 signInCallback.fulfill()
1044 }
1045 self.wait(for: [signInCallback], timeout: 10)
1046
1047 /* INITIATOR FIRST RTT JOINING MESSAGE*/
1048 self.sendPairingExpectingCompletion(channel: initiator, packet: nil, reason: "error on first message")
1049 }
1050
1051 func testProximitySetupOctagonAndSOSWithOctagonAcceptorMessage1Failure() {
1052 //ensure Octagon protocol continues even if SOS fails in some way.
1053 OctagonSetPlatformSupportsSOS(true)
1054 OctagonSetIsEnabled(true)
1055 self.startCKAccountStatusMock()
1056
1057 self.getAcceptorInCircle()
1058
1059 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
1060
1061 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
1062
1063 clientStateMachine.startOctagonStateMachine()
1064 initiator1Context.startOctagonStateMachine()
1065
1066 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
1067
1068 let (acceptor, initiator) = self.setupPairingEndpoints(withPairNumber: "1", initiatorContextID: OTDefaultContext, acceptorContextID: self.contextForAcceptor, initiatorUniqueID: self.initiatorName, acceptorUniqueID: "acceptor-2")
1069
1070 XCTAssertNotNil(acceptor, "acceptor should not be nil")
1071 XCTAssertNotNil(initiator, "initiator should not be nil")
1072
1073 let signInCallback = self.expectation(description: "trigger sign in")
1074 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
1075 XCTAssertNil(error, "error should be nil")
1076 signInCallback.fulfill()
1077 }
1078 self.wait(for: [signInCallback], timeout: 10)
1079
1080 /* INITIATOR FIRST RTT JOINING MESSAGE*/
1081 let initiatorFirstPacket = self.sendPairingExpectingReply(channel: initiator, packet: nil, reason: "session initiation")
1082
1083 acceptor.setOctagonMessageFailForTesting(true)
1084
1085 /* ACCEPTOR FIRST RTT EPOCH*/
1086 let firstAcceptorCallback = self.expectation(description: "firstAcceptorCallback callback occurs")
1087
1088 acceptor.exchangePacket(initiatorFirstPacket) { complete, packet, error in
1089 XCTAssertNil(error, "should be no error")
1090 XCTAssertTrue(complete, "should be True")
1091 XCTAssertNil(packet, "packet should be nil")
1092 firstAcceptorCallback.fulfill()
1093 }
1094 self.wait(for: [firstAcceptorCallback], timeout: 10)
1095 }
1096
1097 func testProximitySetupOctagonAndSOSWithOctagonInitiatorMessage2Failure() {
1098 OctagonSetPlatformSupportsSOS(true)
1099 OctagonSetIsEnabled(true)
1100 self.startCKAccountStatusMock()
1101
1102 self.getAcceptorInCircle()
1103
1104 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
1105
1106 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
1107
1108 clientStateMachine.startOctagonStateMachine()
1109 initiator1Context.startOctagonStateMachine()
1110
1111 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
1112
1113 let (acceptor, initiator) = self.setupPairingEndpoints(withPairNumber: "1", initiatorContextID: OTDefaultContext, acceptorContextID: self.contextForAcceptor, initiatorUniqueID: self.initiatorName, acceptorUniqueID: "acceptor-2")
1114
1115 XCTAssertNotNil(acceptor, "acceptor should not be nil")
1116 XCTAssertNotNil(initiator, "initiator should not be nil")
1117
1118 let signInCallback = self.expectation(description: "trigger sign in")
1119 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
1120 XCTAssertNil(error, "error should be nil")
1121 signInCallback.fulfill()
1122 }
1123 self.wait(for: [signInCallback], timeout: 10)
1124
1125 /* INITIATOR FIRST RTT JOINING MESSAGE*/
1126 let initiatorFirstPacket = self.sendPairingExpectingReply(channel: initiator, packet: nil, reason: "session initiation")
1127
1128 /* ACCEPTOR FIRST RTT EPOCH*/
1129 let acceptorEpochPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorFirstPacket, reason: "epoch return")
1130
1131 /* INITIATOR SECOND RTT PREPARE*/
1132 let secondInitiatorCallback = self.expectation(description: "secondInitiatorCallback callback occurs")
1133
1134 //set up initiator's message 2 to fail
1135 initiator.setOctagonMessageFailForTesting(true)
1136
1137 initiator.exchangePacket(acceptorEpochPacket) { complete, packet, error in
1138 XCTAssertNil(error, "should be no error")
1139 XCTAssertTrue(complete, "should be true")
1140 XCTAssertNil(packet, "packet should not be nil")
1141 secondInitiatorCallback.fulfill()
1142 }
1143
1144 self.wait(for: [secondInitiatorCallback], timeout: 10)
1145 }
1146
1147 func testProximitySetupOctagonAndSOSWithOctagonAcceptorMessage2Failure() {
1148 OctagonSetPlatformSupportsSOS(true)
1149 OctagonSetIsEnabled(true)
1150 self.startCKAccountStatusMock()
1151
1152 self.getAcceptorInCircle()
1153
1154 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
1155
1156 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
1157
1158 clientStateMachine.startOctagonStateMachine()
1159 initiator1Context.startOctagonStateMachine()
1160
1161 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
1162
1163 let (acceptor, initiator) = self.setupPairingEndpoints(withPairNumber: "1", initiatorContextID: OTDefaultContext, acceptorContextID: self.contextForAcceptor, initiatorUniqueID: self.initiatorName, acceptorUniqueID: "acceptor-2")
1164
1165 XCTAssertNotNil(acceptor, "acceptor should not be nil")
1166 XCTAssertNotNil(initiator, "initiator should not be nil")
1167
1168 let signInCallback = self.expectation(description: "trigger sign in")
1169 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
1170 XCTAssertNil(error, "error should be nil")
1171 signInCallback.fulfill()
1172 }
1173 self.wait(for: [signInCallback], timeout: 10)
1174
1175 /* INITIATOR FIRST RTT JOINING MESSAGE*/
1176 let initiatorFirstPacket = self.sendPairingExpectingReply(channel: initiator, packet: nil, reason: "session initiation")
1177
1178 /* ACCEPTOR FIRST RTT EPOCH*/
1179 let acceptorEpochPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorFirstPacket, reason: "epoch return")
1180
1181 /* INITIATOR SECOND RTT PREPARE*/
1182 let initiatorPreparedIdentityPacket = self.sendPairingExpectingReply(channel: initiator, packet: acceptorEpochPacket, reason: "prepared identity")
1183
1184 /* ACCEPTOR SECOND RTT */
1185 let SecondAcceptorCallback = self.expectation(description: "SecondAcceptorCallback callback occurs")
1186
1187 acceptor.setOctagonMessageFailForTesting(true)
1188
1189 acceptor.exchangePacket(initiatorPreparedIdentityPacket) { complete, packet, error in
1190 XCTAssertNil(error, "should be no error")
1191 XCTAssertTrue(complete, "should be true")
1192 XCTAssertNil(packet, "packet should be nil")
1193 SecondAcceptorCallback.fulfill()
1194 }
1195 self.wait(for: [SecondAcceptorCallback], timeout: 10)
1196 }
1197
1198 func testProximitySetupOctagonAndSOSWithOctagonInitiatorMessage3Failure() {
1199 OctagonSetPlatformSupportsSOS(true)
1200 OctagonSetIsEnabled(true)
1201 self.startCKAccountStatusMock()
1202
1203 self.getAcceptorInCircle()
1204
1205 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
1206
1207 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
1208
1209 clientStateMachine.startOctagonStateMachine()
1210 initiator1Context.startOctagonStateMachine()
1211
1212 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
1213
1214 let (acceptor, initiator) = self.setupPairingEndpoints(withPairNumber: "1", initiatorContextID: OTDefaultContext, acceptorContextID: self.contextForAcceptor, initiatorUniqueID: self.initiatorName, acceptorUniqueID: "acceptor-2")
1215
1216 XCTAssertNotNil(acceptor, "acceptor should not be nil")
1217 XCTAssertNotNil(initiator, "initiator should not be nil")
1218
1219 let signInCallback = self.expectation(description: "trigger sign in")
1220 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
1221 XCTAssertNil(error, "error should be nil")
1222 signInCallback.fulfill()
1223 }
1224 self.wait(for: [signInCallback], timeout: 10)
1225
1226 /* INITIATOR FIRST RTT JOINING MESSAGE*/
1227 let initiatorFirstPacket = self.sendPairingExpectingReply(channel: initiator, packet: nil, reason: "session initiation")
1228
1229 /* ACCEPTOR FIRST RTT EPOCH*/
1230 let acceptorEpochPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorFirstPacket, reason: "epoch return")
1231
1232 /* INITIATOR SECOND RTT PREPARE*/
1233 let initiatorPreparedIdentityPacket = self.sendPairingExpectingReply(channel: initiator, packet: acceptorEpochPacket, reason: "prepared identity")
1234
1235 /* ACCEPTOR SECOND RTT */
1236 let acceptorVoucherPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorPreparedIdentityPacket, reason: "epoch return")
1237
1238 /* INITIATOR THIRD STEP*/
1239 let thirdInitiatorCallback = self.expectation(description: "thirdInitiatorCallback callback occurs")
1240
1241 initiator.setOctagonMessageFailForTesting(true)
1242
1243 initiator.exchangePacket(acceptorVoucherPacket) { complete, packet, error in
1244 XCTAssertNil(error, "should be no error")
1245 XCTAssertTrue(complete, "should be true")
1246 XCTAssertNil(packet, "packet should be nil")
1247 thirdInitiatorCallback.fulfill()
1248 }
1249 self.wait(for: [thirdInitiatorCallback], timeout: 10)
1250 }
1251
1252 func circleAndSOS() throws {
1253 let peerInfoAcceptor: SOSPeerInfoRef = SOSFullPeerInfoGetPeerInfo(self.fcAcceptor.fullPeerInfo)
1254 let encryptionKeyAcceptor = _SFECKeyPair.init(secKey: self.fcAcceptor.octagonEncryptionKey)
1255 let signingKeyAcceptor = _SFECKeyPair.init(secKey: self.fcAcceptor.octagonSigningKey)
1256 let peerIDAcceptor: NSString = (SOSPeerInfoGetPeerID(peerInfoAcceptor) .takeUnretainedValue() as NSString)
1257 let AcceptorSOSPeer = CKKSSOSSelfPeer(sosPeerID: peerIDAcceptor as String,
1258 encryptionKey: encryptionKeyAcceptor,
1259 signingKey: signingKeyAcceptor,
1260 viewList: self.managedViewList())
1261
1262 self.mockSOSAdapter.trustedPeers.add(AcceptorSOSPeer)
1263 self.mockSOSAdapter.circleStatus = SOSCCStatus(kSOSCCInCircle)
1264
1265 let acceptor = self.manager.context(forContainerName: OTCKContainerName,
1266 contextID: self.contextForAcceptor,
1267 sosAdapter: self.mockSOSAdapter,
1268 authKitAdapter: self.mockAuthKit2,
1269 lockStateTracker: self.lockStateTracker,
1270 accountStateTracker: self.accountStateTracker,
1271 deviceInformationAdapter: OTMockDeviceInfoAdapter(modelID: "iPhone9,1", deviceName: "test-SOS-iphone", serialNumber: "456", osVersion: "iOS (fake version)"))
1272
1273 acceptor.startOctagonStateMachine()
1274
1275 let resetAndEstablishExpectation = self.expectation(description: "resetAndEstablish callback occurs")
1276 acceptor.rpcResetAndEstablish(.testGenerated) { resetError in
1277 XCTAssertNil(resetError, "Should be no error calling resetAndEstablish")
1278 resetAndEstablishExpectation.fulfill()
1279 }
1280
1281 self.wait(for: [resetAndEstablishExpectation], timeout: 10)
1282 self.assertEnters(context: acceptor, state: OctagonStateReady, within: 10 * NSEC_PER_SEC)
1283
1284 self.assertConsidersSelfTrusted(context: acceptor)
1285 XCTAssertEqual(self.fakeCuttlefishServer.state.bottles.count, 1, "should be 1 bottles")
1286 }
1287
1288 func testProximitySetupUsingCliqueAcceptorResolvesVersionToSOSOnly() {
1289 self.startCKAccountStatusMock()
1290
1291 OctagonSetPlatformSupportsSOS(true)
1292 OctagonSetIsEnabled(true)
1293
1294 let newSOSPeer = createSOSPeer(peerID: "sos-peer-id")
1295 self.mockSOSAdapter.selfPeer = newSOSPeer
1296 self.mockSOSAdapter.circleStatus = SOSCCStatus(kSOSCCInCircle)
1297 self.mockSOSAdapter.trustedPeers.add(newSOSPeer)
1298
1299 self.getAcceptorInCircle()
1300
1301 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
1302
1303 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
1304
1305 clientStateMachine.startOctagonStateMachine()
1306 initiator1Context.startOctagonStateMachine()
1307
1308 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
1309
1310 let (acceptor, initiator) = self.setupPairingEndpoints(withPairNumber: "1", initiatorContextID: OTDefaultContext, acceptorContextID: self.contextForAcceptor, initiatorUniqueID: self.initiatorName, acceptorUniqueID: "acceptor-2")
1311
1312 acceptor.setSessionSupportsOctagonForTesting(false)
1313
1314 XCTAssertNotNil(acceptor, "acceptor should not be nil")
1315 XCTAssertNotNil(initiator, "initiator should not be nil")
1316
1317 let signInCallback = self.expectation(description: "trigger sign in")
1318 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
1319 XCTAssertNil(error, "error should be nil")
1320 signInCallback.fulfill()
1321 }
1322 self.wait(for: [signInCallback], timeout: 10)
1323
1324 /* INITIATOR FIRST RTT JOINING MESSAGE*/
1325 let initiatorFirstPacket = self.sendPairingExpectingReply(channel: initiator, packet: nil, reason: "session initiation")
1326
1327 /* ACCEPTOR FIRST RTT EPOCH*/
1328 let acceptorEpochPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorFirstPacket, reason: "epoch return")
1329
1330 /* INITIATOR SECOND RTT PREPARE*/
1331 let initiatorPreparedIdentityPacket = self.sendPairingExpectingReply(channel: initiator, packet: acceptorEpochPacket, reason: "prepared identity")
1332
1333 /* ACCEPTOR SECOND RTT */
1334 let acceptorVoucherPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorPreparedIdentityPacket, reason: "epoch return")
1335
1336 /* INITIATOR THIRD STEP*/
1337 _ = self.sendPairingExpectingReply(channel: initiator, packet: acceptorVoucherPacket, reason: "intitiator third packet")
1338 /*
1339 need to fix attempting sos upgrade in the tests when pairing/piggybacking and then kicking off an upgrade
1340 let initiatorContext = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
1341
1342 self.assertEnters(context: initiatorContext, state: OctagonStateReady, within: 10 * NSEC_PER_SEC)
1343 self.assertConsidersSelfTrusted(context: initiatorContext)
1344 */
1345 }
1346
1347 func testProximitySetupUsingCliqueInitiatorResolvesVersionToSOSOnly() {
1348 self.startCKAccountStatusMock()
1349
1350 OctagonSetPlatformSupportsSOS(true)
1351 OctagonSetIsEnabled(true)
1352
1353 self.getAcceptorInCircle()
1354
1355 let initiator1Context = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
1356
1357 let clientStateMachine = self.manager.clientStateMachine(forContainerName: OTCKContainerName, contextID: self.contextForAcceptor, clientName: self.initiatorName)
1358
1359 clientStateMachine.startOctagonStateMachine()
1360 initiator1Context.startOctagonStateMachine()
1361
1362 self.assertEnters(context: initiator1Context, state: OctagonStateUntrusted, within: 10 * NSEC_PER_SEC)
1363
1364 let (acceptor, initiator) = self.setupPairingEndpoints(withPairNumber: "1", initiatorContextID: OTDefaultContext, acceptorContextID: self.contextForAcceptor, initiatorUniqueID: self.initiatorName, acceptorUniqueID: "acceptor-2")
1365
1366 initiator.setSessionSupportsOctagonForTesting(false)
1367
1368 XCTAssertNotNil(acceptor, "acceptor should not be nil")
1369 XCTAssertNotNil(initiator, "initiator should not be nil")
1370
1371 let signInCallback = self.expectation(description: "trigger sign in")
1372 self.otControl.sign(in: "348576349857", container: OTCKContainerName, context: OTDefaultContext) { error in
1373 XCTAssertNil(error, "error should be nil")
1374 signInCallback.fulfill()
1375 }
1376 self.wait(for: [signInCallback], timeout: 10)
1377
1378 /* INITIATOR FIRST RTT JOINING MESSAGE*/
1379 let initiatorFirstPacket = self.sendPairingExpectingReply(channel: initiator, packet: nil, reason: "session initiation")
1380
1381 /* ACCEPTOR FIRST RTT EPOCH*/
1382 let acceptorEpochPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorFirstPacket, reason: "epoch return")
1383
1384 /* INITIATOR SECOND RTT PREPARE*/
1385 let initiatorPreparedIdentityPacket = self.sendPairingExpectingReply(channel: initiator, packet: acceptorEpochPacket, reason: "prepared identity")
1386
1387 /* ACCEPTOR SECOND RTT */
1388 let acceptorVoucherPacket = self.sendPairingExpectingReply(channel: acceptor, packet: initiatorPreparedIdentityPacket, reason: "epoch return")
1389
1390 /* INITIATOR THIRD STEP*/
1391 _ = self.sendPairingExpectingReply(channel: initiator, packet: acceptorVoucherPacket, reason: "intitiator third packet")
1392
1393 /*
1394 need to fix attempting sos upgrade in the tests when pairing/piggybacking and then kicking off an upgrade
1395 let initiatorContext = self.manager.context(forContainerName: OTCKContainerName, contextID: OTDefaultContext)
1396
1397 self.assertEnters(context: initiatorContext, state: OctagonStateReady, within: 10 * NSEC_PER_SEC)
1398 self.assertConsidersSelfTrusted(context: initiatorContext)
1399 */
1400 }
1401
1402 }
1403
1404 #endif
mirror of Security