]> git.saurik.com Git - apple/security.git/blob - keychain/ot/CuttlefishXPCWrapper.m
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Security-59306.61.1.tar.gz
[apple/security.git] / keychain / ot / CuttlefishXPCWrapper.m
1 /*
2 * Copyright (c) 2019 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 #import "keychain/ot/CuttlefishXPCWrapper.h"
25
26 @implementation CuttlefishXPCWrapper
27 - (instancetype) initWithCuttlefishXPCConnection: (id<NSXPCProxyCreating>)cuttlefishXPCConnection
28 {
29 if ((self = [super init])) {
30 _cuttlefishXPCConnection = cuttlefishXPCConnection;
31 }
32 return self;
33 }
34
35 + (bool)retryable:(NSError *_Nonnull)error
36 {
37 return error.domain == NSCocoaErrorDomain && error.code == NSXPCConnectionInterrupted;
38 }
39
40 enum {NUM_RETRIES = 5};
41
42 - (void)pingWithReply:(void (^)(void))reply
43 {
44 __block int i = 0;
45 __block bool retry;
46 do {
47 retry = false;
48 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
49 if (i < NUM_RETRIES && [self.class retryable:error]) {
50 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
51 retry = true;
52 } else {
53 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
54 }
55 ++i;
56 }] pingWithReply:reply];
57 } while (retry);
58 }
59
60 - (void)dumpWithContainer:(NSString *)container
61 context:(NSString *)context
62 reply:(void (^)(NSDictionary * _Nullable, NSError * _Nullable))reply
63 {
64 __block int i = 0;
65 __block bool retry;
66 do {
67 retry = false;
68 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
69 if (i < NUM_RETRIES && [self.class retryable:error]) {
70 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
71 retry = true;
72 } else {
73 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
74 reply(nil, error);
75 }
76 ++i;
77 }] dumpWithContainer:container context:context reply:reply];
78 } while (retry);
79 }
80
81 - (void)departByDistrustingSelfWithContainer:(NSString *)container
82 context:(NSString *)context
83 reply:(void (^)(NSError * _Nullable))reply
84 {
85 __block int i = 0;
86 __block bool retry;
87 do {
88 retry = false;
89 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
90 if (i < NUM_RETRIES && [self.class retryable:error]) {
91 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
92 retry = true;
93 } else {
94 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
95 reply(error);
96 }
97 ++i;
98 }] departByDistrustingSelfWithContainer:container context:context reply:reply];
99 } while (retry);
100 }
101
102 - (void)distrustPeerIDsWithContainer:(NSString *)container
103 context:(NSString *)context
104 peerIDs:(NSSet<NSString*>*)peerIDs
105 reply:(void (^)(NSError * _Nullable))reply
106 {
107 __block int i = 0;
108 __block bool retry;
109 do {
110 retry = false;
111 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
112 if (i < NUM_RETRIES && [self.class retryable:error]) {
113 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
114 retry = true;
115 } else {
116 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
117 reply(error);
118 }
119 ++i;
120 }] distrustPeerIDsWithContainer:container context:context peerIDs:peerIDs reply:reply];
121 } while (retry);
122 }
123
124 - (void)trustStatusWithContainer:(NSString *)container
125 context:(NSString *)context
126 reply:(void (^)(TrustedPeersHelperEgoPeerStatus *status,
127 NSError* _Nullable error))reply
128 {
129 __block int i = 0;
130 __block bool retry;
131 do {
132 retry = false;
133 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
134 if (i < NUM_RETRIES && [self.class retryable:error]) {
135 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
136 retry = true;
137 } else {
138 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
139 reply(nil, error);
140 }
141 ++i;
142 }] trustStatusWithContainer:container context:context reply:reply];
143 } while (retry);
144 }
145
146 - (void)resetWithContainer:(NSString *)container
147 context:(NSString *)context
148 resetReason:(CuttlefishResetReason)reason
149 reply:(void (^)(NSError * _Nullable error))reply
150 {
151 __block int i = 0;
152 __block bool retry;
153 do {
154 retry = false;
155 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
156 if (i < NUM_RETRIES && [self.class retryable:error]) {
157 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
158 retry = true;
159 } else {
160 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
161 reply(error);
162 }
163 ++i;
164 }] resetWithContainer:container context:context resetReason:reason reply:reply];
165 } while (retry);
166 }
167
168 - (void)localResetWithContainer:(NSString *)container
169 context:(NSString *)context
170 reply:(void (^)(NSError * _Nullable error))reply
171 {
172 __block int i = 0;
173 __block bool retry;
174 do {
175 retry = false;
176 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
177 if (i < NUM_RETRIES && [self.class retryable:error]) {
178 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
179 retry = true;
180 } else {
181 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
182 reply(error);
183 }
184 ++i;
185 }] localResetWithContainer:container context:context reply:reply];
186 } while (retry);
187 }
188
189 - (void)setAllowedMachineIDsWithContainer:(NSString *)container
190 context:(NSString *)context
191 allowedMachineIDs:(NSSet<NSString*> *)allowedMachineIDs
192 reply:(void (^)(BOOL listDifferences, NSError * _Nullable error))reply
193 {
194 __block int i = 0;
195 __block bool retry;
196 do {
197 retry = false;
198 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
199 if (i < NUM_RETRIES && [self.class retryable:error]) {
200 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
201 retry = true;
202 } else {
203 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
204 reply(NO, error);
205 }
206 ++i;
207 }] setAllowedMachineIDsWithContainer:container context:context allowedMachineIDs:allowedMachineIDs reply:reply];
208 } while (retry);
209 }
210
211 - (void)addAllowedMachineIDsWithContainer:(NSString *)container
212 context:(NSString *)context
213 machineIDs:(NSArray<NSString*> *)machineIDs
214 reply:(void (^)(NSError * _Nullable error))reply
215 {
216 __block int i = 0;
217 __block bool retry;
218 do {
219 retry = false;
220 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
221 if (i < NUM_RETRIES && [self.class retryable:error]) {
222 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
223 retry = true;
224 } else {
225 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
226 reply(error);
227 }
228 ++i;
229 }] addAllowedMachineIDsWithContainer:container
230 context:context
231 machineIDs:machineIDs
232 reply:reply];
233 } while (retry);
234 }
235
236 - (void)removeAllowedMachineIDsWithContainer:(NSString *)container
237 context:(NSString *)context
238 machineIDs:(NSArray<NSString*> *)machineIDs
239 reply:(void (^)(NSError * _Nullable error))reply
240 {
241 __block int i = 0;
242 __block bool retry;
243 do {
244 retry = false;
245 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
246 if (i < NUM_RETRIES && [self.class retryable:error]) {
247 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
248 retry = true;
249 } else {
250 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
251 reply(error);
252 }
253 ++i;
254 }] removeAllowedMachineIDsWithContainer:container context:context machineIDs:machineIDs reply:reply];
255 } while (retry);
256 }
257
258
259 - (void)fetchAllowedMachineIDsWithContainer:(nonnull NSString *)container
260 context:(nonnull NSString *)context
261 reply:(nonnull void (^)(NSSet<NSString *> * _Nullable, NSError * _Nullable))reply {
262 __block int i = 0;
263 __block bool retry;
264 do {
265 retry = false;
266 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
267 if (i < NUM_RETRIES && [self.class retryable:error]) {
268 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
269 retry = true;
270 } else {
271 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
272 reply(nil, error);
273 }
274 ++i;
275 }] fetchAllowedMachineIDsWithContainer:container context:context reply:reply];
276 } while (retry);
277 }
278
279
280 - (void)fetchEgoEpochWithContainer:(NSString *)container
281 context:(NSString *)context
282 reply:(void (^)(unsigned long long epoch,
283 NSError * _Nullable error))reply
284 {
285 __block int i = 0;
286 __block bool retry;
287 do {
288 retry = false;
289 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
290 if (i < NUM_RETRIES && [self.class retryable:error]) {
291 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
292 retry = true;
293 } else {
294 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
295 reply(0, error);
296 }
297 ++i;
298 }] fetchEgoEpochWithContainer:container context:context reply:reply];
299 } while (retry);
300 }
301
302 - (void)prepareWithContainer:(NSString *)container
303 context:(NSString *)context
304 epoch:(unsigned long long)epoch
305 machineID:(NSString *)machineID
306 bottleSalt:(NSString *)bottleSalt
307 bottleID:(NSString *)bottleID
308 modelID:(NSString *)modelID
309 deviceName:(nullable NSString*)deviceName
310 serialNumber:(NSString *)serialNumber
311 osVersion:(NSString *)osVersion
312 policyVersion:(nullable NSNumber *)policyVersion
313 policySecrets:(nullable NSDictionary<NSString*,NSData*> *)policySecrets
314 signingPrivKeyPersistentRef:(nullable NSData *)spkPr
315 encPrivKeyPersistentRef:(nullable NSData*)epkPr
316 reply:(void (^)(NSString * _Nullable peerID,
317 NSData * _Nullable permanentInfo,
318 NSData * _Nullable permanentInfoSig,
319 NSData * _Nullable stableInfo,
320 NSData * _Nullable stableInfoSig,
321 NSError * _Nullable error))reply
322 {
323 __block int i = 0;
324 __block bool retry;
325 do {
326 retry = false;
327 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
328 if (i < NUM_RETRIES && [self.class retryable:error]) {
329 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
330 retry = true;
331 } else {
332 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
333 reply(nil, nil, nil, nil, nil, error);
334 }
335 ++i;
336 }] prepareWithContainer:container context:context epoch:epoch machineID:machineID bottleSalt:bottleSalt bottleID:bottleID modelID:modelID deviceName:deviceName serialNumber:serialNumber osVersion:osVersion policyVersion:policyVersion policySecrets:policySecrets signingPrivKeyPersistentRef:spkPr encPrivKeyPersistentRef:epkPr reply:reply];
337 } while (retry);
338 }
339
340 - (void)establishWithContainer:(NSString *)container
341 context:(NSString *)context
342 ckksKeys:(NSArray<CKKSKeychainBackedKeySet*> *)viewKeySets
343 tlkShares:(NSArray<CKKSTLKShare*> *)tlkShares
344 preapprovedKeys:(nullable NSArray<NSData*> *)preapprovedKeys
345 reply:(void (^)(NSString * _Nullable peerID,
346 NSArray<CKRecord*>* _Nullable keyHierarchyRecords,
347 NSError * _Nullable error))reply
348 {
349 __block int i = 0;
350 __block bool retry;
351 do {
352 retry = false;
353 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
354 if (i < NUM_RETRIES && [self.class retryable:error]) {
355 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
356 retry = true;
357 } else {
358 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
359 reply(nil, nil, error);
360 }
361 ++i;
362 }] establishWithContainer:container context:context ckksKeys:viewKeySets tlkShares:tlkShares preapprovedKeys:preapprovedKeys reply:reply];
363 } while (retry);
364 }
365
366 - (void)vouchWithContainer:(NSString *)container
367 context:(NSString *)context
368 peerID:(NSString *)peerID
369 permanentInfo:(NSData *)permanentInfo
370 permanentInfoSig:(NSData *)permanentInfoSig
371 stableInfo:(NSData *)stableInfo
372 stableInfoSig:(NSData *)stableInfoSig
373 ckksKeys:(NSArray<CKKSKeychainBackedKeySet*> *)viewKeySets
374 reply:(void (^)(NSData * _Nullable voucher,
375 NSData * _Nullable voucherSig,
376 NSError * _Nullable error))reply
377 {
378 __block int i = 0;
379 __block bool retry;
380 do {
381 retry = false;
382 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
383 if (i < NUM_RETRIES && [self.class retryable:error]) {
384 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
385 retry = true;
386 } else {
387 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
388 reply(nil, nil, error);
389 }
390 ++i;
391 }] vouchWithContainer:container context:context peerID:peerID permanentInfo:permanentInfo permanentInfoSig:permanentInfoSig stableInfo:stableInfo stableInfoSig:stableInfoSig ckksKeys:viewKeySets reply:reply];
392 } while (retry);
393 }
394
395
396 - (void)preflightVouchWithBottleWithContainer:(nonnull NSString *)container
397 context:(nonnull NSString *)context
398 bottleID:(nonnull NSString *)bottleID
399 reply:(nonnull void (^)(NSString * _Nullable, NSError * _Nullable))reply {
400 __block int i = 0;
401 __block bool retry;
402 do {
403 retry = false;
404 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
405 if (i < NUM_RETRIES && [self.class retryable:error]) {
406 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
407 retry = true;
408 } else {
409 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
410 reply(nil, error);
411 }
412 ++i;
413 }] preflightVouchWithBottleWithContainer:container
414 context:context
415 bottleID:bottleID
416 reply:reply];
417 } while (retry);
418 }
419
420 - (void)vouchWithBottleWithContainer:(NSString *)container
421 context:(NSString *)context
422 bottleID:(NSString*)bottleID
423 entropy:(NSData*)entropy
424 bottleSalt:(NSString*)bottleSalt
425 tlkShares:(NSArray<CKKSTLKShare*> *)tlkShares
426 reply:(void (^)(NSData * _Nullable voucher,
427 NSData * _Nullable voucherSig,
428 NSError * _Nullable error))reply
429 {
430 __block int i = 0;
431 __block bool retry;
432 do {
433 retry = false;
434 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
435 if (i < NUM_RETRIES && [self.class retryable:error]) {
436 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
437 retry = true;
438 } else {
439 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
440 reply(nil, nil, error);
441 }
442 ++i;
443 }] vouchWithBottleWithContainer:container context:context bottleID:bottleID entropy:entropy bottleSalt:bottleSalt tlkShares:tlkShares reply:reply];
444 } while (retry);
445 }
446
447 - (void)vouchWithRecoveryKeyWithContainer:(NSString *)container
448 context:(NSString *)context
449 recoveryKey:(NSString*)recoveryKey
450 salt:(NSString*)salt
451 tlkShares:(NSArray<CKKSTLKShare*> *)tlkShares
452 reply:(void (^)(NSData * _Nullable voucher,
453 NSData * _Nullable voucherSig,
454 NSError * _Nullable error))reply
455 {
456 __block int i = 0;
457 __block bool retry;
458 do {
459 retry = false;
460 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
461 if (i < NUM_RETRIES && [self.class retryable:error]) {
462 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
463 retry = true;
464 } else {
465 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
466 reply(nil, nil, error);
467 }
468 ++i;
469 }] vouchWithRecoveryKeyWithContainer:container context:context recoveryKey:recoveryKey salt:salt tlkShares:tlkShares reply:reply];
470 } while (retry);
471 }
472
473 - (void)joinWithContainer:(NSString *)container
474 context:(NSString *)context
475 voucherData:(NSData *)voucherData
476 voucherSig:(NSData *)voucherSig
477 ckksKeys:(NSArray<CKKSKeychainBackedKeySet*> *)viewKeySets
478 tlkShares:(NSArray<CKKSTLKShare*> *)tlkShares
479 preapprovedKeys:(NSArray<NSData*> *)preapprovedKeys
480 reply:(void (^)(NSString * _Nullable peerID,
481 NSArray<CKRecord*>* _Nullable keyHierarchyRecords,
482 NSError * _Nullable error))reply
483 {
484 __block int i = 0;
485 __block bool retry;
486 do {
487 retry = false;
488 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
489 if (i < NUM_RETRIES && [self.class retryable:error]) {
490 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
491 retry = true;
492 } else {
493 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
494 reply(nil, nil, error);
495 }
496 ++i;
497 }] joinWithContainer:container context:context voucherData:voucherData voucherSig:voucherSig ckksKeys:viewKeySets tlkShares:tlkShares preapprovedKeys:preapprovedKeys reply:reply];
498 } while (retry);
499 }
500
501 - (void)preflightPreapprovedJoinWithContainer:(NSString *)container
502 context:(NSString *)context
503 reply:(void (^)(BOOL launchOkay,
504 NSError * _Nullable error))reply
505 {
506 __block int i = 0;
507 __block bool retry;
508 do {
509 retry = false;
510 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
511 if (i < NUM_RETRIES && [self.class retryable:error]) {
512 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
513 retry = true;
514 } else {
515 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
516 reply(NO, error);
517 }
518 ++i;
519 }] preflightPreapprovedJoinWithContainer:container context:context reply:reply];
520 } while (retry);
521 }
522
523 - (void)attemptPreapprovedJoinWithContainer:(NSString *)container
524 context:(NSString *)context
525 ckksKeys:(NSArray<CKKSKeychainBackedKeySet*> *)ckksKeys
526 tlkShares:(NSArray<CKKSTLKShare*> *)tlkShares
527 preapprovedKeys:(NSArray<NSData*> *)preapprovedKeys
528 reply:(void (^)(NSString * _Nullable peerID,
529 NSArray<CKRecord*>* _Nullable keyHierarchyRecords,
530 NSError * _Nullable error))reply
531 {
532 __block int i = 0;
533 __block bool retry;
534 do {
535 retry = false;
536 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
537 if (i < NUM_RETRIES && [self.class retryable:error]) {
538 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
539 retry = true;
540 } else {
541 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
542 reply(nil, nil, error);
543 }
544 ++i;
545 }] attemptPreapprovedJoinWithContainer:container context:context ckksKeys:ckksKeys tlkShares:tlkShares preapprovedKeys:preapprovedKeys reply:reply];
546 } while (retry);
547 }
548
549 - (void)updateWithContainer:(NSString *)container
550 context:(NSString *)context
551 deviceName:(nullable NSString *)deviceName
552 serialNumber:(nullable NSString *)serialNumber
553 osVersion:(nullable NSString *)osVersion
554 policyVersion:(nullable NSNumber *)policyVersion
555 policySecrets:(nullable NSDictionary<NSString*,NSData*> *)policySecrets
556 reply:(void (^)(TrustedPeersHelperPeerState* _Nullable peerState, NSError * _Nullable error))reply
557 {
558 __block int i = 0;
559 __block bool retry;
560 do {
561 retry = false;
562 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
563 if (i < NUM_RETRIES && [self.class retryable:error]) {
564 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
565 retry = true;
566 } else {
567 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
568 reply(nil, error);
569 }
570 ++i;
571 }] updateWithContainer:container context:context deviceName:deviceName serialNumber:serialNumber osVersion:osVersion policyVersion:policyVersion policySecrets:policySecrets reply:reply];
572 } while (retry);
573 }
574
575 - (void)setPreapprovedKeysWithContainer:(NSString *)container
576 context:(NSString *)context
577 preapprovedKeys:(NSArray<NSData*> *)preapprovedKeys
578 reply:(void (^)(NSError * _Nullable error))reply
579 {
580 __block int i = 0;
581 __block bool retry;
582 do {
583 retry = false;
584 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
585 if (i < NUM_RETRIES && [self.class retryable:error]) {
586 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
587 retry = true;
588 } else {
589 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
590 reply(error);
591 }
592 ++i;
593 }] setPreapprovedKeysWithContainer:container context:context preapprovedKeys:preapprovedKeys reply:reply];
594 } while (retry);
595 }
596
597 - (void)updateTLKsWithContainer:(NSString *)container
598 context:(NSString *)context
599 ckksKeys:(NSArray<CKKSKeychainBackedKeySet*> *)ckksKeys
600 tlkShares:(NSArray<CKKSTLKShare*> *)tlkShares
601 reply:(void (^)(NSArray<CKRecord*>* _Nullable keyHierarchyRecords, NSError * _Nullable error))reply
602 {
603 __block int i = 0;
604 __block bool retry;
605 do {
606 retry = false;
607 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
608 if (i < NUM_RETRIES && [self.class retryable:error]) {
609 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
610 retry = true;
611 } else {
612 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
613 reply(nil, error);
614 }
615 ++i;
616 }] updateTLKsWithContainer:container context:context ckksKeys:ckksKeys tlkShares:tlkShares reply:reply];
617 } while (retry);
618 }
619
620 - (void)fetchViableBottlesWithContainer:(NSString *)container
621 context:(NSString *)context
622 reply:(void (^)(NSArray<NSString*>* _Nullable sortedBottleIDs, NSArray<NSString*>* _Nullable sortedPartialBottleIDs, NSError* _Nullable error))reply
623 {
624 __block int i = 0;
625 __block bool retry;
626 do {
627 retry = false;
628 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
629 if (i < NUM_RETRIES && [self.class retryable:error]) {
630 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
631 retry = true;
632 } else {
633 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
634 reply(nil, nil, error);
635 }
636 ++i;
637 }] fetchViableBottlesWithContainer:container context:context reply:reply];
638 } while (retry);
639 }
640
641 - (void)fetchEscrowContentsWithContainer:(NSString *)container
642 context:(NSString *)context
643 reply:(void (^)(NSData* _Nullable entropy,
644 NSString* _Nullable bottleID,
645 NSData* _Nullable signingPublicKey,
646 NSError* _Nullable error))reply
647 {
648 __block int i = 0;
649 __block bool retry;
650 do {
651 retry = false;
652 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
653 if (i < NUM_RETRIES && [self.class retryable:error]) {
654 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
655 retry = true;
656 } else {
657 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
658 reply(nil, nil, nil, error);
659 }
660 ++i;
661 }] fetchEscrowContentsWithContainer:container context:context reply:reply];
662 } while (retry);
663 }
664
665 - (void)fetchPolicyDocumentsWithContainer:(NSString*)container
666 context:(NSString*)context
667 keys:(NSDictionary<NSNumber*,NSString*>*)keys
668 reply:(void (^)(NSDictionary<NSNumber*,NSArray<NSString*>*>* _Nullable entries,
669 NSError * _Nullable error))reply
670 {
671 __block int i = 0;
672 __block bool retry;
673 do {
674 retry = false;
675 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
676 if (i < NUM_RETRIES && [self.class retryable:error]) {
677 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
678 retry = true;
679 } else {
680 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
681 reply(nil, error);
682 }
683 ++i;
684 }] fetchPolicyDocumentsWithContainer:container context:context keys:keys reply:reply];
685 } while (retry);
686 }
687
688 - (void)fetchPolicyWithContainer:(NSString*)container
689 context:(NSString*)context
690 reply:(void (^)(TPPolicy * _Nullable policy,
691 NSError * _Nullable error))reply
692 {
693 __block int i = 0;
694 __block bool retry;
695 do {
696 retry = false;
697 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
698 if (i < NUM_RETRIES && [self.class retryable:error]) {
699 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
700 retry = true;
701 } else {
702 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
703 reply(nil, error);
704 }
705 ++i;
706 }] fetchPolicyWithContainer:container context:context reply:reply];
707 } while (retry);
708 }
709
710
711 - (void)validatePeersWithContainer:(NSString *)container
712 context:(NSString *)context
713 reply:(void (^)(NSDictionary * _Nullable, NSError * _Nullable))reply
714 {
715 __block int i = 0;
716 __block bool retry;
717 do {
718 retry = false;
719 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
720 if (i < NUM_RETRIES && [self.class retryable:error]) {
721 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
722 retry = true;
723 } else {
724 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
725 reply(nil, error);
726 }
727 ++i;
728 }] validatePeersWithContainer:container context:context reply:reply];
729 } while (retry);
730 }
731
732 - (void)fetchTrustStateWithContainer:(NSString *)container
733 context:(NSString *)context
734 reply:(void (^)(TrustedPeersHelperPeerState* _Nullable selfPeerState,
735 NSArray<TrustedPeersHelperPeer*>* _Nullable trustedPeers,
736 NSError* _Nullable error))reply
737 {
738 __block int i = 0;
739 __block bool retry;
740 do {
741 retry = false;
742 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
743 if (i < NUM_RETRIES && [self.class retryable:error]) {
744 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
745 retry = true;
746 } else {
747 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
748 reply(nil, nil, error);
749 }
750 ++i;
751 }] fetchTrustStateWithContainer:container context:context reply:reply];
752 } while (retry);
753 }
754
755 - (void)setRecoveryKeyWithContainer:(NSString *)container
756 context:(NSString *)context
757 recoveryKey:(NSString *)recoveryKey
758 salt:(NSString *)salt
759 ckksKeys:(NSArray<CKKSKeychainBackedKeySet*> *)ckksKeys
760 reply:(void (^)(NSError* _Nullable error))reply
761 {
762 __block int i = 0;
763 __block bool retry;
764 do {
765 retry = false;
766 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
767 if (i < NUM_RETRIES && [self.class retryable:error]) {
768 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
769 retry = true;
770 } else {
771 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
772 reply(error);
773 }
774 ++i;
775 }] setRecoveryKeyWithContainer:container context:context recoveryKey:recoveryKey salt:salt ckksKeys:ckksKeys reply:reply];
776 } while (retry);
777 }
778
779 - (void)reportHealthWithContainer:(NSString *)container
780 context:(NSString *)context
781 stateMachineState:(NSString *)state
782 trustState:(NSString *)trustState
783 reply:(void (^)(NSError* _Nullable error))reply
784 {
785 __block int i = 0;
786 __block bool retry;
787 do {
788 retry = false;
789 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
790 if (i < NUM_RETRIES && [self.class retryable:error]) {
791 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
792 retry = true;
793 } else {
794 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
795 reply(error);
796 }
797 ++i;
798 }] reportHealthWithContainer:container context:context stateMachineState:state trustState:trustState reply:reply];
799 } while (retry);
800 }
801
802 - (void)pushHealthInquiryWithContainer:(NSString *)container
803 context:(NSString *)context
804 reply:(void (^)(NSError* _Nullable error))reply
805 {
806 __block int i = 0;
807 __block bool retry;
808 do {
809 retry = false;
810 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
811 if (i < NUM_RETRIES && [self.class retryable:error]) {
812 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
813 retry = true;
814 } else {
815 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
816 reply(error);
817 }
818 ++i;
819 }] pushHealthInquiryWithContainer:container context:context reply:reply];
820 } while (retry);
821 }
822
823 - (void)getViewsWithContainer:(NSString *)container
824 context:(NSString *)context
825 inViews:(NSArray<NSString*>*)inViews
826 reply:(void (^)(NSArray<NSString*>* _Nullable, NSError* _Nullable))reply
827 {
828 __block int i = 0;
829 __block bool retry;
830 do {
831 retry = false;
832 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
833 if (i < NUM_RETRIES && [self.class retryable:error]) {
834 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
835 retry = true;
836 } else {
837 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
838 reply(nil, error);
839 }
840 ++i;
841 }] getViewsWithContainer:container context:context inViews:inViews reply:reply];
842 } while (retry);
843 }
844
845 - (void)requestHealthCheckWithContainer:(NSString *)container
846 context:(NSString *)context
847 requiresEscrowCheck:(BOOL)requiresEscrowCheck
848 reply:(void (^)(BOOL postRepairCFU, BOOL postEscrowCFU, BOOL resetOctagon, NSError* _Nullable))reply
849 {
850 __block int i = 0;
851 __block bool retry;
852 do {
853 retry = false;
854 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
855 if (i < NUM_RETRIES && [self.class retryable:error]) {
856 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
857 retry = true;
858 } else {
859 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
860 reply(NO, NO, NO, error);
861 }
862 ++i;
863 }] requestHealthCheckWithContainer:container context:context requiresEscrowCheck:requiresEscrowCheck reply:reply];
864 } while (retry);
865 }
866
867 - (void)getSupportAppInfoWithContainer:(NSString *)container
868 context:(NSString *)context
869 reply:(void (^)(NSData * _Nullable, NSError * _Nullable))reply
870 {
871 __block int i = 0;
872 __block bool retry;
873 do {
874 retry = false;
875 [[self.cuttlefishXPCConnection synchronousRemoteObjectProxyWithErrorHandler:^(NSError *_Nonnull error) {
876 if (i < NUM_RETRIES && [self.class retryable:error]) {
877 secnotice("octagon", "retrying cuttlefish XPC, (%d, %@)", i, error);
878 retry = true;
879 } else {
880 secerror("octagon: Can't talk with TrustedPeersHelper: %@", error);
881 reply(nil, error);
882 }
883 ++i;
884 }] getSupportAppInfoWithContainer:container context:context reply:reply];
885 } while (retry);
886
887 }
888
889 @end
mirror of Security