keychain/ot/OTVouchWithRecoveryKeyOperation.m

   1 /*
   2  * Copyright (c) 2019 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #if OCTAGON
  25
  26 #import <utilities/debugging.h>
  27
  28 #import "keychain/ot/OTVouchWithRecoveryKeyOperation.h"
  29 #import "keychain/ot/OTClientStateMachine.h"
  30 #import "keychain/ot/OTCuttlefishContext.h"
  31 #import "keychain/ot/OTFetchCKKSKeysOperation.h"
  32 #import "keychain/ot/OTStates.h"
  33
  34 #import "keychain/TrustedPeersHelper/TrustedPeersHelperProtocol.h"
  35 #import "keychain/ot/ObjCImprovements.h"
  36
  37 @interface OTVouchWithRecoveryKeyOperation ()
  38 @property OTOperationDependencies* deps;
  39
  40 @property NSString* salt;
  41 @property NSString* recoveryKey;
  42
  43 @property NSOperation* finishOp;
  44 @end
  45
  46 @implementation OTVouchWithRecoveryKeyOperation
  47 @synthesize intendedState = _intendedState;
  48
  49 - (instancetype)initWithDependencies:(OTOperationDependencies*)dependencies
  50                        intendedState:(OctagonState*)intendedState
  51                           errorState:(OctagonState*)errorState
  52                          recoveryKey:(NSString*)recoveryKey
  53                          saveVoucher:(BOOL)saveVoucher
  54 {
  55     if((self = [super init])) {
  56         _deps = dependencies;
  57         _intendedState = intendedState;
  58         _nextState = errorState;
  59
  60         _recoveryKey = recoveryKey;
  61
  62         _saveVoucher = saveVoucher;
  63     }
  64     return self;
  65 }
  66
  67 - (void)groupStart
  68 {
  69     secnotice("octagon", "creating voucher using a recovery key");
  70
  71     self.finishOp = [[NSOperation alloc] init];
  72     [self dependOnBeforeGroupFinished:self.finishOp];
  73
  74     NSString *altDSID = [self.deps.authKitAdapter primaryiCloudAccountAltDSID:nil];
  75     if(altDSID){
  76         secnotice("octagon", "using auth kit adapter, altdsid is: %@", altDSID);
  77         self.salt = altDSID;
  78     }
  79     else {
  80         NSError* accountError = nil;
  81         OTAccountMetadataClassC* account = [self.deps.stateHolder loadOrCreateAccountMetadata:&accountError];
  82
  83         if(account && !accountError) {
  84             secnotice("octagon", "retrieved account, altdsid is: %@", account.altDSID);
  85             self.salt = account.altDSID;
  86         }
  87         if(accountError || !account){
  88             secerror("failed to rerieve account object: %@", accountError);
  89         }
  90     }
  91
  92     // First, let's preflight the vouch (to receive a policy and view set to use for TLK fetching
  93     WEAKIFY(self);
  94     [self.deps.cuttlefishXPCWrapper preflightVouchWithRecoveryKeyWithContainer:self.deps.containerName
  95                                                                   context:self.deps.contextID
  96                                                                    recoveryKey:self.recoveryKey
  97                                                                           salt:self.salt
  98                                                                     reply:^(NSString * _Nullable recoveryKeyID,
  99                                                                             TPSyncingPolicy* _Nullable peerSyncingPolicy,
 100                                                                             NSError * _Nullable error) {
 101         STRONGIFY(self);
 102         [[CKKSAnalytics logger] logResultForEvent:OctagonEventPreflightVouchWithRecoveryKey hardFailure:true result:error];
 103
 104         if(error || !recoveryKeyID) {
 105             secerror("octagon: Error preflighting voucher using recovery key: %@", error);
 106             self.error = error;
 107             [self runBeforeGroupFinished:self.finishOp];
 108             return;
 109         }
 110
 111         secnotice("octagon", "Recovery key ID %@ looks good to go", recoveryKeyID);
 112
 113         // Tell CKKS to spin up the new views and policy
 114         // But, do not persist this view set! We'll do that when we actually manage to join
 115         [self.deps.viewManager setCurrentSyncingPolicy:peerSyncingPolicy];
 116
 117         [self proceedWithRecoveryKeyID:recoveryKeyID];
 118     }];
 119 }
 120
 121 - (void)proceedWithRecoveryKeyID:(NSString*)recoveryKeyID
 122 {
 123     WEAKIFY(self);
 124
 125     // After a vouch, we also want to acquire all TLKs that the bottled peer might have had
 126     OTFetchCKKSKeysOperation* fetchKeysOp = [[OTFetchCKKSKeysOperation alloc] initWithDependencies:self.deps
 127                                                                                      refetchNeeded:NO];
 128     [self runBeforeGroupFinished:fetchKeysOp];
 129
 130     CKKSResultOperation* proceedWithKeys = [CKKSResultOperation named:@"recovery-tlks"
 131                                                             withBlock:^{
 132         STRONGIFY(self);
 133
 134         NSMutableArray<CKKSTLKShare*>* filteredTLKShares = [NSMutableArray array];
 135         for(CKKSTLKShare* share in fetchKeysOp.tlkShares) {
 136             // If we didn't get a recoveryKeyID, just pass every tlkshare and hope for the best
 137             if(recoveryKeyID == nil || [share.receiverPeerID isEqualToString:recoveryKeyID]) {
 138                 [filteredTLKShares addObject:share];
 139             }
 140         }
 141
 142         if(fetchKeysOp.viewsTimedOutWithoutKeysets.count > 0) {
 143             // At least one view failed to find a keyset in time.
 144             // Set up a retry with this recovery key, once CKKS is done fetching
 145             secnotice("octagon", "Timed out fetching key hierarchy for CKKS views; marking for TLK recovery follow up: %@", fetchKeysOp.viewsTimedOutWithoutKeysets);
 146             OctagonPendingFlag* flag = [[OctagonPendingFlag alloc] initWithFlag:OctagonFlagAttemptRecoveryKeyTLKExtraction
 147                                                                           after:self.deps.viewManager.zoneChangeFetcher.inflightFetch];
 148             [self.deps.flagHandler handlePendingFlag:flag];
 149         }
 150
 151         [self proceedWithKeys:fetchKeysOp.viewKeySets tlkShares:filteredTLKShares salt:self.salt];
 152     }];
 153
 154     [proceedWithKeys addDependency:fetchKeysOp];
 155     [self runBeforeGroupFinished:proceedWithKeys];
 156 }
 157
 158 - (void)proceedWithKeys:(NSArray<CKKSKeychainBackedKeySet*>*)viewKeySets tlkShares:(NSArray<CKKSTLKShare*>*)tlkShares salt:(NSString*)salt
 159 {
 160     WEAKIFY(self);
 161
 162     [self.deps.cuttlefishXPCWrapper vouchWithRecoveryKeyWithContainer:self.deps.containerName
 163                                                               context:self.deps.contextID
 164                                                           recoveryKey:self.recoveryKey
 165                                                                  salt:salt
 166                                                             tlkShares:tlkShares
 167                                                                 reply:^(NSData * _Nullable voucher, NSData * _Nullable voucherSig, NSError * _Nullable error) {
 168             STRONGIFY(self);
 169             if(error){
 170                 [[CKKSAnalytics logger] logResultForEvent:OctagonEventVoucherWithRecoveryKey hardFailure:true result:error];
 171                 secerror("octagon: Error preparing voucher using recovery key: %@", error);
 172                 self.error = error;
 173                 [self runBeforeGroupFinished:self.finishOp];
 174                 return;
 175             }
 176             self.voucher = voucher;
 177             self.voucherSig = voucherSig;
 178
 179             if(self.saveVoucher) {
 180                 secnotice("octagon", "Saving voucher for later use...");
 181                 NSError* saveError = nil;
 182                 [self.deps.stateHolder persistAccountChanges:^OTAccountMetadataClassC * _Nullable(OTAccountMetadataClassC * _Nonnull metadata) {
 183                     metadata.voucher = voucher;
 184                     metadata.voucherSignature = voucherSig;
 185                     return metadata;
 186                 } error:&saveError];
 187                 if(saveError) {
 188                     secnotice("octagon", "unable to save voucher: %@", saveError);
 189                     [self runBeforeGroupFinished:self.finishOp];
 190                     return;
 191                 }
 192             }
 193
 194             secnotice("octagon", "Successfully vouched with a recovery key: %@, %@", voucher, voucherSig);
 195             self.nextState = self.intendedState;
 196             [self runBeforeGroupFinished:self.finishOp];
 197         }];
 198 }
 199
 200 @end
 201
 202 #endif // OCTAGON