2 * Copyright (c) 2019 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 import SecurityFoundation
27 let OT_RECOVERY_SIGNING_HKDF_SIZE = 56
28 let OT_RECOVERY_ENCRYPTION_HKDF_SIZE = 56
30 enum RecoveryKeyType: Int {
31 case kOTRecoveryKeySigning = 1
32 case kOTRecoveryKeyEncryption = 2
35 class RecoveryKeySet: NSObject {
36 var encryptionKey: _SFECKeyPair
37 var signingKey: _SFECKeyPair
40 var recoverySalt: String
42 init (secret: Data, recoverySalt: String) throws {
44 self.recoverySalt = recoverySalt
46 let encryptionKeyData = try RecoveryKeySet.generateRecoveryKey(keyType: RecoveryKeyType.kOTRecoveryKeyEncryption, masterSecret: secret, recoverySalt: recoverySalt)
47 self.encryptionKey = _SFECKeyPair.init(secKey: try RecoveryKeySet.createSecKey(keyData: encryptionKeyData))
49 let signingKeyData = try RecoveryKeySet.generateRecoveryKey(keyType: RecoveryKeyType.kOTRecoveryKeySigning, masterSecret: secret, recoverySalt: recoverySalt)
50 self.signingKey = _SFECKeyPair.init(secKey: try RecoveryKeySet.createSecKey(keyData: signingKeyData))
52 // Note: this uses the SPKI hash, and not the key data hash
53 // So, this will not match the RK's peer ID
54 let RecoverySigningPubKeyHash = RecoveryKeySet.hashRecoveryedSigningPublicKey(keyData: self.signingKey.publicKey().spki())
55 _ = try RecoveryKeySet.storeRecoveryedSigningKeyPair(keyData: self.signingKey.keyData, label: RecoverySigningPubKeyHash)
56 _ = try RecoveryKeySet.storeRecoveryedEncryptionKeyPair(keyData: self.encryptionKey.keyData, label: RecoverySigningPubKeyHash)
59 class func generateMasterKeyString() -> (String?) {
60 return SecRKCreateRecoveryKeyString(nil) as String
63 class func generateRecoveryKey(keyType: RecoveryKeyType, masterSecret: Data, recoverySalt: String) throws -> (Data) {
70 case RecoveryKeyType.kOTRecoveryKeyEncryption:
71 keyLength = OT_RECOVERY_ENCRYPTION_HKDF_SIZE
73 let infoString = Array("Recovery Encryption Private Key".utf8)
74 info = Data(bytes: infoString, count: infoString.count)
76 case RecoveryKeyType.kOTRecoveryKeySigning:
77 keyLength = OT_RECOVERY_SIGNING_HKDF_SIZE
79 let infoString = Array("Recovery Signing Private Key".utf8)
80 info = Data(bytes: infoString, count: infoString.count)
83 guard let cp = ccec_cp_384() else {
84 throw RecoveryKeySetError.keyGeneration
88 let fullKey = TPHObjectiveC.ccec384Context()
89 defer { TPHObjectiveC.contextFree(fullKey) }
91 derivedKey = Data(count: keyLength)
93 var masterSecretMutable = masterSecret
95 let bottleSaltData = Data(bytes: Array(recoverySalt.utf8), count: recoverySalt.utf8.count)
97 try derivedKey.withUnsafeMutableBytes { (derivedKeyBytes: UnsafeMutableRawBufferPointer) throws ->Void in
98 try masterSecretMutable.withUnsafeMutableBytes { (masterSecretBytes: UnsafeMutableRawBufferPointer) throws ->Void in
99 try bottleSaltData.withUnsafeBytes { (bottleSaltBytes: UnsafeRawBufferPointer) throws -> Void in
100 try info.withUnsafeBytes { (infoBytes: UnsafeRawBufferPointer) throws -> Void in
101 status = cchkdf(ccsha384_di(),
102 masterSecretBytes.count, masterSecretBytes.baseAddress!,
103 bottleSaltBytes.count, bottleSaltBytes.baseAddress!,
104 infoBytes.count, infoBytes.baseAddress!,
105 derivedKeyBytes.count, derivedKeyBytes.baseAddress!)
107 throw RecoveryKeySetError.corecryptoKeyGeneration(corecryptoError: status)
110 if keyType == RecoveryKeyType.kOTRecoveryKeyEncryption || keyType == RecoveryKeyType.kOTRecoveryKeySigning {
111 status = ccec_generate_key_deterministic(cp,
112 derivedKeyBytes.count, derivedKeyBytes.bindMemory(to: UInt8.self).baseAddress!,
114 UInt32(CCEC_GENKEY_DETERMINISTIC_FIPS),
117 guard status == 0 else {
118 throw RecoveryKeySetError.corecryptoKeyGeneration(corecryptoError: status)
121 let space = ccec_x963_export_size(1, ccec_ctx_pub(fullKey))
122 var key = Data(count: space)
123 key.withUnsafeMutableBytes { (bytes: UnsafeMutableRawBufferPointer) -> Void in
124 ccec_x963_export(1, bytes.baseAddress!, fullKey)
135 class func createSecKey(keyData: Data) throws -> (SecKey) {
136 let keyAttributes = [kSecAttrKeyClass: kSecAttrKeyClassPrivate, kSecAttrKeyType: kSecAttrKeyTypeEC]
138 guard let key = SecKeyCreateWithData(keyData as CFData, keyAttributes as CFDictionary, nil) else {
139 throw RecoveryKeySetError.keyGeneration
145 class func setKeyMaterialInKeychain(query: [CFString: Any]) throws -> (Bool) {
148 var results: CFTypeRef?
149 var status = SecItemAdd(query as CFDictionary, &results)
151 if status == errSecSuccess {
153 } else if status == errSecDuplicateItem {
154 var updateQuery: [CFString: Any] = query
155 updateQuery[kSecClass] = nil
157 status = SecItemUpdate(query as CFDictionary, updateQuery as CFDictionary)
159 if status != errSecSuccess {
160 throw RecoveryKeySetError.failedToSaveToKeychain(errorCode: status)
165 throw RecoveryKeySetError.failedToSaveToKeychain(errorCode: status)
171 class func hashRecoveryedSigningPublicKey(keyData: Data) -> (String) {
172 let di = ccsha384_di()
173 var result = Data(count: TPHObjectiveC.ccsha384_diSize())
175 var keyDataMutable = keyData
176 result.withUnsafeMutableBytes {(resultBytes: UnsafeMutableRawBufferPointer) -> Void in
177 keyDataMutable.withUnsafeMutableBytes {(keyDataBytes: UnsafeMutableRawBufferPointer) -> Void in
178 ccdigest(di, keyDataBytes.count, keyDataBytes.baseAddress!, resultBytes.baseAddress!)
181 let hash = result.base64EncodedString(options: [])
186 class func storeRecoveryedEncryptionKeyPair(keyData: Data, label: String) throws -> (Bool) {
187 let query: [CFString: Any] = [
188 kSecClass: kSecClassKey,
189 kSecAttrAccessible: kSecAttrAccessibleWhenUnlocked,
190 kSecUseDataProtectionKeychain: true,
191 kSecAttrAccessGroup: "com.apple.security.octagon",
192 kSecAttrSynchronizable: false,
193 kSecAttrLabel: label,
194 kSecAttrApplicationLabel: String(format: "Recoveryed Encryption Key-%@", NSUUID().uuidString),
195 kSecValueData: keyData,
197 return try RecoveryKeySet.setKeyMaterialInKeychain(query: query)
200 class func storeRecoveryedSigningKeyPair(keyData: Data, label: String) throws -> (Bool) {
201 let query: [CFString: Any] = [
202 kSecClass: kSecClassKey,
203 kSecAttrAccessible: kSecAttrAccessibleWhenUnlocked,
204 kSecUseDataProtectionKeychain: true,
205 kSecAttrAccessGroup: "com.apple.security.octagon",
206 kSecAttrSynchronizable: false,
207 kSecAttrApplicationLabel: String(format: "Recoveryed Signing Key-%@", NSUUID().uuidString),
208 kSecAttrLabel: label,
209 kSecValueData: keyData,
211 return try RecoveryKeySet.setKeyMaterialInKeychain(query: query)
214 class func retrieveRecoveryKeysFromKeychain(label: String) throws -> [ [CFString: Any]]? {
215 var keySet: [[CFString: Any]]?
217 let query: [CFString: Any] = [
218 kSecClass: kSecClassKey,
219 kSecAttrAccessGroup: "com.apple.security.octagon",
220 kSecAttrLabel: label,
221 kSecReturnAttributes: true,
222 kSecReturnData: true,
223 kSecAttrSynchronizable: false,
224 kSecMatchLimit: kSecMatchLimitAll,
227 var result: CFTypeRef?
228 let status = SecItemCopyMatching(query as CFDictionary, &result)
230 if status != errSecSuccess || result == nil {
231 throw RecoveryKeySetError.itemDoesNotExist
235 if let dictionaryArray = result as? [[CFString: Any]] {
236 keySet = dictionaryArray
238 if let dictionary = result as? [CFString: Any] {
239 keySet = [dictionary]
248 class func findRecoveryKeysForLabel(label: String) throws -> (_SFECKeyPair?, _SFECKeyPair?) {
249 var signingKey: _SFECKeyPair?
250 var encryptionKey: _SFECKeyPair?
252 let keySet = try retrieveRecoveryKeysFromKeychain(label: label)
254 throw RecoveryKeySetError.itemDoesNotExist
256 for item in keySet! {
257 let keyTypeData = item[kSecAttrApplicationLabel as CFString] as! Data
258 let keyType = String(data: keyTypeData, encoding: .utf8)!
260 if keyType.contains("Encryption") {
261 let keyData = item[kSecValueData as CFString] as! Data
262 let encryptionSecKey = try RecoveryKeySet.createSecKey(keyData: keyData)
263 encryptionKey = _SFECKeyPair.init(secKey: encryptionSecKey)
264 } else if keyType.contains("Signing") {
265 let keyData = item[kSecValueData as CFString] as! Data
266 let signingSecKey = try RecoveryKeySet.createSecKey(keyData: keyData)
267 signingKey = _SFECKeyPair.init(secKey: signingSecKey)
269 throw RecoveryKeySetError.unsupportedKeyType(keyType: keyType)
273 return (signingKey, encryptionKey)
277 enum RecoveryKeySetError: Error {
279 case itemDoesNotExist
280 case failedToSaveToKeychain(errorCode: OSStatus)
281 case unsupportedKeyType(keyType: String)
282 case corecryptoKeyGeneration(corecryptoError: Int32)
285 extension RecoveryKeySetError: LocalizedError {
286 public var errorDescription: String? {
289 return "Key generation failed"
290 case .itemDoesNotExist:
291 return "Item does not exist"
292 case .failedToSaveToKeychain(errorCode: let osError):
293 return "Failed to save item to keychain: \(osError)"
294 case .unsupportedKeyType(keyType: let keyType):
295 return "Unsupported Key Type \(keyType)"
296 case .corecryptoKeyGeneration(corecryptoError: let corecryptoError):
297 return "Key generation crypto failed \(corecryptoError)"
302 extension RecoveryKeySetError: CustomNSError {
303 public static var errorDomain: String {
304 return "com.apple.security.trustedpeers.RecoveryKeySetError"
307 public var errorCode: Int {
311 case .itemDoesNotExist:
313 case .failedToSaveToKeychain:
315 case .unsupportedKeyType:
317 case .corecryptoKeyGeneration:
322 public var errorUserInfo: [String: Any] {
323 var userInfo: [String: Any] = [:]
324 if let desc = self.errorDescription {
325 userInfo[NSLocalizedDescriptionKey] = desc
328 case .failedToSaveToKeychain(errorCode: let osError):
329 userInfo[NSUnderlyingErrorKey] = NSError(domain: NSOSStatusErrorDomain, code: Int(osError), userInfo: nil)
330 case .corecryptoKeyGeneration(corecryptoError: let corecryptoError):
331 userInfo[NSUnderlyingErrorKey] = NSError(domain: "corecrypto", code: Int(corecryptoError), userInfo: nil)
projects / apple / security.git / blob