]> git.saurik.com Git - apple/security.git/blob - OSX/sec/securityd/Regressions/secd60-account-cloud-exposure.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57337.40.85.tar.gz
[apple/security.git] / OSX / sec / securityd / Regressions / secd60-account-cloud-exposure.c
1 /*
2 * Copyright (c) 2013-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 //
25 // secd60-account-cloud-exposure.c
26 // sec
27 //
28
29
30
31 #include <Security/SecBase.h>
32 #include <Security/SecItem.h>
33
34 #include <CoreFoundation/CFDictionary.h>
35
36 #include <Security/SecureObjectSync/SOSAccount.h>
37 #include <Security/SecureObjectSync/SOSPeerInfoPriv.h>
38 #include <Security/SecureObjectSync/SOSCloudCircle.h>
39 #include <Security/SecureObjectSync/SOSInternal.h>
40 #include <Security/SecureObjectSync/SOSUserKeygen.h>
41 #include <Security/SecureObjectSync/SOSTransport.h>
42
43 #include <stdlib.h>
44 #include <unistd.h>
45
46 #include "secd_regressions.h"
47 #include "SOSTestDataSource.h"
48
49 #include "SOSRegressionUtilities.h"
50 #include <utilities/SecCFWrappers.h>
51 #include <Security/SecKeyPriv.h>
52
53 #include <securityd/SOSCloudCircleServer.h>
54
55 #include "SOSAccountTesting.h"
56
57 #include "SecdTestKeychainUtilities.h"
58
59 static int kTestTestCount = 58;
60
61 static bool SOSAccountAddiCloudIdentity(SOSAccountRef account, SOSCircleRef circle, SecKeyRef user_key, CFErrorRef *error) {
62 bool result = false;
63 SOSFullPeerInfoRef cloud_identity = NULL;
64 SOSPeerInfoRef cloud_peer = GenerateNewCloudIdentityPeerInfo(error);
65 require_quiet(cloud_peer, err_out);
66 cloud_identity = CopyCloudKeychainIdentity(cloud_peer, error);
67 CFReleaseNull(cloud_peer);
68 require_quiet(cloud_identity, err_out);
69 require_quiet(SOSCircleRequestAdmission(circle, user_key, cloud_identity, error), err_out);
70 require_quiet(SOSCircleAcceptRequest(circle, user_key, account->my_identity, SOSFullPeerInfoGetPeerInfo(cloud_identity), error), err_out);
71 result = true;
72 err_out:
73 return result;
74 }
75
76 static bool SOSAccountResetCircleToNastyOffering(SOSAccountRef account, SecKeyRef userPriv, SOSPeerInfoRef pi, CFErrorRef *error) {
77 bool result = false;
78 SecKeyRef userPub = SecKeyCreatePublicFromPrivate(userPriv);
79
80 require(SOSAccountHasCircle(account, error), fail);
81 require(SOSAccountEnsureFullPeerAvailable(account, error), fail);
82
83 // Save for reclaming
84 //mygestalt = CFDictionaryCreateCopy(kCFAllocatorDefault, SOSPeerGetGestalt(SOSFullPeerInfoGetPeerInfo(account->my_identity)));
85
86 (void) SOSAccountResetAllRings(account, error);
87
88 SOSAccountModifyCircle(account, error, ^(SOSCircleRef circle) {
89 bool result = false;
90 CFErrorRef localError = NULL;
91 SOSFullPeerInfoRef iCloudfpi = NULL;
92
93 //sleep(10);
94 require_quiet(SOSCircleResetToEmpty(circle, error), err_out);
95 require_quiet(SOSAccountAddiCloudIdentity(account, circle, userPriv, error), err_out);
96 require_quiet(iCloudfpi = SOSCircleCopyiCloudFullPeerInfoRef(circle, error), err_out);
97
98 /* Add the defenders peerInfo to circle */
99 require_quiet(SOSCircleRequestReadmission(circle, userPub, pi, error), err_out);
100 require_quiet(SOSCircleAcceptRequest(circle, userPriv, iCloudfpi, pi, error), err_out);
101
102 account->departure_code = kSOSNeverLeftCircle;
103
104 result = true;
105 account->trusted_circle = SOSCircleCopyCircle(kCFAllocatorDefault, circle, error);
106 SOSAccountPublishCloudParameters(account, NULL);
107 account->my_identity = NULL;
108
109 err_out:
110 if (result == false)
111 secerror("error resetting circle (%@) to offering: %@", circle, localError);
112 if (localError && error && *error == NULL) {
113 *error = localError;
114 localError = NULL;
115 }
116 CFReleaseNull(localError);
117 return result;
118 });
119
120 result = true;
121
122 fail:
123 return result;
124 }
125
126 static bool SOSAccountResetToNastyOffering(SOSAccountRef account, SOSPeerInfoRef pi, CFErrorRef* error) {
127 SecKeyRef user_key = SOSAccountGetPrivateCredential(account, error);
128 if (!user_key)
129 return false;
130
131 CFReleaseNull(account->my_identity);
132
133 return user_key && SOSAccountResetCircleToNastyOffering(account, user_key, pi, error);
134 }
135
136 static bool performiCloudIdentityAttack(SOSAccountRef attacker, SOSAccountRef defender, SOSAccountRef accomplice, CFMutableDictionaryRef changes) {
137 CFErrorRef error = NULL;
138 bool retval = false; // false means the attack succeeds
139 CFArrayRef applicants = NULL;
140
141 /*----- Carole makes bogus circle with fake iCloud identity and Alice's peerInfo but only signed with fake iCloud identity -----*/
142
143 require_action_quiet(SOSAccountResetToNastyOffering(attacker, SOSFullPeerInfoGetPeerInfo(defender->my_identity), &error), testDone, retval = true);
144 CFReleaseNull(error);
145
146 ProcessChangesUntilNoChange(changes, defender, accomplice, attacker, NULL);
147
148 /*----- Now use our fake iCloud identity to get in to the circle for real -----*/
149 require_action_quiet(SOSAccountJoinCirclesAfterRestore(attacker, &error), testDone, retval = true);
150 CFReleaseNull(error);
151 require_action_quiet(countPeers(attacker) == 2, testDone, retval = true);
152
153 /*----- Let's see if carole can get bob into the circle and have alice believe it -----*/
154 require_action_quiet(SOSAccountJoinCircles(accomplice, &error), testDone, retval = true);
155 CFReleaseNull(error);
156
157 ProcessChangesUntilNoChange(changes, defender, accomplice, attacker, NULL);
158
159 applicants = SOSAccountCopyApplicants(attacker, &error);
160 CFReleaseNull(error);
161
162 if(CFArrayGetCount(applicants) > 0) {
163 require_action_quiet(SOSAccountAcceptApplicants(attacker, applicants, &error), testDone, retval = true);
164 }
165
166 ProcessChangesUntilNoChange(changes, defender, accomplice, attacker, NULL);
167
168 require_action_quiet(countPeers(defender) == 3, testDone, retval = true);
169 require_action_quiet(countPeers(accomplice) == 3, testDone, retval = true);
170 require_action_quiet(countPeers(attacker) == 3, testDone, retval = true);
171
172 testDone:
173 CFReleaseNull(applicants);
174 CFReleaseNull(error);
175 return retval;
176 }
177
178 static void tests(void)
179 {
180 CFErrorRef error = NULL;
181 CFDataRef cfpassword = CFDataCreate(NULL, (uint8_t *) "FooFooFoo", 10);
182 CFStringRef cfaccount = CFSTR("test@test.org");
183
184 CFMutableDictionaryRef changes = CFDictionaryCreateMutableForCFTypes(kCFAllocatorDefault);
185
186 SOSAccountRef alice_account = CreateAccountForLocalChanges( CFSTR("Alice"), CFSTR("TestSource"));
187 SOSAccountRef bob_account = CreateAccountForLocalChanges(CFSTR("Bob"), CFSTR("TestSource"));
188 SOSAccountRef carole_account = CreateAccountForLocalChanges(CFSTR("Carole"), CFSTR("TestSource"));
189
190 ok(SOSAccountAssertUserCredentialsAndUpdate(bob_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error);
191
192 // Bob wins writing at this point, feed the changes back to alice.
193 is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, carole_account, NULL), 1, "updates");
194
195 ok(SOSAccountAssertUserCredentialsAndUpdate(alice_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error);
196 CFReleaseNull(error);
197
198 ok(SOSAccountAssertUserCredentialsAndUpdate(carole_account, cfaccount, cfpassword, &error), "Credential setting (%@)", error);
199 CFReleaseNull(error);
200 ok(SOSAccountResetToOffering(alice_account, &error), "Reset to offering (%@)", error);
201 CFReleaseNull(error);
202
203 is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, carole_account, NULL), 2, "updates");
204
205 ok(SOSAccountJoinCircles(bob_account, &error), "Bob Applies (%@)", error);
206 CFReleaseNull(error);
207 is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, carole_account, NULL), 2, "updates");
208
209 {
210 CFArrayRef applicants = SOSAccountCopyApplicants(alice_account, &error);
211
212 ok(applicants && CFArrayGetCount(applicants) == 1, "See one applicant %@ (%@)", applicants, error);
213 ok(SOSAccountAcceptApplicants(alice_account, applicants, &error), "Alice accepts (%@)", error);
214 CFReleaseNull(error);
215 CFReleaseNull(applicants);
216 }
217
218 is(ProcessChangesUntilNoChange(changes, alice_account, bob_account, carole_account, NULL), 3, "updates");
219
220 accounts_agree("bob&alice pair", bob_account, alice_account);
221
222
223 ok(performiCloudIdentityAttack(carole_account, alice_account, bob_account, changes), "Attack is defeated");
224
225 CFReleaseNull(bob_account);
226 CFReleaseNull(alice_account);
227 CFReleaseNull(carole_account);
228 CFReleaseNull(cfpassword);
229
230 SOSUnregisterAllTransportMessages();
231 SOSUnregisterAllTransportCircles();
232 SOSUnregisterAllTransportKeyParameters();
233 CFArrayRemoveAllValues(key_transports);
234 CFArrayRemoveAllValues(circle_transports);
235 CFArrayRemoveAllValues(message_transports);
236
237 }
238
239 int secd_60_account_cloud_exposure(int argc, char *const *argv)
240 {
241 plan_tests(kTestTestCount);
242
243 secd_test_setup_temp_keychain(__FUNCTION__, NULL);
244
245 tests();
246
247 return 0;
248 }
mirror of Security