github.com/keybase/client/go@v0.0.0-20241007131713-f10651d043c8/engine/signup.go (about) 1 // Copyright 2015 Keybase, Inc. All rights reserved. Use of 2 // this source code is governed by the included BSD license. 3 4 package engine 5 6 import ( 7 "encoding/base64" 8 "fmt" 9 10 "github.com/keybase/client/go/libkb" 11 "github.com/keybase/client/go/protocol/keybase1" 12 triplesec "github.com/keybase/go-triplesec" 13 ) 14 15 // For password-less signups, number of bytes that are randomly generated 16 // and then encoded with base64 to be used as user's passphrase. 17 const randomPassphraseLen = 16 18 19 type SignupEngine struct { 20 pwsalt []byte 21 ppStream *libkb.PassphraseStream 22 tsec libkb.Triplesec 23 uid keybase1.UID 24 me *libkb.User 25 signingKey libkb.GenericKey 26 encryptionKey libkb.NaclDHKeyPair 27 arg *SignupEngineRunArg 28 lks *libkb.LKSec 29 perUserKeyring *libkb.PerUserKeyring // Created after provisioning. Sent to paperkey gen. 30 paperKey *libkb.PaperKeyPhrase 31 } 32 33 var _ Engine2 = (*SignupEngine)(nil) 34 35 type SignupEngineRunArg struct { 36 Username string 37 Email string 38 InviteCode string 39 Passphrase string 40 GenerateRandomPassphrase bool 41 StoreSecret bool 42 DeviceName string 43 DeviceType keybase1.DeviceType 44 SkipGPG bool 45 SkipMail bool 46 SkipPaper bool 47 GenPGPBatch bool // if true, generate and push a pgp key to the server (no interaction) 48 VerifyEmail bool 49 50 // Bot signups have random PWs, no device keys, an eldest paper key, and return a paper key via 51 // the main flow; you need to supply a bot token to signup with them. 52 BotToken keybase1.BotToken 53 54 // Used in tests for reproducible key generation 55 naclSigningKeyPair libkb.NaclKeyPair 56 naclEncryptionKeyPair libkb.NaclKeyPair 57 } 58 59 func NewSignupEngine(g *libkb.GlobalContext, arg *SignupEngineRunArg) *SignupEngine { 60 return &SignupEngine{ 61 arg: arg, 62 } 63 } 64 65 func (s *SignupEngine) Name() string { 66 return "Signup" 67 } 68 69 func (s *SignupEngine) RequiredUIs() []libkb.UIKind { 70 return nil 71 } 72 73 func (s *SignupEngine) Prereqs() Prereqs { return Prereqs{} } 74 75 func (s *SignupEngine) SubConsumers() []libkb.UIConsumer { 76 if s.arg.BotToken.Exists() { 77 return nil 78 } 79 return []libkb.UIConsumer{ 80 &GPGImportKeyEngine{}, 81 &DeviceWrap{}, 82 &PaperKeyPrimary{}, 83 } 84 } 85 86 func (s *SignupEngine) GetMe() *libkb.User { 87 return s.me 88 } 89 90 func (s *SignupEngine) PaperKey() *libkb.PaperKeyPhrase { 91 return s.paperKey 92 } 93 94 func (s *SignupEngine) Run(m libkb.MetaContext) (err error) { 95 defer m.Trace("SignupEngine#Run", &err)() 96 97 if err = m.LogoutKeepSecrets(); err != nil { 98 return err 99 } 100 101 // StoreSecret is required if we are doing NOPW 102 if !s.arg.StoreSecret && s.arg.GenerateRandomPassphrase && s.arg.BotToken.IsNil() { 103 return fmt.Errorf("cannot SignUp with StoreSecret=false and GenerateRandomPassphrase=true") 104 } 105 106 // check if secret store works 107 if s.arg.StoreSecret { 108 if ss := m.G().SecretStore(); ss != nil { 109 if s.arg.GenerateRandomPassphrase && !ss.IsPersistent() { 110 // IsPersistent returns true if SecretStoreLocked is 111 // disk-backed, and false if it's only memory backed. 112 return SecretStoreNotFunctionalError{err: fmt.Errorf("persistent secret store is required for no-passphrase signup")} 113 } 114 115 err = ss.PrimeSecretStores(m) 116 if err != nil { 117 return SecretStoreNotFunctionalError{err} 118 } 119 } else if s.arg.GenerateRandomPassphrase { 120 return SecretStoreNotFunctionalError{err: fmt.Errorf("secret store is required for no-passphrase signup but wasn't found")} 121 } else { 122 m.Debug("There is no secret store, but we are continuing because this is not a NOPW") 123 } 124 } 125 126 m = m.WithNewProvisionalLoginContext() 127 128 if err = s.genPassphraseStream(m, s.arg.Passphrase, s.arg.GenerateRandomPassphrase); err != nil { 129 return err 130 } 131 132 if s.arg.BotToken.Exists() && s.arg.InviteCode == "" { 133 s.arg.InviteCode, err = libkb.GetInvitationCode(m) 134 if err != nil { 135 return err 136 } 137 } 138 139 if err = s.join(m, *s.arg); err != nil { 140 return err 141 } 142 143 s.perUserKeyring, err = libkb.NewPerUserKeyring(m.G(), s.uid) 144 if err != nil { 145 return err 146 } 147 148 err = s.registerDevice(m, s.arg.DeviceName, s.arg.GenerateRandomPassphrase) 149 if err != nil { 150 return err 151 } 152 153 if s.arg.BotToken.IsNil() { 154 m.Info("Signed up and provisioned a device.") 155 } 156 157 // After we are provisioned, do not fail the signup process. Everything 158 // else happening here is optional. 159 160 if !s.arg.SkipPaper { 161 if err = s.genPaperKeys(m); err != nil { 162 m.Warning("Paper key was not generated. Failed with an error: %s", err) 163 } 164 } 165 166 // GenPGPBatch can be set in devel CLI to generate 167 // a pgp key and push it to the server without any 168 // user interaction to make testing easier. 169 if s.arg.GenPGPBatch { 170 if err = s.genPGPBatch(m); err != nil { 171 m.Warning("genPGPBatch failed with an error: %s", err) 172 } 173 } 174 175 if err := s.doGPG(m); err != nil { 176 // We don't care if GPG import fails, continue with the signup process 177 // because it's too late anyway. Failing here would leave a signed up 178 // and logged in user in a weird state where their GUI does not know 179 // they are logged in, and also other processes (CreateWallet) will not 180 // run. 181 m.Warning("Attempt at importing PGP keys from GPG failed with: %s", err) 182 } 183 184 m = m.CommitProvisionalLogin() 185 186 // signup complete, notify anyone interested. 187 m.G().NotifyRouter.HandleSignup(m.Ctx(), s.arg.Username) 188 189 // For instance, setup gregor and friends... 190 m.G().CallLoginHooks(m) 191 192 m.G().GetStellar().CreateWalletSoft(m.Ctx()) 193 194 return nil 195 } 196 197 func (s *SignupEngine) doGPG(m libkb.MetaContext) error { 198 199 if s.arg.SkipGPG { 200 return nil 201 } 202 203 // only desktop potentially has gpg, so if not desktop then 204 // bail out 205 if s.arg.DeviceType != keybase1.DeviceType_DESKTOP { 206 return nil 207 } 208 209 if wantsGPG, err := s.checkGPG(m); err != nil { 210 return err 211 } else if wantsGPG { 212 if err := s.addGPG(m, true, true); err != nil { 213 return fmt.Errorf("addGPG error: %s", err) 214 } 215 } 216 return nil 217 } 218 219 func (s *SignupEngine) genRandomPassphrase(m libkb.MetaContext) (string, error) { 220 str, err := libkb.RandBytes(randomPassphraseLen) 221 if err != nil { 222 return "", err 223 } 224 return base64.StdEncoding.EncodeToString(str), nil 225 } 226 227 func (s *SignupEngine) genPassphraseStream(m libkb.MetaContext, passphrase string, randomPW bool) error { 228 if randomPW { 229 if len(passphrase) != 0 { 230 return fmt.Errorf("Tried to generate random passphrase but also provided passphrase argument") 231 } 232 var err error 233 passphrase, err = s.genRandomPassphrase(m) 234 if err != nil { 235 return err 236 } 237 } 238 if len(passphrase) < libkb.MinPassphraseLength { 239 return libkb.PassphraseError{Msg: fmt.Sprintf("Passphrase must be at least %d characters", libkb.MinPassphraseLength)} 240 } 241 salt, err := libkb.RandBytes(triplesec.SaltLen) 242 if err != nil { 243 return err 244 } 245 s.pwsalt = salt 246 s.tsec, s.ppStream, err = libkb.StretchPassphrase(m.G(), passphrase, salt) 247 if err != nil { 248 return err 249 } 250 return nil 251 } 252 253 func (s *SignupEngine) join(m libkb.MetaContext, arg SignupEngineRunArg) error { 254 m.Debug("SignupEngine#join") 255 joinEngine := NewSignupJoinEngine(m.G()) 256 257 pdpkda5kid, err := s.ppStream.PDPKA5KID() 258 if err != nil { 259 return err 260 } 261 262 jarg := SignupJoinEngineRunArg{ 263 Username: arg.Username, 264 Email: arg.Email, 265 InviteCode: arg.InviteCode, 266 PWHash: s.ppStream.PWHash(), 267 PWSalt: s.pwsalt, 268 RandomPW: arg.GenerateRandomPassphrase, 269 SkipMail: arg.SkipMail, 270 PDPKA5KID: pdpkda5kid, 271 VerifyEmail: arg.VerifyEmail, 272 BotToken: arg.BotToken, 273 } 274 res := joinEngine.Run(m, jarg) 275 if res.Err != nil { 276 return res 277 } 278 279 s.ppStream.SetGeneration(res.PpGen) 280 m.LoginContext().CreateStreamCache(s.tsec, s.ppStream) 281 282 s.uid = res.UV.Uid 283 luArg := libkb.NewLoadUserArgWithMetaContext(m).WithSelf(true).WithUID(res.UV.Uid).WithPublicKeyOptional() 284 user, err := libkb.LoadUser(luArg) 285 if err != nil { 286 return err 287 } 288 289 s.me = user 290 return nil 291 } 292 293 func (s *SignupEngine) generateEldestPaperKey(m libkb.MetaContext, args *DeviceWrapArgs) (err error) { 294 tmp, err := libkb.MakePaperKeyPhrase(libkb.PaperKeyVersion) 295 if err != nil { 296 return err 297 } 298 s.paperKey = &tmp 299 300 kgarg := &PaperKeyGenArg{ 301 Passphrase: tmp, 302 Me: s.me, 303 SkipPush: true, 304 } 305 eng := NewPaperKeyGen(m.G(), kgarg) 306 err = RunEngine2(m, eng) 307 if err != nil { 308 return err 309 } 310 args.naclSigningKeyPair = eng.SigKey().(libkb.NaclKeyPair) 311 args.naclEncryptionKeyPair = eng.EncKey() 312 args.DeviceName = s.paperKey.Prefix() 313 args.DeviceType = keybase1.DeviceTypeV2_PAPER 314 args.DeviceID = eng.DeviceID() 315 316 return nil 317 } 318 319 func (s *SignupEngine) registerDevice(m libkb.MetaContext, deviceName string, randomPw bool) error { 320 m.Debug("SignupEngine#registerDevice") 321 s.lks = libkb.NewLKSec(s.ppStream, s.uid) 322 args := &DeviceWrapArgs{ 323 Me: s.me, 324 DeviceName: libkb.CheckDeviceName.Transform(deviceName), 325 Lks: s.lks, 326 IsEldest: true, 327 naclSigningKeyPair: s.arg.naclSigningKeyPair, 328 naclEncryptionKeyPair: s.arg.naclEncryptionKeyPair, 329 } 330 331 switch s.arg.DeviceType { 332 case keybase1.DeviceType_DESKTOP: 333 args.DeviceType = keybase1.DeviceTypeV2_DESKTOP 334 case keybase1.DeviceType_MOBILE: 335 args.DeviceType = keybase1.DeviceTypeV2_MOBILE 336 default: 337 if s.arg.BotToken.IsNil() { 338 return fmt.Errorf("unknown device type: %v", s.arg.DeviceType) 339 } 340 } 341 342 if s.arg.BotToken.Exists() { 343 err := s.generateEldestPaperKey(m, args) 344 if err != nil { 345 return err 346 } 347 } 348 349 if !libkb.CheckDeviceName.F(args.DeviceName) { 350 m.Debug("invalid device name supplied: %s", args.DeviceName) 351 return libkb.DeviceBadNameError{} 352 } 353 354 eng := NewDeviceWrap(m.G(), args) 355 err := RunEngine2(m, eng) 356 if err != nil { 357 m.Warning("Failed to provision device: %s", err) 358 if ssErr := s.storeSecretForRecovery(m); ssErr != nil { 359 m.Warning("Failed to store secrets for recovery: %s", ssErr) 360 } 361 return err 362 } 363 364 if err := eng.SwitchConfigAndActiveDevice(m); err != nil { 365 return err 366 } 367 368 s.signingKey = eng.SigningKey() 369 s.encryptionKey = eng.EncryptionKey() 370 did := eng.DeviceID() 371 372 if err := m.LoginContext().LocalSession().SetDeviceProvisioned(did); err != nil { 373 // this isn't a fatal error, session will stay in memory... 374 m.Warning("error saving session file: %s", err) 375 } 376 377 s.storeSecret(m, randomPw) 378 379 m.Debug("registered new device: %s", m.G().Env.GetDeviceID()) 380 m.Debug("eldest kid: %s", s.me.GetEldestKID()) 381 382 return nil 383 } 384 385 func (s *SignupEngine) storeSecret(m libkb.MetaContext, randomPw bool) { 386 defer m.Trace("SignupEngine#storeSecret", nil)() 387 388 // Create the secret store as late as possible here, as the username may 389 // change during the signup process. 390 if !s.arg.StoreSecret { 391 m.Debug("not storing secret; disabled") 392 return 393 } 394 395 w := libkb.StoreSecretAfterLoginWithLKSWithOptions(m, s.me.GetNormalizedName(), s.lks, &libkb.SecretStoreOptions{RandomPw: randomPw}) 396 if w != nil { 397 m.Warning("StoreSecret error: %s", w) 398 } 399 } 400 401 func (s *SignupEngine) storeSecretForRecovery(m libkb.MetaContext) (err error) { 402 defer m.Trace("SignupEngine#storeSecretForRecovery", &err)() 403 404 if !s.arg.GenerateRandomPassphrase { 405 m.Debug("Not GenerateRandomPassphrase - skipping storeSecretForRecovery") 406 return nil 407 } 408 409 username := s.me.GetNormalizedName() 410 err = libkb.StorePwhashEddsaPassphraseStream(m, username, s.ppStream) 411 if err != nil { 412 return err 413 } 414 415 return nil 416 } 417 418 func (s *SignupEngine) genPaperKeys(m libkb.MetaContext) error { 419 m.Debug("SignupEngine#genPaperKeys") 420 // Load me again so that keys will be up to date. 421 var err error 422 s.me, err = libkb.LoadUser(libkb.NewLoadUserArgWithMetaContext(m).WithSelf(true).WithUID(s.me.GetUID()).WithPublicKeyOptional()) 423 if err != nil { 424 return err 425 } 426 427 args := &PaperKeyPrimaryArgs{ 428 Me: s.me, 429 SigningKey: s.signingKey, 430 EncryptionKey: s.encryptionKey, 431 PerUserKeyring: s.perUserKeyring, 432 } 433 434 eng := NewPaperKeyPrimary(m.G(), args) 435 return RunEngine2(m, eng) 436 } 437 438 func (s *SignupEngine) checkGPG(m libkb.MetaContext) (bool, error) { 439 eng := NewGPGImportKeyEngine(m.G(), nil) 440 return eng.WantsGPG(m) 441 } 442 443 func (s *SignupEngine) addGPG(m libkb.MetaContext, allowMulti bool, hasProvisionedDevice bool) (err error) { 444 defer m.Trace(fmt.Sprintf("SignupEngine.addGPG(signingKey: %v)", s.signingKey), &err)() 445 446 arg := GPGImportKeyArg{Signer: s.signingKey, AllowMulti: allowMulti, Me: s.me, Lks: s.lks, HasProvisionedDevice: hasProvisionedDevice} 447 eng := NewGPGImportKeyEngine(m.G(), &arg) 448 if err = RunEngine2(m, eng); err != nil { 449 return err 450 } 451 452 if s.signingKey == nil { 453 s.signingKey = eng.LastKey() 454 } 455 return nil 456 } 457 458 func (s *SignupEngine) genPGPBatch(m libkb.MetaContext) error { 459 m.Debug("SignupEngine#genPGPBatch") 460 gen := libkb.PGPGenArg{ 461 PrimaryBits: 1024, 462 SubkeyBits: 1024, 463 } 464 465 // genPGPBatch should never be run in production, but if there's 466 // a bug or a mistunderstanding in the future, generate a good key. 467 if m.G().Env.GetRunMode() != libkb.DevelRunMode { 468 gen.PrimaryBits = 4096 469 gen.SubkeyBits = 4096 470 } 471 gen.AddDefaultUID(m.G()) 472 473 tsec, sgen := m.LoginContext().PassphraseStreamCache().TriplesecAndGeneration() 474 475 eng := NewPGPKeyImportEngine(m.G(), PGPKeyImportEngineArg{ 476 Gen: &gen, 477 PushSecret: true, 478 Lks: s.lks, 479 NoSave: true, 480 PreloadTsec: tsec, 481 PreloadStreamGen: sgen, 482 }) 483 484 return RunEngine2(m, eng) 485 }