sync/sync.fsm
author Volker Birk <vb@pep.foundation>
Wed, 29 Aug 2018 21:40:59 +0200
branchsync
changeset 2902 5692b0768f9e
parent 2876 6ad08f60ae1b
child 2907 92f22b19b09e
permissions -rw-r--r--
resolve handshake symmetry
vb@2831
     1
// This file is under BSD License 2.0
vb@2831
     2
vb@2831
     3
// Sync protocol for p≡p
vb@2840
     4
// Copyright (c) 2016 - 2018, p≡p foundation
vb@2831
     5
vb@2831
     6
// Written by Volker Birk
vb@2831
     7
vb@2831
     8
include ./fsm.yml2
vb@2831
     9
vb@2831
    10
protocol Sync 1 {
vb@2831
    11
    // all messages have a timestamp, time out and are removed after timeout
vb@2831
    12
vb@2831
    13
    fsm KeySync 1 {
vb@2831
    14
        version 1, 2;
vb@2831
    15
        state InitState {
vb@2831
    16
            on Init {
vb@2831
    17
                if deviceGrouped
vb@2831
    18
                    go Grouped;
vb@2831
    19
                go Sole;
vb@2831
    20
            }
vb@2831
    21
        }
vb@2831
    22
vb@2831
    23
        state Sole {
vb@2831
    24
            on Init {
vb@2831
    25
                do openChallenge; // own challenge
vb@2865
    26
                send Beacon;
vb@2831
    27
            }
vb@2831
    28
vb@2831
    29
            on KeyGen
vb@2865
    30
                send Beacon;
vb@2831
    31
vb@2831
    32
            on CannotDecrypt // cry baby
vb@2865
    33
                send Beacon;
vb@2831
    34
vb@2831
    35
            on Beacon {
vb@2902
    36
                if weAreSecond {
vb@2902
    37
                    do storeChallenge; // partner's challenge
vb@2902
    38
                    do openTransaction;
vb@2902
    39
                    do storeTransaction;
vb@2902
    40
                    send HandshakeRequest;
vb@2902
    41
                }
vb@2902
    42
                if weAreFirst
vb@2902
    43
                    send Beacon;
vb@2831
    44
            }
vb@2831
    45
vb@2831
    46
            on HandshakeRequest {
vb@2831
    47
                if challengeAccepted {
vb@2831
    48
                    do storeTransaction;
vb@2865
    49
                    send HandshakeAnswer;
vb@2831
    50
                    if partnerIsGrouped
vb@2831
    51
                        go HandshakingWithGroup;
vb@2831
    52
vb@2831
    53
                    go HandshakingNew();
vb@2831
    54
                }
vb@2831
    55
            }
vb@2831
    56
vb@2831
    57
            on HandshakeAnswer
vb@2831
    58
                go HandshakingNew();
vb@2831
    59
        }
vb@2831
    60
vb@2831
    61
        // handshaking without existing Device group
vb@2831
    62
        state HandshakingNew {
vb@2831
    63
            on Init
vb@2831
    64
                do showSoleHandshake;
vb@2831
    65
vb@2831
    66
            // Cancel is Rollback
vb@2831
    67
            on Cancel {
vb@2865
    68
                send Rollback;
vb@2831
    69
                go Sole;
vb@2831
    70
            }
vb@2831
    71
vb@2831
    72
            on Rollback
vb@2831
    73
                go Sole;
vb@2831
    74
vb@2831
    75
            // Reject is CommitReject
vb@2831
    76
            on Reject {
vb@2865
    77
                send CommitReject;
vb@2831
    78
                do disable;
vb@2831
    79
                go End;
vb@2831
    80
            }
vb@2831
    81
vb@2831
    82
            on CommitReject {
vb@2831
    83
                do disable;
vb@2831
    84
                go End;
vb@2831
    85
            }
vb@2831
    86
vb@2831
    87
            // Accept is Phase1Commit
vb@2831
    88
            on Accept {
vb@2865
    89
                send CommitAccept;
vb@2831
    90
                go HandshakingNewPhase1;
vb@2831
    91
            }
vb@2831
    92
vb@2831
    93
            on CommitAccept
vb@2831
    94
                go HandshakingNewPhase1Own;
vb@2831
    95
        }
vb@2831
    96
vb@2831
    97
        state HandshakingNewPhase1 {
vb@2831
    98
            on Rollback
vb@2831
    99
                go Sole;
vb@2831
   100
            
vb@2831
   101
            on CommitReject {
vb@2831
   102
                do disable;
vb@2831
   103
                go End;
vb@2831
   104
            }
vb@2831
   105
vb@2831
   106
            on CommitAccept
vb@2831
   107
                go NewGroup;
vb@2831
   108
        }
vb@2831
   109
vb@2831
   110
        state HandshakingNewPhase1Own {
vb@2831
   111
            on Cancel {
vb@2865
   112
                send Rollback;
vb@2831
   113
                go Sole;
vb@2831
   114
            }
vb@2831
   115
vb@2831
   116
            on Reject {
vb@2865
   117
                send CommitReject;
vb@2831
   118
                do disable;
vb@2831
   119
                go End;
vb@2831
   120
            }
vb@2831
   121
vb@2831
   122
            on Accept
vb@2831
   123
                go NewGroup;
vb@2831
   124
        }
vb@2831
   125
vb@2831
   126
        state NewGroup {
vb@2831
   127
            on Init
vb@2865
   128
                send GroupKeysAndClose; // we're not grouped yet, this is our own keys
vb@2831
   129
vb@2831
   130
            on GroupKeysAndClose {
vb@2831
   131
                do saveGroupKeys;
vb@2831
   132
                if keyElectionWon {
vb@2831
   133
                    do ownKeysAreGroupKeys;
vb@2831
   134
                    go Grouped;
vb@2831
   135
                }
vb@2831
   136
                // do receivedKeysAreGroupKeys; -- implicit
vb@2831
   137
                go Grouped;
vb@2831
   138
            }
vb@2831
   139
        }
vb@2831
   140
vb@2831
   141
        state HandshakingWithGroup {
vb@2831
   142
            on Init
vb@2831
   143
                do showJoinGroupHandshake;
vb@2831
   144
vb@2831
   145
            // Cancel is Rollback
vb@2831
   146
            on Cancel {
vb@2865
   147
                send Rollback;
vb@2831
   148
                go Sole;
vb@2831
   149
            }
vb@2831
   150
vb@2831
   151
            on Rollback
vb@2831
   152
                go Sole;
vb@2831
   153
vb@2831
   154
            // Reject is CommitReject
vb@2831
   155
            on Reject {
vb@2865
   156
                send CommitReject;
vb@2831
   157
                do disable;
vb@2831
   158
                go End;
vb@2831
   159
            }
vb@2831
   160
vb@2831
   161
            on CommitReject {
vb@2831
   162
                do disable;
vb@2831
   163
                go End;
vb@2831
   164
            }
vb@2831
   165
vb@2831
   166
            // Accept is Phase1Commit
vb@2831
   167
            on Accept {
vb@2865
   168
                send CommitAccept;
vb@2831
   169
                go HandshakingJoinPhase1;
vb@2831
   170
            }
vb@2831
   171
vb@2831
   172
            on CommitAccept
vb@2831
   173
                go HandshakingJoinPhase1Own;
vb@2831
   174
        }
vb@2831
   175
vb@2831
   176
        state HandshakingJoinPhase1 {
vb@2831
   177
            on Rollback
vb@2831
   178
                go Sole;
vb@2831
   179
            
vb@2831
   180
            on CommitReject {
vb@2831
   181
                do disable;
vb@2831
   182
                go End;
vb@2831
   183
            }
vb@2831
   184
vb@2831
   185
            on CommitAccept
vb@2831
   186
                go JoinGroup;
vb@2831
   187
        }
vb@2831
   188
vb@2831
   189
        state HandshakingJoinPhase1Own {
vb@2831
   190
            on Cancel {
vb@2865
   191
                send Rollback;
vb@2831
   192
                go Sole;
vb@2831
   193
            }
vb@2831
   194
vb@2831
   195
            on Reject {
vb@2865
   196
                send CommitReject;
vb@2831
   197
                do disable;
vb@2831
   198
                go End;
vb@2831
   199
            }
vb@2831
   200
vb@2831
   201
            on Accept
vb@2831
   202
                go JoinGroup;
vb@2831
   203
        }
vb@2831
   204
vb@2831
   205
        state JoinGroup {
vb@2831
   206
            on GroupKeysAndClose {
vb@2865
   207
                send GroupKeys; // first send own keys
vb@2831
   208
                do saveGroupKeys; // then store new group keys
vb@2831
   209
                go Grouped;
vb@2831
   210
            }
vb@2831
   211
        }
vb@2831
   212
vb@2831
   213
        state Grouped {
vb@2831
   214
            on GroupKeys
vb@2831
   215
                do saveGroupKeys;
vb@2831
   216
vb@2831
   217
            on KeyGen
vb@2865
   218
                send GroupKeys;
vb@2831
   219
vb@2831
   220
            on Beacon
vb@2865
   221
                send HandshakeRequest;
vb@2831
   222
vb@2831
   223
            on HandshakeAnswer
vb@2831
   224
                go HandshakingGrouped;
vb@2831
   225
        }
vb@2831
   226
vb@2831
   227
        state HandshakingGrouped {
vb@2831
   228
            on Init
vb@2831
   229
                do showGroupedHandshake;
vb@2831
   230
    
vb@2831
   231
            // Cancel is Rollback
vb@2831
   232
            on Cancel {
vb@2865
   233
                send Rollback;
vb@2831
   234
                go Grouped;
vb@2831
   235
            }
vb@2831
   236
vb@2831
   237
            on Rollback
vb@2831
   238
                go Grouped;
vb@2831
   239
vb@2831
   240
            // Reject is CommitReject
vb@2831
   241
            on Reject {
vb@2865
   242
                send CommitReject;
vb@2831
   243
                go Grouped;
vb@2831
   244
            }
vb@2831
   245
vb@2831
   246
            on CommitReject
vb@2831
   247
                go Grouped;
vb@2831
   248
vb@2831
   249
            // Accept is Phase1Commit
vb@2831
   250
            on Accept {
vb@2865
   251
                send CommitAccept;
vb@2831
   252
                go HandshakingGroupedPhase1;
vb@2831
   253
            }
vb@2831
   254
vb@2831
   255
            on CommitAccept
vb@2831
   256
                go HandshakingGroupedPhase1Own;
vb@2831
   257
vb@2831
   258
            on GroupKeys
vb@2831
   259
                do saveGroupKeys;
vb@2831
   260
        }
vb@2831
   261
vb@2831
   262
        state HandshakingGroupedPhase1 {
vb@2831
   263
            on Rollback
vb@2831
   264
                go Grouped;
vb@2831
   265
vb@2831
   266
            on CommitReject
vb@2831
   267
                go Grouped;
vb@2831
   268
vb@2831
   269
            on CommitAccept {
vb@2865
   270
                send GroupKeysAndClose;
vb@2831
   271
                go Grouped;
vb@2831
   272
            }
vb@2831
   273
vb@2831
   274
            on GroupKeys
vb@2831
   275
                do saveGroupKeys;
vb@2831
   276
        }
vb@2831
   277
vb@2831
   278
        state HandshakingGroupedPhase1Own {
vb@2831
   279
            on Cancel {
vb@2865
   280
                send Rollback;
vb@2831
   281
                go Grouped;
vb@2831
   282
            }
vb@2831
   283
vb@2831
   284
            on Reject {
vb@2865
   285
                send CommitReject;
vb@2831
   286
                go Grouped;
vb@2831
   287
            }
vb@2831
   288
vb@2831
   289
            on Accept {
vb@2865
   290
                send GroupKeysAndClose;
vb@2831
   291
                go Grouped;
vb@2831
   292
            }
vb@2831
   293
vb@2831
   294
            on GroupKeys
vb@2831
   295
                do saveGroupKeys;
vb@2831
   296
        }
vb@2831
   297
 
vb@2831
   298
        external Accept 30;
vb@2831
   299
        external Reject 31;
vb@2831
   300
        external Cancel 32;
vb@2831
   301
vb@2867
   302
        // beacons are always broadcasted
vb@2867
   303
vb@2876
   304
        message Beacon 2, type=broadcast, security=unencrypted {
vb@2831
   305
            field TID challenge;
vb@2831
   306
            auto Version version;
vb@2831
   307
        }
vb@2831
   308
vb@2876
   309
        message HandshakeRequest 3, security=untrusted {
vb@2831
   310
            field TID challenge;
vb@2831
   311
            auto Version version;
vb@2831
   312
            field TID transaction;
vb@2831
   313
            field Hash fpr;
vb@2831
   314
            field bool is_group;
vb@2831
   315
        }
vb@2831
   316
vb@2831
   317
        message HandshakeAnswer 4 {
vb@2831
   318
            field TID transaction;
vb@2831
   319
            field Hash fpr;
vb@2831
   320
        }
vb@2831
   321
vb@2876
   322
        message Rollback 5, security=untrusted {
vb@2831
   323
            field TID transaction;
vb@2831
   324
        }
vb@2831
   325
vb@2876
   326
        message CommitReject 6, security=untrusted {
vb@2831
   327
            field TID transaction;
vb@2831
   328
        }
vb@2831
   329
vb@2831
   330
        message CommitAccept 7 {
vb@2831
   331
            field TID transaction;
vb@2831
   332
        }
vb@2831
   333
vb@2831
   334
        message GroupKeysAndClose 8 {
vb@2831
   335
            field TID transaction;
vb@2831
   336
            field IdentityList identities;
vb@2831
   337
        }
vb@2831
   338
vb@2831
   339
        message GroupKeys 9 {
vb@2831
   340
            field IdentityList identities;
vb@2831
   341
        }
vb@2831
   342
    }
vb@2831
   343
}
vb@2831
   344