sync/sync.fsm
author Volker Birk <vb@pep-project.org>
Sun, 14 Apr 2019 16:00:52 +0200
branchsync
changeset 3523 9555e664423f
parent 3521 84b54c7ef0b5
child 3524 c87c6b4f3e08
permissions -rw-r--r--
if one in the group accepted that's valid for all
vb@2831
     1
// This file is under BSD License 2.0
vb@2831
     2
vb@2831
     3
// Sync protocol for p≡p
vb@3512
     4
// Copyright (c) 2016-2019, p≡p foundation
vb@2831
     5
vb@2831
     6
// Written by Volker Birk
vb@2831
     7
vb@2831
     8
include ./fsm.yml2
vb@2831
     9
vb@2831
    10
protocol Sync 1 {
vb@2831
    11
    // all messages have a timestamp, time out and are removed after timeout
vb@2831
    12
vb@2831
    13
    fsm KeySync 1 {
vb@2831
    14
        version 1, 2;
vb@2913
    15
vb@2831
    16
        state InitState {
vb@2831
    17
            on Init {
vb@2831
    18
                if deviceGrouped
vb@2831
    19
                    go Grouped;
vb@2831
    20
                go Sole;
vb@2831
    21
            }
vb@2831
    22
        }
vb@2831
    23
vb@2908
    24
        state Sole timeout=off {
vb@2831
    25
            on Init {
vb@3510
    26
                do newChallenge;
vb@3510
    27
                do closeTransaction;
vb@2865
    28
                send Beacon;
vb@2831
    29
            }
vb@2831
    30
vb@2831
    31
            on KeyGen
vb@2865
    32
                send Beacon;
vb@2831
    33
vb@2831
    34
            on CannotDecrypt // cry baby
vb@2865
    35
                send Beacon;
vb@2831
    36
vb@2831
    37
            on Beacon {
vb@3514
    38
                if sameChallenge {
vb@3516
    39
                    // this is our own beacon; ignore
vb@2907
    40
                }
vb@3514
    41
                else {
vb@3514
    42
                    if weAreFirst {
vb@3514
    43
                        send Beacon;
vb@3514
    44
                    }
vb@3514
    45
                    else /* we are second */ {
vb@3514
    46
                        do storeChallenge; // partner's challenge
vb@3514
    47
                        do openTransaction; // NOP if transaction already open
vb@3514
    48
                        do storeTransaction;
vb@3518
    49
                        do tellWeAreNotGrouped;
vb@3514
    50
                        // second is sending HandshakeRequest
vb@3514
    51
                        send HandshakeRequest;
vb@3514
    52
                    }
vb@2902
    53
                }
vb@2831
    54
            }
vb@2831
    55
vb@3510
    56
            on HandshakeRequest if challengeAccepted {
vb@3510
    57
                if sameTransaction {
vb@3510
    58
                    // this is our own handshake request; ignore
vb@3510
    59
                }
vb@3510
    60
                else {
vb@3510
    61
                    // first is receiving HandshakeRequest
vb@3510
    62
                    do storeTransaction;
vb@3510
    63
                    // first is sending HandshakeAnswer
vb@3510
    64
                    send HandshakeAnswer;
vb@3510
    65
                    if partnerIsGrouped
vb@3510
    66
                        go HandshakingWithGroup;
vb@3510
    67
                    go HandshakingNewFirst;
vb@2831
    68
                }
vb@2831
    69
            }
vb@3341
    70
vb@3510
    71
            on HandshakeAnswer if sameTransaction {
vb@3510
    72
                // second is receiving HandshakeAnswer
vb@3510
    73
                go HandshakingNewSecond;
vb@3509
    74
            }
vb@2831
    75
        }
vb@2831
    76
vb@2831
    77
        // handshaking without existing Device group
vb@3509
    78
        state HandshakingNewFirst {
vb@3470
    79
            on Init
vb@2831
    80
                do showSoleHandshake;
vb@2831
    81
vb@2831
    82
            // Cancel is Rollback
vb@2831
    83
            on Cancel {
vb@2865
    84
                send Rollback;
vb@2831
    85
                go Sole;
vb@2831
    86
            }
vb@2831
    87
vb@3513
    88
            on Rollback if sameTransaction
vb@2831
    89
                go Sole;
vb@2831
    90
vb@2831
    91
            // Reject is CommitReject
vb@2831
    92
            on Reject {
vb@2865
    93
                send CommitReject;
vb@2831
    94
                do disable;
vb@2831
    95
                go End;
vb@2831
    96
            }
vb@2831
    97
vb@3513
    98
            on CommitReject if sameTransaction {
vb@2831
    99
                do disable;
vb@2831
   100
                go End;
vb@2831
   101
            }
vb@2831
   102
vb@3509
   103
            // Accept means init Phase1Commit
vb@2831
   104
            on Accept {
vb@3516
   105
                do trustThisKey;
vb@3517
   106
                send CommitAccept;
vb@3509
   107
                go HandshakingNewPhase1First;
vb@3509
   108
            }
vb@3509
   109
vb@3509
   110
            // got a CommitAccept from second
vb@3517
   111
            on CommitAcceptForGroup if sameTransaction
vb@3517
   112
                go HandshakingNewPhase2First;
vb@3509
   113
        }
vb@3509
   114
vb@3509
   115
        // handshaking without existing Device group
vb@3509
   116
        state HandshakingNewSecond {
vb@3509
   117
            on Init
vb@3509
   118
                do showSoleHandshake;
vb@3509
   119
vb@3509
   120
            // Cancel is Rollback
vb@3509
   121
            on Cancel {
vb@3509
   122
                send Rollback;
vb@3509
   123
                go Sole;
vb@3509
   124
            }
vb@3509
   125
vb@3513
   126
            on Rollback if sameTransaction
vb@3509
   127
                go Sole;
vb@3509
   128
vb@3509
   129
            // Reject is CommitReject
vb@3509
   130
            on Reject {
vb@3509
   131
                send CommitReject;
vb@3509
   132
                do disable;
vb@3509
   133
                go End;
vb@3509
   134
            }
vb@3509
   135
vb@3513
   136
            on CommitReject if sameTransaction {
vb@3509
   137
                do disable;
vb@3509
   138
                go End;
vb@3509
   139
            }
vb@3509
   140
vb@3509
   141
            // Accept means init Phase1Commit
vb@3509
   142
            on Accept {
vb@3516
   143
                do trustThisKey;
vb@3517
   144
                send CommitAcceptForGroup;
vb@3509
   145
                go HandshakingNewPhase1Second;
vb@3509
   146
            }
vb@3509
   147
vb@3509
   148
            // got a CommitAccept from first
vb@3513
   149
            on CommitAccept if sameTransaction
vb@3517
   150
                go HandshakingNewPhase2Second;
vb@3509
   151
        }
vb@3509
   152
vb@3509
   153
        state HandshakingNewPhase1First {
vb@3513
   154
            on Rollback if sameTransaction
vb@3509
   155
                go Sole;
vb@3509
   156
            
vb@3513
   157
            on CommitReject if sameTransaction {
vb@3509
   158
                do disable;
vb@3509
   159
                go End;
vb@2831
   160
            }
vb@2831
   161
vb@3517
   162
            on CommitAcceptForGroup if sameTransaction
vb@3517
   163
                go NewGroupFirst;
vb@2831
   164
        }
vb@2831
   165
vb@3509
   166
        state HandshakingNewPhase1Second {
vb@3513
   167
            on Rollback if sameTransaction
vb@2831
   168
                go Sole;
vb@2831
   169
            
vb@3513
   170
            on CommitReject if sameTransaction {
vb@2831
   171
                do disable;
vb@2831
   172
                go End;
vb@2831
   173
            }
vb@2831
   174
vb@3517
   175
            on CommitAccept if sameTransaction
vb@3517
   176
                go NewGroupSecond;
vb@2831
   177
        }
vb@2831
   178
vb@3517
   179
        state HandshakingNewPhase2First {
vb@2831
   180
            on Cancel {
vb@2865
   181
                send Rollback;
vb@2831
   182
                go Sole;
vb@2831
   183
            }
vb@2831
   184
vb@2831
   185
            on Reject {
vb@2865
   186
                send CommitReject;
vb@2831
   187
                do disable;
vb@2831
   188
                go End;
vb@2831
   189
            }
vb@2831
   190
vb@3516
   191
            on Accept {
vb@3516
   192
                do trustThisKey;
vb@3517
   193
                go NewGroupFirst;
vb@3516
   194
            }
vb@2831
   195
        }
vb@2831
   196
vb@3517
   197
        state HandshakingNewPhase2Second {
vb@3517
   198
            on Cancel {
vb@3517
   199
                send Rollback;
vb@3517
   200
                go Sole;
vb@3517
   201
            }
vb@3517
   202
vb@3517
   203
            on Reject {
vb@3517
   204
                send CommitReject;
vb@3517
   205
                do disable;
vb@3517
   206
                go End;
vb@3517
   207
            }
vb@3517
   208
vb@3517
   209
            on Accept {
vb@3517
   210
                do trustThisKey;
vb@3517
   211
                go NewGroupSecond;
vb@3517
   212
            }
vb@3517
   213
        }
vb@3517
   214
vb@3517
   215
        state NewGroupFirst {
vb@3517
   216
            on Init {
vb@3517
   217
                do prepareOwnKeys;
vb@3517
   218
                send GroupKeys; // we're not grouped yet, this is our own keys
vb@3517
   219
            }
vb@3517
   220
vb@3517
   221
            on GroupKeysAndClose if sameTransaction {
vb@3520
   222
                do saveGroupKeys;
vb@3520
   223
vb@3517
   224
                if keyElectionWon
vb@3517
   225
                    do ownKeysAreGroupKeys;
vb@3517
   226
                else
vb@3517
   227
                    do receivedKeysAreGroupKeys;
vb@3517
   228
                go Grouped;
vb@3517
   229
            }
vb@3517
   230
        }
vb@3517
   231
vb@3517
   232
        state NewGroupSecond {
vb@3390
   233
            on Init {
vb@3390
   234
                do prepareOwnKeys;
vb@2865
   235
                send GroupKeysAndClose; // we're not grouped yet, this is our own keys
vb@3390
   236
            }
vb@2831
   237
vb@3518
   238
            on GroupKeys {
vb@3520
   239
                do saveGroupKeys;
vb@3520
   240
vb@3406
   241
                if keyElectionWon
vb@2831
   242
                    do ownKeysAreGroupKeys;
vb@3406
   243
                else
vb@3406
   244
                    do receivedKeysAreGroupKeys;
vb@2831
   245
                go Grouped;
vb@2831
   246
            }
vb@2831
   247
        }
vb@2831
   248
vb@3518
   249
        state Grouped timeout=off {
vb@3518
   250
            on Init
vb@3518
   251
                do closeTransaction;
vb@3518
   252
vb@3518
   253
            on GroupKeys
vb@3518
   254
                do saveGroupKeys;
vb@3518
   255
vb@3518
   256
            on KeyGen
vb@3518
   257
                send GroupKeys;
vb@3518
   258
vb@3518
   259
            on Beacon {
vb@3518
   260
                do storeChallenge;
vb@3518
   261
                do openTransaction;
vb@3518
   262
                do storeTransaction;
vb@3518
   263
                do tellWeAreGrouped;
vb@3518
   264
                send HandshakeRequest;
vb@3518
   265
            }
vb@3518
   266
vb@3518
   267
            on HandshakeAnswer if sameTransaction
vb@3518
   268
                go HandshakingGrouped;
vb@3518
   269
        }
vb@3518
   270
vb@3519
   271
        // sole device handshaking with group
vb@2831
   272
        state HandshakingWithGroup {
vb@2831
   273
            on Init
vb@2831
   274
                do showJoinGroupHandshake;
vb@2831
   275
vb@2831
   276
            // Cancel is Rollback
vb@2831
   277
            on Cancel {
vb@2865
   278
                send Rollback;
vb@2831
   279
                go Sole;
vb@2831
   280
            }
vb@2831
   281
vb@3513
   282
            on Rollback if sameTransaction
vb@2831
   283
                go Sole;
vb@2831
   284
vb@2831
   285
            // Reject is CommitReject
vb@2831
   286
            on Reject {
vb@2865
   287
                send CommitReject;
vb@2831
   288
                do disable;
vb@2831
   289
                go End;
vb@2831
   290
            }
vb@2831
   291
vb@3513
   292
            on CommitReject if sameTransaction {
vb@2831
   293
                do disable;
vb@2831
   294
                go End;
vb@2831
   295
            }
vb@2831
   296
vb@2831
   297
            // Accept is Phase1Commit
vb@2831
   298
            on Accept {
vb@3516
   299
                do trustThisKey;
vb@2865
   300
                send CommitAccept;
vb@2831
   301
                go HandshakingJoinPhase1;
vb@2831
   302
            }
vb@2831
   303
vb@3513
   304
            on CommitAcceptForGroup if sameTransaction
vb@3519
   305
                go HandshakingJoinPhase2;
vb@2831
   306
        }
vb@2831
   307
vb@2831
   308
        state HandshakingJoinPhase1 {
vb@3513
   309
            on Rollback if sameTransaction
vb@2831
   310
                go Sole;
vb@2831
   311
            
vb@3513
   312
            on CommitReject if sameTransaction {
vb@2831
   313
                do disable;
vb@2831
   314
                go End;
vb@2831
   315
            }
vb@2831
   316
vb@3513
   317
            on CommitAcceptForGroup if sameTransaction
vb@2831
   318
                go JoinGroup;
vb@2831
   319
        }
vb@2831
   320
vb@3519
   321
        state HandshakingJoinPhase2 {
vb@2831
   322
            on Cancel {
vb@2865
   323
                send Rollback;
vb@2831
   324
                go Sole;
vb@2831
   325
            }
vb@2831
   326
vb@2831
   327
            on Reject {
vb@2865
   328
                send CommitReject;
vb@2831
   329
                do disable;
vb@2831
   330
                go End;
vb@2831
   331
            }
vb@2831
   332
vb@3516
   333
            on Accept {
vb@3516
   334
                do trustThisKey;
vb@3520
   335
                go JoinGroup;
vb@3516
   336
            }
vb@2831
   337
        }
vb@2831
   338
vb@2831
   339
        state JoinGroup {
vb@3521
   340
            on Init
vb@3520
   341
                send GroupKeys;
vb@3520
   342
vb@2831
   343
            on GroupKeysAndClose {
vb@3521
   344
                do saveGroupKeys;
vb@3520
   345
                do receivedKeysAreGroupKeys;
vb@3509
   346
                go Grouped;
vb@3509
   347
            }
vb@3509
   348
        }
vb@3509
   349
vb@2831
   350
        state HandshakingGrouped {
vb@2831
   351
            on Init
vb@2831
   352
                do showGroupedHandshake;
vb@2831
   353
    
vb@2831
   354
            // Cancel is Rollback
vb@2831
   355
            on Cancel {
vb@2865
   356
                send Rollback;
vb@2831
   357
                go Grouped;
vb@2831
   358
            }
vb@2831
   359
vb@3513
   360
            on Rollback if sameTransaction
vb@2831
   361
                go Grouped;
vb@2831
   362
vb@2831
   363
            // Reject is CommitReject
vb@2831
   364
            on Reject {
vb@2865
   365
                send CommitReject;
vb@2831
   366
                go Grouped;
vb@2831
   367
            }
vb@2831
   368
vb@3513
   369
            on CommitReject if sameTransaction
vb@2831
   370
                go Grouped;
vb@2831
   371
vb@2831
   372
            // Accept is Phase1Commit
vb@2831
   373
            on Accept {
vb@3516
   374
                do trustThisKey;
vb@3523
   375
                send GroupTrustThisKey;
vb@3439
   376
                send CommitAcceptForGroup;
vb@2831
   377
                go HandshakingGroupedPhase1;
vb@2831
   378
            }
vb@2831
   379
vb@3513
   380
            on CommitAccept if sameTransaction
vb@3521
   381
                go HandshakingGroupedPhase2;
vb@2831
   382
vb@3523
   383
            on GroupTrustThisKey {
vb@3523
   384
                do hideHandshakeDialog;
vb@3523
   385
                go Grouped;
vb@3523
   386
            }
vb@3523
   387
vb@2831
   388
            on GroupKeys
vb@2831
   389
                do saveGroupKeys;
vb@2831
   390
        }
vb@2831
   391
vb@2831
   392
        state HandshakingGroupedPhase1 {
vb@3513
   393
            on Rollback if sameTransaction
vb@2831
   394
                go Grouped;
vb@2831
   395
vb@3513
   396
            on CommitReject if sameTransaction
vb@2831
   397
                go Grouped;
vb@2831
   398
vb@3513
   399
            on CommitAccept if sameTransaction {
vb@2865
   400
                send GroupKeysAndClose;
vb@2831
   401
                go Grouped;
vb@2831
   402
            }
vb@2831
   403
vb@3523
   404
            on GroupTrustThisKey
vb@3523
   405
                go Grouped;
vb@3523
   406
vb@2831
   407
            on GroupKeys
vb@2831
   408
                do saveGroupKeys;
vb@2831
   409
        }
vb@2831
   410
vb@3521
   411
        state HandshakingGroupedPhase2 {
vb@2831
   412
            on Cancel {
vb@2865
   413
                send Rollback;
vb@2831
   414
                go Grouped;
vb@2831
   415
            }
vb@2831
   416
vb@2831
   417
            on Reject {
vb@2865
   418
                send CommitReject;
vb@2831
   419
                go Grouped;
vb@2831
   420
            }
vb@2831
   421
vb@2831
   422
            on Accept {
vb@3516
   423
                do trustThisKey;
vb@3523
   424
                send GroupTrustThisKey;
vb@2865
   425
                send GroupKeysAndClose;
vb@2831
   426
                go Grouped;
vb@2831
   427
            }
vb@2831
   428
vb@3523
   429
            on GroupTrustThisKey {
vb@3523
   430
                do hideHandshakeDialog;
vb@3523
   431
                go Grouped;
vb@3523
   432
            }
vb@3523
   433
vb@2831
   434
            on GroupKeys
vb@2831
   435
                do saveGroupKeys;
vb@2831
   436
        }
vb@2831
   437
 
vb@3384
   438
        external Accept 129;
vb@3384
   439
        external Reject 130;
vb@3384
   440
        external Cancel 131;
vb@2831
   441
vb@2867
   442
        // beacons are always broadcasted
vb@2867
   443
vb@2876
   444
        message Beacon 2, type=broadcast, security=unencrypted {
vb@2831
   445
            field TID challenge;
vb@2831
   446
            auto Version version;
vb@2831
   447
        }
vb@2831
   448
vb@2876
   449
        message HandshakeRequest 3, security=untrusted {
vb@2831
   450
            field TID challenge;
vb@2831
   451
            auto Version version;
vb@2831
   452
            field TID transaction;
vb@2831
   453
            field bool is_group;
vb@2831
   454
        }
vb@2831
   455
vb@3381
   456
        message HandshakeAnswer 4, security=untrusted {
vb@3379
   457
            auto Version version;
vb@2831
   458
            field TID transaction;
vb@2831
   459
        }
vb@2831
   460
vb@2876
   461
        message Rollback 5, security=untrusted {
vb@2831
   462
            field TID transaction;
vb@2831
   463
        }
vb@2831
   464
vb@2876
   465
        message CommitReject 6, security=untrusted {
vb@2831
   466
            field TID transaction;
vb@2831
   467
        }
vb@2831
   468
vb@3519
   469
        message CommitAccept 7, security=untrusted {
vb@2831
   470
            field TID transaction;
vb@2831
   471
        }
vb@2831
   472
vb@3519
   473
        message CommitAcceptForGroup 8, security=untrusted {
vb@3439
   474
            field TID transaction;
vb@3439
   475
        }
vb@3439
   476
vb@3523
   477
        // default: security=trusted only
vb@3523
   478
        message GroupTrustThisKey 9 {
vb@3523
   479
            field Hash key;
vb@3523
   480
        }
vb@3523
   481
vb@3521
   482
        // security=attach_own_keys implies security=trusted
vb@3523
   483
        message GroupKeysAndClose 10, security=attach_own_keys {
vb@2831
   484
            field TID transaction;
vb@3390
   485
            field IdentityList ownIdentities;
vb@2831
   486
        }
vb@2831
   487
vb@3521
   488
        // security=attach_own_keys implies security=trusted
vb@3523
   489
        message GroupKeys 11, security=attach_own_keys {
vb@3390
   490
            field IdentityList ownIdentities;
vb@2831
   491
        }
vb@2831
   492
    }
vb@2831
   493
}
vb@2831
   494