| author | Krista 'DarthMama' Bennett <krista@pep.foundation> |
| Wed, 06 Feb 2019 07:17:26 +0100 | |
| branch | sync |
| changeset 3270 | d8aea79654c3 |
| parent 2914 | f14346676e85 |
| child 3340 | 4b4b1262b415 |
| permissions | -rw-r--r-- |
| vb@2831 | 1 |
// This file is under BSD License 2.0 |
| vb@2831 | 2 |
|
| vb@2831 | 3 |
// Sync protocol for p≡p |
| vb@2840 | 4 |
// Copyright (c) 2016 - 2018, p≡p foundation |
| vb@2831 | 5 |
|
| vb@2831 | 6 |
// Written by Volker Birk |
| vb@2831 | 7 |
|
| vb@2831 | 8 |
include ./fsm.yml2 |
| vb@2831 | 9 |
|
| vb@2831 | 10 |
protocol Sync 1 {
|
| vb@2831 | 11 |
// all messages have a timestamp, time out and are removed after timeout |
| vb@2831 | 12 |
|
| vb@2831 | 13 |
fsm KeySync 1 {
|
| vb@2831 | 14 |
version 1, 2; |
| vb@2913 | 15 |
|
| vb@2831 | 16 |
state InitState {
|
| vb@2831 | 17 |
on Init {
|
| vb@2831 | 18 |
if deviceGrouped |
| vb@2831 | 19 |
go Grouped; |
| vb@2831 | 20 |
go Sole; |
| vb@2831 | 21 |
} |
| vb@2831 | 22 |
} |
| vb@2831 | 23 |
|
| vb@2908 | 24 |
state Sole timeout=off {
|
| vb@2831 | 25 |
on Init {
|
| vb@2831 | 26 |
do openChallenge; // own challenge |
| vb@2865 | 27 |
send Beacon; |
| vb@2831 | 28 |
} |
| vb@2831 | 29 |
|
| vb@2831 | 30 |
on KeyGen |
| vb@2865 | 31 |
send Beacon; |
| vb@2831 | 32 |
|
| vb@2831 | 33 |
on CannotDecrypt // cry baby |
| vb@2865 | 34 |
send Beacon; |
| vb@2831 | 35 |
|
| vb@2831 | 36 |
on Beacon {
|
| vb@2907 | 37 |
if weAreFirst {
|
| vb@2907 | 38 |
send Beacon; |
| vb@2907 | 39 |
} |
| vb@2907 | 40 |
else {
|
| vb@2902 | 41 |
do storeChallenge; // partner's challenge |
| vb@2902 | 42 |
do openTransaction; |
| vb@2902 | 43 |
do storeTransaction; |
| vb@2902 | 44 |
send HandshakeRequest; |
| vb@2902 | 45 |
} |
| vb@2831 | 46 |
} |
| vb@2831 | 47 |
|
| vb@2831 | 48 |
on HandshakeRequest {
|
| vb@2831 | 49 |
if challengeAccepted {
|
| vb@2831 | 50 |
do storeTransaction; |
| vb@2865 | 51 |
send HandshakeAnswer; |
| vb@2831 | 52 |
if partnerIsGrouped |
| vb@2831 | 53 |
go HandshakingWithGroup; |
| vb@2831 | 54 |
|
| vb@2831 | 55 |
go HandshakingNew(); |
| vb@2831 | 56 |
} |
| vb@2831 | 57 |
} |
| vb@2831 | 58 |
|
| vb@2831 | 59 |
on HandshakeAnswer |
| vb@2831 | 60 |
go HandshakingNew(); |
| vb@2831 | 61 |
} |
| vb@2831 | 62 |
|
| vb@2831 | 63 |
// handshaking without existing Device group |
| vb@2831 | 64 |
state HandshakingNew {
|
| vb@2831 | 65 |
on Init |
| vb@2831 | 66 |
do showSoleHandshake; |
| vb@2831 | 67 |
|
| vb@2831 | 68 |
// Cancel is Rollback |
| vb@2831 | 69 |
on Cancel {
|
| vb@2865 | 70 |
send Rollback; |
| vb@2831 | 71 |
go Sole; |
| vb@2831 | 72 |
} |
| vb@2831 | 73 |
|
| vb@2831 | 74 |
on Rollback |
| vb@2831 | 75 |
go Sole; |
| vb@2831 | 76 |
|
| vb@2831 | 77 |
// Reject is CommitReject |
| vb@2831 | 78 |
on Reject {
|
| vb@2865 | 79 |
send CommitReject; |
| vb@2831 | 80 |
do disable; |
| vb@2831 | 81 |
go End; |
| vb@2831 | 82 |
} |
| vb@2831 | 83 |
|
| vb@2831 | 84 |
on CommitReject {
|
| vb@2831 | 85 |
do disable; |
| vb@2831 | 86 |
go End; |
| vb@2831 | 87 |
} |
| vb@2831 | 88 |
|
| vb@2831 | 89 |
// Accept is Phase1Commit |
| vb@2831 | 90 |
on Accept {
|
| vb@2865 | 91 |
send CommitAccept; |
| vb@2831 | 92 |
go HandshakingNewPhase1; |
| vb@2831 | 93 |
} |
| vb@2831 | 94 |
|
| vb@2831 | 95 |
on CommitAccept |
| vb@2831 | 96 |
go HandshakingNewPhase1Own; |
| vb@2831 | 97 |
} |
| vb@2831 | 98 |
|
| vb@2831 | 99 |
state HandshakingNewPhase1 {
|
| vb@2831 | 100 |
on Rollback |
| vb@2831 | 101 |
go Sole; |
| vb@2831 | 102 |
|
| vb@2831 | 103 |
on CommitReject {
|
| vb@2831 | 104 |
do disable; |
| vb@2831 | 105 |
go End; |
| vb@2831 | 106 |
} |
| vb@2831 | 107 |
|
| vb@2831 | 108 |
on CommitAccept |
| vb@2831 | 109 |
go NewGroup; |
| vb@2831 | 110 |
} |
| vb@2831 | 111 |
|
| vb@2831 | 112 |
state HandshakingNewPhase1Own {
|
| vb@2831 | 113 |
on Cancel {
|
| vb@2865 | 114 |
send Rollback; |
| vb@2831 | 115 |
go Sole; |
| vb@2831 | 116 |
} |
| vb@2831 | 117 |
|
| vb@2831 | 118 |
on Reject {
|
| vb@2865 | 119 |
send CommitReject; |
| vb@2831 | 120 |
do disable; |
| vb@2831 | 121 |
go End; |
| vb@2831 | 122 |
} |
| vb@2831 | 123 |
|
| vb@2831 | 124 |
on Accept |
| vb@2831 | 125 |
go NewGroup; |
| vb@2831 | 126 |
} |
| vb@2831 | 127 |
|
| vb@2831 | 128 |
state NewGroup {
|
| vb@2831 | 129 |
on Init |
| vb@2865 | 130 |
send GroupKeysAndClose; // we're not grouped yet, this is our own keys |
| vb@2831 | 131 |
|
| vb@2831 | 132 |
on GroupKeysAndClose {
|
| vb@2831 | 133 |
do saveGroupKeys; |
| vb@2831 | 134 |
if keyElectionWon {
|
| vb@2831 | 135 |
do ownKeysAreGroupKeys; |
| vb@2831 | 136 |
go Grouped; |
| vb@2831 | 137 |
} |
| vb@2831 | 138 |
// do receivedKeysAreGroupKeys; -- implicit |
| vb@2831 | 139 |
go Grouped; |
| vb@2831 | 140 |
} |
| vb@2831 | 141 |
} |
| vb@2831 | 142 |
|
| vb@2831 | 143 |
state HandshakingWithGroup {
|
| vb@2831 | 144 |
on Init |
| vb@2831 | 145 |
do showJoinGroupHandshake; |
| vb@2831 | 146 |
|
| vb@2831 | 147 |
// Cancel is Rollback |
| vb@2831 | 148 |
on Cancel {
|
| vb@2865 | 149 |
send Rollback; |
| vb@2831 | 150 |
go Sole; |
| vb@2831 | 151 |
} |
| vb@2831 | 152 |
|
| vb@2831 | 153 |
on Rollback |
| vb@2831 | 154 |
go Sole; |
| vb@2831 | 155 |
|
| vb@2831 | 156 |
// Reject is CommitReject |
| vb@2831 | 157 |
on Reject {
|
| vb@2865 | 158 |
send CommitReject; |
| vb@2831 | 159 |
do disable; |
| vb@2831 | 160 |
go End; |
| vb@2831 | 161 |
} |
| vb@2831 | 162 |
|
| vb@2831 | 163 |
on CommitReject {
|
| vb@2831 | 164 |
do disable; |
| vb@2831 | 165 |
go End; |
| vb@2831 | 166 |
} |
| vb@2831 | 167 |
|
| vb@2831 | 168 |
// Accept is Phase1Commit |
| vb@2831 | 169 |
on Accept {
|
| vb@2865 | 170 |
send CommitAccept; |
| vb@2831 | 171 |
go HandshakingJoinPhase1; |
| vb@2831 | 172 |
} |
| vb@2831 | 173 |
|
| vb@2831 | 174 |
on CommitAccept |
| vb@2831 | 175 |
go HandshakingJoinPhase1Own; |
| vb@2831 | 176 |
} |
| vb@2831 | 177 |
|
| vb@2831 | 178 |
state HandshakingJoinPhase1 {
|
| vb@2831 | 179 |
on Rollback |
| vb@2831 | 180 |
go Sole; |
| vb@2831 | 181 |
|
| vb@2831 | 182 |
on CommitReject {
|
| vb@2831 | 183 |
do disable; |
| vb@2831 | 184 |
go End; |
| vb@2831 | 185 |
} |
| vb@2831 | 186 |
|
| vb@2831 | 187 |
on CommitAccept |
| vb@2831 | 188 |
go JoinGroup; |
| vb@2831 | 189 |
} |
| vb@2831 | 190 |
|
| vb@2831 | 191 |
state HandshakingJoinPhase1Own {
|
| vb@2831 | 192 |
on Cancel {
|
| vb@2865 | 193 |
send Rollback; |
| vb@2831 | 194 |
go Sole; |
| vb@2831 | 195 |
} |
| vb@2831 | 196 |
|
| vb@2831 | 197 |
on Reject {
|
| vb@2865 | 198 |
send CommitReject; |
| vb@2831 | 199 |
do disable; |
| vb@2831 | 200 |
go End; |
| vb@2831 | 201 |
} |
| vb@2831 | 202 |
|
| vb@2831 | 203 |
on Accept |
| vb@2831 | 204 |
go JoinGroup; |
| vb@2831 | 205 |
} |
| vb@2831 | 206 |
|
| vb@2831 | 207 |
state JoinGroup {
|
| vb@2831 | 208 |
on GroupKeysAndClose {
|
| vb@2865 | 209 |
send GroupKeys; // first send own keys |
| vb@2831 | 210 |
do saveGroupKeys; // then store new group keys |
| vb@2831 | 211 |
go Grouped; |
| vb@2831 | 212 |
} |
| vb@2831 | 213 |
} |
| vb@2831 | 214 |
|
| vb@2908 | 215 |
state Grouped timeout=off {
|
| vb@2831 | 216 |
on GroupKeys |
| vb@2831 | 217 |
do saveGroupKeys; |
| vb@2831 | 218 |
|
| vb@2831 | 219 |
on KeyGen |
| vb@2865 | 220 |
send GroupKeys; |
| vb@2831 | 221 |
|
| vb@2831 | 222 |
on Beacon |
| vb@2865 | 223 |
send HandshakeRequest; |
| vb@2831 | 224 |
|
| vb@2831 | 225 |
on HandshakeAnswer |
| vb@2831 | 226 |
go HandshakingGrouped; |
| vb@2831 | 227 |
} |
| vb@2831 | 228 |
|
| vb@2831 | 229 |
state HandshakingGrouped {
|
| vb@2831 | 230 |
on Init |
| vb@2831 | 231 |
do showGroupedHandshake; |
| vb@2831 | 232 |
|
| vb@2831 | 233 |
// Cancel is Rollback |
| vb@2831 | 234 |
on Cancel {
|
| vb@2865 | 235 |
send Rollback; |
| vb@2831 | 236 |
go Grouped; |
| vb@2831 | 237 |
} |
| vb@2831 | 238 |
|
| vb@2831 | 239 |
on Rollback |
| vb@2831 | 240 |
go Grouped; |
| vb@2831 | 241 |
|
| vb@2831 | 242 |
// Reject is CommitReject |
| vb@2831 | 243 |
on Reject {
|
| vb@2865 | 244 |
send CommitReject; |
| vb@2831 | 245 |
go Grouped; |
| vb@2831 | 246 |
} |
| vb@2831 | 247 |
|
| vb@2831 | 248 |
on CommitReject |
| vb@2831 | 249 |
go Grouped; |
| vb@2831 | 250 |
|
| vb@2831 | 251 |
// Accept is Phase1Commit |
| vb@2831 | 252 |
on Accept {
|
| vb@2865 | 253 |
send CommitAccept; |
| vb@2831 | 254 |
go HandshakingGroupedPhase1; |
| vb@2831 | 255 |
} |
| vb@2831 | 256 |
|
| vb@2831 | 257 |
on CommitAccept |
| vb@2831 | 258 |
go HandshakingGroupedPhase1Own; |
| vb@2831 | 259 |
|
| vb@2831 | 260 |
on GroupKeys |
| vb@2831 | 261 |
do saveGroupKeys; |
| vb@2831 | 262 |
} |
| vb@2831 | 263 |
|
| vb@2831 | 264 |
state HandshakingGroupedPhase1 {
|
| vb@2831 | 265 |
on Rollback |
| vb@2831 | 266 |
go Grouped; |
| vb@2831 | 267 |
|
| vb@2831 | 268 |
on CommitReject |
| vb@2831 | 269 |
go Grouped; |
| vb@2831 | 270 |
|
| vb@2831 | 271 |
on CommitAccept {
|
| vb@2865 | 272 |
send GroupKeysAndClose; |
| vb@2831 | 273 |
go Grouped; |
| vb@2831 | 274 |
} |
| vb@2831 | 275 |
|
| vb@2831 | 276 |
on GroupKeys |
| vb@2831 | 277 |
do saveGroupKeys; |
| vb@2831 | 278 |
} |
| vb@2831 | 279 |
|
| vb@2831 | 280 |
state HandshakingGroupedPhase1Own {
|
| vb@2831 | 281 |
on Cancel {
|
| vb@2865 | 282 |
send Rollback; |
| vb@2831 | 283 |
go Grouped; |
| vb@2831 | 284 |
} |
| vb@2831 | 285 |
|
| vb@2831 | 286 |
on Reject {
|
| vb@2865 | 287 |
send CommitReject; |
| vb@2831 | 288 |
go Grouped; |
| vb@2831 | 289 |
} |
| vb@2831 | 290 |
|
| vb@2831 | 291 |
on Accept {
|
| vb@2865 | 292 |
send GroupKeysAndClose; |
| vb@2831 | 293 |
go Grouped; |
| vb@2831 | 294 |
} |
| vb@2831 | 295 |
|
| vb@2831 | 296 |
on GroupKeys |
| vb@2831 | 297 |
do saveGroupKeys; |
| vb@2831 | 298 |
} |
| vb@2831 | 299 |
|
| vb@2831 | 300 |
external Accept 30; |
| vb@2831 | 301 |
external Reject 31; |
| vb@2831 | 302 |
external Cancel 32; |
| vb@2831 | 303 |
|
| vb@2867 | 304 |
// beacons are always broadcasted |
| vb@2867 | 305 |
|
| vb@2876 | 306 |
message Beacon 2, type=broadcast, security=unencrypted {
|
| vb@2831 | 307 |
field TID challenge; |
| vb@2831 | 308 |
auto Version version; |
| vb@2831 | 309 |
} |
| vb@2831 | 310 |
|
| vb@2876 | 311 |
message HandshakeRequest 3, security=untrusted {
|
| vb@2831 | 312 |
field TID challenge; |
| vb@2831 | 313 |
auto Version version; |
| vb@2831 | 314 |
field TID transaction; |
| vb@2831 | 315 |
field Hash fpr; |
| vb@2831 | 316 |
field bool is_group; |
| vb@2831 | 317 |
} |
| vb@2831 | 318 |
|
| vb@2831 | 319 |
message HandshakeAnswer 4 {
|
| vb@2831 | 320 |
field TID transaction; |
| vb@2831 | 321 |
field Hash fpr; |
| vb@2831 | 322 |
} |
| vb@2831 | 323 |
|
| vb@2876 | 324 |
message Rollback 5, security=untrusted {
|
| vb@2831 | 325 |
field TID transaction; |
| vb@2831 | 326 |
} |
| vb@2831 | 327 |
|
| vb@2876 | 328 |
message CommitReject 6, security=untrusted {
|
| vb@2831 | 329 |
field TID transaction; |
| vb@2831 | 330 |
} |
| vb@2831 | 331 |
|
| vb@2831 | 332 |
message CommitAccept 7 {
|
| vb@2831 | 333 |
field TID transaction; |
| vb@2831 | 334 |
} |
| vb@2831 | 335 |
|
| vb@2831 | 336 |
message GroupKeysAndClose 8 {
|
| vb@2831 | 337 |
field TID transaction; |
| vb@2831 | 338 |
field IdentityList identities; |
| vb@2831 | 339 |
} |
| vb@2831 | 340 |
|
| vb@2831 | 341 |
message GroupKeys 9 {
|
| vb@2831 | 342 |
field IdentityList identities; |
| vb@2831 | 343 |
} |
| vb@2831 | 344 |
} |
| vb@2831 | 345 |
} |
| vb@2831 | 346 |