sync/sync.fsm
author Volker Birk <vb@pep-project.org>
Fri, 17 Jan 2020 10:35:49 +0100
branchsync
changeset 4347 ae908566162e
parent 4343 06dbc8518f5b
child 4354 33701483ccbd
permissions -rw-r--r--
better naming
     1 // This file is under BSD License 2.0
     2 
     3 // Sync protocol for p≡p
     4 // Copyright (c) 2016-2020, p≡p foundation
     5 
     6 // Written by Volker Birk
     7 
     8 include ./fsm.yml2
     9 
    10 protocol Sync 1 {
    11     // all messages have a timestamp, time out and are removed after timeout
    12 
    13     fsm KeySync 1, threshold=300 {
    14         version 1, 2;
    15 
    16         state InitState {
    17             on Init {
    18                 if deviceGrouped
    19                     go Grouped;
    20                 do newChallengeAndNegotiationBase;
    21                 debug > initial Beacon
    22                 send Beacon;
    23                 go Sole;
    24             }
    25         }
    26 
    27         state Sole timeout=off {
    28             on Init {
    29                 do showBeingSole;
    30             }
    31 
    32             on KeyGen {
    33                 debug > key generated
    34                 send Beacon;
    35             }
    36 
    37             on CannotDecrypt {
    38                 debug > cry, baby
    39                 send Beacon;
    40             }
    41 
    42             on Beacon {
    43                 if sameChallenge {
    44                     debug > this is our own Beacon; ignore
    45                 }
    46                 else {
    47                     if weAreOfferer {
    48                         do useOwnChallenge;
    49                         debug > we are Offerer
    50                         send Beacon;
    51                     }
    52                     else /* we are requester */ {
    53                         do openNegotiation;
    54                         do tellWeAreNotGrouped;
    55                         // requester is sending NegotiationRequest
    56                         do useOwnResponse;
    57                         send NegotiationRequest;
    58                         do useOwnChallenge;
    59                     }
    60                 }
    61             }
    62 
    63             // we get this from another sole device
    64             on NegotiationRequest {
    65                 if sameChallenge { // challenge accepted
    66                     do storeNegotiation;
    67                     // offerer is accepting by confirming NegotiationOpen
    68                     // repeating response is implicit
    69                     send NegotiationOpen;
    70                     go HandshakingOfferer;
    71                 }
    72             }
    73 
    74             // we get this from an existing device group
    75             on NegotiationRequestGrouped {
    76                 if sameChallenge { // challenge accepted
    77                     do storeNegotiation;
    78                     // offerer is accepting by confirming NegotiationOpen
    79                     // repeating response is implicit
    80                     send NegotiationOpen;
    81                     go HandshakingToJoin;
    82                 }
    83             }
    84 
    85             on NegotiationOpen {
    86                 if sameResponse {
    87                     debug > Requester is receiving NegotiationOpen
    88                     do storeNegotiation;
    89                     go HandshakingRequester;
    90                 }
    91                 else {
    92                     debug > cannot approve NegotiationOpen
    93                 }
    94             }
    95         }
    96 
    97         // handshaking without existing Device group
    98         state HandshakingOfferer timeout=600 {
    99             on Init
   100                 do showSoleHandshake;
   101 
   102             // Cancel is Rollback
   103             on Cancel {
   104                 send Rollback;
   105                 go Sole;
   106             }
   107 
   108             on Rollback {
   109                 if sameNegotiationAndPartner
   110                     go Sole;
   111             }
   112 
   113             // Reject is CommitReject
   114             on Reject {
   115                 send CommitReject;
   116                 do disable;
   117                 go End;
   118             }
   119 
   120             on CommitReject {
   121                 if sameNegotiationAndPartner {
   122                     do disable;
   123                     go End;
   124                 }
   125             }
   126 
   127             // Accept means init Phase1Commit
   128             on Accept {
   129                 do trustThisKey;
   130                 send CommitAcceptOfferer;
   131                 go HandshakingPhase1Offerer;
   132             }
   133 
   134             // got a CommitAccept from requester
   135             on CommitAcceptRequester {
   136                 if sameNegotiationAndPartner
   137                     go HandshakingPhase2Offerer;
   138             }
   139         }
   140 
   141         // handshaking without existing Device group
   142         state HandshakingRequester timeout=600 {
   143             on Init
   144                 do showSoleHandshake;
   145 
   146             // Cancel is Rollback
   147             on Cancel {
   148                 send Rollback;
   149                 go Sole;
   150             }
   151 
   152             on Rollback {
   153                 if sameNegotiationAndPartner
   154                     go Sole;
   155             }
   156 
   157             // Reject is CommitReject
   158             on Reject {
   159                 send CommitReject;
   160                 do disable;
   161                 go End;
   162             }
   163 
   164             on CommitReject {
   165                 if sameNegotiationAndPartner {
   166                     do disable;
   167                     go End;
   168                 }
   169             }
   170 
   171             // Accept means init Phase1Commit
   172             on Accept {
   173                 do trustThisKey;
   174                 send CommitAcceptRequester;
   175                 go HandshakingPhase1Requester;
   176             }
   177 
   178             // got a CommitAccept from offerer
   179             on CommitAcceptOfferer {
   180                 if sameNegotiationAndPartner
   181                     go HandshakingPhase2Requester;
   182             }
   183         }
   184 
   185         state HandshakingPhase1Offerer {
   186             on Rollback {
   187                 if sameNegotiationAndPartner {
   188                     do untrustThisKey;
   189                     go Sole;
   190                 }
   191             }
   192             
   193             on CommitReject {
   194                 if sameNegotiationAndPartner {
   195                     do untrustThisKey;
   196                     do disable;
   197                     go End;
   198                 }
   199             }
   200 
   201             on CommitAcceptRequester {
   202                 if sameNegotiationAndPartner
   203                     go FormingGroupOfferer;
   204             }
   205         }
   206 
   207         state HandshakingPhase1Requester {
   208             on Rollback {
   209                 if sameNegotiationAndPartner {
   210                     do untrustThisKey;
   211                     go Sole;
   212                 }
   213             }
   214             
   215             on CommitReject {
   216                 if sameNegotiationAndPartner {
   217                     do untrustThisKey;
   218                     do disable;
   219                     go End;
   220                 }
   221             }
   222 
   223             on CommitAcceptOfferer {
   224                 if sameNegotiationAndPartner
   225                     go FormingGroupRequester;
   226             }
   227         }
   228 
   229         state HandshakingPhase2Offerer {
   230             on Cancel {
   231                 send Rollback;
   232                 go Sole;
   233             }
   234 
   235             on Reject {
   236                 send CommitReject;
   237                 do disable;
   238                 go End;
   239             }
   240 
   241             on Accept {
   242                 do trustThisKey;
   243                 send CommitAcceptOfferer;
   244                 go FormingGroupOfferer;
   245             }
   246         }
   247 
   248         state HandshakingPhase2Requester {
   249             on Cancel {
   250                 send Rollback;
   251                 go Sole;
   252             }
   253 
   254             on Reject {
   255                 send CommitReject;
   256                 do disable;
   257                 go End;
   258             }
   259 
   260             on Accept {
   261                 do trustThisKey;
   262                 send CommitAcceptRequester;
   263                 go FormingGroupRequester;
   264             }
   265         }
   266 
   267         state FormingGroupOfferer {
   268             on Init {
   269                 do prepareOwnKeys;
   270                 send OwnKeysOfferer;
   271                 debug > we're not grouped yet, this is our own keys
   272             }
   273 
   274             on Cancel {
   275                 send Rollback;
   276                 go Sole;
   277             }
   278 
   279             on Rollback
   280                 go Sole;
   281 
   282             on OwnKeysRequester {
   283                 if sameNegotiationAndPartner {
   284                     do saveGroupKeys;
   285                     do receivedKeysAreDefaultKeys;
   286                     do showGroupCreated;
   287                     go Grouped;
   288                 }
   289             }
   290         }
   291 
   292         state FormingGroupRequester {
   293             on Cancel {
   294                 send Rollback;
   295                 go Sole;
   296             }
   297 
   298             on Rollback
   299                 go Sole;
   300 
   301             on OwnKeysOfferer {
   302                 if sameNegotiationAndPartner {
   303                     do saveGroupKeys;
   304                     do prepareOwnKeys;
   305                     do ownKeysAreDefaultKeys;
   306                     send OwnKeysRequester;
   307                     do showGroupCreated;
   308                     go Grouped;
   309                 }
   310             }
   311         }
   312 
   313         state Grouped timeout=off {
   314             on Init {
   315                 do newChallengeAndNegotiationBase;
   316                 do showBeingInGroup;
   317             }
   318 
   319             on GroupKeysUpdate {
   320                 if fromGroupMember // double check
   321                     do saveGroupKeys;
   322             }
   323 
   324             on KeyGen {
   325                 do prepareOwnKeys;
   326                 send GroupKeysUpdate;
   327             }
   328 
   329             on Beacon {
   330                 do openNegotiation;
   331                 do tellWeAreGrouped;
   332                 send NegotiationRequestGrouped;
   333                 do useOwnChallenge;
   334             }
   335 
   336             on NegotiationOpen {
   337                 if sameNegotiationAndPartner {
   338                     do storeNegotiation;
   339                     do useThisKey;
   340                     send GroupHandshake;
   341                     go HandshakingGrouped;
   342                 }
   343             }
   344 
   345             on GroupHandshake {
   346                 do storeNegotiation;
   347                 do storeThisKey;
   348                 go HandshakingGrouped;
   349             }
   350 
   351             on GroupTrustThisKey {
   352                 if fromGroupMember // double check
   353                     do trustThisKey;
   354             }
   355 
   356             // this is for a leaving group member
   357             on GroupKeyResetRequiredAndDisable {
   358                 send InitUnledGroupKeyReset;
   359                 go DisableOnInitUnledGroupKeyReset;
   360             }
   361 
   362             on InitUnledGroupKeyReset {
   363                 debug > unled group key reset; new group keys will be elected
   364                 do useOwnResponse;
   365                 send ElectGroupKeyResetLeader;
   366                 go GroupKeyResetElection;
   367             }
   368         }
   369 
   370         state GroupKeyResetElection {
   371             on ElectGroupKeyResetLeader {
   372                 if sameResponse {
   373                     // the first one is from us, we're leading this
   374                     do resetOwnGroupedKeys;
   375                     go Grouped;
   376                 }
   377                 else {
   378                     // the first one is not from us
   379                     go Grouped;
   380                 }
   381             }
   382         }
   383 
   384         state DisableOnInitUnledGroupKeyReset {
   385             on InitUnledGroupKeyReset
   386                 do disable;
   387         }
   388 
   389         // sole device handshaking with group
   390         state HandshakingToJoin {
   391             on Init
   392                 do showJoinGroupHandshake;
   393 
   394             // Cancel is Rollback
   395             on Cancel {
   396                 send Rollback;
   397                 go Sole;
   398             }
   399 
   400             on Rollback {
   401                 if sameNegotiationAndPartner
   402                     go Sole;
   403             }
   404 
   405             // Reject is CommitReject
   406             on Reject {
   407                 send CommitReject;
   408                 do disable;
   409                 go End;
   410             }
   411 
   412             on CommitAcceptForGroup {
   413                 if sameNegotiationAndPartner
   414                     go HandshakingToJoinPhase2;
   415             }
   416 
   417             on CommitReject {
   418                 if sameNegotiationAndPartner {
   419                     do disable;
   420                     go End;
   421                 }
   422             }
   423 
   424             // Accept is Phase1Commit
   425             on Accept {
   426                 do trustThisKey;
   427                 send CommitAccept;
   428                 go HandshakingToJoinPhase1;
   429             }
   430         }
   431 
   432         state HandshakingToJoinPhase1 {
   433             on Rollback {
   434                 if sameNegotiationAndPartner
   435                     go Sole;
   436             }
   437 
   438             on CommitReject {
   439                 if sameNegotiationAndPartner {
   440                     do disable;
   441                     go End;
   442                 }
   443             }
   444 
   445             on CommitAcceptForGroup {
   446                 if sameNegotiationAndPartner
   447                     go JoiningGroup;
   448             }
   449         }
   450 
   451         state HandshakingToJoinPhase2 {
   452             on Cancel {
   453                 send Rollback;
   454                 go Sole;
   455             }
   456 
   457             on Reject {
   458                 send CommitReject;
   459                 do disable;
   460                 go End;
   461             }
   462 
   463             on Accept {
   464                 do trustThisKey;
   465                 send CommitAccept;
   466                 go JoiningGroup;
   467             }
   468         }
   469 
   470         state JoiningGroup {
   471             on GroupKeysForNewMember {
   472                 if sameNegotiationAndPartner {
   473                     do saveGroupKeys;
   474                     do receivedKeysAreDefaultKeys;
   475                     do prepareOwnKeys;
   476                     send GroupKeysAndClose;
   477                     do showDeviceAdded;
   478                     go Grouped;
   479                 }
   480             }
   481         }
   482 
   483         state HandshakingGrouped {
   484             on Init
   485                 do showGroupedHandshake;
   486     
   487             // Cancel is Rollback
   488             on Cancel {
   489                 send Rollback;
   490                 go Grouped;
   491             }
   492 
   493             on Rollback {
   494                 if sameNegotiationAndPartner
   495                     go Grouped;
   496             }
   497 
   498             // Reject is CommitReject
   499             on Reject {
   500                 send CommitReject;
   501                 go Grouped;
   502             }
   503 
   504             on CommitReject {
   505                 if sameNegotiationAndPartner
   506                     go Grouped;
   507             }
   508 
   509             // Accept is Phase1Commit
   510             on Accept {
   511                 do trustThisKey;
   512                 go HandshakingGroupedPhase1;
   513             }
   514 
   515             on CommitAccept {
   516                 if sameNegotiationAndPartner
   517                     go HandshakingGroupedPhase2;
   518             }
   519 
   520             on GroupTrustThisKey {
   521                 if fromGroupMember { // double check
   522                     do trustThisKey;
   523                     if sameNegotiation
   524                         go Grouped;
   525                 }
   526             }
   527 
   528             on GroupKeysUpdate {
   529                 if fromGroupMember // double check
   530                     do saveGroupKeys;
   531             }
   532         }
   533 
   534         state HandshakingGroupedPhase1 {
   535             on Init {
   536                 send GroupTrustThisKey;
   537                 send CommitAcceptForGroup;
   538             }
   539 
   540             on Rollback {
   541                 if sameNegotiationAndPartner
   542                     go Grouped;
   543             }
   544 
   545             on CommitReject {
   546                 if sameNegotiationAndPartner
   547                     go Grouped;
   548             }
   549 
   550             on CommitAccept {
   551                 if sameNegotiationAndPartner {
   552                     do prepareOwnKeys;
   553                     send GroupKeysForNewMember;
   554                     do showDeviceAccepted;
   555                     go Grouped;
   556                 }
   557             }
   558 
   559             on GroupTrustThisKey {
   560                 if fromGroupMember // double check
   561                     do trustThisKey;
   562             }
   563 
   564             on GroupKeysUpdate {
   565                 if fromGroupMember // double check
   566                     do saveGroupKeys;
   567             }
   568 
   569             on GroupKeysAndClose {
   570                 if fromGroupMember { // double check
   571                     do saveGroupKeys;
   572                     go Grouped;
   573                 }
   574             }
   575         }
   576 
   577         state HandshakingGroupedPhase2 {
   578             on Cancel {
   579                 send Rollback;
   580                 go Grouped;
   581             }
   582 
   583             on Reject {
   584                 send CommitReject;
   585                 go Grouped;
   586             }
   587 
   588             on Accept {
   589                 do trustThisKey;
   590                 send GroupTrustThisKey;
   591                 do prepareOwnKeys;
   592                 send GroupKeysForNewMember;
   593                 do showDeviceAccepted;
   594                 go Grouped;
   595             }
   596 
   597             on GroupTrustThisKey {
   598                 if fromGroupMember // double check
   599                     do trustThisKey;
   600             }
   601 
   602             on GroupKeysUpdate {
   603                 if fromGroupMember // double check
   604                     do saveGroupKeys;
   605             }
   606 
   607             on GroupKeysAndClose {
   608                 if fromGroupMember { // double check
   609                     do saveGroupKeys;
   610                     go Grouped;
   611                 }
   612             }
   613         }
   614  
   615         external Accept 129;
   616         external Reject 130;
   617         external Cancel 131;
   618 
   619         // beacons are always broadcasted
   620 
   621         message Beacon 2, type=broadcast, security=unencrypted {
   622             field TID challenge;
   623             auto Version version;
   624         }
   625 
   626         message NegotiationRequest 3, security=untrusted {
   627             field TID challenge;
   628             field TID response;
   629             auto Version version;
   630             field TID negotiation;
   631             field bool is_group;
   632         }
   633 
   634         message NegotiationOpen 4, security=untrusted {
   635             field TID response;
   636             auto Version version;
   637             field TID negotiation;
   638         }
   639 
   640         message Rollback 5, security=untrusted {
   641             field TID negotiation;
   642         }
   643 
   644         message CommitReject 6, security=untrusted {
   645             field TID negotiation;
   646         }
   647 
   648         message CommitAcceptOfferer 7, security=untrusted {
   649             field TID negotiation;
   650         }
   651 
   652         message CommitAcceptRequester 8, security=untrusted {
   653             field TID negotiation;
   654         }
   655 
   656         message CommitAccept 9, security=untrusted {
   657             field TID negotiation;
   658         }
   659 
   660         message CommitAcceptForGroup 10, security=untrusted {
   661             field TID negotiation;
   662         }
   663 
   664         // default: security=truste
   665         // messages are only accepted when coming from the device group
   666         message GroupTrustThisKey 11 {
   667             field Hash key;
   668             field TID negotiation;
   669         }
   670 
   671         // trust in future
   672         message GroupKeysForNewMember 12, security=attach_own_keys_for_new_member {
   673             field IdentityList ownIdentities;
   674         }
   675 
   676         message GroupKeysAndClose 13, security=attach_own_keys_for_new_member {
   677             field IdentityList ownIdentities;
   678         }
   679 
   680         message OwnKeysOfferer 14, security=attach_own_keys_for_new_member {
   681             field IdentityList ownIdentities;
   682         }
   683 
   684         message OwnKeysRequester 15, security=attach_own_keys_for_new_member {
   685             field IdentityList ownIdentities;
   686         }
   687 
   688         // grouped handshake
   689         message NegotiationRequestGrouped 16, security=untrusted {
   690             field TID challenge;
   691             field TID response;
   692             auto Version version;
   693             field TID negotiation;
   694             field bool is_group;
   695         }
   696 
   697         message GroupHandshake 17 {
   698             field TID negotiation;
   699             field Hash key;
   700         }
   701 
   702         // update group
   703         message GroupKeysUpdate 18, security=attach_own_keys_for_group {
   704             field IdentityList ownIdentities;
   705         }
   706 
   707         // initiate unled group key reset
   708         message InitUnledGroupKeyReset 19 {
   709         }
   710 
   711         message ElectGroupKeyResetLeader 20 {
   712             field TID response;
   713         }
   714     }
   715 }
   716