adding some security keysync
authorVolker Birk <vb@pep.foundation>
Wed, 31 Aug 2016 09:38:09 +0200
branchkeysync
changeset 1099113463c3e85a
parent 1098 737031f6f0b3
child 1100 bb146737405f
adding some security
src/message_api.c
src/sync_fsm.h
src/sync_impl.c
src/sync_impl.h
sync/gen_statemachine.ysl2
     1.1 --- a/src/message_api.c	Wed Aug 31 09:09:44 2016 +0200
     1.2 +++ b/src/message_api.c	Wed Aug 31 09:38:09 2016 +0200
     1.3 @@ -1401,6 +1401,14 @@
     1.4              *rating = PEP_rating_unencrypted;
     1.5              if (imported_keys)
     1.6                  remove_attached_keys(src);
     1.7 +            status = receive_DeviceState_msg(session, msg, false);
     1.8 +            if (status == PEP_MESSAGE_CONSUMED) {
     1.9 +                free_message(msg);
    1.10 +                msg = NULL;
    1.11 +            }
    1.12 +            else if (status != PEP_STATUS_OK){
    1.13 +                return status;
    1.14 +            }
    1.15              return PEP_UNENCRYPTED;
    1.16  
    1.17          case PEP_enc_PGP_MIME:
    1.18 @@ -1663,15 +1671,16 @@
    1.19          decorate_message(msg, *rating, _keylist);
    1.20          if (imported_keys)
    1.21              remove_attached_keys(msg);
    1.22 -    }
    1.23 -
    1.24 -    status = receive_DeviceState_msg(session, msg);
    1.25 -    if (status == PEP_MESSAGE_CONSUMED) {
    1.26 -        free_message(msg);
    1.27 -        msg = NULL;
    1.28 -    }
    1.29 -    else if (status != PEP_STATUS_OK){
    1.30 -        goto pep_error;
    1.31 +        if (*rating >= PEP_rating_reliable) {
    1.32 +            status = receive_DeviceState_msg(session, msg, true);
    1.33 +            if (status == PEP_MESSAGE_CONSUMED) {
    1.34 +                free_message(msg);
    1.35 +                msg = NULL;
    1.36 +            }
    1.37 +            else if (status != PEP_STATUS_OK){
    1.38 +                goto pep_error;
    1.39 +            }
    1.40 +        }
    1.41      }
    1.42  
    1.43      *dst = msg;
     2.1 --- a/src/sync_fsm.h	Wed Aug 31 09:09:44 2016 +0200
     2.2 +++ b/src/sync_fsm.h	Wed Aug 31 09:38:09 2016 +0200
     2.3 @@ -2,8 +2,7 @@
     2.4  
     2.5  // state machine for DeviceState
     2.6  
     2.7 -#include "pEpEngine.h"
     2.8 -#include "message.h"
     2.9 +#include "message_api.h"
    2.10  
    2.11  #ifdef __cplusplus
    2.12  extern "C" {
    2.13 @@ -80,7 +79,7 @@
    2.14  
    2.15  // message receiver
    2.16  
    2.17 -PEP_STATUS receive_DeviceState_msg(PEP_SESSION session, message *msg);
    2.18 +PEP_STATUS receive_DeviceState_msg(PEP_SESSION session, message *msg, PEP_rating rating);
    2.19  
    2.20  // state machine
    2.21  
     3.1 --- a/src/sync_impl.c	Wed Aug 31 09:09:44 2016 +0200
     3.2 +++ b/src/sync_impl.c	Wed Aug 31 09:38:09 2016 +0200
     3.3 @@ -58,7 +58,7 @@
     3.4      return fsm_DeviceState_inject(session, event, partner, extra);
     3.5  }
     3.6  
     3.7 -PEP_STATUS receive_DeviceState_msg(PEP_SESSION session, message *src)
     3.8 +PEP_STATUS receive_DeviceState_msg(PEP_SESSION session, message *src, PEP_rating rating)
     3.9  {
    3.10      assert(session && src);
    3.11      if (!(session && src))
    3.12 @@ -74,6 +74,23 @@
    3.13              uper_decode_complete(NULL, &asn_DEF_DeviceGroup_Protocol, (void **)
    3.14                      &msg, bl->value, bl->size);
    3.15              if (msg) {
    3.16 +                switch (msg->payload.present) {
    3.17 +                    // HandshakeRequest needs encryption
    3.18 +                    case DeviceGroup_Protocol__payload_PR_handshakeRequest:
    3.19 +                        if (rating < PEP_rating_reliable) {
    3.20 +                            ASN_STRUCT_FREE(asn_DEF_DeviceGroup_Protocol, msg);
    3.21 +                            goto skip;
    3.22 +                        }
    3.23 +                    // accepting GroupKeys needs trust
    3.24 +                    case DeviceGroup_Protocol__payload_PR_groupKeys:
    3.25 +                        if (rating < PEP_rating_trusted) {
    3.26 +                            ASN_STRUCT_FREE(asn_DEF_DeviceGroup_Protocol, msg);
    3.27 +                            goto skip;
    3.28 +                        }
    3.29 +                    default:
    3.30 +                        break;
    3.31 +                }
    3.32 +
    3.33                  found = true;
    3.34  
    3.35                  int32_t value = (int32_t) msg->header.sequence;
    3.36 @@ -106,6 +123,7 @@
    3.37              free_bloblist(blob);
    3.38          }
    3.39          else {
    3.40 +skip:
    3.41              last = bl;
    3.42          }
    3.43      }
     4.1 --- a/src/sync_impl.h	Wed Aug 31 09:09:44 2016 +0200
     4.2 +++ b/src/sync_impl.h	Wed Aug 31 09:38:09 2016 +0200
     4.3 @@ -12,7 +12,8 @@
     4.4          DeviceGroup_Protocol_t *msg
     4.5      );
     4.6  
     4.7 -PEP_STATUS receive_DeviceState_msg(PEP_SESSION session, message *src);
     4.8 +PEP_STATUS receive_DeviceState_msg(PEP_SESSION session, message *src,
     4.9 +        PEP_rating rating);
    4.10  
    4.11  DeviceGroup_Protocol_t *new_DeviceGroup_Protocol_msg(DeviceGroup_Protocol__payload_PR type);
    4.12  void free_DeviceGroup_Protocol_msg(DeviceGroup_Protocol_t *msg);
     5.1 --- a/sync/gen_statemachine.ysl2	Wed Aug 31 09:09:44 2016 +0200
     5.2 +++ b/sync/gen_statemachine.ysl2	Wed Aug 31 09:38:09 2016 +0200
     5.3 @@ -28,8 +28,7 @@
     5.4  
     5.5          // state machine for «@name»
     5.6  
     5.7 -        #include "pEpEngine.h"
     5.8 -        #include "message.h"
     5.9 +        #include "message_api.h"
    5.10          
    5.11          #ifdef __cplusplus
    5.12          extern "C" {
    5.13 @@ -94,7 +93,7 @@
    5.14  
    5.15          // message receiver
    5.16          
    5.17 -        PEP_STATUS receive_«@name»_msg(PEP_SESSION session, message *msg);
    5.18 +        PEP_STATUS receive_«@name»_msg(PEP_SESSION session, message *msg, PEP_rating rating);
    5.19  
    5.20          // state machine
    5.21