led and unled group key reset sync
authorVolker Birk <vb@pep-project.org>
Thu, 19 Dec 2019 12:58:30 +0100
branchsync
changeset 4287159969298292
parent 4283 7c480c3345c4
child 4288 929625a777b1
led and unled group key reset
sync/cond_act_sync.yml2
sync/sync.fsm
     1.1 --- a/sync/cond_act_sync.yml2	Sat Dec 14 12:55:46 2019 +0100
     1.2 +++ b/sync/cond_act_sync.yml2	Thu Dec 19 12:58:30 2019 +0100
     1.3 @@ -88,6 +88,11 @@
     1.4      free_identity(me);
     1.5  ||
     1.6  
     1.7 +condition isLedGroupKeyReset
     1.8 +||
     1.9 +    *result = session->sync_state.keysync.led;
    1.10 +||
    1.11 +
    1.12  // action: PEP_STATUS «@name»(PEP_SESSION session)
    1.13  
    1.14  function "new_UUID" {
    1.15 @@ -576,3 +581,13 @@
    1.16  ||
    1.17      disable_sync(session);
    1.18  ||
    1.19 +
    1.20 +action ledGroupKeyReset
    1.21 +||
    1.22 +    session->sync_state.keysync.led = true;
    1.23 +||
    1.24 +
    1.25 +action unledGroupKeyReset
    1.26 +||
    1.27 +    session->sync_state.keysync.led = false;
    1.28 +||
     2.1 --- a/sync/sync.fsm	Sat Dec 14 12:55:46 2019 +0100
     2.2 +++ b/sync/sync.fsm	Thu Dec 19 12:58:30 2019 +0100
     2.3 @@ -314,23 +314,40 @@
     2.4                  do trustThisKey;
     2.5  
     2.6              on GroupKeyResetRequired
     2.7 -                send InitGroupKeyReset;
     2.8 +                send InitUnledGroupKeyReset;
     2.9  
    2.10              on GroupKeyResetRequiredAndDisable {
    2.11 -                send InitGroupKeyReset;
    2.12 -                go DisableOnInitGroupKeyReset;
    2.13 +                send InitUnledGroupKeyReset;
    2.14 +                go DisableOnInitUnledGroupKeyReset;
    2.15 +            }
    2.16 +
    2.17 +            on InitUnledGroupKeyReset {
    2.18 +                // unled group key reset; new group keys will be elected
    2.19 +                do unledGroupKeyReset;
    2.20 +                send GroupKeyReset;
    2.21              }
    2.22  
    2.23 -            on InitGroupKeyReset
    2.24 -                send GroupKeyReset;
    2.25 -
    2.26              on GroupKeyReset {
    2.27 -
    2.28 +                do saveGroupKeys;
    2.29 +                if isLedGroupKeyReset {
    2.30 +                    // led group key reset is executed without questions
    2.31 +                    do receivedKeysAreDefaultKeys;
    2.32 +                }
    2.33 +                else {
    2.34 +                    // unled group key reset; election takes place
    2.35 +                    if keyElectionWon {
    2.36 +                        // this is already the case:
    2.37 +                        // do ownKeysAreDefaultKeys;
    2.38 +                    }
    2.39 +                    else {
    2.40 +                        do receivedKeysAreDefaultKeys;
    2.41 +                    }
    2.42 +                }
    2.43              }
    2.44          }
    2.45  
    2.46 -        state DisableOnInitGroupKeyReset {
    2.47 -            on InitGroupKeyReset
    2.48 +        state DisableOnInitUnledGroupKeyReset {
    2.49 +            on InitUnledGroupKeyReset
    2.50                  do disable;
    2.51          }
    2.52  
    2.53 @@ -606,12 +623,16 @@
    2.54              field IdentityList ownIdentities;
    2.55          }
    2.56  
    2.57 -        // key reset for group
    2.58 -        message InitGroupKeyReset 19 {
    2.59 +        // initiate unled group key reset
    2.60 +        message InitUnledGroupKeyReset 19 {
    2.61          }
    2.62  
    2.63          message GroupKeyReset 20, security=attach_own_keys_for_group {
    2.64              field TID challenge;
    2.65 +            // set this flag for led group key reset; delivered group keys will
    2.66 +            // be accepted by all group members; if not set group keys will be
    2.67 +            // elected
    2.68 +            field bool led;
    2.69              field IdentityList ownIdentities;
    2.70          }
    2.71      }