Sync : more than two. keysync
authorEdouard Tisserant <edouard@pep-project.org>
Wed, 28 Sep 2016 14:34:36 +0200
branchkeysync
changeset 121676e7a6748913
parent 1206 5eb41656c641
child 1217 767412998e22
Sync : more than two.
asn.1/devicegroup.asn1
src/sync_fsm.c
src/sync_fsm.h
src/sync_impl.c
src/sync_send_actions.c
sync/devicegroup.fsm
     1.1 --- a/asn.1/devicegroup.asn1	Tue Sep 27 23:26:41 2016 +0200
     1.2 +++ b/asn.1/devicegroup.asn1	Wed Sep 28 14:34:36 2016 +0200
     1.3 @@ -10,9 +10,12 @@
     1.4  
     1.5  Beacon ::= NULL
     1.6  
     1.7 -HandshakeRequest ::= NULL
     1.8 +HandshakeRequest ::= SEQUENCE {
     1.9 +    partner Identity /* identity of the receiver */
    1.10 +}
    1.11  
    1.12  GroupKeys ::= SEQUENCE {
    1.13 +    partner Identity, /* identity of the receiver */
    1.14      ownIdentities IdentityList
    1.15  }
    1.16  
     2.1 --- a/src/sync_fsm.c	Tue Sep 27 23:26:41 2016 +0200
     2.2 +++ b/src/sync_fsm.c	Wed Sep 28 14:34:36 2016 +0200
     2.3 @@ -98,13 +98,13 @@
     2.4                              return (int) invalid_action;
     2.5                          return Grouped;
     2.6                      }
     2.7 -                    return WaitForGroupKeys;
     2.8 +                    return WaitForGroupKeysSole;
     2.9                  default:
    2.10                      return (DeviceState_state) invalid_event;
    2.11              }
    2.12              break;
    2.13          
    2.14 -        case WaitForGroupKeys:
    2.15 +        case WaitForGroupKeysSole:
    2.16              switch (event) {
    2.17                  case Init: break;
    2.18                  case GroupKeys:
    2.19 @@ -151,6 +151,15 @@
    2.20                          return (int) invalid_out_of_memory;
    2.21                      if (status != PEP_STATUS_OK)
    2.22                          return (int) invalid_action;
    2.23 +                    return HandshakingGrouped;
    2.24 +                default:
    2.25 +                    return (DeviceState_state) invalid_event;
    2.26 +            }
    2.27 +            break;
    2.28 +        
    2.29 +        case HandshakingGrouped:
    2.30 +            switch (event) {
    2.31 +                case Init:
    2.32                      status = showHandshake(session, state, partner, NULL);
    2.33                      if (status == PEP_OUT_OF_MEMORY)
    2.34                          return (int) invalid_out_of_memory;
    2.35 @@ -163,7 +172,7 @@
    2.36                          return (int) invalid_out_of_memory;
    2.37                      if (status != PEP_STATUS_OK)
    2.38                          return (int) invalid_action;
    2.39 -                    break;
    2.40 +                    return Grouped;
    2.41                  case HandshakeAccepted:
    2.42                      status = acceptHandshake(session, state, partner, NULL);
    2.43                      if (status == PEP_OUT_OF_MEMORY)
    2.44 @@ -175,14 +184,7 @@
    2.45                          return (int) invalid_out_of_memory;
    2.46                      if (status != PEP_STATUS_OK)
    2.47                          return (int) invalid_action;
    2.48 -                    break;
    2.49 -                case Reject:
    2.50 -                    status = rejectHandshake(session, state, NULL, NULL);
    2.51 -                    if (status == PEP_OUT_OF_MEMORY)
    2.52 -                        return (int) invalid_out_of_memory;
    2.53 -                    if (status != PEP_STATUS_OK)
    2.54 -                        return (int) invalid_action;
    2.55 -                    break;
    2.56 +                    return Grouped;
    2.57                  default:
    2.58                      return (DeviceState_state) invalid_event;
    2.59              }
     3.1 --- a/src/sync_fsm.h	Tue Sep 27 23:26:41 2016 +0200
     3.2 +++ b/src/sync_fsm.h	Wed Sep 28 14:34:36 2016 +0200
     3.3 @@ -47,8 +47,9 @@
     3.4      InitState, 
     3.5      Sole, 
     3.6      HandshakingSole, 
     3.7 -    WaitForGroupKeys, 
     3.8 -    Grouped
     3.9 +    WaitForGroupKeysSole, 
    3.10 +    Grouped, 
    3.11 +    HandshakingGrouped
    3.12  } DeviceState_state;
    3.13  
    3.14  // events
     4.1 --- a/src/sync_impl.c	Tue Sep 27 23:26:41 2016 +0200
     4.2 +++ b/src/sync_impl.c	Wed Sep 28 14:34:36 2016 +0200
     4.3 @@ -195,18 +195,24 @@
     4.4                  switch (msg->payload.present) {
     4.5                      // HandshakeRequest needs encryption
     4.6                      case DeviceGroup_Protocol__payload_PR_handshakeRequest:
     4.7 -                        if (rating < PEP_rating_reliable) {
     4.8 +                        if (rating < PEP_rating_reliable ||
     4.9 +                            strncmp(sync_uuid,
    4.10 +                                    (const char *)msg->payload.choice.handshakeRequest.partner.user_id->buf,
    4.11 +                                    msg->payload.choice.handshakeRequest.partner.user_id->size) != 0){
    4.12                              ASN_STRUCT_FREE(asn_DEF_DeviceGroup_Protocol, msg);
    4.13                              free(user_id);
    4.14 -                            goto skip;
    4.15 +                            return PEP_MESSAGE_DISCARDED;
    4.16                          }
    4.17                          break;
    4.18                      // accepting GroupKeys needs encryption and trust
    4.19                      case DeviceGroup_Protocol__payload_PR_groupKeys:
    4.20 -                        if (!keylist || rating < PEP_rating_reliable) {
    4.21 +                        if (!keylist || rating < PEP_rating_reliable ||
    4.22 +                            strncmp(sync_uuid,
    4.23 +                                    (const char *)msg->payload.choice.groupKeys.partner.user_id->buf,
    4.24 +                                    msg->payload.choice.groupKeys.partner.user_id->size) != 0){
    4.25                              ASN_STRUCT_FREE(asn_DEF_DeviceGroup_Protocol, msg);
    4.26                              free(user_id);
    4.27 -                            goto skip;
    4.28 +                            return PEP_MESSAGE_DISCARDED;
    4.29                          }
    4.30  
    4.31                          // check trust of identity with the right user_id
    4.32 @@ -226,7 +232,7 @@
    4.33                          if (this_user_id_rating < PEP_rating_trusted ) {
    4.34                              ASN_STRUCT_FREE(asn_DEF_DeviceGroup_Protocol, msg);
    4.35                              free(user_id);
    4.36 -                            goto skip;
    4.37 +                            return PEP_MESSAGE_DISCARDED;
    4.38                          }
    4.39                          break;
    4.40                      default:
    4.41 @@ -276,7 +282,6 @@
    4.42              }
    4.43          }
    4.44          else {
    4.45 -skip:
    4.46              last = bl;
    4.47          }
    4.48      }
     5.1 --- a/src/sync_send_actions.c	Tue Sep 27 23:26:41 2016 +0200
     5.2 +++ b/src/sync_send_actions.c	Wed Sep 28 14:34:36 2016 +0200
     5.3 @@ -84,6 +84,10 @@
     5.4      if (!msg)
     5.5          goto enomem;
     5.6  
     5.7 +    if (Identity_from_Struct(partner,
     5.8 +                             &msg->payload.choice.handshakeRequest.partner) == NULL)
     5.9 +        goto enomem;
    5.10 +
    5.11      bool encrypted = true;
    5.12      status = unicast_msg(session, partner, state, msg, encrypted);
    5.13      if (status != PEP_STATUS_OK)
    5.14 @@ -131,6 +135,10 @@
    5.15      status = own_identities_retrieve(session, &kl);
    5.16      if (status != PEP_STATUS_OK)
    5.17          goto error;
    5.18 +    if (Identity_from_Struct(partner,
    5.19 +                             &msg->payload.choice.groupKeys.partner) == NULL)
    5.20 +        goto enomem;
    5.21 +
    5.22      if (IdentityList_from_identity_list(kl, &msg->payload.choice.groupKeys.ownIdentities) == NULL)
    5.23          goto enomem;
    5.24  
     6.1 --- a/sync/devicegroup.fsm	Tue Sep 27 23:26:41 2016 +0200
     6.2 +++ b/sync/devicegroup.fsm	Wed Sep 28 14:34:36 2016 +0200
     6.3 @@ -52,13 +52,14 @@
     6.4                      do sendGroupKeys(partner);
     6.5                      go Grouped;
     6.6                  }
     6.7 -                go WaitForGroupKeys(Identity partner);
     6.8 +                go WaitForGroupKeysSole(Identity partner);
     6.9              }
    6.10          }
    6.11      
    6.12 -        state WaitForGroupKeys(Identity partner) {
    6.13 +        state WaitForGroupKeysSole(Identity partner) {
    6.14              on GroupKeys(Identity partner, Stringlist keys) {
    6.15                  do storeGroupKeys(partner, keys);
    6.16 +                // TODO : add a callback to signal finished waiting for group keys
    6.17                  go Grouped;
    6.18              }
    6.19              on Cancel go Sole;
    6.20 @@ -71,19 +72,30 @@
    6.21          state Grouped {
    6.22              on KeyGen
    6.23                  do sendGroupKeys; // always send all keys
    6.24 +            on Beacon(Identity partner)
    6.25 +                do sendHandshakeRequest(partner);
    6.26              on HandshakeRequest(Identity partner) {
    6.27                  do sendHandshakeRequest(partner);
    6.28 +                go HandshakingGrouped(partner);
    6.29 +            }
    6.30 +        }
    6.31 +
    6.32 +        state HandshakingGrouped(Identity partner) {
    6.33 +            on Init
    6.34                  do showHandshake(partner);
    6.35 +            on HandshakeRejected(Identity partner) {
    6.36 +                do rejectHandshake(partner);             // stores rejection of partner
    6.37 +                go Grouped;
    6.38              }
    6.39 -            on HandshakeRejected(Identity partner)
    6.40 -                do rejectHandshake(partner);
    6.41 -            on HandshakeAccepted(Identity partner){
    6.42 +            on HandshakeAccepted(Identity partner) {
    6.43                  do acceptHandshake(partner); 
    6.44 +
    6.45 +                // an already existing group always wins
    6.46                  do sendGroupKeys(partner);
    6.47 +                go Grouped;
    6.48              }
    6.49 -            on Reject(Identity partner)
    6.50 -                do rejectHandshake partner;
    6.51          }
    6.52 +    
    6.53  
    6.54          tag Init 1;
    6.55          tag Beacon 2;