reworking group keys and group key reset

3 years ago · c98fc0dc2a
parent bab34fee86
commit c98fc0dc2a
4 changed files with 131 additions and 15 deletions
--- a/src/security_checks.c
+++ b/src/security_checks.c
@ -0,0 +1,4 @@
+// This file is under GNU General Public License 3.0
+// see LICENSE.txt
+
+#include "pEp_internal.h"
--- a/src/security_checks.h
+++ b/src/security_checks.h
@ -0,0 +1,3 @@
+// This file is under GNU General Public License 3.0
+// see LICENSE.txt
+
--- a/sync/gen_statemachine.ysl2
+++ b/sync/gen_statemachine.ysl2
@ -231,6 +231,7 @@ tstylesheet {
            #include "«@name»_event.h"
            #include "«yml:lcase(@name)»_codec.h"
            #include "baseprotocol.h"
+            #include "security_checks.h"
            `` for "fsm" | #include "«@name»_fsm.h"

            `` apply "fsm", 0, mode=timeout
@ -562,7 +563,7 @@ tstylesheet {
                            free_message(_m);
                            break;

-                    `` for "fsm/message[@security='attach_own_keys']" |>>> case «../@name»_PR_«yml:mixedCase(@name)»:
+                    `` for "fsm/message[@security='attach_own_keys_for_new_member']" |>>> case «../@name»_PR_«yml:mixedCase(@name)»:
                            // check if we had a former negotiation

                            transaction = false;
@ -741,6 +742,109 @@ tstylesheet {
                            free_message(_m);
                            break;

+                    `` for "fsm/message[@security='attach_own_keys_for_group']" |>>> case «../@name»_PR_«yml:mixedCase(@name)»:
+                            status = base_prepare_message(
+                                    session,
+                                    li->ident,
+                                    li->ident,
+                                    _data,
+                                    size,
+                                    NULL,
+                                    &_m
+                                );
+                            if (status) {
+                                free(_data);
+                                goto the_end;
+                            }
+
+                            // export secret keys into memory
+
+                            key_data = strdup("");
+                            assert(key_data);
+                            if (!key_data) {
+                                free(_data);
+                                free_message(_m);
+                                status = PEP_OUT_OF_MEMORY;
+                                goto the_end;
+                            }
+                            key_data_size = 1; // N.B. If null termination makes us happy for debugging, fine, but 
+                                               // if we include this in the size, libetpan will null terminate and 
+                                               // go bananas. We can't have a NUL in the mime text.
+
+                            for (stringlist_t *sl = session->«yml:lcase(@name)»_state.own.keys;
+                                    sl && sl->value ; sl = sl->next)
+                            {
+                                char *_key_data = NULL;
+                                size_t _size = 0;
+                                status = export_secret_key(session, sl->value, &_key_data, &_size);
+                                if (status && status != PEP_KEY_NOT_FOUND) {
+                                    free(_data);
+                                    free_message(_m);
+                                    goto the_end;
+                                }
+
+                                if (status != PEP_KEY_NOT_FOUND) {
+                                    assert(_key_data && _size);
+                                    char *n = realloc(key_data, key_data_size + _size);
+                                    if (!n) {
+                                        free(_data);
+                                        free_message(_m);
+                                        status = PEP_OUT_OF_MEMORY;
+                                        goto the_end;
+                                    }
+                                    key_data = n;
+                                    key_data_size += _size;
+                                    strlcat(key_data, _key_data, key_data_size);
+                                    free(_key_data);
+                                    _key_data = NULL;
+                                }
+                                status = export_key(session, sl->value, &_key_data, &_size);
+                                if (status && status != PEP_KEY_NOT_FOUND) {
+                                    free(_data);
+                                    free_message(_m);
+                                    goto the_end;
+                                }
+
+                                if (status != PEP_KEY_NOT_FOUND) {
+                                    assert(_key_data && _size);
+                                    char *n = realloc(key_data, key_data_size + _size);
+                                    if (!n) {
+                                        free(_data);
+                                        free_message(_m);
+                                        status = PEP_OUT_OF_MEMORY;
+                                        goto the_end;
+                                    }
+                                    key_data = n;
+                                    key_data_size += _size;
+                                    strlcat(key_data, _key_data, key_data_size);
+                                    free(_key_data);
+                                    _key_data = NULL;
+                                }
+                            }
+
+                            // add secret key data as attachment
+
+                            // N.B. The -1 makes sure we do NOT add a NUL into the mime stream!
+                            bl = bloblist_add(_m->attachments, key_data, key_data_size - 1,
+                                    "application/octet-stream", "file://own.key");
+                            if (!bl) {
+                                free(_data);
+                                free_message(_m);
+                                status = PEP_OUT_OF_MEMORY;
+                                goto the_end;
+                            }
+                            key_data = NULL;
+
+                            status = encrypt_message(session, _m, extra, &m, PEP_enc_PEP, 0);
+                            if (status) {
+                                status = PEP_«yml:ucase(@name)»_CANNOT_ENCRYPT;
+                                goto the_end;
+                            }
+                            add_opt_field(m, "pEp-auto-consume", "yes");
+                            m->in_reply_to = stringlist_add(m->in_reply_to, "pEp-auto-consume@pEp.foundation");
+                            free_message(_m);
+                            break;
+
                        default: // security=trusted only
                            status = base_prepare_message(
                                    session,
--- a/sync/sync.fsm
+++ b/sync/sync.fsm
@ -282,12 +282,12 @@ protocol Sync 1 {
                do showBeingInGroup;
            }

-            on GroupKeys
+            on GroupKeysUpdate
                do saveGroupKeys;

            on KeyGen {
                do prepareOwnKeys;
-                send GroupKeys;
+                send GroupKeysUpdate;
            }

            on Beacon {
@ -404,7 +404,7 @@ protocol Sync 1 {
        }

        state JoiningGroup {
-            on GroupKeys {
+            on GroupKeysForNewMember {
                do saveGroupKeys;
                do receivedKeysAreDefaultKeys;
                do prepareOwnKeys;
@ -451,7 +451,7 @@ protocol Sync 1 {
                    go Grouped;
            }

-            on GroupKeys
+            on GroupKeysUpdate
                do saveGroupKeys;
        }

@ -469,7 +469,7 @@ protocol Sync 1 {

            on CommitAccept if sameNegotiationAndPartner {
                do prepareOwnKeys;
-                send GroupKeys;
+                send GroupKeysForNewMember;
                do showDeviceAccepted;
                go Grouped;
            }
@ -477,7 +477,7 @@ protocol Sync 1 {
            on GroupTrustThisKey
                do trustThisKey;

-            on GroupKeys
+            on GroupKeysUpdate
                do saveGroupKeys;
            
            on GroupKeysAndClose {
@ -501,7 +501,7 @@ protocol Sync 1 {
                do trustThisKey;
                send GroupTrustThisKey;
                do prepareOwnKeys;
-                send GroupKeys;
+                send GroupKeysForNewMember;
                do showDeviceAccepted;
                go Grouped;
            }
@ -509,7 +509,7 @@ protocol Sync 1 {
            on GroupTrustThisKey
                do trustThisKey;

-            on GroupKeys
+            on GroupKeysUpdate
                do saveGroupKeys;
            
            on GroupKeysAndClose {
@ -572,19 +572,19 @@ protocol Sync 1 {
        }

        // trust in future
-        message GroupKeys 12, security=attach_own_keys {
+        message GroupKeysForNewMember 12, security=attach_own_keys_for_new_member {
            field IdentityList ownIdentities;
        }

-        message GroupKeysAndClose 13, security=attach_own_keys {
+        message GroupKeysAndClose 13, security=attach_own_keys_for_new_member {
            field IdentityList ownIdentities;
        }

-        message OwnKeysOfferer 14, security=attach_own_keys {
+        message OwnKeysOfferer 14, security=attach_own_keys_for_new_member {
            field IdentityList ownIdentities;
        }

-        message OwnKeysRequester 15, security=attach_own_keys {
+        message OwnKeysRequester 15, security=attach_own_keys_for_new_member {
            field IdentityList ownIdentities;
        }

@ -601,11 +601,16 @@ protocol Sync 1 {
            field Hash key;
        }

+        // update group
+        message GroupKeysUpdate 18, security=attach_own_keys_for_group {
+            field IdentityList ownIdentities;
+        }
+
        // key reset for group
-        message InitGroupKeyReset 18 {
+        message InitGroupKeyReset 19 {
        }

-        message GroupKeyReset 19, security=key_reset {
+        message GroupKeyReset 20, security=attach_own_keys_for_group {
            field TID challenge;
            field IdentityList ownIdentities;
        }