commit 64b92f47a1ee2fd808e22a075d984dd77aab0493
parent 38a4bebe86570c1ec5f179f7e3bc1979a7048ece
Author: Elias Summermatter <elias.summermatter@seccom.ch>
Date: Mon, 15 Mar 2021 14:43:12 +0100
Added some code descriptions
Diffstat:
1 file changed, 177 insertions(+), 39 deletions(-)
diff --git a/draft-summermatter-set-union.xml b/draft-summermatter-set-union.xml
@@ -1901,11 +1901,16 @@ FUNCTION decide_full_sending(initial_local_size, remote_setsize)
</t>
<figure anchor="performance_formula_ibf_parameters_code">
<artwork name="" type="" align="left" alt=""><![CDATA[
-FUNCTION (setsize):
+# INPUTS:
+# setsize: The set size
+# OUTPUTS:
+# returns: Array: first element total nr ob buckets and
+# second element number of buckets per element
+
+FUNCTION calculate_ibf_params (setsize):
number_of_bucket_per_element = 4
total_number_of_buckets = setsize
return [ total_number_of_buckets, number_of_bucket_per_element ]
-
]]></artwork>
</figure>
</section>
@@ -1976,26 +1981,48 @@ FUNCTION (setsize):
</t>
<figure anchor="security_generic_functions_missing_message_code">
<artwork name="" type="" align="left" alt=""><![CDATA[
+
# Initially creates message store
+# OUTPUTS:
+# returns: Store
FUNCTION createStore()
store = {}
return store
+
+
# Returns adds a message to the store
-FUNCTION addMessageToStore(store, message)
- key = hash(sha512, message)
+# INPUTS:
+# store: store to add key to
+# key: unique key to add
+# OUTPUTS:
+# returns: Returns true if element could be added to store.
+# Returns false if element could not be added to store.
+FUNCTION addMessageToStore(store, key)
IF store.get(key) != NULL
return FALSE
store.set(key) = 1
return TRUE
# Check if hash is in store
-FUNCTION markElementAsReceived(store)
+# INPUTS:
+# store: Store to search
+# key: Unique key to add
+# OUTPUTS:
+# returns: Returns true if key is in store
+# Returns false if key is not in store
+FUNCTION markElementAsReceived(store, key)
IF store.get(key) != NULL || store.get(key) != 1
return FALSE
store.update(key, 0)
return TRUE
+# Check if all elements added to store are also received
+# INPUTS:
+# store: Store to check for completion
+# OUTPUTS:
+# returns: Returns true if key all messages added are received
+# Returns false if one or more messages are not received
FUNCTION isStoreComplete(store)
FOR elements in store
IF elements.value != 0:
@@ -2005,6 +2032,11 @@ FUNCTION isStoreComplete(store)
return TRUE
# Returns the count of message received
+# INPUTS:
+# store: Store to count
+# OUTPUTS:
+# returns: Returns true if key all messages added are received
+# Returns false if one or more messages are not received
FUNCTION getNumberOfMessage(store)
return store.size()
]]></artwork>
@@ -2020,13 +2052,23 @@ FUNCTION getNumberOfMessage(store)
</t>
<figure anchor="security_generic_functions_element_nr_code">
<artwork name="" type="" align="left" alt=""><![CDATA[
+# Get the number of elements from previous sync
+# INPUTS:
+# client_id: A unique id that identifies the client
+# OUTPUTS:
+# returns: The number of elements from last sync
FUNCTION number_elements_last_sync(client_id)
IF number_store.get(clientID)
return number_store.get(client_id)
ENDIF
return 0
-
+# Updates the stored remote
+# INPUTS:
+# client_id: A unique id that identifies the client
+# remote_setsize: The set size of the remote peer
+# OUTPUTS:
+# returns: The number of elements from last sync
FUNCTION save_number_of_elements_last_sync(client_id, remote_setsize)
number_store.update(clientID, remote_setsize)
]]></artwork>
@@ -2073,14 +2115,13 @@ FUNCTION save_number_of_elements_last_sync(client_id, remote_setsize)
<figure anchor="security_states_expecting_ibf_request_full_code">
<artwork name="" type="" align="left" alt=""><![CDATA[
# INPUTS:
-# client_id: The initial local setsize
+# client_id: Unique remote peer id
# remote_setsize: The remote setsize
# local_setsize: The local setsize
# initial_local_size: The initial local setsize
-# set_diff: the set difference calculated by the strata estimator
+# set_diff: The set difference calculated with the strata estimator
# OUTPUTS:
-# returns: the decision
-
+# returns: Boolean as indicator if message is valid
FUNCTION validate_messages_request_full(client_id, remote_setsize, local_setsize, initial_local_size, set_diff)
last_setsize = getNumberOfElementsLastSync(clientId)
@@ -2128,7 +2169,14 @@ FUNCTION validate_messages_request_full(client_id, remote_setsize, local_setsize
</t>
<figure anchor="security_states_expecting_ibf_message_ibf_code">
<artwork name="" type="" align="left" alt=""><![CDATA[
-
+# INPUTS:
+# remote_setsize: The remote setsize
+# local_setsize: The local setsize
+# initial_local_size: The initial local setsize
+# set_diff: The set difference calculated with the strata estimator
+# ibf_msg: received ibf message
+# OUTPUTS:
+# returns: Boolean as indicator if message is valid
FUNCTION validate_messages_ibf(remote_setsize, local_setsize, initial_local_size, set_diff, ibf_msg)
IF is_undefined(number_buckets_left)
number_buckets_left = get_bucket_number(remote_setsize, local_setsize, initial_local_size, set_diff, ibf_msg)
@@ -2138,8 +2186,15 @@ FUNCTION validate_messages_ibf(remote_setsize, local_setsize, initial_local_size
return FALSE
return TRUE
-
# Security check executed when first ibf message is received
+# INPUTS:
+# remote_setsize: The remote setsize
+# local_setsize: The local setsize
+# initial_local_size: The initial local setsize
+# set_diff: The set difference calculated with the strata estimator
+# ibf_msg: received ibf message
+# OUTPUTS:
+# returns: Boolean as indicator if message is valid
FUNCTION get_bucket_number(remote_setsize, local_setsize, initial_local_size, set_diff, ibf_msg)
# Check for max plausible set size as defined on use case basis (can be infinite)
@@ -2179,18 +2234,30 @@ FUNCTION get_bucket_number(remote_setsize, local_setsize, initial_local_size, se
</t>
<figure anchor="security_states_expecting_ibf_full_element_code">
<artwork name="" type="" align="left" alt=""><![CDATA[
-
-FUNCTION validate_messages_full_element(client_id, remote_setsize, local_setsize, initial_local_size, set_diff, message)
+# Security check executed when first ibf message is received
+# INPUTS:
+# client_id: Unique remote peer id
+# remote_setsize: The remote setsize
+# local_setsize: The local setsize
+# initial_local_size: The initial local setsize
+# set_diff: The set difference calculated with the strata estimator
+# full_element_msg: received full element message
+# OUTPUTS:
+# returns: Boolean as indicator if message is valid
+FUNCTION validate_messages_full_element(client_id, remote_setsize,
+ local_setsize, initial_local_size, set_diff, full_element_msg)
# On first run create store and make initial checks
IF is_undefined(store)
full_element_msg_store = createStore()
- IF ! validate_messages_full_element_init(client_id, remote_setsize, local_setsize, initial_local_size, set_diff)
+ IF ! validate_messages_full_element_init(client_id, remote_setsize,
+ local_setsize, initial_local_size, set_diff)
return FALSE
+ ENDIF
ENDIF
# Prevent duplication of received message
- IF ! addMessageToStore(full_element_msg_store, message)
+ IF ! addMessageToStore(full_element_msg_store, full_element_msg.unique_id)
return FALSE
ENDIF
@@ -2198,6 +2265,7 @@ FUNCTION validate_messages_full_element(client_id, remote_setsize, local_setsize
number_received_messages = getNumberOfMessage(full_element_msg_store)
IF ( number_received_messages > remote_setsize )
return FALSE
+ ENDIF
return TRUE
@@ -2209,9 +2277,9 @@ FUNCTION validate_messages_full_element(client_id, remote_setsize, local_setsize
# initial_local_size: The initial local setsize
# set_diff: the set difference calculated by the strata estimator
# OUTPUTS:
-# returns: the decision
-
-FUNCTION validate_messages_full_element_init(client_id, remote_setsize, local_setsize, initial_local_size, set_diff)
+# returns: Boolean as indicator if message is valid
+FUNCTION validate_messages_full_element_init(client_id, remote_setsize,
+ local_setsize, initial_local_size, set_diff)
last_setsize = getNumberOfElementsLastSync(clientId)
IF remote_setsize < last_setsize
@@ -2221,13 +2289,15 @@ FUNCTION validate_messages_full_element_init(client_id, remote_setsize, local_se
# Update number of elements in store
save_number_of_elements_last_sync(client_id, remote_setsize)
- # Check for max plausible set size as defined on use case basis (can be infinite)
+ # Check for max plausible set size as defined
+ # on use case basis (can be infinite)
plausible_setsize = getMaxPlausibleSetSize()
IF remote_setsize > plausible_setsize
return FALSE
ENDIF
- # Check for correct operation mode operation_mode function is described in performance section
+ # Check for correct operation mode operation_mode
+ # function is described in performance section
IF decide_operation_mode(initial_local_size, remote_setsize, set_diff) != "FULL"
return FALSE
ENDIF
@@ -2274,16 +2344,30 @@ FUNCTION validate_messages_full_element_init(client_id, remote_setsize, local_se
</t>
<figure anchor="security_states_full_sending_full_done_code">
<artwork name="" type="" align="left" alt=""><![CDATA[
-FUNCTION validate_messages_full_done(full_done_message, full_element_msg_store, remote_setsize, local_set)
+# INPUTS:
+# full_done_msg: received full done message
+# full_element_msg_store: Store that stores the the uniq keys of
+# full elements
+# remote_setsize: The remote setsize
+# local_set: The local set
+# client_id: Unique remote peer id
+# OUTPUTS:
+# returns: Boolean as indicator if message is valid
+FUNCTION validate_messages_full_done(full_done_msg, full_element_msg_store,
+ remote_setsize, local_set, client_id)
# Check that correct number of elements has been received
number_received_messages = getNumberOfMessage(full_element_msg_store)
IF ( number_received_messages != remote_setsize )
return FALSE
ENDIF
- IF local_set.getFullHash() != full_done_message.fullSetHash
+ IF local_set.getFullHash() != full_done_msg.fullSetHash
return FALSE
ENDIF
+
+ # Update other peers remote_setsize
+ save_number_of_elements_last_sync(client_id, remote_setsize)
+
return TRUE
]]></artwork>
</figure>
@@ -2348,19 +2432,25 @@ FUNCTION validate_messages_full_done(full_done_message, full_element_msg_store,
</t>
<figure anchor="security_states_active_decoding_offer_code">
<artwork name="" type="" align="left" alt=""><![CDATA[
-FUNCTION validate_messages_offer(offer_message,inquiry_msg_store)
+# INPUTS:
+# offer_msg: Received offer message
+# inquiry_msg_store: Store that stores the the uniq keys of
+# the inquiries
+# OUTPUTS:
+# returns: Boolean as indicator if message is valid
+FUNCTION validate_messages_offer(offer_msg,inquiry_msg_store)
IF is_undefined(store)
offer_msg_store = createStore()
ENDIF
# Store message to prevent double sending of messages
- IF ! addMessageToStore(offer_msg_store, offer_message)
+ IF ! addMessageToStore(offer_msg_store, offer_msg.unique_id)
return FALSE
ENDIF
# Check that for every received offer a inquiry has been sent and non is
# sent multiple times
- IF ! markElementAsReceived(inquiry_msg_store)
+ IF ! markElementAsReceived(inquiry_msg_store, offer_msg.unique_id)
return FALSE
return TRUE
]]></artwork>
@@ -2380,19 +2470,25 @@ FUNCTION validate_messages_offer(offer_message,inquiry_msg_store)
</t>
<figure anchor="security_states_active_decoding_elements_code">
<artwork name="" type="" align="left" alt=""><![CDATA[
-FUNCTION validate_messages_elements(element_message,demand_msg_store)
+# INPUTS:
+# element_msg: Received element message
+# demand_msg_store: Store that stores the the uniq keys of
+# received demands.
+# OUTPUTS:
+# returns: Boolean as indicator if message is valid
+FUNCTION validate_messages_elements(element_msg,demand_msg_store)
IF is_undefined(store)
element_msg_store = createStore()
ENDIF
# Store message to prevent double sending of messages
- IF ! addMessageToStore(element_msg_store, element_message)
+ IF ! addMessageToStore(element_msg_store, element_msg.unique_id)
return FALSE
ENDIF
# Check that for every received element a demand has been sent and non is
# sent multiple times
- IF ! markElementAsReceived(demand_msg_store)
+ IF ! markElementAsReceived(demand_msg_store, element_msg.unique_id)
return FALSE
return TRUE
]]></artwork>
@@ -2408,19 +2504,25 @@ FUNCTION validate_messages_elements(element_message,demand_msg_store)
</t>
<figure anchor="security_states_active_decoding_demand_code">
<artwork name="" type="" align="left" alt=""><![CDATA[
-FUNCTION validate_messages_demand(demand_message,offer_msg_store)
+# INPUTS:
+# demand_msg: Received demand message
+# offer_msg_store: Store that stores the the uniq keys of
+# send offers.
+# OUTPUTS:
+# returns: Boolean as indicator if message is valid
+FUNCTION validate_messages_demand(demand_msg,offer_msg_store)
IF is_undefined(demand_msg_store)
demand_msg_store = createStore()
ENDIF
# Store message to prevent double sending of messages
- IF ! addMessageToStore(demand_msg_store, demand_message)
+ IF ! addMessageToStore(demand_msg_store, demand_msg.unique_id)
return FALSE
ENDIF
# Check that for every received demand a offer has been sent and non is
# sent multiple times
- IF ! markElementAsReceived(offer_msg_store)
+ IF ! markElementAsReceived(offer_msg_store, demand_msg.unique_id)
return FALSE
return TRUE
]]></artwork>
@@ -2442,7 +2544,20 @@ FUNCTION validate_messages_demand(demand_message,offer_msg_store)
</t>
<figure anchor="security_states_active_decoding_done_code">
<artwork name="" type="" align="left" alt=""><![CDATA[
-FUNCTION validate_messages_done(messages_done, offer_msg_store, demand_msg_store, element_msg_store)
+# INPUTS:
+# done_msg: received done message
+# offer_msg_store: Store that stores the the uniq keys of
+# received offers.
+# demand_msg_store: Store that stores the the uniq keys of
+# received demands.
+# element_msg_store: Store that stores the the uniq keys of
+# received elements.
+# client_id: Unique remote peer id
+# remote_setsize: The remote setsize
+# OUTPUTS:
+# returns: Boolean as indicator if message is valid
+FUNCTION validate_messages_done(done_msg, offer_msg_store,
+ demand_msg_store, element_msg_store, client_id, remote_setsize)
# Check that all offers have been received
IF ! isStoreComplete(offer_msg_store)
@@ -2460,10 +2575,13 @@ FUNCTION validate_messages_done(messages_done, offer_msg_store, demand_msg_store
ENDIF
# Validate that set is truly identical
- IF local_set.getFullHash() != full_done_message.fullSetHash
+ IF local_set.getFullHash() != done_msg.fullSetHash
return FALSE
ENDIF
+ # Update other peers remote_setsize
+ save_number_of_elements_last_sync(client_id, remote_setsize)
+
return TRUE
]]></artwork>
</figure>
@@ -2515,10 +2633,16 @@ FUNCTION validate_messages_done(messages_done, offer_msg_store, demand_msg_store
</t>
<figure anchor="security_states_expect_se_se_code">
<artwork name="" type="" align="left" alt=""><