scyther/gui/generate-attack-graphs.py

#!/usr/bin/env python
"""
	Scyther : An automatic verifier for security protocols.
	Copyright (C) 2007-2013 Cas Cremers

	This program is free software; you can redistribute it and/or
	modify it under the terms of the GNU General Public License
	as published by the Free Software Foundation; either version 2
	of the License, or (at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program; if not, write to the Free Software
	Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
"""

"""
Generate attacks for each claim

To also generate resource usage details on linux, use something like:

    xargs -a protocols.txt -n 1 -I {} /usr/bin/time -v -o {}.times ./generate-attack-graphs.py {}

where 'protocols.txt' contains a protocol file per line.
"""

#---------------------------------------------------------------------------

""" Import externals """
import sys

#---------------------------------------------------------------------------

""" Import scyther components """
import Scyther.Scyther as Scyther

#---------------------------------------------------------------------------

def create_file_prefix(fn,cid):
    """
    Create a filename prefix for fn,cid without extension
    """

    tcid = cid
    i = tcid.rfind(",")
    if i > 0:
        if fn.find(tcid[:i]) >= 0:
            tcid = tcid[i+1:]

    tfn = fn.replace(".spdl","")
    i = tfn.rfind("/")
    if i >= 0:
        tfn = tfn[i+1:]

    pref = "%s-%s" % (tfn,tcid)
    pref = pref.replace(",","_")

    return pref


def render_dot(fn,gtype):
    """
    Render .dot file called fn into gtype file
    """
    from subprocess import call

    if len(gtype) > 5:
        # Something is fishy, abort
        return

    base_name = fn
    i = base_name.rfind(".")
    if i > 0:
        base_name = base_name[:i]

    cmd = ["dot","-T" + gtype,"-o%s.%s" % (base_name,gtype),fn]
    #print cmd

    call(cmd)


def render_best_attack(fn,cid):
    """
    Extract the best attack for this claim and file name
    """
    x = Scyther.Scyther()
    x.setFile(fn)

    x.options = "-r4 -T60"
    x.verifyOne(cid)

    pref = create_file_prefix(fn,cid)

    for cl in x.claims:
        cln = cl.claimtype
        if cln == "Commit":
            cln = "Data_agree"

        if len(cl.attacks) > 0:
            dotfile = "attack-%s-%s.dot" % (pref,cln)
            fp = open(dotfile,'w')
            fp.write(cl.attacks[-1].scytherDot)
            fp.close()

            render_dot(dotfile,"png")
            render_dot(dotfile,"pdf")

        print("%s; %s" % (fn,cl))

def main():

    filelist = sys.argv[1:]
    # Compute dict of filenames to claim id's
    cl = Scyther.GetClaims(filelist)
    
    for fn in set(cl):
        for cid in cl[fn]:

            render_best_attack(fn,cid)


if __name__ == '__main__':
    main()

#---------------------------------------------------------------------------
# vim: set ts=4 sw=4 et list lcs=tab\:>-:
Misc: Added Python script to dump attack outputs for large sets of files. For now, some parameters are hardcoded. In the long term this functionality should be incorporated into the Scyther library directly, as a method of Claim objects. 2013-06-19 22:01:36 +01:00			`#!/usr/bin/env python`
			`"""`
			`Scyther : An automatic verifier for security protocols.`
Updating time stamps for next release. 2013-10-05 23:56:12 +01:00			`Copyright (C) 2007-2013 Cas Cremers`
Misc: Added Python script to dump attack outputs for large sets of files. For now, some parameters are hardcoded. In the long term this functionality should be incorporated into the Scyther library directly, as a method of Claim objects. 2013-06-19 22:01:36 +01:00
			`This program is free software; you can redistribute it and/or`
			`modify it under the terms of the GNU General Public License`
			`as published by the Free Software Foundation; either version 2`
			`of the License, or (at your option) any later version.`

			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more details.`

			`You should have received a copy of the GNU General Public License`
			`along with this program; if not, write to the Free Software`
			`Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.`
			`"""`

			`"""`
			`Generate attacks for each claim`
Misc: note in attack graphs script on how to produce time/memory consumption output as well (on Linux) 2013-06-20 08:54:56 +01:00
			`To also generate resource usage details on linux, use something like:`

			`xargs -a protocols.txt -n 1 -I {} /usr/bin/time -v -o {}.times ./generate-attack-graphs.py {}`

			`where 'protocols.txt' contains a protocol file per line.`
Misc: Added Python script to dump attack outputs for large sets of files. For now, some parameters are hardcoded. In the long term this functionality should be incorporated into the Scyther library directly, as a method of Claim objects. 2013-06-19 22:01:36 +01:00			`"""`

			`#---------------------------------------------------------------------------`

			`""" Import externals """`
			`import sys`

			`#---------------------------------------------------------------------------`

			`""" Import scyther components """`
			`import Scyther.Scyther as Scyther`

			`#---------------------------------------------------------------------------`

			`def create_file_prefix(fn,cid):`
			`"""`
			`Create a filename prefix for fn,cid without extension`
			`"""`

			`tcid = cid`
			`i = tcid.rfind(",")`
			`if i > 0:`
			`if fn.find(tcid[:i]) >= 0:`
			`tcid = tcid[i+1:]`

			`tfn = fn.replace(".spdl","")`
			`i = tfn.rfind("/")`
			`if i >= 0:`
			`tfn = tfn[i+1:]`

			`pref = "%s-%s" % (tfn,tcid)`
			`pref = pref.replace(",","_")`

			`return pref`


			`def render_dot(fn,gtype):`
			`"""`
			`Render .dot file called fn into gtype file`
			`"""`
			`from subprocess import call`

			`if len(gtype) > 5:`
			`# Something is fishy, abort`
			`return`

			`base_name = fn`
			`i = base_name.rfind(".")`
			`if i > 0:`
			`base_name = base_name[:i]`

			`cmd = ["dot","-T" + gtype,"-o%s.%s" % (base_name,gtype),fn]`
Misc: improving output of generate-attack-graphs.py script. 2013-06-20 09:32:16 +01:00			`#print cmd`
Misc: Added Python script to dump attack outputs for large sets of files. For now, some parameters are hardcoded. In the long term this functionality should be incorporated into the Scyther library directly, as a method of Claim objects. 2013-06-19 22:01:36 +01:00
			`call(cmd)`


			`def render_best_attack(fn,cid):`
			`"""`
			`Extract the best attack for this claim and file name`
			`"""`
			`x = Scyther.Scyther()`
			`x.setFile(fn)`

			`x.options = "-r4 -T60"`
			`x.verifyOne(cid)`

			`pref = create_file_prefix(fn,cid)`

			`for cl in x.claims:`
Misc: improving output of generate-attack-graphs.py script. 2013-06-20 09:32:16 +01:00			`cln = cl.claimtype`
			`if cln == "Commit":`
			`cln = "Data_agree"`

Misc: Added Python script to dump attack outputs for large sets of files. For now, some parameters are hardcoded. In the long term this functionality should be incorporated into the Scyther library directly, as a method of Claim objects. 2013-06-19 22:01:36 +01:00			`if len(cl.attacks) > 0:`
			`dotfile = "attack-%s-%s.dot" % (pref,cln)`
			`fp = open(dotfile,'w')`
			`fp.write(cl.attacks[-1].scytherDot)`
			`fp.close()`

			`render_dot(dotfile,"png")`
			`render_dot(dotfile,"pdf")`

Conversion to python3, using 2to3. 2020-10-27 21:09:03 +00:00			`print("%s; %s" % (fn,cl))`
Misc: improving output of generate-attack-graphs.py script. 2013-06-20 09:32:16 +01:00
Misc: Added Python script to dump attack outputs for large sets of files. For now, some parameters are hardcoded. In the long term this functionality should be incorporated into the Scyther library directly, as a method of Claim objects. 2013-06-19 22:01:36 +01:00			`def main():`

			`filelist = sys.argv[1:]`
			`# Compute dict of filenames to claim id's`
			`cl = Scyther.GetClaims(filelist)`

			`for fn in set(cl):`
			`for cid in cl[fn]:`

			`render_best_attack(fn,cid)`



			`if __name__ == '__main__':`
			`main()`

			`#---------------------------------------------------------------------------`
			`# vim: set ts=4 sw=4 et list lcs=tab\:>-:`