MPA: Improving test script with basic command-line options.

This commit is contained in:
Cas Cremers 2010-11-12 14:12:23 +01:00
parent 225a839dbc
commit 9a04264d39

View File

@ -32,7 +32,10 @@ Author: Cas Cremers
""" """
from Scyther import Scyther from Scyther import Scyther
from optparse import OptionParser, SUPPRESS_HELP
import time import time
try: try:
from progressbar import * from progressbar import *
PROGRESSBAR = True PROGRESSBAR = True
@ -49,6 +52,36 @@ http://code.google.com/p/python-progressbar/
""" """
FOUND = [] FOUND = []
OPTS = None
ARGS = None
#---------------------------------------------------------------------------
def parseArgs():
usage = "usage: %s [options] [inputfile]" % sys.argv[0]
description = "test-mpa.py is a test script to help with multi-protocol analysis."
parser = OptionParser(usage=usage,description=description)
# command
parser.add_option("-t","--typed",dest="types",default=None,action="store_const",const=[0],
help="Verify protocols with respect to a typed model (-m 0)")
parser.add_option("-b","--basic-types",dest="types",default=None,action="store_const",const=[1],
help="Verify protocols with respect to basic type flaws only (-m 1)")
parser.add_option("-u","--untyped",dest="types",default=None,action="store_const",const=[2],
help="Verify protocols with respect to an untyped model (-m 2)")
parser.add_option("-T","--all-types",dest="types",default=None,action="store_const",const=[0,1,2],
help="Verify protocols with respect to all matching types")
parser.add_option("-U","--init-unique",dest="initunique",default=False,action="store_true",
help="Use Scythers --init-unique switch to filter out initiators talking to themselves.")
parser.add_option("-D","--debug",dest="debug",default=False,action="store_true",
help="Enable debugging features.")
return parser.parse_args()
#---------------------------------------------------------------------------
def MyScyther(protocollist,filt=None,options=None): def MyScyther(protocollist,filt=None,options=None):
""" """
@ -108,8 +141,11 @@ def verifyMPAlist(mpalist,claimid,options=None):
If an attack is found, we return False, otherwise True. This is If an attack is found, we return False, otherwise True. This is
needed for the iteration later. needed for the iteration later.
""" """
# This should be a more restricted verification global OPTS, ARGS
print time.asctime(), mpalist, claimid, options # [DEBUG]
if OPTS.debug:
print time.asctime(), mpalist, claimid, options
s = MyScyther(mpalist,claimid,options) s = MyScyther(mpalist,claimid,options)
claim = s.getClaim(claimid) claim = s.getClaim(claimid)
if claim: if claim:
@ -117,6 +153,7 @@ def verifyMPAlist(mpalist,claimid,options=None):
global FOUND global FOUND
# This is an MPA attack! # This is an MPA attack!
if OPTS.debug:
print "I've found a multi-protocol attack on claim %s in the context %s." % (claimid,str(mpalist)) print "I've found a multi-protocol attack on claim %s in the context %s." % (claimid,str(mpalist))
FOUND.append((claimid,mpalist)) FOUND.append((claimid,mpalist))
@ -227,6 +264,8 @@ def bigTest():
""" """
import os import os
global OPTS, ARGS
testpath = "Protocols/MultiProtocolAttacks/" testpath = "Protocols/MultiProtocolAttacks/"
fl = os.listdir(testpath) fl = os.listdir(testpath)
nl = [] nl = []
@ -242,27 +281,36 @@ def bigTest():
for fn in nl: for fn in nl:
l.append(testpath+fn) l.append(testpath+fn)
# Initialize mpa options
mpaopts = ""
if OPTS.initunique:
mpaopts = (mpaopts + " --init-unique").strip()
### Simplified test setup ### Simplified test setup
#defopts = "--max-runs=3 -T 360" #defopts = "--max-runs=3 -T 360"
#maxcount = 2 #maxcount = 2
#mpaopts = ""
### Full test setup ### Full test setup
#defopts = "--max-runs=4 -T 600" #defopts = "--max-runs=4 -T 600"
#mpaopts = ""
#maxcount = 3 #maxcount = 3
### Full test setup with --init-unique ### Full test setup with --init-unique
defopts = "--max-runs=4 -T 600" defopts = "--max-runs=4 -T 600"
mpaopts = "--init-unique"
maxcount = 3 maxcount = 3
if OPTS.types == None:
OPTS.types = [0]
if 0 in OPTS.types:
# First typed # First typed
print "Scanning without type flaws" print "Scanning without type flaws"
findAllMPA(l,maxcount=maxcount,options = defopts + " --match=0", mpaoptions = mpaopts) findAllMPA(l,maxcount=maxcount,options = defopts + " --match=0", mpaoptions = mpaopts)
if 1 in OPTS.types:
# Basic type flaws # Basic type flaws
print "Scanning for basic type flaws" print "Scanning for basic type flaws"
findAllMPA(l,maxcount=maxcount,options = defopts + " --match=1", mpaoptions = mpaopts) findAllMPA(l,maxcount=maxcount,options = defopts + " --match=1", mpaoptions = mpaopts)
if 2 in OPTS.types:
# All type flaws # All type flaws
print "Scanning for any type flaws" print "Scanning for any type flaws"
findAllMPA(l,maxcount=maxcount,options = defopts + " --match=2", mpaoptions = mpaopts) findAllMPA(l,maxcount=maxcount,options = defopts + " --match=2", mpaoptions = mpaopts)
@ -283,6 +331,9 @@ def simpleTest():
def main(): def main():
global OPTS, ARGS
(OPTS,ARGS) = parseArgs()
bigTest() bigTest()
#simpleTest() #simpleTest()