- Removed some too interesting pruning methods that really need theorems
first. Revealed by the certified e-mail protocol by Abadi and Blanchet.
This commit is contained in:
parent
3ed59b867a
commit
bb7259a1ad
@ -1452,8 +1452,6 @@ bind_goal (const Binding b)
|
||||
if (!b->done)
|
||||
{
|
||||
int flag;
|
||||
int know_only;
|
||||
Term function;
|
||||
|
||||
flag = 1;
|
||||
proof_select_goal (b);
|
||||
@ -1481,11 +1479,19 @@ bind_goal (const Binding b)
|
||||
}
|
||||
else
|
||||
{
|
||||
// Prune: if it is an SK type construct, ready
|
||||
// No regular run will apply SK for you.
|
||||
//!@todo This still needs a lemma, and a more generic (correct) algorithm!!
|
||||
int know_only;
|
||||
|
||||
know_only = 0;
|
||||
|
||||
if (1 == 0) // blocked for now
|
||||
{
|
||||
// Prune: if it is an SK type construct, ready
|
||||
// No regular run will apply SK for you.
|
||||
//!@todo This still needs a lemma, and a more generic (correct) algorithm!! It is currently
|
||||
// actually false, e.g. for signing protocols, and password-like functions.
|
||||
//
|
||||
Term function;
|
||||
|
||||
function = getTermFunction (b->term);
|
||||
if (function != NULL)
|
||||
{
|
||||
@ -1503,6 +1509,7 @@ bind_goal (const Binding b)
|
||||
know_only = 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Keylevel lemmas: improves on the previous one
|
||||
if (!isPossiblySent (b->term))
|
||||
|
@ -259,7 +259,12 @@ prune_theorems (const System sys)
|
||||
// Check for encryption levels
|
||||
/*
|
||||
* if (switches.match < 2
|
||||
*!@todo Doesn't work yet as desired for Tickets. Prove lemma first.
|
||||
*/
|
||||
if (switches.experimental)
|
||||
{
|
||||
if (!hasTicketSubterm (b->term))
|
||||
{
|
||||
if (term_encryption_level (b->term) > max_encryption_level)
|
||||
{
|
||||
// Prune: we do not need to construct such terms
|
||||
@ -272,6 +277,8 @@ prune_theorems (const System sys)
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Check for SK-type function occurrences
|
||||
//!@todo Needs a LEMMA, although this seems to be quite straightforward to prove.
|
||||
|
@ -62,3 +62,35 @@ specialTermInit (const System sys)
|
||||
CLAIMS_dep_prec = termlistAdd (CLAIMS_dep_prec, CLAIM_Nisynch);
|
||||
|
||||
}
|
||||
|
||||
//! Determine whether this is a leaf construct with a ticket in it
|
||||
int
|
||||
isTicketTerm (Term t)
|
||||
{
|
||||
if (t != NULL)
|
||||
{
|
||||
if (realTermLeaf (t))
|
||||
{
|
||||
if (inTermlist (t->stype, TERM_Ticket))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (realTermVariable (t))
|
||||
{
|
||||
return isTicketTerm (t->subst);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
//! Determine whether this is a term with a Ticket in it
|
||||
int
|
||||
hasTicketSubterm (Term t)
|
||||
{
|
||||
// Doesn't work yet
|
||||
return true;
|
||||
}
|
||||
|
@ -25,4 +25,7 @@ extern Term CLAIM_Reachable;
|
||||
|
||||
extern Termlist CLAIMS_dep_prec;
|
||||
|
||||
int isTicketTerm (Term t);
|
||||
int hasTicketSubterm (Term t);
|
||||
|
||||
#endif
|
||||
|
@ -1094,11 +1094,18 @@ term_rolelocals_are_variables ()
|
||||
}
|
||||
|
||||
//! Count the encryption level of a term
|
||||
/**
|
||||
* Note that this stops at any variable that is of ticket type.
|
||||
*/
|
||||
int
|
||||
term_encryption_level (const Term term)
|
||||
{
|
||||
int iter_maxencrypt (Term t)
|
||||
{
|
||||
if (isTicketTerm (t))
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
t = deVar (t);
|
||||
if (t == NULL)
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user