From bc667f3f32fb40059479046c912d7762f0d8a50f Mon Sep 17 00:00:00 2001 From: Cas Cremers Date: Thu, 31 Mar 2011 15:02:49 +0200 Subject: [PATCH] Improving some scripts; exploit cache better. --- gui/Scyther/Misc.py | 5 +-- gui/Scyther/Scyther.py | 89 ++++++++++++++++++++++++++++++++++++---- gui/notes-brutus-mpa.txt | 3 ++ gui/test-mpa.py | 5 ++- 4 files changed, 89 insertions(+), 13 deletions(-) diff --git a/gui/Scyther/Misc.py b/gui/Scyther/Misc.py index 340e33c..23bf2c2 100644 --- a/gui/Scyther/Misc.py +++ b/gui/Scyther/Misc.py @@ -105,8 +105,7 @@ def safeCommandOutput(cmd): Meant for short outputs, as output is stored in memory and not written to a file. """ - - p = Popen(cmd, shell=True, stdout=PIPE, stderr=PIPE) + p = Popen(cmd, shell=getShell(), stdout=PIPE, stderr=PIPE) (sout,serr) = p.communicate() return (p.returncode,sout,serr) @@ -115,7 +114,7 @@ def safeCommand(cmd): """ Execute a command with some arguments. Safe cross-platform version, I hope. """ - p = Popen(cmd, shell=True) + p = Popen(cmd, shell=getShell()) sts = p.wait() return sts diff --git a/gui/Scyther/Scyther.py b/gui/Scyther/Scyther.py index c8bd384..b2ff6ef 100755 --- a/gui/Scyther/Scyther.py +++ b/gui/Scyther/Scyther.py @@ -1,7 +1,7 @@ #!/usr/bin/python """ Scyther : An automatic verifier for security protocols. - Copyright (C) 2007 Cas Cremers + Copyright (C) 2007-2009 Cas Cremers This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License @@ -241,14 +241,19 @@ class Scyther(object): for arg in arglist: self.options += " %s" % (arg) - def doScytherCommand(self, spdl, args): + def doScytherCommand(self, spdl, args, checkKnown=False): """ Cached version of the 'real' below """ global HASHLIB if not HASHLIB: - return self.doScytherCommandReal(spdl,args) + if checkKnown == True: + # No hashlib, so we don't have it already + return False + else: + # Need to compute + return self.doScytherCommandReal(spdl,args) # So we have the hashing libs m = hashlib.sha256() @@ -288,11 +293,20 @@ class Scyther(object): fh2 = open(fname2,"r") err = fh2.read() fh2.close() - return (out,err) + if checkKnown == True: + # We got to here, so we have it + return True + else: + # Not checking cache, we need the result + return (out,err) except: """ Something went wrong, do the real thing and cache afterwards """ + if checkKnown == True: + # We were only checking, abort + return False + (out,err) = self.doScytherCommandReal(spdl,args) # Store result in cache @@ -380,8 +394,9 @@ class Scyther(object): """ Sanitize some of the input """ self.options = EnsureString(self.options) - def verify(self,extraoptions=None): + def verify(self,extraoptions=None,checkKnown=False): """ Should return a list of results """ + """ If checkKnown == True, we do not call Scyther, but just check the cache, and return True iff the result is in the cache """ # Cleanup first self.sanitize() @@ -395,6 +410,10 @@ class Scyther(object): # extraoptions might need sanitizing args += " %s" % EnsureString(extraoptions) + # Are we only checking the cache? + if checkKnown == True: + return self.doScytherCommand(self.spdl, args, checkKnown=checkKnown) + # execute (output,errors) = self.doScytherCommand(self.spdl, args) self.run = True @@ -442,19 +461,21 @@ class Scyther(object): else: return self.output - def verifyOne(self,cl=None): + def verifyOne(self,cl=None,checkKnown=False): """ Verify just a single claim with an ID retrieved from the procedure below, 'scanClaims', or a full claim object + + If checkKnown is True, return if the result is already known (but never recompute). """ if cl: # We accept either a claim or a claim id if isinstance(cl,Claim.Claim): cl = cl.id - return self.verify("--filter=%s" % cl) + return self.verify("--filter=%s" % cl, checkKnown=checkKnown) else: # If no claim, then its just normal verification - return self.verify() + return self.verify(checkKnown=checkKnown) def scanClaims(self): """ @@ -493,6 +514,58 @@ class Scyther(object): #--------------------------------------------------------------------------- +def GetClaims(filelist, filterlist=None): + """ + Given a list of file names in filelist, + returns a dictionary of filenames to lists claim names. + Filenames which yielded no claims are filtered out. + + Filterlist may be None or a list of claim names (Secret, SKR, Niagree etc). + """ + + dict = {} + for fname in filelist: + try: + sc = Scyther() + sc.setFile(fname) + l = sc.scanClaims() + if l != None: + cl = [] + for claim in l: + if filterlist == None: + cl.append(claim.id) + else: + if claim.claimtype in filterlist: + cl.append(claim.id) + dict[fname] = cl + except: + pass + return dict + +#--------------------------------------------------------------------------- + +def FindProtocols(path="",filterProtocol=None): + """ + Find a list of protocol names + + Note: Unix only! Will not work under windows. + """ + + import commands + + cmd = "find %s -iname '*.spdl'" % (path) + plist = commands.getoutput(cmd).splitlines() + nlist = [] + for prot in plist: + if filterProtocol != None: + if filterProtocol(prot): + nlist.append(prot) + else: + nlist.append(prot) + return nlist + +#--------------------------------------------------------------------------- + def GetInfo(html=False): """ Retrieve a tuple (location,string) with information about the tool, diff --git a/gui/notes-brutus-mpa.txt b/gui/notes-brutus-mpa.txt index f255ce9..b89e393 100644 --- a/gui/notes-brutus-mpa.txt +++ b/gui/notes-brutus-mpa.txt @@ -176,3 +176,6 @@ Mon Jan 24 14:55:23 CET 2011 +Sat Jan 29 13:35:22 CET 2011 + +./batcher.sh -m 2 -A --self-communication Protocols/MultiProtocolAttacks/*.spdl diff --git a/gui/test-mpa.py b/gui/test-mpa.py index ce6298e..175e542 100755 --- a/gui/test-mpa.py +++ b/gui/test-mpa.py @@ -232,8 +232,9 @@ def MyScyther(protocollist,filt=None,options=[],checkpickle=True): for protocol in sorted(protocollist): s.addFile(protocol) if checkpickle and OPTS.pickle: - # Do not really verify! Just dump request - PICKLEDATA.add((tuple(sorted(protocollist)),s.options,filt)) + # Do not really verify! Just dump request if not already known + if s.verifyOne(filt, checkKnown=True) == False: + PICKLEDATA.add((tuple(sorted(protocollist)),s.options,filt)) else: # Verify results s.verifyOne(filt)