- Present from Cas for Cas' birthday: Not thoroughly tested, but ni-synch seems to be working. Be careful to use the -t1 switch, or attacks will be missed.

This commit is contained in:
ccremers 2004-06-16 15:28:20 +00:00
parent 12bc0bf2f9
commit f71bed06a1
5 changed files with 133 additions and 88 deletions

View File

@ -25,8 +25,10 @@ events_match (const System sys, const int i, const int j)
rdi = sys->traceEvent[i]; rdi = sys->traceEvent[i];
rdj = sys->traceEvent[j]; rdj = sys->traceEvent[j];
if (rdi->message == rdj->message && rdi->from == rdj->from && if (isTermEqual (rdi->message, rdj->message) &&
rdi->to == rdj->to && rdi->label == rdj->label && isTermEqual (rdi->from, rdj->from) &&
isTermEqual (rdi->to, rdj->to) &&
isTermEqual (rdi->label, rdj->label) &&
!(rdi->internal || rdj->internal)) !(rdi->internal || rdj->internal))
{ {
if (rdi->type == SEND && rdj->type == READ) if (rdi->type == SEND && rdj->type == READ)
@ -53,6 +55,7 @@ events_match (const System sys, const int i, const int j)
* g maps all labels in prec to the event indices for things already found, * g maps all labels in prec to the event indices for things already found,
* or to LABEL_TODO for things not found yet but in prec, and LABEL_GOOD for well linked messages (and that have thus defined a runid for the corresponding role). * or to LABEL_TODO for things not found yet but in prec, and LABEL_GOOD for well linked messages (and that have thus defined a runid for the corresponding role).
* All values not in prec map to -1. * All values not in prec map to -1.
*@returns 1 iff the claim is allright, 0 iff it is violated.
*/ */
int int
oki_nisynch (const System sys, const int i, const Termmap f, const Termmap g) oki_nisynch (const System sys, const int i, const Termmap f, const Termmap g)
@ -129,19 +132,23 @@ oki_nisynch (const System sys, const int i, const Termmap f, const Termmap g)
Term rolename; Term rolename;
Termmap gscan; Termmap gscan;
/*
* Two options: it is either involved or not
*/
// 1. Assume that this run is not yet involved
result = oki_nisynch (sys, i-1, f, g);
// 2. It is involved. Then either already used for this role, or will be now.
rolename = sys->runs[rid].role->nameterm; rolename = sys->runs[rid].role->nameterm;
rid2 = termmapGet (f, rolename); rid2 = termmapGet (f, rolename);
result = oki_nisynch (sys, i-1, f, g); if (rid2 == -1 || rid2 == rid)
// Assume that this run is not yet involved
gscan = g;
while (gscan != NULL)
{ {
// Ordered match needed // Was not involved yet in a registerd way, or was the correct rid
if (gscan->result > -1 && gscan = g;
events_match (sys, gscan->result, i) == 1) while (!result && gscan != NULL)
{ {
// Events match: but is the run a good candidate? // Ordered match needed
if (rid2 == -1 || rid2 == rid) if (gscan->result > -1 &&
events_match (sys, gscan->result, i) == 1)
{ {
Termmap fbuf, gbuf; Termmap fbuf, gbuf;
@ -152,12 +159,12 @@ oki_nisynch (const System sys, const int i, const Termmap f, const Termmap g)
fbuf = termmapSet (fbuf, rolename, rid); fbuf = termmapSet (fbuf, rolename, rid);
gbuf = termmapDuplicate (g); gbuf = termmapDuplicate (g);
gbuf = termmapSet (gbuf, rd->label, -3); gbuf = termmapSet (gbuf, rd->label, -3);
result = oki_nisynch (sys, i-1, fbuf, gbuf); result = oki_nisynch (sys, i-1, fbuf, gbuf) || result;
termmapDelete (gbuf); termmapDelete (gbuf);
termmapDelete (fbuf); termmapDelete (fbuf);
} }
gscan = gscan->next;
} }
gscan = gscan->next;
} }
return result; return result;
} }
@ -174,20 +181,46 @@ oki_nisynch (const System sys, const int i, const Termmap f, const Termmap g)
*/ */
//! Check validity of ni-synch claim at event i. //! Check validity of ni-synch claim at event i.
/**
*@returns 1 iff claim is true.
*/
int int
check_claim_nisynch (const System sys, const int i) check_claim_nisynch (const System sys, const int i)
{ {
Roledef rd;
int result; int result;
int rid; int rid;
Termmap f,g; Termmap f,g;
Term label;
Claimlist cl;
Termlist tl;
rid = sys->traceRun[i]; rid = sys->traceRun[i];
rd = sys->traceEvent[i];
cl = rd->claiminfo;
cl->count++;
f = termmapSet (NULL, sys->runs[rid].role->nameterm, rid); f = termmapSet (NULL, sys->runs[rid].role->nameterm, rid);
/**
*@todo g should map all labels in prec to LABEL_TODO // map all labels in prec to LABEL_TODO
g = NULL;
label = rd->label;
tl = cl->prec;
while (tl != NULL)
{
g = termmapSet (g, tl->term, LABEL_TODO);
tl = tl->next;
}
/*
* Check claim
*/ */
result = oki_nisynch(sys, i, f, NULL); result = oki_nisynch(sys, i, f, g);
if (!result)
{
cl->failed++;
}
termmapDelete (f); termmapDelete (f);
termmapDelete (g);
return result; return result;
} }

View File

@ -356,6 +356,7 @@ commEvent (int event, Tac tc)
fromrole = tacTerm (trip); fromrole = tacTerm (trip);
torole = tacTerm (trip->next); torole = tacTerm (trip->next);
msg = tacTerm (tacTuple ((trip->next->next))); msg = tacTerm (tacTuple ((trip->next->next)));
cl = NULL;
break; break;
case CLAIM: case CLAIM:
@ -452,7 +453,7 @@ commEvent (int event, Tac tc)
} }
/* and make that event */ /* and make that event */
thisRole->roledef = roledefAdd (thisRole->roledef, event, label, thisRole->roledef = roledefAdd (thisRole->roledef, event, label,
fromrole, torole, msg); fromrole, torole, msg, cl);
} }
int int
@ -1055,7 +1056,13 @@ compute_prec_sets (const System sys)
void void
preprocess (const System sys) preprocess (const System sys)
{ {
/*
* init some counters
*/
sys->rolecount = compute_rolecount(sys); sys->rolecount = compute_rolecount(sys);
sys->roleeventmax = compute_roleeventmax(sys); sys->roleeventmax = compute_roleeventmax(sys);
/*
* compute preceding label sets
*/
compute_prec_sets(sys); compute_prec_sets(sys);
} }

View File

@ -13,6 +13,7 @@
#include "output.h" #include "output.h"
#include "tracebuf.h" #include "tracebuf.h"
#include "attackminimize.h" #include "attackminimize.h"
#include "claims.h"
/* /*
@ -1012,11 +1013,12 @@ claimViolationDetails (const System sys, const int run, const Roledef rd, const
return NULL; return NULL;
} }
/* This happens when we violate a claim. //! A claim was violated.
/**
* This happens when we violate a claim.
* Lots of administration. * Lots of administration.
* Returns true iff explorify is in order. *@returns True iff explorify is in order.
*/ */
int int
violateClaim (const System sys, int length, int claimev, Termlist reqt) violateClaim (const System sys, int length, int claimev, Termlist reqt)
{ {
@ -1096,9 +1098,12 @@ executeTry (const System sys, int run)
flag = send_basic (sys, run); flag = send_basic (sys, run);
return flag; return flag;
} }
/*
* Execute claim event
*/
if (runPoint->type == CLAIM) if (runPoint->type == CLAIM)
{ {
/* first we might dynamically determine whether the claim is valid */ /* first we might dynamically determine whether the claim is valid */
if (untrustedAgent (sys, sys->runs[run].agents)) if (untrustedAgent (sys, sys->runs[run].agents))
{ {
@ -1129,10 +1134,19 @@ executeTry (const System sys, int run)
printf ("#%i\n", run); printf ("#%i\n", run);
} }
#endif #endif
/*
* update claim counters
*/
sys->claims++; sys->claims++;
/*
* distinguish claim types
*/
if (runPoint->to == CLAIM_Secret) if (runPoint->to == CLAIM_Secret)
{ {
/*
* SECRECY
*/
/* TODO claims now have their own type, test for that */ /* TODO claims now have their own type, test for that */
/* TODO for now it is secrecy of the message */ /* TODO for now it is secrecy of the message */
@ -1141,6 +1155,7 @@ executeTry (const System sys, int run)
sys->secrets = sys->secrets =
termlistAdd (termlistShallow (oldsecrets), runPoint->message); termlistAdd (termlistShallow (oldsecrets), runPoint->message);
flag = claimSecrecy (sys, runPoint->message); flag = claimSecrecy (sys, runPoint->message);
runPoint->claiminfo->count++;
/* now check whether the claim failed for further actions */ /* now check whether the claim failed for further actions */
if (!flag) if (!flag)
@ -1148,6 +1163,7 @@ executeTry (const System sys, int run)
/* violation */ /* violation */
Termlist tl; Termlist tl;
runPoint->claiminfo->failed++;
tl = claimViolationDetails(sys,run,runPoint,sys->know); tl = claimViolationDetails(sys,run,runPoint,sys->know);
if (violateClaim (sys,sys->step+1, sys->step, tl )) if (violateClaim (sys,sys->step+1, sys->step, tl ))
flag = explorify (sys, run); flag = explorify (sys, run);
@ -1165,7 +1181,23 @@ executeTry (const System sys, int run)
} }
if (runPoint->to == CLAIM_Nisynch) if (runPoint->to == CLAIM_Nisynch)
{ {
/* TODO nisynch implementation */ /*
* NISYNCH
*/
//!@todo TODO nisynch implementation
flag = check_claim_nisynch (sys, sys->step);
if (!flag)
{
/* violation */
if (violateClaim (sys,sys->step+1, sys->step, NULL ))
flag = explorify (sys, run);
}
else
{
/* no violation */
flag = explorify (sys, run);
}
} }
} }
/* a claim always succeeds */ /* a claim always succeeds */

View File

@ -253,40 +253,6 @@ ensureValidRun (System sys, int run)
} }
} }
//! Add a run event to the system
/**
*@param sys A system structure.
*@param run The run identifier.
*@param type The type of event.
*@param label The event label.
*@param from The sender.
*@param to The recipient.
*@param msg The message.
*\sa READ,SEND,CLAIM
*/
void
runAdd (System sys, int run, int type, Term label, Term from, Term to,
Term msg)
{
Roledef newEvent;
Roledef scan;
newEvent = roledefInit (type, label, from, to, msg);
ensureValidRun (sys, run);
if (runPointerGet (sys, run) == NULL)
{
sys->runs[run].start = newEvent;
runPointerSet (sys, run, newEvent);
}
else
{
scan = runPointerGet (sys, run);
while (scan->next != NULL)
scan = scan->next;
scan->next = newEvent;
}
}
//! Print a role event list. //! Print a role event list.
void void
roledefPrint (Roledef rd) roledefPrint (Roledef rd)
@ -543,7 +509,7 @@ roleInstance (const System sys, const Protocol protocol, const Role role,
{ {
Roledef rdnew; Roledef rdnew;
rdnew = roledefInit (READ, NULL, NULL, NULL, extterm); rdnew = roledefInit (READ, NULL, NULL, NULL, extterm, NULL);
/* this is an internal action! */ /* this is an internal action! */
rdnew->internal = 1; rdnew->internal = 1;
rdnew->next = rd; rdnew->next = rd;
@ -603,7 +569,7 @@ roleInstance (const System sys, const Protocol protocol, const Role role,
*@return A pointer to a new role event with the given parameters. *@return A pointer to a new role event with the given parameters.
*/ */
Roledef Roledef
roledefInit (int type, Term label, Term from, Term to, Term msg) roledefInit (int type, Term label, Term from, Term to, Term msg, Claimlist cl)
{ {
Roledef newEvent; Roledef newEvent;
@ -616,6 +582,7 @@ roledefInit (int type, Term label, Term from, Term to, Term msg)
newEvent->message = msg; newEvent->message = msg;
newEvent->forbidden = NULL; // no forbidden stuff newEvent->forbidden = NULL; // no forbidden stuff
newEvent->knowPhase = -1; // we haven't explored any knowledge yet newEvent->knowPhase = -1; // we haven't explored any knowledge yet
newEvent->claiminfo = cl; // only for claims
newEvent->next = NULL; newEvent->next = NULL;
return newEvent; return newEvent;
} }
@ -625,17 +592,17 @@ roledefInit (int type, Term label, Term from, Term to, Term msg)
*\sa roledefInit() *\sa roledefInit()
*/ */
Roledef Roledef
roledefAdd (Roledef rd, int type, Term label, Term from, Term to, Term msg) roledefAdd (Roledef rd, int type, Term label, Term from, Term to, Term msg, Claimlist cl)
{ {
Roledef scan; Roledef scan;
if (rd == NULL) if (rd == NULL)
return roledefInit (type, label, from, to, msg); return roledefInit (type, label, from, to, msg, cl);
scan = rd; scan = rd;
while (scan->next != NULL) while (scan->next != NULL)
scan = scan->next; scan = scan->next;
scan->next = roledefInit (type, label, from, to, msg); scan->next = roledefInit (type, label, from, to, msg, cl);
return rd; return rd;
} }

View File

@ -14,6 +14,28 @@
#define runPointerGet(sys,run) sys->runs[run].index #define runPointerGet(sys,run) sys->runs[run].index
#define runPointerSet(sys,run,newp) sys->runs[run].index = newp #define runPointerSet(sys,run,newp) sys->runs[run].index = newp
//! The container for the claim info list
struct claimlist
{
//! The term element for this node.
Term label;
//! The name of the role in which it occurs.
Term rolename;
//! Number of occurrences in system exploration.
int count;
//! Number of occurrences that failed.
int failed;
int r; //!< role number for mapping
int ev; //!< event index in role
//! Preceding label list
Termlist prec;
//! Next node pointer or NULL for the last element of the function.
struct claimlist *next;
};
//! Shorthand for claimlist pointers.
typedef struct claimlist *Claimlist;
//! Structure for a role event node or list. //! Structure for a role event node or list.
/** /**
*\sa role *\sa role
@ -42,11 +64,20 @@ struct roledef
//! Pointer to next roledef node. //! Pointer to next roledef node.
struct roledef *next; struct roledef *next;
/*
* Substructure for reads
*/
//! Illegal injections for this event. //! Illegal injections for this event.
Knowledge forbidden; Knowledge forbidden;
//! knowledge transitions counter. //! knowledge transitions counter.
int knowPhase; int knowPhase;
/*
* Substructure for claims
*/
//! Pointer to claim type info
Claimlist claiminfo;
/* evt runid for synchronisation, but that is implied in the /* evt runid for synchronisation, but that is implied in the
base array */ base array */
}; };
@ -155,28 +186,6 @@ struct tracebuf
Varbuf variables; Varbuf variables;
}; };
//! The container for the claim info list
struct claimlist
{
//! The term element for this node.
Term label;
//! The name of the role in which it occurs.
Term rolename;
//! Number of occurrences in system exploration.
int count;
//! Number of occurrences that failed.
int failed;
int r; //!< role number for mapping
int ev; //!< event index in role
//! Preceding label list
Termlist prec;
//! Next node pointer or NULL for the last element of the function.
struct claimlist *next;
};
//! Shorthand for claimlist pointers.
typedef struct claimlist *Claimlist;
//! The main state structure. //! The main state structure.
struct system struct system
{ {
@ -259,8 +268,6 @@ void statesPrintShort (System sys);
void systemDestroy (System sys); void systemDestroy (System sys);
void systemDone (System sys); void systemDone (System sys);
void ensureValidRun (System sys, int run); void ensureValidRun (System sys, int run);
void runAdd (System sys, int run, int type, Term label, Term from, Term to,
Term msg);
void roledefPrint (Roledef rd); void roledefPrint (Roledef rd);
void runPrint (Roledef rd); void runPrint (Roledef rd);
void runsPrint (System sys); void runsPrint (System sys);
@ -272,9 +279,8 @@ void roledefDelete (Roledef rd);
void roledefDestroy (Roledef rd); void roledefDestroy (Roledef rd);
void roleInstance (const System sys, const Protocol protocol, const Role role, void roleInstance (const System sys, const Protocol protocol, const Role role,
const Termlist tolist); const Termlist tolist);
Roledef roledefInit (int type, Term label, Term from, Term to, Term msg); Roledef roledefInit (int type, Term label, Term from, Term to, Term msg, Claimlist cl);
Roledef roledefAdd (Roledef rd, int type, Term label, Term from, Term to, Roledef roledefAdd (Roledef rd, int type, Term label, Term from, Term to, Term msg, Claimlist cl);
Term msg);
void systemStart (System sys); void systemStart (System sys);
void indentActivate (); void indentActivate ();
void indentSet (int i); void indentSet (int i);