Commit Graph

620 Commits

Author SHA1 Message Date
ccremers
bb7259a1ad - Removed some too interesting pruning methods that really need theorems
first. Revealed by the certified e-mail protocol by Abadi and
  Blanchet.
2006-01-17 16:18:26 +00:00
ccremers
3ed59b867a - Added an idea. 2006-01-17 12:30:16 +00:00
ccremers
f0715c030d - Stored good idea. 2006-01-09 11:56:44 +00:00
ccremers
baf1856943 - Added some tokens for future usage: 'function', 'hashfunction',
'knows', 'trusted'.
2006-01-09 09:38:17 +00:00
ccremers
8b30526a57 - Added a note about inversekeys in a role definition. 2006-01-07 13:28:13 +00:00
ccremers
96e7a32bff - Added '--unbounded' switch. 2006-01-06 12:46:04 +00:00
ccremers
99861d3e03 - Added '--untyped' switch which is to be preferred above the older
--match=2 notation.
2006-01-06 12:23:11 +00:00
ccremers
d9b0f412e4 - Added a good idea. 2006-01-06 12:11:32 +00:00
ccremers
92342683f5 - Cleanup of unused structure. 2006-01-03 11:34:48 +00:00
ccremers
c9eaf1f95f - Minor stuff. 2006-01-03 11:34:27 +00:00
ccremers
066bc810d8 - Notes on the warshall algorithm that is currently taking a third of
processing time, which is way too much.
2006-01-02 21:19:53 +00:00
ccremers
da75862d82 - Huge code documentation effort. 2006-01-02 21:06:08 +00:00
ccremers
6676266f4a - More refactoring to improve the code. 2006-01-02 20:18:47 +00:00
ccremers
e6505a72a3 - Further refactoring.
- Some cleanup.
2006-01-02 19:55:34 +00:00
ccremers
a5acc4984a - More refactoring for Arachne. Slowly we're getting somewhere. 2006-01-02 19:19:23 +00:00
ccremers
e592a0a432 - Refactoring code: splitting stuff out of arachne.c 2006-01-02 18:43:25 +00:00
ccremers
4023ef237e - Some reindentation. Nothing interesting, just syntax. 2006-01-02 16:07:56 +00:00
ccremers
e21627442a - Added 'singular' directive for roles. Syntax:
protocol ns3 (I,R)
  {
    singular role I:
    {
    }
  }
2006-01-02 16:05:53 +00:00
ccremers
724faa8949 - Cleaned up some printf's and warnings in compiler.c
- Added warning for unspecified roles.
2006-01-02 15:29:41 +00:00
ccremers
6516741983 - More notes. 2006-01-02 15:10:40 +00:00
ccremers
25fe5b210e - Idea about timestamps added. 2006-01-02 14:34:46 +00:00
ccremers
28f13aff26 - Added some final-day notes for 2005. 2005-12-31 19:34:50 +00:00
ccremers
441644e6d2 - Fixed the ECSS version copy. 2005-12-30 15:56:05 +00:00
ccremers
8c04a7517c - Added script to copy the latest Scyther version to the ecss
repository.
2005-12-30 15:54:32 +00:00
ccremers
d2ac518234 - Fixed typo in --help (noted by Sjouke)
- State-space should generate classes.
2005-12-30 15:11:39 +00:00
ccremers
6f670d7ab6 - In xml output, renamed 'attack' tag to 'state', which in general
reflects better what it describes.
2005-12-30 12:17:25 +00:00
ccremers
4a363aa33c - Bugfix: the single attack output adaptions from revision 1447 had
broken some of the xml output.
2005-12-30 12:03:19 +00:00
ccremers
ebf50b5252 - Removed the bold for complete proof. 2005-12-29 13:36:01 +00:00
ccremers
3b897c3872 - Added '--check' switch, to see whether your protocol terminates at all
if there is no intruder.
- Restructered many switches.
2005-12-29 12:52:51 +00:00
ccremers
a50245734d - Fixed the broken '--no-intruder' switch. 2005-12-29 12:14:21 +00:00
ccremers
c79c9eb73f - Added color output but forgot to add the sources files, fixed.
- Note: ~ is not expanded in SCYTHERDIR because it is not handled by the
  shell; thus $HOME should be used.
2005-12-29 11:03:18 +00:00
ccremers
515dec7f8b - Added note on usage of '~' in SCYTHERDIR. 2005-12-29 10:56:09 +00:00
ccremers
ab2f2469c0 - Added help text for the environment variables. 2005-12-29 09:35:08 +00:00
ccremers
1aca8460a3 - SCYTHERDIR environment variable is now used: colon-separated list of
directories to search. Oblivious to trailing slashes.
2005-12-29 09:25:42 +00:00
ccremers
efb3ec232b - Added some new thoughts, cleaned up old ones. 2005-12-28 22:52:22 +00:00
ccremers
d21f292330 - Renamed '--monochrome' to '--plain', which is nicer and shorter. 2005-12-28 18:40:58 +00:00
ccremers
3686a69869 - Added SCYTHERFLAGS environment variable. 2005-12-28 16:33:08 +00:00
ccremers
ab75acea62 - Added colour output, with --monochrome switch to disable this. 2005-12-28 15:27:22 +00:00
ccremers
e19f8bddd1 - Improved Reachable claims output
- Use square brackets for remark output instead of normal brackets.
2005-12-28 14:42:46 +00:00
ccremers
bceaca28f0 - Improved some type of warnings for e.g. empty prec sets andsoforth. 2005-12-28 14:25:06 +00:00
ccremers
72162e82c6 - Some cleanup. 2005-12-28 12:13:17 +00:00
ccremers
39adf85c6a - Reverted previous version: Tickets can possibly be secret as well
(although this is dubious, as the claiming role will not know the
  contents in many cases)
2005-12-28 12:04:00 +00:00
ccremers
dce2befd50 - Don't add secrecy claims for ticket types. 2005-12-28 11:59:39 +00:00
ccremers
0505aaacd6 - New claim: CLAIM_Reachable
- Added new switches:
  -G,--generate-statespace
  -C,--generate-claims
- Claims are now allowed to have no label (they will be generated
  automatically)
- Output summary shows parameter of claims
- Internally, new symbols can now be generated by
  symbolNextFree(prefixsymbol)
2005-12-28 11:50:17 +00:00
ccremers
ccc4c34823 - Added '--remove-claims' switch to cut off all existing claims. 2005-12-27 13:53:49 +00:00
ccremers
ca4c5674ac - Added check for non-used variables. 2005-12-27 13:44:12 +00:00
ccremers
397298290b - Improved output significantly. 2005-12-27 12:24:12 +00:00
ccremers
5ff71fa661 - Some cleanup.
- Added 'all-atacks' switch.
2005-12-27 12:01:17 +00:00
ccremers
28774cb94c - Moved dot output (finally) into a separate file, and made some minor
improvements.
2005-12-27 11:50:46 +00:00
ccremers
c4628e8be6 - Added support for more intelligent bounding. Fairly untested at the
moment.
2005-12-27 11:19:45 +00:00
ccremers
c20810def5 - Added preliminary support for singular attack output. 2005-12-27 10:49:22 +00:00
ccremers
ff503b24af - Added some todo stuff for the very near future. 2005-12-26 16:45:16 +00:00
ccremers
cb2aef3915 - Old state/time info has now been removed. This was only needed for the
POR engine anyway, so that's where it is shown now.
2005-12-26 16:28:45 +00:00
ccremers
32f226f782 - Better switches explanation. 2005-12-22 12:33:35 +00:00
ccremers
aae3cd70cb - Lowered default number of runs to 5. 2005-12-22 12:27:34 +00:00
ccremers
0259b2302c - Changed default behaviour: -d is needed to get dot output. 2005-12-22 12:24:27 +00:00
ccremers
e82ce8b962 - Added --no-intruder switch, but it is currently broken. 2005-12-21 19:02:41 +00:00
ccremers
aab5328a9b - Added a note. 2005-12-09 13:15:34 +00:00
ccremers
6543a8f659 - Added '--extravert' switch, which avoids initiator Alice to talk to
Alice.
2005-11-29 09:15:16 +00:00
ccremers
5276630007 - FIX: DOS newlines are now also accepted. 2005-11-28 08:27:05 +00:00
ccremers
e51b54af23 - FIX: Instantiation of variables is now the default.
- NEW: -C --class switch to reset this.
- NEW: max runs is now 6 by default for usability. For unbounded search,
  use -r 0 or --maxruns=0
2005-11-12 21:26:50 +00:00
ccremers
41132afea3 - Finally fixed the 'IV', 'RV' nuissance for global variables such as
the role names.
2005-11-12 21:16:02 +00:00
ccremers
76666404b0 - Added '--concrete' switch to fill in to pick readable names for
variables.
2005-11-12 21:13:00 +00:00
ccremers
c1c0b856de CHG: Changed default behaviour to Arachne engine.
NEW: Added 'S' switch for --summary things.
2005-11-04 13:23:30 +00:00
ccremers
5e1ca56f87 - Added experimental feature: explicit unique origination. This has to
be investigated further, because it seems to reduce just a few states.
  Note to Gijs: stay away from this, you should be writing your thesis.
2005-10-08 20:57:39 +00:00
ccremers
9f8f04c41c - Switched to the new consistency checking base. 2005-10-08 20:47:31 +00:00
ccremers
2ead7ab2ff - Improved code for new preferred order swapping of substitutions. Also
included more comments.
2005-10-08 20:22:24 +00:00
ccremers
2e495099bb - Added functions to globally check variable substitution consistency. 2005-10-08 20:03:31 +00:00
ccremers
2452a34671 - Added 'termlistMinusTermlist' function.
- Added TERMLISTERROR constant, and corresponding tests.
  Note that this will not work in many contexts, because only NULL is
  usually considered to be a special value. It is purely intended for
  the new type evaluation functions in type.c.
2005-10-08 19:56:04 +00:00
ccremers
fe730716ca - Added 'agenttypecheck' switch. 2005-10-08 19:54:30 +00:00
ccremers
a3b009f119 - The state of sys->variables was not maintained correctly, because
terms were destroyed before it could be tested whether they were in
  sys->variables. Thus, garbage was left in sys->variables. This has
  gone undetected because it was never really used. Hmpf.
2005-10-08 19:53:10 +00:00
ccremers
ea5bc6893f - Slightly smarter substitution in the symmetric case, when we make Var1
equivalent to Var2.
2005-10-07 20:38:41 +00:00
ccremers
83bf0ec704 - Added tuple_to_termlist function. 2005-10-07 14:02:46 +00:00
ccremers
1c075db161 - Added '--experimental=<int>' switch for debug version. 2005-10-07 13:09:07 +00:00
ccremers
5b73d707a0 - Rewrite of actor/agent type consitency code: now more aware of
initiator/responder difference.
2005-09-09 10:05:29 +00:00
ccremers
5c0c5d3333 - Better XML output for variables section. 2005-09-08 13:30:00 +00:00
ccremers
01a45f87d2 - Rewrote variables section, integrated typeflaw info.
Note that for variables that are not instantiated, only the variable
  and the type info is shown. For instantiated variables, both are
  shown.
  In this output the attribute 'free' should be ignored, as its
  output is not accurate here.
2005-09-08 12:55:32 +00:00
ccremers
48574de13e - Minor improvement to type flaw output: now also shows the type of the
substituted term.
2005-09-07 07:21:13 +00:00
ccremers
e104dddbfb - Added a switch to number the limit of intruder actions.
Initial testing suggests it does not influence the number of states
  much for values of 2 and higher.
2005-08-21 21:38:32 +00:00
ccremers
c330a5b719 - Added some thoughts. 2005-08-21 21:36:00 +00:00
ccremers
1ee77472a0 - --max-attacks=AnyGijsNumber. 2005-08-15 12:49:32 +00:00
gijs
998e4852ba - Allow ^ and - in identifies which will be used in protocol names
in future naming conventions
2005-08-15 11:27:46 +00:00
ccremers
2e9e43742e - Added more fine-grained control for the associativity of tupling:
--tupling=n	* 0: right-associative; 1: left-associative; others are
  reserved for future use.
  --ra-tupling	* Sets the default, but is there for symmetry.
2005-08-12 12:59:25 +00:00
ccremers
cb315aafc8 - Added '--extend-trivial' switch. This is not a complete '--extend'
algorithm, as it is pretty dumb, but it works in most cases. Use with
  care.
2005-08-12 12:13:50 +00:00
ccremers
56f7cf5df2 - Added switch '--la-tupling' to enforce left-associative tupling
instead of the default right-associative tupling. Note that this only
  matters for full typeflaw matching.
- Adapted multi-nsl test script to test for both association variants.
2005-08-12 07:28:44 +00:00
ccremers
cee11bc0af - Extra checks:
* For incomplete protocols, better handling of dangling labels.
  * For termSubTerm better handling of NULL cases.
2005-08-11 12:56:36 +00:00
gijs
c8d2222c58 - Allow identifiers to start with @ so that internal protocols
such as key compromise and swapkey can be prefixed with @ to indicate
  that they should be ignored by the classification tool.
2005-08-11 12:24:36 +00:00
ccremers
2cd9cf4148 - Added random goal picker. Untested. 2005-08-01 12:59:30 +00:00
ccremers
4cbf2383f7 - Addition. 2005-08-01 12:59:05 +00:00
ccremers
da1b759dc0 - Added shortcut script for Arachne engine. 2005-07-26 10:13:16 +00:00
ccremers
f7f2bf27bb - Added type flaw information (just after the variables section)
In pseudo-xml:
  <typeflaws><run id="1"><typeflaw><term variable /><termlist type(s) /><term value of variable /></typeflaw></run></typeflaws>
2005-07-06 14:33:05 +00:00
ccremers
a1fdbe119f - Incorporated untrusted agents list (<untrusted> element in attack,
containing a <termlist>)
- <commandline><arg>./scyther</arg> <arg>-x</arg>... is now available.
2005-07-01 13:46:18 +00:00
ccremers
6a3e57913c - Quick addition of Gijs' suggestions. 2005-07-01 13:27:38 +00:00
ccremers
164e325659 - New attack attribute. 2005-07-01 13:25:54 +00:00
ccremers
464920907b - Added '--extend-nonreads' switch. It is totally untested, and I hope
Gijs will have a look at it and tell me whether it actually works.
2005-06-21 11:04:34 +00:00
ccremers
b6e9841c0f - Moved special terms into their own (very) special file. 2005-06-16 14:10:07 +00:00
ccremers
db18b203a9 - Added "Empty" claim type, which is ignored.
Syntax example:   claim_x(I, Empty);
2005-06-16 11:59:44 +00:00
ccremers
013afc99aa - Fixed a newly introduced bug. When the decryptor sequence unfolding
code was added (two weeks ago), bindings were changed without changing
  the state of the graph closure buffer. This resulted in possible
  missed loops: thus, reports of broken claims could be found in the
  output, in inconsistent states. (Reported bij Gijs Hollestelle.)
  Note that this only influences the current development release, and
  not any previous results.
2005-06-08 13:51:40 +00:00
ccremers
1bdaf7b5d9 - Large rewrite of switch code. Instead of having switch parameters in
the (monstrously large) system structure, there is now a global
  'switchdata' structure originating in switches.c. This makes it much
  easier to see what's happening.
  * Note: although this code has been tested, there might be some
    hiccups, because doing multiple search&replace actions over all
    files is bound to cause some problems.
2005-06-07 15:02:27 +00:00
ccremers
c4fad31f25 - Executable. 2005-06-07 14:57:52 +00:00
ccremers
eb36abee75 - Indent any changed .c / .h files.
Intended to be used just before a commit.
2005-06-07 14:56:17 +00:00
ccremers
1331f5e7a3 - Added a global attack id, starting at one. Currently only shown in
XML and Dot output. For Dot, it is included in the label. For XML, it
  is an added attribute of the 'attack' tag.
2005-06-07 13:40:56 +00:00
ccremers
22a0d2adfb - Some cleanup. 2005-06-02 12:42:10 +00:00
ccremers
4a42604cb6 - Added Ticket basic term type. Note that this only has consequences for
the Arachne type checking. The net result is that a variable of type
  'Ticket' can always contain any term, even with -m0 or -m1 matching.
2005-06-02 12:14:28 +00:00
ccremers
cd2ef14e4e - [Syntactical changes only]
Fixed the indentation of some files.
2005-06-02 09:40:05 +00:00
ccremers
01124e2104 - Modified a number of things related to the attack analysis tools.
* removed <term> wrappers
  * added <const> wrappers
  * removed <role><term> construct, now <rolename>R</rolename>
    constructs.
  * added <variables> section.
  * variable substitutions are followed through in runs. Thus, only
    unbound variables occur in the semitrace.
  * added the untested claims back in, so that all events in a
    role/semitrace are now shown. Note that they can be disabled
    again by using the new '-H' switch.
2005-06-02 08:25:45 +00:00
ccremers
0540b744e2 - Repaired a pruning method that still needed a lemma. It was a bit
overzealous and killed a woolam-mutual attack.
2005-05-19 14:43:32 +00:00
ccremers
f22ce0dcb9 - Big change in the Arachne algorithm: decryptor sequences now get
expanded explicitly. This solves a long-standing issue with {k}k
  decryption to yield k. Needs some testing to ensure that it did not
  introduce any new errors.
2005-05-17 18:45:01 +00:00
ccremers
b5af43294e - Added inverse keys to output. 2005-05-17 13:00:45 +00:00
ccremers
ffaf0d2ded - Filtered out uninteresting claim events in attack descriptions. This
was already being done in the script by Gijs. I only added it to make
  the XML output more readable for humans.
2005-05-13 13:40:37 +00:00
ccremers
8b51593cf5 - Each attack now includes
* Initial knowledge
  * Role definitions for protocols involved
2005-05-12 14:52:50 +00:00
ccremers
a856e795b0 - Reindented stuff (this was needed, really) 2005-05-12 13:19:32 +00:00
ccremers
d02621c608 - Added XML term output to Scyther. This meant in fact that a lot had to
be recoded, avoiding e.g. label="<term ..." constructs. Therefore,
  many attributes have changes into elements. Beware.
- Made bindings implicit to events using <follows> and <after>
  constructs. Also added a new <choose> for unbound simple variables.
2005-05-12 13:18:37 +00:00
ccremers
3fba68b240 - Whoops, stupid sloppy switch code rewriters ought to be punished. 2005-05-12 11:59:31 +00:00
ccremers
934eb3fd2a - Oops, sloppy. (It's good to have a beta tester homey.) 2005-05-04 12:06:30 +00:00
ccremers
3bbaf0fc97 - Added scyther wrapper tag (cf. GH bug report)
- Fixed binding closure (cf. GH bug report)
- Reduced indenting to two instead of three spaces.
2005-05-03 09:45:54 +00:00
ccremers
71558706a6 - XML output should be workable now. 2005-05-02 13:38:45 +00:00
ccremers
924abc065d - Added xml output switch (-x, check scyther --help). It's not complete
yet, to be finished tomorrow.
2005-05-01 13:32:50 +00:00
ccremers
f206d4258f - Events now always require a label. 2005-04-29 13:25:43 +00:00
ccremers
38f6f42351 - Fail increases of claims moved to violateClaim; thus, other references
were in fact redundant.
2005-04-27 13:48:00 +00:00
ccremers
7c0507a900 - Fixed bug where claim fails were not counted in the modelchecker, as
reported bij GH. Attacks were indicated, though, so this only caused
  problems for users using --summary and not looking at the "attack:
  L:?" field.
2005-04-27 11:43:47 +00:00
ccremers
18d523d8a4 - Fixed segfault when modelchecker was called on an empty scenario. 2005-04-22 16:03:58 +00:00
ccremers
8e1041b567 - Minor output fixes. 2005-04-21 12:04:45 +00:00
ccremers
9271cc7624 - Matching method propagation was wrong in new switch code.
- Some fixes for protocols that do not include matching send/read
  combo's. In particular, the max encryption level method ranged over
  the sends; now over all events. Maybe it can range over read events
  only?
2005-04-18 05:51:25 +00:00
ccremers
f9a97fb481 - Stupid typo fix. 2005-04-15 14:33:18 +00:00
ccremers
771fa8cc92 - Some more interface improvements.
- Hardcoded reference to wiki pages.
2005-04-15 14:31:32 +00:00
ccremers
1f8d9dbe5e - Performad a big cleanup of the switches, making the resulting list more compact and more useful.
* Hiding of 'discouraged' options: these should not be used by e.g. students.
  * Hiding of 'unimportant' options: not harmful, but not often used either.
2005-04-15 10:04:05 +00:00
ccremers
a06b3037a4 - Added Scons suggestion. 2005-04-15 10:02:22 +00:00
ccremers
3ba39a3a51 - Removed some older debug stuff. 2005-04-10 15:40:33 +00:00
ccremers
4919cf2a2d - Some consistency fixes after removing argtable2 dependency. 2005-04-10 15:36:41 +00:00
ccremers
738a2b5859 - Rewrote complete switch code. Scyther now no longer depends on
argtable2. Great.
2005-04-10 15:30:47 +00:00
ccremers
88e2f3d26c - Added a better reverse-engineered variation of the Athena goal
selector.
- Added an idea that might make searches somewhat faster.
2005-03-11 20:41:59 +00:00
ccremers
560acb220d - Removed an obsolete warning about -m2 2005-03-08 13:54:13 +00:00
ccremers
c8df32c7a2 - Minor improvements.
* Old bindings detections (immediately binds them to older binding)
  * Know_only derivation for keylevel lemmas.
2005-03-08 13:02:16 +00:00
ccremers
291353a14f - Improved version of the latex renderer of arachne attacks. Still not
usable, however.
2005-03-07 19:02:08 +00:00
ccremers
197117f2fe - Made a start with the arachne latex output. It's a mess currently. 2005-03-07 15:38:01 +00:00
ccremers
351d619324 - Out of the wiki, back into the source. 2005-02-25 14:54:28 +00:00
ccremers
b1c1ba455e - Added a good idea. 2005-02-21 15:15:22 +00:00
ccremers
5c90a5af29 - Improved the .dot output format quite a bit. 2005-02-21 15:12:59 +00:00
ccremers
b675b101bf - Added Arachne tuple claims warning. Exits for now at Secrecy tuples. 2005-02-19 14:31:15 +00:00
ccremers
e36392b1d2 - Rewrote the way the version number is imported into the source. Much
better now.
2005-02-01 20:05:41 +00:00
ccremers
56caa2c1e4 - Fixed the svn version number registering. Still needs some work
though, as the -SVNVERSION thing only needs to be passed to the
  builder of main.c.
2005-02-01 19:39:03 +00:00
ccremers
820c2caed8 - Revisited type matching conditions.
- Introduced tuple unfolding stuff for Arachne. -m2 should work now.
2005-01-14 18:18:40 +00:00
ccremers
d5cdac84cc - Some unfolding of tuple goals towards getting -m2 Arachne to work. 2005-01-14 14:08:01 +00:00
ccremers
b607b1e260 - If we run into the time bound, report it. 2005-01-14 13:01:31 +00:00
ccremers
9df1bfed5b - Made the output more easily machine-parsed. 2005-01-14 12:48:26 +00:00
ccremers
bd0069886c - "correct" output for claims that are not encountered, as one would
expect.
2005-01-14 12:38:43 +00:00
ccremers
9a5e9d674a - Removed some debugging output. 2005-01-11 10:03:34 +00:00
ccremers
e0e56964d1 - Added a --timer=x switch to abort Arachne proofs after x seconds. 2005-01-05 15:29:27 +00:00
ccremers
45c42408dd - Added weight level to proof output in <..> notation.
- Added selection factor for singular variables (not rolenames)
2004-12-29 19:40:12 +00:00