Changes:
1. Reverted restricted use of 'hashfunction': 'function' can now be used as an alternative (but they are identical).
2. Functions can be specified to be secret, as we had before.
Together with the newer 'inversekeyfunctions' declaration, this allows for the clean definition of alternative key infrastructures.
Example usage:
secret function sk2;
function pk2;
inversekeyfunctions (sk2,pk2);
Conflicts:
src/compiler.c
The fix requires a significant reworking of the function handling. This
is a first attempt.
Conflicts:
src/knowledge.c
src/knowledge.h
Regression test suggests that the Hashfunction fix works.
By specifying:
option "--X=Y";
in the Scyther input file, command-line options can be directly integrated.
For example, one can specify:
option "--one-role-per-agent";
The mechanism with the next pointers for tac's was working fine as long as all
tac's were unique by construction. The macro mechanism made it possible for
the same tac to occur twice in the tree. This could lead to an infinite loop.
Now we make explicit copies of the top-level tac. This should fix the problem
caused by the tuple parsing.
A more fundamental solution is to make a deep copy of the substituted terms.
It is now possible to declare syntactic macros at the global level.
macro ID = TERM;
After this definition, every occurrence of ID will be replaced by TERM.
For example, this can be used to avoid duplicating message definitions
among roles:
macro M1 = { nI, I}pk(R) ;
protocol X(I,R) {
role I {
send (I,R, M1);
}
role R {
recv (I,R, M1);
}
}
There is a new event:
not match(t1,t2)
where t1,t2 are terms.
They are implemented by using a special claim that simply stores the
intended inequality. The pruning theorems (prune_theorems.c) ensure that
these terms never become equal. If there are equal, the constraint is
violated. As long as they are not equal, there exists a solution using
groung terms such that their instantiation is not equal.
Currently not very efficient implemented and the graph out output is
also ugly for now.
Conflicts:
gui/Scyther/Trace.py
src/compiler.c
src/scanner.l
Introduced a new event:
match(pattern,groundterm)
This event can only be executed if pattern can be matched to groundterm.
Variable substitutions are persistent with respect to later events in
the same role.
Currently implemented as syntactic sugar, essentially unfolded in role R to:
fresh x;
send ( R,R, { groundterm }x );
recv ( R,R, { pattern }x );
This work is not complete yet in the send that the output still contains
the unfolding. Ideally, the graph rendered detects this syntactic sugar
and renders a simplified event. This should be possible on the basis of
the label name prefix.
Conflicts:
src/compiler.c
src/parser.y
src/scanner.l
src/tac.h
- Added new switches:
-G,--generate-statespace
-C,--generate-claims
- Claims are now allowed to have no label (they will be generated
automatically)
- Output summary shows parameter of claims
- Internally, new symbols can now be generated by
symbolNextFree(prefixsymbol)
