Hello,
does somebody know a way to proof that a function I call is indeed the
one I expected. That means, I should be able to detect whether the
function (surely compiled) became redefined or manipulated any other
way (e.g. with a surrounding function like memoize, see the thread
memoize on MCL).
One solution, I can think of, is using some challenge response
techniques, but this wouldn't expose a surrounding function.
Additional to this I could write a macro instead of a function, but I
don't know whether macros can be surrounded.
Btw. has anybody implemented a crypto-function, for example with a
public-key method, and is willing to send this to me?
Thanks in advance,
Frank.
There are authentication and crypto functions in CL-HTTP
Marc Battyani
Frank Roland <······@informtik.fh-augsburg.de> wrote in message
······················@mis.configured.host...
.../...
Btw. has anybody implemented a crypto-function, for example with a
public-key method, and is willing to send this to me?
Frank Roland <······@informtik.fh-augsburg.de> writes:
> does somebody know a way to proof that a function I call is indeed the
> one I expected. That means, I should be able to detect whether the
> function (surely compiled) became redefined or manipulated any other
> way (e.g. with a surrounding function like memoize, see the thread
> "memoize on MCL").
The question is how strong a proof do you need? Is this to guard
against normal use, or against malignant attack? What will be the
surrounding environment? Who wants to check, and when? ...
If you just want to check whether something has changed the global
function cell, you can save the current value of the function cell,
and check against that in the future, and/or call the function
directly in this way. This should guard against redefinition,
compilation, memoization and other non-invasive changes. This won't
guard against low-level implementation trickery (commonly used for
tracing and profiling), and it surely won't guard against a malignant
attacker who can gain access to your image (but function redefinition
will be your last problem then):
(defun foo (x)
"The checked function..."
(+ x 2))
(let ((internal-foo (fdefinition 'foo)))
(defun bar (y)
"The checking function."
(unless (eq (fdefinition 'foo) internal-foo)
(warn "Function ~S changed from ~S to ~S." 'foo
internal-foo (fdefinition 'foo)))
(values (foo y) (funcall internal-foo y))))
Of course, if you just want to avoid tampering, you could just turn
the external function into an internal one, which will guard against
non-invasive (and some invasive) changes:
(defun bar (y)
(flet ((foo (x) (+ x 2)))
(foo y)))
If the implementation you use honours inline declarations for user
functions in the cases you want, you can use this to guard against
most forms of tampering. Beware though that inlining isn't always
possible (e.g. (non-tail) recursive functions, etc.).
Or you can use either macros or compiler macros to do the inlining
yourself. But then again, what are you trying to achieve? What are
you guarding against? If people can redefine the function you're
calling, they can just as easily redefine the calling function.
Regs, Pierre.
--
Pierre Mai <····@acm.org> PGP and GPG keys at your nearest Keyserver
"One smaller motivation which, in part, stems from altruism is Microsoft-
bashing." [Microsoft memo, see http://www.opensource.org/halloween1.html]
Frank Roland wrote:
>
> Hello,
>
> does somebody know a way to proof that a function I call is indeed the
> one I expected.
One way of proving that something did not change is to exclude the
possibility of change - you could use a lexical closure:
> (defun foo (x) (* x 2))
FOO
> (let ((foo-function (symbol-function 'foo)))
(defun bar (z)
(funcall foo-function z)))
BAR
> (bar 10)
20
> (defun foo (x) (* x 3))
FOO
> (bar 10)
20
There is no way BAR will depend on FOO going forward, and the only thing
you have to worry about is if someone reverse-engineers your code (same
goes with C or assembly).
There was a recent thread about being able to compile functions like
BAR, and the outcome was that you need to put BAR in a file that you
compile.
Robert