Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: Rename AtomicPrimitives Dafny module name #589

Merged
merged 7 commits into from
Oct 2, 2024
Merged

chore: Rename AtomicPrimitives Dafny module name #589

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
8e7f318
chore: Rename AtomicPrimitives Dafny module name
lucasmcdonald3 Aug 12, 2024
c4a6ca9
clean
lucasmcdonald3 Aug 12, 2024
83711fd
Merge branch 'main' into primitives-name
lucasmcdonald3 Aug 12, 2024
1baeefb
Merge branch 'main' into primitives-name
lucasmcdonald3 Aug 21, 2024
512f13b
Merge branch 'main' into primitives-name
lucasmcdonald3 Aug 23, 2024
f027f78
merge
lucasmcdonald3 Sep 24, 2024
b3145c3
Merge branch 'main' into primitives-name
lucasmcdonald3 Sep 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions ...afny/AwsCryptographicMaterialProviders/src/AwsCryptographyMaterialProvidersOperations.dfy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ module AwsCryptographyMaterialProvidersOperations refines AbstractAwsCryptograph
import StormTracker
import StormTrackingCMC
import Crypto = AwsCryptographyPrimitivesTypes
import Aws.Cryptography.Primitives
import AtomicPrimitives
import opened AwsKmsUtils
import DefaultClientSupplier
import Materials
Expand All @@ -68,7 +68,7 @@ module AwsCryptographyMaterialProvidersOperations refines AbstractAwsCryptograph
import RequiredEncryptionContextCMM

datatype Config = Config(
nameonly crypto: Primitives.AtomicPrimitivesClient
nameonly crypto: AtomicPrimitives.AtomicPrimitivesClient
)

type InternalConfig = Config
Expand Down
6 changes: 3 additions & 3 deletions ...ographicMaterialProviders/dafny/AwsCryptographicMaterialProviders/src/CMMs/DefaultCMM.dfy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ module DefaultCMM {
import UTF8
import Types = AwsCryptographyMaterialProvidersTypes
import Crypto = AwsCryptographyPrimitivesTypes
import Aws.Cryptography.Primitives
import AtomicPrimitives
import Defaults
import Commitment
import Seq
Expand All @@ -28,7 +28,7 @@ module DefaultCMM {
class DefaultCMM
extends CMM.VerifiableInterface
{
const cryptoPrimitives: Primitives.AtomicPrimitivesClient
const cryptoPrimitives: AtomicPrimitives.AtomicPrimitivesClient

predicate ValidState()
ensures ValidState() ==> History in Modifies
Expand All @@ -51,7 +51,7 @@ module DefaultCMM {
//# the caller MUST provide the following value:
//# - [Keyring](#keyring)
k: Types.IKeyring,
c: Primitives.AtomicPrimitivesClient
c: AtomicPrimitives.AtomicPrimitivesClient
)
requires k.ValidState() && c.ValidState()
ensures keyring == k && cryptoPrimitives == c
Expand Down
12 changes: 5 additions & 7 deletions AwsCryptographicMaterialProviders/dafny/AwsCryptographicMaterialProviders/src/Index.dfy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,11 @@

include "AwsCryptographyMaterialProvidersOperations.dfy"

module
{:extern "software.amazon.cryptography.materialproviders.internaldafny" }
MaterialProviders refines AbstractAwsCryptographyMaterialProvidersService
module {:extern "software.amazon.cryptography.materialproviders.internaldafny" } MaterialProviders refines AbstractAwsCryptographyMaterialProvidersService
{

import Operations = AwsCryptographyMaterialProvidersOperations
import Aws.Cryptography.Primitives
import AtomicPrimitives
import Crypto = AwsCryptographyPrimitivesTypes

function method DefaultMaterialProvidersConfig(): MaterialProvidersConfig
Expand All @@ -22,11 +20,11 @@ module
ensures res.Success? ==>
&& res.value is MaterialProvidersClient
{
var maybeCrypto := Primitives.AtomicPrimitives();
var maybeCrypto := AtomicPrimitives.AtomicPrimitives();
var cryptoPrimitivesX : Crypto.IAwsCryptographicPrimitivesClient :- maybeCrypto
.MapFailure(e => Types.AwsCryptographyPrimitives(e));
assert cryptoPrimitivesX is Primitives.AtomicPrimitivesClient;
var cryptoPrimitives := cryptoPrimitivesX as Primitives.AtomicPrimitivesClient;
assert cryptoPrimitivesX is AtomicPrimitives.AtomicPrimitivesClient;
var cryptoPrimitives := cryptoPrimitivesX as AtomicPrimitives.AtomicPrimitivesClient;

var client := new MaterialProvidersClient(Operations.Config( crypto := cryptoPrimitives ));
return Success(client);
Expand Down
16 changes: 8 additions & 8 deletions ...rialProviders/dafny/AwsCryptographicMaterialProviders/src/KeyWrapping/EcdhEdkWrapping.dfy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ module {:options "/functionSyntax:4" } EcdhEdkWrapping {
import opened AlgorithmSuites
import PrimitiveTypes = AwsCryptographyPrimitivesTypes
import Types = AwsCryptographyMaterialProvidersTypes
import Aws.Cryptography.Primitives
import AtomicPrimitives
import Materials

datatype EcdhUnwrapInfo = EcdhUnwrapInfo()
Expand All @@ -34,15 +34,15 @@ module {:options "/functionSyntax:4" } EcdhEdkWrapping {
const sharedSecret: seq<uint8>
const keyringVersion: seq<uint8>
const curveSpec: PrimitiveTypes.ECDHCurveSpec
const crypto: Primitives.AtomicPrimitivesClient
const crypto: AtomicPrimitives.AtomicPrimitivesClient

constructor(
senderPublicKey: seq<uint8>,
recipientPublicKey: seq<uint8>,
sharedSecret: seq<uint8>,
keyringVersion: seq<uint8>,
curveSpec: PrimitiveTypes.ECDHCurveSpec,
crypto: Primitives.AtomicPrimitivesClient
crypto: AtomicPrimitives.AtomicPrimitivesClient
)
requires crypto.ValidState()
ensures
Expand Down Expand Up @@ -228,12 +228,12 @@ module {:options "/functionSyntax:4" } EcdhEdkWrapping {
{
const sharedSecret: seq<uint8>
const fixedInfo: seq<uint8>
const crypto: Primitives.AtomicPrimitivesClient
const crypto: AtomicPrimitives.AtomicPrimitivesClient

constructor(
sharedSecret: seq<uint8>,
fixedInfo: seq<uint8>,
crypto: Primitives.AtomicPrimitivesClient
crypto: AtomicPrimitives.AtomicPrimitivesClient
)
requires crypto.ValidState()
ensures
Expand Down Expand Up @@ -316,12 +316,12 @@ module {:options "/functionSyntax:4" } EcdhEdkWrapping {
{
const sharedSecret: seq<uint8>
const fixedInfo: seq<uint8>
const crypto: Primitives.AtomicPrimitivesClient
const crypto: AtomicPrimitives.AtomicPrimitivesClient

constructor(
sharedSecret: seq<uint8>,
fixedInfo: seq<uint8>,
crypto: Primitives.AtomicPrimitivesClient
crypto: AtomicPrimitives.AtomicPrimitivesClient
)
requires crypto.ValidState()
ensures
Expand Down Expand Up @@ -461,7 +461,7 @@ module {:options "/functionSyntax:4" } EcdhEdkWrapping {
sharedSecret: seq<uint8>,
fixedInfo: seq<uint8>,
salt: seq<uint8>,
crypto: Primitives.AtomicPrimitivesClient
crypto: AtomicPrimitives.AtomicPrimitivesClient
) returns (res :Result<seq<uint8>, Types.Error>)
requires crypto.ValidState()
modifies crypto.Modifies
Expand Down
2 changes: 1 addition & 1 deletion ...MaterialProviders/dafny/AwsCryptographicMaterialProviders/src/KeyWrapping/EdkWrapping.dfy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ module EdkWrapping {
import opened IntermediateKeyWrapping
import Crypto = AwsCryptographyPrimitivesTypes
import Types = AwsCryptographyMaterialProvidersTypes
import Aws.Cryptography.Primitives
import AtomicPrimitives
import Materials
import AlgorithmSuites

Expand Down
18 changes: 9 additions & 9 deletions ...iders/dafny/AwsCryptographicMaterialProviders/src/KeyWrapping/IntermediateKeyWrapping.dfy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ module IntermediateKeyWrapping {
import opened AlgorithmSuites
import Crypto = AwsCryptographyPrimitivesTypes
import Types = AwsCryptographyMaterialProvidersTypes
import Aws.Cryptography.Primitives
import AtomicPrimitives
import Materials
import UTF8
import HKDF
Expand Down Expand Up @@ -74,11 +74,11 @@ module IntermediateKeyWrapping {
[])

{
var maybeCrypto := Primitives.AtomicPrimitives();
var maybeCrypto := AtomicPrimitives.AtomicPrimitives();
var cryptoPrimitivesX : Crypto.IAwsCryptographicPrimitivesClient :- maybeCrypto
.MapFailure(e => Types.AwsCryptographyPrimitives(e));
assert cryptoPrimitivesX is Primitives.AtomicPrimitivesClient;
var cryptoPrimitives := cryptoPrimitivesX as Primitives.AtomicPrimitivesClient;
assert cryptoPrimitivesX is AtomicPrimitives.AtomicPrimitivesClient;
var cryptoPrimitives := cryptoPrimitivesX as AtomicPrimitives.AtomicPrimitivesClient;
// Deserialize the Intermediate-Wrapped material
var deserializedWrapped :- DeserializeIntermediateWrappedMaterial(wrappedMaterial, algorithmSuite);
var DeserializedIntermediateWrappedMaterial(encryptedPdk, providerWrappedIkm) := deserializedWrapped;
Expand Down Expand Up @@ -168,12 +168,12 @@ module IntermediateKeyWrapping {
&& |maybeIntermediateWrappedMat.value.encryptedPdk| ==
(AlgorithmSuites.GetEncryptKeyLength(algorithmSuite) + AlgorithmSuites.GetEncryptTagLength(algorithmSuite)) as nat
{
var maybeCrypto := Primitives.AtomicPrimitives();
var maybeCrypto := AtomicPrimitives.AtomicPrimitives();
var cryptoPrimitivesX : Crypto.IAwsCryptographicPrimitivesClient :- maybeCrypto
.MapFailure(e => Types.AwsCryptographyPrimitives(e));

assert cryptoPrimitivesX is Primitives.AtomicPrimitivesClient;
var cryptoPrimitives := cryptoPrimitivesX as Primitives.AtomicPrimitivesClient;
assert cryptoPrimitivesX is AtomicPrimitives.AtomicPrimitivesClient;
var cryptoPrimitives := cryptoPrimitivesX as AtomicPrimitives.AtomicPrimitivesClient;


// Use the provider to get the intermediate key material, and wrapped intermediate key material
Expand Down Expand Up @@ -252,7 +252,7 @@ module IntermediateKeyWrapping {
wrapInfo := res.value.wrapInfo)),
[])
{
var maybeCrypto := Primitives.AtomicPrimitives();
var maybeCrypto := AtomicPrimitives.AtomicPrimitives();
var cryptoPrimitives :- maybeCrypto
.MapFailure(e => Types.AwsCryptographyPrimitives(e));

Expand Down Expand Up @@ -305,7 +305,7 @@ module IntermediateKeyWrapping {
intermediateMaterial: seq<uint8>,
algorithmSuite: Types.AlgorithmSuiteInfo,
encryptionContext: Types.EncryptionContext,
cryptoPrimitives: Primitives.AtomicPrimitivesClient
cryptoPrimitives: AtomicPrimitives.AtomicPrimitivesClient
)
returns (res: Result<PdkEncryptionAndSymmetricSigningKeys, Types.Error>)
requires cryptoPrimitives.ValidState()
Expand Down
2 changes: 1 addition & 1 deletion ...ialProviders/dafny/AwsCryptographicMaterialProviders/src/KeyWrapping/MaterialWrapping.dfy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ module MaterialWrapping {
import opened Actions
import opened Wrappers
import Types = AwsCryptographyMaterialProvidersTypes
import Aws.Cryptography.Primitives
import AtomicPrimitives
import Materials
import AlgorithmSuites

Expand Down
10 changes: 5 additions & 5 deletions ...oviders/dafny/AwsCryptographicMaterialProviders/src/Keyrings/AwsKms/AwsKmsEcdhKeyring.dfy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ module {:options "/functionSyntax:4" } AwsKmsEcdhKeyring {
import MaterialWrapping
import EcdhEdkWrapping
import ErrorMessages
import Aws.Cryptography.Primitives
import AtomicPrimitives
import CanonicalEncryptionContext

const AWS_KMS_ECDH_KEYRING_VERSION := RawECDHKeyring.RAW_ECDH_KEYRING_VERSION
Expand All @@ -58,7 +58,7 @@ module {:options "/functionSyntax:4" } AwsKmsEcdhKeyring {
const keyAgreementScheme: Types.KmsEcdhStaticConfigurations
const curveSpec: PrimitiveTypes.ECDHCurveSpec
const grantTokens: KMS.GrantTokenList
const cryptoPrimitives: Primitives.AtomicPrimitivesClient
const cryptoPrimitives: AtomicPrimitives.AtomicPrimitivesClient

ghost predicate ValidState()
ensures ValidState() ==> History in Modifies
Expand Down Expand Up @@ -95,7 +95,7 @@ module {:options "/functionSyntax:4" } AwsKmsEcdhKeyring {
recipientPublicKey: KMS.PublicKeyType,
compressedSenderPublicKey: Option<seq<uint8>>,
compressedRecipientPublicKey: seq<uint8>,
cryptoPrimitives : Primitives.AtomicPrimitivesClient
cryptoPrimitives : AtomicPrimitives.AtomicPrimitivesClient
)
requires client.ValidState()
requires cryptoPrimitives.ValidState()
Expand Down Expand Up @@ -438,7 +438,7 @@ module {:options "/functionSyntax:4" } AwsKmsEcdhKeyring {
Types.Error>
{
const materials: Materials.DecryptionMaterialsPendingPlaintextDataKey
const cryptoPrimitives: Primitives.AtomicPrimitivesClient
const cryptoPrimitives: AtomicPrimitives.AtomicPrimitivesClient
const recipientPublicKey: seq<uint8>
const client: KMS.IKMSClient
const grantTokens: KMS.GrantTokenList
Expand All @@ -447,7 +447,7 @@ module {:options "/functionSyntax:4" } AwsKmsEcdhKeyring {

constructor(
materials: Materials.DecryptionMaterialsPendingPlaintextDataKey,
cryptoPrimitives: Primitives.AtomicPrimitivesClient,
cryptoPrimitives: AtomicPrimitives.AtomicPrimitivesClient,
recipientPublicKey: seq<uint8>,
client: KMS.IKMSClient,
grantTokens: KMS.GrantTokenList,
Expand Down
34 changes: 17 additions & 17 deletions ...dafny/AwsCryptographicMaterialProviders/src/Keyrings/AwsKms/AwsKmsHierarchicalKeyring.dfy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ module AwsKmsHierarchicalKeyring {
import HKDF
import HMAC
import opened AESEncryption
import Aws.Cryptography.Primitives
import AtomicPrimitives
import ErrorMessages

const BRANCH_KEY_STORE_GSI := "Active-Keys"
Expand Down Expand Up @@ -127,7 +127,7 @@ module AwsKmsHierarchicalKeyring {
const branchKeyIdSupplier: Option<Types.IBranchKeyIdSupplier>
const keyStore: KeyStore.IKeyStoreClient
const ttlSeconds: Types.PositiveLong
const cryptoPrimitives: Primitives.AtomicPrimitivesClient
const cryptoPrimitives: AtomicPrimitives.AtomicPrimitivesClient
const cache: Types.ICryptographicMaterialsCache

predicate ValidState()
Expand Down Expand Up @@ -163,7 +163,7 @@ module AwsKmsHierarchicalKeyring {
ttlSeconds: Types.PositiveLong,

cmc: Types.ICryptographicMaterialsCache,
cryptoPrimitives : Primitives.AtomicPrimitivesClient
cryptoPrimitives : AtomicPrimitives.AtomicPrimitivesClient
)
requires ttlSeconds >= 0
requires keyStore.ValidState() && cryptoPrimitives.ValidState()
Expand Down Expand Up @@ -384,7 +384,7 @@ module AwsKmsHierarchicalKeyring {
method GetActiveCacheId(
branchKeyId: string,
branchKeyIdUtf8: seq<uint8>,
cryptoPrimitives: Primitives.AtomicPrimitivesClient
cryptoPrimitives: AtomicPrimitives.AtomicPrimitivesClient
)
returns (cacheId: Result<seq<uint8>, Types.Error>)

Expand Down Expand Up @@ -490,7 +490,7 @@ module AwsKmsHierarchicalKeyring {
branchKey: seq<uint8>,
salt: seq<uint8>,
purpose: Option<seq<uint8>>,
cryptoPrimitives: Primitives.AtomicPrimitivesClient
cryptoPrimitives: AtomicPrimitives.AtomicPrimitivesClient
)
returns (output: Result<seq<uint8>, Types.Error>)

Expand Down Expand Up @@ -605,15 +605,15 @@ module AwsKmsHierarchicalKeyring {
{
const materials: Materials.DecryptionMaterialsPendingPlaintextDataKey
const keyStore: KeyStore.IKeyStoreClient
const cryptoPrimitives: Primitives.AtomicPrimitivesClient
const cryptoPrimitives: AtomicPrimitives.AtomicPrimitivesClient
const branchKeyId: string
const ttlSeconds: Types.PositiveLong
const cache: Types.ICryptographicMaterialsCache

constructor(
materials: Materials.DecryptionMaterialsPendingPlaintextDataKey,
keyStore: KeyStore.IKeyStoreClient,
cryptoPrimitives: Primitives.AtomicPrimitivesClient,
cryptoPrimitives: AtomicPrimitives.AtomicPrimitivesClient,
branchKeyId: string,
ttlSeconds: Types.PositiveLong,
cache: Types.ICryptographicMaterialsCache
Expand Down Expand Up @@ -697,11 +697,11 @@ module AwsKmsHierarchicalKeyring {

// We need to create a new client here so that we can reason about the state of the client
// down the line. This is ok because the only state tracked is the client's history.
var maybeCrypto := Primitives.AtomicPrimitives();
var maybeCrypto := AtomicPrimitives.AtomicPrimitives();
var cryptoPrimitivesX : Crypto.IAwsCryptographicPrimitivesClient :- maybeCrypto
.MapFailure(e => Types.AwsCryptographyPrimitives(e));
assert cryptoPrimitivesX is Primitives.AtomicPrimitivesClient;
var cryptoPrimitives := cryptoPrimitivesX as Primitives.AtomicPrimitivesClient;
assert cryptoPrimitivesX is AtomicPrimitives.AtomicPrimitivesClient;
var cryptoPrimitives := cryptoPrimitivesX as AtomicPrimitives.AtomicPrimitivesClient;

var kmsHierarchyUnwrap := new KmsHierarchyUnwrapKeyMaterial(
branchKey,
Expand All @@ -725,7 +725,7 @@ module AwsKmsHierarchicalKeyring {
method GetVersionCacheId(
branchKeyIdUtf8: seq<uint8>, // The branch key as Bytes
branchKeyVersion: string,
cryptoPrimitives: Primitives.AtomicPrimitivesClient
cryptoPrimitives: AtomicPrimitives.AtomicPrimitivesClient
)
returns (cacheId: Result<seq<uint8>, Types.Error>)
ensures cacheId.Success? ==> |cacheId.value| == 32
Expand Down Expand Up @@ -824,13 +824,13 @@ module AwsKmsHierarchicalKeyring {
const branchKey: seq<uint8>
const branchKeyIdUtf8 : UTF8.ValidUTF8Bytes
const branchKeyVersionAsBytes: seq<uint8>
const crypto: Primitives.AtomicPrimitivesClient
const crypto: AtomicPrimitives.AtomicPrimitivesClient

constructor(
branchKey: seq<uint8>,
branchKeyIdUtf8: UTF8.ValidUTF8Bytes,
branchKeyVersionAsBytes: seq<uint8>,
crypto: Primitives.AtomicPrimitivesClient
crypto: AtomicPrimitives.AtomicPrimitivesClient
)
requires crypto.ValidState()
ensures
Expand Down Expand Up @@ -963,13 +963,13 @@ module AwsKmsHierarchicalKeyring {
const branchKey: seq<uint8>
const branchKeyIdUtf8 : UTF8.ValidUTF8Bytes
const branchKeyVersionAsBytes: seq<uint8>
const crypto: Primitives.AtomicPrimitivesClient
const crypto: AtomicPrimitives.AtomicPrimitivesClient

constructor(
branchKey: seq<uint8>,
branchKeyIdUtf8 : UTF8.ValidUTF8Bytes,
branchKeyVersionAsBytes: seq<uint8>,
crypto: Primitives.AtomicPrimitivesClient
crypto: AtomicPrimitives.AtomicPrimitivesClient
)
requires crypto.ValidState()
ensures
Expand Down Expand Up @@ -1053,13 +1053,13 @@ module AwsKmsHierarchicalKeyring {
const branchKey: seq<uint8>
const branchKeyIdUtf8 : UTF8.ValidUTF8Bytes
const branchKeyVersionAsBytes: seq<uint8>
const crypto: Primitives.AtomicPrimitivesClient
const crypto: AtomicPrimitives.AtomicPrimitivesClient

constructor(
branchKey: seq<uint8>,
branchKeyIdUtf8 : UTF8.ValidUTF8Bytes,
branchKeyVersionAsBytes: seq<uint8>,
crypto: Primitives.AtomicPrimitivesClient
crypto: AtomicPrimitives.AtomicPrimitivesClient
)
requires crypto.ValidState()
ensures
Expand Down
Loading
Loading