Skip to content

Commit

Permalink
Merge branch 'main' into DDBv2_Upgrade
Browse files Browse the repository at this point in the history
  • Loading branch information
@ShubhamChaturvedi7
ShubhamChaturvedi7 authored Nov 1, 2024
2 parents 8aeed4e + b2674a9 commit e8ec247
Show file tree
Hide file tree
Showing 22 changed files with 217 additions and 80 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/library_format.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ jobs:
- name: Setup Dafny
uses: dafny-lang/[email protected]
with:
dafny-version: ${{ '4.2.0' }}
dafny-version: ${{ inputs.dafny }}

- name: Check format of Java code et al
run: |
Expand Down
12 changes: 9 additions & 3 deletions ...Encryption/dafny/DynamoDbEncryption/Model/AwsCryptographyDbEncryptionSdkDynamoDbTypes.dfy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,9 @@ module {:extern "software.amazon.cryptography.dbencryptionsdk.dynamodb.internald
&& output.value.branchKeyIdSupplier.ValidState()
&& output.value.branchKeyIdSupplier.Modifies !! {History}
&& fresh(output.value.branchKeyIdSupplier)
&& fresh ( output.value.branchKeyIdSupplier.Modifies - Modifies - {History} - input.ddbKeyBranchKeyIdSupplier.Modifies ) )
&& fresh ( output.value.branchKeyIdSupplier.Modifies
- Modifies - {History}
- input.ddbKeyBranchKeyIdSupplier.Modifies ) )
ensures CreateDynamoDbEncryptionBranchKeyIdSupplierEnsuresPublicly(input, output)
ensures History.CreateDynamoDbEncryptionBranchKeyIdSupplier == old(History.CreateDynamoDbEncryptionBranchKeyIdSupplier) + [DafnyCallEvent(input, output)]

Expand Down Expand Up @@ -535,7 +537,9 @@ abstract module AbstractAwsCryptographyDbEncryptionSdkDynamoDbService
&& output.value.branchKeyIdSupplier.ValidState()
&& output.value.branchKeyIdSupplier.Modifies !! {History}
&& fresh(output.value.branchKeyIdSupplier)
&& fresh ( output.value.branchKeyIdSupplier.Modifies - Modifies - {History} - input.ddbKeyBranchKeyIdSupplier.Modifies ) )
&& fresh ( output.value.branchKeyIdSupplier.Modifies
- Modifies - {History}
- input.ddbKeyBranchKeyIdSupplier.Modifies ) )
ensures CreateDynamoDbEncryptionBranchKeyIdSupplierEnsuresPublicly(input, output)
ensures History.CreateDynamoDbEncryptionBranchKeyIdSupplier == old(History.CreateDynamoDbEncryptionBranchKeyIdSupplier) + [DafnyCallEvent(input, output)]
{
Expand Down Expand Up @@ -592,7 +596,9 @@ abstract module AbstractAwsCryptographyDbEncryptionSdkDynamoDbOperations {
&& ( output.Success? ==>
&& output.value.branchKeyIdSupplier.ValidState()
&& fresh(output.value.branchKeyIdSupplier)
&& fresh ( output.value.branchKeyIdSupplier.Modifies - ModifiesInternalConfig(config) - input.ddbKeyBranchKeyIdSupplier.Modifies ) )
&& fresh ( output.value.branchKeyIdSupplier.Modifies
- ModifiesInternalConfig(config)
- input.ddbKeyBranchKeyIdSupplier.Modifies ) )
ensures CreateDynamoDbEncryptionBranchKeyIdSupplierEnsuresPublicly(input, output)


Expand Down
2 changes: 1 addition & 1 deletion DynamoDbEncryption/dafny/DynamoDbEncryption/src/Beacon.dfy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ module BaseBeacon {

import DDB = ComAmazonawsDynamodbTypes
import Prim = AwsCryptographyPrimitivesTypes
import Aws.Cryptography.Primitives
import Primitives = AtomicPrimitives
import UTF8
import SortedSets
import TermLoc
Expand Down
2 changes: 1 addition & 1 deletion DynamoDbEncryption/dafny/DynamoDbEncryption/src/CompoundBeacon.dfy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ module CompoundBeacon {
import opened DdbVirtualFields

import Prim = AwsCryptographyPrimitivesTypes
import Aws.Cryptography.Primitives
import Primitives = AtomicPrimitives
import UTF8
import Seq
import SortedSets
Expand Down
23 changes: 14 additions & 9 deletions DynamoDbEncryption/dafny/DynamoDbEncryption/src/ConfigToInfo.dfy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ module SearchConfigToInfo {
import CB = CompoundBeacon
import SE = AwsCryptographyDbEncryptionSdkStructuredEncryptionTypes
import MPT = AwsCryptographyMaterialProvidersTypes
import Aws.Cryptography.Primitives
import Primitives = AtomicPrimitives

// convert configured SearchConfig to internal SearchInfo
method Convert(outer : DynamoDbTableEncryptionConfig)
Expand Down Expand Up @@ -137,14 +137,19 @@ module SearchConfigToInfo {
else
MPT.Default(Default := MPT.DefaultCache(entryCapacity := 1));

//= specification/searchable-encryption/search-config.md#key-store-cache
//# For a Beacon Key Source a [CMC](../../submodules/MaterialProviders/aws-encryption-sdk-specification/framework/cryptographic-materials-cache.md)
//# MUST be created.
var input := MPT.CreateCryptographicMaterialsCacheInput(
cache := cacheType
);
var maybeCache := mpl.CreateCryptographicMaterialsCache(input);
var cache :- maybeCache.MapFailure(e => AwsCryptographyMaterialProviders(e));
var cache;
if cacheType.Shared? {
cache := cacheType.Shared;
} else {
//= specification/searchable-encryption/search-config.md#key-store-cache
//# For a Beacon Key Source a [CMC](../../submodules/MaterialProviders/aws-encryption-sdk-specification/framework/cryptographic-materials-cache.md)
//# MUST be created.
var input := MPT.CreateCryptographicMaterialsCacheInput(
cache := cacheType
);
var maybeCache := mpl.CreateCryptographicMaterialsCache(input);
cache :- maybeCache.MapFailure(e => AwsCryptographyMaterialProviders(e));
}

if config.multi? {
:- Need(0 < config.multi.cacheTTL, E("Beacon Cache TTL must be at least 1."));
Expand Down
12 changes: 6 additions & 6 deletions DynamoDbEncryption/dafny/DynamoDbEncryption/src/SearchInfo.dfy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ module SearchableEncryptionInfo {
import UTF8
import opened Time
import KeyStore = AwsCryptographyKeyStoreTypes
import Aws.Cryptography.Primitives
import Primitives = AtomicPrimitives
import Prim = AwsCryptographyPrimitivesTypes
import MP = AwsCryptographyMaterialProvidersTypes
import KeyStoreTypes = AwsCryptographyKeyStoreTypes
Expand Down Expand Up @@ -71,11 +71,11 @@ module SearchableEncryptionInfo {
//# MUST be generated in accordance with [HMAC Key Generation](#hmac-key-generation).
var newKey :- GetBeaconKey(client, key, keysLeft[0]);
reveal Seq.HasNoDuplicates();
//= specification/searchable-encryption/search-config.md#get-beacon-key-materials
//# [Beacon Key Materials](../../submodules/MaterialProviders/aws-encryption-sdk-specification/framework/structures.md#beacon-key-materials) MUST be generated
//# with the [beacon key id](#beacon-key-id) equal to the `beacon key id`
//# and the [HMAC Keys](../../submodules/MaterialProviders/aws-encryption-sdk-specification/framework/structures.md#hmac-keys) equal to a map
//# of every [standard beacons](beacons.md#standard-beacon-initialization) name to its generated HMAC key.
//= specification/searchable-encryption/search-config.md#get-beacon-key-materials
//# [Beacon Key Materials](../../submodules/MaterialProviders/aws-encryption-sdk-specification/framework/structures.md#beacon-key-materials) MUST be generated
//# with the [beacon key id](#beacon-key-id) equal to the `beacon key id`
//# and the [HMAC Keys](../../submodules/MaterialProviders/aws-encryption-sdk-specification/framework/structures.md#hmac-keys) equal to a map
//# of every [standard beacons](beacons.md#standard-beacon-initialization) name to its generated HMAC key.
output := GetHmacKeys(client, allKeys, keysLeft[1..], key, acc[keysLeft[0] := newKey]);
}
}
Expand Down
5 changes: 4 additions & 1 deletion DynamoDbEncryption/dafny/DynamoDbEncryption/test/BeaconTestFixtures.dfy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ module BeaconTestFixtures {
import DDBC = Com.Amazonaws.Dynamodb
import KTypes = AwsCryptographyKeyStoreTypes
import SI = SearchableEncryptionInfo
import Aws.Cryptography.Primitives
import Primitives = AtomicPrimitives
import MaterialProviders
import MPT = AwsCryptographyMaterialProvidersTypes
import SortedSets
Expand Down Expand Up @@ -181,6 +181,9 @@ module BeaconTestFixtures {
ensures output.keyStore.ValidState()
ensures fresh(output.keyStore.Modifies)
ensures output.version == 1
ensures
&& output.keySource.multi?
&& output.keySource.multi.cache.None?
{
var store := GetKeyStore();
return BeaconVersion (
Expand Down
128 changes: 82 additions & 46 deletions ...amoDbEncryptionTransforms/Model/AwsCryptographyDbEncryptionSdkDynamoDbTransformsTypes.dfy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -759,62 +759,98 @@ abstract module AbstractAwsCryptographyDbEncryptionSdkDynamoDbTransformsService
var tmps4 := set t4 | t4 in tmp3.search.value.versions;
forall tmp4 :: tmp4 in tmps4 ==>
tmp4.keyStore.ValidState()
modifies set tmps5 <- set t5 <- config.tableEncryptionConfigs.Values | true
&& t5.keyring.Some?
:: t5.keyring.value,
obj <- tmps5.Modifies | obj in tmps5.Modifies :: obj
modifies set tmps6 <- set t6 <- config.tableEncryptionConfigs.Values | true
&& t6.cmm.Some?
:: t6.cmm.value,
obj <- tmps6.Modifies | obj in tmps6.Modifies :: obj
requires var tmps5 := set t5 | t5 in config.tableEncryptionConfigs.Values;
forall tmp5 :: tmp5 in tmps5 ==>
tmp5.search.Some? ==>
var tmps6 := set t6 | t6 in tmp5.search.value.versions;
forall tmp6 :: tmp6 in tmps6 ==>
tmp6.keySource.multi? ==>
tmp6.keySource.multi.cache.Some? ==>
tmp6.keySource.multi.cache.value.Shared? ==>
tmp6.keySource.multi.cache.value.Shared.ValidState()
modifies set tmps7 <- set t7 <- config.tableEncryptionConfigs.Values | true
&& t7.legacyOverride.Some?
:: t7.legacyOverride.value.encryptor,
&& t7.keyring.Some?
:: t7.keyring.value,
obj <- tmps7.Modifies | obj in tmps7.Modifies :: obj
modifies set tmps8 <- set t8 <- config.tableEncryptionConfigs.Values | true
&& t8.search.Some?
, t9 <- t8.search.value.versions :: t9.keyStore,
&& t8.cmm.Some?
:: t8.cmm.value,
obj <- tmps8.Modifies | obj in tmps8.Modifies :: obj
modifies set tmps9 <- set t9 <- config.tableEncryptionConfigs.Values | true
&& t9.legacyOverride.Some?
:: t9.legacyOverride.value.encryptor,
obj <- tmps9.Modifies | obj in tmps9.Modifies :: obj
modifies set tmps10 <- set t10 <- config.tableEncryptionConfigs.Values | true
&& t10.search.Some?
, t11 <- t10.search.value.versions | true
:: t11.keyStore,
obj <- tmps10.Modifies | obj in tmps10.Modifies :: obj
modifies set tmps12 <- set t12 <- config.tableEncryptionConfigs.Values | true
&& t12.search.Some?
, t13 <- t12.search.value.versions | true
&& t13.keySource.multi?
&& t13.keySource.multi.cache.Some?
&& t13.keySource.multi.cache.value.Shared?
:: t13.keySource.multi.cache.value.Shared,
obj <- tmps12.Modifies | obj in tmps12.Modifies :: obj
ensures res.Success? ==>
&& fresh(res.value)
&& fresh(res.value.Modifies
- ( set tmps10 <- set t10 <- config.tableEncryptionConfigs.Values | true
&& t10.keyring.Some?
:: t10.keyring.value,
obj <- tmps10.Modifies | obj in tmps10.Modifies :: obj
) - ( set tmps11 <- set t11 <- config.tableEncryptionConfigs.Values | true
&& t11.cmm.Some?
:: t11.cmm.value,
obj <- tmps11.Modifies | obj in tmps11.Modifies :: obj
) - ( set tmps12 <- set t12 <- config.tableEncryptionConfigs.Values | true
&& t12.legacyOverride.Some?
:: t12.legacyOverride.value.encryptor,
obj <- tmps12.Modifies | obj in tmps12.Modifies :: obj
) - ( set tmps13 <- set t13 <- config.tableEncryptionConfigs.Values | true
&& t13.search.Some?
, t14 <- t13.search.value.versions :: t14.keyStore,
obj <- tmps13.Modifies | obj in tmps13.Modifies :: obj
- ( set tmps14 <- set t14 <- config.tableEncryptionConfigs.Values | true
&& t14.keyring.Some?
:: t14.keyring.value,
obj <- tmps14.Modifies | obj in tmps14.Modifies :: obj
) - ( set tmps15 <- set t15 <- config.tableEncryptionConfigs.Values | true
&& t15.cmm.Some?
:: t15.cmm.value,
obj <- tmps15.Modifies | obj in tmps15.Modifies :: obj
) - ( set tmps16 <- set t16 <- config.tableEncryptionConfigs.Values | true
&& t16.legacyOverride.Some?
:: t16.legacyOverride.value.encryptor,
obj <- tmps16.Modifies | obj in tmps16.Modifies :: obj
) - ( set tmps17 <- set t17 <- config.tableEncryptionConfigs.Values | true
&& t17.search.Some?
, t18 <- t17.search.value.versions | true
:: t18.keyStore,
obj <- tmps17.Modifies | obj in tmps17.Modifies :: obj
) - ( set tmps19 <- set t19 <- config.tableEncryptionConfigs.Values | true
&& t19.search.Some?
, t20 <- t19.search.value.versions | true
&& t20.keySource.multi?
&& t20.keySource.multi.cache.Some?
&& t20.keySource.multi.cache.value.Shared?
:: t20.keySource.multi.cache.value.Shared,
obj <- tmps19.Modifies | obj in tmps19.Modifies :: obj
) )
&& fresh(res.value.History)
&& res.value.ValidState()
ensures var tmps15 := set t15 | t15 in config.tableEncryptionConfigs.Values;
forall tmp15 :: tmp15 in tmps15 ==>
tmp15.keyring.Some? ==>
tmp15.keyring.value.ValidState()
ensures var tmps16 := set t16 | t16 in config.tableEncryptionConfigs.Values;
forall tmp16 :: tmp16 in tmps16 ==>
tmp16.cmm.Some? ==>
tmp16.cmm.value.ValidState()
ensures var tmps17 := set t17 | t17 in config.tableEncryptionConfigs.Values;
forall tmp17 :: tmp17 in tmps17 ==>
tmp17.legacyOverride.Some? ==>
tmp17.legacyOverride.value.encryptor.ValidState()
ensures var tmps18 := set t18 | t18 in config.tableEncryptionConfigs.Values;
forall tmp18 :: tmp18 in tmps18 ==>
tmp18.search.Some? ==>
var tmps19 := set t19 | t19 in tmp18.search.value.versions;
forall tmp19 :: tmp19 in tmps19 ==>
tmp19.keyStore.ValidState()
ensures var tmps21 := set t21 | t21 in config.tableEncryptionConfigs.Values;
forall tmp21 :: tmp21 in tmps21 ==>
tmp21.keyring.Some? ==>
tmp21.keyring.value.ValidState()
ensures var tmps22 := set t22 | t22 in config.tableEncryptionConfigs.Values;
forall tmp22 :: tmp22 in tmps22 ==>
tmp22.cmm.Some? ==>
tmp22.cmm.value.ValidState()
ensures var tmps23 := set t23 | t23 in config.tableEncryptionConfigs.Values;
forall tmp23 :: tmp23 in tmps23 ==>
tmp23.legacyOverride.Some? ==>
tmp23.legacyOverride.value.encryptor.ValidState()
ensures var tmps24 := set t24 | t24 in config.tableEncryptionConfigs.Values;
forall tmp24 :: tmp24 in tmps24 ==>
tmp24.search.Some? ==>
var tmps25 := set t25 | t25 in tmp24.search.value.versions;
forall tmp25 :: tmp25 in tmps25 ==>
tmp25.keyStore.ValidState()
ensures var tmps26 := set t26 | t26 in config.tableEncryptionConfigs.Values;
forall tmp26 :: tmp26 in tmps26 ==>
tmp26.search.Some? ==>
var tmps27 := set t27 | t27 in tmp26.search.value.versions;
forall tmp27 :: tmp27 in tmps27 ==>
tmp27.keySource.multi? ==>
tmp27.keySource.multi.cache.Some? ==>
tmp27.keySource.multi.cache.value.Shared? ==>
tmp27.keySource.multi.cache.value.Shared.ValidState()

// Helper functions for the benefit of native code to create a Success(client) without referring to Dafny internals
function method CreateSuccessOfClient(client: IDynamoDbEncryptionTransformsClient): Result<IDynamoDbEncryptionTransformsClient, Error> {
Expand Down
2 changes: 1 addition & 1 deletion ...StructuredEncryption/src/AwsCryptographyDbEncryptionSdkStructuredEncryptionOperations.dfy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ module AwsCryptographyDbEncryptionSdkStructuredEncryptionOperations refines Abst
import Prim = AwsCryptographyPrimitivesTypes
import StructuredEncryptionHeader
import Random
import Aws.Cryptography.Primitives
import Primitives = AtomicPrimitives
import Header = StructuredEncryptionHeader
import Footer = StructuredEncryptionFooter
import MaterialProviders
Expand Down
2 changes: 1 addition & 1 deletion DynamoDbEncryption/dafny/StructuredEncryption/src/Crypt.dfy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ module StructuredEncryptionCrypt {

import CMP = AwsCryptographyMaterialProvidersTypes
import Prim = AwsCryptographyPrimitivesTypes
import Aws.Cryptography.Primitives
import Primitives = AtomicPrimitives
import UTF8
import Header = StructuredEncryptionHeader
import HKDF
Expand Down
2 changes: 1 addition & 1 deletion DynamoDbEncryption/dafny/StructuredEncryption/src/Footer.dfy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ module StructuredEncryptionFooter {
import opened StandardLibrary.UInt
import opened AwsCryptographyDbEncryptionSdkStructuredEncryptionTypes
import opened StructuredEncryptionUtil
import Aws.Cryptography.Primitives
import Primitives = AtomicPrimitives
import Materials
import Header = StructuredEncryptionHeader

Expand Down
Loading

0 comments on commit e8ec247

Please sign in to comment.