github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl@v0.2.0/AwsKmsHierarchicalKeyring/AwsKmsHierarchicalKeyring.go (about) 1 // Package AwsKmsHierarchicalKeyring 2 // Dafny module AwsKmsHierarchicalKeyring compiled into Go 3 4 package AwsKmsHierarchicalKeyring 5 6 import ( 7 os "os" 8 9 m_ComAmazonawsDynamodbTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/dynamodb/ComAmazonawsDynamodbTypes" 10 m_Com_Amazonaws_Dynamodb "github.com/aws/aws-cryptographic-material-providers-library/releases/go/dynamodb/Com_Amazonaws_Dynamodb" 11 m_ComAmazonawsKmsTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/kms/ComAmazonawsKmsTypes" 12 m_Com_Amazonaws_Kms "github.com/aws/aws-cryptographic-material-providers-library/releases/go/kms/Com_Amazonaws_Kms" 13 m_AlgorithmSuites "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AlgorithmSuites" 14 m_AwsArnParsing "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsArnParsing" 15 m_AwsCryptographyKeyStoreOperations "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsCryptographyKeyStoreOperations" 16 m_AwsCryptographyKeyStoreTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsCryptographyKeyStoreTypes" 17 m_AwsCryptographyMaterialProvidersTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsCryptographyMaterialProvidersTypes" 18 m_AwsKmsDiscoveryKeyring "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsKmsDiscoveryKeyring" 19 m_AwsKmsKeyring "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsKmsKeyring" 20 m_AwsKmsMrkAreUnique "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsKmsMrkAreUnique" 21 m_AwsKmsMrkDiscoveryKeyring "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsKmsMrkDiscoveryKeyring" 22 m_AwsKmsMrkKeyring "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsKmsMrkKeyring" 23 m_AwsKmsMrkMatchForDecrypt "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsKmsMrkMatchForDecrypt" 24 m_AwsKmsUtils "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsKmsUtils" 25 m_CacheConstants "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/CacheConstants" 26 m_CanonicalEncryptionContext "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/CanonicalEncryptionContext" 27 m_Constants "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/Constants" 28 m_CreateKeyStoreTable "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/CreateKeyStoreTable" 29 m_CreateKeys "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/CreateKeys" 30 m_DDBKeystoreOperations "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/DDBKeystoreOperations" 31 m_DiscoveryMultiKeyring "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/DiscoveryMultiKeyring" 32 m_EdkWrapping "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/EdkWrapping" 33 m_ErrorMessages "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/ErrorMessages" 34 m_GetKeys "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/GetKeys" 35 m_IntermediateKeyWrapping "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/IntermediateKeyWrapping" 36 m_KMSKeystoreOperations "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/KMSKeystoreOperations" 37 m_KeyStore "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/KeyStore" 38 m_KeyStoreErrorMessages "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/KeyStoreErrorMessages" 39 m_Keyring "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/Keyring" 40 m_KmsArn "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/KmsArn" 41 m_LocalCMC "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/LocalCMC" 42 m_MaterialWrapping "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/MaterialWrapping" 43 m_Materials "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/Materials" 44 m_MrkAwareDiscoveryMultiKeyring "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/MrkAwareDiscoveryMultiKeyring" 45 m_MrkAwareStrictMultiKeyring "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/MrkAwareStrictMultiKeyring" 46 m_MultiKeyring "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/MultiKeyring" 47 m_StormTracker "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/StormTracker" 48 m_StormTrackingCMC "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/StormTrackingCMC" 49 m_StrictMultiKeyring "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/StrictMultiKeyring" 50 m_Structure "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/Structure" 51 m_SynchronizedLocalCMC "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/SynchronizedLocalCMC" 52 m_AtomicPrimitives "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/AtomicPrimitives" 53 m_AwsCryptographyPrimitivesOperations "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/AwsCryptographyPrimitivesOperations" 54 m_AwsCryptographyPrimitivesTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/AwsCryptographyPrimitivesTypes" 55 m_Digest "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/Digest" 56 m_HKDF "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/HKDF" 57 m_KdfCtr "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/KdfCtr" 58 m_Random "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/Random" 59 m_WrappedHKDF "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/WrappedHKDF" 60 m_WrappedHMAC "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/WrappedHMAC" 61 m_Actions "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Actions" 62 m_Base64 "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Base64" 63 m_Base64Lemmas "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Base64Lemmas" 64 m_BoundedInts "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/BoundedInts" 65 m_DivInternals "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/DivInternals" 66 m_DivInternalsNonlinear "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/DivInternalsNonlinear" 67 m_DivMod "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/DivMod" 68 m_FileIO "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/FileIO" 69 m_FloatCompare "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/FloatCompare" 70 m_Functions "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Functions" 71 m_GeneralInternals "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/GeneralInternals" 72 m_GetOpt "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/GetOpt" 73 m_HexStrings "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/HexStrings" 74 m_Logarithm "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Logarithm" 75 m__Math "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Math_" 76 m_ModInternals "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/ModInternals" 77 m_ModInternalsNonlinear "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/ModInternalsNonlinear" 78 m_Mul "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Mul" 79 m_MulInternals "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/MulInternals" 80 m_MulInternalsNonlinear "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/MulInternalsNonlinear" 81 m_Power "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Power" 82 m_Relations "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Relations" 83 m_Seq "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Seq" 84 m_Seq_MergeSort "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Seq_MergeSort" 85 m_Sorting "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Sorting" 86 m_StandardLibrary "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibrary" 87 m_StandardLibraryInterop "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibraryInterop" 88 m_StandardLibrary_Sequence "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibrary_Sequence" 89 m_StandardLibrary_String "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibrary_String" 90 m_StandardLibrary_UInt "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibrary_UInt" 91 m_Streams "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Streams" 92 m__Time "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Time_" 93 m_UTF8 "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/UTF8" 94 m_UUID "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/UUID" 95 m_UnicodeStrings "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/UnicodeStrings" 96 m__Unicode "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Unicode_" 97 m_Utf16EncodingForm "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Utf16EncodingForm" 98 m_Utf8EncodingForm "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Utf8EncodingForm" 99 m_Wrappers "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Wrappers" 100 m__System "github.com/dafny-lang/DafnyRuntimeGo/v4/System_" 101 _dafny "github.com/dafny-lang/DafnyRuntimeGo/v4/dafny" 102 ) 103 104 var _ = os.Args 105 var _ _dafny.Dummy__ 106 var _ m__System.Dummy__ 107 var _ m_Wrappers.Dummy__ 108 var _ m_BoundedInts.Dummy__ 109 var _ m_StandardLibrary_UInt.Dummy__ 110 var _ m_StandardLibrary_Sequence.Dummy__ 111 var _ m_StandardLibrary_String.Dummy__ 112 var _ m_StandardLibrary.Dummy__ 113 var _ m_AwsCryptographyPrimitivesTypes.Dummy__ 114 var _ m_Random.Dummy__ 115 var _ m_Digest.Dummy__ 116 var _ m_WrappedHMAC.Dummy__ 117 var _ m_HKDF.Dummy__ 118 var _ m_WrappedHKDF.Dummy__ 119 var _ m_KdfCtr.Dummy__ 120 var _ m_AwsCryptographyPrimitivesOperations.Dummy__ 121 var _ m_AtomicPrimitives.Dummy__ 122 var _ m_ComAmazonawsDynamodbTypes.Dummy__ 123 var _ m_ComAmazonawsKmsTypes.Dummy__ 124 var _ m_Relations.Dummy__ 125 var _ m_Seq_MergeSort.Dummy__ 126 var _ m__Math.Dummy__ 127 var _ m_Seq.Dummy__ 128 var _ m__Unicode.Dummy__ 129 var _ m_Functions.Dummy__ 130 var _ m_Utf8EncodingForm.Dummy__ 131 var _ m_Utf16EncodingForm.Dummy__ 132 var _ m_UnicodeStrings.Dummy__ 133 var _ m_FileIO.Dummy__ 134 var _ m_GeneralInternals.Dummy__ 135 var _ m_MulInternalsNonlinear.Dummy__ 136 var _ m_MulInternals.Dummy__ 137 var _ m_Mul.Dummy__ 138 var _ m_ModInternalsNonlinear.Dummy__ 139 var _ m_DivInternalsNonlinear.Dummy__ 140 var _ m_ModInternals.Dummy__ 141 var _ m_DivInternals.Dummy__ 142 var _ m_DivMod.Dummy__ 143 var _ m_Power.Dummy__ 144 var _ m_Logarithm.Dummy__ 145 var _ m_StandardLibraryInterop.Dummy__ 146 var _ m_Streams.Dummy__ 147 var _ m_Sorting.Dummy__ 148 var _ m_HexStrings.Dummy__ 149 var _ m_GetOpt.Dummy__ 150 var _ m_FloatCompare.Dummy__ 151 var _ m_Base64.Dummy__ 152 var _ m_Base64Lemmas.Dummy__ 153 var _ m_Actions.Dummy__ 154 var _ m_AwsCryptographyKeyStoreTypes.Dummy__ 155 var _ m_AwsCryptographyMaterialProvidersTypes.Dummy__ 156 var _ m_AwsArnParsing.Dummy__ 157 var _ m_AwsKmsMrkMatchForDecrypt.Dummy__ 158 var _ m_AwsKmsUtils.Dummy__ 159 var _ m_KeyStoreErrorMessages.Dummy__ 160 var _ m_KmsArn.Dummy__ 161 var _ m_Structure.Dummy__ 162 var _ m_KMSKeystoreOperations.Dummy__ 163 var _ m_DDBKeystoreOperations.Dummy__ 164 var _ m_CreateKeys.Dummy__ 165 var _ m_CreateKeyStoreTable.Dummy__ 166 var _ m_GetKeys.Dummy__ 167 var _ m_AwsCryptographyKeyStoreOperations.Dummy__ 168 var _ m_Com_Amazonaws_Kms.Dummy__ 169 var _ m_Com_Amazonaws_Dynamodb.Dummy__ 170 var _ m_KeyStore.Dummy__ 171 var _ m_AlgorithmSuites.Dummy__ 172 var _ m_Materials.Dummy__ 173 var _ m_Keyring.Dummy__ 174 var _ m_MultiKeyring.Dummy__ 175 var _ m_AwsKmsMrkAreUnique.Dummy__ 176 var _ m_Constants.Dummy__ 177 var _ m_MaterialWrapping.Dummy__ 178 var _ m_CanonicalEncryptionContext.Dummy__ 179 var _ m_IntermediateKeyWrapping.Dummy__ 180 var _ m_EdkWrapping.Dummy__ 181 var _ m_ErrorMessages.Dummy__ 182 var _ m_AwsKmsKeyring.Dummy__ 183 var _ m_StrictMultiKeyring.Dummy__ 184 var _ m_AwsKmsDiscoveryKeyring.Dummy__ 185 var _ m_DiscoveryMultiKeyring.Dummy__ 186 var _ m_AwsKmsMrkDiscoveryKeyring.Dummy__ 187 var _ m_MrkAwareDiscoveryMultiKeyring.Dummy__ 188 var _ m_AwsKmsMrkKeyring.Dummy__ 189 var _ m_MrkAwareStrictMultiKeyring.Dummy__ 190 var _ m_LocalCMC.Dummy__ 191 var _ m_SynchronizedLocalCMC.Dummy__ 192 var _ m_StormTracker.Dummy__ 193 var _ m_StormTrackingCMC.Dummy__ 194 var _ m_CacheConstants.Dummy__ 195 196 type Dummy__ struct{} 197 198 // Definition of class Default__ 199 type Default__ struct { 200 dummy byte 201 } 202 203 func New_Default___() *Default__ { 204 _this := Default__{} 205 206 return &_this 207 } 208 209 type CompanionStruct_Default___ struct { 210 } 211 212 var Companion_Default___ = CompanionStruct_Default___{} 213 214 func (_this *Default__) Equals(other *Default__) bool { 215 return _this == other 216 } 217 218 func (_this *Default__) EqualsGeneric(x interface{}) bool { 219 other, ok := x.(*Default__) 220 return ok && _this.Equals(other) 221 } 222 223 func (*Default__) String() string { 224 return "AwsKmsHierarchicalKeyring.Default__" 225 } 226 func (_this *Default__) ParentTraits_() []*_dafny.TraitID { 227 return [](*_dafny.TraitID){} 228 } 229 230 var _ _dafny.TraitOffspring = &Default__{} 231 232 func (_static *CompanionStruct_Default___) CacheEntryWithinLimits(creationTime int64, now int64, ttlSeconds int64) bool { 233 return ((now) - (creationTime)) <= (ttlSeconds) 234 } 235 func (_static *CompanionStruct_Default___) DeriveEncryptionKeyFromBranchKey(branchKey _dafny.Sequence, salt _dafny.Sequence, purpose m_Wrappers.Option, cryptoPrimitives *m_AtomicPrimitives.AtomicPrimitivesClient) m_Wrappers.Result { 236 var output m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 237 _ = output 238 var _0_maybeDerivedBranchKey m_Wrappers.Result 239 _ = _0_maybeDerivedBranchKey 240 var _out0 m_Wrappers.Result 241 _ = _out0 242 _out0 = (cryptoPrimitives).KdfCounterMode(m_AwsCryptographyPrimitivesTypes.Companion_KdfCtrInput_.Create_KdfCtrInput_(m_AwsCryptographyPrimitivesTypes.Companion_DigestAlgorithm_.Create_SHA__256_(), branchKey, Companion_Default___.DERIVED__BRANCH__KEY__EXPECTED__LENGTH(), purpose, m_Wrappers.Companion_Option_.Create_Some_(salt))) 243 _0_maybeDerivedBranchKey = _out0 244 var _1_valueOrError0 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 245 _ = _1_valueOrError0 246 _1_valueOrError0 = (_0_maybeDerivedBranchKey).MapFailure(func(coer75 func(m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 247 return func(arg76 interface{}) interface{} { 248 return coer75(arg76.(m_AwsCryptographyPrimitivesTypes.Error)) 249 } 250 }(func(_2_e m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error { 251 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographyPrimitives_(_2_e) 252 })) 253 if (_1_valueOrError0).IsFailure() { 254 output = (_1_valueOrError0).PropagateFailure() 255 return output 256 } 257 var _3_derivedBranchKey _dafny.Sequence 258 _ = _3_derivedBranchKey 259 _3_derivedBranchKey = (_1_valueOrError0).Extract().(_dafny.Sequence) 260 output = m_Wrappers.Companion_Result_.Create_Success_(_3_derivedBranchKey) 261 return output 262 } 263 func (_static *CompanionStruct_Default___) WrappingAad(branchKeyId _dafny.Sequence, branchKeyVersion _dafny.Sequence, aad _dafny.Sequence) _dafny.Sequence { 264 return _dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(m_Constants.Companion_Default___.PROVIDER__ID__HIERARCHY(), branchKeyId), branchKeyVersion), aad) 265 } 266 func (_static *CompanionStruct_Default___) SerializeEDKCiphertext(encOutput m_AwsCryptographyPrimitivesTypes.AESEncryptOutput) _dafny.Sequence { 267 return _dafny.Companion_Sequence_.Concatenate((encOutput).Dtor_cipherText(), (encOutput).Dtor_authTag()) 268 } 269 func (_static *CompanionStruct_Default___) E(s _dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error { 270 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(s) 271 } 272 func (_static *CompanionStruct_Default___) AES__256__ENC__KEY__LENGTH() int32 { 273 return int32(32) 274 } 275 func (_static *CompanionStruct_Default___) AES__256__ENC__TAG__LENGTH() int32 { 276 return int32(16) 277 } 278 func (_static *CompanionStruct_Default___) AES__256__ENC__IV__LENGTH() int32 { 279 return int32(12) 280 } 281 func (_static *CompanionStruct_Default___) AES__256__ENC__ALG() m_AwsCryptographyPrimitivesTypes.AES__GCM { 282 return m_AwsCryptographyPrimitivesTypes.Companion_AES__GCM_.Create_AES__GCM_(Companion_Default___.AES__256__ENC__KEY__LENGTH(), Companion_Default___.AES__256__ENC__TAG__LENGTH(), Companion_Default___.AES__256__ENC__IV__LENGTH()) 283 } 284 func (_static *CompanionStruct_Default___) H__WRAP__SALT__LEN() int32 { 285 return int32(16) 286 } 287 func (_static *CompanionStruct_Default___) H__WRAP__NONCE__LEN() int32 { 288 return int32(12) 289 } 290 func (_static *CompanionStruct_Default___) EDK__CIPHERTEXT__BRANCH__KEY__VERSION__INDEX() int32 { 291 return (Companion_Default___.H__WRAP__SALT__LEN()) + (Companion_Default___.H__WRAP__NONCE__LEN()) 292 } 293 func (_static *CompanionStruct_Default___) EDK__CIPHERTEXT__VERSION__LENGTH() int32 { 294 return int32(16) 295 } 296 func (_static *CompanionStruct_Default___) EDK__CIPHERTEXT__VERSION__INDEX() int32 { 297 return (Companion_Default___.EDK__CIPHERTEXT__BRANCH__KEY__VERSION__INDEX()) + (Companion_Default___.EDK__CIPHERTEXT__VERSION__LENGTH()) 298 } 299 func (_static *CompanionStruct_Default___) EXPECTED__EDK__CIPHERTEXT__OVERHEAD() int32 { 300 return (Companion_Default___.EDK__CIPHERTEXT__VERSION__INDEX()) + (Companion_Default___.AES__256__ENC__TAG__LENGTH()) 301 } 302 func (_static *CompanionStruct_Default___) DERIVED__BRANCH__KEY__EXPECTED__LENGTH() int32 { 303 return int32(32) 304 } 305 func (_static *CompanionStruct_Default___) BRANCH__KEY__STORE__GSI() _dafny.Sequence { 306 return _dafny.SeqOfString("Active-Keys") 307 } 308 func (_static *CompanionStruct_Default___) BRANCH__KEY__FIELD() _dafny.Sequence { 309 return _dafny.SeqOfString("enc") 310 } 311 func (_static *CompanionStruct_Default___) VERSION__FIELD() _dafny.Sequence { 312 return _dafny.SeqOfString("version") 313 } 314 func (_static *CompanionStruct_Default___) BRANCH__KEY__IDENTIFIER__FIELD() _dafny.Sequence { 315 return _dafny.SeqOfString("branch-key-id") 316 } 317 func (_static *CompanionStruct_Default___) KEY__CONDITION__EXPRESSION() _dafny.Sequence { 318 return _dafny.SeqOfString("#status = :status and #branch_key_id = :branch_key_id") 319 } 320 func (_static *CompanionStruct_Default___) EXPRESSION__ATTRIBUTE__NAMES() _dafny.Map { 321 return _dafny.NewMapBuilder().ToMap().UpdateUnsafe(_dafny.SeqOfString("#status"), _dafny.SeqOfString("status")).UpdateUnsafe(_dafny.SeqOfString("#branch_key_id"), _dafny.SeqOfString("branch-key-id")) 322 } 323 func (_static *CompanionStruct_Default___) EXPRESSION__ATTRIBUTE__VALUE__STATUS__KEY() _dafny.Sequence { 324 return _dafny.SeqOfString(":status") 325 } 326 func (_static *CompanionStruct_Default___) EXPRESSION__ATTRIBUTE__VALUE__STATUS__VALUE() _dafny.Sequence { 327 return _dafny.SeqOfString("ACTIVE") 328 } 329 func (_static *CompanionStruct_Default___) EXPRESSION__ATTRIBUTE__VALUE__BRANCH__KEY() _dafny.Sequence { 330 return _dafny.SeqOfString(":branch_key_id") 331 } 332 333 // End of class Default__ 334 335 // Definition of class AwsKmsHierarchicalKeyring 336 type AwsKmsHierarchicalKeyring struct { 337 _keyStore m_AwsCryptographyKeyStoreTypes.IKeyStoreClient 338 _cryptoPrimitives *m_AtomicPrimitives.AtomicPrimitivesClient 339 _cache m_AwsCryptographyMaterialProvidersTypes.ICryptographicMaterialsCache 340 _branchKeyIdSupplier m_Wrappers.Option 341 _branchKeyId m_Wrappers.Option 342 _ttlSeconds int64 343 _partitionIdBytes _dafny.Sequence 344 _logicalKeyStoreNameBytes _dafny.Sequence 345 } 346 347 func New_AwsKmsHierarchicalKeyring_() *AwsKmsHierarchicalKeyring { 348 _this := AwsKmsHierarchicalKeyring{} 349 350 _this._keyStore = (m_AwsCryptographyKeyStoreTypes.IKeyStoreClient)(nil) 351 _this._cryptoPrimitives = (*m_AtomicPrimitives.AtomicPrimitivesClient)(nil) 352 _this._cache = (m_AwsCryptographyMaterialProvidersTypes.ICryptographicMaterialsCache)(nil) 353 _this._branchKeyIdSupplier = m_Wrappers.Companion_Option_.Default() 354 _this._branchKeyId = m_Wrappers.Companion_Option_.Default() 355 _this._ttlSeconds = int64(0) 356 _this._partitionIdBytes = _dafny.EmptySeq 357 _this._logicalKeyStoreNameBytes = _dafny.EmptySeq 358 return &_this 359 } 360 361 type CompanionStruct_AwsKmsHierarchicalKeyring_ struct { 362 } 363 364 var Companion_AwsKmsHierarchicalKeyring_ = CompanionStruct_AwsKmsHierarchicalKeyring_{} 365 366 func (_this *AwsKmsHierarchicalKeyring) Equals(other *AwsKmsHierarchicalKeyring) bool { 367 return _this == other 368 } 369 370 func (_this *AwsKmsHierarchicalKeyring) EqualsGeneric(x interface{}) bool { 371 other, ok := x.(*AwsKmsHierarchicalKeyring) 372 return ok && _this.Equals(other) 373 } 374 375 func (*AwsKmsHierarchicalKeyring) String() string { 376 return "AwsKmsHierarchicalKeyring.AwsKmsHierarchicalKeyring" 377 } 378 379 func Type_AwsKmsHierarchicalKeyring_() _dafny.TypeDescriptor { 380 return type_AwsKmsHierarchicalKeyring_{} 381 } 382 383 type type_AwsKmsHierarchicalKeyring_ struct { 384 } 385 386 func (_this type_AwsKmsHierarchicalKeyring_) Default() interface{} { 387 return (*AwsKmsHierarchicalKeyring)(nil) 388 } 389 390 func (_this type_AwsKmsHierarchicalKeyring_) String() string { 391 return "AwsKmsHierarchicalKeyring.AwsKmsHierarchicalKeyring" 392 } 393 func (_this *AwsKmsHierarchicalKeyring) ParentTraits_() []*_dafny.TraitID { 394 return [](*_dafny.TraitID){m_Keyring.Companion_VerifiableInterface_.TraitID_, m_AwsCryptographyMaterialProvidersTypes.Companion_IKeyring_.TraitID_} 395 } 396 397 var _ m_Keyring.VerifiableInterface = &AwsKmsHierarchicalKeyring{} 398 var _ m_AwsCryptographyMaterialProvidersTypes.IKeyring = &AwsKmsHierarchicalKeyring{} 399 var _ _dafny.TraitOffspring = &AwsKmsHierarchicalKeyring{} 400 401 func (_this *AwsKmsHierarchicalKeyring) OnDecrypt(input m_AwsCryptographyMaterialProvidersTypes.OnDecryptInput) m_Wrappers.Result { 402 var _out6 m_Wrappers.Result 403 _ = _out6 404 _out6 = m_AwsCryptographyMaterialProvidersTypes.Companion_IKeyring_.OnDecrypt(_this, input) 405 return _out6 406 } 407 func (_this *AwsKmsHierarchicalKeyring) OnEncrypt(input m_AwsCryptographyMaterialProvidersTypes.OnEncryptInput) m_Wrappers.Result { 408 var _out6 m_Wrappers.Result 409 _ = _out6 410 _out6 = m_AwsCryptographyMaterialProvidersTypes.Companion_IKeyring_.OnEncrypt(_this, input) 411 return _out6 412 } 413 func (_this *AwsKmsHierarchicalKeyring) Ctor__(keyStore m_AwsCryptographyKeyStoreTypes.IKeyStoreClient, branchKeyId m_Wrappers.Option, branchKeyIdSupplier m_Wrappers.Option, ttlSeconds int64, cmc m_AwsCryptographyMaterialProvidersTypes.ICryptographicMaterialsCache, partitionIdBytes _dafny.Sequence, logicalKeyStoreNameBytes _dafny.Sequence, cryptoPrimitives *m_AtomicPrimitives.AtomicPrimitivesClient) { 414 { 415 (_this)._keyStore = keyStore 416 (_this)._branchKeyId = branchKeyId 417 (_this)._branchKeyIdSupplier = branchKeyIdSupplier 418 (_this)._ttlSeconds = ttlSeconds 419 (_this)._cryptoPrimitives = cryptoPrimitives 420 (_this)._cache = cmc 421 (_this)._partitionIdBytes = partitionIdBytes 422 (_this)._logicalKeyStoreNameBytes = logicalKeyStoreNameBytes 423 } 424 } 425 func (_this *AwsKmsHierarchicalKeyring) GetBranchKeyId(context _dafny.Map) m_Wrappers.Result { 426 { 427 var ret m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq.SetString()) 428 _ = ret 429 if ((_this).BranchKeyId()).Is_Some() { 430 ret = m_Wrappers.Companion_Result_.Create_Success_(((_this).BranchKeyId()).Dtor_value().(_dafny.Sequence)) 431 return ret 432 } else { 433 var _0_valueOrError0 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_AwsCryptographyMaterialProvidersTypes.Companion_GetBranchKeyIdOutput_.Default()) 434 _ = _0_valueOrError0 435 var _out0 m_Wrappers.Result 436 _ = _out0 437 _out0 = (m_AwsCryptographyMaterialProvidersTypes.Companion_IBranchKeyIdSupplier_.CastTo_(((_this).BranchKeyIdSupplier()).Dtor_value())).GetBranchKeyId(m_AwsCryptographyMaterialProvidersTypes.Companion_GetBranchKeyIdInput_.Create_GetBranchKeyIdInput_(context)) 438 _0_valueOrError0 = _out0 439 if (_0_valueOrError0).IsFailure() { 440 ret = (_0_valueOrError0).PropagateFailure() 441 return ret 442 } 443 var _1_GetBranchKeyIdOut m_AwsCryptographyMaterialProvidersTypes.GetBranchKeyIdOutput 444 _ = _1_GetBranchKeyIdOut 445 _1_GetBranchKeyIdOut = (_0_valueOrError0).Extract().(m_AwsCryptographyMaterialProvidersTypes.GetBranchKeyIdOutput) 446 ret = m_Wrappers.Companion_Result_.Create_Success_((_1_GetBranchKeyIdOut).Dtor_branchKeyId()) 447 return ret 448 } 449 return ret 450 } 451 } 452 func (_this *AwsKmsHierarchicalKeyring) OnEncrypt_k(input m_AwsCryptographyMaterialProvidersTypes.OnEncryptInput) m_Wrappers.Result { 453 { 454 var res m_Wrappers.Result = m_Wrappers.Result{} 455 _ = res 456 var _0_materials m_AwsCryptographyMaterialProvidersTypes.EncryptionMaterials 457 _ = _0_materials 458 _0_materials = (input).Dtor_materials() 459 var _1_suite m_AwsCryptographyMaterialProvidersTypes.AlgorithmSuiteInfo 460 _ = _1_suite 461 _1_suite = (_0_materials).Dtor_algorithmSuite() 462 var _2_valueOrError0 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq.SetString()) 463 _ = _2_valueOrError0 464 var _out0 m_Wrappers.Result 465 _ = _out0 466 _out0 = (_this).GetBranchKeyId((_0_materials).Dtor_encryptionContext()) 467 _2_valueOrError0 = _out0 468 if (_2_valueOrError0).IsFailure() { 469 res = (_2_valueOrError0).PropagateFailure() 470 return res 471 } 472 var _3_branchKeyIdForEncrypt _dafny.Sequence 473 _ = _3_branchKeyIdForEncrypt 474 _3_branchKeyIdForEncrypt = (_2_valueOrError0).Extract().(_dafny.Sequence) 475 var _4_valueOrError1 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_UTF8.Companion_ValidUTF8Bytes_.Witness()) 476 _ = _4_valueOrError1 477 _4_valueOrError1 = (m_UTF8.Encode(_3_branchKeyIdForEncrypt)).MapFailure(func(coer76 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 478 return func(arg77 interface{}) interface{} { 479 return coer76(arg77.(_dafny.Sequence)) 480 } 481 }(m_AwsKmsUtils.Companion_Default___.WrapStringToError)) 482 if (_4_valueOrError1).IsFailure() { 483 res = (_4_valueOrError1).PropagateFailure() 484 return res 485 } 486 var _5_branchKeyIdUtf8 _dafny.Sequence 487 _ = _5_branchKeyIdUtf8 488 _5_branchKeyIdUtf8 = (_4_valueOrError1).Extract().(_dafny.Sequence) 489 var _6_valueOrError2 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 490 _ = _6_valueOrError2 491 var _out1 m_Wrappers.Result 492 _ = _out1 493 _out1 = (_this).GetActiveCacheId(_3_branchKeyIdForEncrypt, _5_branchKeyIdUtf8, (_this).CryptoPrimitives()) 494 _6_valueOrError2 = _out1 495 if (_6_valueOrError2).IsFailure() { 496 res = (_6_valueOrError2).PropagateFailure() 497 return res 498 } 499 var _7_cacheId _dafny.Sequence 500 _ = _7_cacheId 501 _7_cacheId = (_6_valueOrError2).Extract().(_dafny.Sequence) 502 var _8_valueOrError3 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_AwsCryptographyKeyStoreTypes.Companion_BranchKeyMaterials_.Default()) 503 _ = _8_valueOrError3 504 var _out2 m_Wrappers.Result 505 _ = _out2 506 _out2 = (_this).GetActiveHierarchicalMaterials(_3_branchKeyIdForEncrypt, _7_cacheId, (_this).KeyStore()) 507 _8_valueOrError3 = _out2 508 if (_8_valueOrError3).IsFailure() { 509 res = (_8_valueOrError3).PropagateFailure() 510 return res 511 } 512 var _9_hierarchicalMaterials m_AwsCryptographyKeyStoreTypes.BranchKeyMaterials 513 _ = _9_hierarchicalMaterials 514 _9_hierarchicalMaterials = (_8_valueOrError3).Extract().(m_AwsCryptographyKeyStoreTypes.BranchKeyMaterials) 515 var _10_branchKey _dafny.Sequence 516 _ = _10_branchKey 517 _10_branchKey = (_9_hierarchicalMaterials).Dtor_branchKey() 518 var _11_branchKeyVersion _dafny.Sequence 519 _ = _11_branchKeyVersion 520 _11_branchKeyVersion = (_9_hierarchicalMaterials).Dtor_branchKeyVersion() 521 var _12_valueOrError4 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq.SetString()) 522 _ = _12_valueOrError4 523 _12_valueOrError4 = (m_UTF8.Decode(_11_branchKeyVersion)).MapFailure(func(coer77 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 524 return func(arg78 interface{}) interface{} { 525 return coer77(arg78.(_dafny.Sequence)) 526 } 527 }(m_AwsKmsUtils.Companion_Default___.WrapStringToError)) 528 if (_12_valueOrError4).IsFailure() { 529 res = (_12_valueOrError4).PropagateFailure() 530 return res 531 } 532 var _13_branchKeyVersionAsString _dafny.Sequence 533 _ = _13_branchKeyVersionAsString 534 _13_branchKeyVersionAsString = (_12_valueOrError4).Extract().(_dafny.Sequence) 535 var _14_valueOrError5 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 536 _ = _14_valueOrError5 537 _14_valueOrError5 = (m_UUID.ToByteArray(_13_branchKeyVersionAsString)).MapFailure(func(coer78 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 538 return func(arg79 interface{}) interface{} { 539 return coer78(arg79.(_dafny.Sequence)) 540 } 541 }(m_AwsKmsUtils.Companion_Default___.WrapStringToError)) 542 if (_14_valueOrError5).IsFailure() { 543 res = (_14_valueOrError5).PropagateFailure() 544 return res 545 } 546 var _15_branchKeyVersionAsBytes _dafny.Sequence 547 _ = _15_branchKeyVersionAsBytes 548 _15_branchKeyVersionAsBytes = (_14_valueOrError5).Extract().(_dafny.Sequence) 549 var _16_kmsHierarchyGenerateAndWrap *KmsHierarchyGenerateAndWrapKeyMaterial 550 _ = _16_kmsHierarchyGenerateAndWrap 551 var _nw0 *KmsHierarchyGenerateAndWrapKeyMaterial = New_KmsHierarchyGenerateAndWrapKeyMaterial_() 552 _ = _nw0 553 _nw0.Ctor__((_9_hierarchicalMaterials).Dtor_branchKey(), _5_branchKeyIdUtf8, _15_branchKeyVersionAsBytes, (_this).CryptoPrimitives()) 554 _16_kmsHierarchyGenerateAndWrap = _nw0 555 var _17_kmsHierarchyWrap *KmsHierarchyWrapKeyMaterial 556 _ = _17_kmsHierarchyWrap 557 var _nw1 *KmsHierarchyWrapKeyMaterial = New_KmsHierarchyWrapKeyMaterial_() 558 _ = _nw1 559 _nw1.Ctor__((_9_hierarchicalMaterials).Dtor_branchKey(), _5_branchKeyIdUtf8, _15_branchKeyVersionAsBytes, (_this).CryptoPrimitives()) 560 _17_kmsHierarchyWrap = _nw1 561 var _18_valueOrError6 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_EdkWrapping.Companion_WrapEdkMaterialOutput_.Default(Companion_HierarchyWrapInfo_.Default())) 562 _ = _18_valueOrError6 563 var _out3 m_Wrappers.Result 564 _ = _out3 565 _out3 = m_EdkWrapping.Companion_Default___.WrapEdkMaterial(_0_materials, _17_kmsHierarchyWrap, _16_kmsHierarchyGenerateAndWrap) 566 _18_valueOrError6 = _out3 567 if (_18_valueOrError6).IsFailure() { 568 res = (_18_valueOrError6).PropagateFailure() 569 return res 570 } 571 var _19_wrapOutput m_EdkWrapping.WrapEdkMaterialOutput 572 _ = _19_wrapOutput 573 _19_wrapOutput = (_18_valueOrError6).Extract().(m_EdkWrapping.WrapEdkMaterialOutput) 574 var _20_symmetricSigningKeyList m_Wrappers.Option 575 _ = _20_symmetricSigningKeyList 576 if ((_19_wrapOutput).Dtor_symmetricSigningKey()).Is_Some() { 577 _20_symmetricSigningKeyList = m_Wrappers.Companion_Option_.Create_Some_(_dafny.SeqOf(((_19_wrapOutput).Dtor_symmetricSigningKey()).Dtor_value().(_dafny.Sequence))) 578 } else { 579 _20_symmetricSigningKeyList = m_Wrappers.Companion_Option_.Create_None_() 580 } 581 var _21_edk m_AwsCryptographyMaterialProvidersTypes.EncryptedDataKey 582 _ = _21_edk 583 _21_edk = m_AwsCryptographyMaterialProvidersTypes.Companion_EncryptedDataKey_.Create_EncryptedDataKey_(m_Constants.Companion_Default___.PROVIDER__ID__HIERARCHY(), _5_branchKeyIdUtf8, (_19_wrapOutput).Dtor_wrappedMaterial()) 584 if (_19_wrapOutput).Is_GenerateAndWrapEdkMaterialOutput() { 585 var _22_valueOrError7 m_Wrappers.Result = m_Wrappers.Result{} 586 _ = _22_valueOrError7 587 _22_valueOrError7 = m_Materials.Companion_Default___.EncryptionMaterialAddDataKey(_0_materials, (_19_wrapOutput).Dtor_plaintextDataKey(), _dafny.SeqOf(_21_edk), _20_symmetricSigningKeyList) 588 if (_22_valueOrError7).IsFailure() { 589 res = (_22_valueOrError7).PropagateFailure() 590 return res 591 } 592 var _23_result m_AwsCryptographyMaterialProvidersTypes.EncryptionMaterials 593 _ = _23_result 594 _23_result = (_22_valueOrError7).Extract().(m_AwsCryptographyMaterialProvidersTypes.EncryptionMaterials) 595 res = m_Wrappers.Companion_Result_.Create_Success_(m_AwsCryptographyMaterialProvidersTypes.Companion_OnEncryptOutput_.Create_OnEncryptOutput_(_23_result)) 596 return res 597 } else if (_19_wrapOutput).Is_WrapOnlyEdkMaterialOutput() { 598 var _24_valueOrError8 m_Wrappers.Result = m_Wrappers.Result{} 599 _ = _24_valueOrError8 600 _24_valueOrError8 = m_Materials.Companion_Default___.EncryptionMaterialAddEncryptedDataKeys(_0_materials, _dafny.SeqOf(_21_edk), _20_symmetricSigningKeyList) 601 if (_24_valueOrError8).IsFailure() { 602 res = (_24_valueOrError8).PropagateFailure() 603 return res 604 } 605 var _25_result m_AwsCryptographyMaterialProvidersTypes.EncryptionMaterials 606 _ = _25_result 607 _25_result = (_24_valueOrError8).Extract().(m_AwsCryptographyMaterialProvidersTypes.EncryptionMaterials) 608 res = m_Wrappers.Companion_Result_.Create_Success_(m_AwsCryptographyMaterialProvidersTypes.Companion_OnEncryptOutput_.Create_OnEncryptOutput_(_25_result)) 609 return res 610 } 611 return res 612 } 613 } 614 func (_this *AwsKmsHierarchicalKeyring) OnDecrypt_k(input m_AwsCryptographyMaterialProvidersTypes.OnDecryptInput) m_Wrappers.Result { 615 { 616 var res m_Wrappers.Result = m_Wrappers.Result{} 617 _ = res 618 var _0_materials m_AwsCryptographyMaterialProvidersTypes.DecryptionMaterials 619 _ = _0_materials 620 _0_materials = (input).Dtor_materials() 621 var _1_suite m_AwsCryptographyMaterialProvidersTypes.AlgorithmSuiteInfo 622 _ = _1_suite 623 _1_suite = ((input).Dtor_materials()).Dtor_algorithmSuite() 624 var _2_valueOrError0 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 625 _ = _2_valueOrError0 626 _2_valueOrError0 = m_Wrappers.Companion_Default___.Need(m_Materials.Companion_Default___.DecryptionMaterialsWithoutPlaintextDataKey(_0_materials), Companion_Default___.E(_dafny.SeqOfString("Keyring received decryption materials that already contain a plaintext data key."))) 627 if (_2_valueOrError0).IsFailure() { 628 res = (_2_valueOrError0).PropagateFailure() 629 return res 630 } 631 var _3_valueOrError1 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq.SetString()) 632 _ = _3_valueOrError1 633 var _out0 m_Wrappers.Result 634 _ = _out0 635 _out0 = (_this).GetBranchKeyId((_0_materials).Dtor_encryptionContext()) 636 _3_valueOrError1 = _out0 637 if (_3_valueOrError1).IsFailure() { 638 res = (_3_valueOrError1).PropagateFailure() 639 return res 640 } 641 var _4_branchKeyIdForDecrypt _dafny.Sequence 642 _ = _4_branchKeyIdForDecrypt 643 _4_branchKeyIdForDecrypt = (_3_valueOrError1).Extract().(_dafny.Sequence) 644 var _5_filter *OnDecryptHierarchyEncryptedDataKeyFilter 645 _ = _5_filter 646 var _nw0 *OnDecryptHierarchyEncryptedDataKeyFilter = New_OnDecryptHierarchyEncryptedDataKeyFilter_() 647 _ = _nw0 648 _nw0.Ctor__(_4_branchKeyIdForDecrypt) 649 _5_filter = _nw0 650 var _6_valueOrError2 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 651 _ = _6_valueOrError2 652 var _out1 m_Wrappers.Result 653 _ = _out1 654 _out1 = m_Actions.Companion_Default___.FilterWithResult(_5_filter, (input).Dtor_encryptedDataKeys()) 655 _6_valueOrError2 = _out1 656 if (_6_valueOrError2).IsFailure() { 657 res = (_6_valueOrError2).PropagateFailure() 658 return res 659 } 660 var _7_edksToAttempt _dafny.Sequence 661 _ = _7_edksToAttempt 662 _7_edksToAttempt = (_6_valueOrError2).Extract().(_dafny.Sequence) 663 if (_dafny.IntOfUint32((_7_edksToAttempt).Cardinality())).Sign() == 0 { 664 var _8_valueOrError3 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq.SetString()) 665 _ = _8_valueOrError3 666 _8_valueOrError3 = m_ErrorMessages.Companion_Default___.IncorrectDataKeys((input).Dtor_encryptedDataKeys(), ((input).Dtor_materials()).Dtor_algorithmSuite(), _dafny.SeqOfString("")) 667 if (_8_valueOrError3).IsFailure() { 668 res = (_8_valueOrError3).PropagateFailure() 669 return res 670 } 671 var _9_errorMessage _dafny.Sequence 672 _ = _9_errorMessage 673 _9_errorMessage = (_8_valueOrError3).Extract().(_dafny.Sequence) 674 res = m_Wrappers.Companion_Result_.Create_Failure_(m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_9_errorMessage)) 675 return res 676 } 677 var _10_decryptClosure m_Actions.ActionWithResult 678 _ = _10_decryptClosure 679 var _nw1 *DecryptSingleEncryptedDataKey = New_DecryptSingleEncryptedDataKey_() 680 _ = _nw1 681 _nw1.Ctor__(_0_materials, (_this).KeyStore(), (_this).CryptoPrimitives(), _4_branchKeyIdForDecrypt, (_this).TtlSeconds(), (_this).Cache(), (_this).PartitionIdBytes(), (_this).LogicalKeyStoreNameBytes()) 682 _10_decryptClosure = _nw1 683 var _11_outcome m_Wrappers.Result 684 _ = _11_outcome 685 var _out2 m_Wrappers.Result 686 _ = _out2 687 _out2 = m_Actions.Companion_Default___.ReduceToSuccess(_10_decryptClosure, _7_edksToAttempt) 688 _11_outcome = _out2 689 var _12_valueOrError4 m_Wrappers.Result = m_Wrappers.Result{} 690 _ = _12_valueOrError4 691 _12_valueOrError4 = (_11_outcome).MapFailure(func(coer79 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 692 return func(arg80 interface{}) interface{} { 693 return coer79(arg80.(_dafny.Sequence)) 694 } 695 }(func(_13_errors _dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error { 696 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_CollectionOfErrors_(_13_errors, _dafny.SeqOfString("No Configured KMS Key was able to decrypt the Data Key. The list of encountered Exceptions is available via `list`.")) 697 })) 698 if (_12_valueOrError4).IsFailure() { 699 res = (_12_valueOrError4).PropagateFailure() 700 return res 701 } 702 var _14_SealedDecryptionMaterials m_AwsCryptographyMaterialProvidersTypes.DecryptionMaterials 703 _ = _14_SealedDecryptionMaterials 704 _14_SealedDecryptionMaterials = (_12_valueOrError4).Extract().(m_AwsCryptographyMaterialProvidersTypes.DecryptionMaterials) 705 res = m_Wrappers.Companion_Result_.Create_Success_(m_AwsCryptographyMaterialProvidersTypes.Companion_OnDecryptOutput_.Create_OnDecryptOutput_(_14_SealedDecryptionMaterials)) 706 return res 707 return res 708 } 709 } 710 func (_this *AwsKmsHierarchicalKeyring) GetActiveCacheId(branchKeyId _dafny.Sequence, branchKeyIdUtf8 _dafny.Sequence, cryptoPrimitives *m_AtomicPrimitives.AtomicPrimitivesClient) m_Wrappers.Result { 711 { 712 var cacheId m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 713 _ = cacheId 714 var _0_valueOrError0 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 715 _ = _0_valueOrError0 716 _0_valueOrError0 = m_Wrappers.Companion_Default___.Need((((m_UTF8.Decode(branchKeyIdUtf8)).MapFailure(func(coer80 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 717 return func(arg81 interface{}) interface{} { 718 return coer80(arg81.(_dafny.Sequence)) 719 } 720 }(m_AwsKmsUtils.Companion_Default___.WrapStringToError))).Is_Success()) && (func(_pat_let6_0 _dafny.Sequence) bool { 721 return func(_1_branchKeyId _dafny.Sequence) bool { 722 return (true) && (((_dafny.IntOfUint32((_1_branchKeyId).Cardinality())).Sign() != -1) && ((_dafny.IntOfUint32((_1_branchKeyId).Cardinality())).Cmp(m_StandardLibrary_UInt.Companion_Default___.UINT32__LIMIT()) < 0)) 723 }(_pat_let6_0) 724 }(((m_UTF8.Decode(branchKeyIdUtf8)).MapFailure(func(coer81 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 725 return func(arg82 interface{}) interface{} { 726 return coer81(arg82.(_dafny.Sequence)) 727 } 728 }(m_AwsKmsUtils.Companion_Default___.WrapStringToError))).Dtor_value().(_dafny.Sequence))), Companion_Default___.E(_dafny.SeqOfString("Invalid Branch Key ID Length"))) 729 if (_0_valueOrError0).IsFailure() { 730 cacheId = (_0_valueOrError0).PropagateFailure() 731 return cacheId 732 } 733 var _2_hashAlgorithm m_AwsCryptographyPrimitivesTypes.DigestAlgorithm 734 _ = _2_hashAlgorithm 735 _2_hashAlgorithm = m_AwsCryptographyPrimitivesTypes.Companion_DigestAlgorithm_.Create_SHA__384_() 736 var _3_resourceId _dafny.Sequence 737 _ = _3_resourceId 738 _3_resourceId = m_CacheConstants.Companion_Default___.RESOURCE__ID__HIERARCHICAL__KEYRING() 739 var _4_scopeId _dafny.Sequence 740 _ = _4_scopeId 741 _4_scopeId = m_CacheConstants.Companion_Default___.SCOPE__ID__ENCRYPT() 742 var _5_suffix _dafny.Sequence 743 _ = _5_suffix 744 _5_suffix = _dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate((_this).LogicalKeyStoreNameBytes(), m_CacheConstants.Companion_Default___.NULL__BYTE()), branchKeyIdUtf8) 745 var _6_identifier _dafny.Sequence 746 _ = _6_identifier 747 _6_identifier = _dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_3_resourceId, m_CacheConstants.Companion_Default___.NULL__BYTE()), _4_scopeId), m_CacheConstants.Companion_Default___.NULL__BYTE()), (_this).PartitionIdBytes()), m_CacheConstants.Companion_Default___.NULL__BYTE()), _5_suffix) 748 var _7_maybeCacheIdDigest m_Wrappers.Result 749 _ = _7_maybeCacheIdDigest 750 var _out0 m_Wrappers.Result 751 _ = _out0 752 _out0 = (cryptoPrimitives).Digest(m_AwsCryptographyPrimitivesTypes.Companion_DigestInput_.Create_DigestInput_(_2_hashAlgorithm, _6_identifier)) 753 _7_maybeCacheIdDigest = _out0 754 var _8_valueOrError1 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 755 _ = _8_valueOrError1 756 _8_valueOrError1 = (_7_maybeCacheIdDigest).MapFailure(func(coer82 func(m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 757 return func(arg83 interface{}) interface{} { 758 return coer82(arg83.(m_AwsCryptographyPrimitivesTypes.Error)) 759 } 760 }(func(_9_e m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error { 761 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographyPrimitives_(_9_e) 762 })) 763 if (_8_valueOrError1).IsFailure() { 764 cacheId = (_8_valueOrError1).PropagateFailure() 765 return cacheId 766 } 767 var _10_cacheDigest _dafny.Sequence 768 _ = _10_cacheDigest 769 _10_cacheDigest = (_8_valueOrError1).Extract().(_dafny.Sequence) 770 var _11_valueOrError2 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 771 _ = _11_valueOrError2 772 _11_valueOrError2 = m_Wrappers.Companion_Default___.Need((_dafny.IntOfUint32((_10_cacheDigest).Cardinality())).Cmp(m_Digest.Companion_Default___.Length(_2_hashAlgorithm)) == 0, m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Digest generated a message not equal to the expected length."))) 773 if (_11_valueOrError2).IsFailure() { 774 cacheId = (_11_valueOrError2).PropagateFailure() 775 return cacheId 776 } 777 cacheId = m_Wrappers.Companion_Result_.Create_Success_(_10_cacheDigest) 778 return cacheId 779 return cacheId 780 } 781 } 782 func (_this *AwsKmsHierarchicalKeyring) GetActiveHierarchicalMaterials(branchKeyId _dafny.Sequence, cacheId _dafny.Sequence, keyStore m_AwsCryptographyKeyStoreTypes.IKeyStoreClient) m_Wrappers.Result { 783 { 784 var material m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_AwsCryptographyKeyStoreTypes.Companion_BranchKeyMaterials_.Default()) 785 _ = material 786 var _0_getCacheInput m_AwsCryptographyMaterialProvidersTypes.GetCacheEntryInput 787 _ = _0_getCacheInput 788 _0_getCacheInput = m_AwsCryptographyMaterialProvidersTypes.Companion_GetCacheEntryInput_.Create_GetCacheEntryInput_(cacheId, m_Wrappers.Companion_Option_.Create_None_()) 789 var _1_getCacheOutput m_Wrappers.Result 790 _ = _1_getCacheOutput 791 var _out0 m_Wrappers.Result 792 _ = _out0 793 _out0 = ((_this).Cache()).GetCacheEntry(_0_getCacheInput) 794 _1_getCacheOutput = _out0 795 if ((_1_getCacheOutput).Is_Failure()) && (!(((_1_getCacheOutput).Dtor_error().(m_AwsCryptographyMaterialProvidersTypes.Error)).Is_EntryDoesNotExist())) { 796 material = m_Wrappers.Companion_Result_.Create_Failure_((_1_getCacheOutput).Dtor_error().(m_AwsCryptographyMaterialProvidersTypes.Error)) 797 return material 798 } 799 var _2_now int64 800 _ = _2_now 801 var _out1 int64 802 _ = _out1 803 _out1 = m__Time.CurrentRelativeTime() 804 _2_now = _out1 805 if ((_1_getCacheOutput).Is_Failure()) || (!(Companion_Default___.CacheEntryWithinLimits(((_1_getCacheOutput).Dtor_value().(m_AwsCryptographyMaterialProvidersTypes.GetCacheEntryOutput)).Dtor_creationTime(), _2_now, (_this).TtlSeconds()))) { 806 var _3_maybeGetActiveBranchKeyOutput m_Wrappers.Result 807 _ = _3_maybeGetActiveBranchKeyOutput 808 var _out2 m_Wrappers.Result 809 _ = _out2 810 _out2 = (keyStore).GetActiveBranchKey(m_AwsCryptographyKeyStoreTypes.Companion_GetActiveBranchKeyInput_.Create_GetActiveBranchKeyInput_(branchKeyId)) 811 _3_maybeGetActiveBranchKeyOutput = _out2 812 var _4_valueOrError0 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_AwsCryptographyKeyStoreTypes.Companion_GetActiveBranchKeyOutput_.Default()) 813 _ = _4_valueOrError0 814 _4_valueOrError0 = (_3_maybeGetActiveBranchKeyOutput).MapFailure(func(coer83 func(m_AwsCryptographyKeyStoreTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 815 return func(arg84 interface{}) interface{} { 816 return coer83(arg84.(m_AwsCryptographyKeyStoreTypes.Error)) 817 } 818 }(func(_5_e m_AwsCryptographyKeyStoreTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error { 819 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographyKeyStore_(_5_e) 820 })) 821 if (_4_valueOrError0).IsFailure() { 822 material = (_4_valueOrError0).PropagateFailure() 823 return material 824 } 825 var _6_getActiveBranchKeyOutput m_AwsCryptographyKeyStoreTypes.GetActiveBranchKeyOutput 826 _ = _6_getActiveBranchKeyOutput 827 _6_getActiveBranchKeyOutput = (_4_valueOrError0).Extract().(m_AwsCryptographyKeyStoreTypes.GetActiveBranchKeyOutput) 828 var _7_branchKeyMaterials m_AwsCryptographyKeyStoreTypes.BranchKeyMaterials 829 _ = _7_branchKeyMaterials 830 _7_branchKeyMaterials = (_6_getActiveBranchKeyOutput).Dtor_branchKeyMaterials() 831 var _8_now int64 832 _ = _8_now 833 var _out3 int64 834 _ = _out3 835 _out3 = m__Time.CurrentRelativeTime() 836 _8_now = _out3 837 var _9_valueOrError1 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 838 _ = _9_valueOrError1 839 _9_valueOrError1 = m_Wrappers.Companion_Default___.Need(((_dafny.IntOfInt64(_8_now)).Plus(_dafny.IntOfInt64((_this).TtlSeconds()))).Cmp(m_StandardLibrary_UInt.Companion_Default___.INT64__MAX__LIMIT()) < 0, m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("INT64 Overflow when putting cache entry."))) 840 if (_9_valueOrError1).IsFailure() { 841 material = (_9_valueOrError1).PropagateFailure() 842 return material 843 } 844 var _10_putCacheEntryInput m_AwsCryptographyMaterialProvidersTypes.PutCacheEntryInput 845 _ = _10_putCacheEntryInput 846 _10_putCacheEntryInput = m_AwsCryptographyMaterialProvidersTypes.Companion_PutCacheEntryInput_.Create_PutCacheEntryInput_(cacheId, m_AwsCryptographyMaterialProvidersTypes.Companion_Materials_.Create_BranchKey_(_7_branchKeyMaterials), _8_now, ((_this).TtlSeconds())+(_8_now), m_Wrappers.Companion_Option_.Create_None_(), m_Wrappers.Companion_Option_.Create_None_()) 847 var _11_putResult m_Wrappers.Result 848 _ = _11_putResult 849 var _out4 m_Wrappers.Result 850 _ = _out4 851 _out4 = ((_this).Cache()).PutCacheEntry(_10_putCacheEntryInput) 852 _11_putResult = _out4 853 if ((_11_putResult).Is_Failure()) && (!(((_11_putResult).Dtor_error().(m_AwsCryptographyMaterialProvidersTypes.Error)).Is_EntryAlreadyExists())) { 854 material = m_Wrappers.Companion_Result_.Create_Failure_((_11_putResult).Dtor_error().(m_AwsCryptographyMaterialProvidersTypes.Error)) 855 return material 856 } 857 material = m_Wrappers.Companion_Result_.Create_Success_(_7_branchKeyMaterials) 858 return material 859 } else { 860 var _12_valueOrError2 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 861 _ = _12_valueOrError2 862 _12_valueOrError2 = m_Wrappers.Companion_Default___.Need(((((_1_getCacheOutput).Dtor_value().(m_AwsCryptographyMaterialProvidersTypes.GetCacheEntryOutput)).Dtor_materials()).Is_BranchKey()) && ((((_1_getCacheOutput).Dtor_value().(m_AwsCryptographyMaterialProvidersTypes.GetCacheEntryOutput)).Dtor_materials()).Equals(m_AwsCryptographyMaterialProvidersTypes.Companion_Materials_.Create_BranchKey_((((_1_getCacheOutput).Dtor_value().(m_AwsCryptographyMaterialProvidersTypes.GetCacheEntryOutput)).Dtor_materials()).Dtor_BranchKey()))), Companion_Default___.E(_dafny.SeqOfString("Invalid Material Type."))) 863 if (_12_valueOrError2).IsFailure() { 864 material = (_12_valueOrError2).PropagateFailure() 865 return material 866 } 867 material = m_Wrappers.Companion_Result_.Create_Success_((((_1_getCacheOutput).Dtor_value().(m_AwsCryptographyMaterialProvidersTypes.GetCacheEntryOutput)).Dtor_materials()).Dtor_BranchKey()) 868 return material 869 } 870 return material 871 } 872 } 873 func (_this *AwsKmsHierarchicalKeyring) KeyStore() m_AwsCryptographyKeyStoreTypes.IKeyStoreClient { 874 { 875 return _this._keyStore 876 } 877 } 878 func (_this *AwsKmsHierarchicalKeyring) CryptoPrimitives() *m_AtomicPrimitives.AtomicPrimitivesClient { 879 { 880 return _this._cryptoPrimitives 881 } 882 } 883 func (_this *AwsKmsHierarchicalKeyring) Cache() m_AwsCryptographyMaterialProvidersTypes.ICryptographicMaterialsCache { 884 { 885 return _this._cache 886 } 887 } 888 func (_this *AwsKmsHierarchicalKeyring) BranchKeyIdSupplier() m_Wrappers.Option { 889 { 890 return _this._branchKeyIdSupplier 891 } 892 } 893 func (_this *AwsKmsHierarchicalKeyring) BranchKeyId() m_Wrappers.Option { 894 { 895 return _this._branchKeyId 896 } 897 } 898 func (_this *AwsKmsHierarchicalKeyring) TtlSeconds() int64 { 899 { 900 return _this._ttlSeconds 901 } 902 } 903 func (_this *AwsKmsHierarchicalKeyring) PartitionIdBytes() _dafny.Sequence { 904 { 905 return _this._partitionIdBytes 906 } 907 } 908 func (_this *AwsKmsHierarchicalKeyring) LogicalKeyStoreNameBytes() _dafny.Sequence { 909 { 910 return _this._logicalKeyStoreNameBytes 911 } 912 } 913 914 // End of class AwsKmsHierarchicalKeyring 915 916 // Definition of class OnDecryptHierarchyEncryptedDataKeyFilter 917 type OnDecryptHierarchyEncryptedDataKeyFilter struct { 918 _branchKeyId _dafny.Sequence 919 } 920 921 func New_OnDecryptHierarchyEncryptedDataKeyFilter_() *OnDecryptHierarchyEncryptedDataKeyFilter { 922 _this := OnDecryptHierarchyEncryptedDataKeyFilter{} 923 924 _this._branchKeyId = _dafny.EmptySeq.SetString() 925 return &_this 926 } 927 928 type CompanionStruct_OnDecryptHierarchyEncryptedDataKeyFilter_ struct { 929 } 930 931 var Companion_OnDecryptHierarchyEncryptedDataKeyFilter_ = CompanionStruct_OnDecryptHierarchyEncryptedDataKeyFilter_{} 932 933 func (_this *OnDecryptHierarchyEncryptedDataKeyFilter) Equals(other *OnDecryptHierarchyEncryptedDataKeyFilter) bool { 934 return _this == other 935 } 936 937 func (_this *OnDecryptHierarchyEncryptedDataKeyFilter) EqualsGeneric(x interface{}) bool { 938 other, ok := x.(*OnDecryptHierarchyEncryptedDataKeyFilter) 939 return ok && _this.Equals(other) 940 } 941 942 func (*OnDecryptHierarchyEncryptedDataKeyFilter) String() string { 943 return "AwsKmsHierarchicalKeyring.OnDecryptHierarchyEncryptedDataKeyFilter" 944 } 945 946 func Type_OnDecryptHierarchyEncryptedDataKeyFilter_() _dafny.TypeDescriptor { 947 return type_OnDecryptHierarchyEncryptedDataKeyFilter_{} 948 } 949 950 type type_OnDecryptHierarchyEncryptedDataKeyFilter_ struct { 951 } 952 953 func (_this type_OnDecryptHierarchyEncryptedDataKeyFilter_) Default() interface{} { 954 return (*OnDecryptHierarchyEncryptedDataKeyFilter)(nil) 955 } 956 957 func (_this type_OnDecryptHierarchyEncryptedDataKeyFilter_) String() string { 958 return "AwsKmsHierarchicalKeyring.OnDecryptHierarchyEncryptedDataKeyFilter" 959 } 960 func (_this *OnDecryptHierarchyEncryptedDataKeyFilter) ParentTraits_() []*_dafny.TraitID { 961 return [](*_dafny.TraitID){m_Actions.Companion_DeterministicActionWithResult_.TraitID_, m_Actions.Companion_DeterministicAction_.TraitID_} 962 } 963 964 var _ m_Actions.DeterministicActionWithResult = &OnDecryptHierarchyEncryptedDataKeyFilter{} 965 var _ m_Actions.DeterministicAction = &OnDecryptHierarchyEncryptedDataKeyFilter{} 966 var _ _dafny.TraitOffspring = &OnDecryptHierarchyEncryptedDataKeyFilter{} 967 968 func (_this *OnDecryptHierarchyEncryptedDataKeyFilter) Ctor__(branchKeyId _dafny.Sequence) { 969 { 970 (_this)._branchKeyId = branchKeyId 971 } 972 } 973 func (_this *OnDecryptHierarchyEncryptedDataKeyFilter) Invoke(edk interface{}) interface{} { 974 { 975 var edk m_AwsCryptographyMaterialProvidersTypes.EncryptedDataKey = edk.(m_AwsCryptographyMaterialProvidersTypes.EncryptedDataKey) 976 _ = edk 977 var res m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(false) 978 _ = res 979 var _0_providerInfo _dafny.Sequence 980 _ = _0_providerInfo 981 _0_providerInfo = (edk).Dtor_keyProviderInfo() 982 var _1_providerId _dafny.Sequence 983 _ = _1_providerId 984 _1_providerId = (edk).Dtor_keyProviderId() 985 if !_dafny.Companion_Sequence_.Equal(_1_providerId, m_Constants.Companion_Default___.PROVIDER__ID__HIERARCHY()) { 986 res = m_Wrappers.Companion_Result_.Create_Success_(false) 987 return res 988 } 989 if !(m_UTF8.Companion_Default___.ValidUTF8Seq(_0_providerInfo)) { 990 res = m_Wrappers.Companion_Result_.Create_Failure_(Companion_Default___.E(_dafny.SeqOfString("Invalid encoding, provider info is not UTF8."))) 991 return res 992 } 993 var _2_valueOrError0 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq.SetString()) 994 _ = _2_valueOrError0 995 _2_valueOrError0 = (m_UTF8.Decode(_0_providerInfo)).MapFailure(func(coer84 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 996 return func(arg85 interface{}) interface{} { 997 return coer84(arg85.(_dafny.Sequence)) 998 } 999 }(m_AwsKmsUtils.Companion_Default___.WrapStringToError)) 1000 if (_2_valueOrError0).IsFailure() { 1001 res = (_2_valueOrError0).PropagateFailure() 1002 return res 1003 } 1004 var _3_branchKeyId _dafny.Sequence 1005 _ = _3_branchKeyId 1006 _3_branchKeyId = (_2_valueOrError0).Extract().(_dafny.Sequence) 1007 res = m_Wrappers.Companion_Result_.Create_Success_(_dafny.Companion_Sequence_.Equal((_this).BranchKeyId(), _3_branchKeyId)) 1008 return res 1009 return res 1010 } 1011 } 1012 func (_this *OnDecryptHierarchyEncryptedDataKeyFilter) BranchKeyId() _dafny.Sequence { 1013 { 1014 return _this._branchKeyId 1015 } 1016 } 1017 1018 // End of class OnDecryptHierarchyEncryptedDataKeyFilter 1019 1020 // Definition of class DecryptSingleEncryptedDataKey 1021 type DecryptSingleEncryptedDataKey struct { 1022 _materials m_AwsCryptographyMaterialProvidersTypes.DecryptionMaterials 1023 _keyStore m_AwsCryptographyKeyStoreTypes.IKeyStoreClient 1024 _cryptoPrimitives *m_AtomicPrimitives.AtomicPrimitivesClient 1025 _branchKeyId _dafny.Sequence 1026 _ttlSeconds int64 1027 _cache m_AwsCryptographyMaterialProvidersTypes.ICryptographicMaterialsCache 1028 _partitionIdBytes _dafny.Sequence 1029 _logicalKeyStoreNameBytes _dafny.Sequence 1030 } 1031 1032 func New_DecryptSingleEncryptedDataKey_() *DecryptSingleEncryptedDataKey { 1033 _this := DecryptSingleEncryptedDataKey{} 1034 1035 _this._materials = m_AwsCryptographyMaterialProvidersTypes.DecryptionMaterials{} 1036 _this._keyStore = (m_AwsCryptographyKeyStoreTypes.IKeyStoreClient)(nil) 1037 _this._cryptoPrimitives = (*m_AtomicPrimitives.AtomicPrimitivesClient)(nil) 1038 _this._branchKeyId = _dafny.EmptySeq.SetString() 1039 _this._ttlSeconds = int64(0) 1040 _this._cache = (m_AwsCryptographyMaterialProvidersTypes.ICryptographicMaterialsCache)(nil) 1041 _this._partitionIdBytes = _dafny.EmptySeq 1042 _this._logicalKeyStoreNameBytes = _dafny.EmptySeq 1043 return &_this 1044 } 1045 1046 type CompanionStruct_DecryptSingleEncryptedDataKey_ struct { 1047 } 1048 1049 var Companion_DecryptSingleEncryptedDataKey_ = CompanionStruct_DecryptSingleEncryptedDataKey_{} 1050 1051 func (_this *DecryptSingleEncryptedDataKey) Equals(other *DecryptSingleEncryptedDataKey) bool { 1052 return _this == other 1053 } 1054 1055 func (_this *DecryptSingleEncryptedDataKey) EqualsGeneric(x interface{}) bool { 1056 other, ok := x.(*DecryptSingleEncryptedDataKey) 1057 return ok && _this.Equals(other) 1058 } 1059 1060 func (*DecryptSingleEncryptedDataKey) String() string { 1061 return "AwsKmsHierarchicalKeyring.DecryptSingleEncryptedDataKey" 1062 } 1063 1064 func Type_DecryptSingleEncryptedDataKey_() _dafny.TypeDescriptor { 1065 return type_DecryptSingleEncryptedDataKey_{} 1066 } 1067 1068 type type_DecryptSingleEncryptedDataKey_ struct { 1069 } 1070 1071 func (_this type_DecryptSingleEncryptedDataKey_) Default() interface{} { 1072 return (*DecryptSingleEncryptedDataKey)(nil) 1073 } 1074 1075 func (_this type_DecryptSingleEncryptedDataKey_) String() string { 1076 return "AwsKmsHierarchicalKeyring.DecryptSingleEncryptedDataKey" 1077 } 1078 func (_this *DecryptSingleEncryptedDataKey) ParentTraits_() []*_dafny.TraitID { 1079 return [](*_dafny.TraitID){m_Actions.Companion_ActionWithResult_.TraitID_, m_Actions.Companion_Action_.TraitID_} 1080 } 1081 1082 var _ m_Actions.ActionWithResult = &DecryptSingleEncryptedDataKey{} 1083 var _ m_Actions.Action = &DecryptSingleEncryptedDataKey{} 1084 var _ _dafny.TraitOffspring = &DecryptSingleEncryptedDataKey{} 1085 1086 func (_this *DecryptSingleEncryptedDataKey) Ctor__(materials m_AwsCryptographyMaterialProvidersTypes.DecryptionMaterials, keyStore m_AwsCryptographyKeyStoreTypes.IKeyStoreClient, cryptoPrimitives *m_AtomicPrimitives.AtomicPrimitivesClient, branchKeyId _dafny.Sequence, ttlSeconds int64, cache m_AwsCryptographyMaterialProvidersTypes.ICryptographicMaterialsCache, partitionIdBytes _dafny.Sequence, logicalKeyStoreNameBytes _dafny.Sequence) { 1087 { 1088 (_this)._materials = materials 1089 (_this)._keyStore = keyStore 1090 (_this)._cryptoPrimitives = cryptoPrimitives 1091 (_this)._branchKeyId = branchKeyId 1092 (_this)._ttlSeconds = ttlSeconds 1093 (_this)._cache = cache 1094 (_this)._partitionIdBytes = partitionIdBytes 1095 (_this)._logicalKeyStoreNameBytes = logicalKeyStoreNameBytes 1096 } 1097 } 1098 func (_this *DecryptSingleEncryptedDataKey) Invoke(edk interface{}) interface{} { 1099 { 1100 var edk m_AwsCryptographyMaterialProvidersTypes.EncryptedDataKey = edk.(m_AwsCryptographyMaterialProvidersTypes.EncryptedDataKey) 1101 _ = edk 1102 var res m_Wrappers.Result = m_Wrappers.Result{} 1103 _ = res 1104 var _0_valueOrError0 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 1105 _ = _0_valueOrError0 1106 _0_valueOrError0 = m_Wrappers.Companion_Default___.Need(m_UTF8.Companion_Default___.ValidUTF8Seq((edk).Dtor_keyProviderInfo()), m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Received invalid EDK provider info for Hierarchical Keyring"))) 1107 if (_0_valueOrError0).IsFailure() { 1108 res = (_0_valueOrError0).PropagateFailure() 1109 return res 1110 } 1111 var _1_suite m_AwsCryptographyMaterialProvidersTypes.AlgorithmSuiteInfo 1112 _ = _1_suite 1113 _1_suite = ((_this).Materials()).Dtor_algorithmSuite() 1114 var _2_keyProviderId _dafny.Sequence 1115 _ = _2_keyProviderId 1116 _2_keyProviderId = (edk).Dtor_keyProviderId() 1117 var _3_branchKeyIdUtf8 _dafny.Sequence 1118 _ = _3_branchKeyIdUtf8 1119 _3_branchKeyIdUtf8 = (edk).Dtor_keyProviderInfo() 1120 var _4_ciphertext _dafny.Sequence 1121 _ = _4_ciphertext 1122 _4_ciphertext = (edk).Dtor_ciphertext() 1123 var _5_valueOrError1 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 1124 _ = _5_valueOrError1 1125 _5_valueOrError1 = m_EdkWrapping.Companion_Default___.GetProviderWrappedMaterial(_4_ciphertext, _1_suite) 1126 if (_5_valueOrError1).IsFailure() { 1127 res = (_5_valueOrError1).PropagateFailure() 1128 return res 1129 } 1130 var _6_providerWrappedMaterial _dafny.Sequence 1131 _ = _6_providerWrappedMaterial 1132 _6_providerWrappedMaterial = (_5_valueOrError1).Extract().(_dafny.Sequence) 1133 var _7_valueOrError2 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 1134 _ = _7_valueOrError2 1135 _7_valueOrError2 = m_Wrappers.Companion_Default___.Need((_dafny.IntOfUint32((_6_providerWrappedMaterial).Cardinality())).Cmp(_dafny.IntOfInt32(Companion_Default___.EDK__CIPHERTEXT__VERSION__INDEX())) >= 0, m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Received EDK Ciphertext of incorrect length."))) 1136 if (_7_valueOrError2).IsFailure() { 1137 res = (_7_valueOrError2).PropagateFailure() 1138 return res 1139 } 1140 var _8_branchKeyVersionUuid _dafny.Sequence 1141 _ = _8_branchKeyVersionUuid 1142 _8_branchKeyVersionUuid = (_6_providerWrappedMaterial).Subsequence(uint32(Companion_Default___.EDK__CIPHERTEXT__BRANCH__KEY__VERSION__INDEX()), uint32(Companion_Default___.EDK__CIPHERTEXT__VERSION__INDEX())) 1143 var _9_valueOrError3 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq.SetString()) 1144 _ = _9_valueOrError3 1145 _9_valueOrError3 = (m_UUID.FromByteArray(_8_branchKeyVersionUuid)).MapFailure(func(coer85 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 1146 return func(arg86 interface{}) interface{} { 1147 return coer85(arg86.(_dafny.Sequence)) 1148 } 1149 }(m_AwsKmsUtils.Companion_Default___.WrapStringToError)) 1150 if (_9_valueOrError3).IsFailure() { 1151 res = (_9_valueOrError3).PropagateFailure() 1152 return res 1153 } 1154 var _10_version _dafny.Sequence 1155 _ = _10_version 1156 _10_version = (_9_valueOrError3).Extract().(_dafny.Sequence) 1157 var _11_valueOrError4 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 1158 _ = _11_valueOrError4 1159 var _out0 m_Wrappers.Result 1160 _ = _out0 1161 _out0 = (_this).GetVersionCacheId(_3_branchKeyIdUtf8, _10_version, (_this).CryptoPrimitives()) 1162 _11_valueOrError4 = _out0 1163 if (_11_valueOrError4).IsFailure() { 1164 res = (_11_valueOrError4).PropagateFailure() 1165 return res 1166 } 1167 var _12_cacheId _dafny.Sequence 1168 _ = _12_cacheId 1169 _12_cacheId = (_11_valueOrError4).Extract().(_dafny.Sequence) 1170 var _13_valueOrError5 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_AwsCryptographyKeyStoreTypes.Companion_BranchKeyMaterials_.Default()) 1171 _ = _13_valueOrError5 1172 var _out1 m_Wrappers.Result 1173 _ = _out1 1174 _out1 = (_this).GetHierarchicalMaterialsVersion((_this).BranchKeyId(), _3_branchKeyIdUtf8, _10_version, _12_cacheId) 1175 _13_valueOrError5 = _out1 1176 if (_13_valueOrError5).IsFailure() { 1177 res = (_13_valueOrError5).PropagateFailure() 1178 return res 1179 } 1180 var _14_hierarchicalMaterials m_AwsCryptographyKeyStoreTypes.BranchKeyMaterials 1181 _ = _14_hierarchicalMaterials 1182 _14_hierarchicalMaterials = (_13_valueOrError5).Extract().(m_AwsCryptographyKeyStoreTypes.BranchKeyMaterials) 1183 var _15_branchKey _dafny.Sequence 1184 _ = _15_branchKey 1185 _15_branchKey = (_14_hierarchicalMaterials).Dtor_branchKey() 1186 var _16_branchKeyVersion _dafny.Sequence 1187 _ = _16_branchKeyVersion 1188 _16_branchKeyVersion = (_14_hierarchicalMaterials).Dtor_branchKeyVersion() 1189 var _17_valueOrError6 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq.SetString()) 1190 _ = _17_valueOrError6 1191 _17_valueOrError6 = (m_UTF8.Decode(_16_branchKeyVersion)).MapFailure(func(coer86 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 1192 return func(arg87 interface{}) interface{} { 1193 return coer86(arg87.(_dafny.Sequence)) 1194 } 1195 }(m_AwsKmsUtils.Companion_Default___.WrapStringToError)) 1196 if (_17_valueOrError6).IsFailure() { 1197 res = (_17_valueOrError6).PropagateFailure() 1198 return res 1199 } 1200 var _18_branchKeyVersionAsString _dafny.Sequence 1201 _ = _18_branchKeyVersionAsString 1202 _18_branchKeyVersionAsString = (_17_valueOrError6).Extract().(_dafny.Sequence) 1203 var _19_valueOrError7 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 1204 _ = _19_valueOrError7 1205 _19_valueOrError7 = (m_UUID.ToByteArray(_18_branchKeyVersionAsString)).MapFailure(func(coer87 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 1206 return func(arg88 interface{}) interface{} { 1207 return coer87(arg88.(_dafny.Sequence)) 1208 } 1209 }(m_AwsKmsUtils.Companion_Default___.WrapStringToError)) 1210 if (_19_valueOrError7).IsFailure() { 1211 res = (_19_valueOrError7).PropagateFailure() 1212 return res 1213 } 1214 var _20_branchKeyVersionAsBytes _dafny.Sequence 1215 _ = _20_branchKeyVersionAsBytes 1216 _20_branchKeyVersionAsBytes = (_19_valueOrError7).Extract().(_dafny.Sequence) 1217 var _21_maybeCrypto m_Wrappers.Result 1218 _ = _21_maybeCrypto 1219 var _out2 m_Wrappers.Result 1220 _ = _out2 1221 _out2 = m_AtomicPrimitives.Companion_Default___.AtomicPrimitives(m_AtomicPrimitives.Companion_Default___.DefaultCryptoConfig()) 1222 _21_maybeCrypto = _out2 1223 var _22_valueOrError8 m_Wrappers.Result = m_Wrappers.Result{} 1224 _ = _22_valueOrError8 1225 _22_valueOrError8 = (_21_maybeCrypto).MapFailure(func(coer88 func(m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 1226 return func(arg89 interface{}) interface{} { 1227 return coer88(arg89.(m_AwsCryptographyPrimitivesTypes.Error)) 1228 } 1229 }(func(_23_e m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error { 1230 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographyPrimitives_(_23_e) 1231 })) 1232 if (_22_valueOrError8).IsFailure() { 1233 res = (_22_valueOrError8).PropagateFailure() 1234 return res 1235 } 1236 var _24_cryptoPrimitivesX m_AwsCryptographyPrimitivesTypes.IAwsCryptographicPrimitivesClient 1237 _ = _24_cryptoPrimitivesX 1238 _24_cryptoPrimitivesX = (_22_valueOrError8).Extract().(*m_AtomicPrimitives.AtomicPrimitivesClient) 1239 var _25_cryptoPrimitives *m_AtomicPrimitives.AtomicPrimitivesClient 1240 _ = _25_cryptoPrimitives 1241 _25_cryptoPrimitives = _24_cryptoPrimitivesX.(*m_AtomicPrimitives.AtomicPrimitivesClient) 1242 var _26_kmsHierarchyUnwrap *KmsHierarchyUnwrapKeyMaterial 1243 _ = _26_kmsHierarchyUnwrap 1244 var _nw0 *KmsHierarchyUnwrapKeyMaterial = New_KmsHierarchyUnwrapKeyMaterial_() 1245 _ = _nw0 1246 _nw0.Ctor__(_15_branchKey, _3_branchKeyIdUtf8, _20_branchKeyVersionAsBytes, _25_cryptoPrimitives) 1247 _26_kmsHierarchyUnwrap = _nw0 1248 var _27_unwrapOutputRes m_Wrappers.Result 1249 _ = _27_unwrapOutputRes 1250 var _out3 m_Wrappers.Result 1251 _ = _out3 1252 _out3 = m_EdkWrapping.Companion_Default___.UnwrapEdkMaterial((edk).Dtor_ciphertext(), (_this).Materials(), _26_kmsHierarchyUnwrap) 1253 _27_unwrapOutputRes = _out3 1254 var _28_valueOrError9 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_EdkWrapping.Companion_UnwrapEdkMaterialOutput_.Default(Companion_HierarchyUnwrapInfo_.Default())) 1255 _ = _28_valueOrError9 1256 _28_valueOrError9 = _27_unwrapOutputRes 1257 if (_28_valueOrError9).IsFailure() { 1258 res = (_28_valueOrError9).PropagateFailure() 1259 return res 1260 } 1261 var _29_unwrapOutput m_EdkWrapping.UnwrapEdkMaterialOutput 1262 _ = _29_unwrapOutput 1263 _29_unwrapOutput = (_28_valueOrError9).Extract().(m_EdkWrapping.UnwrapEdkMaterialOutput) 1264 var _30_valueOrError10 m_Wrappers.Result = m_Wrappers.Result{} 1265 _ = _30_valueOrError10 1266 _30_valueOrError10 = m_Materials.Companion_Default___.DecryptionMaterialsAddDataKey((_this).Materials(), (_29_unwrapOutput).Dtor_plaintextDataKey(), (_29_unwrapOutput).Dtor_symmetricSigningKey()) 1267 if (_30_valueOrError10).IsFailure() { 1268 res = (_30_valueOrError10).PropagateFailure() 1269 return res 1270 } 1271 var _31_result m_AwsCryptographyMaterialProvidersTypes.DecryptionMaterials 1272 _ = _31_result 1273 _31_result = (_30_valueOrError10).Extract().(m_AwsCryptographyMaterialProvidersTypes.DecryptionMaterials) 1274 res = m_Wrappers.Companion_Result_.Create_Success_(_31_result) 1275 return res 1276 return res 1277 } 1278 } 1279 func (_this *DecryptSingleEncryptedDataKey) GetVersionCacheId(branchKeyIdUtf8 _dafny.Sequence, branchKeyVersion _dafny.Sequence, cryptoPrimitives *m_AtomicPrimitives.AtomicPrimitivesClient) m_Wrappers.Result { 1280 { 1281 var cacheId m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 1282 _ = cacheId 1283 var _0_valueOrError0 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 1284 _ = _0_valueOrError0 1285 _0_valueOrError0 = m_Wrappers.Companion_Default___.Need((((m_UTF8.Decode(branchKeyIdUtf8)).MapFailure(func(coer89 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 1286 return func(arg90 interface{}) interface{} { 1287 return coer89(arg90.(_dafny.Sequence)) 1288 } 1289 }(m_AwsKmsUtils.Companion_Default___.WrapStringToError))).Is_Success()) && (func(_pat_let7_0 _dafny.Sequence) bool { 1290 return func(_1_branchKeyId _dafny.Sequence) bool { 1291 return (true) && (((_dafny.IntOfUint32((_1_branchKeyId).Cardinality())).Sign() != -1) && ((_dafny.IntOfUint32((_1_branchKeyId).Cardinality())).Cmp(m_StandardLibrary_UInt.Companion_Default___.UINT32__LIMIT()) < 0)) 1292 }(_pat_let7_0) 1293 }(((m_UTF8.Decode(branchKeyIdUtf8)).MapFailure(func(coer90 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 1294 return func(arg91 interface{}) interface{} { 1295 return coer90(arg91.(_dafny.Sequence)) 1296 } 1297 }(m_AwsKmsUtils.Companion_Default___.WrapStringToError))).Dtor_value().(_dafny.Sequence))), Companion_Default___.E(_dafny.SeqOfString("Invalid Branch Key ID Length"))) 1298 if (_0_valueOrError0).IsFailure() { 1299 cacheId = (_0_valueOrError0).PropagateFailure() 1300 return cacheId 1301 } 1302 var _2_hashAlgorithm m_AwsCryptographyPrimitivesTypes.DigestAlgorithm 1303 _ = _2_hashAlgorithm 1304 _2_hashAlgorithm = m_AwsCryptographyPrimitivesTypes.Companion_DigestAlgorithm_.Create_SHA__384_() 1305 var _3_resourceId _dafny.Sequence 1306 _ = _3_resourceId 1307 _3_resourceId = m_CacheConstants.Companion_Default___.RESOURCE__ID__HIERARCHICAL__KEYRING() 1308 var _4_scopeId _dafny.Sequence 1309 _ = _4_scopeId 1310 _4_scopeId = m_CacheConstants.Companion_Default___.SCOPE__ID__DECRYPT() 1311 var _5_valueOrError1 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 1312 _ = _5_valueOrError1 1313 _5_valueOrError1 = m_Wrappers.Companion_Default___.Need(m_UTF8.Companion_Default___.IsASCIIString(branchKeyVersion), Companion_Default___.E(_dafny.SeqOfString("Unable to represent as an ASCII string."))) 1314 if (_5_valueOrError1).IsFailure() { 1315 cacheId = (_5_valueOrError1).PropagateFailure() 1316 return cacheId 1317 } 1318 var _6_versionBytes _dafny.Sequence 1319 _ = _6_versionBytes 1320 _6_versionBytes = m_UTF8.Companion_Default___.EncodeAscii(branchKeyVersion) 1321 var _7_suffix _dafny.Sequence 1322 _ = _7_suffix 1323 _7_suffix = _dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate((_this).LogicalKeyStoreNameBytes(), m_CacheConstants.Companion_Default___.NULL__BYTE()), branchKeyIdUtf8), m_CacheConstants.Companion_Default___.NULL__BYTE()), _6_versionBytes) 1324 var _8_identifier _dafny.Sequence 1325 _ = _8_identifier 1326 _8_identifier = _dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_3_resourceId, m_CacheConstants.Companion_Default___.NULL__BYTE()), _4_scopeId), m_CacheConstants.Companion_Default___.NULL__BYTE()), (_this).PartitionIdBytes()), m_CacheConstants.Companion_Default___.NULL__BYTE()), _7_suffix) 1327 var _9_identifierDigestInput m_AwsCryptographyPrimitivesTypes.DigestInput 1328 _ = _9_identifierDigestInput 1329 _9_identifierDigestInput = m_AwsCryptographyPrimitivesTypes.Companion_DigestInput_.Create_DigestInput_(_2_hashAlgorithm, _8_identifier) 1330 var _10_maybeCacheDigest m_Wrappers.Result 1331 _ = _10_maybeCacheDigest 1332 var _out0 m_Wrappers.Result 1333 _ = _out0 1334 _out0 = m_Digest.Companion_Default___.Digest(_9_identifierDigestInput) 1335 _10_maybeCacheDigest = _out0 1336 var _11_valueOrError2 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 1337 _ = _11_valueOrError2 1338 _11_valueOrError2 = (_10_maybeCacheDigest).MapFailure(func(coer91 func(m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 1339 return func(arg92 interface{}) interface{} { 1340 return coer91(arg92.(m_AwsCryptographyPrimitivesTypes.Error)) 1341 } 1342 }(func(_12_e m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error { 1343 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographyPrimitives_(_12_e) 1344 })) 1345 if (_11_valueOrError2).IsFailure() { 1346 cacheId = (_11_valueOrError2).PropagateFailure() 1347 return cacheId 1348 } 1349 var _13_cacheDigest _dafny.Sequence 1350 _ = _13_cacheDigest 1351 _13_cacheDigest = (_11_valueOrError2).Extract().(_dafny.Sequence) 1352 var _14_valueOrError3 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 1353 _ = _14_valueOrError3 1354 _14_valueOrError3 = m_Wrappers.Companion_Default___.Need((_dafny.IntOfUint32((_13_cacheDigest).Cardinality())).Cmp(m_Digest.Companion_Default___.Length(_2_hashAlgorithm)) == 0, m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Digest generated a message not equal to the expected length."))) 1355 if (_14_valueOrError3).IsFailure() { 1356 cacheId = (_14_valueOrError3).PropagateFailure() 1357 return cacheId 1358 } 1359 cacheId = m_Wrappers.Companion_Result_.Create_Success_(_13_cacheDigest) 1360 return cacheId 1361 return cacheId 1362 } 1363 } 1364 func (_this *DecryptSingleEncryptedDataKey) GetHierarchicalMaterialsVersion(branchKeyId _dafny.Sequence, branchKeyIdUtf8 _dafny.Sequence, version _dafny.Sequence, cacheId _dafny.Sequence) m_Wrappers.Result { 1365 { 1366 var material m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_AwsCryptographyKeyStoreTypes.Companion_BranchKeyMaterials_.Default()) 1367 _ = material 1368 var _0_getCacheInput m_AwsCryptographyMaterialProvidersTypes.GetCacheEntryInput 1369 _ = _0_getCacheInput 1370 _0_getCacheInput = m_AwsCryptographyMaterialProvidersTypes.Companion_GetCacheEntryInput_.Create_GetCacheEntryInput_(cacheId, m_Wrappers.Companion_Option_.Create_None_()) 1371 var _1_getCacheOutput m_Wrappers.Result 1372 _ = _1_getCacheOutput 1373 var _out0 m_Wrappers.Result 1374 _ = _out0 1375 _out0 = ((_this).Cache()).GetCacheEntry(_0_getCacheInput) 1376 _1_getCacheOutput = _out0 1377 if ((_1_getCacheOutput).Is_Failure()) && (!(((_1_getCacheOutput).Dtor_error().(m_AwsCryptographyMaterialProvidersTypes.Error)).Is_EntryDoesNotExist())) { 1378 material = m_Wrappers.Companion_Result_.Create_Failure_((_1_getCacheOutput).Dtor_error().(m_AwsCryptographyMaterialProvidersTypes.Error)) 1379 return material 1380 } 1381 var _2_now int64 1382 _ = _2_now 1383 var _out1 int64 1384 _ = _out1 1385 _out1 = m__Time.CurrentRelativeTime() 1386 _2_now = _out1 1387 if ((_1_getCacheOutput).Is_Failure()) || (!(Companion_Default___.CacheEntryWithinLimits(((_1_getCacheOutput).Dtor_value().(m_AwsCryptographyMaterialProvidersTypes.GetCacheEntryOutput)).Dtor_creationTime(), _2_now, (_this).TtlSeconds()))) { 1388 var _3_maybeGetBranchKeyVersionOutput m_Wrappers.Result 1389 _ = _3_maybeGetBranchKeyVersionOutput 1390 var _out2 m_Wrappers.Result 1391 _ = _out2 1392 _out2 = ((_this).KeyStore()).GetBranchKeyVersion(m_AwsCryptographyKeyStoreTypes.Companion_GetBranchKeyVersionInput_.Create_GetBranchKeyVersionInput_(branchKeyId, version)) 1393 _3_maybeGetBranchKeyVersionOutput = _out2 1394 var _4_valueOrError0 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_AwsCryptographyKeyStoreTypes.Companion_GetBranchKeyVersionOutput_.Default()) 1395 _ = _4_valueOrError0 1396 _4_valueOrError0 = (_3_maybeGetBranchKeyVersionOutput).MapFailure(func(coer92 func(m_AwsCryptographyKeyStoreTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 1397 return func(arg93 interface{}) interface{} { 1398 return coer92(arg93.(m_AwsCryptographyKeyStoreTypes.Error)) 1399 } 1400 }(func(_5_e m_AwsCryptographyKeyStoreTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error { 1401 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographyKeyStore_(_5_e) 1402 })) 1403 if (_4_valueOrError0).IsFailure() { 1404 material = (_4_valueOrError0).PropagateFailure() 1405 return material 1406 } 1407 var _6_getBranchKeyVersionOutput m_AwsCryptographyKeyStoreTypes.GetBranchKeyVersionOutput 1408 _ = _6_getBranchKeyVersionOutput 1409 _6_getBranchKeyVersionOutput = (_4_valueOrError0).Extract().(m_AwsCryptographyKeyStoreTypes.GetBranchKeyVersionOutput) 1410 var _7_branchKeyMaterials m_AwsCryptographyKeyStoreTypes.BranchKeyMaterials 1411 _ = _7_branchKeyMaterials 1412 _7_branchKeyMaterials = (_6_getBranchKeyVersionOutput).Dtor_branchKeyMaterials() 1413 var _8_now int64 1414 _ = _8_now 1415 var _out3 int64 1416 _ = _out3 1417 _out3 = m__Time.CurrentRelativeTime() 1418 _8_now = _out3 1419 var _9_valueOrError1 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 1420 _ = _9_valueOrError1 1421 _9_valueOrError1 = m_Wrappers.Companion_Default___.Need(((_dafny.IntOfInt64(_8_now)).Plus(_dafny.IntOfInt64((_this).TtlSeconds()))).Cmp(m_StandardLibrary_UInt.Companion_Default___.INT64__MAX__LIMIT()) < 0, m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("INT64 Overflow when putting cache entry."))) 1422 if (_9_valueOrError1).IsFailure() { 1423 material = (_9_valueOrError1).PropagateFailure() 1424 return material 1425 } 1426 var _10_putCacheEntryInput m_AwsCryptographyMaterialProvidersTypes.PutCacheEntryInput 1427 _ = _10_putCacheEntryInput 1428 _10_putCacheEntryInput = m_AwsCryptographyMaterialProvidersTypes.Companion_PutCacheEntryInput_.Create_PutCacheEntryInput_(cacheId, m_AwsCryptographyMaterialProvidersTypes.Companion_Materials_.Create_BranchKey_(_7_branchKeyMaterials), _8_now, ((_this).TtlSeconds())+(_8_now), m_Wrappers.Companion_Option_.Create_None_(), m_Wrappers.Companion_Option_.Create_None_()) 1429 var _11_putResult m_Wrappers.Result 1430 _ = _11_putResult 1431 var _out4 m_Wrappers.Result 1432 _ = _out4 1433 _out4 = ((_this).Cache()).PutCacheEntry(_10_putCacheEntryInput) 1434 _11_putResult = _out4 1435 if ((_11_putResult).Is_Failure()) && (!(((_11_putResult).Dtor_error().(m_AwsCryptographyMaterialProvidersTypes.Error)).Is_EntryAlreadyExists())) { 1436 material = m_Wrappers.Companion_Result_.Create_Failure_((_11_putResult).Dtor_error().(m_AwsCryptographyMaterialProvidersTypes.Error)) 1437 return material 1438 } 1439 material = m_Wrappers.Companion_Result_.Create_Success_(_7_branchKeyMaterials) 1440 return material 1441 } else { 1442 var _12_valueOrError2 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 1443 _ = _12_valueOrError2 1444 _12_valueOrError2 = m_Wrappers.Companion_Default___.Need(((((_1_getCacheOutput).Dtor_value().(m_AwsCryptographyMaterialProvidersTypes.GetCacheEntryOutput)).Dtor_materials()).Is_BranchKey()) && ((((_1_getCacheOutput).Dtor_value().(m_AwsCryptographyMaterialProvidersTypes.GetCacheEntryOutput)).Dtor_materials()).Equals(m_AwsCryptographyMaterialProvidersTypes.Companion_Materials_.Create_BranchKey_((((_1_getCacheOutput).Dtor_value().(m_AwsCryptographyMaterialProvidersTypes.GetCacheEntryOutput)).Dtor_materials()).Dtor_BranchKey()))), Companion_Default___.E(_dafny.SeqOfString("Invalid Material Type."))) 1445 if (_12_valueOrError2).IsFailure() { 1446 material = (_12_valueOrError2).PropagateFailure() 1447 return material 1448 } 1449 material = m_Wrappers.Companion_Result_.Create_Success_((((_1_getCacheOutput).Dtor_value().(m_AwsCryptographyMaterialProvidersTypes.GetCacheEntryOutput)).Dtor_materials()).Dtor_BranchKey()) 1450 return material 1451 } 1452 return material 1453 } 1454 } 1455 func (_this *DecryptSingleEncryptedDataKey) Materials() m_AwsCryptographyMaterialProvidersTypes.DecryptionMaterials { 1456 { 1457 return _this._materials 1458 } 1459 } 1460 func (_this *DecryptSingleEncryptedDataKey) KeyStore() m_AwsCryptographyKeyStoreTypes.IKeyStoreClient { 1461 { 1462 return _this._keyStore 1463 } 1464 } 1465 func (_this *DecryptSingleEncryptedDataKey) CryptoPrimitives() *m_AtomicPrimitives.AtomicPrimitivesClient { 1466 { 1467 return _this._cryptoPrimitives 1468 } 1469 } 1470 func (_this *DecryptSingleEncryptedDataKey) BranchKeyId() _dafny.Sequence { 1471 { 1472 return _this._branchKeyId 1473 } 1474 } 1475 func (_this *DecryptSingleEncryptedDataKey) TtlSeconds() int64 { 1476 { 1477 return _this._ttlSeconds 1478 } 1479 } 1480 func (_this *DecryptSingleEncryptedDataKey) Cache() m_AwsCryptographyMaterialProvidersTypes.ICryptographicMaterialsCache { 1481 { 1482 return _this._cache 1483 } 1484 } 1485 func (_this *DecryptSingleEncryptedDataKey) PartitionIdBytes() _dafny.Sequence { 1486 { 1487 return _this._partitionIdBytes 1488 } 1489 } 1490 func (_this *DecryptSingleEncryptedDataKey) LogicalKeyStoreNameBytes() _dafny.Sequence { 1491 { 1492 return _this._logicalKeyStoreNameBytes 1493 } 1494 } 1495 1496 // End of class DecryptSingleEncryptedDataKey 1497 1498 // Definition of datatype HierarchyUnwrapInfo 1499 type HierarchyUnwrapInfo struct { 1500 Data_HierarchyUnwrapInfo_ 1501 } 1502 1503 func (_this HierarchyUnwrapInfo) Get_() Data_HierarchyUnwrapInfo_ { 1504 return _this.Data_HierarchyUnwrapInfo_ 1505 } 1506 1507 type Data_HierarchyUnwrapInfo_ interface { 1508 isHierarchyUnwrapInfo() 1509 } 1510 1511 type CompanionStruct_HierarchyUnwrapInfo_ struct { 1512 } 1513 1514 var Companion_HierarchyUnwrapInfo_ = CompanionStruct_HierarchyUnwrapInfo_{} 1515 1516 type HierarchyUnwrapInfo_HierarchyUnwrapInfo struct { 1517 } 1518 1519 func (HierarchyUnwrapInfo_HierarchyUnwrapInfo) isHierarchyUnwrapInfo() {} 1520 1521 func (CompanionStruct_HierarchyUnwrapInfo_) Create_HierarchyUnwrapInfo_() HierarchyUnwrapInfo { 1522 return HierarchyUnwrapInfo{HierarchyUnwrapInfo_HierarchyUnwrapInfo{}} 1523 } 1524 1525 func (_this HierarchyUnwrapInfo) Is_HierarchyUnwrapInfo() bool { 1526 _, ok := _this.Get_().(HierarchyUnwrapInfo_HierarchyUnwrapInfo) 1527 return ok 1528 } 1529 1530 func (CompanionStruct_HierarchyUnwrapInfo_) Default() HierarchyUnwrapInfo { 1531 return Companion_HierarchyUnwrapInfo_.Create_HierarchyUnwrapInfo_() 1532 } 1533 1534 func (_ CompanionStruct_HierarchyUnwrapInfo_) AllSingletonConstructors() _dafny.Iterator { 1535 i := -1 1536 return func() (interface{}, bool) { 1537 i++ 1538 switch i { 1539 case 0: 1540 return Companion_HierarchyUnwrapInfo_.Create_HierarchyUnwrapInfo_(), true 1541 default: 1542 return HierarchyUnwrapInfo{}, false 1543 } 1544 } 1545 } 1546 1547 func (_this HierarchyUnwrapInfo) String() string { 1548 switch _this.Get_().(type) { 1549 case nil: 1550 return "null" 1551 case HierarchyUnwrapInfo_HierarchyUnwrapInfo: 1552 { 1553 return "AwsKmsHierarchicalKeyring.HierarchyUnwrapInfo.HierarchyUnwrapInfo" 1554 } 1555 default: 1556 { 1557 return "<unexpected>" 1558 } 1559 } 1560 } 1561 1562 func (_this HierarchyUnwrapInfo) Equals(other HierarchyUnwrapInfo) bool { 1563 switch _this.Get_().(type) { 1564 case HierarchyUnwrapInfo_HierarchyUnwrapInfo: 1565 { 1566 _, ok := other.Get_().(HierarchyUnwrapInfo_HierarchyUnwrapInfo) 1567 return ok 1568 } 1569 default: 1570 { 1571 return false // unexpected 1572 } 1573 } 1574 } 1575 1576 func (_this HierarchyUnwrapInfo) EqualsGeneric(other interface{}) bool { 1577 typed, ok := other.(HierarchyUnwrapInfo) 1578 return ok && _this.Equals(typed) 1579 } 1580 1581 func Type_HierarchyUnwrapInfo_() _dafny.TypeDescriptor { 1582 return type_HierarchyUnwrapInfo_{} 1583 } 1584 1585 type type_HierarchyUnwrapInfo_ struct { 1586 } 1587 1588 func (_this type_HierarchyUnwrapInfo_) Default() interface{} { 1589 return Companion_HierarchyUnwrapInfo_.Default() 1590 } 1591 1592 func (_this type_HierarchyUnwrapInfo_) String() string { 1593 return "AwsKmsHierarchicalKeyring.HierarchyUnwrapInfo" 1594 } 1595 func (_this HierarchyUnwrapInfo) ParentTraits_() []*_dafny.TraitID { 1596 return [](*_dafny.TraitID){} 1597 } 1598 1599 var _ _dafny.TraitOffspring = HierarchyUnwrapInfo{} 1600 1601 // End of datatype HierarchyUnwrapInfo 1602 1603 // Definition of datatype HierarchyWrapInfo 1604 type HierarchyWrapInfo struct { 1605 Data_HierarchyWrapInfo_ 1606 } 1607 1608 func (_this HierarchyWrapInfo) Get_() Data_HierarchyWrapInfo_ { 1609 return _this.Data_HierarchyWrapInfo_ 1610 } 1611 1612 type Data_HierarchyWrapInfo_ interface { 1613 isHierarchyWrapInfo() 1614 } 1615 1616 type CompanionStruct_HierarchyWrapInfo_ struct { 1617 } 1618 1619 var Companion_HierarchyWrapInfo_ = CompanionStruct_HierarchyWrapInfo_{} 1620 1621 type HierarchyWrapInfo_HierarchyWrapInfo struct { 1622 } 1623 1624 func (HierarchyWrapInfo_HierarchyWrapInfo) isHierarchyWrapInfo() {} 1625 1626 func (CompanionStruct_HierarchyWrapInfo_) Create_HierarchyWrapInfo_() HierarchyWrapInfo { 1627 return HierarchyWrapInfo{HierarchyWrapInfo_HierarchyWrapInfo{}} 1628 } 1629 1630 func (_this HierarchyWrapInfo) Is_HierarchyWrapInfo() bool { 1631 _, ok := _this.Get_().(HierarchyWrapInfo_HierarchyWrapInfo) 1632 return ok 1633 } 1634 1635 func (CompanionStruct_HierarchyWrapInfo_) Default() HierarchyWrapInfo { 1636 return Companion_HierarchyWrapInfo_.Create_HierarchyWrapInfo_() 1637 } 1638 1639 func (_ CompanionStruct_HierarchyWrapInfo_) AllSingletonConstructors() _dafny.Iterator { 1640 i := -1 1641 return func() (interface{}, bool) { 1642 i++ 1643 switch i { 1644 case 0: 1645 return Companion_HierarchyWrapInfo_.Create_HierarchyWrapInfo_(), true 1646 default: 1647 return HierarchyWrapInfo{}, false 1648 } 1649 } 1650 } 1651 1652 func (_this HierarchyWrapInfo) String() string { 1653 switch _this.Get_().(type) { 1654 case nil: 1655 return "null" 1656 case HierarchyWrapInfo_HierarchyWrapInfo: 1657 { 1658 return "AwsKmsHierarchicalKeyring.HierarchyWrapInfo.HierarchyWrapInfo" 1659 } 1660 default: 1661 { 1662 return "<unexpected>" 1663 } 1664 } 1665 } 1666 1667 func (_this HierarchyWrapInfo) Equals(other HierarchyWrapInfo) bool { 1668 switch _this.Get_().(type) { 1669 case HierarchyWrapInfo_HierarchyWrapInfo: 1670 { 1671 _, ok := other.Get_().(HierarchyWrapInfo_HierarchyWrapInfo) 1672 return ok 1673 } 1674 default: 1675 { 1676 return false // unexpected 1677 } 1678 } 1679 } 1680 1681 func (_this HierarchyWrapInfo) EqualsGeneric(other interface{}) bool { 1682 typed, ok := other.(HierarchyWrapInfo) 1683 return ok && _this.Equals(typed) 1684 } 1685 1686 func Type_HierarchyWrapInfo_() _dafny.TypeDescriptor { 1687 return type_HierarchyWrapInfo_{} 1688 } 1689 1690 type type_HierarchyWrapInfo_ struct { 1691 } 1692 1693 func (_this type_HierarchyWrapInfo_) Default() interface{} { 1694 return Companion_HierarchyWrapInfo_.Default() 1695 } 1696 1697 func (_this type_HierarchyWrapInfo_) String() string { 1698 return "AwsKmsHierarchicalKeyring.HierarchyWrapInfo" 1699 } 1700 func (_this HierarchyWrapInfo) ParentTraits_() []*_dafny.TraitID { 1701 return [](*_dafny.TraitID){} 1702 } 1703 1704 var _ _dafny.TraitOffspring = HierarchyWrapInfo{} 1705 1706 // End of datatype HierarchyWrapInfo 1707 1708 // Definition of class KmsHierarchyUnwrapKeyMaterial 1709 type KmsHierarchyUnwrapKeyMaterial struct { 1710 _crypto *m_AtomicPrimitives.AtomicPrimitivesClient 1711 _branchKeyIdUtf8 _dafny.Sequence 1712 _branchKeyVersionAsBytes _dafny.Sequence 1713 _branchKey _dafny.Sequence 1714 } 1715 1716 func New_KmsHierarchyUnwrapKeyMaterial_() *KmsHierarchyUnwrapKeyMaterial { 1717 _this := KmsHierarchyUnwrapKeyMaterial{} 1718 1719 _this._crypto = (*m_AtomicPrimitives.AtomicPrimitivesClient)(nil) 1720 _this._branchKeyIdUtf8 = m_UTF8.Companion_ValidUTF8Bytes_.Witness() 1721 _this._branchKeyVersionAsBytes = _dafny.EmptySeq 1722 _this._branchKey = _dafny.EmptySeq 1723 return &_this 1724 } 1725 1726 type CompanionStruct_KmsHierarchyUnwrapKeyMaterial_ struct { 1727 } 1728 1729 var Companion_KmsHierarchyUnwrapKeyMaterial_ = CompanionStruct_KmsHierarchyUnwrapKeyMaterial_{} 1730 1731 func (_this *KmsHierarchyUnwrapKeyMaterial) Equals(other *KmsHierarchyUnwrapKeyMaterial) bool { 1732 return _this == other 1733 } 1734 1735 func (_this *KmsHierarchyUnwrapKeyMaterial) EqualsGeneric(x interface{}) bool { 1736 other, ok := x.(*KmsHierarchyUnwrapKeyMaterial) 1737 return ok && _this.Equals(other) 1738 } 1739 1740 func (*KmsHierarchyUnwrapKeyMaterial) String() string { 1741 return "AwsKmsHierarchicalKeyring.KmsHierarchyUnwrapKeyMaterial" 1742 } 1743 1744 func Type_KmsHierarchyUnwrapKeyMaterial_() _dafny.TypeDescriptor { 1745 return type_KmsHierarchyUnwrapKeyMaterial_{} 1746 } 1747 1748 type type_KmsHierarchyUnwrapKeyMaterial_ struct { 1749 } 1750 1751 func (_this type_KmsHierarchyUnwrapKeyMaterial_) Default() interface{} { 1752 return (*KmsHierarchyUnwrapKeyMaterial)(nil) 1753 } 1754 1755 func (_this type_KmsHierarchyUnwrapKeyMaterial_) String() string { 1756 return "AwsKmsHierarchicalKeyring.KmsHierarchyUnwrapKeyMaterial" 1757 } 1758 func (_this *KmsHierarchyUnwrapKeyMaterial) ParentTraits_() []*_dafny.TraitID { 1759 return [](*_dafny.TraitID){m_MaterialWrapping.Companion_UnwrapMaterial_.TraitID_, m_Actions.Companion_ActionWithResult_.TraitID_, m_Actions.Companion_Action_.TraitID_} 1760 } 1761 1762 var _ m_MaterialWrapping.UnwrapMaterial = &KmsHierarchyUnwrapKeyMaterial{} 1763 var _ m_Actions.ActionWithResult = &KmsHierarchyUnwrapKeyMaterial{} 1764 var _ m_Actions.Action = &KmsHierarchyUnwrapKeyMaterial{} 1765 var _ _dafny.TraitOffspring = &KmsHierarchyUnwrapKeyMaterial{} 1766 1767 func (_this *KmsHierarchyUnwrapKeyMaterial) Ctor__(branchKey _dafny.Sequence, branchKeyIdUtf8 _dafny.Sequence, branchKeyVersionAsBytes _dafny.Sequence, crypto *m_AtomicPrimitives.AtomicPrimitivesClient) { 1768 { 1769 (_this)._branchKey = branchKey 1770 (_this)._branchKeyIdUtf8 = branchKeyIdUtf8 1771 (_this)._branchKeyVersionAsBytes = branchKeyVersionAsBytes 1772 (_this)._crypto = crypto 1773 } 1774 } 1775 func (_this *KmsHierarchyUnwrapKeyMaterial) Invoke(input interface{}) interface{} { 1776 { 1777 var input m_MaterialWrapping.UnwrapInput = input.(m_MaterialWrapping.UnwrapInput) 1778 _ = input 1779 var res m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_MaterialWrapping.Companion_UnwrapOutput_.Default(Companion_HierarchyUnwrapInfo_.Default())) 1780 _ = res 1781 var _0_suite m_AwsCryptographyMaterialProvidersTypes.AlgorithmSuiteInfo 1782 _ = _0_suite 1783 _0_suite = (input).Dtor_algorithmSuite() 1784 var _1_wrappedMaterial _dafny.Sequence 1785 _ = _1_wrappedMaterial 1786 _1_wrappedMaterial = (input).Dtor_wrappedMaterial() 1787 var _2_aad _dafny.Map 1788 _ = _2_aad 1789 _2_aad = (input).Dtor_encryptionContext() 1790 var _3_KeyLength int32 1791 _ = _3_KeyLength 1792 _3_KeyLength = m_AlgorithmSuites.Companion_Default___.GetEncryptKeyLength(_0_suite) 1793 var _4_valueOrError0 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 1794 _ = _4_valueOrError0 1795 _4_valueOrError0 = m_Wrappers.Companion_Default___.Need((_dafny.IntOfUint32((_1_wrappedMaterial).Cardinality())).Cmp((_dafny.IntOfInt32(Companion_Default___.EXPECTED__EDK__CIPHERTEXT__OVERHEAD())).Plus(_dafny.IntOfInt32(_3_KeyLength))) == 0, m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Received EDK Ciphertext of incorrect length2."))) 1796 if (_4_valueOrError0).IsFailure() { 1797 res = (_4_valueOrError0).PropagateFailure() 1798 return res 1799 } 1800 var _5_salt _dafny.Sequence 1801 _ = _5_salt 1802 _5_salt = (_1_wrappedMaterial).Subsequence(0, uint32(Companion_Default___.H__WRAP__SALT__LEN())) 1803 var _6_iv _dafny.Sequence 1804 _ = _6_iv 1805 _6_iv = (_1_wrappedMaterial).Subsequence(uint32(Companion_Default___.H__WRAP__SALT__LEN()), uint32(Companion_Default___.EDK__CIPHERTEXT__BRANCH__KEY__VERSION__INDEX())) 1806 var _7_branchKeyVersionUuid _dafny.Sequence 1807 _ = _7_branchKeyVersionUuid 1808 _7_branchKeyVersionUuid = (_1_wrappedMaterial).Subsequence(uint32(Companion_Default___.EDK__CIPHERTEXT__BRANCH__KEY__VERSION__INDEX()), uint32(Companion_Default___.EDK__CIPHERTEXT__VERSION__INDEX())) 1809 var _8_wrappedKey _dafny.Sequence 1810 _ = _8_wrappedKey 1811 _8_wrappedKey = (_1_wrappedMaterial).Subsequence(uint32(Companion_Default___.EDK__CIPHERTEXT__VERSION__INDEX()), uint32((Companion_Default___.EDK__CIPHERTEXT__VERSION__INDEX())+(_3_KeyLength))) 1812 var _9_authTag _dafny.Sequence 1813 _ = _9_authTag 1814 _9_authTag = (_1_wrappedMaterial).Drop(uint32((Companion_Default___.EDK__CIPHERTEXT__VERSION__INDEX()) + (_3_KeyLength))) 1815 var _10_valueOrError1 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 1816 _ = _10_valueOrError1 1817 _10_valueOrError1 = m_CanonicalEncryptionContext.Companion_Default___.EncryptionContextToAAD((input).Dtor_encryptionContext()) 1818 if (_10_valueOrError1).IsFailure() { 1819 res = (_10_valueOrError1).PropagateFailure() 1820 return res 1821 } 1822 var _11_serializedEC _dafny.Sequence 1823 _ = _11_serializedEC 1824 _11_serializedEC = (_10_valueOrError1).Extract().(_dafny.Sequence) 1825 var _12_wrappingAad _dafny.Sequence 1826 _ = _12_wrappingAad 1827 _12_wrappingAad = Companion_Default___.WrappingAad((_this).BranchKeyIdUtf8(), (_this).BranchKeyVersionAsBytes(), _11_serializedEC) 1828 var _13_valueOrError2 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 1829 _ = _13_valueOrError2 1830 var _out0 m_Wrappers.Result 1831 _ = _out0 1832 _out0 = Companion_Default___.DeriveEncryptionKeyFromBranchKey((_this).BranchKey(), _5_salt, m_Wrappers.Companion_Option_.Create_Some_(m_Constants.Companion_Default___.PROVIDER__ID__HIERARCHY()), (_this).Crypto()) 1833 _13_valueOrError2 = _out0 1834 if (_13_valueOrError2).IsFailure() { 1835 res = (_13_valueOrError2).PropagateFailure() 1836 return res 1837 } 1838 var _14_derivedBranchKey _dafny.Sequence 1839 _ = _14_derivedBranchKey 1840 _14_derivedBranchKey = (_13_valueOrError2).Extract().(_dafny.Sequence) 1841 var _15_maybeUnwrappedPdk m_Wrappers.Result 1842 _ = _15_maybeUnwrappedPdk 1843 var _out1 m_Wrappers.Result 1844 _ = _out1 1845 _out1 = ((_this).Crypto()).AESDecrypt(m_AwsCryptographyPrimitivesTypes.Companion_AESDecryptInput_.Create_AESDecryptInput_(Companion_Default___.AES__256__ENC__ALG(), _14_derivedBranchKey, _8_wrappedKey, _9_authTag, _6_iv, _12_wrappingAad)) 1846 _15_maybeUnwrappedPdk = _out1 1847 var _16_valueOrError3 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 1848 _ = _16_valueOrError3 1849 _16_valueOrError3 = (_15_maybeUnwrappedPdk).MapFailure(func(coer93 func(m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 1850 return func(arg94 interface{}) interface{} { 1851 return coer93(arg94.(m_AwsCryptographyPrimitivesTypes.Error)) 1852 } 1853 }(func(_17_e m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error { 1854 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographyPrimitives_(_17_e) 1855 })) 1856 if (_16_valueOrError3).IsFailure() { 1857 res = (_16_valueOrError3).PropagateFailure() 1858 return res 1859 } 1860 var _18_unwrappedPdk _dafny.Sequence 1861 _ = _18_unwrappedPdk 1862 _18_unwrappedPdk = (_16_valueOrError3).Extract().(_dafny.Sequence) 1863 var _19_valueOrError4 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 1864 _ = _19_valueOrError4 1865 _19_valueOrError4 = m_Wrappers.Companion_Default___.Need((_dafny.IntOfUint32((_18_unwrappedPdk).Cardinality())).Cmp(_dafny.IntOfInt32(m_AlgorithmSuites.Companion_Default___.GetEncryptKeyLength((input).Dtor_algorithmSuite()))) == 0, Companion_Default___.E(_dafny.SeqOfString("Invalid Key Length"))) 1866 if (_19_valueOrError4).IsFailure() { 1867 res = (_19_valueOrError4).PropagateFailure() 1868 return res 1869 } 1870 var _20_output m_MaterialWrapping.UnwrapOutput 1871 _ = _20_output 1872 _20_output = m_MaterialWrapping.Companion_UnwrapOutput_.Create_UnwrapOutput_(_18_unwrappedPdk, Companion_HierarchyUnwrapInfo_.Create_HierarchyUnwrapInfo_()) 1873 res = m_Wrappers.Companion_Result_.Create_Success_(_20_output) 1874 return res 1875 return res 1876 } 1877 } 1878 func (_this *KmsHierarchyUnwrapKeyMaterial) Crypto() *m_AtomicPrimitives.AtomicPrimitivesClient { 1879 { 1880 return _this._crypto 1881 } 1882 } 1883 func (_this *KmsHierarchyUnwrapKeyMaterial) BranchKeyIdUtf8() _dafny.Sequence { 1884 { 1885 return _this._branchKeyIdUtf8 1886 } 1887 } 1888 func (_this *KmsHierarchyUnwrapKeyMaterial) BranchKeyVersionAsBytes() _dafny.Sequence { 1889 { 1890 return _this._branchKeyVersionAsBytes 1891 } 1892 } 1893 func (_this *KmsHierarchyUnwrapKeyMaterial) BranchKey() _dafny.Sequence { 1894 { 1895 return _this._branchKey 1896 } 1897 } 1898 1899 // End of class KmsHierarchyUnwrapKeyMaterial 1900 1901 // Definition of class KmsHierarchyGenerateAndWrapKeyMaterial 1902 type KmsHierarchyGenerateAndWrapKeyMaterial struct { 1903 _branchKey _dafny.Sequence 1904 _branchKeyIdUtf8 _dafny.Sequence 1905 _branchKeyVersionAsBytes _dafny.Sequence 1906 _crypto *m_AtomicPrimitives.AtomicPrimitivesClient 1907 } 1908 1909 func New_KmsHierarchyGenerateAndWrapKeyMaterial_() *KmsHierarchyGenerateAndWrapKeyMaterial { 1910 _this := KmsHierarchyGenerateAndWrapKeyMaterial{} 1911 1912 _this._branchKey = _dafny.EmptySeq 1913 _this._branchKeyIdUtf8 = m_UTF8.Companion_ValidUTF8Bytes_.Witness() 1914 _this._branchKeyVersionAsBytes = _dafny.EmptySeq 1915 _this._crypto = (*m_AtomicPrimitives.AtomicPrimitivesClient)(nil) 1916 return &_this 1917 } 1918 1919 type CompanionStruct_KmsHierarchyGenerateAndWrapKeyMaterial_ struct { 1920 } 1921 1922 var Companion_KmsHierarchyGenerateAndWrapKeyMaterial_ = CompanionStruct_KmsHierarchyGenerateAndWrapKeyMaterial_{} 1923 1924 func (_this *KmsHierarchyGenerateAndWrapKeyMaterial) Equals(other *KmsHierarchyGenerateAndWrapKeyMaterial) bool { 1925 return _this == other 1926 } 1927 1928 func (_this *KmsHierarchyGenerateAndWrapKeyMaterial) EqualsGeneric(x interface{}) bool { 1929 other, ok := x.(*KmsHierarchyGenerateAndWrapKeyMaterial) 1930 return ok && _this.Equals(other) 1931 } 1932 1933 func (*KmsHierarchyGenerateAndWrapKeyMaterial) String() string { 1934 return "AwsKmsHierarchicalKeyring.KmsHierarchyGenerateAndWrapKeyMaterial" 1935 } 1936 1937 func Type_KmsHierarchyGenerateAndWrapKeyMaterial_() _dafny.TypeDescriptor { 1938 return type_KmsHierarchyGenerateAndWrapKeyMaterial_{} 1939 } 1940 1941 type type_KmsHierarchyGenerateAndWrapKeyMaterial_ struct { 1942 } 1943 1944 func (_this type_KmsHierarchyGenerateAndWrapKeyMaterial_) Default() interface{} { 1945 return (*KmsHierarchyGenerateAndWrapKeyMaterial)(nil) 1946 } 1947 1948 func (_this type_KmsHierarchyGenerateAndWrapKeyMaterial_) String() string { 1949 return "AwsKmsHierarchicalKeyring.KmsHierarchyGenerateAndWrapKeyMaterial" 1950 } 1951 func (_this *KmsHierarchyGenerateAndWrapKeyMaterial) ParentTraits_() []*_dafny.TraitID { 1952 return [](*_dafny.TraitID){m_MaterialWrapping.Companion_GenerateAndWrapMaterial_.TraitID_, m_Actions.Companion_ActionWithResult_.TraitID_, m_Actions.Companion_Action_.TraitID_} 1953 } 1954 1955 var _ m_MaterialWrapping.GenerateAndWrapMaterial = &KmsHierarchyGenerateAndWrapKeyMaterial{} 1956 var _ m_Actions.ActionWithResult = &KmsHierarchyGenerateAndWrapKeyMaterial{} 1957 var _ m_Actions.Action = &KmsHierarchyGenerateAndWrapKeyMaterial{} 1958 var _ _dafny.TraitOffspring = &KmsHierarchyGenerateAndWrapKeyMaterial{} 1959 1960 func (_this *KmsHierarchyGenerateAndWrapKeyMaterial) Ctor__(branchKey _dafny.Sequence, branchKeyIdUtf8 _dafny.Sequence, branchKeyVersionAsBytes _dafny.Sequence, crypto *m_AtomicPrimitives.AtomicPrimitivesClient) { 1961 { 1962 (_this)._branchKey = branchKey 1963 (_this)._branchKeyIdUtf8 = branchKeyIdUtf8 1964 (_this)._branchKeyVersionAsBytes = branchKeyVersionAsBytes 1965 (_this)._crypto = crypto 1966 } 1967 } 1968 func (_this *KmsHierarchyGenerateAndWrapKeyMaterial) Invoke(input interface{}) interface{} { 1969 { 1970 var input m_MaterialWrapping.GenerateAndWrapInput = input.(m_MaterialWrapping.GenerateAndWrapInput) 1971 _ = input 1972 var res m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_MaterialWrapping.Companion_GenerateAndWrapOutput_.Default(Companion_HierarchyWrapInfo_.Default())) 1973 _ = res 1974 var _0_suite m_AwsCryptographyMaterialProvidersTypes.AlgorithmSuiteInfo 1975 _ = _0_suite 1976 _0_suite = (input).Dtor_algorithmSuite() 1977 var _1_pdkResult m_Wrappers.Result 1978 _ = _1_pdkResult 1979 var _out0 m_Wrappers.Result 1980 _ = _out0 1981 _out0 = ((_this).Crypto()).GenerateRandomBytes(m_AwsCryptographyPrimitivesTypes.Companion_GenerateRandomBytesInput_.Create_GenerateRandomBytesInput_(m_AlgorithmSuites.Companion_Default___.GetEncryptKeyLength(_0_suite))) 1982 _1_pdkResult = _out0 1983 var _2_valueOrError0 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 1984 _ = _2_valueOrError0 1985 _2_valueOrError0 = (_1_pdkResult).MapFailure(func(coer94 func(m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 1986 return func(arg95 interface{}) interface{} { 1987 return coer94(arg95.(m_AwsCryptographyPrimitivesTypes.Error)) 1988 } 1989 }(func(_3_e m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error { 1990 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographyPrimitives_(_3_e) 1991 })) 1992 if (_2_valueOrError0).IsFailure() { 1993 res = (_2_valueOrError0).PropagateFailure() 1994 return res 1995 } 1996 var _4_pdk _dafny.Sequence 1997 _ = _4_pdk 1998 _4_pdk = (_2_valueOrError0).Extract().(_dafny.Sequence) 1999 var _5_wrap *KmsHierarchyWrapKeyMaterial 2000 _ = _5_wrap 2001 var _nw0 *KmsHierarchyWrapKeyMaterial = New_KmsHierarchyWrapKeyMaterial_() 2002 _ = _nw0 2003 _nw0.Ctor__((_this).BranchKey(), (_this).BranchKeyIdUtf8(), (_this).BranchKeyVersionAsBytes(), (_this).Crypto()) 2004 _5_wrap = _nw0 2005 var _6_valueOrError1 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_MaterialWrapping.Companion_WrapOutput_.Default(Companion_HierarchyWrapInfo_.Default())) 2006 _ = _6_valueOrError1 2007 var _out1 interface{} 2008 _ = _out1 2009 _out1 = (_5_wrap).Invoke(m_MaterialWrapping.Companion_WrapInput_.Create_WrapInput_(_4_pdk, (input).Dtor_algorithmSuite(), (input).Dtor_encryptionContext())) 2010 _6_valueOrError1 = _out1.(m_Wrappers.Result) 2011 if (_6_valueOrError1).IsFailure() { 2012 res = (_6_valueOrError1).PropagateFailure() 2013 return res 2014 } 2015 var _7_wrapOutput m_MaterialWrapping.WrapOutput 2016 _ = _7_wrapOutput 2017 _7_wrapOutput = (_6_valueOrError1).Extract().(m_MaterialWrapping.WrapOutput) 2018 var _8_output m_MaterialWrapping.GenerateAndWrapOutput 2019 _ = _8_output 2020 _8_output = m_MaterialWrapping.Companion_GenerateAndWrapOutput_.Create_GenerateAndWrapOutput_(_4_pdk, (_7_wrapOutput).Dtor_wrappedMaterial(), Companion_HierarchyWrapInfo_.Create_HierarchyWrapInfo_()) 2021 res = m_Wrappers.Companion_Result_.Create_Success_(_8_output) 2022 return res 2023 return res 2024 } 2025 } 2026 func (_this *KmsHierarchyGenerateAndWrapKeyMaterial) BranchKey() _dafny.Sequence { 2027 { 2028 return _this._branchKey 2029 } 2030 } 2031 func (_this *KmsHierarchyGenerateAndWrapKeyMaterial) BranchKeyIdUtf8() _dafny.Sequence { 2032 { 2033 return _this._branchKeyIdUtf8 2034 } 2035 } 2036 func (_this *KmsHierarchyGenerateAndWrapKeyMaterial) BranchKeyVersionAsBytes() _dafny.Sequence { 2037 { 2038 return _this._branchKeyVersionAsBytes 2039 } 2040 } 2041 func (_this *KmsHierarchyGenerateAndWrapKeyMaterial) Crypto() *m_AtomicPrimitives.AtomicPrimitivesClient { 2042 { 2043 return _this._crypto 2044 } 2045 } 2046 2047 // End of class KmsHierarchyGenerateAndWrapKeyMaterial 2048 2049 // Definition of class KmsHierarchyWrapKeyMaterial 2050 type KmsHierarchyWrapKeyMaterial struct { 2051 _branchKey _dafny.Sequence 2052 _branchKeyIdUtf8 _dafny.Sequence 2053 _branchKeyVersionAsBytes _dafny.Sequence 2054 _crypto *m_AtomicPrimitives.AtomicPrimitivesClient 2055 } 2056 2057 func New_KmsHierarchyWrapKeyMaterial_() *KmsHierarchyWrapKeyMaterial { 2058 _this := KmsHierarchyWrapKeyMaterial{} 2059 2060 _this._branchKey = _dafny.EmptySeq 2061 _this._branchKeyIdUtf8 = m_UTF8.Companion_ValidUTF8Bytes_.Witness() 2062 _this._branchKeyVersionAsBytes = _dafny.EmptySeq 2063 _this._crypto = (*m_AtomicPrimitives.AtomicPrimitivesClient)(nil) 2064 return &_this 2065 } 2066 2067 type CompanionStruct_KmsHierarchyWrapKeyMaterial_ struct { 2068 } 2069 2070 var Companion_KmsHierarchyWrapKeyMaterial_ = CompanionStruct_KmsHierarchyWrapKeyMaterial_{} 2071 2072 func (_this *KmsHierarchyWrapKeyMaterial) Equals(other *KmsHierarchyWrapKeyMaterial) bool { 2073 return _this == other 2074 } 2075 2076 func (_this *KmsHierarchyWrapKeyMaterial) EqualsGeneric(x interface{}) bool { 2077 other, ok := x.(*KmsHierarchyWrapKeyMaterial) 2078 return ok && _this.Equals(other) 2079 } 2080 2081 func (*KmsHierarchyWrapKeyMaterial) String() string { 2082 return "AwsKmsHierarchicalKeyring.KmsHierarchyWrapKeyMaterial" 2083 } 2084 2085 func Type_KmsHierarchyWrapKeyMaterial_() _dafny.TypeDescriptor { 2086 return type_KmsHierarchyWrapKeyMaterial_{} 2087 } 2088 2089 type type_KmsHierarchyWrapKeyMaterial_ struct { 2090 } 2091 2092 func (_this type_KmsHierarchyWrapKeyMaterial_) Default() interface{} { 2093 return (*KmsHierarchyWrapKeyMaterial)(nil) 2094 } 2095 2096 func (_this type_KmsHierarchyWrapKeyMaterial_) String() string { 2097 return "AwsKmsHierarchicalKeyring.KmsHierarchyWrapKeyMaterial" 2098 } 2099 func (_this *KmsHierarchyWrapKeyMaterial) ParentTraits_() []*_dafny.TraitID { 2100 return [](*_dafny.TraitID){m_MaterialWrapping.Companion_WrapMaterial_.TraitID_, m_Actions.Companion_ActionWithResult_.TraitID_, m_Actions.Companion_Action_.TraitID_} 2101 } 2102 2103 var _ m_MaterialWrapping.WrapMaterial = &KmsHierarchyWrapKeyMaterial{} 2104 var _ m_Actions.ActionWithResult = &KmsHierarchyWrapKeyMaterial{} 2105 var _ m_Actions.Action = &KmsHierarchyWrapKeyMaterial{} 2106 var _ _dafny.TraitOffspring = &KmsHierarchyWrapKeyMaterial{} 2107 2108 func (_this *KmsHierarchyWrapKeyMaterial) Ctor__(branchKey _dafny.Sequence, branchKeyIdUtf8 _dafny.Sequence, branchKeyVersionAsBytes _dafny.Sequence, crypto *m_AtomicPrimitives.AtomicPrimitivesClient) { 2109 { 2110 (_this)._branchKey = branchKey 2111 (_this)._branchKeyIdUtf8 = branchKeyIdUtf8 2112 (_this)._branchKeyVersionAsBytes = branchKeyVersionAsBytes 2113 (_this)._crypto = crypto 2114 } 2115 } 2116 func (_this *KmsHierarchyWrapKeyMaterial) Invoke(input interface{}) interface{} { 2117 { 2118 var input m_MaterialWrapping.WrapInput = input.(m_MaterialWrapping.WrapInput) 2119 _ = input 2120 var res m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_MaterialWrapping.Companion_WrapOutput_.Default(Companion_HierarchyWrapInfo_.Default())) 2121 _ = res 2122 var _0_suite m_AwsCryptographyMaterialProvidersTypes.AlgorithmSuiteInfo 2123 _ = _0_suite 2124 _0_suite = (input).Dtor_algorithmSuite() 2125 var _1_maybeNonceSalt m_Wrappers.Result 2126 _ = _1_maybeNonceSalt 2127 var _out0 m_Wrappers.Result 2128 _ = _out0 2129 _out0 = ((_this).Crypto()).GenerateRandomBytes(m_AwsCryptographyPrimitivesTypes.Companion_GenerateRandomBytesInput_.Create_GenerateRandomBytesInput_((Companion_Default___.H__WRAP__SALT__LEN()) + (Companion_Default___.H__WRAP__NONCE__LEN()))) 2130 _1_maybeNonceSalt = _out0 2131 var _2_valueOrError0 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 2132 _ = _2_valueOrError0 2133 _2_valueOrError0 = (_1_maybeNonceSalt).MapFailure(func(coer95 func(m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 2134 return func(arg96 interface{}) interface{} { 2135 return coer95(arg96.(m_AwsCryptographyPrimitivesTypes.Error)) 2136 } 2137 }(func(_3_e m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error { 2138 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographyPrimitives_(_3_e) 2139 })) 2140 if (_2_valueOrError0).IsFailure() { 2141 res = (_2_valueOrError0).PropagateFailure() 2142 return res 2143 } 2144 var _4_saltAndNonce _dafny.Sequence 2145 _ = _4_saltAndNonce 2146 _4_saltAndNonce = (_2_valueOrError0).Extract().(_dafny.Sequence) 2147 var _5_salt _dafny.Sequence 2148 _ = _5_salt 2149 _5_salt = (_4_saltAndNonce).Subsequence(0, uint32(Companion_Default___.H__WRAP__SALT__LEN())) 2150 var _6_nonce _dafny.Sequence 2151 _ = _6_nonce 2152 _6_nonce = (_4_saltAndNonce).Drop(uint32(Companion_Default___.H__WRAP__SALT__LEN())) 2153 var _7_valueOrError1 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 2154 _ = _7_valueOrError1 2155 _7_valueOrError1 = m_CanonicalEncryptionContext.Companion_Default___.EncryptionContextToAAD((input).Dtor_encryptionContext()) 2156 if (_7_valueOrError1).IsFailure() { 2157 res = (_7_valueOrError1).PropagateFailure() 2158 return res 2159 } 2160 var _8_serializedEC _dafny.Sequence 2161 _ = _8_serializedEC 2162 _8_serializedEC = (_7_valueOrError1).Extract().(_dafny.Sequence) 2163 var _9_wrappingAad _dafny.Sequence 2164 _ = _9_wrappingAad 2165 _9_wrappingAad = Companion_Default___.WrappingAad((_this).BranchKeyIdUtf8(), (_this).BranchKeyVersionAsBytes(), _8_serializedEC) 2166 var _10_valueOrError2 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq) 2167 _ = _10_valueOrError2 2168 var _out1 m_Wrappers.Result 2169 _ = _out1 2170 _out1 = Companion_Default___.DeriveEncryptionKeyFromBranchKey((_this).BranchKey(), _5_salt, m_Wrappers.Companion_Option_.Create_Some_(m_Constants.Companion_Default___.PROVIDER__ID__HIERARCHY()), (_this).Crypto()) 2171 _10_valueOrError2 = _out1 2172 if (_10_valueOrError2).IsFailure() { 2173 res = (_10_valueOrError2).PropagateFailure() 2174 return res 2175 } 2176 var _11_derivedBranchKey _dafny.Sequence 2177 _ = _11_derivedBranchKey 2178 _11_derivedBranchKey = (_10_valueOrError2).Extract().(_dafny.Sequence) 2179 var _12_maybeWrappedPdk m_Wrappers.Result 2180 _ = _12_maybeWrappedPdk 2181 var _out2 m_Wrappers.Result 2182 _ = _out2 2183 _out2 = ((_this).Crypto()).AESEncrypt(m_AwsCryptographyPrimitivesTypes.Companion_AESEncryptInput_.Create_AESEncryptInput_(Companion_Default___.AES__256__ENC__ALG(), _6_nonce, _11_derivedBranchKey, (input).Dtor_plaintextMaterial(), _9_wrappingAad)) 2184 _12_maybeWrappedPdk = _out2 2185 var _13_valueOrError3 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_AwsCryptographyPrimitivesTypes.Companion_AESEncryptOutput_.Default()) 2186 _ = _13_valueOrError3 2187 _13_valueOrError3 = (_12_maybeWrappedPdk).MapFailure(func(coer96 func(m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 2188 return func(arg97 interface{}) interface{} { 2189 return coer96(arg97.(m_AwsCryptographyPrimitivesTypes.Error)) 2190 } 2191 }(func(_14_e m_AwsCryptographyPrimitivesTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error { 2192 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographyPrimitives_(_14_e) 2193 })) 2194 if (_13_valueOrError3).IsFailure() { 2195 res = (_13_valueOrError3).PropagateFailure() 2196 return res 2197 } 2198 var _15_wrappedPdk m_AwsCryptographyPrimitivesTypes.AESEncryptOutput 2199 _ = _15_wrappedPdk 2200 _15_wrappedPdk = (_13_valueOrError3).Extract().(m_AwsCryptographyPrimitivesTypes.AESEncryptOutput) 2201 var _16_output m_MaterialWrapping.WrapOutput 2202 _ = _16_output 2203 _16_output = m_MaterialWrapping.Companion_WrapOutput_.Create_WrapOutput_(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_dafny.Companion_Sequence_.Concatenate(_5_salt, _6_nonce), (_this).BranchKeyVersionAsBytes()), (_15_wrappedPdk).Dtor_cipherText()), (_15_wrappedPdk).Dtor_authTag()), Companion_HierarchyWrapInfo_.Create_HierarchyWrapInfo_()) 2204 res = m_Wrappers.Companion_Result_.Create_Success_(_16_output) 2205 return res 2206 return res 2207 } 2208 } 2209 func (_this *KmsHierarchyWrapKeyMaterial) BranchKey() _dafny.Sequence { 2210 { 2211 return _this._branchKey 2212 } 2213 } 2214 func (_this *KmsHierarchyWrapKeyMaterial) BranchKeyIdUtf8() _dafny.Sequence { 2215 { 2216 return _this._branchKeyIdUtf8 2217 } 2218 } 2219 func (_this *KmsHierarchyWrapKeyMaterial) BranchKeyVersionAsBytes() _dafny.Sequence { 2220 { 2221 return _this._branchKeyVersionAsBytes 2222 } 2223 } 2224 func (_this *KmsHierarchyWrapKeyMaterial) Crypto() *m_AtomicPrimitives.AtomicPrimitivesClient { 2225 { 2226 return _this._crypto 2227 } 2228 } 2229 2230 // End of class KmsHierarchyWrapKeyMaterial