github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl@v0.2.0/AwsKmsUtils/AwsKmsUtils.go (about) 1 // Package AwsKmsUtils 2 // Dafny module AwsKmsUtils compiled into Go 3 4 package AwsKmsUtils 5 6 import ( 7 os "os" 8 9 m_ComAmazonawsDynamodbTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/dynamodb/ComAmazonawsDynamodbTypes" 10 m_ComAmazonawsKmsTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/kms/ComAmazonawsKmsTypes" 11 m_AwsArnParsing "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsArnParsing" 12 m_AwsCryptographyKeyStoreTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsCryptographyKeyStoreTypes" 13 m_AwsCryptographyMaterialProvidersTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsCryptographyMaterialProvidersTypes" 14 m_AwsKmsMrkMatchForDecrypt "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsKmsMrkMatchForDecrypt" 15 m_AtomicPrimitives "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/AtomicPrimitives" 16 m_AwsCryptographyPrimitivesOperations "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/AwsCryptographyPrimitivesOperations" 17 m_AwsCryptographyPrimitivesTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/AwsCryptographyPrimitivesTypes" 18 m_Digest "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/Digest" 19 m_HKDF "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/HKDF" 20 m_KdfCtr "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/KdfCtr" 21 m_Random "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/Random" 22 m_WrappedHKDF "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/WrappedHKDF" 23 m_WrappedHMAC "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/WrappedHMAC" 24 m_Actions "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Actions" 25 m_Base64 "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Base64" 26 m_Base64Lemmas "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Base64Lemmas" 27 m_BoundedInts "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/BoundedInts" 28 m_DivInternals "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/DivInternals" 29 m_DivInternalsNonlinear "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/DivInternalsNonlinear" 30 m_DivMod "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/DivMod" 31 m_FileIO "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/FileIO" 32 m_FloatCompare "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/FloatCompare" 33 m_Functions "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Functions" 34 m_GeneralInternals "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/GeneralInternals" 35 m_GetOpt "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/GetOpt" 36 m_HexStrings "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/HexStrings" 37 m_Logarithm "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Logarithm" 38 m__Math "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Math_" 39 m_ModInternals "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/ModInternals" 40 m_ModInternalsNonlinear "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/ModInternalsNonlinear" 41 m_Mul "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Mul" 42 m_MulInternals "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/MulInternals" 43 m_MulInternalsNonlinear "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/MulInternalsNonlinear" 44 m_Power "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Power" 45 m_Relations "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Relations" 46 m_Seq "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Seq" 47 m_Seq_MergeSort "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Seq_MergeSort" 48 m_Sorting "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Sorting" 49 m_StandardLibrary "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibrary" 50 m_StandardLibraryInterop "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibraryInterop" 51 m_StandardLibrary_Sequence "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibrary_Sequence" 52 m_StandardLibrary_String "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibrary_String" 53 m_StandardLibrary_UInt "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibrary_UInt" 54 m_Streams "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Streams" 55 m_UTF8 "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/UTF8" 56 m_UnicodeStrings "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/UnicodeStrings" 57 m__Unicode "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Unicode_" 58 m_Utf16EncodingForm "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Utf16EncodingForm" 59 m_Utf8EncodingForm "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Utf8EncodingForm" 60 m_Wrappers "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Wrappers" 61 m__System "github.com/dafny-lang/DafnyRuntimeGo/v4/System_" 62 _dafny "github.com/dafny-lang/DafnyRuntimeGo/v4/dafny" 63 ) 64 65 var _ = os.Args 66 var _ _dafny.Dummy__ 67 var _ m__System.Dummy__ 68 var _ m_Wrappers.Dummy__ 69 var _ m_BoundedInts.Dummy__ 70 var _ m_StandardLibrary_UInt.Dummy__ 71 var _ m_StandardLibrary_Sequence.Dummy__ 72 var _ m_StandardLibrary_String.Dummy__ 73 var _ m_StandardLibrary.Dummy__ 74 var _ m_AwsCryptographyPrimitivesTypes.Dummy__ 75 var _ m_Random.Dummy__ 76 var _ m_Digest.Dummy__ 77 var _ m_WrappedHMAC.Dummy__ 78 var _ m_HKDF.Dummy__ 79 var _ m_WrappedHKDF.Dummy__ 80 var _ m_KdfCtr.Dummy__ 81 var _ m_AwsCryptographyPrimitivesOperations.Dummy__ 82 var _ m_AtomicPrimitives.Dummy__ 83 var _ m_ComAmazonawsDynamodbTypes.Dummy__ 84 var _ m_ComAmazonawsKmsTypes.Dummy__ 85 var _ m_Relations.Dummy__ 86 var _ m_Seq_MergeSort.Dummy__ 87 var _ m__Math.Dummy__ 88 var _ m_Seq.Dummy__ 89 var _ m__Unicode.Dummy__ 90 var _ m_Functions.Dummy__ 91 var _ m_Utf8EncodingForm.Dummy__ 92 var _ m_Utf16EncodingForm.Dummy__ 93 var _ m_UnicodeStrings.Dummy__ 94 var _ m_FileIO.Dummy__ 95 var _ m_GeneralInternals.Dummy__ 96 var _ m_MulInternalsNonlinear.Dummy__ 97 var _ m_MulInternals.Dummy__ 98 var _ m_Mul.Dummy__ 99 var _ m_ModInternalsNonlinear.Dummy__ 100 var _ m_DivInternalsNonlinear.Dummy__ 101 var _ m_ModInternals.Dummy__ 102 var _ m_DivInternals.Dummy__ 103 var _ m_DivMod.Dummy__ 104 var _ m_Power.Dummy__ 105 var _ m_Logarithm.Dummy__ 106 var _ m_StandardLibraryInterop.Dummy__ 107 var _ m_Streams.Dummy__ 108 var _ m_Sorting.Dummy__ 109 var _ m_HexStrings.Dummy__ 110 var _ m_GetOpt.Dummy__ 111 var _ m_FloatCompare.Dummy__ 112 var _ m_Base64.Dummy__ 113 var _ m_Base64Lemmas.Dummy__ 114 var _ m_Actions.Dummy__ 115 var _ m_AwsCryptographyKeyStoreTypes.Dummy__ 116 var _ m_AwsCryptographyMaterialProvidersTypes.Dummy__ 117 var _ m_AwsArnParsing.Dummy__ 118 var _ m_AwsKmsMrkMatchForDecrypt.Dummy__ 119 120 type Dummy__ struct{} 121 122 // Definition of class Default__ 123 type Default__ struct { 124 dummy byte 125 } 126 127 func New_Default___() *Default__ { 128 _this := Default__{} 129 130 return &_this 131 } 132 133 type CompanionStruct_Default___ struct { 134 } 135 136 var Companion_Default___ = CompanionStruct_Default___{} 137 138 func (_this *Default__) Equals(other *Default__) bool { 139 return _this == other 140 } 141 142 func (_this *Default__) EqualsGeneric(x interface{}) bool { 143 other, ok := x.(*Default__) 144 return ok && _this.Equals(other) 145 } 146 147 func (*Default__) String() string { 148 return "AwsKmsUtils.Default__" 149 } 150 func (_this *Default__) ParentTraits_() []*_dafny.TraitID { 151 return [](*_dafny.TraitID){} 152 } 153 154 var _ _dafny.TraitOffspring = &Default__{} 155 156 func (_static *CompanionStruct_Default___) OkForDecrypt(id m_AwsArnParsing.AwsKmsIdentifier, arn _dafny.Sequence) m_Wrappers.Outcome { 157 if !((id).Is_AwsKmsArnIdentifier()) { 158 return m_Wrappers.Companion_Outcome_.Create_Fail_(m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.Companion_Sequence_.Concatenate(_dafny.SeqOfString("KeyID cannot be used for Decrypt : "), arn))) 159 } else if !_dafny.Companion_Sequence_.Equal((((id).Dtor_a()).Dtor_resource()).Dtor_resourceType(), _dafny.SeqOfString("key")) { 160 return m_Wrappers.Companion_Outcome_.Create_Fail_(m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.Companion_Sequence_.Concatenate(_dafny.SeqOfString("Alias cannot be used for Decrypt : "), arn))) 161 } else { 162 return m_Wrappers.Companion_Outcome_.Create_Pass_() 163 } 164 } 165 func (_static *CompanionStruct_Default___) StringifyEncryptionContext(utf8EncCtx _dafny.Map) m_Wrappers.Result { 166 if ((utf8EncCtx).Cardinality()).Sign() == 0 { 167 return m_Wrappers.Companion_Result_.Create_Success_(_dafny.NewMapBuilder().ToMap()) 168 } else { 169 var _0_stringifyResults _dafny.Map = func() _dafny.Map { 170 var _coll0 = _dafny.NewMapBuilder() 171 _ = _coll0 172 for _iter0 := _dafny.Iterate(((utf8EncCtx).Keys()).Elements()); ; { 173 _compr_0, _ok0 := _iter0() 174 if !_ok0 { 175 break 176 } 177 var _1_utf8Key _dafny.Sequence 178 _1_utf8Key = interface{}(_compr_0).(_dafny.Sequence) 179 if m_UTF8.Companion_ValidUTF8Bytes_.Is_(_1_utf8Key) { 180 if ((utf8EncCtx).Keys()).Contains(_1_utf8Key) { 181 _coll0.Add(_1_utf8Key, Companion_Default___.StringifyEncryptionContextPair(_1_utf8Key, (utf8EncCtx).Get(_1_utf8Key).(_dafny.Sequence))) 182 } 183 } 184 } 185 return _coll0.ToMap() 186 }() 187 _ = _0_stringifyResults 188 if _dafny.Quantifier(((_0_stringifyResults).Values()).Elements(), false, func(_exists_var_0 m_Wrappers.Result) bool { 189 var _2_r m_Wrappers.Result 190 _2_r = interface{}(_exists_var_0).(m_Wrappers.Result) 191 return (((_0_stringifyResults).Values()).Contains(_2_r)) && ((_2_r).Is_Failure()) 192 }) { 193 return m_Wrappers.Companion_Result_.Create_Failure_(m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Encryption context contains invalid UTF8"))) 194 } else { 195 var _3_stringKeysUnique bool = _dafny.Quantifier((_0_stringifyResults).Keys().Elements(), true, func(_forall_var_0 _dafny.Sequence) bool { 196 var _4_k _dafny.Sequence 197 _4_k = interface{}(_forall_var_0).(_dafny.Sequence) 198 return _dafny.Quantifier((_0_stringifyResults).Keys().Elements(), true, func(_forall_var_1 _dafny.Sequence) bool { 199 var _5_k_k _dafny.Sequence 200 _5_k_k = interface{}(_forall_var_1).(_dafny.Sequence) 201 return !(((_0_stringifyResults).Contains(_4_k)) && ((_0_stringifyResults).Contains(_5_k_k))) || (!(!_dafny.Companion_Sequence_.Equal(_4_k, _5_k_k)) || (!_dafny.Companion_Sequence_.Equal((*(((_0_stringifyResults).Get(_4_k).(m_Wrappers.Result)).Dtor_value().(_dafny.Tuple)).IndexInt(0)).(_dafny.Sequence), (*(((_0_stringifyResults).Get(_5_k_k).(m_Wrappers.Result)).Dtor_value().(_dafny.Tuple)).IndexInt(0)).(_dafny.Sequence)))) 202 }) 203 }) 204 _ = _3_stringKeysUnique 205 if !(_3_stringKeysUnique) { 206 return m_Wrappers.Companion_Result_.Create_Failure_(m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Encryption context keys are not unique"))) 207 } else { 208 return m_Wrappers.Companion_Result_.Create_Success_(func() _dafny.Map { 209 var _coll1 = _dafny.NewMapBuilder() 210 _ = _coll1 211 for _iter1 := _dafny.Iterate(((_0_stringifyResults).Values()).Elements()); ; { 212 _compr_1, _ok1 := _iter1() 213 if !_ok1 { 214 break 215 } 216 var _6_r m_Wrappers.Result 217 _6_r = interface{}(_compr_1).(m_Wrappers.Result) 218 if ((_0_stringifyResults).Values()).Contains(_6_r) { 219 _coll1.Add((*((_6_r).Dtor_value().(_dafny.Tuple)).IndexInt(0)).(_dafny.Sequence), (*((_6_r).Dtor_value().(_dafny.Tuple)).IndexInt(1)).(_dafny.Sequence)) 220 } 221 } 222 return _coll1.ToMap() 223 }()) 224 } 225 } 226 } 227 } 228 func (_static *CompanionStruct_Default___) StringifyEncryptionContextPair(utf8Key _dafny.Sequence, utf8Value _dafny.Sequence) m_Wrappers.Result { 229 var _0_valueOrError0 m_Wrappers.Result = (m_UTF8.Decode(utf8Key)).MapFailure(func(coer1 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 230 return func(arg1 interface{}) interface{} { 231 return coer1(arg1.(_dafny.Sequence)) 232 } 233 }(Companion_Default___.WrapStringToError)) 234 _ = _0_valueOrError0 235 if (_0_valueOrError0).IsFailure() { 236 return (_0_valueOrError0).PropagateFailure() 237 } else { 238 var _1_key _dafny.Sequence = (_0_valueOrError0).Extract().(_dafny.Sequence) 239 _ = _1_key 240 var _2_valueOrError1 m_Wrappers.Result = (m_UTF8.Decode(utf8Value)).MapFailure(func(coer2 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 241 return func(arg2 interface{}) interface{} { 242 return coer2(arg2.(_dafny.Sequence)) 243 } 244 }(Companion_Default___.WrapStringToError)) 245 _ = _2_valueOrError1 246 if (_2_valueOrError1).IsFailure() { 247 return (_2_valueOrError1).PropagateFailure() 248 } else { 249 var _3_value _dafny.Sequence = (_2_valueOrError1).Extract().(_dafny.Sequence) 250 _ = _3_value 251 return m_Wrappers.Companion_Result_.Create_Success_(_dafny.TupleOf(_1_key, _3_value)) 252 } 253 } 254 } 255 func (_static *CompanionStruct_Default___) WrapStringToError(e _dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error { 256 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(e) 257 } 258 func (_static *CompanionStruct_Default___) ValidateKmsKeyId(keyId _dafny.Sequence) m_Wrappers.Result { 259 var _0_valueOrError0 m_Wrappers.Result = (m_AwsArnParsing.Companion_Default___.ParseAwsKmsIdentifier(keyId)).MapFailure(func(coer3 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 260 return func(arg3 interface{}) interface{} { 261 return coer3(arg3.(_dafny.Sequence)) 262 } 263 }(Companion_Default___.WrapStringToError)) 264 _ = _0_valueOrError0 265 if (_0_valueOrError0).IsFailure() { 266 return (_0_valueOrError0).PropagateFailure() 267 } else { 268 var _1___v0 m_AwsArnParsing.AwsKmsIdentifier = (_0_valueOrError0).Extract().(m_AwsArnParsing.AwsKmsIdentifier) 269 _ = _1___v0 270 var _2_valueOrError1 m_Wrappers.Outcome = m_Wrappers.Companion_Default___.Need(m_UTF8.Companion_Default___.IsASCIIString(keyId), m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Key identifier is not ASCII"))) 271 _ = _2_valueOrError1 272 if (_2_valueOrError1).IsFailure() { 273 return (_2_valueOrError1).PropagateFailure() 274 } else { 275 var _3_valueOrError2 m_Wrappers.Outcome = m_Wrappers.Companion_Default___.Need(((_dafny.IntOfUint32((keyId).Cardinality())).Sign() == 1) && ((_dafny.IntOfUint32((keyId).Cardinality())).Cmp(m_AwsArnParsing.Companion_Default___.MAX__AWS__KMS__IDENTIFIER__LENGTH()) <= 0), m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Key identifier is too long"))) 276 _ = _3_valueOrError2 277 if (_3_valueOrError2).IsFailure() { 278 return (_3_valueOrError2).PropagateFailure() 279 } else { 280 return m_Wrappers.Companion_Result_.Create_Success_(_dafny.TupleOf()) 281 } 282 } 283 } 284 } 285 func (_static *CompanionStruct_Default___) GetValidGrantTokens(grantTokens m_Wrappers.Option) m_Wrappers.Result { 286 var _0_tokens _dafny.Sequence = (grantTokens).UnwrapOr(_dafny.SeqOf()).(_dafny.Sequence) 287 _ = _0_tokens 288 var _1_valueOrError0 m_Wrappers.Outcome = m_Wrappers.Companion_Default___.Need(((_dafny.IntOfUint32((_0_tokens).Cardinality())).Sign() != -1) && ((_dafny.IntOfUint32((_0_tokens).Cardinality())).Cmp(_dafny.IntOfInt64(10)) <= 0), m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Grant token list can have no more than 10 tokens"))) 289 _ = _1_valueOrError0 290 if (_1_valueOrError0).IsFailure() { 291 return (_1_valueOrError0).PropagateFailure() 292 } else { 293 var _2_valueOrError1 m_Wrappers.Outcome = m_Wrappers.Companion_Default___.Need(_dafny.Quantifier((_0_tokens).UniqueElements(), true, func(_forall_var_0 _dafny.Sequence) bool { 294 var _3_token _dafny.Sequence 295 _3_token = interface{}(_forall_var_0).(_dafny.Sequence) 296 return !(_dafny.Companion_Sequence_.Contains(_0_tokens, _3_token)) || (((_dafny.One).Cmp(_dafny.IntOfUint32((_3_token).Cardinality())) <= 0) && ((_dafny.IntOfUint32((_3_token).Cardinality())).Cmp(_dafny.IntOfInt64(8192)) <= 0)) 297 }), m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Grant token list contains a grant token with invalid length"))) 298 _ = _2_valueOrError1 299 if (_2_valueOrError1).IsFailure() { 300 return (_2_valueOrError1).PropagateFailure() 301 } else { 302 return m_Wrappers.Companion_Result_.Create_Success_(_0_tokens) 303 } 304 } 305 } 306 func (_static *CompanionStruct_Default___) GetEcdhPublicKey(client m_ComAmazonawsKmsTypes.IKMSClient, awsKmsKey _dafny.Sequence) m_Wrappers.Result { 307 var res m_Wrappers.Result = m_Wrappers.Result{} 308 _ = res 309 var _0_getPublicKeyRequest m_ComAmazonawsKmsTypes.GetPublicKeyRequest 310 _ = _0_getPublicKeyRequest 311 _0_getPublicKeyRequest = m_ComAmazonawsKmsTypes.Companion_GetPublicKeyRequest_.Create_GetPublicKeyRequest_(awsKmsKey, m_Wrappers.Companion_Option_.Create_None_()) 312 var _1_maybePublicKeyResponse m_Wrappers.Result 313 _ = _1_maybePublicKeyResponse 314 var _out0 m_Wrappers.Result 315 _ = _out0 316 _out0 = (client).GetPublicKey(_0_getPublicKeyRequest) 317 _1_maybePublicKeyResponse = _out0 318 var _2_valueOrError0 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_ComAmazonawsKmsTypes.Companion_GetPublicKeyResponse_.Default()) 319 _ = _2_valueOrError0 320 _2_valueOrError0 = (_1_maybePublicKeyResponse).MapFailure(func(coer4 func(m_ComAmazonawsKmsTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 321 return func(arg4 interface{}) interface{} { 322 return coer4(arg4.(m_ComAmazonawsKmsTypes.Error)) 323 } 324 }(func(_3_e m_ComAmazonawsKmsTypes.Error) m_AwsCryptographyMaterialProvidersTypes.Error { 325 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_ComAmazonawsKms_(_3_e) 326 })) 327 if (_2_valueOrError0).IsFailure() { 328 res = (_2_valueOrError0).PropagateFailure() 329 return res 330 } 331 var _4_getPublicKeyResponse m_ComAmazonawsKmsTypes.GetPublicKeyResponse 332 _ = _4_getPublicKeyResponse 333 _4_getPublicKeyResponse = (_2_valueOrError0).Extract().(m_ComAmazonawsKmsTypes.GetPublicKeyResponse) 334 var _5_valueOrError1 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 335 _ = _5_valueOrError1 336 _5_valueOrError1 = m_Wrappers.Companion_Default___.Need(((((((_4_getPublicKeyResponse).Dtor_KeyId()).Is_Some()) && (_dafny.Companion_Sequence_.Equal(((_4_getPublicKeyResponse).Dtor_KeyId()).Dtor_value().(_dafny.Sequence), awsKmsKey))) && (((_4_getPublicKeyResponse).Dtor_KeyUsage()).Is_Some())) && ((((_4_getPublicKeyResponse).Dtor_KeyUsage()).Dtor_value().(m_ComAmazonawsKmsTypes.KeyUsageType)).Equals(m_ComAmazonawsKmsTypes.Companion_KeyUsageType_.Create_KEY__AGREEMENT_()))) && (((_4_getPublicKeyResponse).Dtor_PublicKey()).Is_Some()), m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Invalid response from KMS GetPublicKey"))) 337 if (_5_valueOrError1).IsFailure() { 338 res = (_5_valueOrError1).PropagateFailure() 339 return res 340 } 341 res = m_Wrappers.Companion_Result_.Create_Success_(((_4_getPublicKeyResponse).Dtor_PublicKey()).Dtor_value().(_dafny.Sequence)) 342 return res 343 return res 344 } 345 func (_static *CompanionStruct_Default___) ParseKeyNamespaceAndName(keyNamespace _dafny.Sequence, keyName _dafny.Sequence) m_Wrappers.Result { 346 var _0_valueOrError0 m_Wrappers.Result = (m_UTF8.Encode(keyNamespace)).MapFailure(func(coer5 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 347 return func(arg5 interface{}) interface{} { 348 return coer5(arg5.(_dafny.Sequence)) 349 } 350 }(func(_1_e _dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error { 351 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.Companion_Sequence_.Concatenate(_dafny.SeqOfString("Key namespace could not be UTF8-encoded"), _1_e)) 352 })) 353 _ = _0_valueOrError0 354 if (_0_valueOrError0).IsFailure() { 355 return (_0_valueOrError0).PropagateFailure() 356 } else { 357 var _2_namespace _dafny.Sequence = (_0_valueOrError0).Extract().(_dafny.Sequence) 358 _ = _2_namespace 359 var _3_valueOrError1 m_Wrappers.Outcome = m_Wrappers.Companion_Default___.Need((_dafny.IntOfUint32((_2_namespace).Cardinality())).Cmp(m_StandardLibrary_UInt.Companion_Default___.UINT16__LIMIT()) < 0, m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Key namespace too long"))) 360 _ = _3_valueOrError1 361 if (_3_valueOrError1).IsFailure() { 362 return (_3_valueOrError1).PropagateFailure() 363 } else { 364 var _4_valueOrError2 m_Wrappers.Result = (m_UTF8.Encode(keyName)).MapFailure(func(coer6 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 365 return func(arg6 interface{}) interface{} { 366 return coer6(arg6.(_dafny.Sequence)) 367 } 368 }(func(_5_e _dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error { 369 return m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.Companion_Sequence_.Concatenate(_dafny.SeqOfString("Key name could not be UTF8-encoded"), _5_e)) 370 })) 371 _ = _4_valueOrError2 372 if (_4_valueOrError2).IsFailure() { 373 return (_4_valueOrError2).PropagateFailure() 374 } else { 375 var _6_name _dafny.Sequence = (_4_valueOrError2).Extract().(_dafny.Sequence) 376 _ = _6_name 377 var _7_valueOrError3 m_Wrappers.Outcome = m_Wrappers.Companion_Default___.Need((_dafny.IntOfUint32((_6_name).Cardinality())).Cmp(m_StandardLibrary_UInt.Companion_Default___.UINT16__LIMIT()) < 0, m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Key name too long"))) 378 _ = _7_valueOrError3 379 if (_7_valueOrError3).IsFailure() { 380 return (_7_valueOrError3).PropagateFailure() 381 } else { 382 return m_Wrappers.Companion_Result_.Create_Success_(_dafny.TupleOf(_2_namespace, _6_name)) 383 } 384 } 385 } 386 } 387 } 388 func (_static *CompanionStruct_Default___) ValidateDiscoveryFilter(filter m_AwsCryptographyMaterialProvidersTypes.DiscoveryFilter) m_Wrappers.Result { 389 var _0_valueOrError0 m_Wrappers.Outcome = m_Wrappers.Companion_Default___.Need((_dafny.IntOfUint32(((filter).Dtor_accountIds()).Cardinality())).Sign() == 1, m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Discovery filter must have at least one account ID"))) 390 _ = _0_valueOrError0 391 if (_0_valueOrError0).IsFailure() { 392 return (_0_valueOrError0).PropagateFailure() 393 } else { 394 var _1_valueOrError1 m_Wrappers.Outcome = m_Wrappers.Companion_Default___.Need(_dafny.Quantifier(((filter).Dtor_accountIds()).UniqueElements(), true, func(_forall_var_0 _dafny.Sequence) bool { 395 var _2_accountId _dafny.Sequence 396 _2_accountId = interface{}(_forall_var_0).(_dafny.Sequence) 397 return !(_dafny.Companion_Sequence_.Contains((filter).Dtor_accountIds(), _2_accountId)) || ((_dafny.IntOfUint32((_2_accountId).Cardinality())).Sign() == 1) 398 }), m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Discovery filter account IDs cannot be blank"))) 399 _ = _1_valueOrError1 400 if (_1_valueOrError1).IsFailure() { 401 return (_1_valueOrError1).PropagateFailure() 402 } else { 403 var _3_valueOrError2 m_Wrappers.Outcome = m_Wrappers.Companion_Default___.Need((_dafny.IntOfUint32(((filter).Dtor_partition()).Cardinality())).Sign() == 1, m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Discovery filter partition cannot be blank"))) 404 _ = _3_valueOrError2 405 if (_3_valueOrError2).IsFailure() { 406 return (_3_valueOrError2).PropagateFailure() 407 } else { 408 return m_Wrappers.Companion_Result_.Create_Success_(_dafny.TupleOf()) 409 } 410 } 411 } 412 } 413 414 // End of class Default__ 415 416 // Definition of class OnDecryptMrkAwareEncryptedDataKeyFilter 417 type OnDecryptMrkAwareEncryptedDataKeyFilter struct { 418 _awsKmsKey m_AwsArnParsing.AwsKmsIdentifier 419 _providerId _dafny.Sequence 420 } 421 422 func New_OnDecryptMrkAwareEncryptedDataKeyFilter_() *OnDecryptMrkAwareEncryptedDataKeyFilter { 423 _this := OnDecryptMrkAwareEncryptedDataKeyFilter{} 424 425 _this._awsKmsKey = m_AwsArnParsing.AwsKmsIdentifier{} 426 _this._providerId = m_UTF8.Companion_ValidUTF8Bytes_.Witness() 427 return &_this 428 } 429 430 type CompanionStruct_OnDecryptMrkAwareEncryptedDataKeyFilter_ struct { 431 } 432 433 var Companion_OnDecryptMrkAwareEncryptedDataKeyFilter_ = CompanionStruct_OnDecryptMrkAwareEncryptedDataKeyFilter_{} 434 435 func (_this *OnDecryptMrkAwareEncryptedDataKeyFilter) Equals(other *OnDecryptMrkAwareEncryptedDataKeyFilter) bool { 436 return _this == other 437 } 438 439 func (_this *OnDecryptMrkAwareEncryptedDataKeyFilter) EqualsGeneric(x interface{}) bool { 440 other, ok := x.(*OnDecryptMrkAwareEncryptedDataKeyFilter) 441 return ok && _this.Equals(other) 442 } 443 444 func (*OnDecryptMrkAwareEncryptedDataKeyFilter) String() string { 445 return "AwsKmsUtils.OnDecryptMrkAwareEncryptedDataKeyFilter" 446 } 447 448 func Type_OnDecryptMrkAwareEncryptedDataKeyFilter_() _dafny.TypeDescriptor { 449 return type_OnDecryptMrkAwareEncryptedDataKeyFilter_{} 450 } 451 452 type type_OnDecryptMrkAwareEncryptedDataKeyFilter_ struct { 453 } 454 455 func (_this type_OnDecryptMrkAwareEncryptedDataKeyFilter_) Default() interface{} { 456 return (*OnDecryptMrkAwareEncryptedDataKeyFilter)(nil) 457 } 458 459 func (_this type_OnDecryptMrkAwareEncryptedDataKeyFilter_) String() string { 460 return "AwsKmsUtils.OnDecryptMrkAwareEncryptedDataKeyFilter" 461 } 462 func (_this *OnDecryptMrkAwareEncryptedDataKeyFilter) ParentTraits_() []*_dafny.TraitID { 463 return [](*_dafny.TraitID){m_Actions.Companion_DeterministicActionWithResult_.TraitID_, m_Actions.Companion_DeterministicAction_.TraitID_} 464 } 465 466 var _ m_Actions.DeterministicActionWithResult = &OnDecryptMrkAwareEncryptedDataKeyFilter{} 467 var _ m_Actions.DeterministicAction = &OnDecryptMrkAwareEncryptedDataKeyFilter{} 468 var _ _dafny.TraitOffspring = &OnDecryptMrkAwareEncryptedDataKeyFilter{} 469 470 func (_this *OnDecryptMrkAwareEncryptedDataKeyFilter) Ctor__(awsKmsKey m_AwsArnParsing.AwsKmsIdentifier, providerId _dafny.Sequence) { 471 { 472 (_this)._awsKmsKey = awsKmsKey 473 (_this)._providerId = providerId 474 } 475 } 476 func (_this *OnDecryptMrkAwareEncryptedDataKeyFilter) Invoke(edk interface{}) interface{} { 477 { 478 var edk m_AwsCryptographyMaterialProvidersTypes.EncryptedDataKey = edk.(m_AwsCryptographyMaterialProvidersTypes.EncryptedDataKey) 479 _ = edk 480 var res m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(false) 481 _ = res 482 if !_dafny.Companion_Sequence_.Equal((edk).Dtor_keyProviderId(), (_this).ProviderId()) { 483 res = m_Wrappers.Companion_Result_.Create_Success_(false) 484 return res 485 } 486 if !(m_UTF8.Companion_Default___.ValidUTF8Seq((edk).Dtor_keyProviderInfo())) { 487 res = m_Wrappers.Companion_Result_.Create_Failure_(m_AwsCryptographyMaterialProvidersTypes.Companion_Error_.Create_AwsCryptographicMaterialProvidersException_(_dafny.SeqOfString("Invalid AWS KMS encoding, provider info is not UTF8."))) 488 return res 489 } 490 var _0_valueOrError0 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(_dafny.EmptySeq.SetString()) 491 _ = _0_valueOrError0 492 _0_valueOrError0 = (m_UTF8.Decode((edk).Dtor_keyProviderInfo())).MapFailure(func(coer7 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 493 return func(arg7 interface{}) interface{} { 494 return coer7(arg7.(_dafny.Sequence)) 495 } 496 }(Companion_Default___.WrapStringToError)) 497 if (_0_valueOrError0).IsFailure() { 498 res = (_0_valueOrError0).PropagateFailure() 499 return res 500 } 501 var _1_keyId _dafny.Sequence 502 _ = _1_keyId 503 _1_keyId = (_0_valueOrError0).Extract().(_dafny.Sequence) 504 var _2_valueOrError1 m_Wrappers.Result = m_Wrappers.Result{} 505 _ = _2_valueOrError1 506 _2_valueOrError1 = (m_AwsArnParsing.Companion_Default___.ParseAwsKmsArn(_1_keyId)).MapFailure(func(coer8 func(_dafny.Sequence) m_AwsCryptographyMaterialProvidersTypes.Error) func(interface{}) interface{} { 507 return func(arg8 interface{}) interface{} { 508 return coer8(arg8.(_dafny.Sequence)) 509 } 510 }(Companion_Default___.WrapStringToError)) 511 if (_2_valueOrError1).IsFailure() { 512 res = (_2_valueOrError1).PropagateFailure() 513 return res 514 } 515 var _3_arn m_AwsArnParsing.AwsArn 516 _ = _3_arn 517 _3_arn = (_2_valueOrError1).Extract().(m_AwsArnParsing.AwsArn) 518 res = m_Wrappers.Companion_Result_.Create_Success_(m_AwsKmsMrkMatchForDecrypt.Companion_Default___.AwsKmsMrkMatchForDecrypt((_this).AwsKmsKey(), m_AwsArnParsing.Companion_AwsKmsIdentifier_.Create_AwsKmsArnIdentifier_(_3_arn))) 519 return res 520 return res 521 } 522 } 523 func (_this *OnDecryptMrkAwareEncryptedDataKeyFilter) AwsKmsKey() m_AwsArnParsing.AwsKmsIdentifier { 524 { 525 return _this._awsKmsKey 526 } 527 } 528 func (_this *OnDecryptMrkAwareEncryptedDataKeyFilter) ProviderId() _dafny.Sequence { 529 { 530 return _this._providerId 531 } 532 } 533 534 // End of class OnDecryptMrkAwareEncryptedDataKeyFilter