github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl@v0.2.0/CreateKeys/CreateKeys.go (about) 1 // Package CreateKeys 2 // Dafny module CreateKeys compiled into Go 3 4 package CreateKeys 5 6 import ( 7 os "os" 8 9 m_ComAmazonawsDynamodbTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/dynamodb/ComAmazonawsDynamodbTypes" 10 m_ComAmazonawsKmsTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/kms/ComAmazonawsKmsTypes" 11 m_AwsArnParsing "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsArnParsing" 12 m_AwsCryptographyKeyStoreTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsCryptographyKeyStoreTypes" 13 m_AwsCryptographyMaterialProvidersTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsCryptographyMaterialProvidersTypes" 14 m_AwsKmsMrkMatchForDecrypt "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsKmsMrkMatchForDecrypt" 15 m_AwsKmsUtils "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/AwsKmsUtils" 16 m_DDBKeystoreOperations "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/DDBKeystoreOperations" 17 m_KMSKeystoreOperations "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/KMSKeystoreOperations" 18 m_KeyStoreErrorMessages "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/KeyStoreErrorMessages" 19 m_KmsArn "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/KmsArn" 20 m_Structure "github.com/aws/aws-cryptographic-material-providers-library/releases/go/mpl/Structure" 21 m_AtomicPrimitives "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/AtomicPrimitives" 22 m_AwsCryptographyPrimitivesOperations "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/AwsCryptographyPrimitivesOperations" 23 m_AwsCryptographyPrimitivesTypes "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/AwsCryptographyPrimitivesTypes" 24 m_Digest "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/Digest" 25 m_HKDF "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/HKDF" 26 m_KdfCtr "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/KdfCtr" 27 m_Random "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/Random" 28 m_WrappedHKDF "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/WrappedHKDF" 29 m_WrappedHMAC "github.com/aws/aws-cryptographic-material-providers-library/releases/go/primitives/WrappedHMAC" 30 m_Actions "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Actions" 31 m_Base64 "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Base64" 32 m_Base64Lemmas "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Base64Lemmas" 33 m_BoundedInts "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/BoundedInts" 34 m_DivInternals "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/DivInternals" 35 m_DivInternalsNonlinear "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/DivInternalsNonlinear" 36 m_DivMod "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/DivMod" 37 m_FileIO "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/FileIO" 38 m_FloatCompare "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/FloatCompare" 39 m_Functions "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Functions" 40 m_GeneralInternals "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/GeneralInternals" 41 m_GetOpt "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/GetOpt" 42 m_HexStrings "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/HexStrings" 43 m_Logarithm "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Logarithm" 44 m__Math "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Math_" 45 m_ModInternals "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/ModInternals" 46 m_ModInternalsNonlinear "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/ModInternalsNonlinear" 47 m_Mul "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Mul" 48 m_MulInternals "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/MulInternals" 49 m_MulInternalsNonlinear "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/MulInternalsNonlinear" 50 m_Power "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Power" 51 m_Relations "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Relations" 52 m_Seq "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Seq" 53 m_Seq_MergeSort "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Seq_MergeSort" 54 m_Sorting "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Sorting" 55 m_StandardLibrary "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibrary" 56 m_StandardLibraryInterop "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibraryInterop" 57 m_StandardLibrary_Sequence "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibrary_Sequence" 58 m_StandardLibrary_String "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibrary_String" 59 m_StandardLibrary_UInt "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/StandardLibrary_UInt" 60 m_Streams "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Streams" 61 m_UnicodeStrings "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/UnicodeStrings" 62 m__Unicode "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Unicode_" 63 m_Utf16EncodingForm "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Utf16EncodingForm" 64 m_Utf8EncodingForm "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Utf8EncodingForm" 65 m_Wrappers "github.com/aws/aws-cryptographic-material-providers-library/releases/go/smithy-dafny-standard-library/Wrappers" 66 m__System "github.com/dafny-lang/DafnyRuntimeGo/v4/System_" 67 _dafny "github.com/dafny-lang/DafnyRuntimeGo/v4/dafny" 68 ) 69 70 var _ = os.Args 71 var _ _dafny.Dummy__ 72 var _ m__System.Dummy__ 73 var _ m_Wrappers.Dummy__ 74 var _ m_BoundedInts.Dummy__ 75 var _ m_StandardLibrary_UInt.Dummy__ 76 var _ m_StandardLibrary_Sequence.Dummy__ 77 var _ m_StandardLibrary_String.Dummy__ 78 var _ m_StandardLibrary.Dummy__ 79 var _ m_AwsCryptographyPrimitivesTypes.Dummy__ 80 var _ m_Random.Dummy__ 81 var _ m_Digest.Dummy__ 82 var _ m_WrappedHMAC.Dummy__ 83 var _ m_HKDF.Dummy__ 84 var _ m_WrappedHKDF.Dummy__ 85 var _ m_KdfCtr.Dummy__ 86 var _ m_AwsCryptographyPrimitivesOperations.Dummy__ 87 var _ m_AtomicPrimitives.Dummy__ 88 var _ m_ComAmazonawsDynamodbTypes.Dummy__ 89 var _ m_ComAmazonawsKmsTypes.Dummy__ 90 var _ m_Relations.Dummy__ 91 var _ m_Seq_MergeSort.Dummy__ 92 var _ m__Math.Dummy__ 93 var _ m_Seq.Dummy__ 94 var _ m__Unicode.Dummy__ 95 var _ m_Functions.Dummy__ 96 var _ m_Utf8EncodingForm.Dummy__ 97 var _ m_Utf16EncodingForm.Dummy__ 98 var _ m_UnicodeStrings.Dummy__ 99 var _ m_FileIO.Dummy__ 100 var _ m_GeneralInternals.Dummy__ 101 var _ m_MulInternalsNonlinear.Dummy__ 102 var _ m_MulInternals.Dummy__ 103 var _ m_Mul.Dummy__ 104 var _ m_ModInternalsNonlinear.Dummy__ 105 var _ m_DivInternalsNonlinear.Dummy__ 106 var _ m_ModInternals.Dummy__ 107 var _ m_DivInternals.Dummy__ 108 var _ m_DivMod.Dummy__ 109 var _ m_Power.Dummy__ 110 var _ m_Logarithm.Dummy__ 111 var _ m_StandardLibraryInterop.Dummy__ 112 var _ m_Streams.Dummy__ 113 var _ m_Sorting.Dummy__ 114 var _ m_HexStrings.Dummy__ 115 var _ m_GetOpt.Dummy__ 116 var _ m_FloatCompare.Dummy__ 117 var _ m_Base64.Dummy__ 118 var _ m_Base64Lemmas.Dummy__ 119 var _ m_Actions.Dummy__ 120 var _ m_AwsCryptographyKeyStoreTypes.Dummy__ 121 var _ m_AwsCryptographyMaterialProvidersTypes.Dummy__ 122 var _ m_AwsArnParsing.Dummy__ 123 var _ m_AwsKmsMrkMatchForDecrypt.Dummy__ 124 var _ m_AwsKmsUtils.Dummy__ 125 var _ m_KeyStoreErrorMessages.Dummy__ 126 var _ m_KmsArn.Dummy__ 127 var _ m_Structure.Dummy__ 128 var _ m_KMSKeystoreOperations.Dummy__ 129 var _ m_DDBKeystoreOperations.Dummy__ 130 131 type Dummy__ struct{} 132 133 // Definition of class Default__ 134 type Default__ struct { 135 dummy byte 136 } 137 138 func New_Default___() *Default__ { 139 _this := Default__{} 140 141 return &_this 142 } 143 144 type CompanionStruct_Default___ struct { 145 } 146 147 var Companion_Default___ = CompanionStruct_Default___{} 148 149 func (_this *Default__) Equals(other *Default__) bool { 150 return _this == other 151 } 152 153 func (_this *Default__) EqualsGeneric(x interface{}) bool { 154 other, ok := x.(*Default__) 155 return ok && _this.Equals(other) 156 } 157 158 func (*Default__) String() string { 159 return "CreateKeys.Default__" 160 } 161 func (_this *Default__) ParentTraits_() []*_dafny.TraitID { 162 return [](*_dafny.TraitID){} 163 } 164 165 var _ _dafny.TraitOffspring = &Default__{} 166 167 func (_static *CompanionStruct_Default___) CreateBranchAndBeaconKeys(branchKeyIdentifier _dafny.Sequence, customEncryptionContext _dafny.Map, timestamp _dafny.Sequence, branchKeyVersion _dafny.Sequence, ddbTableName _dafny.Sequence, logicalKeyStoreName _dafny.Sequence, kmsConfiguration m_AwsCryptographyKeyStoreTypes.KMSConfiguration, grantTokens _dafny.Sequence, kmsClient m_ComAmazonawsKmsTypes.IKMSClient, ddbClient m_ComAmazonawsDynamodbTypes.IDynamoDBClient) m_Wrappers.Result { 168 var output m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_AwsCryptographyKeyStoreTypes.Companion_CreateKeyOutput_.Default()) 169 _ = output 170 var _0_decryptOnlyEncryptionContext _dafny.Map 171 _ = _0_decryptOnlyEncryptionContext 172 _0_decryptOnlyEncryptionContext = m_Structure.Companion_Default___.DecryptOnlyBranchKeyEncryptionContext(branchKeyIdentifier, branchKeyVersion, timestamp, logicalKeyStoreName, m_KMSKeystoreOperations.Companion_Default___.GetKeyId(kmsConfiguration), customEncryptionContext) 173 var _1_activeEncryptionContext _dafny.Map 174 _ = _1_activeEncryptionContext 175 _1_activeEncryptionContext = m_Structure.Companion_Default___.ActiveBranchKeyEncryptionContext(_0_decryptOnlyEncryptionContext) 176 var _2_beaconEncryptionContext _dafny.Map 177 _ = _2_beaconEncryptionContext 178 _2_beaconEncryptionContext = m_Structure.Companion_Default___.BeaconKeyEncryptionContext(_0_decryptOnlyEncryptionContext) 179 var _3_valueOrError0 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 180 _ = _3_valueOrError0 181 _3_valueOrError0 = m_Wrappers.Companion_Default___.Need(m_KMSKeystoreOperations.Companion_Default___.AttemptKmsOperation_q(kmsConfiguration, _0_decryptOnlyEncryptionContext), m_AwsCryptographyKeyStoreTypes.Companion_Error_.Create_KeyStoreException_(_dafny.SeqOfString("Invalid KMS Key ARN configured for GenerateDataKeyWithoutPlaintext in CreateBranchAndBeaconKeys."))) 182 if (_3_valueOrError0).IsFailure() { 183 output = (_3_valueOrError0).PropagateFailure() 184 return output 185 } 186 var _4_valueOrError1 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_ComAmazonawsKmsTypes.Companion_GenerateDataKeyWithoutPlaintextResponse_.Default()) 187 _ = _4_valueOrError1 188 var _out0 m_Wrappers.Result 189 _ = _out0 190 _out0 = m_KMSKeystoreOperations.Companion_Default___.GenerateKey(_0_decryptOnlyEncryptionContext, kmsConfiguration, grantTokens, kmsClient) 191 _4_valueOrError1 = _out0 192 if (_4_valueOrError1).IsFailure() { 193 output = (_4_valueOrError1).PropagateFailure() 194 return output 195 } 196 var _5_wrappedDecryptOnlyBranchKey m_ComAmazonawsKmsTypes.GenerateDataKeyWithoutPlaintextResponse 197 _ = _5_wrappedDecryptOnlyBranchKey 198 _5_wrappedDecryptOnlyBranchKey = (_4_valueOrError1).Extract().(m_ComAmazonawsKmsTypes.GenerateDataKeyWithoutPlaintextResponse) 199 var _6_valueOrError2 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 200 _ = _6_valueOrError2 201 _6_valueOrError2 = m_Wrappers.Companion_Default___.Need(m_KMSKeystoreOperations.Companion_Default___.AttemptKmsOperation_q(kmsConfiguration, _1_activeEncryptionContext), m_AwsCryptographyKeyStoreTypes.Companion_Error_.Create_KeyStoreException_(_dafny.SeqOfString("Invalid KMS Key ARN configured for ReEncrypt in CreateBranchAndBeaconKeys."))) 202 if (_6_valueOrError2).IsFailure() { 203 output = (_6_valueOrError2).PropagateFailure() 204 return output 205 } 206 var _7_valueOrError3 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_ComAmazonawsKmsTypes.Companion_ReEncryptResponse_.Default()) 207 _ = _7_valueOrError3 208 var _out1 m_Wrappers.Result 209 _ = _out1 210 _out1 = m_KMSKeystoreOperations.Companion_Default___.ReEncryptKey(((_5_wrappedDecryptOnlyBranchKey).Dtor_CiphertextBlob()).Dtor_value().(_dafny.Sequence), _0_decryptOnlyEncryptionContext, _1_activeEncryptionContext, kmsConfiguration, grantTokens, kmsClient) 211 _7_valueOrError3 = _out1 212 if (_7_valueOrError3).IsFailure() { 213 output = (_7_valueOrError3).PropagateFailure() 214 return output 215 } 216 var _8_wrappedActiveBranchKey m_ComAmazonawsKmsTypes.ReEncryptResponse 217 _ = _8_wrappedActiveBranchKey 218 _8_wrappedActiveBranchKey = (_7_valueOrError3).Extract().(m_ComAmazonawsKmsTypes.ReEncryptResponse) 219 var _9_valueOrError4 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 220 _ = _9_valueOrError4 221 _9_valueOrError4 = m_Wrappers.Companion_Default___.Need(m_KMSKeystoreOperations.Companion_Default___.AttemptKmsOperation_q(kmsConfiguration, _2_beaconEncryptionContext), m_AwsCryptographyKeyStoreTypes.Companion_Error_.Create_KeyStoreException_(_dafny.SeqOfString("Invalid KMS Key ARN configured for GenerateDataKeyWithoutPlaintext(beacon key) in CreateBranchAndBeaconKeys."))) 222 if (_9_valueOrError4).IsFailure() { 223 output = (_9_valueOrError4).PropagateFailure() 224 return output 225 } 226 var _10_valueOrError5 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_ComAmazonawsKmsTypes.Companion_GenerateDataKeyWithoutPlaintextResponse_.Default()) 227 _ = _10_valueOrError5 228 var _out2 m_Wrappers.Result 229 _ = _out2 230 _out2 = m_KMSKeystoreOperations.Companion_Default___.GenerateKey(_2_beaconEncryptionContext, kmsConfiguration, grantTokens, kmsClient) 231 _10_valueOrError5 = _out2 232 if (_10_valueOrError5).IsFailure() { 233 output = (_10_valueOrError5).PropagateFailure() 234 return output 235 } 236 var _11_wrappedBeaconKey m_ComAmazonawsKmsTypes.GenerateDataKeyWithoutPlaintextResponse 237 _ = _11_wrappedBeaconKey 238 _11_wrappedBeaconKey = (_10_valueOrError5).Extract().(m_ComAmazonawsKmsTypes.GenerateDataKeyWithoutPlaintextResponse) 239 var _12_decryptOnlyBranchKeyItem _dafny.Map 240 _ = _12_decryptOnlyBranchKeyItem 241 _12_decryptOnlyBranchKeyItem = m_Structure.Companion_Default___.ToAttributeMap(_0_decryptOnlyEncryptionContext, ((_5_wrappedDecryptOnlyBranchKey).Dtor_CiphertextBlob()).Dtor_value().(_dafny.Sequence)) 242 var _13_activeBranchKeyItem _dafny.Map 243 _ = _13_activeBranchKeyItem 244 _13_activeBranchKeyItem = m_Structure.Companion_Default___.ToAttributeMap(_1_activeEncryptionContext, ((_8_wrappedActiveBranchKey).Dtor_CiphertextBlob()).Dtor_value().(_dafny.Sequence)) 245 var _14_beaconKeyItem _dafny.Map 246 _ = _14_beaconKeyItem 247 _14_beaconKeyItem = m_Structure.Companion_Default___.ToAttributeMap(_2_beaconEncryptionContext, ((_11_wrappedBeaconKey).Dtor_CiphertextBlob()).Dtor_value().(_dafny.Sequence)) 248 var _15_valueOrError6 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_ComAmazonawsDynamodbTypes.Companion_TransactWriteItemsOutput_.Default()) 249 _ = _15_valueOrError6 250 var _out3 m_Wrappers.Result 251 _ = _out3 252 _out3 = m_DDBKeystoreOperations.Companion_Default___.WriteNewKeyToStore(_12_decryptOnlyBranchKeyItem, _13_activeBranchKeyItem, _14_beaconKeyItem, ddbTableName, ddbClient) 253 _15_valueOrError6 = _out3 254 if (_15_valueOrError6).IsFailure() { 255 output = (_15_valueOrError6).PropagateFailure() 256 return output 257 } 258 var _16___v0 m_ComAmazonawsDynamodbTypes.TransactWriteItemsOutput 259 _ = _16___v0 260 _16___v0 = (_15_valueOrError6).Extract().(m_ComAmazonawsDynamodbTypes.TransactWriteItemsOutput) 261 output = m_Wrappers.Companion_Result_.Create_Success_(m_AwsCryptographyKeyStoreTypes.Companion_CreateKeyOutput_.Create_CreateKeyOutput_(branchKeyIdentifier)) 262 return output 263 } 264 func (_static *CompanionStruct_Default___) VersionActiveBranchKey(input m_AwsCryptographyKeyStoreTypes.VersionKeyInput, timestamp _dafny.Sequence, branchKeyVersion _dafny.Sequence, ddbTableName _dafny.Sequence, logicalKeyStoreName _dafny.Sequence, kmsConfiguration m_AwsCryptographyKeyStoreTypes.KMSConfiguration, grantTokens _dafny.Sequence, kmsClient m_ComAmazonawsKmsTypes.IKMSClient, ddbClient m_ComAmazonawsDynamodbTypes.IDynamoDBClient) m_Wrappers.Result { 265 var output m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_AwsCryptographyKeyStoreTypes.Companion_VersionKeyOutput_.Default()) 266 _ = output 267 var _0_valueOrError0 m_Wrappers.Result = m_Wrappers.Result{} 268 _ = _0_valueOrError0 269 var _out0 m_Wrappers.Result 270 _ = _out0 271 _out0 = m_DDBKeystoreOperations.Companion_Default___.GetActiveBranchKeyItem((input).Dtor_branchKeyIdentifier(), ddbTableName, ddbClient) 272 _0_valueOrError0 = _out0 273 if (_0_valueOrError0).IsFailure() { 274 output = (_0_valueOrError0).PropagateFailure() 275 return output 276 } 277 var _1_oldActiveItem _dafny.Map 278 _ = _1_oldActiveItem 279 _1_oldActiveItem = (_0_valueOrError0).Extract().(_dafny.Map) 280 var _2_oldActiveEncryptionContext _dafny.Map 281 _ = _2_oldActiveEncryptionContext 282 _2_oldActiveEncryptionContext = m_Structure.Companion_Default___.ToBranchKeyContext(_1_oldActiveItem, logicalKeyStoreName) 283 var _3_valueOrError1 m_Wrappers.Outcome = m_Wrappers.Companion_Outcome_.Default() 284 _ = _3_valueOrError1 285 _3_valueOrError1 = m_Wrappers.Companion_Default___.Need((true) && (m_KMSKeystoreOperations.Companion_Default___.AttemptKmsOperation_q(kmsConfiguration, _2_oldActiveEncryptionContext)), m_AwsCryptographyKeyStoreTypes.Companion_Error_.Create_KeyStoreException_(m_KeyStoreErrorMessages.Companion_Default___.VERSION__KEY__KMS__KEY__ARN__DISAGREEMENT())) 286 if (_3_valueOrError1).IsFailure() { 287 output = (_3_valueOrError1).PropagateFailure() 288 return output 289 } 290 var _4_valueOrError2 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_ComAmazonawsKmsTypes.Companion_ReEncryptResponse_.Default()) 291 _ = _4_valueOrError2 292 var _out1 m_Wrappers.Result 293 _ = _out1 294 _out1 = m_KMSKeystoreOperations.Companion_Default___.ReEncryptKey(((_1_oldActiveItem).Get(m_Structure.Companion_Default___.BRANCH__KEY__FIELD()).(m_ComAmazonawsDynamodbTypes.AttributeValue)).Dtor_B(), _2_oldActiveEncryptionContext, _2_oldActiveEncryptionContext, kmsConfiguration, grantTokens, kmsClient) 295 _4_valueOrError2 = _out1 296 if (_4_valueOrError2).IsFailure() { 297 output = (_4_valueOrError2).PropagateFailure() 298 return output 299 } 300 var _5___v1 m_ComAmazonawsKmsTypes.ReEncryptResponse 301 _ = _5___v1 302 _5___v1 = (_4_valueOrError2).Extract().(m_ComAmazonawsKmsTypes.ReEncryptResponse) 303 var _6_decryptOnlyEncryptionContext _dafny.Map 304 _ = _6_decryptOnlyEncryptionContext 305 _6_decryptOnlyEncryptionContext = m_Structure.Companion_Default___.NewVersionFromActiveBranchKeyEncryptionContext(_2_oldActiveEncryptionContext, branchKeyVersion, timestamp) 306 var _7_activeEncryptionContext _dafny.Map 307 _ = _7_activeEncryptionContext 308 _7_activeEncryptionContext = m_Structure.Companion_Default___.ActiveBranchKeyEncryptionContext(_6_decryptOnlyEncryptionContext) 309 var _8_valueOrError3 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_ComAmazonawsKmsTypes.Companion_GenerateDataKeyWithoutPlaintextResponse_.Default()) 310 _ = _8_valueOrError3 311 var _out2 m_Wrappers.Result 312 _ = _out2 313 _out2 = m_KMSKeystoreOperations.Companion_Default___.GenerateKey(_6_decryptOnlyEncryptionContext, kmsConfiguration, grantTokens, kmsClient) 314 _8_valueOrError3 = _out2 315 if (_8_valueOrError3).IsFailure() { 316 output = (_8_valueOrError3).PropagateFailure() 317 return output 318 } 319 var _9_wrappedDecryptOnlyBranchKey m_ComAmazonawsKmsTypes.GenerateDataKeyWithoutPlaintextResponse 320 _ = _9_wrappedDecryptOnlyBranchKey 321 _9_wrappedDecryptOnlyBranchKey = (_8_valueOrError3).Extract().(m_ComAmazonawsKmsTypes.GenerateDataKeyWithoutPlaintextResponse) 322 var _10_valueOrError4 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_ComAmazonawsKmsTypes.Companion_ReEncryptResponse_.Default()) 323 _ = _10_valueOrError4 324 var _out3 m_Wrappers.Result 325 _ = _out3 326 _out3 = m_KMSKeystoreOperations.Companion_Default___.ReEncryptKey(((_9_wrappedDecryptOnlyBranchKey).Dtor_CiphertextBlob()).Dtor_value().(_dafny.Sequence), _6_decryptOnlyEncryptionContext, _7_activeEncryptionContext, kmsConfiguration, grantTokens, kmsClient) 327 _10_valueOrError4 = _out3 328 if (_10_valueOrError4).IsFailure() { 329 output = (_10_valueOrError4).PropagateFailure() 330 return output 331 } 332 var _11_wrappedActiveBranchKey m_ComAmazonawsKmsTypes.ReEncryptResponse 333 _ = _11_wrappedActiveBranchKey 334 _11_wrappedActiveBranchKey = (_10_valueOrError4).Extract().(m_ComAmazonawsKmsTypes.ReEncryptResponse) 335 var _12_decryptOnlyBranchKeyItem _dafny.Map 336 _ = _12_decryptOnlyBranchKeyItem 337 _12_decryptOnlyBranchKeyItem = m_Structure.Companion_Default___.ToAttributeMap(_6_decryptOnlyEncryptionContext, ((_9_wrappedDecryptOnlyBranchKey).Dtor_CiphertextBlob()).Dtor_value().(_dafny.Sequence)) 338 var _13_activeBranchKeyItem _dafny.Map 339 _ = _13_activeBranchKeyItem 340 _13_activeBranchKeyItem = m_Structure.Companion_Default___.ToAttributeMap(_7_activeEncryptionContext, ((_11_wrappedActiveBranchKey).Dtor_CiphertextBlob()).Dtor_value().(_dafny.Sequence)) 341 var _14_valueOrError5 m_Wrappers.Result = m_Wrappers.Companion_Result_.Default(m_ComAmazonawsDynamodbTypes.Companion_TransactWriteItemsOutput_.Default()) 342 _ = _14_valueOrError5 343 var _out4 m_Wrappers.Result 344 _ = _out4 345 _out4 = m_DDBKeystoreOperations.Companion_Default___.WriteNewBranchKeyVersionToKeystore(_12_decryptOnlyBranchKeyItem, _13_activeBranchKeyItem, ddbTableName, ddbClient) 346 _14_valueOrError5 = _out4 347 if (_14_valueOrError5).IsFailure() { 348 output = (_14_valueOrError5).PropagateFailure() 349 return output 350 } 351 var _15___v2 m_ComAmazonawsDynamodbTypes.TransactWriteItemsOutput 352 _ = _15___v2 353 _15___v2 = (_14_valueOrError5).Extract().(m_ComAmazonawsDynamodbTypes.TransactWriteItemsOutput) 354 output = m_Wrappers.Companion_Result_.Create_Success_(m_AwsCryptographyKeyStoreTypes.Companion_VersionKeyOutput_.Create_VersionKeyOutput_()) 355 return output 356 } 357 358 // End of class Default__