int create_principal(struct keypair** keypair)
/*@ requires world(?pub, ?key_clsfy) &*&
pointer(keypair, _) &*&
principals_created(?count); @*/
/*@ ensures world(pub, key_clsfy) &*&
principals_created(result) &*&
result == count + 1 &*&
principal(result, 1) &*&
pointer(keypair, ?p_keypair) &*&
keypair(p_keypair, result, 1, 0, pub); @*/
{
//@ open principals_created(count);
//@ principal_create();
if (counter >= INT_MAX - 1)
{
abort_crypto_lib("To many principals generated");
}
counter++;
//@ close keypair_request(count + 1, 0);
struct keypair *k = create_keypair(counter);
*keypair = k;
struct item *key = keypair_get_public_key(k);
register_public_key(counter, key);
item_free(key);
return counter;
//@ close principals_created(count + 1);
}
void send_keys(struct network_status *net_stat, struct keypair *keypair)
/*@ requires [?f0]world(?pub, ?key_clsfy) &*&
keypair(keypair, ?attacker_id, ?id, ?info, pub) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(attacker_id, ?count1) &*&
true == bad(attacker_id); @*/
/*@ ensures [f0]world(pub, key_clsfy) &*&
keypair(keypair, attacker_id, id, info, pub) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(attacker_id, ?count2); @*/
{
//@ close key_request(attacker_id, 0);
struct item *key_sym = create_symmetric_key();
struct item *key_priv = keypair_get_private_key(keypair);
struct item *key_pub = keypair_get_public_key(keypair);
//@ assert item(key_sym, ?k_sym, pub);
//@ assert item(key_pub, ?k_pub, pub);
//@ assert item(key_priv, ?k_priv, pub);
//@ open proof_obligations(pub);
//@ assert is_public_symmetric_key(?proof_sym, pub);
//@ assert is_public_public_key(?proof_pub, pub);
//@ assert is_public_private_key(?proof_priv, pub);
//@ proof_sym(k_sym);
//@ proof_pub(k_pub);
//@ proof_priv(k_priv);
//@ close proof_obligations(pub);
network_send(net_stat, key_sym);
network_send(net_stat, key_pub);
network_send(net_stat, key_priv);
item_free(key_sym);
item_free(key_pub);
item_free(key_priv);
}
int main() //@ : main_full(main_app)
//@ requires module(main_app, true);
//@ ensures true;
{
struct keypair *apair;
struct keypair *pair;
struct item *key;
struct item *pub_key;
struct item *priv_key;
printf("\n\tExecuting \"");
printf("auth secure_storage");
printf("protocol");
printf("\" ... \n\n");
//@ open_module();
//@ PACK_PROOF_OBLIGATIONS(ss_auth)
init_crypto_lib();
int attacker = create_principal(&apair);
//@ assume (bad(attacker));
int sender = create_principal(&pair);
pub_key = keypair_get_public_key(pair);
priv_key = keypair_get_private_key(pair);
keypair_free(pair);
void *null = (void *) 0;
//@ leak world(ss_auth_pub);
{
pthread_t a_thread;
struct ss_auth_args *args = malloc(sizeof(struct ss_auth_args));
if (args == 0) abort();
args->attacker = attacker;
args->keypair = apair;
//@ close pthread_run_pre(attacker_t)(args, _);
pthread_create(&a_thread, NULL, &attacker_t, args);
}
int i = 0;
#ifdef EXECUTE
while (i++ < 10)
#else
while (true)
#endif
/*@ invariant [_]world(ss_auth_pub) &*&
generated_values(_, _) &*&
item(pub_key, public_key_item(sender, _), ss_auth_pub) &*&
item(priv_key, private_key_item(sender, _), ss_auth_pub);
@*/
{
pthread_t s_thread, r_thread;
struct ss_auth_args *args_s = malloc(sizeof(struct ss_auth_args));
if (args_s == 0) abort();
struct ss_auth_args *args_r = malloc(sizeof(struct ss_auth_args));
if (args_r == 0) abort();
args_s->key = priv_key;
args_r->key = pub_key;
{
/*@ close pthread_run_pre(sender_t)(args_s, cons(pointer_value(priv_key),
cons(int_value(sender), nil))); @*/
pthread_create(&s_thread, null, &sender_t, args_s);
/*@ close pthread_run_pre(receiver_t)(args_r, cons(pointer_value(pub_key),
cons(int_value(sender), nil))); @*/
pthread_create(&r_thread, null, &receiver_t, args_r);
}
{
pthread_join(r_thread, null);
//@ open pthread_run_post(receiver_t)(args_r, _);
pthread_join(s_thread, null);
//@ open pthread_run_post(sender_t)(args_s, _);
}
free(args_s);
free(args_r);
}
//@ close_module();
//@ leak module(main_app, _);
printf("Done\n");
}
