void check_is_asymmetric_encrypted(struct item *item) //@ requires [?f]world(?pub, ?key_clsfy) &*& item(item, ?i, pub); /*@ ensures [f]world(pub, key_clsfy) &*& item(item, i, pub) &*& i == asymmetric_encrypted_item(_, _, _, _); @*/ { if (!is_asymmetric_encrypted(item)) abort_crypto_lib("Presented item is not an asymmetric encrypted item"); }
void send_asymmetric_decrypted(struct network_status *net_stat, struct keypair *keypair) /*@ requires [?f0]world(?pub, ?key_clsfy) &*& keypair(keypair, ?attacker_id, ?id, ?info, pub) &*& proof_obligations(pub) &*& network_status(net_stat) &*& principal(attacker_id, ?count1) &*& true == bad(attacker_id); @*/ /*@ ensures [f0]world(pub, key_clsfy) &*& keypair(keypair, attacker_id, id, info, pub) &*& proof_obligations(pub) &*& network_status(net_stat) &*& principal(attacker_id, ?count2); @*/ { struct item *key = network_receive(net_stat); //@ assert item(key, ?k, pub); if (is_private_key(key)) { //@ assert k == private_key_item(?principal2, ?count2); struct item *enc = network_receive(net_stat); //@ assert item(enc, ?e, pub); if (is_asymmetric_encrypted(enc)) { //@ assert e == asymmetric_encrypted_item(?principal3, ?count3, ?pay, ?ent); char tag; //@ close chars(&tag, 1, _); random_buffer_(&tag, 1); //@ open chars(&tag, 1, _); if (tag == TAG_DATA || tag == TAG_PAIR || tag == TAG_NONCE || tag == TAG_HASH || tag == TAG_SYMMETRIC_KEY || tag == TAG_PUBLIC_KEY || tag == TAG_PRIVATE_KEY || tag == TAG_HMAC || tag == TAG_SYMMETRIC_ENC || tag == TAG_ASYMMETRIC_ENC || tag == TAG_ASYMMETRIC_SIG) { struct item *dec = asymmetric_decryption(key, enc, tag); //@ assert item(dec, ?d, pub); //@ open proof_obligations(pub); /*@ if (col) { assert [_]pub(d); } else if (principal2 == principal3 && count2 == count3) { assert pay == some(d); assert is_public_asymmetric_decrypted(?proof, pub); proof(e); } else { assert [_]pub(d); } @*/ network_send(net_stat, dec); //@ close proof_obligations(pub); item_free(dec); } } item_free(enc); } item_free(key); }