isabelle: src/HOL/SPARK/Examples/RIPEMD-160/RMD.thy@dbaa38bd223a (annotated)

41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	1	(* Title: HOL/SPARK/Examples/RIPEMD-160/RMD.thy
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	2	Author: Fabian Immler, TU Muenchen
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	3
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	4	Verification of the RIPEMD-160 hash function
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	5	*)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	6
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	7	theory RMD
66453 cc19f7ca2ed6 session-qualified theory imports: isabelle imports -U -i -d '~~/src/Benchmarks' -a; wenzelm parents: 62390 diff changeset	8	imports "HOL-Word.Word"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	9	begin
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	10
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	11
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	12	\<comment> \<open>all operations are defined on 32-bit words\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	13
41587 e13df75fee79 type_synonym; wenzelm parents: 41561 diff changeset	14	type_synonym word32 = "32 word"
e13df75fee79 type_synonym; wenzelm parents: 41561 diff changeset	15	type_synonym byte = "8 word"
e13df75fee79 type_synonym; wenzelm parents: 41561 diff changeset	16	type_synonym perm = "nat \<Rightarrow> nat"
e13df75fee79 type_synonym; wenzelm parents: 41561 diff changeset	17	type_synonym chain = "word32 * word32 * word32 * word32 * word32"
e13df75fee79 type_synonym; wenzelm parents: 41561 diff changeset	18	type_synonym block = "nat \<Rightarrow> word32"
e13df75fee79 type_synonym; wenzelm parents: 41561 diff changeset	19	type_synonym message = "nat \<Rightarrow> block"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	20
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	21	\<comment> \<open>nonlinear functions at bit level\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	22
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	23	definition f::"[nat, word32, word32, word32] => word32"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	24	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	25	"f j x y z =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	26	(if ( 0 <= j & j <= 15) then x XOR y XOR z
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	27	else if (16 <= j & j <= 31) then (x AND y) OR (NOT x AND z)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	28	else if (32 <= j & j <= 47) then (x OR NOT y) XOR z
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	29	else if (48 <= j & j <= 63) then (x AND z) OR (y AND NOT z)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	30	else if (64 <= j & j <= 79) then x XOR (y OR NOT z)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	31	else 0)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	32
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	33
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	34	\<comment> \<open>added constants (hexadecimal)\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	35
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	36	definition K::"nat => word32"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	37	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	38	"K j =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	39	(if ( 0 <= j & j <= 15) then 0x00000000
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	40	else if (16 <= j & j <= 31) then 0x5A827999
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	41	else if (32 <= j & j <= 47) then 0x6ED9EBA1
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	42	else if (48 <= j & j <= 63) then 0x8F1BBCDC
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	43	else if (64 <= j & j <= 79) then 0xA953FD4E
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	44	else 0)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	45
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	46	definition K'::"nat => word32"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	47	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	48	"K' j =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	49	(if ( 0 <= j & j <= 15) then 0x50A28BE6
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	50	else if (16 <= j & j <= 31) then 0x5C4DD124
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	51	else if (32 <= j & j <= 47) then 0x6D703EF3
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	52	else if (48 <= j & j <= 63) then 0x7A6D76E9
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	53	else if (64 <= j & j <= 79) then 0x00000000
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	54	else 0)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	55
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	56
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	57	\<comment> \<open>selection of message word\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	58
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	59	definition r_list :: "nat list"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	60	where "r_list = [
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	61	0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	62	7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	63	3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	64	1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	65	4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	66	]"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	67
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	68	definition r'_list :: "nat list"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	69	where "r'_list = [
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	70	5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	71	6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	72	15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	73	8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	74	12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	75	]"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	76
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	77	definition r :: perm
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	78	where "r j = r_list ! j"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	79
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	80	definition r' :: perm
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	81	where "r' j = r'_list ! j"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	82
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	83
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	84	\<comment> \<open>amount for rotate left (rol)\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	85
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	86	definition s_list :: "nat list"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	87	where "s_list = [
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	88	11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	89	7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	90	11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	91	11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	92	9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	93	]"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	94
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	95	definition s'_list :: "nat list"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	96	where "s'_list = [
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	97	8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	98	9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	99	9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	100	15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	101	8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	102	]"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	103
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	104	definition s :: perm
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	105	where "s j = s_list ! j"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	106
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	107	definition s' :: perm
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	108	where "s' j = s'_list ! j"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	109
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	110
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	111	\<comment> \<open>Initial value (hexadecimal)\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	112
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	113	definition h0_0::word32 where "h0_0 = 0x67452301"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	114	definition h1_0::word32 where "h1_0 = 0xEFCDAB89"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	115	definition h2_0::word32 where "h2_0 = 0x98BADCFE"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	116	definition h3_0::word32 where "h3_0 = 0x10325476"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	117	definition h4_0::word32 where "h4_0 = 0xC3D2E1F0"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	118	definition h_0::chain where "h_0 = (h0_0, h1_0, h2_0, h3_0, h4_0)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	119
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	120
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	121	definition step_l ::
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	122	"[ block,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	123	chain,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	124	nat
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	125	] => chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	126	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	127	"step_l X c j =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	128	(let (A, B, C, D, E) = c in
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	129	(\<comment> \<open>\<open>A:\<close>\<close> E,
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	130	\<comment> \<open>\<open>B:\<close>\<close> word_rotl (s j) (A + f j B C D + X (r j) + K j) + E,
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	131	\<comment> \<open>\<open>C:\<close>\<close> B,
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	132	\<comment> \<open>\<open>D:\<close>\<close> word_rotl 10 C,
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	133	\<comment> \<open>\<open>E:\<close>\<close> D))"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	134
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	135	definition step_r ::
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	136	"[ block,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	137	chain,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	138	nat
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	139	] \<Rightarrow> chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	140	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	141	"step_r X c' j =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	142	(let (A', B', C', D', E') = c' in
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	143	(\<comment> \<open>\<open>A':\<close>\<close> E',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	144	\<comment> \<open>\<open>B':\<close>\<close> word_rotl (s' j) (A' + f (79 - j) B' C' D' + X (r' j) + K' j) + E',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	145	\<comment> \<open>\<open>C':\<close>\<close> B',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	146	\<comment> \<open>\<open>D':\<close>\<close> word_rotl 10 C',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	147	\<comment> \<open>\<open>E':\<close>\<close> D'))"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	148
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	149	definition step_both ::
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	150	"[ block, chain * chain, nat ] \<Rightarrow> chain * chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	151	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	152	"step_both X cc j = (case cc of (c, c') \<Rightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	153	(step_l X c j, step_r X c' j))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	154
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	155	definition steps::"[ block, chain * chain, nat] \<Rightarrow> chain * chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	156	where "steps X cc i = foldl (step_both X) cc [0..<i]"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	157
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	158	definition round::"[ block, chain ] \<Rightarrow> chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	159	where "round X h =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	160	(let (h0, h1, h2, h3, h4) = h in
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	161	let ((A, B, C, D, E), (A', B', C', D', E')) = steps X (h, h) 80 in
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	162	(\<comment> \<open>\<open>h0:\<close>\<close> h1 + C + D',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	163	\<comment> \<open>\<open>h1:\<close>\<close> h2 + D + E',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	164	\<comment> \<open>\<open>h2:\<close>\<close> h3 + E + A',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	165	\<comment> \<open>\<open>h3:\<close>\<close> h4 + A + B',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	166	\<comment> \<open>\<open>h4:\<close>\<close> h0 + B + C'))"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	167
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	168	definition rmd_body::"[ message, chain, nat ] => chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	169	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	170	"rmd_body X h i = round (X i) h"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	171
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	172	definition rounds::"message \<Rightarrow> chain \<Rightarrow> nat \<Rightarrow> chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	173	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	174	"rounds X h i = foldl (rmd_body X) h_0 [0..<i]"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	175
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	176	definition rmd :: "message \<Rightarrow> nat \<Rightarrow> chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	177	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	178	"rmd X len = rounds X h_0 len"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	179
62390 842917225d56 more canonical names nipkow parents: 55818 diff changeset	180	end

author	wenzelm
	Fri, 12 Jan 2018 14:43:06 +0100
changeset 67407	dbaa38bd223a
parent 66453	cc19f7ca2ed6
child 72515	c7038c397ae3
permissions	-rw-r--r--