isabelle: src/HOL/SPARK/Examples/RIPEMD-160/RMD.thy@ae85cd17ffbe (annotated)

41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	1	(* Title: HOL/SPARK/Examples/RIPEMD-160/RMD.thy
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	2	Author: Fabian Immler, TU Muenchen
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	3
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	4	Verification of the RIPEMD-160 hash function
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	5	*)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	6
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	7	theory RMD
72515 c7038c397ae3 moved most material from session HOL-Word to Word_Lib in the AFP haftmann parents: 67407 diff changeset	8	imports "HOL-Library.Word"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	9	begin
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	10
74097 6d7be1227d02 organize syntax for word operations in bundles haftmann parents: 72515 diff changeset	11	unbundle bit_operations_syntax
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	12
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	13	\<comment> \<open>all operations are defined on 32-bit words\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	14
41587 e13df75fee79 type_synonym; wenzelm parents: 41561 diff changeset	15	type_synonym word32 = "32 word"
e13df75fee79 type_synonym; wenzelm parents: 41561 diff changeset	16	type_synonym byte = "8 word"
e13df75fee79 type_synonym; wenzelm parents: 41561 diff changeset	17	type_synonym perm = "nat \<Rightarrow> nat"
e13df75fee79 type_synonym; wenzelm parents: 41561 diff changeset	18	type_synonym chain = "word32 * word32 * word32 * word32 * word32"
e13df75fee79 type_synonym; wenzelm parents: 41561 diff changeset	19	type_synonym block = "nat \<Rightarrow> word32"
e13df75fee79 type_synonym; wenzelm parents: 41561 diff changeset	20	type_synonym message = "nat \<Rightarrow> block"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	21
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	22	\<comment> \<open>nonlinear functions at bit level\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	23
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	24	definition f::"[nat, word32, word32, word32] => word32"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	25	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	26	"f j x y z =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	27	(if ( 0 <= j & j <= 15) then x XOR y XOR z
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	28	else if (16 <= j & j <= 31) then (x AND y) OR (NOT x AND z)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	29	else if (32 <= j & j <= 47) then (x OR NOT y) XOR z
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	30	else if (48 <= j & j <= 63) then (x AND z) OR (y AND NOT z)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	31	else if (64 <= j & j <= 79) then x XOR (y OR NOT z)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	32	else 0)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	33
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	34
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	35	\<comment> \<open>added constants (hexadecimal)\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	36
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	37	definition K::"nat => word32"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	38	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	39	"K j =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	40	(if ( 0 <= j & j <= 15) then 0x00000000
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	41	else if (16 <= j & j <= 31) then 0x5A827999
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	42	else if (32 <= j & j <= 47) then 0x6ED9EBA1
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	43	else if (48 <= j & j <= 63) then 0x8F1BBCDC
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	44	else if (64 <= j & j <= 79) then 0xA953FD4E
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	45	else 0)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	46
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	47	definition K'::"nat => word32"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	48	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	49	"K' j =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	50	(if ( 0 <= j & j <= 15) then 0x50A28BE6
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	51	else if (16 <= j & j <= 31) then 0x5C4DD124
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	52	else if (32 <= j & j <= 47) then 0x6D703EF3
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	53	else if (48 <= j & j <= 63) then 0x7A6D76E9
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	54	else if (64 <= j & j <= 79) then 0x00000000
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	55	else 0)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	56
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	57
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	58	\<comment> \<open>selection of message word\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	59
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	60	definition r_list :: "nat list"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	61	where "r_list = [
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	62	0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	63	7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	64	3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	65	1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	66	4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	67	]"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	68
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	69	definition r'_list :: "nat list"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	70	where "r'_list = [
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	71	5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	72	6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	73	15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	74	8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	75	12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	76	]"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	77
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	78	definition r :: perm
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	79	where "r j = r_list ! j"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	80
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	81	definition r' :: perm
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	82	where "r' j = r'_list ! j"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	83
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	84
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	85	\<comment> \<open>amount for rotate left (rol)\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	86
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	87	definition s_list :: "nat list"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	88	where "s_list = [
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	89	11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	90	7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	91	11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	92	11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	93	9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	94	]"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	95
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	96	definition s'_list :: "nat list"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	97	where "s'_list = [
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	98	8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	99	9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	100	9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	101	15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	102	8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	103	]"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	104
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	105	definition s :: perm
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	106	where "s j = s_list ! j"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	107
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	108	definition s' :: perm
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	109	where "s' j = s'_list ! j"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	110
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	111
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	112	\<comment> \<open>Initial value (hexadecimal)\<close>
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	113
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	114	definition h0_0::word32 where "h0_0 = 0x67452301"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	115	definition h1_0::word32 where "h1_0 = 0xEFCDAB89"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	116	definition h2_0::word32 where "h2_0 = 0x98BADCFE"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	117	definition h3_0::word32 where "h3_0 = 0x10325476"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	118	definition h4_0::word32 where "h4_0 = 0xC3D2E1F0"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	119	definition h_0::chain where "h_0 = (h0_0, h1_0, h2_0, h3_0, h4_0)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	120
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	121
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	122	definition step_l ::
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	123	"[ block,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	124	chain,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	125	nat
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	126	] => chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	127	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	128	"step_l X c j =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	129	(let (A, B, C, D, E) = c in
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	130	(\<comment> \<open>\<open>A:\<close>\<close> E,
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	131	\<comment> \<open>\<open>B:\<close>\<close> word_rotl (s j) (A + f j B C D + X (r j) + K j) + E,
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	132	\<comment> \<open>\<open>C:\<close>\<close> B,
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	133	\<comment> \<open>\<open>D:\<close>\<close> word_rotl 10 C,
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	134	\<comment> \<open>\<open>E:\<close>\<close> D))"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	135
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	136	definition step_r ::
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	137	"[ block,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	138	chain,
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	139	nat
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	140	] \<Rightarrow> chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	141	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	142	"step_r X c' j =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	143	(let (A', B', C', D', E') = c' in
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	144	(\<comment> \<open>\<open>A':\<close>\<close> E',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	145	\<comment> \<open>\<open>B':\<close>\<close> word_rotl (s' j) (A' + f (79 - j) B' C' D' + X (r' j) + K' j) + E',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	146	\<comment> \<open>\<open>C':\<close>\<close> B',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	147	\<comment> \<open>\<open>D':\<close>\<close> word_rotl 10 C',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	148	\<comment> \<open>\<open>E':\<close>\<close> D'))"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	149
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	150	definition step_both ::
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	151	"[ block, chain * chain, nat ] \<Rightarrow> chain * chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	152	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	153	"step_both X cc j = (case cc of (c, c') \<Rightarrow>
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	154	(step_l X c j, step_r X c' j))"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	155
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	156	definition steps::"[ block, chain * chain, nat] \<Rightarrow> chain * chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	157	where "steps X cc i = foldl (step_both X) cc [0..<i]"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	158
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	159	definition round::"[ block, chain ] \<Rightarrow> chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	160	where "round X h =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	161	(let (h0, h1, h2, h3, h4) = h in
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	162	let ((A, B, C, D, E), (A', B', C', D', E')) = steps X (h, h) 80 in
67407 dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	163	(\<comment> \<open>\<open>h0:\<close>\<close> h1 + C + D',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	164	\<comment> \<open>\<open>h1:\<close>\<close> h2 + D + E',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	165	\<comment> \<open>\<open>h2:\<close>\<close> h3 + E + A',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	166	\<comment> \<open>\<open>h3:\<close>\<close> h4 + A + B',
dbaa38bd223a prefer formal comments; wenzelm parents: 66453 diff changeset	167	\<comment> \<open>\<open>h4:\<close>\<close> h0 + B + C'))"
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	168
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	169	definition rmd_body::"[ message, chain, nat ] => chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	170	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	171	"rmd_body X h i = round (X i) h"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	172
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	173	definition rounds::"message \<Rightarrow> chain \<Rightarrow> nat \<Rightarrow> chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	174	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	175	"rounds X h i = foldl (rmd_body X) h_0 [0..<i]"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	176
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	177	definition rmd :: "message \<Rightarrow> nat \<Rightarrow> chain"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	178	where
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	179	"rmd X len = rounds X h_0 len"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	180
62390 842917225d56 more canonical names nipkow parents: 55818 diff changeset	181	end

author	wenzelm
	Sun, 06 Jul 2025 15:26:59 +0200
changeset 82820	ae85cd17ffbe
parent 74097	6d7be1227d02
permissions	-rw-r--r--