diff -r e96292f32c3c -r 38b73f7940af src/HOL/Auth/Message.thy --- a/src/HOL/Auth/Message.thy Mon Dec 28 21:47:32 2015 +0100 +++ b/src/HOL/Auth/Message.thy Mon Dec 28 23:13:33 2015 +0100 @@ -48,21 +48,17 @@ | Crypt key msg \\Encryption, public- or shared-key\ -text\Concrete syntax: messages appear as {|A,B,NA|}, etc...\ +text\Concrete syntax: messages appear as \\A,B,NA\\, etc...\ syntax - "_MTuple" :: "['a, args] => 'a * 'b" ("(2{|_,/ _|})") - -syntax (xsymbols) - "_MTuple" :: "['a, args] => 'a * 'b" ("(2\_,/ _\)") - + "_MTuple" :: "['a, args] \ 'a * 'b" ("(2\_,/ _\)") translations - "{|x, y, z|}" == "{|x, {|y, z|}|}" - "{|x, y|}" == "CONST MPair x y" + "\x, y, z\" \ "\x, \y, z\\" + "\x, y\" \ "CONST MPair x y" definition HPair :: "[msg,msg] => msg" ("(4Hash[_] /_)" [0, 1000]) where \\Message Y paired with a MAC computed with the help of X\ - "Hash[X] Y == {| Hash{|X,Y|}, Y|}" + "Hash[X] Y == \Hash\X,Y\, Y\" definition keysFor :: "msg set => key set" where \\Keys useful to decrypt elements of a message set\ @@ -75,9 +71,9 @@ parts :: "msg set => msg set" for H :: "msg set" where - Inj [intro]: "X \ H ==> X \ parts H" - | Fst: "{|X,Y|} \ parts H ==> X \ parts H" - | Snd: "{|X,Y|} \ parts H ==> Y \ parts H" + Inj [intro]: "X \ H ==> X \ parts H" + | Fst: "\X,Y\ \ parts H ==> X \ parts H" + | Snd: "\X,Y\ \ parts H ==> Y \ parts H" | Body: "Crypt K X \ parts H ==> X \ parts H" @@ -136,7 +132,7 @@ lemma keysFor_insert_Hash [simp]: "keysFor (insert (Hash X) H) = keysFor H" by (unfold keysFor_def, auto) -lemma keysFor_insert_MPair [simp]: "keysFor (insert {|X,Y|} H) = keysFor H" +lemma keysFor_insert_MPair [simp]: "keysFor (insert \X,Y\ H) = keysFor H" by (unfold keysFor_def, auto) lemma keysFor_insert_Crypt [simp]: @@ -153,7 +149,7 @@ subsection\Inductive relation "parts"\ lemma MPair_parts: - "[| {|X,Y|} \ parts H; + "[| \X,Y\ \ parts H; [| X \ parts H; Y \ parts H |] ==> P |] ==> P" by (blast dest: parts.Fst parts.Snd) @@ -294,8 +290,8 @@ done lemma parts_insert_MPair [simp]: - "parts (insert {|X,Y|} H) = - insert {|X,Y|} (parts (insert X (insert Y H)))" + "parts (insert \X,Y\ H) = + insert \X,Y\ (parts (insert X (insert Y H)))" apply (rule equalityI) apply (rule subsetI) apply (erule parts.induct, auto) @@ -330,9 +326,9 @@ analz :: "msg set => msg set" for H :: "msg set" where - Inj [intro,simp] : "X \ H ==> X \ analz H" - | Fst: "{|X,Y|} \ analz H ==> X \ analz H" - | Snd: "{|X,Y|} \ analz H ==> Y \ analz H" + Inj [intro,simp]: "X \ H ==> X \ analz H" + | Fst: "\X,Y\ \ analz H ==> X \ analz H" + | Snd: "\X,Y\ \ analz H ==> Y \ analz H" | Decrypt [dest]: "[|Crypt K X \ analz H; Key(invKey K): analz H|] ==> X \ analz H" @@ -346,7 +342,7 @@ text\Making it safe speeds up proofs\ lemma MPair_analz [elim!]: - "[| {|X,Y|} \ analz H; + "[| \X,Y\ \ analz H; [| X \ analz H; Y \ analz H |] ==> P |] ==> P" by (blast dest: analz.Fst analz.Snd) @@ -427,8 +423,8 @@ done lemma analz_insert_MPair [simp]: - "analz (insert {|X,Y|} H) = - insert {|X,Y|} (analz (insert X (insert Y H)))" + "analz (insert \X,Y\ H) = + insert \X,Y\ (analz (insert X (insert Y H)))" apply (rule equalityI) apply (rule subsetI) apply (erule analz.induct, auto) @@ -540,7 +536,7 @@ text\If there are no pairs or encryptions then analz does nothing\ lemma analz_trivial: - "[| \X Y. {|X,Y|} \ H; \X K. Crypt K X \ H |] ==> analz H = H" + "[| \X Y. \X,Y\ \ H; \X K. Crypt K X \ H |] ==> analz H = H" apply safe apply (erule analz.induct, blast+) done @@ -571,7 +567,7 @@ | Agent [intro]: "Agent agt \ synth H" | Number [intro]: "Number n \ synth H" | Hash [intro]: "X \ synth H ==> Hash X \ synth H" - | MPair [intro]: "[|X \ synth H; Y \ synth H|] ==> {|X,Y|} \ synth H" + | MPair [intro]: "[|X \ synth H; Y \ synth H|] ==> \X,Y\ \ synth H" | Crypt [intro]: "[|X \ synth H; Key(K) \ H|] ==> Crypt K X \ synth H" text\Monotonicity\ @@ -585,7 +581,7 @@ "Nonce n \ synth H" "Key K \ synth H" "Hash X \ synth H" - "{|X,Y|} \ synth H" + "\X,Y\ \ synth H" "Crypt K X \ synth H" lemma synth_increasing: "H \ synth(H)" @@ -694,7 +690,7 @@ text\Without this equation, other rules for synth and analz would yield redundant cases\ lemma MPair_synth_analz [iff]: - "({|X,Y|} \ synth (analz H)) = + "(\X,Y\ \ synth (analz H)) = (X \ synth (analz H) & Y \ synth (analz H))" by blast @@ -706,7 +702,7 @@ lemma Hash_synth_analz [simp]: "X \ synth (analz H) - ==> (Hash{|X,Y|} \ synth (analz H)) = (Hash{|X,Y|} \ analz H)" + ==> (Hash\X,Y\ \ synth (analz H)) = (Hash\X,Y\ \ analz H)" by blast @@ -742,11 +738,11 @@ by (simp add: HPair_def) lemma MPair_eq_HPair [iff]: - "({|X',Y'|} = Hash[X] Y) = (X' = Hash{|X,Y|} & Y'=Y)" + "(\X',Y'\ = Hash[X] Y) = (X' = Hash\X,Y\ & Y'=Y)" by (simp add: HPair_def) lemma HPair_eq_MPair [iff]: - "(Hash[X] Y = {|X',Y'|}) = (X' = Hash{|X,Y|} & Y'=Y)" + "(Hash[X] Y = \X',Y'\) = (X' = Hash\X,Y\ & Y'=Y)" by (auto simp add: HPair_def) @@ -757,18 +753,18 @@ lemma parts_insert_HPair [simp]: "parts (insert (Hash[X] Y) H) = - insert (Hash[X] Y) (insert (Hash{|X,Y|}) (parts (insert Y H)))" + insert (Hash[X] Y) (insert (Hash\X,Y\) (parts (insert Y H)))" by (simp add: HPair_def) lemma analz_insert_HPair [simp]: "analz (insert (Hash[X] Y) H) = - insert (Hash[X] Y) (insert (Hash{|X,Y|}) (analz (insert Y H)))" + insert (Hash[X] Y) (insert (Hash\X,Y\) (analz (insert Y H)))" by (simp add: HPair_def) lemma HPair_synth_analz [simp]: "X \ synth (analz H) ==> (Hash[X] Y \ synth (analz H)) = - (Hash {|X, Y|} \ analz H & Y \ synth (analz H))" + (Hash \X, Y\ \ analz H & Y \ synth (analz H))" by (auto simp add: HPair_def) @@ -814,14 +810,14 @@ | Number: "Number N \ keyfree" | Nonce: "Nonce N \ keyfree" | Hash: "Hash X \ keyfree" - | MPair: "[|X \ keyfree; Y \ keyfree|] ==> {|X,Y|} \ keyfree" + | MPair: "[|X \ keyfree; Y \ keyfree|] ==> \X,Y\ \ keyfree" | Crypt: "[|X \ keyfree|] ==> Crypt K X \ keyfree" declare keyfree.intros [intro] inductive_cases keyfree_KeyE: "Key K \ keyfree" -inductive_cases keyfree_MPairE: "{|X,Y|} \ keyfree" +inductive_cases keyfree_MPairE: "\X,Y\ \ keyfree" inductive_cases keyfree_CryptE: "Crypt K X \ keyfree" lemma parts_keyfree: "parts (keyfree) \ keyfree"