# HG changeset patch # User paulson # Date 1665672549 -3600 # Node ID b82ac7ef65ecfa97c2b73727cf73a2ea5376dd4c # Parent cdc14f94c7548b6f59652ccff03d3105bc172691 Removal of the "unfold" method in favour of "unfolding" diff -r cdc14f94c754 -r b82ac7ef65ec src/HOL/Auth/Guard/Extensions.thy --- a/src/HOL/Auth/Guard/Extensions.thy Thu Oct 13 15:38:32 2022 +0100 +++ b/src/HOL/Auth/Guard/Extensions.thy Thu Oct 13 15:49:09 2022 +0100 @@ -306,7 +306,7 @@ "one_step p == \evs ev. ev#evs \ p \ evs \ p" lemma one_step_Cons [dest]: "\one_step p; ev#evs \ p\ \ evs \ p" -by (unfold one_step_def, blast) + unfolding one_step_def by (blast) lemma one_step_app: "\evs@evs' \ p; one_step p; [] \ p\ \ evs' \ p" by (induct evs, auto) @@ -320,7 +320,7 @@ lemma has_only_SaysD: "\ev \ set evs; evs \ p; has_only_Says p\ \ \A B X. ev = Says A B X" -by (unfold has_only_Says_def, blast) + unfolding has_only_Says_def by (blast) lemma in_has_only_Says [dest]: "\has_only_Says p; evs \ p; ev \ set evs\ \ \A B X. ev = Says A B X" diff -r cdc14f94c754 -r b82ac7ef65ec src/HOL/Auth/Guard/Guard_NS_Public.thy --- a/src/HOL/Auth/Guard/Guard_NS_Public.thy Thu Oct 13 15:38:32 2022 +0100 +++ b/src/HOL/Auth/Guard/Guard_NS_Public.thy Thu Oct 13 15:49:09 2022 +0100 @@ -64,7 +64,7 @@ by (auto simp: Gets_correct_def dest: nsp_has_no_Gets) lemma nsp_is_one_step [iff]: "one_step nsp" -by (unfold one_step_def, clarify, ind_cases "ev#evs \ nsp" for ev evs, auto) + unfolding one_step_def by (clarify, ind_cases "ev#evs \ nsp" for ev evs, auto) lemma nsp_has_only_Says' [rule_format]: "evs \ nsp \ ev \ set evs \ (\A B X. ev=Says A B X)" diff -r cdc14f94c754 -r b82ac7ef65ec src/HOL/Auth/Guard/Guard_OtwayRees.thy --- a/src/HOL/Auth/Guard/Guard_OtwayRees.thy Thu Oct 13 15:38:32 2022 +0100 +++ b/src/HOL/Auth/Guard/Guard_OtwayRees.thy Thu Oct 13 15:49:09 2022 +0100 @@ -89,7 +89,7 @@ by (auto simp: Gets_correct_def dest: or_has_no_Gets) lemma or_is_one_step [iff]: "one_step or" -by (unfold one_step_def, clarify, ind_cases "ev#evs \ or" for ev evs, auto) + unfolding one_step_def by (clarify, ind_cases "ev#evs \ or" for ev evs, auto) lemma or_has_only_Says' [rule_format]: "evs \ or \ ev \ set evs \ (\A B X. ev=Says A B X)" diff -r cdc14f94c754 -r b82ac7ef65ec src/HOL/Auth/Guard/Guard_Yahalom.thy --- a/src/HOL/Auth/Guard/Guard_Yahalom.thy Thu Oct 13 15:38:32 2022 +0100 +++ b/src/HOL/Auth/Guard/Guard_Yahalom.thy Thu Oct 13 15:49:09 2022 +0100 @@ -80,7 +80,7 @@ by (auto simp: Gets_correct_def dest: ya_has_no_Gets) lemma ya_is_one_step [iff]: "one_step ya" -by (unfold one_step_def, clarify, ind_cases "ev#evs \ ya" for ev evs, auto) + unfolding one_step_def by (clarify, ind_cases "ev#evs \ ya" for ev evs, auto) lemma ya_has_only_Says' [rule_format]: "evs \ ya \ ev \ set evs \ (\A B X. ev=Says A B X)" diff -r cdc14f94c754 -r b82ac7ef65ec src/HOL/Auth/Guard/P1.thy --- a/src/HOL/Auth/Guard/P1.thy Thu Oct 13 15:38:32 2022 +0100 +++ b/src/HOL/Auth/Guard/P1.thy Thu Oct 13 15:49:09 2022 +0100 @@ -354,7 +354,7 @@ by (auto simp: Gets_correct_def dest: p1_has_no_Gets) lemma p1_is_one_step [iff]: "one_step p1" -by (unfold one_step_def, clarify, ind_cases "ev#evs \ p1" for ev evs, auto) + unfolding one_step_def by (clarify, ind_cases "ev#evs \ p1" for ev evs, auto) lemma p1_has_only_Says' [rule_format]: "evs \ p1 \ ev \ set evs \ (\A B X. ev=Says A B X)" diff -r cdc14f94c754 -r b82ac7ef65ec src/HOL/Auth/Guard/P2.thy --- a/src/HOL/Auth/Guard/P2.thy Thu Oct 13 15:38:32 2022 +0100 +++ b/src/HOL/Auth/Guard/P2.thy Thu Oct 13 15:49:09 2022 +0100 @@ -265,7 +265,7 @@ by (auto simp: Gets_correct_def dest: p2_has_no_Gets) lemma p2_is_one_step [iff]: "one_step p2" -by (unfold one_step_def, clarify, ind_cases "ev#evs \ p2" for ev evs, auto) + unfolding one_step_def by (clarify, ind_cases "ev#evs \ p2" for ev evs, auto) lemma p2_has_only_Says' [rule_format]: "evs \ p2 \ ev \ set evs \ (\A B X. ev=Says A B X)" diff -r cdc14f94c754 -r b82ac7ef65ec src/HOL/Auth/Guard/Proto.thy --- a/src/HOL/Auth/Guard/Proto.thy Thu Oct 13 15:38:32 2022 +0100 +++ b/src/HOL/Auth/Guard/Proto.thy Thu Oct 13 15:49:09 2022 +0100 @@ -164,12 +164,12 @@ lemma freshD: "fresh p R s n Ks evs \ (\evs1 evs2. evs = evs2 @ ap' s R # evs1 \ Nonce n \ used evs1 \ R \ p \ ok evs1 R s \ Nonce n \ parts {apm' s R} \ apm' s R \ guard n Ks)" -by (unfold fresh_def, blast) + unfolding fresh_def by (blast) lemma freshI [intro]: "\Nonce n \ used evs1; R \ p; Nonce n \ parts {apm' s R}; ok evs1 R s; apm' s R \ guard n Ks\ \ fresh p R s n Ks (list @ ap' s R # evs1)" -by (unfold fresh_def, blast) + unfolding fresh_def by (blast) lemma freshI': "\Nonce n \ used evs1; (l,r) \ p; Nonce n \ parts {apm s (msg r)}; ok evs1 (l,r) s; apm s (msg r) \ guard n Ks\ @@ -220,10 +220,10 @@ "safe Ks G \ \K. K \ Ks \ Key K \ analz G" lemma safeD [dest]: "\safe Ks G; K \ Ks\ \ Key K \ analz G" -by (unfold safe_def, blast) + unfolding safe_def by (blast) lemma safe_insert: "safe Ks (insert X G) \ safe Ks G" -by (unfold safe_def, blast) + unfolding safe_def by (blast) lemma Guard_safe: "\Guard n Ks G; safe Ks G\ \ Nonce n \ analz G" by (blast dest: Guard_invKey) @@ -238,7 +238,7 @@ lemma preservD: "\preserv p keys n Ks; evs \ tr p; Guard n Ks (spies evs); safe Ks (spies evs); fresh p R' s' n Ks evs; R \ p; ok evs R s; keys R' s' n evs \ Ks\ \ apm' s R \ guard n Ks" -by (unfold preserv_def, blast) + unfolding preserv_def by (blast) lemma preservD': "\preserv p keys n Ks; evs \ tr p; Guard n Ks (spies evs); safe Ks (spies evs); fresh p R' s' n Ks evs; (l,Says A B X) \ p; @@ -253,7 +253,7 @@ lemma monotonD [dest]: "\keys R' s' n (ev # evs) \ Ks; monoton p keys; ev # evs \ tr p\ \ keys R' s' n evs \ Ks" -by (unfold monoton_def, blast) + unfolding monoton_def by (blast) subsection\guardedness theorem\ @@ -328,13 +328,13 @@ secret R n s Ks \ parts (spies evs); secret R' n' s' Ks \ parts (spies evs); apm' s R \ guard (nonce s n) Ks; apm' s' R' \ guard (nonce s n) Ks\ \ secret R n s Ks = secret R' n' s' Ks" -by (unfold uniq_def, blast) + unfolding uniq_def by (blast) definition ord :: "proto \ (rule \ rule \ bool) \ bool" where "ord p inff \ \R R'. R \ p \ R' \ p \ \ inff R R' \ inff R' R" lemma ordD: "\ord p inff; \ inff R R'; R \ p; R' \ p\ \ inff R' R" -by (unfold ord_def, blast) + unfolding ord_def by (blast) definition uniq' :: "proto \ (rule \ rule \ bool) \ secfun \ bool" where "uniq' p inff secret \ \evs R R' n n' Ks s s'. R \ p \ R' \ p \ diff -r cdc14f94c754 -r b82ac7ef65ec src/HOL/Auth/KerberosIV.thy --- a/src/HOL/Auth/KerberosIV.thy Thu Oct 13 15:38:32 2022 +0100 +++ b/src/HOL/Auth/KerberosIV.thy Thu Oct 13 15:49:09 2022 +0100 @@ -304,27 +304,27 @@ ev \ Says Kas A (Crypt (shrK A) \akey, Agent Peer, Ta, (Crypt (shrK Peer) \Agent A, Agent Peer, akey, Ta\)\)) \ authKeys (ev # evs) = authKeys evs" -by (unfold authKeys_def, auto) + unfolding authKeys_def by (auto) lemma authKeys_insert: "authKeys (Says Kas A (Crypt (shrK A) \Key K, Agent Peer, Number Ta, (Crypt (shrK Peer) \Agent A, Agent Peer, Key K, Number Ta\)\) # evs) = insert K (authKeys evs)" -by (unfold authKeys_def, auto) + unfolding authKeys_def by (auto) lemma authKeys_simp: "K \ authKeys (Says Kas A (Crypt (shrK A) \Key K', Agent Peer, Number Ta, (Crypt (shrK Peer) \Agent A, Agent Peer, Key K', Number Ta\)\) # evs) \ K = K' | K \ authKeys evs" -by (unfold authKeys_def, auto) + unfolding authKeys_def by (auto) lemma authKeysI: "Says Kas A (Crypt (shrK A) \Key K, Agent Tgs, Number Ta, (Crypt (shrK Tgs) \Agent A, Agent Tgs, Key K, Number Ta\)\) \ set evs \ K \ authKeys evs" -by (unfold authKeys_def, auto) + unfolding authKeys_def by (auto) lemma authKeys_used: "K \ authKeys evs \ Key K \ used evs" by (simp add: authKeys_def, blast) @@ -1044,7 +1044,7 @@ (with respect to a given trace). *) lemma Serv_fresh_not_AKcryptSK: "Key servK \ used evs \ \ AKcryptSK authK servK evs" -by (unfold AKcryptSK_def, blast) + unfolding AKcryptSK_def by (blast) lemma authK_not_AKcryptSK: "\ Crypt (shrK Tgs) \Agent A, Agent Tgs, Key authK, tk\ diff -r cdc14f94c754 -r b82ac7ef65ec src/HOL/Auth/KerberosIV_Gets.thy --- a/src/HOL/Auth/KerberosIV_Gets.thy Thu Oct 13 15:38:32 2022 +0100 +++ b/src/HOL/Auth/KerberosIV_Gets.thy Thu Oct 13 15:49:09 2022 +0100 @@ -270,27 +270,27 @@ ev \ Says Kas A (Crypt (shrK A) \akey, Agent Peer, Ta, (Crypt (shrK Peer) \Agent A, Agent Peer, akey, Ta\)\)) \ authKeys (ev # evs) = authKeys evs" -by (unfold authKeys_def, auto) + unfolding authKeys_def by (auto) lemma authKeys_insert: "authKeys (Says Kas A (Crypt (shrK A) \Key K, Agent Peer, Number Ta, (Crypt (shrK Peer) \Agent A, Agent Peer, Key K, Number Ta\)\) # evs) = insert K (authKeys evs)" -by (unfold authKeys_def, auto) + unfolding authKeys_def by (auto) lemma authKeys_simp: "K \ authKeys (Says Kas A (Crypt (shrK A) \Key K', Agent Peer, Number Ta, (Crypt (shrK Peer) \Agent A, Agent Peer, Key K', Number Ta\)\) # evs) \ K = K' | K \ authKeys evs" -by (unfold authKeys_def, auto) + unfolding authKeys_def by (auto) lemma authKeysI: "Says Kas A (Crypt (shrK A) \Key K, Agent Tgs, Number Ta, (Crypt (shrK Tgs) \Agent A, Agent Tgs, Key K, Number Ta\)\) \ set evs \ K \ authKeys evs" -by (unfold authKeys_def, auto) + unfolding authKeys_def by (auto) lemma authKeys_used: "K \ authKeys evs \ Key K \ used evs" by (simp add: authKeys_def, blast) @@ -905,7 +905,7 @@ (with respect to a given trace). *) lemma Serv_fresh_not_AKcryptSK: "Key servK \ used evs \ \ AKcryptSK authK servK evs" -by (unfold AKcryptSK_def, blast) + unfolding AKcryptSK_def by (blast) lemma authK_not_AKcryptSK: "\ Crypt (shrK Tgs) \Agent A, Agent Tgs, Key authK, tk\ diff -r cdc14f94c754 -r b82ac7ef65ec src/HOL/Auth/Message.thy --- a/src/HOL/Auth/Message.thy Thu Oct 13 15:38:32 2022 +0100 +++ b/src/HOL/Auth/Message.thy Thu Oct 13 15:49:09 2022 +0100 @@ -14,7 +14,7 @@ (*Needed occasionally with spy_analz_tac, e.g. in analz_insert_Key_newK*) lemma [simp] : "A \ (B \ A) = B \ A" -by blast + by blast type_synonym key = nat @@ -78,72 +78,72 @@ text\Monotonicity\ +lemma parts_mono_aux: "\G \ H; x \ parts G\ \ x \ parts H" + by (erule parts.induct) (auto dest: parts.Fst parts.Snd parts.Body) + lemma parts_mono: "G \ H \ parts(G) \ parts(H)" -apply auto -apply (erule parts.induct) -apply (blast dest: parts.Fst parts.Snd parts.Body)+ -done + using parts_mono_aux by blast text\Equations hold because constructors are injective.\ lemma Friend_image_eq [simp]: "(Friend x \ Friend`A) = (x\A)" -by auto + by auto lemma Key_image_eq [simp]: "(Key x \ Key`A) = (x\A)" -by auto + by auto lemma Nonce_Key_image_eq [simp]: "(Nonce x \ Key`A)" -by auto + by auto subsubsection\Inverse of keys\ lemma invKey_eq [simp]: "(invKey K = invKey K') = (K=K')" -by (metis invKey) + by (metis invKey) subsection\keysFor operator\ lemma keysFor_empty [simp]: "keysFor {} = {}" -by (unfold keysFor_def, blast) + unfolding keysFor_def by (blast) lemma keysFor_Un [simp]: "keysFor (H \ H') = keysFor H \ keysFor H'" -by (unfold keysFor_def, blast) + unfolding keysFor_def by (blast) lemma keysFor_UN [simp]: "keysFor (\i\A. H i) = (\i\A. keysFor (H i))" -by (unfold keysFor_def, blast) + unfolding keysFor_def by (blast) text\Monotonicity\ lemma keysFor_mono: "G \ H \ keysFor(G) \ keysFor(H)" -by (unfold keysFor_def, blast) + unfolding keysFor_def by (blast) lemma keysFor_insert_Agent [simp]: "keysFor (insert (Agent A) H) = keysFor H" -by (unfold keysFor_def, auto) + unfolding keysFor_def by (auto) lemma keysFor_insert_Nonce [simp]: "keysFor (insert (Nonce N) H) = keysFor H" -by (unfold keysFor_def, auto) + unfolding keysFor_def by (auto) lemma keysFor_insert_Number [simp]: "keysFor (insert (Number N) H) = keysFor H" -by (unfold keysFor_def, auto) + unfolding keysFor_def by (auto) lemma keysFor_insert_Key [simp]: "keysFor (insert (Key K) H) = keysFor H" -by (unfold keysFor_def, auto) + unfolding keysFor_def by (auto) lemma keysFor_insert_Hash [simp]: "keysFor (insert (Hash X) H) = keysFor H" -by (unfold keysFor_def, auto) + unfolding keysFor_def by (auto) lemma keysFor_insert_MPair [simp]: "keysFor (insert \X,Y\ H) = keysFor H" -by (unfold keysFor_def, auto) + unfolding keysFor_def by (auto) lemma keysFor_insert_Crypt [simp]: "keysFor (insert (Crypt K X) H) = insert (invKey K) (keysFor H)" -by (unfold keysFor_def, auto) + unfolding keysFor_def by (auto) lemma keysFor_image_Key [simp]: "keysFor (Key`E) = {}" -by (unfold keysFor_def, auto) + unfolding keysFor_def by (auto) lemma Crypt_imp_invKey_keysFor: "Crypt K X \ H \ invKey K \ keysFor H" -by (unfold keysFor_def, blast) + unfolding keysFor_def by (blast) subsection\Inductive relation "parts"\ @@ -627,7 +627,7 @@ lemma keysFor_synth [simp]: "keysFor (synth H) = keysFor H \ invKey`{K. Key K \ H}" -by (unfold keysFor_def, blast) + unfolding keysFor_def by (blast) subsubsection\Combinations of parts, analz and synth\ diff -r cdc14f94c754 -r b82ac7ef65ec src/HOL/Auth/Public.thy --- a/src/HOL/Auth/Public.thy Thu Oct 13 15:38:32 2022 +0100 +++ b/src/HOL/Auth/Public.thy Thu Oct 13 15:49:09 2022 +0100 @@ -95,7 +95,7 @@ by blast lemma symKeys_invKey_iff [iff]: "(invKey K \ symKeys) = (K \ symKeys)" -by (unfold symKeys_def, auto) + unfolding symKeys_def by (auto) lemma analz_symKeys_Decrypt: "\Crypt K X \ analz H; K \ symKeys; Key K \ analz H\ diff -r cdc14f94c754 -r b82ac7ef65ec src/HOL/Auth/Yahalom.thy --- a/src/HOL/Auth/Yahalom.thy Thu Oct 13 15:38:32 2022 +0100 +++ b/src/HOL/Auth/Yahalom.thy Thu Oct 13 15:49:09 2022 +0100 @@ -332,7 +332,7 @@ "Says Server A \Crypt (shrK A) \Agent B, Key K, na, Nonce NB\, X\ \ set evs \ KeyWithNonce K NB evs" -by (unfold KeyWithNonce_def, blast) + unfolding KeyWithNonce_def by (blast) lemma KeyWithNonce_Says [simp]: "KeyWithNonce K NB (Says S A X # evs) = @@ -354,7 +354,7 @@ (with respect to a given trace).\ lemma fresh_not_KeyWithNonce: "Key K \ used evs \ \ KeyWithNonce K NB evs" -by (unfold KeyWithNonce_def, blast) + unfolding KeyWithNonce_def by (blast) text\The Server message associates K with NB' and therefore not with any other nonce NB.\ @@ -363,7 +363,7 @@ \ set evs; NB \ NB'; evs \ yahalom\ \ \ KeyWithNonce K NB evs" -by (unfold KeyWithNonce_def, blast dest: unique_session_keys) + unfolding KeyWithNonce_def by (blast dest: unique_session_keys) text\The only nonces that can be found with the help of session keys are