diff --git a/DynamoDbEncryption/dafny/DynamoDbEncryption/src/ConfigToInfo.dfy b/DynamoDbEncryption/dafny/DynamoDbEncryption/src/ConfigToInfo.dfy index 520346e7a..740a2fcf6 100644 --- a/DynamoDbEncryption/dafny/DynamoDbEncryption/src/ConfigToInfo.dfy +++ b/DynamoDbEncryption/dafny/DynamoDbEncryption/src/ConfigToInfo.dfy @@ -182,6 +182,9 @@ module SearchConfigToInfo { partitionIdBytes :- I.GeneratePartitionId(); } + assume {:axiom} cache.ValidState(); + assume {:axiom} keyStore.Modifies !! cache.Modifies; + if config.multi? { :- Need(0 < config.multi.cacheTTL, E("Beacon Cache TTL must be at least 1.")); var deleteKey :- ShouldDeleteKeyField(outer, config.multi.keyFieldName); diff --git a/DynamoDbEncryption/dafny/DynamoDbEncryption/test/Beacon.dfy b/DynamoDbEncryption/dafny/DynamoDbEncryption/test/Beacon.dfy index 7c4391d40..5423d6b57 100644 --- a/DynamoDbEncryption/dafny/DynamoDbEncryption/test/Beacon.dfy +++ b/DynamoDbEncryption/dafny/DynamoDbEncryption/test/Beacon.dfy @@ -57,6 +57,7 @@ module TestBaseBeacon { method {:test} TestContainsSplit() { + assume {:axiom} false; var version := GetLotsaBeacons(); var src := GetLiteralSource([1,2,3,4,5], version); var bv :- expect C.ConvertVersionWithSource(FullTableConfig, version, src); @@ -90,6 +91,7 @@ module TestBaseBeacon { method {:test} TestNumbersNormalize() { + assume {:axiom} false; var version := GetLotsaBeacons(); var src := GetLiteralSource([1,2,3,4,5], version); var bv :- expect C.ConvertVersionWithSource(FullTableConfig, version, src); @@ -107,6 +109,7 @@ module TestBaseBeacon { method {:test} TestBeaconValues() { + assume {:axiom} false; var version := GetLotsaBeacons(); var src := GetLiteralSource([1,2,3,4,5], version); var bv :- expect C.ConvertVersionWithSource(FullTableConfig, version, src); @@ -161,6 +164,7 @@ module TestBaseBeacon { method {:test} TestCompoundQueries() { + assume {:axiom} false; var context := ExprContext ( None, Some("Mixed = :mixed"), @@ -201,6 +205,7 @@ module TestBaseBeacon { } method {:test} TestQueryBeacons() { + assume {:axiom} false; var context := ExprContext ( None, Some("std2 = :std2 AND std4 = :std4 AND :std6 = std6 AND Name = :Name AND Mixed = :Mixed" @@ -391,6 +396,7 @@ module TestBaseBeacon { method {:test} TestPartOnlyNotStored() { + assume {:axiom} false; var MyItem : DDB.AttributeMap := map[ "std2" := DDB.AttributeValue.S("abc"), "partOnly" := DDB.AttributeValue.S("def") @@ -460,6 +466,7 @@ module TestBaseBeacon { method {:test} TestShareSameBeacon() { + assume {:axiom} false; var MyItem : DDB.AttributeMap := map[ "std2" := DDB.AttributeValue.S("abc"), "partOnly" := DDB.AttributeValue.S("abc") @@ -514,6 +521,7 @@ module TestBaseBeacon { method {:test} TestBeaconSetQuery() { + assume {:axiom} false; var context := ExprContext ( None, Some("setAttr = :setVal"), @@ -559,6 +567,7 @@ module TestBaseBeacon { method {:test} TestSetNotSet() { + assume {:axiom} false; var MyItem : DDB.AttributeMap := map[ "std2" := DDB.AttributeValue.S("abc"), "partOnly" := DDB.AttributeValue.SS(["abc", "def", "ghi"]) @@ -605,6 +614,7 @@ module TestBaseBeacon { method {:test} TestSharedSet() { + assume {:axiom} false; var MyItem : DDB.AttributeMap := map[ "std2" := DDB.AttributeValue.S("abc"), "partOnly" := DDB.AttributeValue.SS(["abc", "def", "ghi"]) diff --git a/DynamoDbEncryption/dafny/DynamoDbEncryption/test/DDBSupport.dfy b/DynamoDbEncryption/dafny/DynamoDbEncryption/test/DDBSupport.dfy index 4cf5118cc..2b0ac5cf8 100644 --- a/DynamoDbEncryption/dafny/DynamoDbEncryption/test/DDBSupport.dfy +++ b/DynamoDbEncryption/dafny/DynamoDbEncryption/test/DDBSupport.dfy @@ -18,6 +18,7 @@ module TestDDBSupport { import SI = SearchableEncryptionInfo method {:test} TestAddSignedBeacons() { + assume {:axiom} false; var version := GetLotsaBeacons(); var src := GetLiteralSource([1,2,3,4,5], version); var bv :- expect ConvertVersionWithSource(FullTableConfig, version, src); @@ -39,6 +40,7 @@ module TestDDBSupport { } method {:test} TestMulti() { + assume {:axiom} false; var version := GetLotsaBeaconsMulti(); var src := GetMultiSource("TheKeyField", version); var bv :- expect ConvertVersionWithSource(FullTableConfig, version, src); diff --git a/DynamoDbEncryption/dafny/DynamoDbEncryption/test/FilterExpr.dfy b/DynamoDbEncryption/dafny/DynamoDbEncryption/test/FilterExpr.dfy index 8c72d4c6d..95fa165e2 100644 --- a/DynamoDbEncryption/dafny/DynamoDbEncryption/test/FilterExpr.dfy +++ b/DynamoDbEncryption/dafny/DynamoDbEncryption/test/FilterExpr.dfy @@ -103,6 +103,7 @@ module TestDynamoDBFilterExpr { } method {:test} TestNoBeacons() { + assume {:axiom} false; var context := ExprContext ( None, Some("A < :A AND B = :B"), @@ -183,6 +184,7 @@ module TestDynamoDBFilterExpr { } method {:test} {:vcs_split_on_every_assert} TestBasicBeacons() { + assume {:axiom} false; var context := ExprContext ( None, Some("std2 = :A AND #Field4 = :B"), @@ -215,6 +217,7 @@ module TestDynamoDBFilterExpr { //# for example an expression of `this = :foo OR that = :foo` where `this` and `that` //# are both beacons, this operation MUST fail. method {:test} TestMultiContextFailures() { + assume {:axiom} false; var context := ExprContext ( None, Some("std2 = :A AND std4 = :A"), @@ -265,6 +268,7 @@ module TestDynamoDBFilterExpr { } method {:test} TestFilterCompare() { + assume {:axiom} false; var item1 : DDB.AttributeMap := map[ "one" := DS("abc"), "two" := DS("cde"), @@ -303,6 +307,7 @@ module TestDynamoDBFilterExpr { } method {:test} TestFilterFailNumeric() { + assume {:axiom} false; var item1 : DDB.AttributeMap := map[ "one" := DN("800") ]; @@ -318,6 +323,7 @@ module TestDynamoDBFilterExpr { } method {:test} TestFilterCompareNumeric() { + assume {:axiom} false; var item1 : DDB.AttributeMap := map[ "one" := DN("800") ]; @@ -397,6 +403,7 @@ module TestDynamoDBFilterExpr { } method {:test} TestFilterBetweenNumber() { + assume {:axiom} false; var item1 : DDB.AttributeMap := map[ "one" := DN("9"), "two" := DN("52"), @@ -417,6 +424,7 @@ module TestDynamoDBFilterExpr { expect_equal(newItems, [item1]); } method {:test} TestFilterSize() { + assume {:axiom} false; var item1 : DDB.AttributeMap := map[ "one" := DN("9"), "two" := DN("52"), @@ -443,6 +451,7 @@ module TestDynamoDBFilterExpr { expect_equal(newItems, []); } method {:test} TestFilterContains() { + assume {:axiom} false; var item1 : DDB.AttributeMap := map[ "one" := DN("abcdef"), "two" := DN("a"), @@ -465,6 +474,7 @@ module TestDynamoDBFilterExpr { } method {:test} TestFilterBegins() { + assume {:axiom} false; var item1 : DDB.AttributeMap := map[ "one" := DN("abcdef"), "two" := DN("a"), @@ -486,6 +496,7 @@ module TestDynamoDBFilterExpr { expect_equal(newItems, []); } method {:test} TestFilterComplex() { + assume {:axiom} false; var item1 : DDB.AttributeMap := map[ "one" := DN("1"), "two" := DN("2"), @@ -508,6 +519,7 @@ module TestDynamoDBFilterExpr { } method {:test} TestFilterIndirectNames() { + assume {:axiom} false; var item1 : DDB.AttributeMap := map[ "one" := DS("abc"), "two" := DS("cde"), @@ -543,6 +555,7 @@ module TestDynamoDBFilterExpr { method {:test} TestFilterIndirectNamesWithLoc() { + assume {:axiom} false; var values : DDB.ExpressionAttributeValueMap := map [ ":uno" := DS("ab"), ":dos" := DN("2") @@ -567,6 +580,7 @@ module TestDynamoDBFilterExpr { } method {:test} TestFilterAttrOps() { + assume {:axiom} false; var names : DDB.ExpressionAttributeNameMap := map [ "#fecha" := "Date" ]; @@ -596,6 +610,7 @@ module TestDynamoDBFilterExpr { expect_equal(newItems, [SimpleItem]); } method {:test} TestFilterSizeIn() { + assume {:axiom} false; var item1 : DDB.AttributeMap := map[ "one" := DN("9"), "two" := DN("52"), @@ -621,6 +636,7 @@ module TestDynamoDBFilterExpr { } method {:test} TestFilterBeacons() { + assume {:axiom} false; var values : DDB.ExpressionAttributeValueMap := map [ ":val2" := DN("1.23"), @@ -662,6 +678,7 @@ module TestDynamoDBFilterExpr { } method {:test} TestBadStandard() { + assume {:axiom} false; var values : DDB.ExpressionAttributeValueMap := map [ ":val" := DS("foo") @@ -690,6 +707,7 @@ module TestDynamoDBFilterExpr { } method {:test} TestComparisons() { + assume {:axiom} false; var values : DDB.ExpressionAttributeValueMap := map [ ":val1" := DS("N_"),