@@ -971,6 +971,17 @@ module AwsCryptographyDbEncryptionSdkStructuredEncryptionOperations refines Abst
971971 reveal CryptoUpdatedAuth ();
972972 }
973973
974+ // = specification/structured-encryption/decrypt-path-structure.md#construct-decrypted-structured-data
975+ // = type=implication
976+ // # - An entry MUST NOT exist with the key "aws_dbe_head" or "aws_dbe_foot".
977+ lemma DecryptPathRemovesHeaders (origData : AuthList , finalData : CryptoList )
978+ requires DecryptPathFinal (origData, finalData)
979+ ensures ! exists x :: x in finalData && x. key == HeaderPath
980+ ensures ! exists x :: x in finalData && x. key == FooterPath
981+ {
982+ reveal DecryptPathFinal ();
983+ }
984+
974985 method {:vcs_split_on_every_assert} DecryptPathStructure (config: InternalConfig , input: DecryptPathStructureInput )
975986 returns (output: Result< DecryptPathStructureOutput, Error> )
976987
@@ -1017,17 +1028,10 @@ module AwsCryptographyDbEncryptionSdkStructuredEncryptionOperations refines Abst
10171028 // # according to the [header format](./header.md).
10181029 && Header. PartialDeserialize (headerSerialized.value). Success?
10191030
1020- // = specification/structured-encryption/decrypt-path-structure.md#construct-decrypted-structured-data
1021- // = type=implication
1022- // # - An entry MUST NOT exist with the key "aws_dbe_head" or "aws_dbe_foot".
1023- && (! exists x :: x in output. value. plaintextStructure && x. key == HeaderPath)
1024- && (! exists x :: x in output. value. plaintextStructure && x. key == FooterPath)
1025-
10261031 // = specification/structured-encryption/decrypt-path-structure.md#auth-list
10271032 // = type=implication
10281033 // # The Auth List MUST NOT contain duplicate Paths.
10291034 && AuthListHasNoDuplicatesFromSet (input.encryptedStructure)
1030-
10311035 {
10321036 :- Need (exists x :: (x in input.encryptedStructure && x.action == SIGN), E ("At least one Authenticate Action must be SIGN"));
10331037
0 commit comments