feat: correct unicode less than (#609)

* feat: correct unicode less than

Author: ajewellamz

DynamoDbEncryption/dafny/DynamoDbEncryption/src/FilterExpr.dfy

@@ -1262,19 +1262,41 @@ module DynamoDBFilterExpr {
     case _ => Failure(E("invalid op in apply_binary_bool"))
   }
 
-  predicate method LexicographicLess<T(==)>(a: seq<T>, b: seq<T>, less: (T, T) -> bool)
+  predicate method IsHighSurrogate(ch : char)
   {
-    !LexicographicLessOrEqual(b, a, less)
+    0xd800 as char <= ch <= 0xdbff as char
   }
 
-  predicate method LexicographicGreater<T(==)>(a: seq<T>, b: seq<T>, less: (T, T) -> bool)
+  // If no surrogates are involved, comparison is normal
+  // If only surrogates are involved, comparison is normal
+  // if one surrogate is involved, the surrogate is larger
+  // results undefined if not valid UTF16 encodings, but the idea of 'less' is also undefined for invalid encodings.
+  predicate method {:tailrecursion} UnicodeLess(a : string, b : string)
   {
-    !LexicographicLessOrEqual(a, b, less)
+    if |a| == 0 && |b| == 0 then
+      false
+    else if |a| == 0 then
+      true
+    else if |b| == 0 then
+      false
+    else
+      if a[0] == b[0] then
+        UnicodeLess(a[1..], b[1..]) // correct independent of surrogate status
+      else
+        var aIsHighSurrogate := IsHighSurrogate(a[0]);
+        var bIsHighSurrogate := IsHighSurrogate(b[0]);
+        if aIsHighSurrogate == bIsHighSurrogate then
+          a[0] < b[0]
+        else
+          bIsHighSurrogate
+          // we know aIsHighSurrogate != bIsHighSurrogate and a[0] != b[0]
+          // so if bIsHighSurrogate then a is less
+          // and if aIsHighSurrogate then a is greater
   }
 
-  predicate method LexicographicGreaterOrEqual<T(==)>(a: seq<T>, b: seq<T>, less: (T, T) -> bool)
+  predicate method UnicodeLessOrEqual(a : string, b : string)
   {
-    LexicographicLessOrEqual(b, a, less)
+    !UnicodeLess(b, a)
   }
 
   function method CompareFloat(x : string, y : string) : Result<FloatCompare.CompareType, Error>
@@ -1305,7 +1327,7 @@ module DynamoDBFilterExpr {
       var ret :- CompareFloat(a.N, b.N);
       Success(ret <= 0)
     else if a.S? && b.S? then
-      Success(LexicographicLessOrEqual(a.S, b.S, CharLess))
+      Success(UnicodeLessOrEqual(a.S, b.S))
     else if a.B? && b.B? then
       Success(LexicographicLessOrEqual(a.B, b.B, ByteLess))
     else

DynamoDbEncryption/dafny/DynamoDbEncryption/test/FilterExpr.dfy

@@ -29,6 +29,32 @@ module TestDynamoDBFilterExpr {
     expect does_contain(haystack, needle) == negate;
   }
 
+  method {:test} UnicodeLessTest() {
+    // A..F must be strictly increasing
+    var A := "A";
+    var B := "퀀"; // Ud000"
+    var C := "﹌"; // Ufe4c"
+    var D := "𐀁"; // U10001
+    var E := "𐀂"; // U10002 - same high surrogate as D
+    var F := "𠀂"; // U20002 - different high surrogate as D
+    assert |A| == 1;
+    assert |B| == 1;
+    assert |C| == 1;
+    assert |D| == 2;
+    assert |E| == 2;
+    assert |F| == 2;
+
+    // strings in strs must be strictly increasing
+    var strs := [A+B+C+D, B+C, C+D, D+C, D+C+B+A, E+D, F+D];
+
+    for i := 0 to |strs| {
+      for j := 0 to |strs| {
+        expect ((i < j) == UnicodeLess(strs[i], strs[j]));
+        expect ((i <= j) == !UnicodeLess(strs[j], strs[i]));
+      }
+    }
+  }
+
   method {:test} LowLevelTests() {
     expect_equal(ParseExpr("and"), [And]);
     expect_equal(ParseExpr("  AnD   "), [And]);

TestVectors/dafny/DDBEncryption/src/TestVectors.dfy

@@ -28,7 +28,6 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
   import JSON.API
   import opened JSONHelpers
   import Norm = DynamoDbNormalizeNumber
-
   import Types = AwsCryptographyDbEncryptionSdkDynamoDbTypes
   import DDB = ComAmazonawsDynamodbTypes
   import Filter = DynamoDBFilterExpr
@@ -37,10 +36,15 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
   import KeyMaterial
   import UTF8
   import KeyVectorsTypes = AwsCryptographyMaterialProvidersTestVectorKeysTypes
+  import CMP = AwsCryptographyMaterialProvidersTypes
   import KeyVectors
   import CreateInterceptedDDBClient
   import SortedSets
   import Seq
+  import SI = SearchableEncryptionInfo
+  import MaterialProviders
+  import MPT = AwsCryptographyMaterialProvidersTypes
+  import Aws.Cryptography.Primitives
 
   predicate IsValidInt32(x: int)  { -0x8000_0000 <= x < 0x8000_0000}
   type ConfigName = string
@@ -121,7 +125,8 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
     configsForModTest : PairList,
     writeTests : seq<WriteTest>,
     roundTripTests : seq<RoundTripTest>,
-    decryptTests : seq<DecryptTest>
+    decryptTests : seq<DecryptTest>,
+    strings : seq<string>
   ) {
 
     method RunAllTests()
@@ -137,13 +142,15 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
       print |ioTests|, " ioTests.\n";
       print |configsForIoTest|, " configsForIoTest.\n";
       print |configsForModTest|, " configsForModTest.\n";
+      print |strings|, " strings.\n";
       if |roundTripTests| != 0 {
         print |roundTripTests[0].configs|, " configs and ", |roundTripTests[0].records|, " records for round trip.\n";
       }
       if |roundTripTests| > 1 {
         print |roundTripTests[1].configs|, " configs and ", |roundTripTests[1].records|, " records for round trip.\n";
       }
       Validate();
+      StringOrdering();
       BasicIoTest();
       RunIoTests();
       BasicQueryTest();
@@ -156,6 +163,35 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
       DeleteTable(client);
     }
 
+    function NewOrderRecord(i : nat, str : string) : Record
+    {
+      var n := String.Base10Int2String(i);
+      var m : DDB.AttributeMap := map[HashName := DDB.AttributeValue.N(n), "StrValue" := DDB.AttributeValue.S(str)];
+      Record(i, m)
+    }
+
+    method StringOrdering() {
+      print "StringOrdering\n";
+      var client :- expect CreateInterceptedDDBClient.CreateVanillaDDBClient();
+      var records : seq<Record> := [];
+      for i := 0 to |strings| {
+        records := records + [NewOrderRecord(i, strings[i])];
+      }
+      WriteAllRecords(client, records);
+      var subRecords := Seq.Map((r : Record) => r.item, records);
+      var ops := ["<", "<=", ">", ">=", "=", "<>"];
+      for i := 0 to |strings| {
+        for j := 0 to |ops| {
+          var expr := Some("StrValue " + ops[j] + " :val");
+          var vals := Some(map[":val" := DDB.AttributeValue.S(strings[i])]);
+          var query := SimpleQuery(None, None, expr, []);
+          var items1 := FullScan(client, query, Some(map[]), vals);
+          var bv :- expect GetFakeBeaconVersion();
+          var items2 :- expect Filter.FilterResults(bv, subRecords, None, expr, None, vals);
+          CompareRecordsDisordered2(items1, items2);
+        }
+      }
+    }
 
     method Validate() {
       var bad := false;
@@ -531,7 +567,11 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
       }
     }
 
-    method OneRoundTripTest(client : DDB.IDynamoDBClient, record : Record) {
+    method OneRoundTripTest(client : DDB.IDynamoDBClient, record : Record)
+      requires client.ValidState()
+      ensures client.ValidState()
+      modifies client.Modifies
+    {
       var putInput := DDB.PutItemInput(
         TableName := TableName,
         Item := record.item,
@@ -545,7 +585,7 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
         ExpressionAttributeValues := None
       );
       var _ :-  expect client.PutItem(putInput);
-
+      expect HashName in record.item;
       var getInput := DDB.GetItemInput(
         TableName := TableName,
         Key := map[HashName := record.item[HashName]],
@@ -772,6 +812,19 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
       }
       expect !bad;
     }
+    method CompareRecordsDisordered2(expected : DDB.ItemList, actual : DDB.ItemList)
+    {
+      expect |expected| == |actual|;
+      var bad := false;
+      for i := 0 to |expected| {
+        var found := FindMatchingRecord(expected[i], actual);
+        if !found {
+          print "Did not find result for record ", expected[i], "\n";
+          bad := true;
+        }
+      }
+      expect !bad;
+    }
 
     method BasicIoTestScan(client : DDB.IDynamoDBClient, records : seq<Record>)
       requires client.ValidState()
@@ -863,9 +916,11 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
           var asSet := Seq.ToSet(s);
           DDB.AttributeValue.BS(SortedSets.ComputeSetToOrderedSequence2(asSet, ByteLess))
         case L(list) =>
-            DDB.AttributeValue.L(Seq.Map(n => Normalize(n), list))
+          // for some reason, Seq.Map() fails for verify, even when revealed
+          var value := seq(|list|, i requires 0 <= i < |list| => Normalize(list[i]));
+          DDB.AttributeValue.L(value)
         case M(m) =>
-            DDB.AttributeValue.M(map k <- m :: k := Normalize(m[k]))
+          DDB.AttributeValue.M(map k <- m :: k := Normalize(m[k]))
         case _ => value
       }
     }
@@ -1047,7 +1102,7 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
 
   function MakeEmptyTestVector() : TestVectorConfig
   {
-    TestVectorConfig(MakeCreateTableInput(), [], map[], [], map[], map[], [], [], [], [], [], [], [], [])
+    TestVectorConfig(MakeCreateTableInput(), [], map[], [], map[], map[], [], [], [], [], [], [], [], [], [])
   }
 
   method ParseTestVector(data : JSON, prev : TestVectorConfig) returns (output : Result<TestVectorConfig, string>)
@@ -1067,6 +1122,7 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
     var writeTests : seq<WriteTest> := [];
     var roundTripTests : seq<RoundTripTest> := [];
     var decryptTests : seq<DecryptTest> := [];
+    var strings : seq<string> := [];
 
     for i := 0 to |data.obj| {
       match data.obj[i].0 {
@@ -1084,6 +1140,7 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
         case "WriteTests" => writeTests :- GetWriteTests(data.obj[i].1);
         case "RoundTripTest" => roundTripTests :- GetRoundTripTests(data.obj[i].1);
         case "DecryptTests" => decryptTests :- GetDecryptTests(data.obj[i].1);
+        case "Strings" => strings :- GetStrings(data.obj[i].1);
         case _ => return Failure("Unexpected top level tag " + data.obj[i].0);
       }
     }
@@ -1104,7 +1161,8 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
         configsForModTest := prev.configsForModTest + queryPairs,
         writeTests := prev.writeTests + writeTests,
         roundTripTests := prev.roundTripTests + roundTripTests,
-        decryptTests := prev.decryptTests + decryptTests
+        decryptTests := prev.decryptTests + decryptTests,
+        strings := prev.strings + strings
       )
     );
   }
@@ -1207,6 +1265,10 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
   method GetOneTableConfig(name : string, data : JSON) returns (output : Result<TableConfig, string>)
   {
     :- Need(data.Object?, "A Table Config must be an object.");
+    var logicalTableName := TableName;
+    var partitionKeyName : DDB.KeySchemaAttributeName := HashName;
+    var sortKeyName : Option<DDB.KeySchemaAttributeName> := None;
+    var algorithmSuiteId : Option<CMP.DBEAlgorithmSuiteId> := None;
     var encrypt : seq<string>  := [];
     var attributeActionsOnEncrypt : Types.AttributeActions  := map[];
     var allowed : seq<DDB.AttributeName>  := [];
@@ -1216,13 +1278,47 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
     var virtualFields : seq<Types.VirtualField> := [];
     var keySource : Option<Types.BeaconKeySource> := None;
     var search : Option<Types.SearchConfig> := None;
+    var legacyOverride: Option<Types.LegacyOverride> := None;
+    var plaintextOverride: Option<Types.PlaintextOverride> := None;
 
     for i := 0 to |data.obj| {
       var obj := data.obj[i];
       match obj.0 {
+        case "logicalTableName" =>
+          :- Need(obj.1.String?, "logicalTableName must be of type String.");
+          logicalTableName := obj.1.str;
+        case "partitionKeyName" =>
+          :- Need(obj.1.String?, "partitionKeyName must be of type String.");
+          :- Need(DDB.IsValid_KeySchemaAttributeName(obj.1.str), "partitionKeyName '" + obj.1.str + "' is not a valid KeySchemaAttributeName.");
+          partitionKeyName := obj.1.str;
+        case "sortKeyName" =>
+          :- Need(obj.1.String?, "sortKeyName must be of type String.");
+          :- Need(DDB.IsValid_KeySchemaAttributeName(obj.1.str), "sortKeyName '" + obj.1.str + "' is not a valid KeySchemaAttributeName.");
+          sortKeyName := Some(obj.1.str);
+        case "algorithmSuiteId" =>
+          :- Need(obj.1.String?, "algorithmSuiteId must be of type String.");
+          if obj.1.str == "ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_SYMSIG_HMAC_SHA384" {
+            algorithmSuiteId := Some(CMP.ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_SYMSIG_HMAC_SHA384);
+          } else if obj.1.str == "ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_ECDSA_P384_SYMSIG_HMAC_SHA384" {
+            algorithmSuiteId := Some(CMP.ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_ECDSA_P384_SYMSIG_HMAC_SHA384);
+          } else {
+            return Failure("algorithmSuiteId '" + obj.1.str + "' must be either ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_SYMSIG_HMAC_SHA384 or ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_ECDSA_P384_SYMSIG_HMAC_SHA384");
+          }
+        case "plaintextOverride" =>
+          :- Need(obj.1.String?, "plaintextOverride must be of type String.");
+          if obj.1.str == "FORCE_PLAINTEXT_WRITE_ALLOW_PLAINTEXT_READ" {
+            plaintextOverride := Some(Types.FORCE_PLAINTEXT_WRITE_ALLOW_PLAINTEXT_READ);
+          } else if obj.1.str == "FORBID_PLAINTEXT_WRITE_ALLOW_PLAINTEXT_READ" {
+            plaintextOverride := Some(Types.FORBID_PLAINTEXT_WRITE_ALLOW_PLAINTEXT_READ);
+          } else if obj.1.str == "FORBID_PLAINTEXT_WRITE_FORBID_PLAINTEXT_READ" {
+            plaintextOverride := Some(Types.FORBID_PLAINTEXT_WRITE_FORBID_PLAINTEXT_READ);
+          } else {
+            return Failure("plaintextOverride '" + obj.1.str + "' must be one of FORCE_PLAINTEXT_WRITE_ALLOW_PLAINTEXT_READ, FORBID_PLAINTEXT_WRITE_ALLOW_PLAINTEXT_READ or FORBID_PLAINTEXT_WRITE_FORBID_PLAINTEXT_READ");
+          }
+
         case "attributeActionsOnEncrypt" => attributeActionsOnEncrypt :- GetAttributeActions(obj.1);
         case "allowedUnsignedAttributePrefix" =>
-          :- Need(obj.1.String?, "Prefix must be of type String.");
+          :- Need(obj.1.String?, "allowedUnsignedAttributePrefix must be of type String.");
           prefix := obj.1.str;
         case "allowedUnsignedAttributes" => allowed :- GetAttrNames(obj.1);
         case "search" => var src :- GetOneSearchConfig(obj.1); search := Some(src);
@@ -1242,18 +1338,18 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
 
     var config :=
       Types.DynamoDbTableEncryptionConfig(
-        logicalTableName := TableName,
-        partitionKeyName := HashName,
-        sortKeyName := None,
+        logicalTableName := logicalTableName,
+        partitionKeyName := partitionKeyName,
+        sortKeyName := sortKeyName,
         search := search,
         attributeActionsOnEncrypt := attributeActionsOnEncrypt,
         allowedUnsignedAttributes := OptSeq(allowed),
         allowedUnsignedAttributePrefix := OptSeq(prefix),
-        algorithmSuiteId := None,
+        algorithmSuiteId := algorithmSuiteId,
         keyring := Some(keyring),
         cmm := None,
-        legacyOverride := None,
-        plaintextOverride := None
+        legacyOverride := legacyOverride,
+        plaintextOverride := plaintextOverride
       );
     return Success(TableConfig(name, config, |data.obj| == 0));
   }
@@ -1327,6 +1423,32 @@ module {:options "-functionSyntax:4"} DdbEncryptionTestVectors {
       );
   }
 
+ method GetFakeBeaconVersion() returns (output : Result<SI.BeaconVersion, string>)
+  ensures output.Success? ==> output.value.ValidState() && fresh(output.value.Modifies())
+  {
+    var keyMaterial : KeyMaterial.KeyMaterial :=
+      KeyMaterial.StaticKeyStoreInformation("abc", UTF8.EncodeAscii("abc"), [1,2,3,4,5], [1,2,3,4,5]);
+    var store := SKS.CreateStaticKeyStore(keyMaterial);
+    var source : Types.BeaconKeySource := Types.single(Types.SingleKeyStore(keyId := "foo", cacheTTL := 42));
+
+    var sb := Types.StandardBeacon(name := "name", length := 5 as Types.BeaconBitLength, loc := None, style := None);
+
+    var mpl :- expect MaterialProviders.MaterialProviders();
+
+    var cacheType : MPT.CacheType := MPT.Default(Default := MPT.DefaultCache(entryCapacity := 1));
+
+    var input := MPT.CreateCryptographicMaterialsCacheInput(
+      cache := cacheType
+    );
+    var cache :- expect mpl.CreateCryptographicMaterialsCache(input);
+
+    var client :- expect Primitives.AtomicPrimitives();
+    var src := SI.KeySource(client, store, SI.SingleLoc("foo"), cache, 100 as uint32);
+
+    var bv :- expect SI.MakeBeaconVersion(1, src, map[], map[], map[]);
+    return Success(bv);
+  }
+
   method GetAttributeActions(data : JSON) returns (output : Result<Types.AttributeActions, string>)
   {
     :- Need(data.Object?, "attributeActionsOnEncrypt must be an object");