Skip to content

Commit 10daadf

Browse files
ajewellamzajewellamz
authored
feat: enforce input constraints (#646)
The AWS Encryption SDK in .NET (ESDK-NET) failed to enforce user input constraints. Input shapes without required members set would always result in a `NullReferenceException`. Now, the ESDK-NET will throw it's own Exceptions when illegal user input is submitted.
1 parent 0bae2c8 commit 10daadf

File tree

8 files changed

+36
-12
lines changed

8 files changed

+36
-12
lines changed

AwsEncryptionSDK/codegen-patches/AwsEncryptionSdk/dotnet/dafny-4.2.0.patch

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ diff --git b/AwsEncryptionSDK/runtimes/net/Generated/AwsEncryptionSdk/TypeConver
1515
index cc922a3..161bcf3 100644
1616
--- b/AwsEncryptionSDK/runtimes/net/Generated/AwsEncryptionSdk/TypeConversion.cs
1717
+++ a/AwsEncryptionSDK/runtimes/net/Generated/AwsEncryptionSdk/TypeConversion.cs
18-
@@ -11,13 +11,17 @@ namespace AWS.Cryptography.EncryptionSDK
18+
@@ -11,14 +11,18 @@ namespace AWS.Cryptography.EncryptionSDK
1919
{
2020
software.amazon.cryptography.encryptionsdk.internaldafny.types.AwsEncryptionSdkConfig concrete = (software.amazon.cryptography.encryptionsdk.internaldafny.types.AwsEncryptionSdkConfig)value; AWS.Cryptography.EncryptionSDK.AwsEncryptionSdkConfig converted = new AWS.Cryptography.EncryptionSDK.AwsEncryptionSdkConfig(); if (concrete._commitmentPolicy.is_Some) converted.CommitmentPolicy = (AWS.Cryptography.MaterialProviders.ESDKCommitmentPolicy)FromDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S22_AwsEncryptionSdkConfig__M16_commitmentPolicy(concrete._commitmentPolicy);
2121
if (concrete._maxEncryptedDataKeys.is_Some) converted.MaxEncryptedDataKeys = (long)FromDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S22_AwsEncryptionSdkConfig__M20_maxEncryptedDataKeys(concrete._maxEncryptedDataKeys);
@@ -26,6 +26,7 @@ index cc922a3..161bcf3 100644
2626
}
2727
public static software.amazon.cryptography.encryptionsdk.internaldafny.types._IAwsEncryptionSdkConfig ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S22_AwsEncryptionSdkConfig(AWS.Cryptography.EncryptionSDK.AwsEncryptionSdkConfig value)
2828
{
29+
value.Validate();
2930
AWS.Cryptography.MaterialProviders.ESDKCommitmentPolicy var_commitmentPolicy = value.IsSetCommitmentPolicy() ? value.CommitmentPolicy : (AWS.Cryptography.MaterialProviders.ESDKCommitmentPolicy)null;
3031
long? var_maxEncryptedDataKeys = value.IsSetMaxEncryptedDataKeys() ? value.MaxEncryptedDataKeys : (long?)null;
3132
- AWS.Cryptography.EncryptionSDK.NetV4_0_0_RetryPolicy var_netV4_0_0_RetryPolicy = value.IsSetNetV4__0__0__RetryPolicy() ? value.NetV4__0__0__RetryPolicy : (AWS.Cryptography.EncryptionSDK.NetV4_0_0_RetryPolicy)null;
@@ -62,7 +63,7 @@ index cc922a3..161bcf3 100644
6263
throw new System.ArgumentException("Invalid AWS.Cryptography.EncryptionSDK.NetV4_0_0_RetryPolicy value");
6364
}
6465
public static AWS.Cryptography.MaterialProviders.ESDKCommitmentPolicy FromDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S22_AwsEncryptionSdkConfig__M16_commitmentPolicy(Wrappers_Compile._IOption<software.amazon.cryptography.materialproviders.internaldafny.types._IESDKCommitmentPolicy> value)
65-
@@ -115,13 +125,20 @@ namespace AWS.Cryptography.EncryptionSDK
66+
@@ -115,13 +125,19 @@ namespace AWS.Cryptography.EncryptionSDK
6667
{
6768
return value == null ? Wrappers_Compile.Option<long>.create_None() : Wrappers_Compile.Option<long>.create_Some(ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S15_CountingNumbers((long)value));
6869
}
@@ -71,7 +72,6 @@ index cc922a3..161bcf3 100644
7172
+ public static AWS.Cryptography.EncryptionSDK.NetV4_0_0_RetryPolicy FromDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S22_AwsEncryptionSdkConfig__M21_netV4_0_0_RetryPolicy(Wrappers_Compile._IOption<software.amazon.cryptography.encryptionsdk.internaldafny.types._INetV4__0__0__RetryPolicy> value)
7273
+ // END MANUAL EDIT
7374
{
74-
+
7575
return value.is_None ? (AWS.Cryptography.EncryptionSDK.NetV4_0_0_RetryPolicy)null : FromDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S21_NetV4_0_0_RetryPolicy(value.Extract());
7676
}
7777
- public static Wrappers_Compile._IOption<software.amazon.cryptography.encryptionsdk.internaldafny.types._INetV4_0_0_RetryPolicy> ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S22_AwsEncryptionSdkConfig__M21_netV4_0_0_RetryPolicy(AWS.Cryptography.EncryptionSDK.NetV4_0_0_RetryPolicy value)

AwsEncryptionSDK/dafny/AwsEncryptionSdk/Model/AwsCryptographyEncryptionSdkTypes.dfy

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -187,17 +187,17 @@ abstract module AbstractAwsCryptographyEncryptionSdkService
187187
import Operations : AbstractAwsCryptographyEncryptionSdkOperations
188188
function method DefaultAwsEncryptionSdkConfig(): AwsEncryptionSdkConfig
189189
method ESDK(config: AwsEncryptionSdkConfig := DefaultAwsEncryptionSdkConfig())
190-
returns (res: Result<IAwsEncryptionSdkClient, Error>)
190+
returns (res: Result<ESDKClient, Error>)
191191
ensures res.Success? ==>
192192
&& fresh(res.value)
193193
&& fresh(res.value.Modifies)
194194
&& fresh(res.value.History)
195195
&& res.value.ValidState()
196196

197-
// Helper function for the benefit of native code to create a Success(client) without referring to Dafny internals
197+
// Helper functions for the benefit of native code to create a Success(client) without referring to Dafny internals
198198
function method CreateSuccessOfClient(client: IAwsEncryptionSdkClient): Result<IAwsEncryptionSdkClient, Error> {
199199
Success(client)
200-
} // Helper function for the benefit of native code to create a Failure(error) without referring to Dafny internals
200+
}
201201
function method CreateFailureOfError(error: Error): Result<IAwsEncryptionSdkClient, Error> {
202202
Failure(error)
203203
}

AwsEncryptionSDK/dafny/AwsEncryptionSdk/src/Index.dfy

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ module
2323
}
2424

2525
method ESDK(config: AwsEncryptionSdkConfig)
26-
returns (res: Result<IAwsEncryptionSdkClient, Error>)
26+
returns (res: Result<ESDKClient, Error>)
2727
{
2828
var maybeCrypto := Primitives.AtomicPrimitives();
2929
var cryptoX: AwsCryptographyPrimitivesTypes.IAwsCryptographicPrimitivesClient :- maybeCrypto

AwsEncryptionSDK/runtimes/java/src/main/smithy-generated/software/amazon/cryptography/encryptionsdk/ESDK.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
import Wrappers_Compile.Result;
77
import java.lang.IllegalArgumentException;
88
import java.util.Objects;
9+
import software.amazon.cryptography.encryptionsdk.internaldafny.ESDKClient;
910
import software.amazon.cryptography.encryptionsdk.internaldafny.__default;
1011
import software.amazon.cryptography.encryptionsdk.internaldafny.types.Error;
1112
import software.amazon.cryptography.encryptionsdk.internaldafny.types.IAwsEncryptionSdkClient;
@@ -23,7 +24,7 @@ protected ESDK(BuilderImpl builder) {
2324
AwsEncryptionSdkConfig input = builder.AwsEncryptionSdkConfig();
2425
software.amazon.cryptography.encryptionsdk.internaldafny.types.AwsEncryptionSdkConfig dafnyValue =
2526
ToDafny.AwsEncryptionSdkConfig(input);
26-
Result<IAwsEncryptionSdkClient, Error> result = __default.ESDK(dafnyValue);
27+
Result<ESDKClient, Error> result = __default.ESDK(dafnyValue);
2728
if (result.is_Failure()) {
2829
throw ToNative.Error(result.dtor_error());
2930
}

AwsEncryptionSDK/runtimes/net/Generated/AwsEncryptionSdk/AwsEncryptionSdkConfig.cs

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,14 @@ public bool IsSetNetV4__0__0__RetryPolicy()
3939
}
4040
public void Validate()
4141
{
42-
42+
if (IsSetMaxEncryptedDataKeys())
43+
{
44+
if (MaxEncryptedDataKeys < 1)
45+
{
46+
throw new System.ArgumentException(
47+
String.Format("Member MaxEncryptedDataKeys of structure AwsEncryptionSdkConfig has type CountingNumbers which has a minimum of 1 but was given the value {0}.", MaxEncryptedDataKeys));
48+
}
49+
}
4350
}
4451
}
4552
}

AwsEncryptionSDK/runtimes/net/Generated/AwsEncryptionSdk/EncryptInput.cs

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,19 @@ public bool IsSetFrameLength()
7070
public void Validate()
7171
{
7272
if (!IsSetPlaintext()) throw new System.ArgumentException("Missing value for required property 'Plaintext'");
73-
73+
if (IsSetFrameLength())
74+
{
75+
if (FrameLength < 1)
76+
{
77+
throw new System.ArgumentException(
78+
String.Format("Member FrameLength of structure EncryptInput has type FrameLength which has a minimum of 1 but was given the value {0}.", FrameLength));
79+
}
80+
if (FrameLength > 4294967296)
81+
{
82+
throw new System.ArgumentException(
83+
String.Format("Member FrameLength of structure EncryptInput has type FrameLength which has a maximum of 4294967296 but was given the value {0}.", FrameLength));
84+
}
85+
}
7486
}
7587
}
7688
}

AwsEncryptionSDK/runtimes/net/Generated/AwsEncryptionSdk/TypeConversion.cs

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ public static AWS.Cryptography.EncryptionSDK.AwsEncryptionSdkConfig FromDafny_N3
1717
}
1818
public static software.amazon.cryptography.encryptionsdk.internaldafny.types._IAwsEncryptionSdkConfig ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S22_AwsEncryptionSdkConfig(AWS.Cryptography.EncryptionSDK.AwsEncryptionSdkConfig value)
1919
{
20+
value.Validate();
2021
AWS.Cryptography.MaterialProviders.ESDKCommitmentPolicy var_commitmentPolicy = value.IsSetCommitmentPolicy() ? value.CommitmentPolicy : (AWS.Cryptography.MaterialProviders.ESDKCommitmentPolicy)null;
2122
long? var_maxEncryptedDataKeys = value.IsSetMaxEncryptedDataKeys() ? value.MaxEncryptedDataKeys : (long?)null;
2223
// BEGIN MANUAL EDIT
@@ -46,6 +47,7 @@ public static AWS.Cryptography.EncryptionSDK.DecryptInput FromDafny_N3_aws__N12_
4647
}
4748
public static software.amazon.cryptography.encryptionsdk.internaldafny.types._IDecryptInput ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S12_DecryptInput(AWS.Cryptography.EncryptionSDK.DecryptInput value)
4849
{
50+
value.Validate();
4951
AWS.Cryptography.MaterialProviders.ICryptographicMaterialsManager var_materialsManager = value.IsSetMaterialsManager() ? value.MaterialsManager : (AWS.Cryptography.MaterialProviders.ICryptographicMaterialsManager)null;
5052
AWS.Cryptography.MaterialProviders.IKeyring var_keyring = value.IsSetKeyring() ? value.Keyring : (AWS.Cryptography.MaterialProviders.IKeyring)null;
5153
System.Collections.Generic.Dictionary<string, string> var_encryptionContext = value.IsSetEncryptionContext() ? value.EncryptionContext : (System.Collections.Generic.Dictionary<string, string>)null;
@@ -59,6 +61,7 @@ public static AWS.Cryptography.EncryptionSDK.DecryptOutput FromDafny_N3_aws__N12
5961
}
6062
public static software.amazon.cryptography.encryptionsdk.internaldafny.types._IDecryptOutput ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S13_DecryptOutput(AWS.Cryptography.EncryptionSDK.DecryptOutput value)
6163
{
64+
value.Validate();
6265

6366
return new software.amazon.cryptography.encryptionsdk.internaldafny.types.DecryptOutput(ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S13_DecryptOutput__M9_plaintext(value.Plaintext), ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S13_DecryptOutput__M17_encryptionContext(value.EncryptionContext), ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S13_DecryptOutput__M16_algorithmSuiteId(value.AlgorithmSuiteId));
6467
}
@@ -73,6 +76,7 @@ public static AWS.Cryptography.EncryptionSDK.EncryptInput FromDafny_N3_aws__N12_
7376
}
7477
public static software.amazon.cryptography.encryptionsdk.internaldafny.types._IEncryptInput ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S12_EncryptInput(AWS.Cryptography.EncryptionSDK.EncryptInput value)
7578
{
79+
value.Validate();
7680
System.Collections.Generic.Dictionary<string, string> var_encryptionContext = value.IsSetEncryptionContext() ? value.EncryptionContext : (System.Collections.Generic.Dictionary<string, string>)null;
7781
AWS.Cryptography.MaterialProviders.ICryptographicMaterialsManager var_materialsManager = value.IsSetMaterialsManager() ? value.MaterialsManager : (AWS.Cryptography.MaterialProviders.ICryptographicMaterialsManager)null;
7882
AWS.Cryptography.MaterialProviders.IKeyring var_keyring = value.IsSetKeyring() ? value.Keyring : (AWS.Cryptography.MaterialProviders.IKeyring)null;
@@ -88,6 +92,7 @@ public static AWS.Cryptography.EncryptionSDK.EncryptOutput FromDafny_N3_aws__N12
8892
}
8993
public static software.amazon.cryptography.encryptionsdk.internaldafny.types._IEncryptOutput ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S13_EncryptOutput(AWS.Cryptography.EncryptionSDK.EncryptOutput value)
9094
{
95+
value.Validate();
9196

9297
return new software.amazon.cryptography.encryptionsdk.internaldafny.types.EncryptOutput(ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S13_EncryptOutput__M10_ciphertext(value.Ciphertext), ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S13_EncryptOutput__M17_encryptionContext(value.EncryptionContext), ToDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S13_EncryptOutput__M16_algorithmSuiteId(value.AlgorithmSuiteId));
9398
}
@@ -129,7 +134,6 @@ public static Wrappers_Compile._IOption<long> ToDafny_N3_aws__N12_cryptography__
129134
public static AWS.Cryptography.EncryptionSDK.NetV4_0_0_RetryPolicy FromDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S22_AwsEncryptionSdkConfig__M21_netV4_0_0_RetryPolicy(Wrappers_Compile._IOption<software.amazon.cryptography.encryptionsdk.internaldafny.types._INetV4__0__0__RetryPolicy> value)
130135
// END MANUAL EDIT
131136
{
132-
133137
return value.is_None ? (AWS.Cryptography.EncryptionSDK.NetV4_0_0_RetryPolicy)null : FromDafny_N3_aws__N12_cryptography__N13_encryptionSdk__S21_NetV4_0_0_RetryPolicy(value.Extract());
134138
}
135139
// BEGIN MANUAL EDIT

smithy-dafny

0 commit comments

Comments
 (0)