/* * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. * A copy of the License is located at * * http://aws.amazon.com/apache2.0 * * or in the "license" file accompanying this file. This file is distributed * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either * express or implied. See the License for the specific language governing * permissions and limitations under the License. */ #include <aws/cryptosdk/private/header.h> #include <proof_helpers/make_common_data_structures.h> /** * The original aws_cryptosdk_hdr_write function declares an aws_byte_buf * output variable where different components of the header get written, * however, the actual output of the function is bytes_written. Therefore, * we assign a nondeterministic value to bytes_written in case of success * or zero both outbuf and outlen in case of failure. */ int aws_cryptosdk_hdr_write( const struct aws_cryptosdk_hdr *hdr, size_t *bytes_written, uint8_t *outbuf, size_t outlen) { assert(aws_cryptosdk_hdr_is_valid(hdr)); assert(hdr->iv.len <= UINT8_MAX); // uint8_t max value assert(outlen == 0 || AWS_MEM_IS_READABLE(outbuf, outlen)); assert(bytes_written != NULL); if (nondet_bool()) { size_t nondet_size; __CPROVER_assume(nondet_size < MAX_BUFFER_SIZE); *bytes_written = nondet_size; return AWS_OP_SUCCESS; } else { int error = nondet_bool() ? AWS_CRYPTOSDK_ERR_BAD_STATE : AWS_ERROR_SHORT_BUFFER; aws_secure_zero(outbuf, outlen); *bytes_written = 0; return aws_raise_error(error); } }