AES-256 CBC PKCS7 interface.
AES-256 is specified in the FIPS PUB 197 standard. The CBC (Cipher Block Chaining) block cipher mode of operation is specified in the SP 800-38A standard. The PKCS7 padding method is specified in the RFC 2315 standard.
According to FIPS PUB 197, AES-256 has a key size of 256 bits. According to SP 800-38A, is the same size as the block, which is 128 bits for AES according to FIPS PUB 197.
Theorem:
(defthm bit-list-of-aes-256-cbc-pkcs7-encrypt-bits (bit-listp (aes-256-cbc-pkcs7-encrypt-bits key init data)))
Theorem:
(defthm bit-list-of-aes-256-cbc-pkcs7-decrypt-bits (bit-listp (aes-256-cbc-pkcs7-decrypt-bits key init data)))
Theorem:
(defthm byte-list-of-aes-256-cbc-pkcs7-encrypt-bytes (byte-listp (aes-256-cbc-pkcs7-encrypt-bytes key init data)))
Theorem:
(defthm byte-list-of-aes-256-cbc-pkcs7-decrypt-bytes (byte-listp (aes-256-cbc-pkcs7-decrypt-bytes key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-encrypt-bits-of-bit-list-fix-key (equal (aes-256-cbc-pkcs7-encrypt-bits (acl2::bit-list-fix key) init data) (aes-256-cbc-pkcs7-encrypt-bits key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-encrypt-bits-bit-list-equiv-congruence-on-key (implies (acl2::bit-list-equiv key key-equiv) (equal (aes-256-cbc-pkcs7-encrypt-bits key init data) (aes-256-cbc-pkcs7-encrypt-bits key-equiv init data))) :rule-classes :congruence)
Theorem:
(defthm aes-256-cbc-pkcs7-encrypt-bits-of-bit-list-fix-init (equal (aes-256-cbc-pkcs7-encrypt-bits key (acl2::bit-list-fix init) data) (aes-256-cbc-pkcs7-encrypt-bits key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-encrypt-bits-bit-list-equiv-congruence-on-init (implies (acl2::bit-list-equiv init init-equiv) (equal (aes-256-cbc-pkcs7-encrypt-bits key init data) (aes-256-cbc-pkcs7-encrypt-bits key init-equiv data))) :rule-classes :congruence)
Theorem:
(defthm aes-256-cbc-pkcs7-encrypt-bits-of-bit-list-fix-data (equal (aes-256-cbc-pkcs7-encrypt-bits key init (acl2::bit-list-fix data)) (aes-256-cbc-pkcs7-encrypt-bits key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-encrypt-bits-bit-list-equiv-congruence-on-data (implies (acl2::bit-list-equiv data data-equiv) (equal (aes-256-cbc-pkcs7-encrypt-bits key init data) (aes-256-cbc-pkcs7-encrypt-bits key init data-equiv))) :rule-classes :congruence)
Theorem:
(defthm aes-256-cbc-pkcs7-decrypt-bits-of-bit-list-fix-key (equal (aes-256-cbc-pkcs7-decrypt-bits (acl2::bit-list-fix key) init data) (aes-256-cbc-pkcs7-decrypt-bits key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-decrypt-bits-bit-list-equiv-congruence-on-key (implies (acl2::bit-list-equiv key key-equiv) (equal (aes-256-cbc-pkcs7-decrypt-bits key init data) (aes-256-cbc-pkcs7-decrypt-bits key-equiv init data))) :rule-classes :congruence)
Theorem:
(defthm aes-256-cbc-pkcs7-decrypt-bits-of-bit-list-fix-init (equal (aes-256-cbc-pkcs7-decrypt-bits key (acl2::bit-list-fix init) data) (aes-256-cbc-pkcs7-decrypt-bits key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-decrypt-bits-bit-list-equiv-congruence-on-init (implies (acl2::bit-list-equiv init init-equiv) (equal (aes-256-cbc-pkcs7-decrypt-bits key init data) (aes-256-cbc-pkcs7-decrypt-bits key init-equiv data))) :rule-classes :congruence)
Theorem:
(defthm aes-256-cbc-pkcs7-decrypt-bits-of-bit-list-fix-data (equal (aes-256-cbc-pkcs7-decrypt-bits key init (acl2::bit-list-fix data)) (aes-256-cbc-pkcs7-decrypt-bits key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-decrypt-bits-bit-list-equiv-congruence-on-data (implies (acl2::bit-list-equiv data data-equiv) (equal (aes-256-cbc-pkcs7-decrypt-bits key init data) (aes-256-cbc-pkcs7-decrypt-bits key init data-equiv))) :rule-classes :congruence)
Theorem:
(defthm aes-256-cbc-pkcs7-encrypt-bytes-of-byte-list-fix-key (equal (aes-256-cbc-pkcs7-encrypt-bytes (byte-list-fix key) init data) (aes-256-cbc-pkcs7-encrypt-bytes key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-encrypt-bytes-byte-list-equiv-congruence-on-key (implies (byte-list-equiv key key-equiv) (equal (aes-256-cbc-pkcs7-encrypt-bytes key init data) (aes-256-cbc-pkcs7-encrypt-bytes key-equiv init data))) :rule-classes :congruence)
Theorem:
(defthm aes-256-cbc-pkcs7-encrypt-bytes-of-byte-list-fix-init (equal (aes-256-cbc-pkcs7-encrypt-bytes key (byte-list-fix init) data) (aes-256-cbc-pkcs7-encrypt-bytes key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-encrypt-bytes-byte-list-equiv-congruence-on-init (implies (byte-list-equiv init init-equiv) (equal (aes-256-cbc-pkcs7-encrypt-bytes key init data) (aes-256-cbc-pkcs7-encrypt-bytes key init-equiv data))) :rule-classes :congruence)
Theorem:
(defthm aes-256-cbc-pkcs7-encrypt-bytes-of-byte-list-fix-data (equal (aes-256-cbc-pkcs7-encrypt-bytes key init (byte-list-fix data)) (aes-256-cbc-pkcs7-encrypt-bytes key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-encrypt-bytes-byte-list-equiv-congruence-on-data (implies (byte-list-equiv data data-equiv) (equal (aes-256-cbc-pkcs7-encrypt-bytes key init data) (aes-256-cbc-pkcs7-encrypt-bytes key init data-equiv))) :rule-classes :congruence)
Theorem:
(defthm aes-256-cbc-pkcs7-decrypt-bytes-of-byte-list-fix-key (equal (aes-256-cbc-pkcs7-decrypt-bytes (byte-list-fix key) init data) (aes-256-cbc-pkcs7-decrypt-bytes key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-decrypt-bytes-byte-list-equiv-congruence-on-key (implies (byte-list-equiv key key-equiv) (equal (aes-256-cbc-pkcs7-decrypt-bytes key init data) (aes-256-cbc-pkcs7-decrypt-bytes key-equiv init data))) :rule-classes :congruence)
Theorem:
(defthm aes-256-cbc-pkcs7-decrypt-bytes-of-byte-list-fix-init (equal (aes-256-cbc-pkcs7-decrypt-bytes key (byte-list-fix init) data) (aes-256-cbc-pkcs7-decrypt-bytes key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-decrypt-bytes-byte-list-equiv-congruence-on-init (implies (byte-list-equiv init init-equiv) (equal (aes-256-cbc-pkcs7-decrypt-bytes key init data) (aes-256-cbc-pkcs7-decrypt-bytes key init-equiv data))) :rule-classes :congruence)
Theorem:
(defthm aes-256-cbc-pkcs7-decrypt-bytes-of-byte-list-fix-data (equal (aes-256-cbc-pkcs7-decrypt-bytes key init (byte-list-fix data)) (aes-256-cbc-pkcs7-decrypt-bytes key init data)))
Theorem:
(defthm aes-256-cbc-pkcs7-decrypt-bytes-byte-list-equiv-congruence-on-data (implies (byte-list-equiv data data-equiv) (equal (aes-256-cbc-pkcs7-decrypt-bytes key init data) (aes-256-cbc-pkcs7-decrypt-bytes key init data-equiv))) :rule-classes :congruence)
Theorem:
(defthm true-listp-of-aes-256-cbc-pkcs7-encrypt-bits (true-listp (aes-256-cbc-pkcs7-encrypt-bits key init data)) :rule-classes :type-prescription)
Theorem:
(defthm true-listp-of-aes-256-cbc-pkcs7-decrypt-bits (true-listp (aes-256-cbc-pkcs7-decrypt-bits key init data)) :rule-classes :type-prescription)
Theorem:
(defthm true-listp-of-aes-256-cbc-pkcs7-encrypt-bytes (true-listp (aes-256-cbc-pkcs7-encrypt-bytes key init data)) :rule-classes :type-prescription)
Theorem:
(defthm true-listp-of-aes-256-cbc-pkcs7-decrypt-bytes (true-listp (aes-256-cbc-pkcs7-decrypt-bytes key init data)) :rule-classes :type-prescription)