Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Built-in methods do not work in predicates of REQUIRES section #457

Open
shahrzadav opened this issue Dec 15, 2021 · 0 comments · May be fixed by #462
Open

Built-in methods do not work in predicates of REQUIRES section #457

shahrzadav opened this issue Dec 15, 2021 · 0 comments · May be fixed by #462

Comments

@shahrzadav
Copy link
Contributor

Describe the bug
The built-in methods (alg, mode, padding, and so on) do not work in the REQUIRES section. For example, in the Cipher rule, we have generatedkey[key, alg(transformation)], but the alg does not function and it is interpreted as generatedkey[key, transformation].

The problem is in the Domainmodel that is generated from the rule in readRule method in cryslParser class. The required predicates will be extracted from the Domainmodel and in case of a predicate in the REQUIRES section that has a built-in method, the variable of that predicate with a built-in method, should have "part" part, otherwise it is considered as a variable without a built-in method.

To Reproduce
Steps to reproduce the behavior:
Take this code and analyze it, it throws an error "Second parameter was not properly generated as generated Key", which is a false positive.

	public main(String[] args, SecretKey key, byte[] text) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {

		SecureRandom secureRandom = new SecureRandom();
		Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");

		KeyGenerator kg = KeyGenerator.getInstance("AES");
		
		kg.init(128, secureRandom);
		SecretKey secretKey = kg.generateKey();
		
		c.init(Cipher.ENCRYPT_MODE, secretKey);
		c.doFinal(text);
	}

Expected behavior
This code should not throw any errors.

Desktop (please complete the following information):

  • OS: Windows 10
marvinvo added a commit to marvinvo/CogniCrypt that referenced this issue Jan 22, 2022
The previous parsing code was actually a dublicate of the getPredicate() method, but it had no check for the “consPred” field, in which ‘alg(’, ‘mode(’ and ‘pad(’ is defined.
@marvinvo marvinvo linked a pull request Jan 22, 2022 that will close this issue
11 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant