dyFGcXjj

· 7 years ago · Aug 01, 2018, 06:42 PM
1Ruleset: 
2	AlgorithmParameters
3	Cipher
4	DHGenParameterSpec
5	DHParameterSpec
6	DSAGenParameterSpec
7	DSAParameterSpec
8	GCMParameterSpec
9	HMACParameterSpec
10	IvParameterSpec
11	KeyGenerator
12	KeyPair
13	KeyPairGenerator
14	KeyStore
15	Mac
16	MessageDigest
17	PBEKeySpec
18	PBEParameterSpec
19	RSAKeyGenParameterSpec
20	SecretKey
21	SecretKeyFactory
22	SecretKeySpec
23	SecureRandom
24	Signature
25
26Analyzed Objects: 
27	Object:
28		Variable: $r2
29		Type: javax.crypto.spec.SecretKeySpec
30		Statement: $r2 = new javax.crypto.spec.SecretKeySpec
31		Method: <at.favre.lib.crypto.HkdfMacFactory$Default: javax.crypto.Mac createInstance(byte[])>
32		SHA-256: 891f98fcbb5b83af1fc48d6fadd890ca584e461ac22642d85d6432086185d148
33	Object:
34		Variable: r14
35		Type: javax.crypto.Mac
36		Statement: r14 = staticinvoke <javax.crypto.Mac: javax.crypto.Mac getInstance(java.lang.String)>($r7)
37		Method: <at.favre.lib.crypto.HkdfMacFactory$Default: javax.crypto.Mac createInstance(byte[])>
38		SHA-256: 40365fcd1814f494dda6b14c10c449aa607e9d94b7124570f5d6ce0a09c885dd
39	Object:
40		Variable: $r8
41		Type: byte[]
42		Statement: $r8 = virtualinvoke r2.<javax.crypto.Mac: byte[] doFinal()>()
43		Method: <at.favre.lib.crypto.HKDF$Extractor: byte[] execute(byte[],byte[])>
44		SHA-256: 8563e3ec7f8c04c66d64bd19189ab04957d8b31cde3e3b396ea5d5d3059a5818
45	Object:
46		Variable: $r3
47		Type: java.lang.String
48		Statement: specialinvoke $r2.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>(r1, $r3)
49		Method: <at.favre.lib.crypto.HkdfMacFactory$Default: javax.crypto.Mac createInstance(byte[])>
50		SHA-256: cce063745a20c1c1379dd54f21418b785318fa093f529358faeb3ded850020a9
51	Object:
52		Variable: r16
53		Type: byte[]
54		Statement: r16 = virtualinvoke r2.<javax.crypto.Mac: byte[] doFinal()>()
55		Method: <at.favre.lib.crypto.HKDF$Expander: byte[] execute(byte[],byte[],int)>
56		SHA-256: d6df8c7e694f512b947c3ddba9c58c918118be61a0e4e21fed2da964afd46b46
57	Object:
58		Variable: r14
59		Type: javax.crypto.Mac
60		Statement: r14 = staticinvoke <javax.crypto.Mac: javax.crypto.Mac getInstance(java.lang.String,java.security.Provider)>($r6, $r5)
61		Method: <at.favre.lib.crypto.HkdfMacFactory$Default: javax.crypto.Mac createInstance(byte[])>
62		SHA-256: 4cf2bfd862eb3bfe6e8e49ef62c58282c7ec585d8b197bce7d7ebd119bf162cc
63
64Findings in Java Class: at.favre.lib.crypto.HKDF$Expander
65
66	 in Method: byte[] execute(byte[],byte[],int)
67		TypestateError violating CrySL rule for Mac (on Object #4cf2bfd862eb3bfe6e8e49ef62c58282c7ec585d8b197bce7d7ebd119bf162cc)
68			Unexpected call to method update on object of type javax.crypto.Mac.
69			at statement: virtualinvoke r2.<javax.crypto.Mac: void update(byte[])>(r16)
70
71		IncompleteOperationError violating CrySL rule for Mac (on Object #4cf2bfd862eb3bfe6e8e49ef62c58282c7ec585d8b197bce7d7ebd119bf162cc)
72			Operation on object of type javax.crypto.Mac object not completed. Expected call to update, doFinal
73			at statement: $i4 = virtualinvoke r2.<javax.crypto.Mac: int getMacLength()>()
74
75		TypestateError violating CrySL rule for Mac (on Object #40365fcd1814f494dda6b14c10c449aa607e9d94b7124570f5d6ce0a09c885dd)
76			Unexpected call to method update on object of type javax.crypto.Mac.
77			at statement: virtualinvoke r2.<javax.crypto.Mac: void update(byte[])>(r16)
78
79		IncompleteOperationError violating CrySL rule for Mac (on Object #40365fcd1814f494dda6b14c10c449aa607e9d94b7124570f5d6ce0a09c885dd)
80			Operation on object of type javax.crypto.Mac object not completed. Expected call to update, doFinal
81			at statement: r16 = virtualinvoke r2.<javax.crypto.Mac: byte[] doFinal()>()
82
83		IncompleteOperationError violating CrySL rule for Mac (on Object #4cf2bfd862eb3bfe6e8e49ef62c58282c7ec585d8b197bce7d7ebd119bf162cc)
84			Operation on object of type javax.crypto.Mac object not completed. Expected call to update, doFinal
85			at statement: r16 = virtualinvoke r2.<javax.crypto.Mac: byte[] doFinal()>()
86
87		IncompleteOperationError violating CrySL rule for Mac (on Object #40365fcd1814f494dda6b14c10c449aa607e9d94b7124570f5d6ce0a09c885dd)
88			Operation on object of type javax.crypto.Mac object not completed. Expected call to update, doFinal
89			at statement: $i4 = virtualinvoke r2.<javax.crypto.Mac: int getMacLength()>()
90
91
92Findings in Java Class: at.favre.lib.crypto.HKDF$Extractor
93
94	 in Method: byte[] execute(byte[],byte[])
95		IncompleteOperationError violating CrySL rule for Mac (on Object #40365fcd1814f494dda6b14c10c449aa607e9d94b7124570f5d6ce0a09c885dd)
96			Operation on object of type javax.crypto.Mac object not completed. Expected call to update, doFinal
97			at statement: $i0 = virtualinvoke $r5.<javax.crypto.Mac: int getMacLength()>()
98
99		IncompleteOperationError violating CrySL rule for Mac (on Object #4cf2bfd862eb3bfe6e8e49ef62c58282c7ec585d8b197bce7d7ebd119bf162cc)
100			Operation on object of type javax.crypto.Mac object not completed. Expected call to update, doFinal
101			at statement: $i0 = virtualinvoke $r5.<javax.crypto.Mac: int getMacLength()>()
102
103
104Findings in Java Class: at.favre.lib.crypto.HkdfMacFactory$Default
105
106	 in Method: javax.crypto.Mac createInstance(byte[])
107		RequiredPredicateError violating CrySL rule for SecretKeySpec
108			First parameter was not properly randomized
109			at statement: specialinvoke $r2.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>(r1, $r3)
110
111		RequiredPredicateError violating CrySL rule for SecretKeySpec
112			First parameter was not properly randomized
113			at statement: specialinvoke $r2.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>(r1, $r3)
114
115		RequiredPredicateError violating CrySL rule for SecretKeySpec
116			First parameter was not properly randomized
117			at statement: specialinvoke $r2.<javax.crypto.spec.SecretKeySpec: void <init>(byte[],java.lang.String)>(r1, $r3)
118
119
120======================= CogniCrypt Summary ==========================
121	Number of CrySL rules: 23
122	Number of Objects Analyzed: 6
123
124	CogniCrypt found the following violations. For details see description above.
125	IncompleteOperationError: 6
126	RequiredPredicateError: 3
127	TypestateError: 2
128=====================================================================