Adapt pattern tests to be compatible with rulesets 3.0.0

CryptoAnalysis/src/test/java/tests/headless/StaticAnalysisDemoTest.java

@@ -87,9 +87,9 @@ public void oracleExample() {
 		MavenProject mavenProject = createAndCompile(mavenProjectPath);
 		HeadlessCryptoScanner scanner = createScanner(mavenProject);
 
-		setErrorsCount("<main.Main: void main(java.lang.String[])>", ConstraintError.class, 1);
-		setErrorsCount("<main.Main: void main(java.lang.String[])>", TypestateError.class, 2);
-		setErrorsCount("<main.Main: void main(java.lang.String[])>", RequiredPredicateError.class, 2);
+		setErrorsCount("<main.Main: void main(java.lang.String[])>", ConstraintError.class, 2);
+		setErrorsCount("<main.Main: void main(java.lang.String[])>", TypestateError.class, 1);
+		setErrorsCount("<main.Main: void main(java.lang.String[])>", RequiredPredicateError.class, 3);
 		setErrorsCount("<main.Main: void keyStoreExample()>", ConstraintError.class, 1);
 		setErrorsCount("<main.Main: void keyStoreExample()>", NeverTypeOfError.class, 1);
 		setErrorsCount("<main.Main: void keyStoreExample()>", HardCodedError.class, 1);

CryptoAnalysis/src/test/java/tests/pattern/CipherTest.java

@@ -479,8 +479,8 @@ public void cipherUsagePatternTest5() throws GeneralSecurityException {
 		Assertions.extValue(0);
 		hMacSHA256.init(keyMac);
 		byte[] macced = hMacSHA256.doFinal(msgAsArray);
-		Assertions.mustNotBeInAcceptingState(hMacSHA256);
-		Assertions.notHasEnsuredPredicate(macced);
+		Assertions.mustBeInAcceptingState(hMacSHA256);
+		Assertions.hasEnsuredPredicate(macced);
 	}
 
 	@Test

CryptoAnalysis/src/test/java/tests/pattern/KeyPairTest.java

@@ -20,10 +20,24 @@ public class KeyPairTest extends UsagePatternTestingFramework {
 	protected Ruleset getRuleSet() {
 		return Ruleset.JavaCryptographicArchitecture;
 	}
+
+	@Test
+	public void positiveRsaParameterSpecTest() throws GeneralSecurityException, IOException {
+		int keySize = 4096;
+		KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
+		RSAKeyGenParameterSpec parameters = new RSAKeyGenParameterSpec(keySize, RSAKeyGenParameterSpec.F4);
+		Assertions.extValue(0);
+		Assertions.extValue(1);
+		Assertions.hasEnsuredPredicate(parameters);
+		generator.initialize(parameters, new SecureRandom());
+		KeyPair keyPair = generator.generateKeyPair();
+		Assertions.hasEnsuredPredicate(keyPair);
+	}
 
 	@Test
 	public void negativeRsaParameterSpecTest() throws GeneralSecurityException, IOException {
-		Integer keySize = new Integer(102);
+		// Since 3.0.0: key size of 2048 is not allowed
+		int keySize = 2048;
 		KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
 		RSAKeyGenParameterSpec parameters = new RSAKeyGenParameterSpec(keySize, RSAKeyGenParameterSpec.F4);
 		Assertions.notHasEnsuredPredicate(parameters);
@@ -34,29 +48,30 @@ public void negativeRsaParameterSpecTest() throws GeneralSecurityException, IOEx
 	}
 
 	@Test
-	public void positiveRsaParameterSpecTest() throws GeneralSecurityException, IOException {
-		Integer keySize = new Integer(2048);
+	public void positiveRsaParameterSpecTestBigInteger() throws GeneralSecurityException, IOException {
+		int keySize = 4096;
 		KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
-		RSAKeyGenParameterSpec parameters = new RSAKeyGenParameterSpec(keySize, RSAKeyGenParameterSpec.F4);
+		RSAKeyGenParameterSpec parameters = new RSAKeyGenParameterSpec(keySize, BigInteger.valueOf(65537));
 		Assertions.extValue(0);
 		Assertions.extValue(1);
 		Assertions.hasEnsuredPredicate(parameters);
 		generator.initialize(parameters, new SecureRandom());
 		KeyPair keyPair = generator.generateKeyPair();
 		Assertions.hasEnsuredPredicate(keyPair);
 	}
-
+	
 	@Test
-	public void positiveRsaParameterSpecTestBigInteger() throws GeneralSecurityException, IOException {
-		Integer keySize = new Integer(2048);
+	public void negativeRsaParameterSpecTestBigInteger() throws GeneralSecurityException, IOException {
+		// Since 3.0.0: key size of 2048 is not allowed
+		int keySize = 2048;
 		KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
 		RSAKeyGenParameterSpec parameters = new RSAKeyGenParameterSpec(keySize, BigInteger.valueOf(65537));
 		Assertions.extValue(0);
 		Assertions.extValue(1);
-		Assertions.hasEnsuredPredicate(parameters);
+		Assertions.notHasEnsuredPredicate(parameters);
 		generator.initialize(parameters, new SecureRandom());
 		KeyPair keyPair = generator.generateKeyPair();
-		Assertions.hasEnsuredPredicate(keyPair);
+		Assertions.notHasEnsuredPredicate(keyPair);
 	}
 
 }

CryptoAnalysis/src/test/java/tests/pattern/SignatureTest.java

@@ -51,18 +51,18 @@ public void testSignature1() throws InvalidKeyException, GeneralSecurityExceptio
 
 	private static PrivateKey getPrivateKey() throws GeneralSecurityException {
 		KeyPairGenerator kpgen = KeyPairGenerator.getInstance("RSA");
-		kpgen.initialize(2048);
+		kpgen.initialize(4096);
 		KeyPair gp = kpgen.generateKeyPair();
 		return gp.getPrivate();
 	}
 
 	@Test
-	public void signUsagePatternTest1() throws GeneralSecurityException, UnsupportedEncodingException {
+	public void positiveSignUsagePatternTest1() throws GeneralSecurityException, UnsupportedEncodingException {
 		String input = "TESTITESTiTEsTI";
 
 		KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
 		Assertions.extValue(0);
-		keyGen.initialize(2048);
+		keyGen.initialize(3072);
 		KeyPair kp = keyGen.generateKeyPair();
 		Assertions.mustBeInAcceptingState(keyGen);
 		Assertions.hasEnsuredPredicate(kp);
@@ -80,14 +80,39 @@ public void signUsagePatternTest1() throws GeneralSecurityException, Unsupported
 	}
 
 	@Test
-	public void signUsagePatternTest2() throws GeneralSecurityException, UnsupportedEncodingException {
+	public void negativeSignUsagePatternTest1() throws GeneralSecurityException, UnsupportedEncodingException {
 		String input = "TESTITESTiTEsTI";
 
 		KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
 		Assertions.extValue(0);
+
+		// Since 3.0.0: key size of 2048 is not allowed
 		keyGen.initialize(2048);
 		KeyPair kp = keyGen.generateKeyPair();
 		Assertions.mustBeInAcceptingState(keyGen);
+		Assertions.notHasEnsuredPredicate(kp);
+
+		final PrivateKey privKey = kp.getPrivate();
+		Assertions.notHasEnsuredPredicate(privKey);
+		Signature sign = Signature.getInstance("SHA256withDSA");
+		Assertions.extValue(0);
+
+		sign.initSign(privKey);
+		sign.update(input.getBytes("UTF-8"));
+		byte[] signature = sign.sign();
+		Assertions.mustBeInAcceptingState(sign);
+		Assertions.notHasEnsuredPredicate(signature);
+	}
+
+	@Test
+	public void positiveSignUsagePatternTest2() throws GeneralSecurityException, UnsupportedEncodingException {
+		String input = "TESTITESTiTEsTI";
+
+		KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
+		Assertions.extValue(0);
+		keyGen.initialize(3072);
+		KeyPair kp = keyGen.generateKeyPair();
+		Assertions.mustBeInAcceptingState(keyGen);
 		Assertions.hasEnsuredPredicate(kp);
 
 		final PrivateKey privKey = kp.getPrivate();
@@ -107,14 +132,43 @@ public void signUsagePatternTest2() throws GeneralSecurityException, Unsupported
 	}
 
 	@Test
-	public void signUsagePatternTest3() throws GeneralSecurityException, UnsupportedEncodingException {
+	public void negativeSignUsagePatternTest2() throws GeneralSecurityException, UnsupportedEncodingException {
 		String input = "TESTITESTiTEsTI";
 
 		KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
 		Assertions.extValue(0);
+
+		// Since 3.0.0: key size of 2048 is not allowed
 		keyGen.initialize(2048);
 		KeyPair kp = keyGen.generateKeyPair();
 		Assertions.mustBeInAcceptingState(keyGen);
+		Assertions.notHasEnsuredPredicate(kp);
+
+		final PrivateKey privKey = kp.getPrivate();
+		Assertions.notHasEnsuredPredicate(privKey);
+		String algorithm = "SHA256withDSA";
+		if (Math.random() % 2 == 0) {
+			algorithm = "SHA256withECDSA";
+		}
+		Signature sign = Signature.getInstance(algorithm);
+		Assertions.extValue(0);
+
+		sign.initSign(privKey);
+		sign.update(input.getBytes("UTF-8"));
+		byte[] signature = sign.sign();
+		Assertions.mustBeInAcceptingState(sign);
+		Assertions.notHasEnsuredPredicate(signature);
+	}
+
+	@Test
+	public void positiveSignUsagePatternTest3() throws GeneralSecurityException, UnsupportedEncodingException {
+		String input = "TESTITESTiTEsTI";
+
+		KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
+		Assertions.extValue(0);
+		keyGen.initialize(3072);
+		KeyPair kp = keyGen.generateKeyPair();
+		Assertions.mustBeInAcceptingState(keyGen);
 		Assertions.hasEnsuredPredicate(kp);
 
 		final PrivateKey privKey = kp.getPrivate();
@@ -135,7 +189,43 @@ public void signUsagePatternTest3() throws GeneralSecurityException, Unsupported
 
 		Signature ver = Signature.getInstance("SHA256withDSA");
 		Assertions.extValue(0);
-		//
+
+		ver.initVerify(pubKey);
+		ver.update(input.getBytes("UTF-8"));
+		ver.verify(signature);
+		Assertions.mustBeInAcceptingState(ver);
+	}
+
+	@Test
+	public void negativeSignUsagePatternTest3() throws GeneralSecurityException, UnsupportedEncodingException {
+		String input = "TESTITESTiTEsTI";
+
+		KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
+		Assertions.extValue(0);
+
+		// Since 3.0.0: key size of 2048 is not allowed
+		keyGen.initialize(2048);
+		KeyPair kp = keyGen.generateKeyPair();
+		Assertions.mustBeInAcceptingState(keyGen);
+		Assertions.notHasEnsuredPredicate(kp);
+
+		final PrivateKey privKey = kp.getPrivate();
+		Assertions.notHasEnsuredPredicate(privKey);
+		Signature sign = Signature.getInstance("SHA256withDSA");
+		Assertions.extValue(0);
+
+		sign.initSign(privKey);
+		sign.update(input.getBytes("UTF-8"));
+		byte[] signature = sign.sign();
+		Assertions.mustBeInAcceptingState(sign);
+		Assertions.notHasEnsuredPredicate(signature);
+
+		final PublicKey pubKey = kp.getPublic();
+		Assertions.notHasEnsuredPredicate(pubKey);
+
+		Signature ver = Signature.getInstance("SHA256withDSA");
+		Assertions.extValue(0);
+
 		ver.initVerify(pubKey);
 		ver.update(input.getBytes("UTF-8"));
 		ver.verify(signature);

CryptoAnalysisTargets/CogniCryptDemoExample/src/main/java/example/IncompleOperationErrorExample.java

@@ -52,7 +52,7 @@ private void doSign() throws SignatureException {
 
 	private static PrivateKey getPrivateKey() throws GeneralSecurityException {
 		KeyPairGenerator kpgen = KeyPairGenerator.getInstance("RSA");
-		kpgen.initialize(2048);
+		kpgen.initialize(4096);
 		KeyPair gp = kpgen.generateKeyPair();
 		return gp.getPrivate();
 	}

CryptoAnalysisTargets/CogniCryptDemoExample/src/main/java/example/TypestateErrorExample.java

@@ -26,7 +26,7 @@ public static void main(String...args) throws GeneralSecurityException {
 
 	private static PrivateKey getPrivateKey() throws GeneralSecurityException {
 		KeyPairGenerator kpgen = KeyPairGenerator.getInstance("RSA");
-		kpgen.initialize(2048);
+		kpgen.initialize(4096);
 		KeyPair gp = kpgen.generateKeyPair();
 		return gp.getPrivate();
 	}

CryptoAnalysisTargets/CogniCryptDemoExample/src/main/java/example/fixed/IncompleOperationErrorExample.java

@@ -52,7 +52,7 @@ private void doSign() throws SignatureException {
 
 	private static PrivateKey getPrivateKey() throws GeneralSecurityException {
 		KeyPairGenerator kpgen = KeyPairGenerator.getInstance("RSA");
-		kpgen.initialize(2048);
+		kpgen.initialize(4096);
 		KeyPair gp = kpgen.generateKeyPair();
 		return gp.getPrivate();
 	}

CryptoAnalysisTargets/CogniCryptDemoExample/src/main/java/example/fixed/TypestateErrorExample.java

@@ -26,7 +26,7 @@ public static void main(String...args) throws GeneralSecurityException {
 
 	private static PrivateKey getPrivateKey() throws GeneralSecurityException {
 		KeyPairGenerator kpgen = KeyPairGenerator.getInstance("RSA");
-		kpgen.initialize(2048);
+		kpgen.initialize(4096);
 		KeyPair gp = kpgen.generateKeyPair();
 		return gp.getPrivate();
 	}

CryptoAnalysisTargets/CryptoMisuseExamples/src/main/java/main/Encrypt.java

@@ -11,28 +11,30 @@
 
 public class Encrypt {
 	public void correct() throws GeneralSecurityException {
-		Integer keySize = new Integer(2048);
+		int keySize = 4096;
 		KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
 		RSAKeyGenParameterSpec parameters = new RSAKeyGenParameterSpec(keySize, RSAKeyGenParameterSpec.F4);
 		generator.initialize(parameters, new SecureRandom());
 		KeyPair keyPair = generator.generateKeyPair();
 	}
 	public void incorrect() throws GeneralSecurityException {
-		Integer keySize = new Integer(208);
+		// Since 3.0.0: key size of 2048 is not allowed
+		int keySize = 2048;
 		KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
 		RSAKeyGenParameterSpec parameters = new RSAKeyGenParameterSpec(keySize, RSAKeyGenParameterSpec.F0);
 		generator.initialize(parameters, new SecureRandom());
 		KeyPair keyPair = generator.generateKeyPair();
 	}
 	public void correctBigInteger() throws GeneralSecurityException {
-		Integer keySize = new Integer(2048);
+		int keySize = 4096;
 		KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
 		RSAKeyGenParameterSpec parameters = new RSAKeyGenParameterSpec(keySize, BigInteger.valueOf(65537));
 		generator.initialize(parameters, new SecureRandom());
 		KeyPair keyPair = generator.generateKeyPair();
 	}
 	public void incorrectBigInteger() throws GeneralSecurityException {
-		Integer keySize = new Integer(208);
+		// Since 3.0.0: key size of 2048 is not allowed
+		int keySize = 2048;
 		KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
 		RSAKeyGenParameterSpec parameters = new RSAKeyGenParameterSpec(keySize, BigInteger.valueOf(2));
 		generator.initialize(parameters, new SecureRandom());