Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add new rule G407 to detect hard-coded nonce and initialization vectors in crypto algorithms #1197

Merged
merged 13 commits into from
Aug 30, 2024
Merged

Add new rule G407 to detect hard-coded nonce and initialization vectors in crypto algorithms #1197

merged 13 commits into from
Aug 30, 2024

Commits on Aug 30, 2024

  1. Added new rule G407(hardcoded IV/nonce) 

    The rule is supposed to detect for the usage of hardcoded or static nonce/Iv in many encryption algorithms:

* The different modes of AES (mainly tested here)
* It should be able to work with ascon

Currently the rules doesn't check when constant variables are used.

TODO: Improve the rule, to detected for constatant variable usage
    @ccojocar
    Dimitar Banchev authored and ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    f61230d View commit details
    Browse the repository at this point in the history

  2. Refractored code a little bit

    @ccojocar
    Dimitar Banchev authored and ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    f5c50ed View commit details
    Browse the repository at this point in the history

  3. Migrated the rule to the analyzers folder

    @ccojocar
    Dimitar Banchev authored and ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    f6bd7b7 View commit details
    Browse the repository at this point in the history

  4. Updated analyzer to use new way of initialization 

    * Removed old way of initializing analyzers
* Added the new analyzer to the rest of the default analyzers
* Fixed small bug in the rule
* Removed the test for the new analyzer from the file responsible for testing the rules
* Merged the diffrent examples into 1 variable
* Added tests for the analyzer
* Removed code that was used for testing rules, but it was used to test the analyzer
    @ccojocar
    Dimitar Banchev authored and ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    4566ab8 View commit details
    Browse the repository at this point in the history

  5. Formatting problems(CI was not passing)

    @ccojocar
    Dimitar Banchev authored and ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    5ed176e View commit details
    Browse the repository at this point in the history

  6. Removed function parameter which is always the same

    @ccojocar
    Dimitar Banchev authored and ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    b0b104c View commit details
    Browse the repository at this point in the history

  7. Added another test case in order to increase code coverage

    @ccojocar
    Dimitar Banchev authored and ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    aa09694 View commit details
    Browse the repository at this point in the history

  8. Added suggested changes

    @ccojocar
    Dimitar Banchev authored and ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    ae01dcd View commit details
    Browse the repository at this point in the history

  9. Pass the value argument directly since is an interface 

    The value doens't require to be passed as a pointer since is a
interface.

Change-Id: Ia21bceb5f315f4c30bd28425d62f678e9203e93f
Signed-off-by: Cosmin Cojocar <[email protected]>
    @ccojocar
    ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    a5381af View commit details
    Browse the repository at this point in the history

  10. Refactor to reduce some fuctions and variable names 

    Change-Id: I7f42c1de4e39dceb8e8144037d5af9223331ff06
Signed-off-by: Cosmin Cojocar <[email protected]>
    @ccojocar
    ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    d9c15b9 View commit details
    Browse the repository at this point in the history

  11. Fix formatting 

    Change-Id: I49caeb75f1bd7ecdb9b4f99466d96ad81e2e95ac
Signed-off-by: Cosmin Cojocar <[email protected]>
    @ccojocar
    ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    cb3c831 View commit details
    Browse the repository at this point in the history

  12. Make variable names more explicity and reduce duplications 

    Change-Id: Ifa141b70351136cfe7d0756a83e8166a24b5d538
Signed-off-by: Cosmin Cojocar <[email protected]>
    @ccojocar
    ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    4c16ef5 View commit details
    Browse the repository at this point in the history

  13. Make variable name more clear 

    Change-Id: I5b863c0da6cc3d01efa527c60c93fdcbc8c5a53c
Signed-off-by: Cosmin Cojocar <[email protected]>
    @ccojocar
    ccojocar committed Aug 30, 2024
    Configuration menu
    Copy the full SHA
    d9eaa05 View commit details
    Browse the repository at this point in the history