-
Notifications
You must be signed in to change notification settings - Fork 42
Description
Many APIs use static fields to define predefined values. For example, the class Cipher
has the fields ENCRYPT_MODE
that allows to call the method init
as c.init(Cipher.ENCRYPT_MODE, ...)
. In reality, this static field just holds the value 1
(here). However, currently CrySL and CryptoAnalysis cannot deal with static fields in general. If we use a call c.init(1, ...)
, CryptoAnalysis can extract the value 1
and evaluate corresponding constraints. However, it cannot match the field ENCRYPT_MODE
to the value 1
, resulting in an ImpreciseValueExtractionError
because it cannot evaluate the constraints correctly.
Solution: Extend CrySL rules with the functionality to specify static fields. Possible solutions include:
- One can define a variable in the
OBJECTS
section and use it like other variables:
OBJECTS
javax.crypto.Cipher.ENCRYPT_MODE enc_mode;
- One can use the static fields directly in the
CONSTRAINTS
section, e.g.
OBJECTS
int mode;
CONSTRAINTS
mode == 1 || mode == javax.crypto.Cipher.ENCRYPT_MODE => ...
Further issue: When implementing a static field strategy, also consider static fields that define method calls/events. For example, Tink uses static fields to initialize its objects extensively. An example includes the class MGF1ParameterSpec
. Here, we can use a constructor with a parameter to initialize an object, but we can also use static fields to do the same:
// Here, we can extract the parameter 'SHA-256' and evaluate corresponding constraints
MGF1ParameterSpec spec1 = new MGF1ParameterSpec("SHA-256");
// Here, we cannot evaluate the constraints because we have no access to the static field
MGF1ParameterSpec spec2 = MGF1ParameterSpec.SHA256; // MGF1ParameterSpec.SHA256 just resolves to 'new MGF1ParameterSpec("SHA-256")'
Solution: Extend the EVENTS
with static field calls. For the example above, this may look like
EVENTS
Con1: MGF1ParameterSpec(algorithm);
Con2: MGF1ParameterSpec.SHA256;
When extending CrySL with these functionalities, a corresponding functionality also has to be added to CryptoAnalysis to extract the static fields