-
Notifications
You must be signed in to change notification settings - Fork 222
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New Rule S6432: Counter Mode initialization vectors should not be reused #5754
Comments
This looks like a symbolic execution rule. |
Before taking a decision about Symbolic Execution vs usage of trackers, let's first look into what it would take to use trackers. @martin-strecker-sonarsource suggestion:
|
Trackers are tracking a state of an individual object ("is this property set to 'true' or 'false'"), they don't track another value propagation through the code.
This sounds like a SE rule. A simple one. |
Context: this is very similar to S2053 which follows the data flow for the same S2053 has been implemented in PR#3829 and can be found in InitializationVectorShouldBeRandom.cs. The follow-up FP fixes might be relevant, too.
I imagine this rule is even simpler than S2053 because it only cares about the ByteArray (whereas S2053 also checks the salt size). |
If we want to avoid SE and be more precise with respect to fields and properties as sources of the nonce we could do this instead: In symbol start:
In symbol end action:
This would cover fields/properties as stores for the nonce as well as locals. It would not cover any mutation that happens between creation and usage. Furthermore:
So any nonce that gets passed in as a parameter should be okay. |
What
The rule detects "weak" initialization vectors when used with GCM and CCM block cipher mode of operation.
The detection logic is similar to what is implemented for rule S3329. It supports System.Security.Cryptography.
How
The rule raises on System.Security.Cryptography.AesGcm#Encrypt or System.Security.Cryptography.AesCcm#Encrypt when it matches the following criteria:
Code examples
https://github.com/SonarSource/security-expected-issues/pull/717
Message and highlighting
See SonarSource/rspec#1060
The text was updated successfully, but these errors were encountered: