Skip to content

Commit

Permalink
cleanup
Browse files Browse the repository at this point in the history
  • Loading branch information
@mary-georgiou-sonarsource
mary-georgiou-sonarsource committed Jul 12, 2023
1 parent c3150d7 commit 60fb182
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 25 deletions.
21 changes: 10 additions & 11 deletions ...yzer.Common/SymbolicExecution/Roslyn/RuleChecks/InitializationVectorShouldBeRandomBase.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,40 +50,39 @@ protected override ProgramState PreProcessSimple(SymbolicContext context)
{
state = ProcessInvocation(invocation, state);

if (state[invocation.Instance]?.HasConstraint(InitializationVectorConstraint.NotInitialized) is true)
if (invocation.Instance is { } inv && state[inv]?.HasConstraint(InitializationVectorConstraint.NotInitialized) is true)
{
ReportIssue(context.Operation.Instance, invocation.Instance.Syntax.ToString());
}
}
return state;
}

private ProgramState ProcessAssignment(IAssignmentOperationWrapper assignment, ProgramState state)
private static ProgramState ProcessAssignment(IAssignmentOperationWrapper assignment, ProgramState state)
{
var isByteCollectionCreationWithLiterals = assignment.Value.AsArrayCreation() is { } arrayCreation && IsByteCollectionInitializedEmptyOrWithConstants(arrayCreation);
var assignmentValueIsCryptographicallyStrong = assignment.Value.AsArrayCreation() is { } arrayCreation && !IsByteCollectionInitializedEmptyOrWithConstants(arrayCreation);

if (isByteCollectionCreationWithLiterals
&& assignment.Target.TrackedSymbol() is { } symbol)
if (!assignmentValueIsCryptographicallyStrong && assignment.Target.TrackedSymbol() is { } assignmentTargetSymbol)
{
state = state.SetSymbolConstraint(symbol, ByteArrayConstraint.Constant);
state = state.SetSymbolConstraint(assignmentTargetSymbol, ByteArrayConstraint.Constant);
}
if (assignment.Target.AsPropertyReference() is { } property
if (assignment.Target?.AsPropertyReference() is { } property
&& property.Property.Name.Equals("IV")
&& (isByteCollectionCreationWithLiterals || state[assignment.Value.TrackedSymbol()].HasConstraint(ByteArrayConstraint.Constant)))
&& (!assignmentValueIsCryptographicallyStrong || state[assignment.Value.TrackedSymbol()].HasConstraint(ByteArrayConstraint.Constant)))
{
state = state.SetSymbolConstraint(property.Instance.TrackedSymbol(), InitializationVectorConstraint.NotInitialized);
}

return state;
}

private ProgramState ProcessInvocation(IInvocationOperationWrapper invocation, ProgramState state)
private static ProgramState ProcessInvocation(IInvocationOperationWrapper invocation, ProgramState state)
{
if (CryptographicallyStrongRandomNumberGenerators.Any(x => IsStrongRandomGeneratorInvocation(x, invocation))
&& invocation.ArgumentValue("data") is { } byteArray
&& byteArray.TrackedSymbol() is { } trackedSymbol)
&& byteArray.TrackedSymbol() is { } byteArraySymbol)
{
state = state.SetSymbolConstraint(trackedSymbol, ByteArrayConstraint.Modified);
state = state.SetSymbolConstraint(byteArraySymbol, ByteArrayConstraint.Modified);
}
if (IsGenerateIVMethod(invocation))
{
Expand Down
28 changes: 14 additions & 14 deletions ...nalyzer.UnitTest/TestCases/SymbolicExecution/Roslyn/InitializationVectorShouldBeRandom.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,8 @@ public void SymetricAlgorithmCreateEncryptor()

sa.GenerateKey();
var generateIVNotCalled = sa.CreateEncryptor(sa.Key, sa.IV);
var constantVector = sa.CreateEncryptor(sa.Key, initializationVectorConstant); // // FIXME Non-compliant {{Use a dynamically-generated, random IV.}}
// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
var constantVector = sa.CreateEncryptor(sa.Key, initializationVectorConstant); // FIXME Non-compliant {{Use a dynamically-generated, random IV.}}
// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sa.GenerateIV();
var defaultConstructor = sa.CreateEncryptor(); // Compliant
Expand Down Expand Up @@ -131,18 +131,18 @@ public void CollectionInitializer()
}
}

public void InsideObjectInitializer()
{
var anonymous = new
{
IV = new byte[] { 0x00 },
Key = new byte[] { 0x00 }
};
using (AesCryptoServiceProvider aes = new AesCryptoServiceProvider())
{
ICryptoTransform encryptor = aes.CreateEncryptor(aes.Key, anonymous.IV); // FIXME Non-compliant https://github.com/SonarSource/sonar-dotnet/issues/4555
}
}
//public void InsideObjectInitializer()
//{
// var anonymous = new
// {
// IV = new byte[] { 0x00 },
// Key = new byte[] { 0x00 }
// };
// using (AesCryptoServiceProvider aes = new AesCryptoServiceProvider())
// {
// ICryptoTransform encryptor = aes.CreateEncryptor(aes.Key, anonymous.IV); // FIXME Non-compliant https://github.com/SonarSource/sonar-dotnet/issues/4555
// }
//}

public void DifferentCases()
{
Expand Down

0 comments on commit 60fb182

Please sign in to comment.