-
Class: c.b.a.b.b
-
Method: b
-
Line: -1
-
Issue details: RequiredPredicateError-2
- RequiredPredicateError violating CrySL rule for javax.crypto.spec.IvParameterSpec.
-
First parameter was not properly generated as randomized.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package br.unb.cic; | |
import java.security.MessageDigest; | |
public class MD05 { | |
private String algorithm; | |
public MD05() { | |
this.algorithm = "MD5"; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.security.MessageDigest; | |
class MDHelper { | |
String algorithm; | |
static MDHelper instance; | |
static MDHelper getInstance() { | |
if(instance == null) { | |
instance = new MDHelper(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package br.unb.cic; | |
import javax.crypto.Cipher; | |
import javax.crypto.KeyGenerator; | |
import javax.crypto.SecretKey; | |
import javax.crypto.spec.GCMParameterSpec; | |
import java.security.SecureRandom; | |
public class CipherTest02 { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package br.unb.cic; | |
import java.security.MessageDigest; | |
public class MD01 { | |
private static final String INPUT = "This is my banking password"; | |
public static void main(String args[]) { | |
try { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public static void main(String args[]) throws Exception { | |
KeyGenerator keyGenerator0 = KeyGenerator.getInstance("AES"); | |
SecretKey secretKey = keyGenerator0.generateKey(); | |
int num = 2024; | |
SecureRandom secureRandom0 = SecureRandom.getInstance("SHA1PRNG"); | |
byte[] genSeed = secureRandom0.generateSeed(num); | |
GCMParameterSpec gCMParameterSpec0 = new GCMParameterSpec(96, genSeed); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public static void main(String args[]) throws Exception { | |
SecureRandom random = new SecureRandom(); | |
byte[] iv = random.generateSeed(16); | |
SecretKey key = KeyGenerator.getInstance("AES").generateKey(); | |
GCMParameterSpec paramSpec = new GCMParameterSpec(16 * 8, iv); | |
Cipher c = Cipher.getInstance("AES/GCM/NoPadding"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@Test | |
public void testFindClassName() { | |
String location = "br.unb.cic.mop.bench02.brokenhash.BrokenHashABICase8.go(BrokenHashABICase8.java:25)"; | |
Pattern pattern = Pattern.compile("([\\w+\\.]+)[.]([a-zA-Z]+)\\(.+\\)"); | |
Matcher matcher = pattern.matcher(location); | |
Assert.assertTrue(matcher.matches()); | |
Assert.assertEquals("br.unb.cic.mop.bench02.brokenhash.BrokenHashABICase8", matcher.group(1)); | |
} |
-
Class: org.bouncycastle.x509.AttributeCertificateHolder
-
Method: match
-
Line: -1
-
Issue details: TypestateError
- TypestateError violating CrySL rule for java.security.MessageDigest.
-
Unexpected call to method on object of type java.security.MessageDigest. Expect a call to one of the following methods java.security.MessageDigest: void update(byte[],int,int),java.security.MessageDigest: void update(java.nio.ByteBuffer),java.security.MessageDigest: byte[] digest(byte[]),java.security.MessageDigest: void update(byte[]),java.security.MessageDigest: void update(byte).
NewerOlder