Skip to content

Commit

Permalink
Merge pull request #193 from CROSSINGTUD/remove_cbc_from_rules
Browse files Browse the repository at this point in the history 
Remove CBC mode from all rules
  • Loading branch information
@schlichtig
schlichtig authored May 13, 2024
2 parents cc6182c + 5d9bc97 commit 41e1806
Show file tree
Hide file tree
Showing 11 changed files with 23 additions and 120 deletions.
32 changes: 10 additions & 22 deletions BouncyCastle-JCA/src/Cipher.crysl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,45 +86,33 @@ ORDER

CONSTRAINTS
instanceOf[key, java.security.PublicKey] || instanceOf[key, java.security.PrivateKey] || encmode in {3, 4} => alg(transformation) in {"RSA"};
instanceOf[key, javax.crypto.SecretKey] => alg(transformation) in {"AES", "RIJNDAEL", "ElGamal", "ECIESwithAES-CBC", "DHIESwithAES-CBC",
instanceOf[key, javax.crypto.SecretKey] => alg(transformation) in {"AES", "RIJNDAEL", "ElGamal",
"Twofish", "Camellia", "Serpent", "Tnepres", "Shacal2", "Shacal-2", "McEliece",
"McEliecePointcheval", "McElieceKobaraImai", "McElieceFujisaki"};
noCallTo[Init] => alg(transformation) in {"AES", "RSA", "RIJNDAEL", "ElGamal", "ECIESwithAES-CBC", "DHIESwithAES-CBC", "Twofish", "Camellia",
noCallTo[Init] => alg(transformation) in {"AES", "RSA", "RIJNDAEL", "ElGamal", "Twofish", "Camellia",
"Serpent", "Tnepres", "Shacal2", "Shacal-2", "McEliece", "McEliecePointcheval", "McElieceKobaraImai",
"McElieceFujisaki"};

alg(transformation) in {"AES"} => mode(transformation) in {"CBC", "GCM", "CTR", "CTS", "CFB", "OFB", "CCM"};
alg(transformation) in {"RIJNDAEL"} => mode(transformation) in {"CBC", "GCM", "CTR", "CTS", "CFB", "OFB", "CCM"};
alg(transformation) in {"AES"} => mode(transformation) in { "GCM", "CTR", "CTS", "CFB", "OFB", "CCM"};
alg(transformation) in {"RIJNDAEL"} => mode(transformation) in { "GCM", "CTR", "CTS", "CFB", "OFB", "CCM"};
alg(transformation) in {"ElGamal"} => mode(transformation) in {"ECB"};
alg(transformation) in {"Twofish"} => mode(transformation) in {"CBC"};
alg(transformation) in {"Camellia"} => mode(transformation) in {"CBC"};
alg(transformation) in {"Serpent"} => mode(transformation) in {"CBC", "CFB", "OFB"};
alg(transformation) in {"Tnepres"} => mode(transformation) in {"CBC", "CFB", "OFB"};
alg(transformation) in {"Shacal2"} => mode(transformation) in {"CBC"};
alg(transformation) in {"Shacal-2"} => mode(transformation) in {"CBC"};
alg(transformation) in {"Serpent"} => mode(transformation) in { "CFB", "OFB"};
alg(transformation) in {"Tnepres"} => mode(transformation) in {"CFB", "OFB"};

alg(transformation) in {"ElGamal"} && mode(transformation) in {"ECB"} => pad(transformation) in {"PKCS1Padding"};
alg(transformation) in {"RSA"} && mode(transformation) in {""} => pad(transformation) in {""};
alg(transformation) in {"RSA"} && mode(transformation) in {"ECB"} => pad(transformation) in {"PKCS1Padding","OAEPWithMD5AndMGF1Padding",
"OAEPWithSHA-224AndMGF1Padding", "OAEPWithSHA-256AndMGF1Padding",
"OAEPWithSHA-384AndMGF1Padding", "OAEPWithSHA-512AndMGF1Padding"};
alg(transformation) in {"AES"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
alg(transformation) in {"AES"} && mode(transformation) in {"GCM", "CTR", "CTS", "CFB", "OFB", "CCM"} => pad(transformation) in {"NoPadding"};
alg(transformation) in {"RIJNDAEL"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
alg(transformation) in {"RIJNDAEL"} && mode(transformation) in {"GCM", "CTR", "CTS", "CFB", "OFB", "CCM"} => pad(transformation) in {"NoPadding"};
alg(transformation) in {"Serpent"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
alg(transformation) in {"Serpent"} && mode(transformation) in {"CFB", "OFB"} => pad(transformation) in {"NoPadding"};
alg(transformation) in {"Tnepres"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
alg(transformation) in {"Tnepres"} && mode(transformation) in {"CFB", "OFB"} => pad(transformation) in {"NoPadding"};
alg(transformation) in {"Twofish"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
alg(transformation) in {"Camellia"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
alg(transformation) in {"Shacal2"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
alg(transformation) in {"Shacal-2"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};

mode(transformation) in {"CBC", "CTR", "CTS", "CFB", "OFB", "CCM"} && encmode != 1 => noCallTo[IWOIV];
mode(transformation) in {"CBC", "CTR", "CTS", "CFB", "OFB", "CCM"} && encmode == 1 => callTo[IV];
mode(transformation) in { "CTR", "CTS", "CFB", "OFB", "CCM"} && encmode != 1 => noCallTo[IWOIV];
mode(transformation) in {"CTR", "CTS", "CFB", "OFB", "CCM"} && encmode == 1 => callTo[IV];

mode(transformation) in {"CBC", "PCBC", "CTR", "CTS", "CFB", "ECB", "OFB"} => noCallTo[AADUpdate];
mode(transformation) in {"CTR", "CTS", "CFB", "ECB", "OFB"} => noCallTo[AADUpdate];

encmode in {1,2,3,4};
length[prePlainText] >= prePlainTextOffset + prePlainTextLen;
Expand All @@ -143,7 +131,7 @@ REQUIRES
randomized[random];
preparedAlg[params, alg(transformation)];
!macced[this, plainText];
mode(transformation) in {"CBC", "CTR", "CTS", "CFB", "OFB"} && encmode == 1 => preparedIV[paramSpec];
mode(transformation) in {"CTR", "CTS", "CFB", "OFB"} && encmode == 1 => preparedIV[paramSpec];
mode(transformation) in {"GCM"} => preparedGCM[paramSpec];
mode(transformation) in {"OAEPWithMD5AndMGF1Padding", "OAEPWithSHA-224AndMGF1Padding", "OAEPWithSHA-256AndMGF1Padding",
"OAEPWithSHA-384AndMGF1Padding", "OAEPWithSHA-512AndMGF1Padding"} => preparedOAEP[paramSpec];
Expand Down
16 changes: 1 addition & 15 deletions BouncyCastle-JCA/src/SSLEngine.crysl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,21 +29,7 @@ CONSTRAINTS
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"};
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"};

ENSURES
generatedSSLEngine[this];
Expand Down
16 changes: 1 addition & 15 deletions BouncyCastle-JCA/src/SSLParameters.crysl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,21 +31,7 @@ CONSTRAINTS
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"};
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"};

ENSURES
generatedSSLParameters[this];
Expand Down
4 changes: 1 addition & 3 deletions BouncyCastle-JCA/src/SecretKeyFactory.crysl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,7 @@ ORDER

CONSTRAINTS
algorithm in {"AES", "PBKDF2", "PBKDF2WithHmacSHA256", "PBKDF2WithHmacSHA384", "PBKDF2WithHmacSHA512",
"PBKDF2WITHHMACSHA3-256", "PBKDF2WITHHMACSHA3-384", "PBKDF2WITHHMACSHA3-512",
"PBEWithSHA256And192BitAES-CBC-BC", "PBEWithSHA256And256BitAES-CBC-BC", "Camellia",
"PBEwithSHAandTwofish-CBC"};
"PBKDF2WITHHMACSHA3-256", "PBKDF2WITHHMACSHA3-384", "PBKDF2WITHHMACSHA3-512", "Camellia"};

REQUIRES
speccedKey[keySpec, _];
Expand Down
2 changes: 0 additions & 2 deletions BouncyCastle/predicates/ensuresPreds
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,6 @@ AsymmetricCipherKeyPair -> generatedRSAKeyPair[this] after co;

BufferedBlockCipher -> encrypted[cipherText];

CBCBlockCipher -> generatedCBCBlockCipher[this];

ECDomainParameters -> generatedECDomainParameters[this];

ECElGamalDecryptor -> generatedECElGamalDecrypt[plainText] after d1;
Expand Down
5 changes: 1 addition & 4 deletions BouncyCastle/predicates/requiresPreds
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,6 @@ AsymmetricCipherKeyPair -> generatedRSAKeyParameters[pubParams];
BufferedBlockCipher -> generatedGCMBlockCipher[engineOrMode];
generatedCipherParams[params];

CBCBlockCipher -> generatedAESEngine[engine];

ECDomainParameters -> randomized[seed];

ECElGamalDecryptor -> generatedECPair[pair];
Expand Down Expand Up @@ -46,8 +44,7 @@ GCMBlockCipher -> generatedAESEngine[engine];

KeyParameter -> randomized[key];

PaddedBufferedBlockCipher -> generatedCBCBlockCipher[cipher];
generatedParametersWithIV[params];
PaddedBufferedBlockCipher -> generatedParametersWithIV[params];
generatedPKCS7Padding[padding];

ParametersWithIV -> randomized[iv];
Expand Down
26 changes: 0 additions & 26 deletions BouncyCastle/src/CBCBlockCipher.crysl
View file

This file was deleted.

4 changes: 2 additions & 2 deletions BouncyCastle/src/PaddedBufferedBlockCipher.crysl
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
SPEC org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher

OBJECTS
org.bouncycastle.crypto.BlockCipher cipher;
org.bouncycastle.crypto.CipherParameters params;
org.bouncycastle.crypto.paddings.BlockCipherPadding padding;
org.bouncycastle.crypto.engines.RijndaelEngine cipher;

byte plainTextByte;
byte[] plainText;
Expand Down Expand Up @@ -41,7 +41,7 @@ CONSTRAINTS
cipherTextOffset >= 0;

REQUIRES
generatedCBCBlockCipher[cipher];
generatedRijndaelEngine[cipher]
generatedParametersWithIV[params];
generatedPKCS7Padding[padding];

Expand Down
14 changes: 5 additions & 9 deletions JavaCryptographicArchitecture/src/Cipher.crysl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,10 +94,7 @@ CONSTRAINTS
noCallTo[Init] => alg(transformation) in {"AES", "RSA", "PBEWithHmacSHA224AndAES_128", "PBEWithHmacSHA256AndAES_128",
"PBEWithHmacSHA384AndAES_128", "PBEWithHmacSHA512AndAES_128", "PBEWithHmacSHA224AndAES_256",
"PBEWithHmacSHA256AndAES_256", "PBEWithHmacSHA384AndAES_256", "PBEWithHmacSHA512AndAES_256"};
alg(transformation) in {"AES"} => mode(transformation) in {"CBC", "GCM", "PCBC", "CTR", "CTS", "CFB", "OFB"};
alg(transformation) in {"PBEWithHmacSHA224AndAES_128", "PBEWithHmacSHA256AndAES_128", "PBEWithHmacSHA384AndAES_128",
"PBEWithHmacSHA512AndAES_128", "PBEWithHmacSHA224AndAES_256", "PBEWithHmacSHA256AndAES_256",
"PBEWithHmacSHA384AndAES_256", "PBEWithHmacSHA512AndAES_256"} => mode(transformation) in {"CBC"};
alg(transformation) in {"AES"} => mode(transformation) in { "GCM", "CTR", "CTS", "CFB", "OFB"};
alg(transformation) in {"RSA"} => mode(transformation) in {"", "ECB"};

alg(transformation) in {"PBEWithHmacSHA224AndAES_128", "PBEWithHmacSHA256AndAES_128", "PBEWithHmacSHA384AndAES_128",
Expand All @@ -109,13 +106,12 @@ CONSTRAINTS
"OAEPWithSHA-256AndMGF1Padding", "OAEPWithSHA-384AndMGF1Padding",
"OAEPWithSHA-512AndMGF1Padding"};

alg(transformation) in {"AES"} && mode(transformation) in {"CBC", "PCBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
alg(transformation) in {"AES"} && mode(transformation) in {"GCM", "CTR", "CTS", "CFB", "OFB"} => pad(transformation) in {"NoPadding"};

mode(transformation) in {"CBC", "PCBC", "CTR", "CTS", "CFB", "OFB"} && encmode != 1 => noCallTo[IWOIV];
mode(transformation) in {"CBC", "PCBC", "CTR", "CTS", "CFB", "OFB"} && encmode == 1 => callTo[IV];
mode(transformation) in {"CTR", "CTS", "CFB", "OFB"} && encmode != 1 => noCallTo[IWOIV];
mode(transformation) in {"CTR", "CTS", "CFB", "OFB"} && encmode == 1 => callTo[IV];

mode(transformation) in {"CBC", "PCBC", "CTR", "CTS", "CFB", "ECB", "OFB"} => noCallTo[AADUpdate];
mode(transformation) in {"CTR", "CTS", "CFB", "ECB", "OFB"} => noCallTo[AADUpdate];


encmode in {1,2,3,4};
Expand All @@ -135,7 +131,7 @@ REQUIRES
randomized[random];
preparedAlg[params, alg(transformation)];
!macced[this, plainText];
mode(transformation) in {"CBC", "PCBC", "CTR", "CTS", "CFB", "OFB"} && encmode == 1 => preparedIV[paramSpec];
mode(transformation) in {"CTR", "CTS", "CFB", "OFB"} && encmode == 1 => preparedIV[paramSpec];
mode(transformation) in {"GCM"} => preparedGCM[paramSpec];
mode(transformation) in {"OAEPWithMD5AndMGF1Padding", "OAEPWithSHA-224AndMGF1Padding", "OAEPWithSHA-256AndMGF1Padding",
"OAEPWithSHA-384AndMGF1Padding", "OAEPWithSHA-512AndMGF1Padding"} => preparedOAEP[paramSpec];
Expand Down
12 changes: 1 addition & 11 deletions JavaCryptographicArchitecture/src/SSLEngine.crysl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,27 +16,17 @@ ORDER

CONSTRAINTS
elements(protocols) in {"TLSv1.2", "TLSv1.3"};
elements(protocols) in {"TLSv1.2"} => elements(cipherSuites) in {"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
elements(protocols) in {"TLSv1.2"} => elements(cipherSuites) in {
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"};
elements(protocols) in {"TLSv1.3"} => elements(cipherSuites) in {"TLS_AES_128_GCM_SHA256",
Expand Down
12 changes: 1 addition & 11 deletions JavaCryptographicArchitecture/src/SSLParameters.crysl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,27 +18,17 @@ ORDER

CONSTRAINTS
elements(protocols) in {"TLSv1.2", "TLSv1.3"};
elements(protocols) in {"TLSv1.2"} => elements(cipherSuites) in {"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
elements(protocols) in {"TLSv1.2"} => elements(cipherSuites) in {
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"};
elements(protocols) in {"TLSv1.3"} => elements(cipherSuites) in {"TLS_AES_128_GCM_SHA256",
Expand Down

0 comments on commit 41e1806

Please sign in to comment.