Merge pull request #148 from CROSSINGTUD/updated_rules

Update JCA and BC-JCA rules
CROSSINGTUD · Nov 24, 2023 · fa8bc9e · fa8bc9e
2 parents 0a36397 + 00bf449
commit fa8bc9e
Show file tree

Hide file tree

Showing 12 changed files with 14 additions and 13 deletions.
diff --git a/BouncyCastle-JCA/pom.xml b/BouncyCastle-JCA/pom.xml
@@ -115,11 +115,11 @@
 	</build>
 
 	<dependencies>
-		<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on -->
+		<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk18on -->
 		<dependency>
 			<groupId>org.bouncycastle</groupId>
-			<artifactId>bcprov-jdk15on</artifactId>
-			<version>1.70</version>
+			<artifactId>bcprov-jdk18on</artifactId>
+			<version>1.77</version>
 		</dependency>
 	</dependencies>
 

diff --git a/BouncyCastle-JCA/src/AlgorithmParameterGenerator.crysl b/BouncyCastle-JCA/src/AlgorithmParameterGenerator.crysl
@@ -26,7 +26,7 @@ ORDER
 
 CONSTRAINTS
 	algorithm in {"AES", "Camellia", "Shacal2", "Shacal-2", "DH", "DiffieHellman", "DSA", "ElGamal"};
-	algorithm in {"DH", "DSA", "ElGamal"} => size in {1048};
+	algorithm in {"DH", "DiffieHellman", "DSA", "ElGamal"} => size in {3072};
 	algorithm in {"AES", "Camellia", "Shacal2", "Shacal-2" } => size in {128, 192, 256};
 
 REQUIRES

diff --git a/BouncyCastle-JCA/src/Cipher.crysl b/BouncyCastle-JCA/src/Cipher.crysl
@@ -139,7 +139,7 @@ CONSTRAINTS
 	cipherTextOffset >= 0;
 
 REQUIRES
-	generatedKey[key, alg(transformation)];
+	generatedKey[key, alg(transformation)] || generatedPubkey[key] || generatedPrivkey[key];
 	randomized[random];
 	preparedAlg[params, alg(transformation)];
 	!macced[this, plainText];

diff --git a/BouncyCastle-JCA/src/Mac.crysl b/BouncyCastle-JCA/src/Mac.crysl
@@ -38,7 +38,7 @@ EVENTS
 	Final := FinalWU | FinalWOU;
 
 ORDER
-	Get, Init, (FinalWU | (Update+, Final))
+	Get, Init, (FinalWU | (Update+, Final))+
 
 CONSTRAINTS
 	algorithm in {"AESCMAC", "AESCCMMAC", "HmacSHA256", "HmacSHA384", "HmacSHA512",

diff --git a/BouncyCastle/pom.xml b/BouncyCastle/pom.xml
@@ -115,11 +115,11 @@
 	</build>
 
 	<dependencies>
-		<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on -->
+		<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk18on -->
 		<dependency>
 			<groupId>org.bouncycastle</groupId>
-			<artifactId>bcprov-jdk15on</artifactId>
-			<version>1.70</version>
+			<artifactId>bcprov-jdk18on</artifactId>
+			<version>1.77</version>
 		</dependency>
 	</dependencies>
 

diff --git a/BouncyCastle/src/ensuresPreds → BouncyCastle/predicates/ensuresPreds b/BouncyCastle/src/ensuresPreds → BouncyCastle/predicates/ensuresPreds
diff --git a/BouncyCastle/src/requiresPreds → BouncyCastle/predicates/requiresPreds b/BouncyCastle/src/requiresPreds → BouncyCastle/predicates/requiresPreds
diff --git a/...ographicArchitecture/src/ensuresPreds.txt → ...cArchitecture/predicates/ensuresPreds.txt b/...ographicArchitecture/src/ensuresPreds.txt → ...cArchitecture/predicates/ensuresPreds.txt
diff --git a/JavaCryptographicArchitecture/src/preds.txt → ...ographicArchitecture/predicates/preds.txt b/JavaCryptographicArchitecture/src/preds.txt → ...ographicArchitecture/predicates/preds.txt
diff --git a/JavaCryptographicArchitecture/src/AlgorithmParameterGenerator.crysl b/JavaCryptographicArchitecture/src/AlgorithmParameterGenerator.crysl
@@ -25,8 +25,9 @@ ORDER
 	Get, Init, GenParam
 
 CONSTRAINTS
-	algorithm in {"DH", "DiffieHellman", "DSA"};
-	size in {2048, 3072};
+	algorithm in {"AES", "Camellia", "Shacal2", "Shacal-2", "DH", "DiffieHellman", "DSA", "ElGamal"};
+	algorithm in {"DH", "DiffieHellman", "DSA", "ElGamal"} => size in {3072};
+	algorithm in {"AES", "Camellia", "Shacal2", "Shacal-2" } => size in {128, 192, 256};
 
 REQUIRES
 	randomized[random];

diff --git a/JavaCryptographicArchitecture/src/Cipher.crysl b/JavaCryptographicArchitecture/src/Cipher.crysl
@@ -131,7 +131,7 @@ CONSTRAINTS
 	cipherTextOffset >= 0;
 
 REQUIRES
-	generatedKey[key, alg(transformation)];
+	generatedKey[key, alg(transformation)] || generatedPubkey[key] || generatedPrivkey[key];
 	randomized[random];
 	preparedAlg[params, alg(transformation)];
 	!macced[this, plainText];

diff --git a/JavaCryptographicArchitecture/src/Mac.crysl b/JavaCryptographicArchitecture/src/Mac.crysl
@@ -38,7 +38,7 @@ EVENTS
 	Final := FinalWU | FinalWOU;
 
 ORDER
-	Get, Init, (FinalWU | (Update+, Final))
+	Get, Init, (FinalWU | (Update+, Final))+
 
 CONSTRAINTS
 	algorithm in {"HmacSHA256", "HmacSHA384", "HmacSHA512", "HmacPBESHA1", "PBEWithHmacSHA1", "PBEWithHmacSHA224", "PBEWithHmacSHA256", "PBEWithHmacSHA384", "PBEWithHmacSHA512"};