CROSSINGTUD · schlichtig · May 13, 2024 · Apr 24, 2024
diff --git a/BouncyCastle-JCA/src/Cipher.crysl b/BouncyCastle-JCA/src/Cipher.crysl
@@ -86,45 +86,33 @@ ORDER
 
 CONSTRAINTS
 	instanceOf[key, java.security.PublicKey] || instanceOf[key, java.security.PrivateKey] || encmode in {3, 4} => alg(transformation) in {"RSA"};
-	instanceOf[key, javax.crypto.SecretKey] => alg(transformation) in {"AES", "RIJNDAEL", "ElGamal", "ECIESwithAES-CBC", "DHIESwithAES-CBC",
+	instanceOf[key, javax.crypto.SecretKey] => alg(transformation) in {"AES", "RIJNDAEL", "ElGamal",
 									"Twofish", "Camellia", "Serpent", "Tnepres", "Shacal2", "Shacal-2", "McEliece", 
 									"McEliecePointcheval", "McElieceKobaraImai", "McElieceFujisaki"};
-	noCallTo[Init] => alg(transformation) in {"AES", "RSA", "RIJNDAEL", "ElGamal", "ECIESwithAES-CBC", "DHIESwithAES-CBC", "Twofish", "Camellia",
+	noCallTo[Init] => alg(transformation) in {"AES", "RSA", "RIJNDAEL", "ElGamal", "Twofish", "Camellia",
 						"Serpent", "Tnepres", "Shacal2", "Shacal-2", "McEliece", "McEliecePointcheval", "McElieceKobaraImai",
 						"McElieceFujisaki"};
 
-	alg(transformation) in {"AES"} => mode(transformation) in {"CBC", "GCM", "CTR", "CTS", "CFB", "OFB", "CCM"};
-	alg(transformation) in {"RIJNDAEL"} => mode(transformation) in {"CBC", "GCM", "CTR", "CTS", "CFB", "OFB", "CCM"};
+	alg(transformation) in {"AES"} => mode(transformation) in { "GCM", "CTR", "CTS", "CFB", "OFB", "CCM"};
+	alg(transformation) in {"RIJNDAEL"} => mode(transformation) in { "GCM", "CTR", "CTS", "CFB", "OFB", "CCM"};
 	alg(transformation) in {"ElGamal"} => mode(transformation) in {"ECB"};
-	alg(transformation) in {"Twofish"} => mode(transformation) in {"CBC"};
-	alg(transformation) in {"Camellia"} => mode(transformation) in {"CBC"};
-	alg(transformation) in {"Serpent"} => mode(transformation) in {"CBC", "CFB", "OFB"};
-	alg(transformation) in {"Tnepres"} => mode(transformation) in {"CBC", "CFB", "OFB"};
-	alg(transformation) in {"Shacal2"} => mode(transformation) in {"CBC"};
-	alg(transformation) in {"Shacal-2"} => mode(transformation) in {"CBC"};
+	alg(transformation) in {"Serpent"} => mode(transformation) in { "CFB", "OFB"};
+	alg(transformation) in {"Tnepres"} => mode(transformation) in {"CFB", "OFB"};
 
 	alg(transformation) in {"ElGamal"} && mode(transformation) in {"ECB"} => pad(transformation) in {"PKCS1Padding"};
 	alg(transformation) in {"RSA"} && mode(transformation) in {""} => pad(transformation) in {""};
 	alg(transformation) in {"RSA"} && mode(transformation) in {"ECB"} => pad(transformation) in {"PKCS1Padding","OAEPWithMD5AndMGF1Padding",
 													"OAEPWithSHA-224AndMGF1Padding", "OAEPWithSHA-256AndMGF1Padding",
 													"OAEPWithSHA-384AndMGF1Padding", "OAEPWithSHA-512AndMGF1Padding"};
-	alg(transformation) in {"AES"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
 	alg(transformation) in {"AES"} && mode(transformation) in {"GCM", "CTR", "CTS", "CFB", "OFB", "CCM"} => pad(transformation) in {"NoPadding"};
-	alg(transformation) in {"RIJNDAEL"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
 	alg(transformation) in {"RIJNDAEL"} && mode(transformation) in {"GCM", "CTR", "CTS", "CFB", "OFB", "CCM"} => pad(transformation) in {"NoPadding"};
-	alg(transformation) in {"Serpent"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
 	alg(transformation) in {"Serpent"} && mode(transformation) in {"CFB", "OFB"} => pad(transformation) in {"NoPadding"};
-	alg(transformation) in {"Tnepres"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
 	alg(transformation) in {"Tnepres"} && mode(transformation) in {"CFB", "OFB"} => pad(transformation) in {"NoPadding"};
-	alg(transformation) in {"Twofish"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
-	alg(transformation) in {"Camellia"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
-	alg(transformation) in {"Shacal2"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
-	alg(transformation) in {"Shacal-2"} && mode(transformation) in {"CBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
 
-	mode(transformation) in {"CBC", "CTR", "CTS", "CFB", "OFB", "CCM"} && encmode != 1 => noCallTo[IWOIV];
-	mode(transformation) in {"CBC", "CTR", "CTS", "CFB", "OFB", "CCM"} && encmode == 1 => callTo[IV];
+	mode(transformation) in { "CTR", "CTS", "CFB", "OFB", "CCM"} && encmode != 1 => noCallTo[IWOIV];
+	mode(transformation) in {"CTR", "CTS", "CFB", "OFB", "CCM"} && encmode == 1 => callTo[IV];
 
-    mode(transformation) in {"CBC", "PCBC", "CTR", "CTS", "CFB", "ECB", "OFB"} => noCallTo[AADUpdate];   	
+    mode(transformation) in {"CTR", "CTS", "CFB", "ECB", "OFB"} => noCallTo[AADUpdate];   	
 
 	encmode in {1,2,3,4};
 	length[prePlainText] >= prePlainTextOffset + prePlainTextLen;
@@ -143,7 +131,7 @@ REQUIRES
 	randomized[random];
 	preparedAlg[params, alg(transformation)];
 	!macced[this, plainText];
-	mode(transformation) in {"CBC", "CTR", "CTS", "CFB", "OFB"} && encmode == 1 => preparedIV[paramSpec];
+	mode(transformation) in {"CTR", "CTS", "CFB", "OFB"} && encmode == 1 => preparedIV[paramSpec];
 	mode(transformation) in {"GCM"} => preparedGCM[paramSpec];
 	mode(transformation) in {"OAEPWithMD5AndMGF1Padding", "OAEPWithSHA-224AndMGF1Padding", "OAEPWithSHA-256AndMGF1Padding",
 				"OAEPWithSHA-384AndMGF1Padding", "OAEPWithSHA-512AndMGF1Padding"} => preparedOAEP[paramSpec];

diff --git a/BouncyCastle-JCA/src/SSLEngine.crysl b/BouncyCastle-JCA/src/SSLEngine.crysl
@@ -29,21 +29,7 @@ CONSTRAINTS
 				"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
 				"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
 				"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
-				"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
-				"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
-				"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
-				"TLS_RSA_WITH_AES_256_CBC_SHA256",
-				"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
-				"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
-				"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
-				"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
-				"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-				"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-				"TLS_RSA_WITH_AES_128_CBC_SHA256",
-				"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-				"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
-				"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
-				"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"};
+				"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"};
 
 ENSURES
 	generatedSSLEngine[this];

diff --git a/BouncyCastle-JCA/src/SSLParameters.crysl b/BouncyCastle-JCA/src/SSLParameters.crysl
@@ -31,21 +31,7 @@ CONSTRAINTS
 				"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
 				"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
 				"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
-				"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
-				"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
-				"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
-				"TLS_RSA_WITH_AES_256_CBC_SHA256",
-				"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
-				"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
-				"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
-				"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
-				"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-				"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-				"TLS_RSA_WITH_AES_128_CBC_SHA256",
-				"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-				"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
-				"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
-				"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"};
+				"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"};
 
 ENSURES
 	generatedSSLParameters[this];

diff --git a/BouncyCastle-JCA/src/SecretKeyFactory.crysl b/BouncyCastle-JCA/src/SecretKeyFactory.crysl
@@ -20,9 +20,7 @@ ORDER
 
 CONSTRAINTS
 	algorithm in {"AES", "PBKDF2", "PBKDF2WithHmacSHA256", "PBKDF2WithHmacSHA384", "PBKDF2WithHmacSHA512",
-				"PBKDF2WITHHMACSHA3-256", "PBKDF2WITHHMACSHA3-384", "PBKDF2WITHHMACSHA3-512",
-				"PBEWithSHA256And192BitAES-CBC-BC", "PBEWithSHA256And256BitAES-CBC-BC", "Camellia", 
-				"PBEwithSHAandTwofish-CBC"};
+				"PBKDF2WITHHMACSHA3-256", "PBKDF2WITHHMACSHA3-384", "PBKDF2WITHHMACSHA3-512", "Camellia"};
 
 REQUIRES
 	speccedKey[keySpec, _];

diff --git a/BouncyCastle/predicates/ensuresPreds b/BouncyCastle/predicates/ensuresPreds
@@ -8,8 +8,6 @@ AsymmetricCipherKeyPair ->		generatedRSAKeyPair[this] after co;
 
 BufferedBlockCipher ->			encrypted[cipherText];
 
-CBCBlockCipher ->				generatedCBCBlockCipher[this];
-
 ECDomainParameters ->			generatedECDomainParameters[this];
 
 ECElGamalDecryptor ->			generatedECElGamalDecrypt[plainText] after d1;

diff --git a/BouncyCastle/predicates/requiresPreds b/BouncyCastle/predicates/requiresPreds
@@ -10,8 +10,6 @@ AsymmetricCipherKeyPair ->		generatedRSAKeyParameters[pubParams];
 BufferedBlockCipher ->			generatedGCMBlockCipher[engineOrMode];
 								generatedCipherParams[params];
 
-CBCBlockCipher ->				generatedAESEngine[engine];
-
 ECDomainParameters ->			randomized[seed];
 
 ECElGamalDecryptor ->			generatedECPair[pair];
@@ -46,8 +44,7 @@ GCMBlockCipher ->				generatedAESEngine[engine];
 
 KeyParameter ->					randomized[key];
 
-PaddedBufferedBlockCipher ->	generatedCBCBlockCipher[cipher];
-								generatedParametersWithIV[params];
+PaddedBufferedBlockCipher ->	generatedParametersWithIV[params];
 								generatedPKCS7Padding[padding];
 
 ParametersWithIV ->				randomized[iv];

diff --git a/BouncyCastle/src/CBCBlockCipher.crysl b/BouncyCastle/src/CBCBlockCipher.crysl
diff --git a/BouncyCastle/src/PaddedBufferedBlockCipher.crysl b/BouncyCastle/src/PaddedBufferedBlockCipher.crysl
@@ -1,9 +1,9 @@
 SPEC org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher
 
 OBJECTS
-	org.bouncycastle.crypto.BlockCipher cipher;
 	org.bouncycastle.crypto.CipherParameters params;
 	org.bouncycastle.crypto.paddings.BlockCipherPadding padding;
+	org.bouncycastle.crypto.engines.RijndaelEngine cipher;
 
 	byte plainTextByte;
 	byte[] plainText;
@@ -41,7 +41,7 @@ CONSTRAINTS
 	cipherTextOffset >= 0;
 
 REQUIRES
-	generatedCBCBlockCipher[cipher];
+	generatedRijndaelEngine[cipher]
 	generatedParametersWithIV[params];
 	generatedPKCS7Padding[padding];
 

diff --git a/JavaCryptographicArchitecture/src/Cipher.crysl b/JavaCryptographicArchitecture/src/Cipher.crysl
@@ -94,10 +94,7 @@ CONSTRAINTS
 	noCallTo[Init] => alg(transformation) in {"AES", "RSA", "PBEWithHmacSHA224AndAES_128", "PBEWithHmacSHA256AndAES_128", 
 						"PBEWithHmacSHA384AndAES_128", "PBEWithHmacSHA512AndAES_128", "PBEWithHmacSHA224AndAES_256", 
 						"PBEWithHmacSHA256AndAES_256", "PBEWithHmacSHA384AndAES_256", "PBEWithHmacSHA512AndAES_256"};
-	alg(transformation) in {"AES"} => mode(transformation) in {"CBC", "GCM", "PCBC", "CTR", "CTS", "CFB", "OFB"};
-	alg(transformation) in {"PBEWithHmacSHA224AndAES_128", "PBEWithHmacSHA256AndAES_128", "PBEWithHmacSHA384AndAES_128", 
-				"PBEWithHmacSHA512AndAES_128", "PBEWithHmacSHA224AndAES_256", "PBEWithHmacSHA256AndAES_256", 
-				"PBEWithHmacSHA384AndAES_256", "PBEWithHmacSHA512AndAES_256"} => mode(transformation) in {"CBC"};
+	alg(transformation) in {"AES"} => mode(transformation) in { "GCM", "CTR", "CTS", "CFB", "OFB"};
 	alg(transformation) in {"RSA"} => mode(transformation) in {"", "ECB"};
 
 	alg(transformation) in {"PBEWithHmacSHA224AndAES_128", "PBEWithHmacSHA256AndAES_128", "PBEWithHmacSHA384AndAES_128", 
@@ -109,13 +106,12 @@ CONSTRAINTS
 											"OAEPWithSHA-256AndMGF1Padding", "OAEPWithSHA-384AndMGF1Padding", 
 											"OAEPWithSHA-512AndMGF1Padding"};
 
-	alg(transformation) in {"AES"} && mode(transformation) in {"CBC", "PCBC"} => pad(transformation) in {"PKCS5Padding", "ISO10126Padding"};
 	alg(transformation) in {"AES"} && mode(transformation) in {"GCM", "CTR", "CTS", "CFB", "OFB"} => pad(transformation) in {"NoPadding"};
 
-	mode(transformation) in {"CBC", "PCBC", "CTR", "CTS", "CFB", "OFB"} && encmode != 1 => noCallTo[IWOIV];
-	mode(transformation) in {"CBC", "PCBC", "CTR", "CTS", "CFB", "OFB"} && encmode == 1 => callTo[IV];
+	mode(transformation) in {"CTR", "CTS", "CFB", "OFB"} && encmode != 1 => noCallTo[IWOIV];
+	mode(transformation) in {"CTR", "CTS", "CFB", "OFB"} && encmode == 1 => callTo[IV];
 
-	mode(transformation) in {"CBC", "PCBC", "CTR", "CTS", "CFB", "ECB", "OFB"} => noCallTo[AADUpdate];
+	mode(transformation) in {"CTR", "CTS", "CFB", "ECB", "OFB"} => noCallTo[AADUpdate];
 
 
 	encmode in {1,2,3,4};
@@ -135,7 +131,7 @@ REQUIRES
 	randomized[random];
 	preparedAlg[params, alg(transformation)];
 	!macced[this, plainText];
-	mode(transformation) in {"CBC", "PCBC", "CTR", "CTS", "CFB", "OFB"} && encmode == 1 => preparedIV[paramSpec];
+	mode(transformation) in {"CTR", "CTS", "CFB", "OFB"} && encmode == 1 => preparedIV[paramSpec];
 	mode(transformation) in {"GCM"} => preparedGCM[paramSpec];
 	mode(transformation) in {"OAEPWithMD5AndMGF1Padding", "OAEPWithSHA-224AndMGF1Padding", "OAEPWithSHA-256AndMGF1Padding", 
 				"OAEPWithSHA-384AndMGF1Padding", "OAEPWithSHA-512AndMGF1Padding"} => preparedOAEP[paramSpec];

diff --git a/JavaCryptographicArchitecture/src/SSLEngine.crysl b/JavaCryptographicArchitecture/src/SSLEngine.crysl
@@ -16,27 +16,17 @@ ORDER
 
 CONSTRAINTS
 	elements(protocols) in {"TLSv1.2", "TLSv1.3"};
-	elements(protocols) in {"TLSv1.2"} => elements(cipherSuites) in {"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+	elements(protocols) in {"TLSv1.2"} => elements(cipherSuites) in {
     		"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
     		"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
-    		"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-    		"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
     		"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
     		"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-    		"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
-    		"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
     		"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
     		"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
-    		"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
-    		"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
     		"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
     		"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
-    		"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-    		"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
     		"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
     		"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
-    		"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
-    		"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
     		"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
     		"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"};
     elements(protocols) in {"TLSv1.3"} => elements(cipherSuites) in {"TLS_AES_128_GCM_SHA256", 

diff --git a/JavaCryptographicArchitecture/src/SSLParameters.crysl b/JavaCryptographicArchitecture/src/SSLParameters.crysl
@@ -18,27 +18,17 @@ ORDER
 
 CONSTRAINTS
 	elements(protocols) in {"TLSv1.2", "TLSv1.3"};
-	elements(protocols) in {"TLSv1.2"} => elements(cipherSuites) in {"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+	elements(protocols) in {"TLSv1.2"} => elements(cipherSuites) in {
     		"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
     		"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
-    		"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-    		"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
     		"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
     		"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-    		"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
-    		"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
     		"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
     		"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
-    		"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
-    		"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
     		"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
     		"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
-    		"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-    		"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
     		"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
     		"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
-    		"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
-    		"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
     		"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
     		"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"};
     elements(protocols) in {"TLSv1.3"} => elements(cipherSuites) in {"TLS_AES_128_GCM_SHA256",