Update cognicrypt.yml to v3.2.1 #7
Annotations
10 errors and 2 warnings
RequiredPredicateError violating CrySL rule for javax.crypto.spec.IvParameterSpec:
CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/inter2field/falsepositive/insecurerandom/InsecureRandom1.java#L46
First parameter was not properly generated as randomized
|
IncompleteOperationError violating CrySL rule for javax.crypto.Cipher:
CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/inter2field/falsepositive/insecurerandom/InsecureRandom1.java#L47
Operation on object of type javax.crypto.Cipher not completed. Expected call to one of the methods {doFinal(byte[]), update(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[]), update(byte[]), update(byte[], int, int, byte[]), updateAAD(byte[], int, int), update(byte[], int, int), update(java.nio.ByteBuffer, java.nio.ByteBuffer), wrap(java.security.Key), updateAAD(byte[]), updateAAD(java.nio.ByteBuffer), doFinal(byte[], int, int), doFinal(java.nio.ByteBuffer, java.nio.ByteBuffer)}
|
RequiredPredicateError violating CrySL rule for javax.crypto.Cipher:
CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/inter2field/falsepositive/insecurerandom/InsecureRandom1.java#L47
Third parameter was not properly generated as preparedGCM
|
IncompleteOperationError violating CrySL rule for javax.crypto.Cipher:
CamBench_Cap/src/main/java/org/cambench/cap/flowsensitivity/advanced/valueswap/truepositive/brokencrypto/CorrectedCrypto.java#L37
Operation on object of type javax.crypto.Cipher not completed. Expected call to one of the methods {doFinal(byte[]), update(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[]), update(byte[]), update(byte[], int, int, byte[]), updateAAD(byte[], int, int), update(byte[], int, int), update(java.nio.ByteBuffer, java.nio.ByteBuffer), wrap(java.security.Key), updateAAD(byte[]), updateAAD(java.nio.ByteBuffer), doFinal(byte[], int, int), doFinal(java.nio.ByteBuffer, java.nio.ByteBuffer)}
|
ConstraintError violating CrySL rule for javax.crypto.Cipher:
CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/objectpath/truepositive/brokencrypto/BrokenCrypto2.java#L40
First parameter (with value "Blowfish") should be any of {AES, PBEWithHmacSHA224AndAES_128, PBEWithHmacSHA256AndAES_128, PBEWithHmacSHA384AndAES_128, PBEWithHmacSHA512AndAES_128, PBEWithHmacSHA224AndAES_256, PBEWithHmacSHA256AndAES_256, PBEWithHmacSHA384AndAES_256, PBEWithHmacSHA512AndAES_256}
|
IncompleteOperationError violating CrySL rule for javax.crypto.Cipher:
CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/objectpath/truepositive/brokencrypto/BrokenCrypto2.java#L42
Operation on object of type javax.crypto.Cipher not completed. Expected call to one of the methods {doFinal(byte[]), update(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[], int), doFinal(byte[], int, int, byte[]), update(byte[]), update(byte[], int, int, byte[]), updateAAD(byte[], int, int), update(byte[], int, int), update(java.nio.ByteBuffer, java.nio.ByteBuffer), wrap(java.security.Key), updateAAD(byte[]), updateAAD(java.nio.ByteBuffer), doFinal(byte[], int, int), doFinal(java.nio.ByteBuffer, java.nio.ByteBuffer)}
|
RequiredPredicateError violating CrySL rule for javax.crypto.Cipher:
CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/objectpath/truepositive/brokencrypto/BrokenCrypto2.java#L42
Second parameter was not properly generated as generatedPrivkey OR generatedPubkey OR generatedKey
|
ConstraintError violating CrySL rule for javax.crypto.KeyGenerator:
CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/objectpath/truepositive/brokencrypto/BrokenCrypto2.java#L41
First parameter (with value "AES/GCM/NoPadding") should be any of {AES, HmacSHA256, HmacSHA384, HmacSHA512}
|
RequiredPredicateError violating CrySL rule for javax.crypto.SecretKey:
CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/objectpath/truepositive/brokencrypto/BrokenCrypto2.java#L42
Return value was not properly generated as generatedKey
|
ConstraintError violating CrySL rule for javax.crypto.KeyGenerator:
CamBench_Cap/src/main/java/org/cambench/cap/mixedsensitivities/objectpath/truepositive/brokencrypto/BrokenCrypto2.java#L41
First parameter (with value "Blowfish") should be any of {AES, HmacSHA256, HmacSHA384, HmacSHA512}
|
cognicrypt
There are more violations than the GitHub annotations interface displays. Please check the log for additional violations.
|
cognicrypt
The following actions uses Node.js version which is deprecated and will be forced to run on node20: actions/setup-java@v3, actions/cache/restore@v3, stCarolas/setup-maven@v4.5, actions/cache/save@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|