CogniCrypt icon indicating copy to clipboard operation
CogniCrypt copied to clipboard

Published 20 hours ago verified publisher icon eclipse-cognicrypt

error on crypto analysis

Open rbonifacio opened this issue 5 years ago • 1 comments

Describe the bug

For some reason, cognicrypt is reporting an error on a code that it seems to be ok (it is also available in the CogniCrypt documentation)

To Reproduce Steps to reproduce the behavior:

  1. Go to the source code of the DemoClass example and copy it to a new Java project
  2. Click on ' Apply CognicCrypt .... button
  3. See error: "Operation on object of type javax.crypto.KeyGenerator object not completed. Expected call to init, javax.crypto.KeyGenerator: javax.crypto.SecretKey generateKey()"

Expected behavior

CogniCrypt should not report an error in this case.

Screenshots

cc-error

Desktop (please complete the following information):

  • OS: OSX version 10.14.6
  • Eclipse IDE for Java Developers version 4.14
  • CogniCrypt version: 1.0.0.201905081022

rbonifacio avatar Jan 29 '20 18:01 rbonifacio

Thanks for reporting. I was able to reproduce it. The finding is related to the exception.

Technically, if generateKey throws an Exception, the control flow continues in the catch block and the keyGen object is not in an accepting state! However, the error message is confusing.

Note, an invocation transitions the state of the object when execution of the instruction is completed (i.e. when data-flow returns from generateKey).

johspaeth avatar Jan 29 '20 22:01 johspaeth