CogniCrypt icon indicating copy to clipboard operation
CogniCrypt copied to clipboard

Published 20 hours ago verified publisher icon eclipse-cognicrypt

getTransitions() doesn't return all possible correct transitions

Open rakshitkr opened this issue 4 years ago • 3 comments

The method getTransitions in StateMachineGraphAnalyser is currently unable to handle multiple initial transitions like in SSLParameters rule. Additionally, it is doesn't return expected transitions when | operator is used in ORDER section.

In order to avoid cycles in the graph, the code here skips already visited transition in the graph. Since Stores is already visited in Gets->Loads->GetEntry->GetKey->SetEntry->Stores, the transitions Gets->Loads->SetEntry->Stores and Gets->Loads->GetKey->SetEntry->Stores containing Stores are skipped

rakshitkr avatar Sep 19 '20 15:09 rakshitkr

Happens for MessageDigest rule

Expected:

Gets, DWOU
Gets, Updates, Digests
Gets, DWOU, Updates, Digests

Returned:

Gets, DWOU
Gets, DWOU, Updates, Digests

rakshitkr avatar Sep 19 '20 18:09 rakshitkr

Happens for KeyStore rule

Expected:

Gets, Loads, GetEntry, GetKey, SetEntry, Stores
Gets, Loads, GetKey, SetEntry, Stores
Gets, Loads, GetEntry, GetKey
Gets, Loads, SetEntry, Stores
Gets, Loads, GetKey
Gets, Loads

Returned:

Gets, Loads, GetEntry, GetKey, SetEntry, Stores
Gets, Loads, GetEntry, GetKey
Gets, Loads, GetKey
Gets, Loads

rakshitkr avatar Oct 24 '20 16:10 rakshitkr

Happens for SecureRandom rule

Expected:

Ins, Seeds, Ends, Seeds
Ins, Ends, Seeds
Ins, Seeds, Seeds
Ins, Seeds, Ends
Ins, Seeds
Ins, Ends
Ins

Returned:

Ins, Seeds, Ends, Seeds
Ins, Seeds, Ends
Ins, Seeds
Ins, Ends
Ins

rakshitkr avatar Oct 24 '20 19:10 rakshitkr