diff --git a/JavaCryptographicArchitecture/src/AlgorithmParameterGenerator.crysl b/JavaCryptographicArchitecture/src/AlgorithmParameterGenerator.crysl index 0c04ce9..7a029ea 100644 --- a/JavaCryptographicArchitecture/src/AlgorithmParameterGenerator.crysl +++ b/JavaCryptographicArchitecture/src/AlgorithmParameterGenerator.crysl @@ -34,3 +34,9 @@ REQUIRES ENSURES preparedAlg[algParams, algorithm] after GenParam; + +WEAKNESSES + CWE-326; + CWE-327; + CWE-329; + CWE-330; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/AlgorithmParameters.crysl b/JavaCryptographicArchitecture/src/AlgorithmParameters.crysl index 6240656..6364b3f 100644 --- a/JavaCryptographicArchitecture/src/AlgorithmParameters.crysl +++ b/JavaCryptographicArchitecture/src/AlgorithmParameters.crysl @@ -42,3 +42,9 @@ REQUIRES ENSURES preparedAlg[this, algorithm] after Init; preparedAlg[encParams, algorithm] after GetEncoded; + +WEAKNESSES + CWE-325; + CWE-326; + CWE-330; + CWE-916; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/CertPathTrustManagerParameters.crysl b/JavaCryptographicArchitecture/src/CertPathTrustManagerParameters.crysl index 723e986..1ac83a1 100644 --- a/JavaCryptographicArchitecture/src/CertPathTrustManagerParameters.crysl +++ b/JavaCryptographicArchitecture/src/CertPathTrustManagerParameters.crysl @@ -15,3 +15,8 @@ REQUIRES ENSURES generatedManagerFactoryParameters[this]; + +WEAKNESSES + CWE-295; + CWE-330; + CWE-347; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/CertificateFactory.crysl b/JavaCryptographicArchitecture/src/CertificateFactory.crysl index 3ce214b..9bc8332 100644 --- a/JavaCryptographicArchitecture/src/CertificateFactory.crysl +++ b/JavaCryptographicArchitecture/src/CertificateFactory.crysl @@ -29,3 +29,8 @@ CONSTRAINTS ENSURES generatedCert[type]; + +WEAKNESSES + CWE-295; + CWE-693; + CWE-347; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/Cipher.crysl b/JavaCryptographicArchitecture/src/Cipher.crysl index 9d70309..4ee9447 100644 --- a/JavaCryptographicArchitecture/src/Cipher.crysl +++ b/JavaCryptographicArchitecture/src/Cipher.crysl @@ -78,6 +78,9 @@ EVENTS wkb1: wrappedKeyBytes = wrap(wrappedKey); WKB := wkb1; + iv1: getIV(); + IV := iv1; + ORDER Get, Init+, AADUpdate*, WKB+ | (FINWOU | (Update+, DoFinal))+ @@ -106,6 +109,8 @@ CONSTRAINTS alg(transformation) in {"AES"} && mode(transformation) in {"GCM", "CTR", "CTS", "CFB", "OFB"} => pad(transformation) in {"NoPadding"}; mode(transformation) in {"CTR", "CTS", "CFB", "OFB"} && encmode != 1 => noCallTo[IWOIV]; + mode(transformation) in {"CTR", "CTS", "CFB", "OFB"} && encmode == 1 => callTo[IV]; + mode(transformation) in {"CTR", "CTS", "CFB", "ECB", "OFB"} => noCallTo[AADUpdate]; @@ -137,3 +142,12 @@ ENSURES encrypted[cipherText, plainText]; encrypted[cipherTextByteBuffer, plainTextByteBuffer]; wrappedKey[wrappedKeyBytes, wrappedKey]; + +WEAKNESSES + CWE-1240; + CWE-327; + CWE-329; + CWE-330; + CWE-335; + CWE-338; + CWE-780; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/CipherInputStream.crysl b/JavaCryptographicArchitecture/src/CipherInputStream.crysl index 5d99812..0bd0afb 100644 --- a/JavaCryptographicArchitecture/src/CipherInputStream.crysl +++ b/JavaCryptographicArchitecture/src/CipherInputStream.crysl @@ -32,3 +32,11 @@ REQUIRES ENSURES cipheredInputStream[inputStream, cipher]; + +WEAKNESSES + CWE-20; + CWE-284; + CWE-326; + CWE-404; + CWE-617; + CWE-665; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/CipherOutputStream.crysl b/JavaCryptographicArchitecture/src/CipherOutputStream.crysl index f1a3b5a..d13972f 100644 --- a/JavaCryptographicArchitecture/src/CipherOutputStream.crysl +++ b/JavaCryptographicArchitecture/src/CipherOutputStream.crysl @@ -33,3 +33,8 @@ REQUIRES ENSURES cipheredOutputStream[outputStream, cipher]; + +WEAKNESSES + CWE-404; + CWE-665; + CWE-704; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/Cookie.crysl b/JavaCryptographicArchitecture/src/Cookie.crysl index 59871cb..e0ebebd 100644 --- a/JavaCryptographicArchitecture/src/Cookie.crysl +++ b/JavaCryptographicArchitecture/src/Cookie.crysl @@ -20,3 +20,6 @@ CONSTRAINTS ENSURES generatedCookie[this]; + +WEAKNESSES + CWE-614; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/DHGenParameterSpec.crysl b/JavaCryptographicArchitecture/src/DHGenParameterSpec.crysl index 5447ceb..882c2df 100644 --- a/JavaCryptographicArchitecture/src/DHGenParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/DHGenParameterSpec.crysl @@ -16,3 +16,6 @@ CONSTRAINTS ENSURES preparedDH[this]; + +WEAKNESSES + CWE-326; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/DHParameterSpec.crysl b/JavaCryptographicArchitecture/src/DHParameterSpec.crysl index 4cabf7a..819adf5 100644 --- a/JavaCryptographicArchitecture/src/DHParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/DHParameterSpec.crysl @@ -19,3 +19,6 @@ CONSTRAINTS ENSURES preparedDH[this]; + +WEAKNESSES + CWE-326; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/DSAGenParameterSpec.crysl b/JavaCryptographicArchitecture/src/DSAGenParameterSpec.crysl index f729ae0..fa8039c 100644 --- a/JavaCryptographicArchitecture/src/DSAGenParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/DSAGenParameterSpec.crysl @@ -21,3 +21,7 @@ CONSTRAINTS ENSURES preparedDSA[this]; + +WEAKNESSES + CWE-326; + CWE-327; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/DSAParameterSpec.crysl b/JavaCryptographicArchitecture/src/DSAParameterSpec.crysl index 142d9d6..295c299 100644 --- a/JavaCryptographicArchitecture/src/DSAParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/DSAParameterSpec.crysl @@ -18,3 +18,6 @@ CONSTRAINTS ENSURES preparedDSA[this]; + +WEAKNESSES + CWE-326; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/DigestInputStream.crysl b/JavaCryptographicArchitecture/src/DigestInputStream.crysl index 1dbc381..8391ecd 100644 --- a/JavaCryptographicArchitecture/src/DigestInputStream.crysl +++ b/JavaCryptographicArchitecture/src/DigestInputStream.crysl @@ -34,3 +34,7 @@ REQUIRES ENSURES digestedInputStream[stream, digest]; + +WEAKNESSES + CWE-325; + CWE-665; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/DigestOutputStream.crysl b/JavaCryptographicArchitecture/src/DigestOutputStream.crysl index b6ce505..2e79e89 100644 --- a/JavaCryptographicArchitecture/src/DigestOutputStream.crysl +++ b/JavaCryptographicArchitecture/src/DigestOutputStream.crysl @@ -35,3 +35,8 @@ REQUIRES ENSURES digestedOutputStream[stream, digest]; + +WEAKNESSES + CWE-1284; + CWE-305; + CWE-345; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/ECGenParameterSpec.crysl b/JavaCryptographicArchitecture/src/ECGenParameterSpec.crysl index 7ab6e62..e89aa05 100644 --- a/JavaCryptographicArchitecture/src/ECGenParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/ECGenParameterSpec.crysl @@ -23,3 +23,7 @@ CONSTRAINTS ENSURES preparedEC[this]; + +WEAKNESSES + CWE-327; + CWE-326; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/ECParameterSpec.crysl b/JavaCryptographicArchitecture/src/ECParameterSpec.crysl index 7de5ea6..e922ca0 100644 --- a/JavaCryptographicArchitecture/src/ECParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/ECParameterSpec.crysl @@ -15,3 +15,8 @@ ORDER ENSURES preparedEC[this]; + +WEAKNESSES + CWE-1240; + CWE-326; + CWE-327; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/GCMParameterSpec.crysl b/JavaCryptographicArchitecture/src/GCMParameterSpec.crysl index 203aca6..b098a22 100644 --- a/JavaCryptographicArchitecture/src/GCMParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/GCMParameterSpec.crysl @@ -25,3 +25,7 @@ REQUIRES ENSURES preparedGCM[this]; + +WEAKNESSES + CWE-323 + CWE-330; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/HMACParameterSpec.crysl b/JavaCryptographicArchitecture/src/HMACParameterSpec.crysl index d395653..279a1a5 100644 --- a/JavaCryptographicArchitecture/src/HMACParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/HMACParameterSpec.crysl @@ -12,3 +12,9 @@ ORDER ENSURES preparedHMAC[this]; + +WEAKNESSES + CWE-325; + CWE-326; + CWE-327; + CWE-328; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/IvParameterSpec.crysl b/JavaCryptographicArchitecture/src/IvParameterSpec.crysl index 13712a1..f89bcac 100644 --- a/JavaCryptographicArchitecture/src/IvParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/IvParameterSpec.crysl @@ -23,3 +23,6 @@ REQUIRES ENSURES preparedIV[this]; +WEAKNESSES + CWE-330; + CWE-323; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/Key.crysl b/JavaCryptographicArchitecture/src/Key.crysl index 510ddf9..9eb7a57 100644 --- a/JavaCryptographicArchitecture/src/Key.crysl +++ b/JavaCryptographicArchitecture/src/Key.crysl @@ -15,3 +15,6 @@ REQUIRES ENSURES preparedKeyMaterial[keyMaterial] after GetEnc; + +WEAKNESSES + CWE-200; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/KeyAgreement.crysl b/JavaCryptographicArchitecture/src/KeyAgreement.crysl index 91415d9..f05edbd 100644 --- a/JavaCryptographicArchitecture/src/KeyAgreement.crysl +++ b/JavaCryptographicArchitecture/src/KeyAgreement.crysl @@ -49,3 +49,10 @@ REQUIRES ENSURES preparedKeyMaterial[sharedSecretBuffer] after GenSecretBuffer; + +WEAKNESSES + CWE-320; + CWE-325; + CWE-327; + CWE-330; + CWE-338; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/KeyFactory.crysl b/JavaCryptographicArchitecture/src/KeyFactory.crysl index c55e996..d91a48e 100644 --- a/JavaCryptographicArchitecture/src/KeyFactory.crysl +++ b/JavaCryptographicArchitecture/src/KeyFactory.crysl @@ -30,3 +30,7 @@ ENSURES generatedKeyFactory[this, algorithm] after Get; generatedPrivkey[privateKey] after GenPriv; generatedPubkey[publicKey] after GenPubl; + +WEAKNESSES + CWE-327; + CWE-326; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/KeyGenerator.crysl b/JavaCryptographicArchitecture/src/KeyGenerator.crysl index 053d3c4..eb00196 100644 --- a/JavaCryptographicArchitecture/src/KeyGenerator.crysl +++ b/JavaCryptographicArchitecture/src/KeyGenerator.crysl @@ -34,3 +34,8 @@ REQUIRES ENSURES generatedKey[key, algorithm]; + +WEAKNESSES + CWE-326; + CWE-327; + CWE-330; diff --git a/JavaCryptographicArchitecture/src/KeyManagerFactory.crysl b/JavaCryptographicArchitecture/src/KeyManagerFactory.crysl index 781d735..d19a9ad 100644 --- a/JavaCryptographicArchitecture/src/KeyManagerFactory.crysl +++ b/JavaCryptographicArchitecture/src/KeyManagerFactory.crysl @@ -34,3 +34,7 @@ REQUIRES ENSURES generatedKeyManager[this] after Init; generatedKeyManagers[keyManager] after GetKeyMng; + +WEAKNESSES + CWE-259; + CWE-316; diff --git a/JavaCryptographicArchitecture/src/KeyPair.crysl b/JavaCryptographicArchitecture/src/KeyPair.crysl index b98f2ab..29a09fe 100644 --- a/JavaCryptographicArchitecture/src/KeyPair.crysl +++ b/JavaCryptographicArchitecture/src/KeyPair.crysl @@ -28,3 +28,13 @@ ENSURES generatedKeypair[this, _] after Con; generatedPubkey[retPublicKey] after GetPubl; generatedPrivkey[retPrivateKey] after GetPriv; + +WEAKNESSES + CWE-320; + CWE-321; + CWE-330; + CWE-331; + CWE-338; + CWE-325; + CWE-326; + diff --git a/JavaCryptographicArchitecture/src/KeyPairGenerator.crysl b/JavaCryptographicArchitecture/src/KeyPairGenerator.crysl index eba3b95..a3ad90a 100644 --- a/JavaCryptographicArchitecture/src/KeyPairGenerator.crysl +++ b/JavaCryptographicArchitecture/src/KeyPairGenerator.crysl @@ -39,3 +39,8 @@ REQUIRES ENSURES generatedKeypair[keyPair, algorithm]; + +WEAKNESSES + CWE-326; + CWE-330; + CWE-338; diff --git a/JavaCryptographicArchitecture/src/KeyStore.crysl b/JavaCryptographicArchitecture/src/KeyStore.crysl index 31d8c4f..9e60016 100644 --- a/JavaCryptographicArchitecture/src/KeyStore.crysl +++ b/JavaCryptographicArchitecture/src/KeyStore.crysl @@ -60,3 +60,6 @@ ENSURES generatedKey[key, _]; generatedPrivkey[key]; generatedPubkey[key]; + +WEAKNESSES + CWE-259; diff --git a/JavaCryptographicArchitecture/src/KeyStoreBuilderParameters.crysl b/JavaCryptographicArchitecture/src/KeyStoreBuilderParameters.crysl index 1e4a111..ca1c55b 100644 --- a/JavaCryptographicArchitecture/src/KeyStoreBuilderParameters.crysl +++ b/JavaCryptographicArchitecture/src/KeyStoreBuilderParameters.crysl @@ -12,3 +12,7 @@ ORDER ENSURES generatedManagerFactoryParameters[this]; + +WEAKNESSES + CWE-295; + CWE-259; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/MGF1ParameterSpec.crysl b/JavaCryptographicArchitecture/src/MGF1ParameterSpec.crysl index 08d1c52..b2dbaaf 100644 --- a/JavaCryptographicArchitecture/src/MGF1ParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/MGF1ParameterSpec.crysl @@ -15,3 +15,7 @@ CONSTRAINTS ENSURES preparedMGF1[this, mdName]; + +WEAKNESSES + CWE-327; + CWE-328; diff --git a/JavaCryptographicArchitecture/src/Mac.crysl b/JavaCryptographicArchitecture/src/Mac.crysl index f68bfc3..0786fa1 100644 --- a/JavaCryptographicArchitecture/src/Mac.crysl +++ b/JavaCryptographicArchitecture/src/Mac.crysl @@ -57,3 +57,11 @@ ENSURES macced[output1, inputByte]; macced[output1, preInput]; macced[output2, input]; + +WEAKNESSES + CWE-320; + CWE-325; + CWE-328; + CWE-330; + CWE-916; + CWE-327; diff --git a/JavaCryptographicArchitecture/src/MessageDigest.crysl b/JavaCryptographicArchitecture/src/MessageDigest.crysl index 2d01e3a..60f08e1 100644 --- a/JavaCryptographicArchitecture/src/MessageDigest.crysl +++ b/JavaCryptographicArchitecture/src/MessageDigest.crysl @@ -46,3 +46,6 @@ ENSURES generatedMessageDigest[this] after Get; digested[output, _]; digested[output, input]; + +WEAKNESSES + CWE-327; diff --git a/JavaCryptographicArchitecture/src/OAEPParameterSpec.crysl b/JavaCryptographicArchitecture/src/OAEPParameterSpec.crysl index 138eef7..0b45e66 100644 --- a/JavaCryptographicArchitecture/src/OAEPParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/OAEPParameterSpec.crysl @@ -22,3 +22,7 @@ REQUIRES ENSURES preparedOAEP[this]; + +WEAKNESSES + CWE-327; + CWE-328; diff --git a/JavaCryptographicArchitecture/src/PBEKeySpec.crysl b/JavaCryptographicArchitecture/src/PBEKeySpec.crysl index f8ce381..9de077f 100644 --- a/JavaCryptographicArchitecture/src/PBEKeySpec.crysl +++ b/JavaCryptographicArchitecture/src/PBEKeySpec.crysl @@ -33,3 +33,13 @@ ENSURES NEGATES speccedKey[this, _] after ClearPass; + +WEAKNESSES + CWE-259; + CWE-326; + CWE-330; + CWE-760; + CWE-916; + CWE-760; + CWE-750; + CWE-226; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/PBEParameterSpec.crysl b/JavaCryptographicArchitecture/src/PBEParameterSpec.crysl index 54e1ae6..870809a 100644 --- a/JavaCryptographicArchitecture/src/PBEParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/PBEParameterSpec.crysl @@ -21,3 +21,9 @@ REQUIRES ENSURES preparedPBE[this]; + +WEAKNESSES + CWE-330; + CWE-916; + CWE-331; + CWE-760; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/PKIXBuilderParameters.crysl b/JavaCryptographicArchitecture/src/PKIXBuilderParameters.crysl index 8d976a4..1efec65 100644 --- a/JavaCryptographicArchitecture/src/PKIXBuilderParameters.crysl +++ b/JavaCryptographicArchitecture/src/PKIXBuilderParameters.crysl @@ -19,3 +19,6 @@ REQUIRES ENSURES generatedCertPathParameters[this]; +WEAKNESSES + CWE-295; + \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/PKIXParameters.crysl b/JavaCryptographicArchitecture/src/PKIXParameters.crysl index a43e6fd..5da0fa6 100644 --- a/JavaCryptographicArchitecture/src/PKIXParameters.crysl +++ b/JavaCryptographicArchitecture/src/PKIXParameters.crysl @@ -16,3 +16,6 @@ REQUIRES ENSURES generatedCertPathParameters[this]; + +WEAKNESSES + CWE-295; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/PasswordAuthentication.crysl b/JavaCryptographicArchitecture/src/PasswordAuthentication.crysl index 045b44b..b07ab52 100644 --- a/JavaCryptographicArchitecture/src/PasswordAuthentication.crysl +++ b/JavaCryptographicArchitecture/src/PasswordAuthentication.crysl @@ -24,3 +24,7 @@ CONSTRAINTS ENSURES generatedPasswordAuthentication[this]; + +WEAKNESSES + CWE-259; + CWE-798; diff --git a/JavaCryptographicArchitecture/src/PrivateKey.crysl b/JavaCryptographicArchitecture/src/PrivateKey.crysl index 265d05b..44e35de 100644 --- a/JavaCryptographicArchitecture/src/PrivateKey.crysl +++ b/JavaCryptographicArchitecture/src/PrivateKey.crysl @@ -15,3 +15,10 @@ REQUIRES ENSURES preparedKeyMaterial[keyMaterial] after GetEnc; + +WEAKNESSES + CWE-312; + CWE-319; + CWE-320; + CWE-321; + CWE-326; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/PublicKey.crysl b/JavaCryptographicArchitecture/src/PublicKey.crysl index 941f828..990c401 100644 --- a/JavaCryptographicArchitecture/src/PublicKey.crysl +++ b/JavaCryptographicArchitecture/src/PublicKey.crysl @@ -15,3 +15,9 @@ REQUIRES ENSURES preparedKeyMaterial[keyMaterial] after GetEnc; +WEAKNESSES + CWE-295; + CWE-347; + CWE-326; + CWE-328; + CWE-345; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/RSAKeyGenParameterSpec.crysl b/JavaCryptographicArchitecture/src/RSAKeyGenParameterSpec.crysl index ada8f2d..e4a1d6e 100644 --- a/JavaCryptographicArchitecture/src/RSAKeyGenParameterSpec.crysl +++ b/JavaCryptographicArchitecture/src/RSAKeyGenParameterSpec.crysl @@ -17,3 +17,6 @@ CONSTRAINTS ENSURES preparedRSA[this]; + +WEAKNESSES + CWE-326; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/SSLContext.crysl b/JavaCryptographicArchitecture/src/SSLContext.crysl index 0edfa87..34402ee 100644 --- a/JavaCryptographicArchitecture/src/SSLContext.crysl +++ b/JavaCryptographicArchitecture/src/SSLContext.crysl @@ -36,3 +36,9 @@ REQUIRES ENSURES generatedSSLContext[this] after Init; generatedSSLEngine[eng] after Engine; + +WEAKNESSES + CWE-295; + CWE-321; + CWE-327; + CWE-330; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/SSLEngine.crysl b/JavaCryptographicArchitecture/src/SSLEngine.crysl index a882933..fa452d0 100644 --- a/JavaCryptographicArchitecture/src/SSLEngine.crysl +++ b/JavaCryptographicArchitecture/src/SSLEngine.crysl @@ -34,3 +34,8 @@ CONSTRAINTS ENSURES generatedSSLEngine[this]; + +WEAKNESSES + CWE-326; + CWE-327; + cw-757; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/SSLParameters.crysl b/JavaCryptographicArchitecture/src/SSLParameters.crysl index 2752949..e344e45 100644 --- a/JavaCryptographicArchitecture/src/SSLParameters.crysl +++ b/JavaCryptographicArchitecture/src/SSLParameters.crysl @@ -36,3 +36,8 @@ CONSTRAINTS ENSURES generatedSSLParameters[this]; + +WEAKNESSES + CWE-326; + CWE-327; + CWE-757; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/SecretKey.crysl b/JavaCryptographicArchitecture/src/SecretKey.crysl index 8cc0cdf..8f0c622 100644 --- a/JavaCryptographicArchitecture/src/SecretKey.crysl +++ b/JavaCryptographicArchitecture/src/SecretKey.crysl @@ -21,3 +21,8 @@ ENSURES NEGATES generatedKey[this, _] after Destroy; + +WEAKNESSES + CWE-320; + CWE-321; + CWE-226; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/SecretKeyFactory.crysl b/JavaCryptographicArchitecture/src/SecretKeyFactory.crysl index 33f0111..1c1e5b6 100644 --- a/JavaCryptographicArchitecture/src/SecretKeyFactory.crysl +++ b/JavaCryptographicArchitecture/src/SecretKeyFactory.crysl @@ -29,3 +29,10 @@ REQUIRES ENSURES generatedKey[key, algorithm]; + +WEAKNESSES + CWE-320; + CWE-327; + CWE-330; + CWE-326; + CWE-916; diff --git a/JavaCryptographicArchitecture/src/SecretKeySpec.crysl b/JavaCryptographicArchitecture/src/SecretKeySpec.crysl index f272d27..e0acbab 100644 --- a/JavaCryptographicArchitecture/src/SecretKeySpec.crysl +++ b/JavaCryptographicArchitecture/src/SecretKeySpec.crysl @@ -25,3 +25,10 @@ REQUIRES ENSURES speccedKey[this, _]; generatedKey[this, keyAlgorithm]; + +WEAKNESSES + CWE-325; + CWE-326; + CWE-327; + CWE-330; + CWE-321; diff --git a/JavaCryptographicArchitecture/src/SecureRandom.crysl b/JavaCryptographicArchitecture/src/SecureRandom.crysl index ee530ca..3d47911 100644 --- a/JavaCryptographicArchitecture/src/SecureRandom.crysl +++ b/JavaCryptographicArchitecture/src/SecureRandom.crysl @@ -51,3 +51,10 @@ ENSURES randomized[bytes] after nB; randomized[randInt] after nI; randomized[randIntInRange] after nIR; + +WEAKNESSES + CWE-330; + CWE-338; + CWE-335; + CWE-337; + CWE-331; diff --git a/JavaCryptographicArchitecture/src/Signature.crysl b/JavaCryptographicArchitecture/src/Signature.crysl index 120e64a..5a8067c 100644 --- a/JavaCryptographicArchitecture/src/Signature.crysl +++ b/JavaCryptographicArchitecture/src/Signature.crysl @@ -59,3 +59,13 @@ ENSURES signed[output, input] after Sign; signed[output, inputByteBuffer] after Sign; verified[verified, sign] after Verify; + +WEAKNESSES + CWE-284; + CWE-295; + CWE-326; + CWE-327; + CWE-330; + CWE-347; + CWE-325; + diff --git a/JavaCryptographicArchitecture/src/TrustAnchor.crysl b/JavaCryptographicArchitecture/src/TrustAnchor.crysl index 6769d9b..b985efd 100644 --- a/JavaCryptographicArchitecture/src/TrustAnchor.crysl +++ b/JavaCryptographicArchitecture/src/TrustAnchor.crysl @@ -19,3 +19,6 @@ REQUIRES ENSURES generatedTrustAnchor[this]; + +WEAKNESSES + CWE-295; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/TrustManagerFactory.crysl b/JavaCryptographicArchitecture/src/TrustManagerFactory.crysl index 2a294cc..03a0c48 100644 --- a/JavaCryptographicArchitecture/src/TrustManagerFactory.crysl +++ b/JavaCryptographicArchitecture/src/TrustManagerFactory.crysl @@ -31,3 +31,8 @@ REQUIRES ENSURES generatedTrustManager[this] after Init; generatedTrustManagers[trustManager] after GetTrustMng; + +WEAKNESSES + CWE-295; + CWE-322; + CWE-326; \ No newline at end of file diff --git a/JavaCryptographicArchitecture/src/X509EncodedKeySpec.crysl b/JavaCryptographicArchitecture/src/X509EncodedKeySpec.crysl index 80d583d..18cad15 100644 --- a/JavaCryptographicArchitecture/src/X509EncodedKeySpec.crysl +++ b/JavaCryptographicArchitecture/src/X509EncodedKeySpec.crysl @@ -15,3 +15,8 @@ REQUIRES ENSURES speccedKey[this, _] after Con; + +WEAKNESSES + CWE-330; + CWE-326; + CWE-345; \ No newline at end of file