Skip to content

Commit 42e7d1e

Browse files
geoffw0geoffw0
committed
Rust: Fix typo.
1 parent 9af2d02 commit 42e7d1e

File tree

2 files changed

+19
-19
lines changed

2 files changed

+19
-19
lines changed

rust/ql/src/queries/security/CWE-798/HardcodedCryptographicValue.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
* @problem.severity warning
77
* @security-severity 9.8
88
* @precision high
9-
* @id rust/hardcoded-crytographic-value
9+
* @id rust/hardcoded-cryptographic-value
1010
* @tags security
1111
* external/cwe/cwe-259
1212
* external/cwe/cwe-321

rust/ql/test/query-tests/security/CWE-798/test_cipher.rs

Lines changed: 18 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -15,39 +15,39 @@ fn test_stream_cipher_rabbit(
1515
let mut rabbit_cipher1 = RabbitKeyOnly::new(rabbit::Key::from_slice(key));
1616
rabbit_cipher1.apply_keystream(&mut data);
1717

18-
let const1: &[u8;16] = &[0u8;16]; // $ Alert[rust/hardcoded-crytographic-value]
18+
let const1: &[u8;16] = &[0u8;16]; // $ Alert[rust/hardcoded-cryptographic-value]
1919
let mut rabbit_cipher2 = RabbitKeyOnly::new(rabbit::Key::from_slice(const1)); // $ Sink
2020
rabbit_cipher2.apply_keystream(&mut data);
2121

2222
let mut rabbit_cipher3 = Rabbit::new(rabbit::Key::from_slice(key), rabbit::Iv::from_slice(iv));
2323
rabbit_cipher3.apply_keystream(&mut data);
2424

25-
let const4: &[u8;16] = &[0u8;16]; // $ Alert[rust/hardcoded-crytographic-value]
25+
let const4: &[u8;16] = &[0u8;16]; // $ Alert[rust/hardcoded-cryptographic-value]
2626
let mut rabbit_cipher4 = Rabbit::new(rabbit::Key::from_slice(const4), rabbit::Iv::from_slice(iv)); // $ Sink
2727
rabbit_cipher4.apply_keystream(&mut data);
2828

29-
let const5: &[u8;16] = &[0u8;16]; // $ Alert[rust/hardcoded-crytographic-value]
29+
let const5: &[u8;16] = &[0u8;16]; // $ Alert[rust/hardcoded-cryptographic-value]
3030
let mut rabbit_cipher5 = Rabbit::new(rabbit::Key::from_slice(key), rabbit::Iv::from_slice(const5)); // $ Sink
3131
rabbit_cipher5.apply_keystream(&mut data);
3232

3333
// various expressions of constant arrays
3434

3535
let const6: &[u8;16] = &[0u8;16]; // (unused, so good)
3636

37-
let const7: [u8;16] = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; // $ Alert[rust/hardcoded-crytographic-value]
37+
let const7: [u8;16] = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; // $ Alert[rust/hardcoded-cryptographic-value]
3838
let mut rabbit_cipher7 = RabbitKeyOnly::new(rabbit::Key::from_slice(&const7)); // $ Sink
3939
rabbit_cipher7.apply_keystream(&mut data);
4040

41-
let const8: &[u8;16] = &[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; // $ Alert[rust/hardcoded-crytographic-value]
41+
let const8: &[u8;16] = &[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; // $ Alert[rust/hardcoded-cryptographic-value]
4242
let mut rabbit_cipher8 = RabbitKeyOnly::new(rabbit::Key::from_slice(const8)); // $ Sink
4343
rabbit_cipher8.apply_keystream(&mut data);
4444

45-
let const9: [u16;8] = [0, 0, 0, 0, 0, 0, 0, 0]; // $ Alert[rust/hardcoded-crytographic-value]
45+
let const9: [u16;8] = [0, 0, 0, 0, 0, 0, 0, 0]; // $ Alert[rust/hardcoded-cryptographic-value]
4646
let const9_conv = unsafe { const9.align_to::<u8>().1 }; // convert [u16;8] -> [u8;8]
4747
let mut rabbit_cipher9 = RabbitKeyOnly::new(rabbit::Key::from_slice(const9_conv)); // $ Sink
4848
rabbit_cipher9.apply_keystream(&mut data);
4949

50-
let const10: [u8;16] = unsafe { std::mem::zeroed() }; // $ Alert[rust/hardcoded-crytographic-value]
50+
let const10: [u8;16] = unsafe { std::mem::zeroed() }; // $ Alert[rust/hardcoded-cryptographic-value]
5151
let mut rabbit_cipher10 = RabbitKeyOnly::new(rabbit::Key::from_slice(&const10)); // $ Sink
5252
rabbit_cipher10.apply_keystream(&mut data);
5353
}
@@ -63,25 +63,25 @@ fn test_block_cipher_aes(
6363
let aes_cipher1 = Aes256::new(key256.into());
6464
aes_cipher1.encrypt_block(block128.into());
6565

66-
let const2 = &[0u8;32]; // $ Alert[rust/hardcoded-crytographic-value]
66+
let const2 = &[0u8;32]; // $ Alert[rust/hardcoded-cryptographic-value]
6767
let aes_cipher2 = Aes256::new(const2.into()); // $ Sink
6868
aes_cipher2.encrypt_block(block128.into());
6969

7070
let aes_cipher3 = Aes256::new_from_slice(key256).unwrap();
7171
aes_cipher3.encrypt_block(block128.into());
7272

73-
let const2 = &[0u8;32]; // $ Alert[rust/hardcoded-crytographic-value]
73+
let const2 = &[0u8;32]; // $ Alert[rust/hardcoded-cryptographic-value]
7474
let aes_cipher4 = Aes256::new_from_slice(const2).unwrap(); // $ Sink
7575
aes_cipher4.encrypt_block(block128.into());
7676

7777
let aes_cipher5 = cfb_mode::Encryptor::<aes::Aes256>::new(key.into(), iv.into());
7878
_ = aes_cipher5.encrypt_b2b(input, output).unwrap();
7979

80-
let const6 = &[0u8;32]; // $ Alert[rust/hardcoded-crytographic-value]
80+
let const6 = &[0u8;32]; // $ Alert[rust/hardcoded-cryptographic-value]
8181
let aes_cipher6 = cfb_mode::Encryptor::<aes::Aes256>::new(const6.into(), iv.into()); // $ Sink
8282
_ = aes_cipher6.encrypt_b2b(input, output).unwrap();
8383

84-
let const7 = &[0u8; 16]; // $ Alert[rust/hardcoded-crytographic-value]
84+
let const7 = &[0u8; 16]; // $ Alert[rust/hardcoded-cryptographic-value]
8585
let aes_cipher7 = cfb_mode::Encryptor::<aes::Aes256>::new(key.into(), const7.into()); // $ Sink
8686
_ = aes_cipher7.encrypt_b2b(input, output).unwrap();
8787

@@ -91,18 +91,18 @@ fn test_block_cipher_aes(
9191
let aes_cipher8 = cfb_mode::Encryptor::<aes::Aes256>::new(key8.into(), iv.into());
9292
_ = aes_cipher8.encrypt_b2b(input, output).unwrap();
9393

94-
let key9: &[u8] = "1234567890123456".as_bytes(); // $ MISSING: Alert[rust/hardcoded-crytographic-value]
94+
let key9: &[u8] = "1234567890123456".as_bytes(); // $ MISSING: Alert[rust/hardcoded-cryptographic-value]
9595
let aes_cipher9 = cfb_mode::Encryptor::<aes::Aes256>::new(key9.into(), iv.into());
9696
_ = aes_cipher9.encrypt_b2b(input, output).unwrap();
9797

9898
let key10: [u8; 32] = match base64::engine::general_purpose::STANDARD.decode(key_str) {
9999
Ok(x) => x.try_into().unwrap(),
100-
Err(_) => "1234567890123456".as_bytes().try_into().unwrap() // $ MISSING: Alert[rust/hardcoded-crytographic-value]
100+
Err(_) => "1234567890123456".as_bytes().try_into().unwrap() // $ MISSING: Alert[rust/hardcoded-cryptographic-value]
101101
};
102102
let aes_cipher10 = Aes256::new(&key10.into());
103103
aes_cipher10.encrypt_block(block128.into());
104104

105-
if let Ok(const11) = base64::engine::general_purpose::STANDARD.decode("1234567890123456") { // $ MISSING: Alert[rust/hardcoded-crytographic-value]
105+
if let Ok(const11) = base64::engine::general_purpose::STANDARD.decode("1234567890123456") { // $ MISSING: Alert[rust/hardcoded-cryptographic-value]
106106
let key11: [u8; 32] = const11.try_into().unwrap();
107107
let aes_cipher11 = Aes256::new(&key11.into());
108108
aes_cipher11.encrypt_block(block128.into());
@@ -121,14 +121,14 @@ fn test_aes_gcm(
121121
let cipher1 = Aes256Gcm::new(&key1);
122122
let _ = cipher1.encrypt(&nonce1, b"plaintext".as_ref()).unwrap();
123123

124-
let key2: [u8;32] = [0;32]; // $ Alert[rust/hardcoded-crytographic-value]
125-
let nonce2 = [0;12]; // $ Alert[rust/hardcoded-crytographic-value]
124+
let key2: [u8;32] = [0;32]; // $ Alert[rust/hardcoded-cryptographic-value]
125+
let nonce2 = [0;12]; // $ Alert[rust/hardcoded-cryptographic-value]
126126
let cipher2 = Aes256Gcm::new(&key2.into()); // $ Sink
127127
let _ = cipher2.encrypt(&nonce2.into(), b"plaintext".as_ref()).unwrap(); // $ Sink
128128

129-
let key3_array: &[u8;32] = &[0xff;32]; // $ Alert[rust/hardcoded-crytographic-value]
129+
let key3_array: &[u8;32] = &[0xff;32]; // $ Alert[rust/hardcoded-cryptographic-value]
130130
let key3 = Key::<Aes256Gcm>::from_slice(key3_array);
131-
let nonce3: [u8;12] = [0xff;12]; // $ Alert[rust/hardcoded-crytographic-value]
131+
let nonce3: [u8;12] = [0xff;12]; // $ Alert[rust/hardcoded-cryptographic-value]
132132
let cipher3 = Aes256Gcm::new(&key3); // $ Sink
133133
let _ = cipher3.encrypt(&nonce3.into(), b"plaintext".as_ref()).unwrap(); // $ Sink
134134
}

0 commit comments

Comments
 (0)