Support multi-dimensional arrays

Author: artem-smotrakov

java/ql/src/experimental/semmle/code/java/security/StaticInitializationVectorQuery.qll

@@ -3,13 +3,17 @@ import semmle.code.java.dataflow.TaintTracking
 import semmle.code.java.dataflow.TaintTracking2
 
 /**
- * Holds if `array` is initialized only with constants, for example,
- * `new byte[8]` or `new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }`.
+ * Holds if `array` is initialized only with constants.
  */
 private predicate initializedWithConstants(ArrayCreationExpr array) {
+  // creating an array without an initializer, for example `new byte[8]`
   not exists(array.getInit())
   or
-  forex(Expr element | element = array.getInit().getAChildExpr() |
+  // creating a multidimensional array with an initializer like `{ new byte[8], new byte[16] }`
+  array.getInit().getAnInit().getAChildExpr() instanceof IntegerLiteral
+  or
+  // creating an array wit an initializer like `new byte[] { 1, 2 }`
+  forex(Expr element | element = array.getInit().getAnInit() |
     element instanceof CompileTimeConstantExpr
   )
 }

java/ql/test/experimental/query-tests/security/CWE-1204/StaticInitializationVector.java

@@ -50,6 +50,54 @@ public byte[] encryptWithStaticIvByteArray(byte[] key, byte[] plaintext) throws
         return cipher.doFinal();
     }
 
+    // BAD: AES-GCM with static IV from a multidimensional byte array
+    public byte[] encryptWithOneOfStaticIvs01(byte[] key, byte[] plaintext) throws Exception {
+        byte[][] staticIvs = new byte[][] {
+            { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5 },
+            { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 42 }
+        };
+
+        GCMParameterSpec ivSpec = new GCMParameterSpec(128, staticIvs[1]);
+        SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
+
+        Cipher cipher = Cipher.getInstance("AES/GCM/PKCS5PADDING");
+        cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $staticInitializationVector
+        cipher.update(plaintext);
+        return cipher.doFinal();
+    }
+
+    // BAD: AES-GCM with static IV from a multidimensional byte array
+    public byte[] encryptWithOneOfStaticIvs02(byte[] key, byte[] plaintext) throws Exception {
+        byte[][] staticIvs = new byte[][] {
+            new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5 },
+            new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 42 }
+        };
+
+        GCMParameterSpec ivSpec = new GCMParameterSpec(128, staticIvs[1]);
+        SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
+
+        Cipher cipher = Cipher.getInstance("AES/GCM/PKCS5PADDING");
+        cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $staticInitializationVector
+        cipher.update(plaintext);
+        return cipher.doFinal();
+    }
+
+    // BAD: AES-GCM with static IV from a multidimensional byte array
+    public byte[] encryptWithOneOfStaticZeroIvs(byte[] key, byte[] plaintext) throws Exception {
+        byte[][] ivs = new byte[][] {
+            new byte[8],
+            new byte[16]
+        };
+
+        GCMParameterSpec ivSpec = new GCMParameterSpec(128, ivs[1]);
+        SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
+
+        Cipher cipher = Cipher.getInstance("AES/GCM/PKCS5PADDING");
+        cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $staticInitializationVector
+        cipher.update(plaintext);
+        return cipher.doFinal();
+    }
+
     // GOOD: AES-GCM with a random IV
     public byte[] encryptWithRandomIv(byte[] key, byte[] plaintext) throws Exception {
         byte[] iv = new byte[16];