GoCipherGCM

cipher package. NewGCMWithNonceSize() and AEAD.Seal() — finding when nonce is reused or predictable.

1 sink

Taint flow0 sources → 1 sink

Sinks — dangerous call

.Seal()Encrypts and authenticates

Sinks

— dangerous functions taint must not reach

.Seal()Sink

Signature

Seal(dst, nonce, plaintext, additionalData []byte) []byte

Encrypts and authenticates. Finding when nonce is reused.

tracks:1

.NewGCM()Neutral

Signature

NewGCM(cipher Block) (AEAD, error)

Creates GCM mode cipher. Finding when nonce is not cryptographically random.

FQN	Field
crypto/cipher	fqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

go.mod

// standard library — no go.mod entry required

rule.py

from codepathfinder.go_rule import GoCipherGCM