Gradual Security Typing in Dart

This page will describe artifacts associated to SecDart which is an extension to the Dart programming language with gradual security typing.

Installation instructions

We will provide three ways to interact with the SecDart's security analysis (currently just the first one is available!):

SecDart Pad: Functionality

The following screenshot shows how the SecDart Pad looks like

The SecDart Analyzer CLI

Instructions will be placed here soon.

Integration with the Analysis Server

We developed a plugin for the Dart Analysis Server. The implementation is not stable yet, but we are working on that. The following screenshot shows a (custom) security error reported by the security analysis in the “Dart Analysis” windows of WebStorm

SecDart : Language features

SecDart covers a subset of the language and add security labels to language constructors

Dart subset

The following BNF notation represents the AST of the supported subset of Dart, so is not a grammar specification. We use brackets in the BNF rules to refer to the name of the class of the Ast node provided by the Dart Analyzer.

 compilationUnitMember ::= 
       | [FunctionDeclaration]
  
 functionDeclaration ::=
         'external' functionSignature
       | functionSignature [FunctionBody]
 
 functionSignature ::=
         [Type]? ('get' | 'set')? [SimpleIdentifier] [FormalParameterList]
         
 binaryExpression ::=
        [Expression] [Token] [Expression] 
 
         
 functionBody ::=
         [BlockFunctionBody]
       | [EmptyFunctionBody]
       | [ExpressionFunctionBody]
       
 blockFunctionBody ::= block

 expressionFunctionBody ::= '=>' [Expression] ';'

 block ::= '{' statement* '}

 statement ::=
         [Block]
       | [VariableDeclarationStatement]
       | [IfStatement]
       | [ReturnStatement]
       | [ExpressionStatement] 
       
 variableDeclarationStatement ::= 
         [VariableDeclarationList] ';'
         
 variableDeclarationList ::=
         finalConstVarOrType [VariableDeclaration] (',' [VariableDeclaration])*
         
 variableDeclaration ::=
         [SimpleIdentifier] ('=' [Expression])?
         
 ifStatement ::=
         'if' '(' [Expression] ')' [Statement] ('else' [Statement])?
         
 returnStatement ::=
         'return' [Expression]? ';'
         
 expressionStatement ::=
         [Expression]? ';'
 

 expression ::=
         [AssignmentExpression]
       | [ConditionalExpression] cascadeSection*
       //the Dart grammar does not include the followings nodes here to avoid left recursion, however for the sake of presentation we inline them here.
       | [BinaryExpression]
       | [InvocationExpression]
       | [Literal]
       | [ParenthesizedExpression]
       | [Identifier]
       
 assignmentExpression ::=
         [Expression] assignmentOperator [Expression]
         
 conditionalExpression ::=
         [Expression] '?' [Expression] ':' [Expression]      

Security labels

SecDart uses annotations to specify security labels. We can specify security labels for the following entities:

  • parameters of functions
    int min(@high int a,@high int b)
  • variable definition
    void sendToFacebook(){
       ...
       @low String message = ....
       ...
    }
  • function declarations
    @latent("H","H")
    @low int max(@low int a,@high int b){
       return a+b;
    }