[APPSEC-26] Add Kotlin specification (#1045)

rules/S6432/kotlin/highlighting.adoc

@@ -0,0 +1,8 @@
+=== Highlighting
+
+* Primary location
+** javax.crypto.Cipher.init call
+
+* Secondary locations
+** javax.crypto.spec.GCMParameterSpec constructor
+** nonce variable declaration

rules/S6432/kotlin/rule.adoc

@@ -1,22 +1,48 @@
-FIXME: add a description
-
-// If you want to factorize the description uncomment the following line and create the file.
-//include::../description.adoc[]
+include::../description.adoc[]
 
 == Noncompliant Code Example
 
 [source,kotlin]
 ----
-FIXME
+fun encrypt(key: ByteArray, ptxt: ByteArray) {
+    val nonce: ByteArray = "7cVgr5cbdCZV".toByteArray() // The initialization vector is a static value
+
+    val gcmSpec  = GCMParameterSpec(128, nonce) // The initialization vector is configured here
+    val skeySpec = SecretKeySpec(key, "AES")
+
+    val cipher: Cipher = Cipher.getInstance("AES/GCM/NoPadding")
+    cipher.init(Cipher.ENCRYPT_MODE, skeySpec, gcmSpec) // Noncompliant
+}
 ----
 
 == Compliant Solution
 
 [source,kotlin]
 ----
-FIXME
+fun encrypt(key: ByteArray, ptxt: ByteArray) {
+    val random: SecureRandom = SecureRandom()
+    val nonce: ByteArray     = ByteArray(12)
+    random.nextBytes(nonce) // Random 96 bit IV
+
+    val gcmSpec  = GCMParameterSpec(128, nonce)
+    val skeySpec = SecretKeySpec(key, "AES")
+
+    val cipher: Cipher = Cipher.getInstance("AES/GCM/NoPadding")
+    cipher.init(Cipher.ENCRYPT_MODE, skeySpec, gcmSpec)
+}
 ----
 
-== See
+include::../see.adoc[]
+
+
+ifdef::env-github,rspecator-view[]
+
+'''
+== Implementation Specification
+(visible only on this page)
+
+include::../message.adoc[]
+
+include::./highlighting.adoc[]
 
-FIXME: A list of links
+endif::env-github,rspecator-view[]