Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 109fa4d

Browse files
geoffw0geoffw0
committed
C++: Add test cases for BrokenCryptoAlgorithm.ql.
1 parent 7974e3a commit 109fa4d

4 files changed

Lines changed: 393 additions & 0 deletions

File tree

cpp/ql/test/query-tests/Security/CWE/CWE-327/BrokenCryptoAlgorithm.expected

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
| test2.cpp:25:2:25:9 | ALGO_DES | This macro invocation specifies a broken or weak cryptographic algorithm. |
2+
| test2.cpp:33:7:33:14 | ALGO_DES | This macro invocation specifies a broken or weak cryptographic algorithm. |
3+
| test2.cpp:47:7:47:14 | ALGO_DES | This macro invocation specifies a broken or weak cryptographic algorithm. |
4+
| test2.cpp:49:4:49:24 | call to my_des_implementation | This function call specifies a broken or weak cryptographic algorithm. |
5+
| test2.cpp:62:33:62:40 | ALGO_DES | This macro invocation specifies a broken or weak cryptographic algorithm. |
6+
| test2.cpp:124:4:124:24 | call to my_des_implementation | This function call specifies a broken or weak cryptographic algorithm. |
7+
| test2.cpp:172:28:172:35 | ALGO_DES | This macro invocation specifies a broken or weak cryptographic algorithm. |
8+
| test2.cpp:182:38:182:45 | ALGO_DES | This macro invocation specifies a broken or weak cryptographic algorithm. |
9+
| test2.cpp:192:26:192:33 | ALGO_DES | This macro invocation specifies a broken or weak cryptographic algorithm. |
10+
| test.cpp:38:2:38:31 | ENCRYPT_WITH_DES(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
11+
| test.cpp:39:2:39:31 | ENCRYPT_WITH_RC2(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
12+
| test.cpp:41:2:41:32 | ENCRYPT_WITH_3DES(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
13+
| test.cpp:42:2:42:38 | ENCRYPT_WITH_TRIPLE_DES(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
14+
| test.cpp:43:2:43:32 | ENCRYPT_WITH_RC20(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
15+
| test.cpp:44:2:44:39 | ENCRYPT_WITH_DES_REMOVED(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
16+
| test.cpp:49:2:49:26 | DES3ENCRYPT(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
17+
| test.cpp:51:2:51:32 | DES_DO_ENCRYPTION(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
18+
| test.cpp:52:2:52:31 | RUN_DES_ENCODING(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
19+
| test.cpp:53:2:53:25 | DES_ENCODE(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
20+
| test.cpp:54:2:54:26 | DES_SET_KEY(data,amount) | This macro invocation specifies a broken or weak cryptographic algorithm. |
21+
| test.cpp:56:2:56:9 | DES(str) | This macro invocation specifies a broken or weak cryptographic algorithm. |
22+
| test.cpp:59:12:59:25 | SORT_ORDER_DES | This macro invocation specifies a broken or weak cryptographic algorithm. |
23+
| test.cpp:88:2:88:11 | call to encryptDES | This function call specifies a broken or weak cryptographic algorithm. |
24+
| test.cpp:89:2:89:11 | call to encryptRC2 | This function call specifies a broken or weak cryptographic algorithm. |
25+
| test.cpp:91:2:91:12 | call to encrypt3DES | This function call specifies a broken or weak cryptographic algorithm. |
26+
| test.cpp:92:2:92:17 | call to encryptTripleDES | This function call specifies a broken or weak cryptographic algorithm. |
27+
| test.cpp:97:2:97:12 | call to DES3Encrypt | This function call specifies a broken or weak cryptographic algorithm. |
28+
| test.cpp:101:2:101:15 | call to do_des_encrypt | This function call specifies a broken or weak cryptographic algorithm. |
29+
| test.cpp:102:2:102:12 | call to DES_Set_Key | This function call specifies a broken or weak cryptographic algorithm. |

cpp/ql/test/query-tests/Security/CWE/CWE-327/BrokenCryptoAlgorithm.qlref

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql

cpp/ql/test/query-tests/Security/CWE/CWE-327/test.cpp

Lines changed: 109 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,109 @@
1+
2+
typedef unsigned long size_t;
3+
4+
// --- simple encryption macro invocations ---
5+
6+
void my_implementation1(void *data, size_t amount);
7+
void my_implementation2(void *data, size_t amount);
8+
void my_implementation3(void *data, size_t amount);
9+
void my_implementation4(void *data, size_t amount);
10+
void my_implementation5(void *data, size_t amount);
11+
void my_implementation6(const char *str);
12+
13+
#define ENCRYPT_WITH_DES(data, amount) my_implementation1(data, amount)
14+
#define ENCRYPT_WITH_RC2(data, amount) my_implementation2(data, amount)
15+
#define ENCRYPT_WITH_AES(data, amount) my_implementation3(data, amount)
16+
#define ENCRYPT_WITH_3DES(data, amount) my_implementation4(data, amount)
17+
#define ENCRYPT_WITH_TRIPLE_DES(data, amount) my_implementation4(data, amount)
18+
#define ENCRYPT_WITH_RC20(data, amount) my_implementation5(data, amount)
19+
#define ENCRYPT_WITH_DES_REMOVED(data, amount)
20+
21+
#define DESENCRYPT(data, amount) my_implementation1(data, amount)
22+
#define RC2ENCRYPT(data, amount) my_implementation2(data, amount)
23+
#define AESENCRYPT(data, amount) my_implementation3(data, amount)
24+
#define DES3ENCRYPT(data, amount) my_implementation4(data, amount)
25+
26+
#define DES_DO_ENCRYPTION(data, amount) my_implementation1(data, amount)
27+
#define RUN_DES_ENCODING(data, amount) my_implementation1(data, amount)
28+
#define DES_ENCODE(data, amount) my_implementation1(data, amount)
29+
#define DES_SET_KEY(data, amount) my_implementation1(data, amount)
30+
31+
#define DES(str) my_implementation6(str)
32+
#define DESMOND(str) my_implementation6(str)
33+
#define ANODES(str) my_implementation6(str)
34+
#define SORT_ORDER_DES (1)
35+
36+
void test_macros(void *data, size_t amount, const char *str)
37+
{
38+
ENCRYPT_WITH_DES(data, amount); // BAD
39+
ENCRYPT_WITH_RC2(data, amount); // BAD
40+
ENCRYPT_WITH_AES(data, amount); // GOOD (good algorithm)
41+
ENCRYPT_WITH_3DES(data, amount); // GOOD (good enough algorithm) [FALSE POSITIVE]
42+
ENCRYPT_WITH_TRIPLE_DES(data, amount); // GOOD (good enough algorithm) [FALSE POSITIVE]
43+
ENCRYPT_WITH_RC20(data, amount); // GOOD (if there ever is an RC20 algorithm, we have no reason to believe it's weak) [FALSE POSITIVE]
44+
ENCRYPT_WITH_DES_REMOVED(data, amount); // GOOD (implementation has been deleted) [FALSE POSITIVE]
45+
46+
DESENCRYPT(data, amount); // BAD [NOT DETECTED]
47+
RC2ENCRYPT(data, amount); // BAD [NOT DETECTED]
48+
AESENCRYPT(data, amount); // GOOD (good algorithm)
49+
DES3ENCRYPT(data, amount); // GOOD (good enough algorithm) [FALSE POSITIVE]
50+
51+
DES_DO_ENCRYPTION(data, amount); // BAD
52+
RUN_DES_ENCODING(data, amount); // BAD
53+
DES_ENCODE(data, amount); // BAD
54+
DES_SET_KEY(data, amount); // BAD
55+
56+
DES(str); // GOOD (probably nothing to do with encryption) [FALSE POSITIVE]
57+
DESMOND(str); // GOOD (probably nothing to do with encryption)
58+
ANODES(str); // GOOD (probably nothing to do with encryption)
59+
int ord = SORT_ORDER_DES; // GOOD (probably nothing to do with encryption) [FALSE POSITIVE]
60+
}
61+
62+
// --- simple encryption function calls ---
63+
64+
void encryptDES(void *data, size_t amount);
65+
void encryptRC2(void *data, size_t amount);
66+
void encryptAES(void *data, size_t amount);
67+
void encrypt3DES(void *data, size_t amount);
68+
void encryptTripleDES(void *data, size_t amount);
69+
70+
void DESEncrypt(void *data, size_t amount);
71+
void RC2Encrypt(void *data, size_t amount);
72+
void AESEncrypt(void *data, size_t amount);
73+
void DES3Encrypt(void *data, size_t amount);
74+
75+
void DoDESEncryption(void *data, size_t amount);
76+
void encryptDes(void *data, size_t amount);
77+
void do_des_encrypt(void *data, size_t amount);
78+
void DES_Set_Key(const char *key);
79+
void DESSetKey(const char *key);
80+
81+
int Des();
82+
void Desmond(const char *str);
83+
void Anodes(int i);
84+
void ConDes();
85+
86+
void test_functions(void *data, size_t amount, const char *str)
87+
{
88+
encryptDES(data, amount); // BAD
89+
encryptRC2(data, amount); // BAD
90+
encryptAES(data, amount); // GOOD (good algorithm)
91+
encrypt3DES(data, amount); // GOOD (good enough algorithm) [FALSE POSITIVE]
92+
encryptTripleDES(data, amount); // GOOD (good enough algorithm) [FALSE POSITIVE]
93+
94+
DESEncrypt(data, amount); // BAD
95+
RC2Encrypt(data, amount); // BAD
96+
AESEncrypt(data, amount); // GOOD (good algorithm)
97+
DES3Encrypt(data, amount); // GOOD (good enough algorithm) [FALSE POSITIVE]
98+
99+
DoDESEncryption(data, amount); // BAD [NOT DETECTED]
100+
encryptDes(data, amount); // BAD [NOT DETECTED]
101+
do_des_encrypt(data, amount); // BAD
102+
DES_Set_Key(str); // BAD
103+
DESSetKey(str); // BAD [NOT DETECTED]
104+
105+
Des(); // GOOD (probably nothing to do with encryption)
106+
Desmond(str); // GOOD (probably nothing to do with encryption)
107+
Anodes(1); // GOOD (probably nothing to do with encryption)
108+
ConDes(); // GOOD (probably nothing to do with encryption)
109+
}

cpp/ql/test/query-tests/Security/CWE/CWE-327/test2.cpp

Lines changed: 254 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,254 @@
1+
2+
typedef unsigned long size_t;
3+
4+
int strcmp(const char *s1, const char *s2);
5+
void abort(void);
6+
7+
struct keytype
8+
{
9+
char data[16];
10+
};
11+
12+
void my_des_implementation(char *data, size_t amount, keytype key);
13+
void my_rc2_implementation(char *data, size_t amount, keytype key);
14+
void my_aes_implementation(char *data, size_t amount, keytype key);
15+
void my_3des_implementation(char *data, size_t amount, keytype key);
16+
17+
typedef void (*implementation_fn_ptr)(char *data, size_t amount, keytype key);
18+
19+
// --- more involved C-style example ---
20+
21+
#define ALGO_DES (1)
22+
#define ALGO_AES (2)
23+
24+
int all_algos[] = {
25+
ALGO_DES, // [FALSE POSITIVE]
26+
ALGO_AES
27+
};
28+
29+
void encrypt_good(char *data, size_t amount, keytype key, int algo)
30+
{
31+
switch (algo)
32+
{
33+
case ALGO_DES: // [FALSE POSITIVE]
34+
abort();
35+
36+
case ALGO_AES:
37+
{
38+
my_aes_implementation(data, amount, key); // GOOD
39+
} break;
40+
}
41+
};
42+
43+
void encrypt_bad(char *data, size_t amount, keytype key, int algo)
44+
{
45+
switch (algo)
46+
{
47+
case ALGO_DES:
48+
{
49+
my_des_implementation(data, amount, key); // BAD
50+
} break;
51+
52+
case ALGO_AES:
53+
{
54+
my_aes_implementation(data, amount, key); // GOOD
55+
} break;
56+
}
57+
};
58+
59+
void do_encrypts(char *data, size_t amount, keytype key)
60+
{
61+
encrypt_good(data, amount, key, ALGO_AES); // GOOD
62+
encrypt_bad(data, amount, key, ALGO_DES); // BAD
63+
}
64+
65+
// --- more involved CPP-style example ---
66+
67+
enum algorithm
68+
{
69+
DES,
70+
AES
71+
};
72+
73+
algorithm all_algorithms[] = {
74+
DES,
75+
AES
76+
};
77+
78+
class MyGoodEncryptor
79+
{
80+
public:
81+
MyGoodEncryptor(keytype _key, algorithm _algo) : key(_key), algo(_algo) {};
82+
83+
void encrypt(char *data, size_t amount);
84+
85+
private:
86+
keytype key;
87+
algorithm algo;
88+
};
89+
90+
void MyGoodEncryptor :: encrypt(char *data, size_t amount)
91+
{
92+
switch (algo)
93+
{
94+
case DES:
95+
{
96+
throw "DES is not a good choice of encryption algorithm!";
97+
} break;
98+
99+
case AES:
100+
{
101+
my_aes_implementation(data, amount, key); // GOOD
102+
} break;
103+
}
104+
}
105+
106+
class MyBadEncryptor
107+
{
108+
public:
109+
MyBadEncryptor(keytype _key, algorithm _algo) : key(_key), algo(_algo) {};
110+
111+
void encrypt(char *data, size_t amount);
112+
113+
private:
114+
keytype key;
115+
algorithm algo;
116+
};
117+
118+
void MyBadEncryptor :: encrypt(char *data, size_t amount)
119+
{
120+
switch (algo)
121+
{
122+
case DES:
123+
{
124+
my_des_implementation(data, amount, key); // BAD
125+
} break;
126+
127+
case AES:
128+
{
129+
my_aes_implementation(data, amount, key); // GOOD
130+
} break;
131+
}
132+
}
133+
134+
void do_class_encrypts(char *data, size_t amount, keytype key)
135+
{
136+
{
137+
MyGoodEncryptor mge(key, AES); // GOOD
138+
139+
mge.encrypt(data, amount);
140+
141+
}
142+
143+
{
144+
MyBadEncryptor mbe(key, DES); // BAD [NOT DETECTED]
145+
146+
mbe.encrypt(data, amount);
147+
}
148+
}
149+
150+
// --- unseen implementation ---
151+
152+
enum use_algorithm
153+
{
154+
USE_DES,
155+
USE_AES
156+
};
157+
158+
void set_encryption_algorithm1(int algorithm);
159+
void set_encryption_algorithm2(use_algorithm algorithm);
160+
void set_encryption_algorithm3(const char *algorithm_str);
161+
162+
void encryption_with1(char *data, size_t amount, keytype key, int algorithm);
163+
void encryption_with2(char *data, size_t amount, keytype key, use_algorithm algorithm);
164+
void encryption_with3(char *data, size_t amount, keytype key, const char *algorithm_str);
165+
166+
int get_algorithm1();
167+
use_algorithm get_algorithm2();
168+
const char *get_algorithm3();
169+
170+
void do_unseen_encrypts(char *data, size_t amount, keytype key)
171+
{
172+
set_encryption_algorithm1(ALGO_DES); // BAD
173+
set_encryption_algorithm1(ALGO_AES); // GOOD
174+
175+
set_encryption_algorithm2(USE_DES); // BAD [NOT DETECTED]
176+
set_encryption_algorithm2(USE_AES); // GOOD
177+
178+
set_encryption_algorithm3("DES"); // BAD [NOT DETECTED]
179+
set_encryption_algorithm3("AES"); // GOOD
180+
set_encryption_algorithm3("AES-256"); // GOOD
181+
182+
encryption_with1(data, amount, key, ALGO_DES); // BAD
183+
encryption_with1(data, amount, key, ALGO_AES); // GOOD
184+
185+
encryption_with2(data, amount, key, USE_DES); // BAD [NOT DETECTED]
186+
encryption_with2(data, amount, key, USE_AES); // GOOD
187+
188+
encryption_with3(data, amount, key, "DES"); // BAD [NOT DETECTED]
189+
encryption_with3(data, amount, key, "AES"); // GOOD
190+
encryption_with3(data, amount, key, "AES-256"); // GOOD
191+
192+
if (get_algorithm1() == ALGO_DES) // GOOD [FALSE POSITIVE]
193+
{
194+
throw "DES is not a good choice of encryption algorithm!";
195+
}
196+
if (get_algorithm2() == USE_DES) // GOOD
197+
{
198+
throw "DES is not a good choice of encryption algorithm!";
199+
}
200+
if (strcmp(get_algorithm3(), "DES") == 0) // GOOD
201+
{
202+
throw "DES is not a good choice of encryption algorithm!";
203+
}
204+
}
205+
206+
// --- classes ---
207+
208+
class desEncrypt
209+
{
210+
public:
211+
static void encrypt(const char *data);
212+
};
213+
214+
class aes256Encrypt
215+
{
216+
public:
217+
static void encrypt(const char *data);
218+
};
219+
220+
class desCipher
221+
{
222+
public:
223+
void encrypt(const char *data);
224+
};
225+
226+
class aesCipher
227+
{
228+
public:
229+
void encrypt(const char *data);
230+
};
231+
232+
void do_classes(const char *data)
233+
{
234+
desEncrypt::encrypt(data); // BAD [NOT DETECTED]
235+
aes256Encrypt::encrypt(data); // GOOD
236+
237+
desCipher dc;
238+
aesCipher ac;
239+
dc.encrypt(data); // BAD [NOT DETECTED]
240+
ac.encrypt(data); // GOOD
241+
}
242+
243+
// --- function pointer ---
244+
245+
void do_fn_ptr(char *data, size_t amount, keytype key)
246+
{
247+
implementation_fn_ptr impl;
248+
249+
impl = &my_des_implementation; // BAD [NOT DETECTED]
250+
impl(data, amount, key);
251+
252+
impl = &my_aes_implementation; // GOOD
253+
impl(data, amount, key);
254+
}

0 commit comments

Comments
 (0)