Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit b7123c1

Browse files
Jami CogswellJami Cogswell
Jami Cogswell
authored and
Jami Cogswell
committed
draft of adding kpg tracking into dataflow config
1 parent cdac0e2 commit b7123c1

4 files changed

Lines changed: 261 additions & 23 deletions

File tree

java/ql/lib/semmle/code/java/security/InsufficientKeySizeQuery.qll

Lines changed: 26 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
import semmle.code.java.security.Encryption
2+
import semmle.code.java.dataflow.TaintTracking2
23
import semmle.code.java.dataflow.TaintTracking
34
import semmle.code.java.dataflow.DataFlow
45

@@ -11,7 +12,7 @@ import semmle.code.java.dataflow.DataFlow
1112
/**
1213
* Asymmetric (RSA, DSA, DH) key length data flow tracking configuration.
1314
*/
14-
class AsymmetricKeyTrackingConfiguration extends DataFlow::Configuration {
15+
class AsymmetricKeyTrackingConfiguration extends TaintTracking2::Configuration {
1516
AsymmetricKeyTrackingConfiguration() { this = "AsymmetricKeyTrackingConfiguration" }
1617

1718
override predicate isSource(DataFlow::Node source) {
@@ -27,15 +28,25 @@ class AsymmetricKeyTrackingConfiguration extends DataFlow::Configuration {
2728
override predicate isSink(DataFlow::Node sink) {
2829
exists(MethodAccess ma, VarAccess va |
2930
ma.getMethod() instanceof KeyPairGeneratorInitMethod and
30-
va.getVariable()
31-
.getAnAssignedValue()
32-
.(JavaSecurityKeyPairGenerator)
33-
.getAlgoSpec()
34-
.(StringLiteral)
35-
.getValue()
36-
.toUpperCase()
37-
.matches(["RSA", "DSA", "DH"]) and
38-
ma.getQualifier() = va and
31+
ma.getFile().getBaseName().matches("SignatureTest.java") and
32+
// va.getVariable()
33+
// .getAnAssignedValue()
34+
// .(JavaSecurityKeyPairGenerator)
35+
// .getAlgoSpec()
36+
// .(StringLiteral)
37+
// .getValue()
38+
// .toUpperCase()
39+
// .matches(["RSA", "DSA", "DH"]) and
40+
// ma.getQualifier() = va and
41+
exists(
42+
JavaSecurityKeyPairGenerator jpg, KeyPairGeneratorInitConfiguration kpgConfig,
43+
DataFlow::PathNode source, DataFlow::PathNode dest
44+
|
45+
jpg.getAlgoSpec().(StringLiteral).getValue().toUpperCase().matches(["RSA", "DSA", "DH"]) and
46+
source.getNode().asExpr() = jpg and
47+
dest.getNode().asExpr() = ma.getQualifier() and
48+
kpgConfig.hasFlowPath(source, dest)
49+
) and
3950
sink.asExpr() = ma.getArgument(0)
4051
)
4152
}
@@ -102,12 +113,11 @@ class SymmetricKeyTrackingConfiguration extends DataFlow::Configuration {
102113
}
103114

104115
// ! below doesn't work for some reason...
105-
predicate hasInsufficientKeySize2(DataFlow::PathNode source, DataFlow::PathNode sink) {
106-
exists(AsymmetricKeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink))
107-
or
108-
exists(SymmetricKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink))
109-
}
110-
116+
// predicate hasInsufficientKeySize2(DataFlow::PathNode source, DataFlow::PathNode sink) {
117+
// exists(AsymmetricKeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink))
118+
// or
119+
// exists(SymmetricKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink))
120+
// }
111121
// ******** Need the below for the above ********
112122
// ! move to Encryption.qll?
113123
/** The Java class `java.security.spec.ECGenParameterSpec`. */

java/ql/src/Security/CWE/CWE-326/InsufficientKeySize.ql

Lines changed: 14 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -26,9 +26,17 @@ import DataFlow::PathGraph
2626
// cfg2.hasFlowPath(source, sink)
2727
// select sink.getNode(), source, sink, "The $@ of an asymmetric key should be at least 2048 bits.",
2828
// sink.getNode(), "size"
29-
from DataFlow::PathNode source, DataFlow::PathNode sink
30-
where
31-
exists(AsymmetricKeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink)) or
32-
exists(AsymmetricECCKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink)) or
33-
exists(SymmetricKeyTrackingConfiguration config3 | config3.hasFlowPath(source, sink))
34-
select sink.getNode(), source, sink, "This $@ is too small.", sink.getNode(), "key size"
29+
// * Use Below
30+
// from DataFlow::PathNode source, DataFlow::PathNode sink
31+
// where exists(AsymmetricKeyTrackingConfiguration config1 | config1.hasFlowPath(source, sink)) //or
32+
// //exists(AsymmetricECCKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink)) //or
33+
// //exists(SymmetricKeyTrackingConfiguration config3 | config3.hasFlowPath(source, sink))
34+
// select sink.getNode(), source, sink, "This $@ is too small, and flows to $@.", source.getNode(),
35+
// "key size", sink.getNode(), "here"
36+
// * Use Above
37+
from DataFlow::Node source, DataFlow::Node sink
38+
where exists(AsymmetricKeyTrackingConfiguration config1 | config1.hasFlow(source, sink)) //or
39+
//exists(AsymmetricECCKeyTrackingConfiguration config2 | config2.hasFlowPath(source, sink)) //or
40+
//exists(SymmetricKeyTrackingConfiguration config3 | config3.hasFlowPath(source, sink))
41+
select sink, source, sink, "This $@ is too small, and flows to $@.", source, "key size", sink,
42+
"here"

java/ql/test/query-tests/security/CWE-326/InsufficientKeySizeTest.java

Lines changed: 25 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,11 @@
1+
import javax.crypto.KeyGenerator;
12
import java.security.KeyPairGenerator;
3+
24
import java.security.spec.ECGenParameterSpec;
35
import java.security.spec.RSAKeyGenParameterSpec;
4-
import javax.crypto.KeyGenerator;
6+
import java.security.spec.DSAGenParameterSpec;
7+
import javax.crypto.spec.DHGenParameterSpec;
8+
59

610
public class InsufficientKeySizeTest {
711
public void keySizeTesting() throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException {
@@ -49,6 +53,16 @@ public void keySizeTesting() throws java.security.NoSuchAlgorithmException, java
4953
// GOOD: Key size is no less than 2048
5054
KeyPairGenerator keyPairGen4 = KeyPairGenerator.getInstance("DSA");
5155
keyPairGen4.initialize(2048); // Safe
56+
57+
// test with spec?
58+
// // BAD: Key size is less than 2048
59+
// KeyPairGenerator keyPairGen5 = KeyPairGenerator.getInstance("DSA");
60+
// DSAGenParameterSpec dsaSpec = new DSAGenParameterSpec(1024, null);
61+
// keyPairGen5.initialize(dsaSpec); // $ hasInsufficientKeySize
62+
63+
// // BAD: Key size is less than 2048
64+
// KeyPairGenerator keyPairGen6 = KeyPairGenerator.getInstance("DSA");
65+
// keyPairGen6.initialize(new DSAGenParameterSpec(1024, null)); // $ hasInsufficientKeySize
5266
}
5367

5468
// DH (Asymmetric)
@@ -60,6 +74,16 @@ public void keySizeTesting() throws java.security.NoSuchAlgorithmException, java
6074
// GOOD: Key size is no less than 2048
6175
KeyPairGenerator keyPairGen17 = KeyPairGenerator.getInstance("DH");
6276
keyPairGen17.initialize(2048); // Safe
77+
78+
// test with spec?
79+
// // BAD: Key size is less than 2048
80+
// KeyPairGenerator keyPairGen3 = KeyPairGenerator.getInstance("DH");
81+
// DHGenParameterSpec dhSpec = new DHGenParameterSpec(1024, null);
82+
// keyPairGen3.initialize(dhSpec); // $ hasInsufficientKeySize
83+
84+
// // BAD: Key size is less than 2048
85+
// KeyPairGenerator keyPairGen4 = KeyPairGenerator.getInstance("DH");
86+
// keyPairGen4.initialize(new DHGenParameterSpec(1024, null)); // $ hasInsufficientKeySize
6387
}
6488

6589
// EC (Asymmetric)

java/ql/test/query-tests/security/CWE-326/SignatureTest.java

Lines changed: 196 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,196 @@
1+
//package org.bouncycastle.jce.provider.test;
2+
3+
import java.security.KeyPair;
4+
import java.security.KeyPairGenerator;
5+
import java.security.SecureRandom;
6+
import java.security.Security;
7+
import java.security.Signature;
8+
9+
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
10+
// import org.bouncycastle.jce.provider.BouncyCastleProvider;
11+
// import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
12+
// import org.bouncycastle.jce.spec.GOST3410ParameterSpec;
13+
// import org.bouncycastle.util.encoders.Hex;
14+
// import org.bouncycastle.util.test.SimpleTest;
15+
16+
public class SignatureTest
17+
//extends SimpleTest
18+
{
19+
// private static final byte[] DATA = Hex.decode("00000000deadbeefbeefdeadffffffff00000000");
20+
21+
private void checkSig(KeyPair kp, String name)
22+
throws Exception
23+
{
24+
// Signature sig = Signature.getInstance(name, "BC");
25+
26+
// sig.initSign(kp.getPrivate());
27+
// sig.update(DATA);
28+
29+
// byte[] signature1 = sig.sign();
30+
31+
// sig.update(DATA);
32+
33+
// byte[] signature2 = sig.sign();
34+
35+
// sig.initVerify(kp.getPublic());
36+
37+
// sig.update(DATA);
38+
// if (!sig.verify(signature1))
39+
// {
40+
// fail("did not verify: " + name);
41+
// }
42+
43+
// // After verify, should be reusable as if we are after initVerify
44+
// sig.update(DATA);
45+
// if (!sig.verify(signature1))
46+
// {
47+
// fail("second verify failed: " + name);
48+
// }
49+
50+
// sig.update(DATA);
51+
// if (!sig.verify(signature2))
52+
// {
53+
// fail("second verify failed (2): " + name);
54+
// }
55+
}
56+
57+
public void performTest()
58+
throws Exception
59+
{
60+
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
61+
62+
kpGen.initialize(2048); // Safe
63+
64+
KeyPair kp = kpGen.generateKeyPair();
65+
66+
checkSig(kp, "SHA1withRSA");
67+
checkSig(kp, "SHA224withRSA");
68+
checkSig(kp, "SHA256withRSA");
69+
checkSig(kp, "SHA384withRSA");
70+
checkSig(kp, "SHA512withRSA");
71+
72+
checkSig(kp, "SHA3-224withRSA");
73+
checkSig(kp, "SHA3-256withRSA");
74+
checkSig(kp, "SHA3-384withRSA");
75+
checkSig(kp, "SHA3-512withRSA");
76+
77+
checkSig(kp, "MD2withRSA");
78+
checkSig(kp, "MD4withRSA");
79+
checkSig(kp, "MD5withRSA");
80+
checkSig(kp, "RIPEMD160withRSA");
81+
checkSig(kp, "RIPEMD128withRSA");
82+
checkSig(kp, "RIPEMD256withRSA");
83+
84+
checkSig(kp, "SHA1withRSAandMGF1");
85+
checkSig(kp, "SHA1withRSAandMGF1");
86+
checkSig(kp, "SHA224withRSAandMGF1");
87+
checkSig(kp, "SHA256withRSAandMGF1");
88+
checkSig(kp, "SHA384withRSAandMGF1");
89+
checkSig(kp, "SHA512withRSAandMGF1");
90+
91+
checkSig(kp, "SHA1withRSAandSHAKE128");
92+
checkSig(kp, "SHA1withRSAandSHAKE128");
93+
checkSig(kp, "SHA224withRSAandSHAKE128");
94+
checkSig(kp, "SHA256withRSAandSHAKE128");
95+
checkSig(kp, "SHA384withRSAandSHAKE128");
96+
checkSig(kp, "SHA512withRSAandSHAKE128");
97+
98+
checkSig(kp, "SHA1withRSAandSHAKE256");
99+
checkSig(kp, "SHA1withRSAandSHAKE256");
100+
checkSig(kp, "SHA224withRSAandSHAKE256");
101+
checkSig(kp, "SHA256withRSAandSHAKE256");
102+
checkSig(kp, "SHA384withRSAandSHAKE256");
103+
checkSig(kp, "SHA512withRSAandSHAKE256");
104+
105+
checkSig(kp, "SHAKE128withRSAPSS");
106+
checkSig(kp, "SHAKE256withRSAPSS");
107+
108+
checkSig(kp, "SHA1withRSA/ISO9796-2");
109+
checkSig(kp, "MD5withRSA/ISO9796-2");
110+
checkSig(kp, "RIPEMD160withRSA/ISO9796-2");
111+
112+
// checkSig(kp, "SHA1withRSA/ISO9796-2PSS");
113+
// checkSig(kp, "MD5withRSA/ISO9796-2PSS");
114+
// checkSig(kp, "RIPEMD160withRSA/ISO9796-2PSS");
115+
116+
checkSig(kp, "RIPEMD128withRSA/X9.31");
117+
checkSig(kp, "RIPEMD160withRSA/X9.31");
118+
checkSig(kp, "SHA1withRSA/X9.31");
119+
checkSig(kp, "SHA224withRSA/X9.31");
120+
checkSig(kp, "SHA256withRSA/X9.31");
121+
checkSig(kp, "SHA384withRSA/X9.31");
122+
checkSig(kp, "SHA512withRSA/X9.31");
123+
checkSig(kp, "WhirlpoolwithRSA/X9.31");
124+
125+
kpGen = KeyPairGenerator.getInstance("DSA", "BC");
126+
127+
kpGen.initialize(2048); // Safe
128+
129+
kp = kpGen.generateKeyPair();
130+
131+
checkSig(kp, "SHA1withDSA");
132+
checkSig(kp, "SHA224withDSA");
133+
checkSig(kp, "SHA256withDSA");
134+
checkSig(kp, "SHA384withDSA");
135+
checkSig(kp, "SHA512withDSA");
136+
checkSig(kp, "NONEwithDSA");
137+
138+
kpGen = KeyPairGenerator.getInstance("EC", "BC");
139+
140+
kpGen.initialize(256); // Safe
141+
142+
kp = kpGen.generateKeyPair();
143+
144+
checkSig(kp, "SHA1withECDSA");
145+
checkSig(kp, "SHA224withECDSA");
146+
checkSig(kp, "SHA256withECDSA");
147+
checkSig(kp, "SHA384withECDSA");
148+
checkSig(kp, "SHA512withECDSA");
149+
checkSig(kp, "RIPEMD160withECDSA");
150+
checkSig(kp, "SHAKE128withECDSA");
151+
checkSig(kp, "SHAKE256withECDSA");
152+
153+
kpGen = KeyPairGenerator.getInstance("EC", "BC");
154+
155+
kpGen.initialize(521); // Safe
156+
157+
kp = kpGen.generateKeyPair();
158+
159+
checkSig(kp, "SHA1withECNR");
160+
checkSig(kp, "SHA224withECNR");
161+
checkSig(kp, "SHA256withECNR");
162+
checkSig(kp, "SHA384withECNR");
163+
checkSig(kp, "SHA512withECNR");
164+
165+
// kpGen = KeyPairGenerator.getInstance("ECGOST3410", "BC");
166+
167+
// kpGen.initialize(new ECNamedCurveGenParameterSpec("GostR3410-2001-CryptoPro-A"), new SecureRandom());
168+
169+
// kp = kpGen.generateKeyPair();
170+
171+
// checkSig(kp, "GOST3411withECGOST3410");
172+
173+
// kpGen = KeyPairGenerator.getInstance("GOST3410", "BC");
174+
175+
// GOST3410ParameterSpec gost3410P = new GOST3410ParameterSpec(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_A.getId());
176+
177+
// kpGen.initialize(gost3410P);
178+
179+
// kp = kpGen.generateKeyPair();
180+
181+
// checkSig(kp, "GOST3411withGOST3410");
182+
}
183+
184+
public String getName()
185+
{
186+
return "SigNameTest";
187+
}
188+
189+
// public static void main(
190+
// String[] args)
191+
// {
192+
// //Security.addProvider(new BouncyCastleProvider());
193+
194+
// //runTest(new SignatureTest());
195+
// }
196+
}

0 commit comments

Comments
 (0)