Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Java: Add RSA/ECB/OEAP ciphers to the list of secure algorithms #16482

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Java: Add RSA/ECB/OEAP ciphers to the list of secure algorithms #16482

wants to merge 6 commits into from
+6 −0

Conversation

grakshith
Copy link

@grakshith grakshith commented May 13, 2024
edited

This PR adds the ciphers RSA/ECB/OAEPWithSHA-1AndMGF1Padding and RSA/ECB/OAEPWithSHA-256AndMGF1Padding to the list of secure algorithms.

CodeQL flags the uses of these ciphers as risky/weak because it sees ECB in the cipher name and matches the regex from the getInsecureAlgorithmRegex() function.

The ciphers listed above are part of the Java Cryptographic Architecture and Java Security Standard, and after a quick google search it appears that none of the security providers operate RSA in the block mode. So ECB in the context of RSA is a misnomer.

I did omit the other algorithm RSA/ECB/PKCS1Padding as I believe PKCS1 padding is weaker compared to OAEP.

References

List of supported ciphers from the Java Security API
Java Security Spec
Stack overflow thread
Another thread

EDIT: Instead of adding these cipher to getASecureAlgorithmName we are now excluding ciphers matching the regex RSA/ECB/.* from the query.

@github-actions github-actions bot added the Java label May 13, 2024
@grakshith grakshith changed the title [java] Add RSA/ECB/OEAP ciphers to the list of secure algorithms Java: Add RSA/ECB/OEAP ciphers to the list of secure algorithms May 13, 2024
@grakshith grakshith marked this pull request as ready for review May 13, 2024 18:53
@grakshith grakshith requested a review from a team as a code owner May 13, 2024 18:53
atorralba
atorralba reviewed May 23, 2024
View reviewed changes
Copy link
Contributor

@atorralba atorralba left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @grakshith, thanks for your contribution.

I made a small comment below with a suggestion to keep things cohesive.

Your approach has a problem, though. I ran the updated query on the 1k most popular projects on GitHub and I saw that some unexpected algorithms would be discarded by your change, e.g.:

  • SHA1withRSA (and its variants)
  • ECIESwithSHA1 (and its variants)
  • Blowfish/ECB/PKCS5Padding (and its variants)

So, instead of using the secure algorithm regex to discard results in this query (which also overlaps a bit with java/potentially-weak-cryptographic-algorithm), I think the safest thing here would be to add a specific exclusion for the RSA/ECB string.

Something like:

    not this.getValue().regexpMatch("RSA/ECB.*") and

What do you think?

java/ql/lib/semmle/code/java/security/BrokenCryptoAlgorithmQuery.qll Outdated
@@ -15,6 +15,7 @@ private class ShortStringLiteral extends StringLiteral {
class BrokenAlgoLiteral extends ShortStringLiteral {
BrokenAlgoLiteral() {
this.getValue().regexpMatch(getInsecureAlgorithmRegex()) and
not this.getValue().regexpMatch(getASecureAlgorithmName()) and
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This ought to be fixed as follows to make sense with regexpMatch (getASecureAlgorithmName contains, perhaps a bit surprisingly, regexes):

Suggested change
not this.getValue().regexpMatch(getASecureAlgorithmName()) and
not this.getValue().regexpMatch(getSecureAlgorithmRegex()) and

Nonetheless see my comment above for the full picture.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, thanks for the callout. Didn't realize there was getSecureAlgorithmRegex

@grakshith
Copy link
Author

Hey @grakshith, thanks for your contribution.

I made a small comment below with a suggestion to keep things cohesive.

Your approach has a problem, though. I ran the updated query on the 1k most popular projects on GitHub and I saw that some unexpected algorithms would be discarded by your change, e.g.:

  • SHA1withRSA (and its variants)
  • ECIESwithSHA1 (and its variants)
  • Blowfish/ECB/PKCS5Padding (and its variants)

So, instead of using the secure algorithm regex to discard results in this query (which also overlaps a bit with java/potentially-weak-cryptographic-algorithm), I think the safest thing here would be to add a specific exclusion for the RSA/ECB string.

Something like:

    not this.getValue().regexpMatch("RSA/ECB.*") and

What do you think?

Hey @atorralba, thanks a lot for the review and your comments. Thanks for also running integration tests on the most popular repos. Your comment makes sense and I'll push out the change.

@grakshith
Copy link
Author

Thanks @atorralba, I forgot to revert my previous changes 😅

@grakshith grakshith requested a review from atorralba June 4, 2024 18:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@atorralba atorralba Awaiting requested review from atorralba

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
documentation Java
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@grakshith @atorralba