diff --git a/tests/.gitignore b/tests/.gitignore new file mode 100644 index 0000000000..42070f13d9 --- /dev/null +++ b/tests/.gitignore @@ -0,0 +1,2 @@ +**/*.testproj +**/*.actual diff --git a/tests/csharp-tests/CWE-760/HardcodedSalt.expected b/tests/csharp-tests/CWE-760/HardcodedSalt.expected new file mode 100644 index 0000000000..bdd849652e --- /dev/null +++ b/tests/csharp-tests/CWE-760/HardcodedSalt.expected @@ -0,0 +1,18 @@ +edges +| Test.cs:13:16:13:55 | call to method GetBytes : Byte[] | Test.cs:14:49:14:52 | access to local variable salt | +| Test.cs:13:39:13:54 | "Hardcoded Salt" : String | Test.cs:13:16:13:55 | call to method GetBytes : Byte[] | +| Test.cs:23:12:23:28 | "Hardcoded Salt2" : String | Test.cs:29:39:29:63 | call to method generateSalt : String | +| Test.cs:29:16:29:64 | call to method GetBytes : Byte[] | Test.cs:30:49:30:52 | access to local variable salt | +| Test.cs:29:39:29:63 | call to method generateSalt : String | Test.cs:29:16:29:64 | call to method GetBytes : Byte[] | +nodes +| Test.cs:13:16:13:55 | call to method GetBytes : Byte[] | semmle.label | call to method GetBytes : Byte[] | +| Test.cs:13:39:13:54 | "Hardcoded Salt" : String | semmle.label | "Hardcoded Salt" : String | +| Test.cs:14:49:14:52 | access to local variable salt | semmle.label | access to local variable salt | +| Test.cs:23:12:23:28 | "Hardcoded Salt2" : String | semmle.label | "Hardcoded Salt2" : String | +| Test.cs:29:16:29:64 | call to method GetBytes : Byte[] | semmle.label | call to method GetBytes : Byte[] | +| Test.cs:29:39:29:63 | call to method generateSalt : String | semmle.label | call to method generateSalt : String | +| Test.cs:30:49:30:52 | access to local variable salt | semmle.label | access to local variable salt | +subpaths +#select +| Test.cs:14:49:14:52 | access to local variable salt | Test.cs:13:39:13:54 | "Hardcoded Salt" : String | Test.cs:14:49:14:52 | access to local variable salt | Use of $@. | Test.cs:13:39:13:54 | "Hardcoded Salt" | hardcoded salt | +| Test.cs:30:49:30:52 | access to local variable salt | Test.cs:23:12:23:28 | "Hardcoded Salt2" : String | Test.cs:30:49:30:52 | access to local variable salt | Use of $@. | Test.cs:23:12:23:28 | "Hardcoded Salt2" | hardcoded salt | diff --git a/tests/csharp-tests/CWE-760/HardcodedSalt.qlref b/tests/csharp-tests/CWE-760/HardcodedSalt.qlref new file mode 100644 index 0000000000..f8e5d2cdc8 --- /dev/null +++ b/tests/csharp-tests/CWE-760/HardcodedSalt.qlref @@ -0,0 +1 @@ +CWE-760/HardcodedSalt.ql \ No newline at end of file diff --git a/tests/csharp-tests/CWE-760/Test.cs b/tests/csharp-tests/CWE-760/Test.cs new file mode 100644 index 0000000000..a68507404f --- /dev/null +++ b/tests/csharp-tests/CWE-760/Test.cs @@ -0,0 +1,32 @@ +using System; +using System.IO; +using System.Text; +using System.Runtime.Serialization; +using System.Security.Cryptography; +using System.Security.Permissions; + +public class StaticSalt { + public void Test1() { + string password = "TestPassword"; + + // BAD: Static String + var salt = Encoding.UTF8.GetBytes("Hardcoded Salt"); + var hash = new Rfc2898DeriveBytes(password, salt); + + // Good: Randomly generated byte array + var randonSalt = new byte[16]; + RandomNumberGenerator.Create().GetBytes(randonSalt); + var hash_safe = new Rfc2898DeriveBytes(password, randonSalt); + } + + public static string generateSalt() { + return "Hardcoded Salt2"; + } + public void Test2() { + string password = "TestPassword2"; + + // BAD: Static String + var salt = Encoding.UTF8.GetBytes(StaticSalt.generateSalt()); + var hash = new Rfc2898DeriveBytes(password, salt); + } +} \ No newline at end of file diff --git a/tests/csharp-tests/CWE-760/options b/tests/csharp-tests/CWE-760/options new file mode 100644 index 0000000000..f2f776d118 --- /dev/null +++ b/tests/csharp-tests/CWE-760/options @@ -0,0 +1 @@ +semmle-extractor-options: /r:System.Security.Cryptography.Csp.dll /r:System.Security.Cryptography.Algorithms.dll diff --git a/tests/csharp-tests/CWE-916/Test.cs b/tests/csharp-tests/CWE-916/Test.cs new file mode 100644 index 0000000000..e15c5785b4 --- /dev/null +++ b/tests/csharp-tests/CWE-916/Test.cs @@ -0,0 +1,26 @@ +using System; +using System.IO; +using System.Text; +using System.Runtime.Serialization; +using System.Security.Cryptography; +using System.Security.Permissions; + +public class StaticSalt { + public void Test1() { + string password = "TestPassword"; + var randonSalt = new byte[16]; + RandomNumberGenerator.Create().GetBytes(randonSalt); + + + // BAD: Default (1000) + var hash = new Rfc2898DeriveBytes(password, randonSalt); + + // BAD: Static int + var hash2 = new Rfc2898DeriveBytes(password, randonSalt, 1000); + + + + // Good: High interations + var hash_safe = new Rfc2898DeriveBytes(password, randonSalt, 100000); + } +} \ No newline at end of file diff --git a/tests/csharp-tests/CWE-916/WeakIterations.expected b/tests/csharp-tests/CWE-916/WeakIterations.expected new file mode 100644 index 0000000000..c41066ae3a --- /dev/null +++ b/tests/csharp-tests/CWE-916/WeakIterations.expected @@ -0,0 +1,6 @@ +edges +nodes +| Test.cs:19:62:19:65 | 1000 | semmle.label | 1000 | +subpaths +#select +| Test.cs:19:62:19:65 | 1000 | Test.cs:19:62:19:65 | 1000 | Test.cs:19:62:19:65 | 1000 | Use of $@. | Test.cs:19:62:19:65 | 1000 | hardcoded weak iterations | diff --git a/tests/csharp-tests/CWE-916/WeakIterations.qlref b/tests/csharp-tests/CWE-916/WeakIterations.qlref new file mode 100644 index 0000000000..194cb7eaf3 --- /dev/null +++ b/tests/csharp-tests/CWE-916/WeakIterations.qlref @@ -0,0 +1 @@ +CWE-916/WeakIterations.ql \ No newline at end of file diff --git a/tests/csharp-tests/CWE-916/options b/tests/csharp-tests/CWE-916/options new file mode 100644 index 0000000000..f2f776d118 --- /dev/null +++ b/tests/csharp-tests/CWE-916/options @@ -0,0 +1 @@ +semmle-extractor-options: /r:System.Security.Cryptography.Csp.dll /r:System.Security.Cryptography.Algorithms.dll diff --git a/tests/csharp-tests/qlpack.lock.yml b/tests/csharp-tests/qlpack.lock.yml new file mode 100644 index 0000000000..a046f6d978 --- /dev/null +++ b/tests/csharp-tests/qlpack.lock.yml @@ -0,0 +1,4 @@ +--- +dependencies: {} +compiled: false +lockVersion: 1.0.0 \ No newline at end of file diff --git a/tests/csharp-tests/qlpack.yml b/tests/csharp-tests/qlpack.yml new file mode 100644 index 0000000000..76b4d626f6 --- /dev/null +++ b/tests/csharp-tests/qlpack.yml @@ -0,0 +1,8 @@ +name: github-queries-csharp-tests +groups: [csharp, test] +dependencies: + codeql/csharp-all: "*" + github-queries-csharp: "*" + +extractor: csharp +tests: . \ No newline at end of file