hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Rust: A few more test cases.

Browse Source
This commit is contained in:
Geoffrey White
2024-12-03 18:00:46 +00:00
parent bdb2f3d091
commit 6c4e0a99e2
2 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
rust/ql/test/query-tests/security/CWE-327/options.yml
View File

@@ -7,3 +7,4 @@ qltest_dependencies:
- des = { version = "0.8.1" }
- rc2 = { version = "0.8.1" }
- rc5 = { version = "0.0.1" }
- cbc = { version = "0.1.2" }

26
rust/ql/test/query-tests/security/CWE-327/test_cipher.rs
View File

@@ -115,3 +115,29 @@ fn test_block_cipher(
rc5_cipher2.encrypt_block(data.into());
rc5_cipher2.decrypt_block(data.into());
}
type MyDesEncryptor = cbc::Encryptor<des::Des>;
fn test_cbc(
key: &[u8], key128: &[u8;16], iv: &[u8], iv128: &[u8;16],
input: &[u8], data: &mut [u8]
) {
let data_len = data.len();
// aes
let aes_cipher1 = cbc::Encryptor::<aes::Aes128>::new(key128.into(), iv128.into());
_ = aes_cipher1.encrypt_padded_mut::<aes::cipher::block_padding::Pkcs7>(data, data_len).unwrap();
// des (broken)
let des_cipher1 = cbc::Encryptor::<des::Des>::new(key.into(), iv.into()); // $ MISSING: Alert[rust/weak-cryptographic-algorithm]
_ = des_cipher1.encrypt_padded_mut::<des::cipher::block_padding::Pkcs7>(data, data_len).unwrap();
let des_cipher2 = MyDesEncryptor::new(key.into(), iv.into()); // $ MISSING: Alert[rust/weak-cryptographic-algorithm]
_ = des_cipher2.encrypt_padded_mut::<des::cipher::block_padding::Pkcs7>(data, data_len).unwrap();
let des_cipher3 = cbc::Encryptor::<des::Des>::new_from_slices(&key, &iv).unwrap(); // $ MISSING: Alert[rust/weak-cryptographic-algorithm]
_ = des_cipher3.encrypt_padded_mut::<des::cipher::block_padding::Pkcs7>(data, data_len).unwrap();
let des_cipher4 = cbc::Encryptor::<des::Des>::new(key.into(), iv.into()); // $ MISSING: Alert[rust/weak-cryptographic-algorithm]
_ = des_cipher4.encrypt_padded_b2b_mut::<des::cipher::block_padding::Pkcs7>(input, data).unwrap();
}