Merge pull request #5075 from RasmusWL/crypto

Python: Port py/weak-crypto-key to use type-tracking

python/ql/test/experimental/library-tests/frameworks/crypto/ConceptsTest.ql

@@ -0,0 +1,2 @@
+import python
+import experimental.meta.ConceptsTest

python/ql/test/experimental/library-tests/frameworks/crypto/test_dsa.py

@@ -0,0 +1,41 @@
+# DSA is a public-key algorithm for signing messages.
+# Following example at https://pycryptodome.readthedocs.io/en/latest/src/signature/dsa.html
+
+from Crypto.PublicKey import DSA
+from Crypto.Signature import DSS
+from Crypto.Hash import SHA256
+
+
+private_key = DSA.generate(2048) # $ PublicKeyGeneration keySize=2048
+public_key = private_key.publickey()
+
+# ------------------------------------------------------------------------------
+# sign/verify
+# ------------------------------------------------------------------------------
+
+print("sign/verify")
+
+
+message = b"message"
+
+signer = DSS.new(private_key, mode='fips-186-3')
+
+hasher = SHA256.new(message)
+signature = signer.sign(hasher)
+
+print("signature={}".format(signature))
+
+print()
+
+verifier = DSS.new(public_key, mode='fips-186-3')
+
+hasher = SHA256.new(message)
+verifier.verify(hasher, signature)
+print("Signature verified (as expected)")
+
+try:
+    hasher = SHA256.new(b"other message")
+    verifier.verify(hasher, signature)
+    raise Exception("Signature verified (unexpected)")
+except ValueError:
+    print("Signature mismatch (as expected)")

python/ql/test/experimental/library-tests/frameworks/crypto/test_ec.py

@@ -0,0 +1,38 @@
+from Crypto.PublicKey import ECC
+from Crypto.Signature import DSS
+from Crypto.Hash import SHA256
+
+
+private_key = ECC.generate(curve="P-256") # $ PublicKeyGeneration keySize=256
+public_key = private_key.public_key()
+
+# ------------------------------------------------------------------------------
+# sign/verify
+# ------------------------------------------------------------------------------
+
+print("sign/verify")
+
+
+message = b"message"
+
+signer = DSS.new(private_key, mode='fips-186-3')
+
+hasher = SHA256.new(message)
+signature = signer.sign(hasher)
+
+print("signature={}".format(signature))
+
+print()
+
+verifier = DSS.new(public_key, mode='fips-186-3')
+
+hasher = SHA256.new(message)
+verifier.verify(hasher, signature)
+print("Signature verified (as expected)")
+
+try:
+    hasher = SHA256.new(b"other message")
+    verifier.verify(hasher, signature)
+    raise Exception("Signature verified (unexpected)")
+except ValueError:
+    print("Signature mismatch (as expected)")

python/ql/test/experimental/library-tests/frameworks/crypto/test_rsa.py

@@ -0,0 +1,73 @@
+# RSA is a public-key algorithm for encrypting and signing messages.
+
+from Crypto.PublicKey import RSA
+from Crypto.Cipher import PKCS1_OAEP
+from Crypto.Signature import pss
+from Crypto.Hash import SHA256
+
+private_key = RSA.generate(2048) # $ PublicKeyGeneration keySize=2048
+
+# These 2 methods do the same
+public_key = private_key.publickey()
+public_key = private_key.public_key()
+
+# ------------------------------------------------------------------------------
+# encrypt/decrypt
+# ------------------------------------------------------------------------------
+
+print("encrypt/decrypt")
+
+secret_message = b"secret message"
+
+# Following example at https://pycryptodome.readthedocs.io/en/latest/src/examples.html#encrypt-data-with-rsa
+
+encrypt_cipher = PKCS1_OAEP.new(public_key)
+
+encrypted = encrypt_cipher.encrypt(secret_message)
+
+print("encrypted={}".format(encrypted))
+
+print()
+
+decrypt_cipher = PKCS1_OAEP.new(private_key)
+
+decrypted = decrypt_cipher.decrypt(
+    encrypted,
+)
+
+print("decrypted={}".format(decrypted))
+assert decrypted == secret_message
+
+print("\n---\n")
+
+# ------------------------------------------------------------------------------
+# sign/verify
+# ------------------------------------------------------------------------------
+
+print("sign/verify")
+
+
+message = b"message"
+
+signer = pss.new(private_key)
+
+hasher = SHA256.new(message)
+signature = signer.sign(hasher)
+
+print("signature={}".format(signature))
+
+print()
+
+
+verifier = pss.new(public_key)
+hasher = SHA256.new(message)
+verifier.verify(hasher, signature)
+print("Signature verified (as expected)")
+
+try:
+    verifier = pss.new(public_key)
+    hasher = SHA256.new(b"other message")
+    verifier.verify(hasher, signature)
+    raise Exception("Signature verified (unexpected)")
+except ValueError:
+    print("Signature mismatch (as expected)")

python/ql/test/experimental/library-tests/frameworks/cryptodome/ConceptsTest.ql

@@ -0,0 +1,2 @@
+import python
+import experimental.meta.ConceptsTest

python/ql/test/experimental/library-tests/frameworks/cryptodome/test_dsa.py

@@ -0,0 +1,41 @@
+# DSA is a public-key algorithm for signing messages.
+# Following example at https://pycryptodome.readthedocs.io/en/latest/src/signature/dsa.html
+
+from Cryptodome.PublicKey import DSA
+from Cryptodome.Signature import DSS
+from Cryptodome.Hash import SHA256
+
+
+private_key = DSA.generate(2048) # $ PublicKeyGeneration keySize=2048
+public_key = private_key.publickey()
+
+# ------------------------------------------------------------------------------
+# sign/verify
+# ------------------------------------------------------------------------------
+
+print("sign/verify")
+
+
+message = b"message"
+
+signer = DSS.new(private_key, mode='fips-186-3')
+
+hasher = SHA256.new(message)
+signature = signer.sign(hasher)
+
+print("signature={}".format(signature))
+
+print()
+
+verifier = DSS.new(public_key, mode='fips-186-3')
+
+hasher = SHA256.new(message)
+verifier.verify(hasher, signature)
+print("Signature verified (as expected)")
+
+try:
+    hasher = SHA256.new(b"other message")
+    verifier.verify(hasher, signature)
+    raise Exception("Signature verified (unexpected)")
+except ValueError:
+    print("Signature mismatch (as expected)")

python/ql/test/experimental/library-tests/frameworks/cryptodome/test_ec.py

@@ -0,0 +1,38 @@
+from Cryptodome.PublicKey import ECC
+from Cryptodome.Signature import DSS
+from Cryptodome.Hash import SHA256
+
+
+private_key = ECC.generate(curve="P-256") # $ PublicKeyGeneration keySize=256
+public_key = private_key.public_key()
+
+# ------------------------------------------------------------------------------
+# sign/verify
+# ------------------------------------------------------------------------------
+
+print("sign/verify")
+
+
+message = b"message"
+
+signer = DSS.new(private_key, mode='fips-186-3')
+
+hasher = SHA256.new(message)
+signature = signer.sign(hasher)
+
+print("signature={}".format(signature))
+
+print()
+
+verifier = DSS.new(public_key, mode='fips-186-3')
+
+hasher = SHA256.new(message)
+verifier.verify(hasher, signature)
+print("Signature verified (as expected)")
+
+try:
+    hasher = SHA256.new(b"other message")
+    verifier.verify(hasher, signature)
+    raise Exception("Signature verified (unexpected)")
+except ValueError:
+    print("Signature mismatch (as expected)")

python/ql/test/experimental/library-tests/frameworks/cryptodome/test_rsa.py

@@ -0,0 +1,73 @@
+# RSA is a public-key algorithm for encrypting and signing messages.
+
+from Cryptodome.PublicKey import RSA
+from Cryptodome.Cipher import PKCS1_OAEP
+from Cryptodome.Signature import pss
+from Cryptodome.Hash import SHA256
+
+private_key = RSA.generate(2048) # $ PublicKeyGeneration keySize=2048
+
+# These 2 methods do the same
+public_key = private_key.publickey()
+public_key = private_key.public_key()
+
+# ------------------------------------------------------------------------------
+# encrypt/decrypt
+# ------------------------------------------------------------------------------
+
+print("encrypt/decrypt")
+
+secret_message = b"secret message"
+
+# Following example at https://pycryptodome.readthedocs.io/en/latest/src/examples.html#encrypt-data-with-rsa
+
+encrypt_cipher = PKCS1_OAEP.new(public_key)
+
+encrypted = encrypt_cipher.encrypt(secret_message)
+
+print("encrypted={}".format(encrypted))
+
+print()
+
+decrypt_cipher = PKCS1_OAEP.new(private_key)
+
+decrypted = decrypt_cipher.decrypt(
+    encrypted,
+)
+
+print("decrypted={}".format(decrypted))
+assert decrypted == secret_message
+
+print("\n---\n")
+
+# ------------------------------------------------------------------------------
+# sign/verify
+# ------------------------------------------------------------------------------
+
+print("sign/verify")
+
+
+message = b"message"
+
+signer = pss.new(private_key)
+
+hasher = SHA256.new(message)
+signature = signer.sign(hasher)
+
+print("signature={}".format(signature))
+
+print()
+
+verifier = pss.new(public_key)
+
+hasher = SHA256.new(message)
+verifier.verify(hasher, signature)
+print("Signature verified (as expected)")
+
+try:
+    verifier = pss.new(public_key)
+    hasher = SHA256.new(b"other message")
+    verifier.verify(hasher, signature)
+    raise Exception("Signature verified (unexpected)")
+except ValueError:
+    print("Signature mismatch (as expected)")

python/ql/test/experimental/library-tests/frameworks/cryptography/ConceptsTest.ql

@@ -0,0 +1,2 @@
+import python
+import experimental.meta.ConceptsTest

python/ql/test/experimental/library-tests/frameworks/cryptography/test_dsa.py

@@ -0,0 +1,37 @@
+# DSA is a public-key algorithm for signing messages.
+# see https://cryptography.io/en/latest/hazmat/primitives/asymmetric/dsa.html
+
+from cryptography.hazmat.primitives.asymmetric import dsa
+from cryptography.hazmat.primitives import hashes
+from cryptography.exceptions import InvalidSignature
+
+HASH_ALGORITHM = hashes.SHA256()
+
+private_key = dsa.generate_private_key(key_size=2048) # $ PublicKeyGeneration keySize=2048
+public_key = private_key.public_key()
+
+message = b"message"
+
+# Following example at https://cryptography.io/en/latest/hazmat/primitives/asymmetric/dsa.html#signing
+
+signature = private_key.sign(
+    message,
+    algorithm=HASH_ALGORITHM,
+)
+
+print("signature={}".format(signature))
+
+print()
+
+public_key.verify(
+    signature, message, algorithm=HASH_ALGORITHM
+)
+print("Signature verified (as expected)")
+
+try:
+    public_key.verify(
+        signature, b"other message", algorithm=HASH_ALGORITHM
+    )
+    raise Exception("Signature verified (unexpected)")
+except InvalidSignature:
+    print("Signature mismatch (as expected)")

python/ql/test/experimental/library-tests/frameworks/cryptography/test_ec.py

@@ -0,0 +1,43 @@
+# see https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa.html
+
+from cryptography.hazmat.primitives.asymmetric import ec
+from cryptography.hazmat.primitives import hashes
+from cryptography.exceptions import InvalidSignature
+
+
+private_key = ec.generate_private_key(curve=ec.SECP384R1()) # $ PublicKeyGeneration keySize=384
+public_key = private_key.public_key()
+
+HASH_ALGORITHM = hashes.SHA256()
+
+# ------------------------------------------------------------------------------
+# sign/verify
+# ------------------------------------------------------------------------------
+
+print("sign/verify")
+
+SIGNATURE_ALGORITHM = ec.ECDSA(HASH_ALGORITHM)
+
+message = b"message"
+
+signature = private_key.sign(
+    message,
+    signature_algorithm=SIGNATURE_ALGORITHM,
+)
+
+print("signature={}".format(signature))
+
+print()
+
+public_key.verify(
+    signature, message, signature_algorithm=SIGNATURE_ALGORITHM
+)
+print("Signature verified (as expected)")
+
+try:
+    public_key.verify(
+        signature, b"other message", signature_algorithm=SIGNATURE_ALGORITHM
+    )
+    raise Exception("Signature verified (unexpected)")
+except InvalidSignature:
+    print("Signature mismatch (as expected)")

python/ql/test/experimental/library-tests/frameworks/cryptography/test_rsa.py

@@ -0,0 +1,80 @@
+# RSA is a public-key algorithm for encrypting and signing messages.
+# see https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa.html
+
+from cryptography.hazmat.primitives.asymmetric import rsa, padding
+from cryptography.hazmat.primitives import hashes
+from cryptography.exceptions import InvalidSignature
+
+
+private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048) # $ PublicKeyGeneration keySize=2048
+public_key = private_key.public_key()
+
+HASH_ALGORITHM = hashes.SHA256()
+
+# ------------------------------------------------------------------------------
+# encrypt/decrypt
+# ------------------------------------------------------------------------------
+
+print("encrypt/decrypt")
+
+ENCRYPT_PADDING = padding.OAEP(
+    mgf=padding.MGF1(algorithm=HASH_ALGORITHM),
+    algorithm=HASH_ALGORITHM,
+    label=None,
+)
+
+
+secret_message = b"secret message"
+
+# Following example at https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa.html#encryption
+encrypted = public_key.encrypt(secret_message, padding=ENCRYPT_PADDING)
+
+print("encrypted={}".format(encrypted))
+
+print()
+
+decrypted = private_key.decrypt(
+    encrypted,
+    padding=ENCRYPT_PADDING
+)
+
+print("decrypted={}".format(decrypted))
+assert decrypted == secret_message
+
+print("\n---\n")
+
+# ------------------------------------------------------------------------------
+# sign/verify
+# ------------------------------------------------------------------------------
+
+print("sign/verify")
+
+SIGN_PADDING = padding.PSS(
+    mgf=padding.MGF1(HASH_ALGORITHM),
+    salt_length=padding.PSS.MAX_LENGTH
+)
+
+message = b"message"
+
+signature = private_key.sign(
+    message,
+    padding=SIGN_PADDING,
+    algorithm=HASH_ALGORITHM,
+)
+
+print("signature={}".format(signature))
+
+print()
+
+public_key.verify(
+    signature, message, padding=SIGN_PADDING, algorithm=HASH_ALGORITHM
+)
+print("Signature verified (as expected)")
+
+try:
+    public_key.verify(
+        signature, b"other message", padding=SIGN_PADDING, algorithm=HASH_ALGORITHM
+    )
+    raise Exception("Signature verified (unexpected)")
+except InvalidSignature:
+    print("Signature mismatch (as expected)")

python/ql/test/experimental/meta/ConceptsTest.qll

@@ -319,3 +319,25 @@ class SafeAccessCheckTest extends InlineExpectationsTest {
     )
   }
 }
+
+class PublicKeyGenerationTest extends InlineExpectationsTest {
+  PublicKeyGenerationTest() { this = "PublicKeyGenerationTest" }
+
+  override string getARelevantTag() { result in ["PublicKeyGeneration", "keySize"] }
+
+  override predicate hasActualResult(Location location, string element, string tag, string value) {
+    exists(location.getFile().getRelativePath()) and
+    exists(Cryptography::PublicKey::KeyGeneration keyGen |
+      location = keyGen.getLocation() and
+      (
+        element = keyGen.toString() and
+        value = "" and
+        tag = "PublicKeyGeneration"
+        or
+        element = keyGen.toString() and
+        value = keyGen.getKeySizeWithOrigin(_).toString() and
+        tag = "keySize"
+      )
+    )
+  }
+}