Move to experimental and update qldoc

java/ql/test/experimental/query-tests/security/CWE-312/CleartextStorageSharedPrefs.expected

@@ -0,0 +1,22 @@
+edges
+| CleartextStorageSharedPrefs.java:16:19:16:36 | edit(...) : Editor | CleartextStorageSharedPrefs.java:17:3:17:8 | editor |
+| CleartextStorageSharedPrefs.java:16:19:16:36 | edit(...) : Editor | CleartextStorageSharedPrefs.java:18:3:18:8 | editor |
+| CleartextStorageSharedPrefs.java:16:19:16:36 | edit(...) : Editor | CleartextStorageSharedPrefs.java:19:3:19:8 | editor |
+| CleartextStorageSharedPrefs.java:25:19:25:36 | edit(...) : Editor | CleartextStorageSharedPrefs.java:28:3:28:8 | editor |
+| CleartextStorageSharedPrefs.java:44:19:44:36 | edit(...) : Editor | CleartextStorageSharedPrefs.java:47:3:47:8 | editor |
+nodes
+| CleartextStorageSharedPrefs.java:16:19:16:36 | edit(...) : Editor | semmle.label | edit(...) : Editor |
+| CleartextStorageSharedPrefs.java:17:3:17:8 | editor | semmle.label | editor |
+| CleartextStorageSharedPrefs.java:18:3:18:8 | editor | semmle.label | editor |
+| CleartextStorageSharedPrefs.java:18:32:18:39 | password | semmle.label | password |
+| CleartextStorageSharedPrefs.java:19:3:19:8 | editor | semmle.label | editor |
+| CleartextStorageSharedPrefs.java:25:19:25:36 | edit(...) : Editor | semmle.label | edit(...) : Editor |
+| CleartextStorageSharedPrefs.java:28:3:28:8 | editor | semmle.label | editor |
+| CleartextStorageSharedPrefs.java:44:19:44:36 | edit(...) : Editor | semmle.label | edit(...) : Editor |
+| CleartextStorageSharedPrefs.java:46:32:46:42 | encPassword | semmle.label | encPassword |
+| CleartextStorageSharedPrefs.java:47:3:47:8 | editor | semmle.label | editor |
+| CleartextStorageSharedPrefs.java:67:32:67:39 | password | semmle.label | password |
+| CleartextStorageSharedPrefs.java:87:32:87:39 | password | semmle.label | password |
+| CleartextStorageSharedPrefs.java:105:27:105:34 | password | semmle.label | password |
+#select
+| CleartextStorageSharedPrefs.java:19:3:19:17 | commit(...) | 'SharedPreferences' class $@ containing $@ is stored here. Data was added $@. | CleartextStorageSharedPrefs.java:16:19:16:36 | edit(...) | edit(...) | CleartextStorageSharedPrefs.java:18:32:18:39 | password | sensitive data | CleartextStorageSharedPrefs.java:18:32:18:39 | password | here |

java/ql/test/experimental/query-tests/security/CWE-312/CleartextStorageSharedPrefs.java

@@ -0,0 +1,109 @@
+import android.app.Activity;
+import android.content.Context;
+import android.content.SharedPreferences;
+import android.content.SharedPreferences.Editor;
+import androidx.security.crypto.MasterKey;
+import androidx.security.crypto.EncryptedSharedPreferences;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+import java.security.MessageDigest;
+
+/* Android activity that tests saving sensitive information in `SharedPreferences` */
+public class CleartextStorageSharedPrefs extends Activity {
+	// BAD - save sensitive information in cleartext
+	public void testSetSharedPrefs1(Context context, String name, String password) {
+		SharedPreferences sharedPrefs = context.getSharedPreferences("user_prefs", Context.MODE_PRIVATE);
+		Editor editor = sharedPrefs.edit();
+		editor.putString("name", name);
+		editor.putString("password", password);
+		editor.commit();
+	}
+
+	// GOOD - save sensitive information in encrypted format
+	public void testSetSharedPrefs2(Context context, String name, String password) {
+		SharedPreferences sharedPrefs = context.getSharedPreferences("user_prefs", Context.MODE_PRIVATE);
+		Editor editor = sharedPrefs.edit();
+		editor.putString("name", encrypt(name));
+		editor.putString("password", encrypt(password));
+		editor.commit();
+	}
+
+	private static String encrypt(String cleartext) {
+		// Use an encryption or hashing algorithm in real world. The demo below just returns its hash.
+		MessageDigest digest = MessageDigest.getInstance("SHA-256");
+		byte[] hash = digest.digest(cleartext.getBytes(StandardCharsets.UTF_8));
+		String encoded = Base64.getEncoder().encodeToString(hash);
+		return encoded;
+	}
+
+	// GOOD - save sensitive information in encrypted format using separate variables
+	public void testSetSharedPrefs3(Context context, String name, String password) {
+		String encUsername = encrypt(name);
+		String encPassword = encrypt(password);
+		SharedPreferences sharedPrefs = context.getSharedPreferences("user_prefs", Context.MODE_PRIVATE);
+		Editor editor = sharedPrefs.edit();
+		editor.putString("name", encUsername);
+		editor.putString("password", encPassword);
+		editor.commit();
+	}
+
+
+	// GOOD - save sensitive information using the built-in `EncryptedSharedPreferences` class in androidx
+	public void testSetSharedPrefs4(Context context, String name, String password) {
+		MasterKey masterKey = new MasterKey.Builder(context, MasterKey.DEFAULT_MASTER_KEY_ALIAS)
+			.setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
+			.build();
+
+		SharedPreferences sharedPreferences = EncryptedSharedPreferences.create(
+			context,
+			"secret_shared_prefs",
+			masterKey,
+			EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
+			EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM);
+
+		// Use the shared preferences and editor as you normally would
+		SharedPreferences.Editor editor = sharedPreferences.edit();
+		editor.putString("name", name);
+		editor.putString("password", password);
+		editor.commit();
+	}
+
+	// GOOD - save sensitive information using the built-in `EncryptedSharedPreferences` class in androidx
+	public void testSetSharedPrefs5(Context context, String name, String password) {
+		MasterKey masterKey = new MasterKey.Builder(context, MasterKey.DEFAULT_MASTER_KEY_ALIAS)
+			.setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
+			.build();
+
+		SharedPreferences.Editor editor = EncryptedSharedPreferences.create(
+				context,
+				"secret_shared_prefs",
+				masterKey,
+				EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
+				EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM)
+			.edit();
+
+		// Use the shared preferences and editor as you normally would
+		editor.putString("name", name);
+		editor.putString("password", password);
+		editor.commit();
+	}
+
+	// GOOD - save sensitive information using the built-in `EncryptedSharedPreferences` class in androidx
+	public void testSetSharedPrefs6(Context context, String name, String password) {
+		MasterKey masterKey = new MasterKey.Builder(context, MasterKey.DEFAULT_MASTER_KEY_ALIAS)
+			.setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
+			.build();
+
+		SharedPreferences.Editor editor = EncryptedSharedPreferences.create(
+				context,
+				"secret_shared_prefs",
+				masterKey,
+				EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
+				EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM)
+			.edit()
+			.putString("name", name)  // Use the shared preferences and editor as you normally would
+			.putString("password", password);
+			
+		editor.commit();
+	}
+}

java/ql/test/experimental/query-tests/security/CWE-312/CleartextStorageSharedPrefs.qlref

@@ -0,0 +1 @@
+experimental/Security/CWE/CWE-312/CleartextStorageSharedPrefs.ql

java/ql/test/experimental/query-tests/security/CWE-312/options

@@ -0,0 +1 @@
+// semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/google-android-9.0.0