Move weak hashing into MaybeBrokenCryptoAlgorithm

2025-12-18 01:33:15 +01:00 · 2023-11-15 13:02:23 -05:00
parent fbc2a33597
commit 83c6ece405
7 changed files with 34 additions and 123 deletions
--- a/java/ql/src/Security/CWE/CWE-327/MaybeBrokenCryptoAlgorithm.ql
+++ b/java/ql/src/Security/CWE/CWE-327/MaybeBrokenCryptoAlgorithm.ql
@@ -16,13 +16,10 @@ import semmle.code.java.security.Encryption
 import semmle.code.java.security.MaybeBrokenCryptoAlgorithmQuery
 import InsecureCryptoFlow::PathGraph

-from
-  InsecureCryptoFlow::PathNode source, InsecureCryptoFlow::PathNode sink, CryptoAlgoSpec c,
-  InsecureAlgoLiteral s
+from InsecureCryptoFlow::PathNode source, InsecureCryptoFlow::PathNode sink, CryptoAlgoSpec c
 where
  sink.getNode().asExpr() = c.getAlgoSpec() and
-  source.getNode().asExpr() = s and
  InsecureCryptoFlow::flowPath(source, sink)
 select c, source, sink,
-  "Cryptographic algorithm $@ may not be secure, consider using a different algorithm.", s,
-  s.getValue()
+  "Cryptographic algorithm $@ may not be secure, consider using a different algorithm.", source,
+  insecureAlgorithmName(source.getNode())
--- a/java/ql/src/Security/CWE/CWE-328/WeakHashingProperty.java
+++ b/java/ql/src/Security/CWE/CWE-328/WeakHashingProperty.java
@@ -1,9 +0,0 @@
-import java.io.FileInputStream;
-import java.util.Properties;
-import java.security.MessageDigest;
-
-Properties props = Properties.load(new FileInputStream("settings.properties"));
-
-// BAD: the `hashAlgorithm` variable in `settings.properties` is `MD5` which is
-// a weak hashing algorithm.
-MessageDigest.getInstance(props.getProperty("hashAlgorithm"));
--- a/java/ql/src/Security/CWE/CWE-328/WeakHashingProperty.qhelp
+++ b/java/ql/src/Security/CWE/CWE-328/WeakHashingProperty.qhelp
@@ -1,32 +0,0 @@
-<!DOCTYPE qhelp PUBLIC
-  "-//Semmle//qhelp//EN"
-  "qhelp.dtd">
-<qhelp>
-  <overview>
-    <p>
-      Using a weak hashing algorithm can result in attackers being able to
-      determine the original input to a hash function or create a second input
-      which will produce the same hash.
-    </p>
-  </overview>
-
-  <recommendation>
-    <p>Ensure you are using a strong, modern hashing algorithm, such as SHA-256.</p>
-  </recommendation>
-
-  <example>
-    <p>In the following (BAD) example, the <code>MD5</code> hashing algorithm is used, specified in a <code>.properties</code> file.</p>
-
-    <sample src="settings.properties"/>
-
-    <sample src="WeakHashingProperty.java"/>
-
-  </example>
-
-  <references>
-    <li>NIST, FIPS 140 Annex a: <a href="http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf">
-Approved Security Functions</a>.</li>
-    <li>NIST, SP 800-131A: <a href="http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf">
-Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths</a>.</li>
-  </references>
-</qhelp>
--- a/java/ql/src/Security/CWE/CWE-328/WeakHashingProperty.ql
+++ b/java/ql/src/Security/CWE/CWE-328/WeakHashingProperty.ql
@@ -1,20 +0,0 @@
-/**
- * @name Weak hashing algorithm specified in properties file
- * @description Using weak cryptographic algorithms can allow an attacker to compromise security.
- * @id java/weak-hashing-property
- * @kind path-problem
- * @problem.severity error
- * @security-severity 7.5
- * @precision medium
- * @tags security
- *      external/cwe/cwe-328
- */
-
-import java
-import semmle.code.java.security.WeakHashingAlgorithmPropertyQuery
-import InsecureAlgorithmPropertyFlow::PathGraph
-
-from InsecureAlgorithmPropertyFlow::PathNode source, InsecureAlgorithmPropertyFlow::PathNode sink
-where InsecureAlgorithmPropertyFlow::flowPath(source, sink)
-select sink.getNode(), sink, source, "The $@ hashing algorithm is insecure.", source,
-  getWeakHashingAlgorithmName(source.getNode())
--- a/java/ql/src/Security/CWE/CWE-328/settings.properties
+++ b/java/ql/src/Security/CWE/CWE-328/settings.properties
@@ -1 +0,0 @@
-hashAlgorithm=MD5