hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from documentation review

Browse Source 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
This commit is contained in:
Joe Farebrother
2024-02-12 10:27:56 +00:00
committed by GitHub
parent 16aed18821
commit d3fea4044e
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
java/ql/src/Security/CWE/CWE-287/AndroidInsecureLocalAuthentication.qhelp
View File

@@ -6,14 +6,13 @@
<overview>
<p>
Biometric local authentication such as fingerprint recognition can be used to protect sensitive data or actions within an application.
However, if this authentication does not make use of a <code>KeyStore</code>-backed key, it is able to be bypassed by a privileged malicious application or an attacker with physical access,
using application hooking tools such as Frida.
However, if this authentication does not use a <code>KeyStore</code>-backed key, it can be bypassed by a privileged malicious application, or by an attacker with physical access using application hooking tools such as Frida.
</p>
</overview>
<recommendation>
<p>
Generate a secure key in the Android <code>KeyStore</code> and ensure that the <code>onAuthenticaionSuccess</code> callback for a biometric prompt uses it
Generate a secure key in the Android <code>KeyStore</code>. Ensure that the <code>onAuthenticationSuccess</code> callback for a biometric prompt uses it
in a way that is required for the sensitive parts of the application to function, such as by using it to decrypt sensitive data or credentials.
</p>
</recommendation>
@@ -21,7 +20,7 @@ in a way that is required for the sensitive parts of the application to function
<example>
<p>In the following (bad) case, no <code>CryptoObject</code> is required for the biometric prompt to grant access, so it can be bypassed.</p>
<sample src="AndroidInsecureLocalAuthenticationBad.java" />
<p>In the following (good) case, a secret key is generated in the Android <code>KeyStore</code> that is required for the application to grant access by decrypting data.</p>
<p>In the following (good) case, a secret key is generated in the Android <code>KeyStore</code>. The application requires this secret key for access, using it to decrypt data.</p>
<sample src="AndroidInsecureLocalAuthenticationGood.java" />
</example>