mirror of
https://github.com/github/codeql.git
synced 2026-04-30 03:05:15 +02:00
Java: Inline expectation should have space after $
This was a regex-find-replace from `// \$(?! )` (using a negative lookahead) to `// $ `.
This commit is contained in:
Owen Mansel-Chan
@@ -47,20 +47,20 @@ class BadMacUse {
|
||||
SecretKey encryptionKey = new SecretKeySpec(encryptionKeyBytes, "AES");
|
||||
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
|
||||
cipher.init(Cipher.DECRYPT_MODE, encryptionKey, new SecureRandom());
|
||||
byte[] plaintext = cipher.doFinal(ciphertext); // $Source
|
||||
byte[] plaintext = cipher.doFinal(ciphertext); // $ Source
|
||||
|
||||
// Now verify MAC (too late)
|
||||
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
||||
Mac mac = Mac.getInstance("HmacSHA256");
|
||||
mac.init(macKey);
|
||||
byte[] computedMac = mac.doFinal(plaintext); // $Alert[java/quantum/examples/bad-mac-order-decrypt-to-mac]
|
||||
byte[] computedMac = mac.doFinal(plaintext); // $ Alert[java/quantum/examples/bad-mac-order-decrypt-to-mac]
|
||||
|
||||
if (!MessageDigest.isEqual(receivedMac, computedMac)) {
|
||||
throw new SecurityException("MAC verification failed");
|
||||
}
|
||||
}
|
||||
|
||||
public void BadMacOnPlaintext(byte[] encryptionKeyBytes, byte[] macKeyBytes, byte[] plaintext) throws Exception {// $Source
|
||||
public void BadMacOnPlaintext(byte[] encryptionKeyBytes, byte[] macKeyBytes, byte[] plaintext) throws Exception {// $ Source
|
||||
// Create keys directly from provided byte arrays
|
||||
SecretKey encryptionKey = new SecretKeySpec(encryptionKeyBytes, "AES");
|
||||
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
||||
@@ -73,7 +73,7 @@ class BadMacUse {
|
||||
// Encrypt the plaintext
|
||||
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
|
||||
cipher.init(Cipher.ENCRYPT_MODE, encryptionKey, new SecureRandom());
|
||||
byte[] ciphertext = cipher.doFinal(plaintext); // $Alert[java/quantum/examples/bad-mac-order-encrypt-plaintext-also-in-mac]
|
||||
byte[] ciphertext = cipher.doFinal(plaintext); // $ Alert[java/quantum/examples/bad-mac-order-encrypt-plaintext-also-in-mac]
|
||||
|
||||
// Concatenate ciphertext and MAC
|
||||
byte[] output = new byte[ciphertext.length + computedMac.length];
|
||||
@@ -132,7 +132,7 @@ class BadMacUse {
|
||||
|
||||
|
||||
/**
|
||||
* Correct inputs to a decrypt and MAC operation, but the ordering is unsafe.
|
||||
* Correct inputs to a decrypt and MAC operation, but the ordering is unsafe.
|
||||
* The function decrypts THEN computes the MAC on the plaintext.
|
||||
* It should have the MAC computed on the ciphertext first.
|
||||
*/
|
||||
@@ -143,13 +143,13 @@ class BadMacUse {
|
||||
byte[] receivedMac = Arrays.copyOfRange(input, input.length - macLength, input.length);
|
||||
|
||||
// Decrypt first (unsafe)
|
||||
byte[] plaintext = decryptUsingWrapper(ciphertext, encryptionKeyBytes, new byte[16]); // $Source
|
||||
byte[] plaintext = decryptUsingWrapper(ciphertext, encryptionKeyBytes, new byte[16]); // $ Source
|
||||
|
||||
// Now verify MAC (too late)
|
||||
SecretKey macKey = new SecretKeySpec(macKeyBytes, "HmacSHA256");
|
||||
Mac mac = Mac.getInstance("HmacSHA256");
|
||||
mac.init(macKey);
|
||||
byte[] computedMac = mac.doFinal(ciphertext); // $Alert[java/quantum/examples/bad-mac-order-decrypt-then-mac], False positive for Plaintext reuse
|
||||
byte[] computedMac = mac.doFinal(ciphertext); // $ Alert[java/quantum/examples/bad-mac-order-decrypt-then-mac], False positive for Plaintext reuse
|
||||
|
||||
if (!MessageDigest.isEqual(receivedMac, computedMac)) {
|
||||
throw new SecurityException("MAC verification failed");
|
||||
|
||||
@@ -11,33 +11,33 @@ public class InsecureIVorNonceSource {
|
||||
|
||||
// BAD: AES-GCM with static IV from a byte array
|
||||
public byte[] encryptWithStaticIvByteArrayWithInitializer(byte[] key, byte[] plaintext) throws Exception {
|
||||
byte[] iv = new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5 }; // $Source
|
||||
byte[] iv = new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5 }; // $ Source
|
||||
|
||||
GCMParameterSpec ivSpec = new GCMParameterSpec(128, iv);
|
||||
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
|
||||
|
||||
Cipher cipher = Cipher.getInstance("AES/GCM/PKCS5PADDING");
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $Alert[java/quantum/examples/insecure-iv-or-nonce]
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $ Alert[java/quantum/examples/insecure-iv-or-nonce]
|
||||
cipher.update(plaintext);
|
||||
return cipher.doFinal();
|
||||
}
|
||||
|
||||
// BAD: AES-GCM with static IV from zero-initialized byte array
|
||||
public byte[] encryptWithZeroStaticIvByteArray(byte[] key, byte[] plaintext) throws Exception {
|
||||
byte[] iv = new byte[16];
|
||||
byte[] iv = new byte[16];
|
||||
|
||||
GCMParameterSpec ivSpec = new GCMParameterSpec(128, iv);
|
||||
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
|
||||
|
||||
Cipher cipher = Cipher.getInstance("AES/GCM/PKCS5PADDING");
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $Alert[java/quantum/examples/unknown-iv-or-nonce-source]
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $ Alert[java/quantum/examples/unknown-iv-or-nonce-source]
|
||||
cipher.update(plaintext);
|
||||
return cipher.doFinal();
|
||||
}
|
||||
|
||||
// BAD: AES-CBC with static IV from 1-initialized byte array
|
||||
public byte[] encryptWithStaticIvByteArray(byte[] key, byte[] plaintext) throws Exception {
|
||||
byte[] iv = new byte[16];
|
||||
byte[] iv = new byte[16];
|
||||
for (byte i = 0; i < iv.length; i++) {
|
||||
iv[i] = 1;
|
||||
}
|
||||
@@ -46,7 +46,7 @@ public class InsecureIVorNonceSource {
|
||||
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
|
||||
|
||||
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $Alert[java/quantum/examples/insecure-iv-or-nonce]
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $ Alert[java/quantum/examples/insecure-iv-or-nonce]
|
||||
cipher.update(plaintext);
|
||||
return cipher.doFinal();
|
||||
}
|
||||
@@ -54,15 +54,15 @@ public class InsecureIVorNonceSource {
|
||||
// BAD: AES-GCM with static IV from a multidimensional byte array
|
||||
public byte[] encryptWithOneOfStaticIvs01(byte[] key, byte[] plaintext) throws Exception {
|
||||
byte[][] staticIvs = new byte[][] {
|
||||
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5 }, // $Source
|
||||
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 42 } // $Source
|
||||
};
|
||||
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5 }, // $ Source
|
||||
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 42 } // $ Source
|
||||
};
|
||||
|
||||
GCMParameterSpec ivSpec = new GCMParameterSpec(128, staticIvs[1]);
|
||||
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
|
||||
|
||||
Cipher cipher = Cipher.getInstance("AES/GCM/PKCS5PADDING");
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $Alert[java/quantum/examples/insecure-iv-or-nonce]
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $ Alert[java/quantum/examples/insecure-iv-or-nonce]
|
||||
cipher.update(plaintext);
|
||||
return cipher.doFinal();
|
||||
}
|
||||
@@ -70,15 +70,15 @@ public class InsecureIVorNonceSource {
|
||||
// BAD: AES-GCM with static IV from a multidimensional byte array
|
||||
public byte[] encryptWithOneOfStaticIvs02(byte[] key, byte[] plaintext) throws Exception {
|
||||
byte[][] staticIvs = new byte[][] {
|
||||
new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5 }, // $Source
|
||||
new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 42 } // $Source
|
||||
};
|
||||
new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5 }, // $ Source
|
||||
new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 42 } // $ Source
|
||||
};
|
||||
|
||||
GCMParameterSpec ivSpec = new GCMParameterSpec(128, staticIvs[1]);
|
||||
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
|
||||
|
||||
Cipher cipher = Cipher.getInstance("AES/GCM/PKCS5PADDING");
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $Alert[java/quantum/examples/insecure-iv-or-nonce]
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $ Alert[java/quantum/examples/insecure-iv-or-nonce]
|
||||
cipher.update(plaintext);
|
||||
return cipher.doFinal();
|
||||
}
|
||||
@@ -86,15 +86,15 @@ public class InsecureIVorNonceSource {
|
||||
// BAD: AES-GCM with static IV from a zero-initialized multidimensional byte array
|
||||
public byte[] encryptWithOneOfStaticZeroIvs(byte[] key, byte[] plaintext) throws Exception {
|
||||
byte[][] ivs = new byte[][] {
|
||||
new byte[8],
|
||||
new byte[16]
|
||||
new byte[8],
|
||||
new byte[16]
|
||||
};
|
||||
|
||||
GCMParameterSpec ivSpec = new GCMParameterSpec(128, ivs[1]);
|
||||
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
|
||||
|
||||
Cipher cipher = Cipher.getInstance("AES/GCM/PKCS5PADDING");
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $Alert[java/quantum/examples/unknown-iv-or-nonce-source]
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $ Alert[java/quantum/examples/unknown-iv-or-nonce-source]
|
||||
cipher.update(plaintext);
|
||||
return cipher.doFinal();
|
||||
}
|
||||
@@ -166,8 +166,8 @@ public class InsecureIVorNonceSource {
|
||||
return cipher.doFinal();
|
||||
}
|
||||
|
||||
public byte[] generate(int size) throws Exception {
|
||||
if (size == 0) {
|
||||
public byte[] generate(int size) throws Exception {
|
||||
if (size == 0) {
|
||||
return new byte[0];
|
||||
}
|
||||
byte[] randomBytes = new byte[size];
|
||||
@@ -183,7 +183,7 @@ public class InsecureIVorNonceSource {
|
||||
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
|
||||
|
||||
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec);
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec);
|
||||
cipher.update(plaintext);
|
||||
return cipher.doFinal();
|
||||
}
|
||||
@@ -191,7 +191,7 @@ public class InsecureIVorNonceSource {
|
||||
public byte[] generateInsecureRandomBytes(int numBytes) {
|
||||
Random random = new Random();
|
||||
byte[] bytes = new byte[numBytes];
|
||||
random.nextBytes(bytes); // $Source
|
||||
random.nextBytes(bytes); // $ Source
|
||||
return bytes;
|
||||
}
|
||||
|
||||
@@ -203,7 +203,7 @@ public class InsecureIVorNonceSource {
|
||||
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
|
||||
|
||||
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $Alert[java/quantum/examples/insecure-iv-or-nonce]]
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); // $ Alert[java/quantum/examples/insecure-iv-or-nonce]]
|
||||
cipher.update(plaintext);
|
||||
return cipher.doFinal();
|
||||
}
|
||||
|
||||
@@ -2,15 +2,15 @@ import java.security.*;
|
||||
public class InsufficientAsymmetricKeySize{
|
||||
public static void test() throws Exception{
|
||||
KeyPairGenerator keyPairGen1 = KeyPairGenerator.getInstance("RSA");
|
||||
keyPairGen1.initialize(1024); // $Alert[java/quantum/examples/weak-asymmetric-key-gen-size]
|
||||
keyPairGen1.initialize(1024); // $ Alert[java/quantum/examples/weak-asymmetric-key-gen-size]
|
||||
keyPairGen1.generateKeyPair();
|
||||
|
||||
KeyPairGenerator keyPairGen2 = KeyPairGenerator.getInstance("DSA");
|
||||
keyPairGen2.initialize(1024); // $Alert[java/quantum/examples/weak-asymmetric-key-gen-size]
|
||||
keyPairGen2.initialize(1024); // $ Alert[java/quantum/examples/weak-asymmetric-key-gen-size]
|
||||
keyPairGen2.generateKeyPair();
|
||||
|
||||
KeyPairGenerator keyPairGen3 = KeyPairGenerator.getInstance("DH");
|
||||
keyPairGen3.initialize(1024); // $Alert[java/quantum/examples/weak-asymmetric-key-gen-size]
|
||||
keyPairGen3.initialize(1024); // $ Alert[java/quantum/examples/weak-asymmetric-key-gen-size]
|
||||
keyPairGen3.generateKeyPair();
|
||||
|
||||
KeyPairGenerator keyPairGen4 = KeyPairGenerator.getInstance("RSA");
|
||||
@@ -25,4 +25,4 @@ public class InsufficientAsymmetricKeySize{
|
||||
keyPairGen6.initialize(2048); // GOOD
|
||||
keyPairGen6.generateKeyPair();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -10,25 +10,25 @@ public class Test {
|
||||
byte[] data = "SensitiveData".getBytes();
|
||||
|
||||
// Insecure block mode: ECB
|
||||
Cipher cipherECB = Cipher.getInstance("AES/ECB/PKCS5Padding"); // $Alert
|
||||
Cipher cipherECB = Cipher.getInstance("AES/ECB/PKCS5Padding"); // $ Alert
|
||||
cipherECB.init(Cipher.ENCRYPT_MODE, key);
|
||||
byte[] ecbEncrypted = cipherECB.doFinal(data);
|
||||
System.out.println("ECB encrypted: " + bytesToHex(ecbEncrypted));
|
||||
|
||||
// Insecure block mode: CFB
|
||||
Cipher cipherCFB = Cipher.getInstance("AES/CFB/PKCS5Padding"); // $Alert
|
||||
Cipher cipherCFB = Cipher.getInstance("AES/CFB/PKCS5Padding"); // $ Alert
|
||||
cipherCFB.init(Cipher.ENCRYPT_MODE, key, iv);
|
||||
byte[] cfbEncrypted = cipherCFB.doFinal(data);
|
||||
System.out.println("CFB encrypted: " + bytesToHex(cfbEncrypted));
|
||||
|
||||
// Insecure block mode: OFB
|
||||
Cipher cipherOFB = Cipher.getInstance("AES/OFB/PKCS5Padding"); // $Alert
|
||||
Cipher cipherOFB = Cipher.getInstance("AES/OFB/PKCS5Padding"); // $ Alert
|
||||
cipherOFB.init(Cipher.ENCRYPT_MODE, key, iv);
|
||||
byte[] ofbEncrypted = cipherOFB.doFinal(data);
|
||||
System.out.println("OFB encrypted: " + bytesToHex(ofbEncrypted));
|
||||
|
||||
// Insecure block mode: CTR
|
||||
Cipher cipherCTR = Cipher.getInstance("AES/CTR/NoPadding"); // $Alert
|
||||
Cipher cipherCTR = Cipher.getInstance("AES/CTR/NoPadding"); // $ Alert
|
||||
cipherCTR.init(Cipher.ENCRYPT_MODE, key, iv);
|
||||
byte[] ctrEncrypted = cipherCTR.doFinal(data);
|
||||
System.out.println("CTR encrypted: " + bytesToHex(ctrEncrypted));
|
||||
@@ -54,4 +54,4 @@ public class Test {
|
||||
sb.append(String.format("%02x", b));
|
||||
return sb.toString();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -12,33 +12,33 @@ public class WeakHashing {
|
||||
props.load(new FileInputStream("example.properties"));
|
||||
|
||||
// BAD: Using a weak hashing algorithm even with a secure default
|
||||
MessageDigest bad = MessageDigest.getInstance(props.getProperty("hashAlg1")); // $Alert[java/quantum/examples/weak-hash]
|
||||
MessageDigest bad = MessageDigest.getInstance(props.getProperty("hashAlg1")); // $ Alert[java/quantum/examples/weak-hash]
|
||||
|
||||
// BAD: Using a weak hashing algorithm even with a secure default
|
||||
MessageDigest bad2 = MessageDigest.getInstance(props.getProperty("hashAlg1", "SHA-256")); // $Alert[java/quantum/examples/weak-hash]
|
||||
MessageDigest bad2 = MessageDigest.getInstance(props.getProperty("hashAlg1", "SHA-256")); // $ Alert[java/quantum/examples/weak-hash]
|
||||
|
||||
// BAD: Using a strong hashing algorithm but with a weak default
|
||||
MessageDigest bad3 = MessageDigest.getInstance(props.getProperty("hashAlg2", "MD5")); // $Alert[java/quantum/examples/weak-hash]
|
||||
MessageDigest bad3 = MessageDigest.getInstance(props.getProperty("hashAlg2", "MD5")); // $ Alert[java/quantum/examples/weak-hash]
|
||||
|
||||
// BAD: Using a weak hash
|
||||
MessageDigest bad4 = MessageDigest.getInstance("SHA-1"); // $Alert[java/quantum/examples/weak-hash]
|
||||
MessageDigest bad4 = MessageDigest.getInstance("SHA-1"); // $ Alert[java/quantum/examples/weak-hash]
|
||||
|
||||
// BAD: Property does not exist and default (used value) is unknown
|
||||
MessageDigest bad5 = MessageDigest.getInstance(props.getProperty("non-existent_property", "non-existent_default")); // $Alert[java/quantum/examples/unknown-hash]
|
||||
MessageDigest bad5 = MessageDigest.getInstance(props.getProperty("non-existent_property", "non-existent_default")); // $ Alert[java/quantum/examples/unknown-hash]
|
||||
|
||||
java.util.Properties props2 = new java.util.Properties();
|
||||
|
||||
props2.load(new FileInputStream("unobserved-file.properties"));
|
||||
|
||||
// BAD: "hashAlg2" is not visible in the file loaded for props2, should be an unknown
|
||||
// BAD: "hashAlg2" is not visible in the file loaded for props2, should be an unknown
|
||||
// FALSE NEGATIVE for unknown hash
|
||||
MessageDigest bad6 = MessageDigest.getInstance(props2.getProperty("hashAlg2", "SHA-256")); // $Alert[java/quantum/examples/unknown-hash]
|
||||
MessageDigest bad6 = MessageDigest.getInstance(props2.getProperty("hashAlg2", "SHA-256")); // $ Alert[java/quantum/examples/unknown-hash]
|
||||
|
||||
// GOOD: Using a strong hashing algorithm
|
||||
MessageDigest ok = MessageDigest.getInstance(props.getProperty("hashAlg2"));
|
||||
|
||||
// BAD?: Property does not exist (considered unknown) and but default is secure
|
||||
MessageDigest ok2 = MessageDigest.getInstance(props.getProperty("non-existent-property", "SHA-256")); // $Alert[java/quantum/examples/unknown-hash]
|
||||
MessageDigest ok2 = MessageDigest.getInstance(props.getProperty("non-existent-property", "SHA-256")); // $ Alert[java/quantum/examples/unknown-hash]
|
||||
|
||||
// GOOD: Using a strong hashing algorithm
|
||||
MessageDigest ok3 = MessageDigest.getInstance("SHA3-512");
|
||||
|
||||
@@ -28,8 +28,8 @@ public class Test {
|
||||
*/
|
||||
public void pbkdf2LowIteration(String password) throws Exception {
|
||||
byte[] salt = generateSalt(16);
|
||||
int iterationCount = 10; // $Source
|
||||
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, 256); // $Alert[java/quantum/examples/weak-kdf-iteration-count]
|
||||
int iterationCount = 10; // $ Source
|
||||
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, 256); // $ Alert[java/quantum/examples/weak-kdf-iteration-count]
|
||||
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
||||
byte[] key = factory.generateSecret(spec).getEncoded();
|
||||
}
|
||||
@@ -40,9 +40,9 @@ public class Test {
|
||||
* SAST/CBOM: - Parent: PBKDF2. - Iteration count is only 10, which is far
|
||||
* below acceptable security standards. - Flagged as insecure.
|
||||
*/
|
||||
public void pbkdf2LowIteration(String password, int iterationCount) throws Exception { // $Source
|
||||
public void pbkdf2LowIteration(String password, int iterationCount) throws Exception { // $ Source
|
||||
byte[] salt = generateSalt(16);
|
||||
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, 256); // $Alert[java/quantum/examples/unknown-kdf-iteration-count]
|
||||
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, 256); // $ Alert[java/quantum/examples/unknown-kdf-iteration-count]
|
||||
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
||||
byte[] key = factory.generateSecret(spec).getEncoded();
|
||||
}
|
||||
@@ -55,9 +55,9 @@ public class Test {
|
||||
*/
|
||||
public void pbkdf2HighIteration(String password) throws Exception {
|
||||
byte[] salt = generateSalt(16);
|
||||
int iterationCount = 1_000_000;
|
||||
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, 256);
|
||||
int iterationCount = 1_000_000;
|
||||
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, 256);
|
||||
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
||||
byte[] key = factory.generateSecret(spec).getEncoded();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,8 +20,8 @@ public class Test {
|
||||
public void pbkdf2WeakKeySize(String password) throws Exception {
|
||||
byte[] salt = generateSalt(16);
|
||||
int iterationCount = 100_000;
|
||||
int keySize = 64; // $Source
|
||||
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, keySize); // $Alert[java/quantum/examples/weak-kdf-key-size]
|
||||
int keySize = 64; // $ Source
|
||||
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), salt, iterationCount, keySize); // $ Alert[java/quantum/examples/weak-kdf-key-size]
|
||||
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
||||
byte[] key = factory.generateSecret(spec).getEncoded();
|
||||
}
|
||||
@@ -39,4 +39,4 @@ public class Test {
|
||||
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
||||
byte[] key = factory.generateSecret(spec).getEncoded();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -10,51 +10,51 @@ public class Test {
|
||||
byte[] data = "Sensitive Data".getBytes();
|
||||
|
||||
// BAD: DES (unsafe)
|
||||
KeyGenerator desKeyGen = KeyGenerator.getInstance("DES"); // $Alert
|
||||
KeyGenerator desKeyGen = KeyGenerator.getInstance("DES"); // $ Alert
|
||||
SecretKey desKey = desKeyGen.generateKey();
|
||||
Cipher desCipher = Cipher.getInstance("DES"); // $Alert
|
||||
Cipher desCipher = Cipher.getInstance("DES"); // $ Alert
|
||||
desCipher.init(Cipher.ENCRYPT_MODE, desKey);
|
||||
byte[] desEncrypted = desCipher.doFinal(data);
|
||||
|
||||
// BAD: DESede (Triple DES, considered weak)
|
||||
KeyGenerator desedeKeyGen = KeyGenerator.getInstance("DESede"); // $Alert
|
||||
KeyGenerator desedeKeyGen = KeyGenerator.getInstance("DESede"); // $ Alert
|
||||
SecretKey desedeKey = desedeKeyGen.generateKey();
|
||||
Cipher desedeCipher = Cipher.getInstance("DESede"); // $Alert
|
||||
Cipher desedeCipher = Cipher.getInstance("DESede"); // $ Alert
|
||||
desedeCipher.init(Cipher.ENCRYPT_MODE, desedeKey);
|
||||
byte[] desedeEncrypted = desedeCipher.doFinal(data);
|
||||
|
||||
// BAD: Blowfish (considered weak)
|
||||
KeyGenerator blowfishKeyGen = KeyGenerator.getInstance("Blowfish"); // $Alert
|
||||
KeyGenerator blowfishKeyGen = KeyGenerator.getInstance("Blowfish"); // $ Alert
|
||||
SecretKey blowfishKey = blowfishKeyGen.generateKey();
|
||||
Cipher blowfishCipher = Cipher.getInstance("Blowfish"); // $Alert
|
||||
Cipher blowfishCipher = Cipher.getInstance("Blowfish"); // $ Alert
|
||||
blowfishCipher.init(Cipher.ENCRYPT_MODE, blowfishKey);
|
||||
byte[] blowfishEncrypted = blowfishCipher.doFinal(data);
|
||||
|
||||
// BAD: RC2 (unsafe)
|
||||
KeyGenerator rc2KeyGen = KeyGenerator.getInstance("RC2"); // $Alert
|
||||
KeyGenerator rc2KeyGen = KeyGenerator.getInstance("RC2"); // $ Alert
|
||||
SecretKey rc2Key = rc2KeyGen.generateKey();
|
||||
Cipher rc2Cipher = Cipher.getInstance("RC2"); // $Alert
|
||||
Cipher rc2Cipher = Cipher.getInstance("RC2"); // $ Alert
|
||||
rc2Cipher.init(Cipher.ENCRYPT_MODE, rc2Key);
|
||||
byte[] rc2Encrypted = rc2Cipher.doFinal(data);
|
||||
|
||||
// BAD: RC4 (stream cipher, unsafe)
|
||||
KeyGenerator rc4KeyGen = KeyGenerator.getInstance("RC4"); // $Alert
|
||||
KeyGenerator rc4KeyGen = KeyGenerator.getInstance("RC4"); // $ Alert
|
||||
SecretKey rc4Key = rc4KeyGen.generateKey();
|
||||
Cipher rc4Cipher = Cipher.getInstance("RC4"); // $Alert
|
||||
Cipher rc4Cipher = Cipher.getInstance("RC4"); // $ Alert
|
||||
rc4Cipher.init(Cipher.ENCRYPT_MODE, rc4Key);
|
||||
byte[] rc4Encrypted = rc4Cipher.doFinal(data);
|
||||
|
||||
// BAD: IDEA (considered weak)
|
||||
KeyGenerator ideaKeyGen = KeyGenerator.getInstance("IDEA"); // $Alert
|
||||
KeyGenerator ideaKeyGen = KeyGenerator.getInstance("IDEA"); // $ Alert
|
||||
SecretKey ideaKey = ideaKeyGen.generateKey();
|
||||
Cipher ideaCipher = Cipher.getInstance("IDEA"); // $Alert
|
||||
Cipher ideaCipher = Cipher.getInstance("IDEA"); // $ Alert
|
||||
ideaCipher.init(Cipher.ENCRYPT_MODE, ideaKey);
|
||||
byte[] ideaEncrypted = ideaCipher.doFinal(data);
|
||||
|
||||
// BAD: Skipjack (unsafe)
|
||||
KeyGenerator skipjackKeyGen = KeyGenerator.getInstance("Skipjack"); // $Alert
|
||||
KeyGenerator skipjackKeyGen = KeyGenerator.getInstance("Skipjack"); // $ Alert
|
||||
SecretKey skipjackKey = skipjackKeyGen.generateKey();
|
||||
Cipher skipjackCipher = Cipher.getInstance("Skipjack"); // $Alert
|
||||
Cipher skipjackCipher = Cipher.getInstance("Skipjack"); // $ Alert
|
||||
skipjackCipher.init(Cipher.ENCRYPT_MODE, skipjackKey);
|
||||
byte[] skipjackEncrypted = skipjackCipher.doFinal(data);
|
||||
|
||||
@@ -78,4 +78,4 @@ public class Test {
|
||||
// GOOD: not a symmetric cipher (Sanity check)
|
||||
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user