Skip to content

Commit 1065ad0

Browse files
markshannonmarkshannon
committed
Python: Weak crypto query.
1 parent c75fa28 commit 1065ad0

File tree

13 files changed

+198
-0
lines changed

13 files changed

+198
-0
lines changed

python/ql/src/Security/CWE-326/WeakCrypto.qhelp

Whitespace-only changes.

python/ql/src/Security/CWE-326/WeakCrypto.ql

Lines changed: 84 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,84 @@
1+
/**
2+
* @name Weak Cryptographic Key Use
3+
* @description Use of a cryptographic key that is too small may allow the encryption to be broken.
4+
* @kind problem
5+
* @problem.severity error
6+
* @precision high
7+
* @id py/weak-crypto-key
8+
* @tags security
9+
* external/cwe/cwe-326
10+
*/
11+
12+
import python
13+
14+
int minimumSecureKeySize(string algo) {
15+
algo = "DSA" and result = 2048
16+
or
17+
algo = "RSA" and result = 2048
18+
or
19+
algo = "elliptic curve" and result = 224
20+
}
21+
22+
predicate dsaRsaKeySizeArg(FunctionObject obj, string algorithm, string arg) {
23+
exists(ModuleObject mod |
24+
mod.getAttribute(_) = obj |
25+
algorithm = "DSA" and
26+
(
27+
mod.getName() = "cryptography.hazmat.primitives.asymmetric.dsa" and arg = "key_size"
28+
or
29+
mod.getName() = "Crypto.PublicKey.DSA" and arg = "bits"
30+
or
31+
mod.getName() = "Cryptodome.PublicKey.DSA" and arg = "bits"
32+
)
33+
or
34+
algorithm = "RSA" and
35+
(
36+
mod.getName() = "cryptography.hazmat.primitives.asymmetric.rsa" and arg = "key_size"
37+
or
38+
mod.getName() = "Crypto.PublicKey.RSA" and arg = "bits"
39+
or
40+
mod.getName() = "Cryptodome.PublicKey.RSA" and arg = "bits"
41+
)
42+
or
43+
algorithm = "elliptic curve" and
44+
mod.getName() = "cryptography.hazmat.primitives.asymmetric.ec" and arg = "curve"
45+
)
46+
}
47+
48+
predicate ecKeySizeArg(FunctionObject obj, string arg) {
49+
exists(ModuleObject mod |
50+
mod.getAttribute(_) = obj |
51+
mod.getName() = "cryptography.hazmat.primitives.asymmetric.ec" and arg = "curve"
52+
)
53+
}
54+
55+
int keySizeFromCurve(ClassObject curveClass) {
56+
result = curveClass.declaredAttribute("key_size").(NumericObject).intValue()
57+
}
58+
59+
predicate algorithmAndKeysizeForCall(CallNode call, string algorithm, int keySize, ControlFlowNode keyOrigin) {
60+
exists(FunctionObject func, string argname, ControlFlowNode arg |
61+
arg = func.getNamedArgumentForCall(call, argname) |
62+
exists(NumericObject key |
63+
arg.refersTo(key, keyOrigin) and
64+
dsaRsaKeySizeArg(func, algorithm, argname) and
65+
keySize = key.intValue()
66+
)
67+
or
68+
exists(ClassObject curve |
69+
arg.refersTo(_, curve, keyOrigin) and
70+
ecKeySizeArg(func, argname) and
71+
algorithm = "elliptic curve" and
72+
keySize = keySizeFromCurve(curve)
73+
)
74+
)
75+
}
76+
77+
78+
from CallNode call, ControlFlowNode origin, string algo, int keySize
79+
where
80+
algorithmAndKeysizeForCall(call, algo, keySize, origin) and
81+
keySize < minimumSecureKeySize(algo)
82+
select call, "Creation of an " + algo + " key uses $@ bits, which is below " + minimumSecureKeySize(algo) + " and considered breakable.", origin, keySize.toString()
83+
84+

python/ql/test/query-tests/Security/CWE-326/WeakCrypto.expected

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
| weak_crypto.py:67:1:67:30 | ControlFlowNode for dsa_gen_key() | Creation of an DSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:12:12:12:15 | ControlFlowNode for IntegerLiteral | 1024 |
2+
| weak_crypto.py:68:1:68:28 | ControlFlowNode for ec_gen_key() | Creation of an elliptic curve key uses $@ bits, which is below 224 and considered breakable. | weak_crypto.py:21:11:21:33 | ControlFlowNode for FakeWeakEllipticCurve() | 160 |
3+
| weak_crypto.py:69:1:69:37 | ControlFlowNode for rsa_gen_key() | Creation of an RSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:12:12:12:15 | ControlFlowNode for IntegerLiteral | 1024 |
4+
| weak_crypto.py:71:1:71:22 | ControlFlowNode for Attribute() | Creation of an DSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:12:12:12:15 | ControlFlowNode for IntegerLiteral | 1024 |
5+
| weak_crypto.py:72:1:72:22 | ControlFlowNode for Attribute() | Creation of an RSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:12:12:12:15 | ControlFlowNode for IntegerLiteral | 1024 |

python/ql/test/query-tests/Security/CWE-326/WeakCrypto.qlref

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Security/CWE-326/WeakCrypto.ql

python/ql/test/query-tests/Security/CWE-326/options

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
semmle-extractor-options: -p ../lib/ --max-import-depth=3
2+
optimize: true

python/ql/test/query-tests/Security/CWE-326/weak_crypto.py

Lines changed: 73 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,73 @@
1+
from cryptography.hazmat import backends
2+
from cryptography.hazmat.primitives.asymmetric import ec, dsa, rsa
3+
4+
#Crypto and Cryptodome have same API
5+
if random():
6+
from Crypto.PublicKey import DSA
7+
from Crypto.PublicKey import RSA
8+
else:
9+
from Cryptodome.PublicKey import DSA
10+
from Cryptodome.PublicKey import RSA
11+
12+
RSA_WEAK = 1024
13+
RSA_OK = 2048
14+
RSA_STRONG = 3076
15+
BIG = 10000
16+
17+
class FakeWeakEllipticCurve:
18+
name = "fake"
19+
key_size = 160
20+
21+
EC_WEAK = FakeWeakEllipticCurve()
22+
EC_OK = ec.SECP224R1()
23+
EC_STRONG = ec.SECP384R1()
24+
EC_BIG = ec.SECT571R1()
25+
26+
dsa_gen_key = dsa.generate_private_key
27+
ec_gen_key = ec.generate_private_key
28+
rsa_gen_key = rsa.generate_private_key
29+
30+
default = backends.default_backend()
31+
32+
#Strong and OK keys.
33+
34+
dsa_gen_key(key_size=RSA_OK, backend=default)
35+
dsa_gen_key(key_size=RSA_STRONG, backend=default)
36+
dsa_gen_key(key_size=BIG, backend=default)
37+
ec_gen_key(key_size=EC_OK, backend=default)
38+
ec_gen_key(key_size=EC_STRONG, backend=default)
39+
ec_gen_key(key_size=EC_BIG, backend=default)
40+
rsa_gen_key(public_exponent=65537, key_size=RSA_OK, backend=default)
41+
rsa_gen_key(public_exponent=65537, key_size=RSA_STRONG, backend=default)
42+
rsa_gen_key(public_exponent=65537, key_size=BIG, backend=default)
43+
44+
DSA.generate(bits=RSA_OK)
45+
DSA.generate(bits=RSA_STRONG)
46+
RSA.generate(bits=RSA_OK)
47+
RSA.generate(bits=RSA_STRONG)
48+
49+
dsa_gen_key(RSA_OK, default)
50+
dsa_gen_key(RSA_STRONG, default)
51+
dsa_gen_key(BIG, default)
52+
ec_gen_key(EC_OK, default)
53+
ec_gen_key(EC_STRONG, default)
54+
ec_gen_key(EC_BIG, default)
55+
rsa_gen_key(65537, RSA_OK, default)
56+
rsa_gen_key(65537, RSA_STRONG, default)
57+
rsa_gen_key(65537, BIG, default)
58+
59+
DSA.generate(RSA_OK)
60+
DSA.generate(RSA_STRONG)
61+
RSA.generate(RSA_OK)
62+
RSA.generate(RSA_STRONG)
63+
64+
65+
# Weak keys
66+
67+
dsa_gen_key(RSA_WEAK, default)
68+
ec_gen_key(EC_WEAK, default)
69+
rsa_gen_key(65537, RSA_WEAK, default)
70+
71+
DSA.generate(RSA_WEAK)
72+
RSA.generate(RSA_WEAK)
73+

python/ql/test/query-tests/Security/lib/Crypto/PublicKey/DSA.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
def generate(bits):
2+
pass

python/ql/test/query-tests/Security/lib/Crypto/PublicKey/RSA.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
def generate(bits):
2+
pass

python/ql/test/query-tests/Security/lib/Crypto/PublicKey/__init__.py

Whitespace-only changes.

python/ql/test/query-tests/Security/lib/cryptography/hazmat/primitives/asymmetric/__init__.py

Whitespace-only changes.

0 commit comments

Comments
 (0)