Merge remote-tracking branch 'upstream/java-crypto-check' into santander-java-crypto-check

Author: bdrodes

java/ql/src/experimental/quantum/Analysis/InsecureNonceGeneration.ql

@@ -0,0 +1,22 @@
+/**
+ * @name Insecure nonce at a cipher operation
+ * @id java/quantum/insecure-nonce
+ * @description A nonce is generated from a source that is not secure. This can lead to
+ *              vulnerabilities such as replay attacks or key recovery.
+ * @kind problem
+ * @problem.severity error
+ * @precision high
+ * @tags quantum
+ *       experimental
+ */
+
+import experimental.quantum.Language
+
+predicate isInsecureNonceSource(Crypto::NonceArtifactNode n, Crypto::NodeBase src) {
+  src = n.getSourceNode() and
+  not src.asElement() instanceof SecureRandomnessInstance
+}
+
+from Crypto::KeyOperationNode op, Crypto::NodeBase src
+where isInsecureNonceSource(op.getANonce(), src)
+select op, "Operation uses insecure nonce source $@", src, src.toString()

java/ql/src/experimental/quantum/Analysis/NonAESGCMCipher.ql

@@ -0,0 +1,24 @@
+/**
+ * @name Cipher not AES-GCM mode
+ * @id java/quantum/non-aes-gcm
+ * @description An AES cipher is in use without GCM
+ * @kind problem
+ * @problem.severity error
+ * @precision high
+ * @tags quantum
+ *       experimental
+ */
+
+import experimental.quantum.Language
+
+class NonAESGCMAlgorithmNode extends Crypto::KeyOperationAlgorithmNode {
+  NonAESGCMAlgorithmNode() {
+    this.getAlgorithmType() = Crypto::KeyOpAlg::TSymmetricCipher(Crypto::KeyOpAlg::AES()) and
+    this.getModeOfOperation().getModeType() != Crypto::KeyOpAlg::GCM()
+  }
+}
+
+from Crypto::KeyOperationNode op, Crypto::KeyOperationOutputNode codeNode
+where op.getAKnownAlgorithm() instanceof NonAESGCMAlgorithmNode and
+    codeNode = op.getAnOutputArtifact()
+select op, "Non-AES-GCM instance."

java/ql/src/experimental/quantum/Analysis/NonceReuse.ql

@@ -0,0 +1,17 @@
+/**
+ * @name Reuse of cryptographic nonce
+ * @description Reuse of nonce in cryptographic operations can lead to vulnerabilities.
+ * @id java/quantum/reused-nonce
+ * @kind problem
+ * @problem.severity error
+ * @precision medium
+ * @tags quantum
+ *       experimental
+ */
+
+import java
+import ArtifactReuse
+
+from Crypto::NonceArtifactNode nonce1, Crypto::NonceArtifactNode nonce2
+where isArtifactReuse(nonce1, nonce2)
+select nonce1, "Reuse with nonce $@", nonce2, nonce2.toString()

java/ql/src/experimental/quantum/Analysis/UnknownKDFIterationCount.ql

@@ -4,7 +4,6 @@
  * @id java/quantum/unknown-kdf-iteration-count
  * @kind problem
  * @precision medium
- * @severity warning
  * @tags quantum
  *       experimental
  */

java/ql/src/experimental/quantum/Analysis/WeakAsymmetric.ql

@@ -0,0 +1,24 @@
+/**
+ * @name Weak Asymetric Key Size
+ * @id java/quantum/weak-asymmetric-key-size
+ * @description An asymmetric cipher with a short key size is in use
+ * @kind problem
+ * @problem.severity error
+ * @precision high
+ * @tags quantum
+ *       experimental
+ */
+
+import java
+import experimental.quantum.Language
+
+from Crypto::KeyOperationAlgorithmNode op, DataFlow::Node configSrc, int keySize, string algName
+where
+  keySize = op.getKeySizeFixed() and
+  keySize < 2048 and
+  algName = op.getAlgorithmName() and
+  // Can't be an elliptic curve
+  not Crypto::isEllipticCurveAlgorithmName(algName)
+select op,
+  "Use of weak asymmetric key size (int bits)" + keySize.toString() + " for algorithm " +
+    algName.toString() + " at config source $@", configSrc, configSrc.toString()

java/ql/src/experimental/quantum/Analysis/WeakBlockModes.ql

@@ -0,0 +1,29 @@
+/**
+ * @name Weak AES Block mode
+ * @id java/quantum/weak-block-modes
+ * @description An AES cipher is in use with an insecure block mode
+ * @kind problem
+ * @problem.severity error
+ * @precision high
+ * @tags quantum
+ *       experimental
+ */
+
+import java
+import experimental.quantum.Language
+
+class WeakAESBlockModeAlgNode extends Crypto::KeyOperationAlgorithmNode {
+  WeakAESBlockModeAlgNode() {
+    this.getAlgorithmType() = Crypto::KeyOpAlg::TSymmetricCipher(Crypto::KeyOpAlg::AES()) and
+    (this.getModeOfOperation().getModeType() = Crypto::KeyOpAlg::ECB() or
+     this.getModeOfOperation().getModeType() = Crypto::KeyOpAlg::CFB() or
+     this.getModeOfOperation().getModeType() = Crypto::KeyOpAlg::OFB() or
+     this.getModeOfOperation().getModeType() = Crypto::KeyOpAlg::CTR()
+    )
+  }
+}
+
+from Crypto::KeyOperationNode op, Crypto::KeyOperationOutputNode codeNode
+where op.getAKnownAlgorithm() instanceof WeakAESBlockModeAlgNode and
+    codeNode = op.getAnOutputArtifact()
+select op, "Weak AES block mode instance."

java/ql/src/experimental/quantum/Analysis/WeakHashing.ql

@@ -0,0 +1,19 @@
+/**
+ * @name Weak hashes
+ * @description Finds uses of cryptographic hashing algorithms that are unapproved or otherwise weak.
+ * @id java/quantum/slices/weak-hashes
+ * @kind problem
+ * @problem.severity error
+ * @precision high
+ * @tags external/cwe/cwe-327
+ */
+
+import java
+import experimental.quantum.Language
+
+from Crypto::HashAlgorithmNode alg, string name, string msg
+where
+  name = alg.getAlgorithmName() and
+  not name in ["SHA256", "SHA384", "SHA512", "SHA-256", "SHA-384", "SHA-512"] and
+  msg = "Use of unapproved hash algorithm or API " + name + "."
+select alg, msg

java/ql/src/experimental/quantum/Analysis/WeakKDFIterationCount.ql

@@ -0,0 +1,20 @@
+/**
+ * @name Weak known key derivation function iteration count
+ * @description Detects key derivation operations with a known weak iteration count.
+ * @id java/quantum/weak-kdf-iteration-count
+ * @kind problem
+ * @problem.severity error
+ * @precision high
+ * @tags quantum
+ *       experimental
+ */
+
+import java
+import experimental.quantum.Language
+
+from Crypto::KeyDerivationOperationNode op, Literal l
+where
+  op.getIterationCount().asElement() = l and
+  l.getValue().toInt() < 100000
+select op, "Key derivation operation configures iteration count below 100k: $@", l,
+  l.getValue().toString()

java/ql/src/experimental/quantum/Analysis/WeakKDFKeySize.ql

@@ -0,0 +1,20 @@
+/**
+ * @name Weak known key derivation function output length
+ * @description Detects key derivation operations with a known weak output length
+ * @id java/quantum/weak-kdf-iteration-count
+ * @kind problem
+ * @problem.severity error
+ * @precision high
+ * @tags quantum
+ *       experimental
+ */
+
+import java
+import experimental.quantum.Language
+
+from Crypto::KeyDerivationOperationNode op, Literal l
+where
+  op.getOutputKeySize().asElement() = l and
+  l.getValue().toInt() < 256
+select op, "Key derivation operation configures output key length below 256: $@", l,
+  l.getValue().toString()

java/ql/src/experimental/quantum/Analysis/WeakRSA.ql

@@ -0,0 +1,24 @@
+/**
+ * @name Cipher is Weak RSA Implementation
+ * @id java/quantum/weak-rsa
+ * @description RSA with a key length <2048 found
+ * @kind problem
+ * @problem.severity error
+ * @precision high
+ * @tags quantum
+ *       experimental
+ */
+
+import experimental.quantum.Language
+
+class WeakRSAAlgorithmNode extends Crypto::KeyOperationAlgorithmNode {
+  WeakRSAAlgorithmNode() {
+    this.getAlgorithmType() = Crypto::KeyOpAlg::TAsymmetricCipher(Crypto::KeyOpAlg::RSA()) and
+    this.getKeySizeFixed() < 2048
+  }
+}
+
+from Crypto::KeyOperationNode op, string message
+where op.getAKnownAlgorithm() instanceof WeakRSAAlgorithmNode and
+     message = "Weak RSA instance found with key length <2048"
+select op, message