Enhance sast-rule java/crypto/rule-RsaNoPadding.yml
Problem
The following code snippet triggers an issue, whereas it is not using RSA:
import javax.crypto.Cipher;
public class Main {
public static void main(String[] args) {
var cipher = Cipher.getInstance("AES/GCM/NoPadding");
}
}
Rule definition:
rules:
- id: find_sec_bugs.RSA_NO_PADDING-1
languages:
- java
patterns:
- pattern: javax.crypto.Cipher.getInstance($ALG,...);
- metavariable-regex:
metavariable: $ALG
regex: .*NoPadding.*
message: >
The software uses the RSA algorithm but does not incorporate Optimal
Asymmetric
Encryption Padding (OAEP). By not enabling padding, the algorithm maybe vulnerable
to [chosen plaintext attacks](https://en.wikipedia.org/wiki/Chosen-plaintext_attack).
To enable OAEP mode, pass `RSA/ECB/OAEPWithSHA-256AndMGF1Padding` to the `Cipher.getInstance`
method.
Example encrypting and decrypting a message using RSA with OAEP:
```
public static void encryptWithRSA() throws InvalidKeyException, NoSuchAlgorithmException,
NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException {
// Generate an RSA Public and Private Key Pair
KeyPair keyPair = generateRSAKeys();
// Create a Cipher instance using RSA, ECB with OAEP
Cipher rsaEncryptor = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
// Initialize to ENCRYPT_MODE with the public key
rsaEncryptor.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());
// Encrypt our secret message
byte[] cipherText = rsaEncryptor.doFinal("Some secret
message".getBytes(StandardCharsets.UTF_8));
// Create a Cipher instance using RSA, ECB with OAEP
Cipher rsaDecryptor = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
// Initialize to DECRYPT_MODE with the private key
rsaDecryptor.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());
// Decrypt the secret message
byte[] plainText = rsaDecryptor.doFinal(cipherText);
// Debug output
System.out.println(new String(plainText));
}
```
More information on Optimal asymmetric encryption padding:
https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding
For more information on Java Cryptography see:
https://docs.oracle.com/en/java/javase/15/security/java-cryptography-architecture-jca-reference-guide.html
metadata:
shortDescription: Use of RSA algorithm without OAEP
category: security
cwe: CWE-780
primary_identifier: find_sec_bugs.RSA_NO_PADDING-1
secondary_identifiers:
- name: Find Security Bugs-RSA_NO_PADDING
type: find_sec_bugs_type
value: RSA_NO_PADDING
severity: WARNING
Playground link: https://semgrep.dev/playground/s/0Elr
Solution
Follow the enhance rule checklist.
Edited by Dinesh Bolkensteyn