Class: Brakeman::CheckWeakRSAKey

Inherits:

BaseCheck

• Object
• SexpProcessor
• BaseCheck
• Brakeman::CheckWeakRSAKey

Defined in:

lib/brakeman/checks/check_weak_rsa_key.rb

Constant Summary

PKCS1_PADDING =

s(:colon2, s(:colon2, s(:colon2, s(:const, :OpenSSL), :PKey), :RSA), :PKCS1_PADDING).freeze

PKCS1_PADDING_STR =

s(:str, 'pkcs1').freeze

SSLV23_PADDING =

s(:colon2, s(:colon2, s(:colon2, s(:const, :OpenSSL), :PKey), :RSA), :SSLV23_PADDING).freeze

SSLV23_PADDING_STR =

s(:str, 'sslv23').freeze

NO_PADDING =

s(:colon2, s(:colon2, s(:colon2, s(:const, :OpenSSL), :PKey), :RSA), :NO_PADDING).freeze

NO_PADDING_STR =

s(:str, 'none').freeze

Constants inherited from BaseCheck

BaseCheck::CONFIDENCE

Constants included from Util

Util::ALL_COOKIES, Util::ALL_PARAMETERS, Util::COOKIES, Util::COOKIES_SEXP, Util::DIR_CONST, Util::LITERALS, Util::PARAMETERS, Util::PARAMS_SEXP, Util::PATH_PARAMETERS, Util::QUERY_PARAMETERS, Util::REQUEST_COOKIES, Util::REQUEST_ENV, Util::REQUEST_PARAMETERS, Util::REQUEST_PARAMS, Util::REQUEST_REQUEST_PARAMETERS, Util::SAFE_LITERAL, Util::SESSION, Util::SESSION_SEXP, Util::SIMPLE_LITERALS

Constants inherited from SexpProcessor

SexpProcessor::VERSION

Instance Attribute Summary

Attributes inherited from BaseCheck

#tracker, #warnings

Attributes inherited from SexpProcessor

#context, #env, #expected

Instance Method Summary

• #check_key_size(result, key_size_arg) ⇒ Object
• #check_padding(result, padding_arg) ⇒ Object
• #check_rsa_key_creation ⇒ Object
• #check_rsa_operations ⇒ Object
• #run_check ⇒ Object

Methods inherited from BaseCheck

#add_result, inherited, #initialize, #process_array, #process_call, #process_cookies, #process_default, #process_dstr, #process_if, #process_params

Methods included from Messages

#msg, #msg_code, #msg_cve, #msg_file, #msg_input, #msg_lit, #msg_plain, #msg_version

Methods included from Util

#all_literals?, #array?, #block?, #call?, #camelize, #class_name, #constant?, #contains_class?, #cookies?, #dir_glob?, #false?, #hash?, #hash_access, #hash_insert, #hash_iterate, #hash_values, #integer?, #kwsplat?, #literal?, #make_call, #node_type?, #number?, #params?, #pluralize, #rails_version, #recurse_check?, #regexp?, #remove_kwsplat, #request_headers?, #request_value?, #result?, #safe_literal, #safe_literal?, #safe_literal_target?, #set_env_defaults, #sexp?, #simple_literal?, #string?, #string_interp?, #symbol?, #template_path_to_name, #true?, #underscore

Methods included from ProcessorHelper

#current_file, #process_all, #process_all!, #process_call_args, #process_call_defn?, #process_class, #process_module

Methods inherited from SexpProcessor

#in_context, #initialize, #process, processors, #scope

Constructor Details

This class inherits a constructor from Brakeman::BaseCheck

Instance Method Details

#check_key_size(result, key_size_arg) ⇒ Object

# File 'lib/brakeman/checks/check_weak_rsa_key.rb', line 53

def check_key_size result, key_size_arg
  return unless number? key_size_arg
  return unless original? result

  key_size = key_size_arg.value

  if key_size < 1024
    confidence = :high
    message = msg("RSA key with size ", msg_code(key_size.to_s), " is considered very weak. Use at least 2048 bit key size")
  elsif key_size < 2048
    confidence = :medium
    message = msg("RSA key with size ", msg_code(key_size.to_s), " is considered weak. Use at least 2048 bit key size")
  else
    return
  end

  warn result: result,
    warning_type: "Weak Cryptography",
    warning_code: :small_rsa_key_size,
    message: message,
    confidence: confidence,
    user_input: key_size_arg,
    cwe_id: [326]
end

#check_padding(result, padding_arg) ⇒ Object

# File 'lib/brakeman/checks/check_weak_rsa_key.rb', line 85

def check_padding result, padding_arg
  return unless original? result

  if string? padding_arg
    padding_arg = padding_arg.deep_clone(padding_arg.line)
    padding_arg.value.downcase!
  end

  case padding_arg
  when PKCS1_PADDING, PKCS1_PADDING_STR, nil
    message = "Use of padding mode PKCS1 (default if not specified), which is known to be insecure. Use OAEP instead"
  when SSLV23_PADDING, SSLV23_PADDING_STR
    message = "Use of padding mode SSLV23 for RSA key, which is only useful for outdated versions of SSL. Use OAEP instead"
  when NO_PADDING, NO_PADDING_STR
    message = "No padding mode used for RSA key. A safe padding mode (OAEP) should be specified for RSA keys"
  else
    return
  end

  warn result: result,
    warning_type: "Weak Cryptography",
    warning_code: :insecure_rsa_padding_mode,
    message: message,
    confidence: :high,
    user_input: padding_arg,
    cwe_id: [780]
end

#check_rsa_key_creation ⇒ Object

# File 'lib/brakeman/checks/check_weak_rsa_key.rb', line 13

def check_rsa_key_creation
  tracker.find_call(targets: [:'OpenSSL::PKey::RSA'], method: [:new, :generate], nested: true).each do |result|
    key_size_arg = result[:call].first_arg
    check_key_size(result, key_size_arg)
  end

  tracker.find_call(targets: [:'OpenSSL::PKey'], method: [:generate_key], nested: true).each do |result|
    call = result[:call]
    key_type = call.first_arg
    options_arg = call.second_arg

    next unless options_arg and hash? options_arg

    if string? key_type and key_type.value.upcase == 'RSA'
      key_size_arg = (hash_access(options_arg, :rsa_keygen_bits) || hash_access(options_arg, s(:str, 'rsa_key_gen_bits')))
      check_key_size(result, key_size_arg)
    end
  end
end

#check_rsa_operations ⇒ Object

# File 'lib/brakeman/checks/check_weak_rsa_key.rb', line 33

def check_rsa_operations
  tracker.find_call(targets: [:'OpenSSL::PKey::RSA.new'], methods: [:public_encrypt, :public_decrypt, :private_encrypt, :private_decrypt], nested: true).each do |result|
    padding_arg = result[:call].second_arg
    check_padding(result, padding_arg)
  end

  tracker.find_call(targets: [:'OpenSSL::PKey.generate_key'], methods: [:encrypt, :decrypt, :sign, :verify, :sign_raw, :verify_raw], nested: true).each do |result|
    call = result[:call]
    options_arg = call.last_arg

    if options_arg and hash? options_arg
      padding_arg = (hash_access(options_arg, :rsa_padding_mode) || hash_access(options_arg, s(:str, 'rsa_padding_mode')))
    else
      padding_arg = nil
    end

    check_padding(result, padding_arg)
  end
end

#run_check ⇒ Object

# File 'lib/brakeman/checks/check_weak_rsa_key.rb', line 8

def run_check
  check_rsa_key_creation
  check_rsa_operations
end