Skip to content

Commit

Permalink
Update OSS pycryptodome rules (#3437)
Browse files Browse the repository at this point in the history
* update OSS pycryptodome rules

* update tests
  • Loading branch information
0xDC0DE authored Jul 26, 2024
1 parent cd6cd52 commit 5fbf176
Show file tree
Hide file tree
Showing 10 changed files with 110 additions and 40 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,9 @@ rules:
- id: insecure-cipher-algorithm-blowfish
message: >-
Detected Blowfish cipher algorithm which is considered insecure. This algorithm
is not cryptographically secure and can be reversed easily. Use AES instead.
is not cryptographically secure and can be reversed easily.
Use secure stream ciphers such as ChaCha20, XChaCha20 and Salsa20, or a block cipher such as AES with a block size of 128 bits.
When using a block cipher, use a modern mode of operation that also provides authentication, such as GCM.
metadata:
source-rule-url: https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/blacklists/calls.py#L84
cwe:
Expand All @@ -13,14 +15,20 @@ rules:
bandit-code: B304
references:
- https://stackoverflow.com/questions/1135186/whats-wrong-with-xor-encryption
- https://www.pycryptodome.org/src/cipher/cipher
category: security
technology:
- pycryptodome
subcategory:
- vuln
likelihood: LOW
impact: MEDIUM
confidence: MEDIUM
confidence: HIGH
functional-categories:
- crypto::search::symmetric-algorithm::pycryptodome
- crypto::search::symmetric-algorithm::pycryptodomex
options:
symbolic_propagation: true
severity: WARNING
languages:
- python
Expand Down
16 changes: 13 additions & 3 deletions python/pycryptodome/security/insecure-cipher-algorithm-des.yaml
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
rules:
- id: insecure-cipher-algorithm-des
message: >-
Detected DES cipher algorithm which is considered insecure. This algorithm
is not cryptographically secure and can be reversed easily. Use AES instead.
Detected DES cipher or Triple DES algorithm which is considered insecure. This algorithm
is not cryptographically secure and can be reversed easily. Use a secure symmetric cipher from the cryptodome package instead.
Use secure stream ciphers such as ChaCha20, XChaCha20 and Salsa20, or a block cipher such as AES with a block size of 128 bits.
When using a block cipher, use a modern mode of operation that also provides authentication, such as GCM.
metadata:
source-rule-url: https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/blacklists/calls.py#L84
cwe:
Expand All @@ -13,17 +15,25 @@ rules:
bandit-code: B304
references:
- https://cwe.mitre.org/data/definitions/326.html
- https://www.pycryptodome.org/src/cipher/cipher
category: security
technology:
- pycryptodome
subcategory:
- vuln
likelihood: LOW
impact: MEDIUM
confidence: MEDIUM
confidence: HIGH
functional-categories:
- crypto::search::symmetric-algorithm::pycryptodome
- crypto::search::symmetric-algorithm::pycryptodomex
options:
symbolic_propagation: true
severity: WARNING
languages:
- python
pattern-either:
- pattern: Cryptodome.Cipher.DES.new(...)
- pattern: Crypto.Cipher.DES.new(...)
- pattern: Cryptodome.Cipher.DES3.new(...)
- pattern: Crypto.Cipher.DES3.new(...)
12 changes: 10 additions & 2 deletions python/pycryptodome/security/insecure-cipher-algorithm-rc2.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,9 @@ rules:
- id: insecure-cipher-algorithm-rc2
message: >-
Detected RC2 cipher algorithm which is considered insecure. This algorithm
is not cryptographically secure and can be reversed easily. Use AES instead.
is not cryptographically secure and can be reversed easily.
Use secure stream ciphers such as ChaCha20, XChaCha20 and Salsa20, or a block cipher such as AES with a block size of 128 bits.
When using a block cipher, use a modern mode of operation that also provides authentication, such as GCM.
metadata:
source-rule-url: https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/blacklists/calls.py#L84
cwe:
Expand All @@ -13,14 +15,20 @@ rules:
bandit-code: B304
references:
- https://cwe.mitre.org/data/definitions/326.html
- https://www.pycryptodome.org/src/cipher/cipher
category: security
technology:
- pycryptodome
subcategory:
- vuln
likelihood: LOW
impact: MEDIUM
confidence: MEDIUM
confidence: HIGH
functional-categories:
- crypto::search::symmetric-algorithm::pycryptodome
- crypto::search::symmetric-algorithm::pycryptodomex
options:
symbolic_propagation: true
severity: WARNING
languages:
- python
Expand Down
10 changes: 8 additions & 2 deletions python/pycryptodome/security/insecure-cipher-algorithm-rc4.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,9 @@ rules:
- id: insecure-cipher-algorithm-rc4
message: >-
Detected ARC4 cipher algorithm which is considered insecure. This algorithm
is not cryptographically secure and can be reversed easily. Use AES instead.
is not cryptographically secure and can be reversed easily.
Use secure stream ciphers such as ChaCha20, XChaCha20 and Salsa20, or a block cipher such as AES with a block size of 128 bits.
When using a block cipher, use a modern mode of operation that also provides authentication, such as GCM.
metadata:
source-rule-url: https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/blacklists/calls.py#L84
cwe:
Expand All @@ -13,14 +15,18 @@ rules:
bandit-code: B304
references:
- https://cwe.mitre.org/data/definitions/326.html
- https://www.pycryptodome.org/src/cipher/cipher
category: security
technology:
- pycryptodome
subcategory:
- vuln
likelihood: LOW
impact: MEDIUM
confidence: MEDIUM
confidence: HIGH
functional-categories:
- crypto::search::symmetric-algorithm::pycryptodome
- crypto::search::symmetric-algorithm::pycryptodomex
severity: WARNING
languages:
- python
Expand Down
11 changes: 9 additions & 2 deletions python/pycryptodome/security/insecure-hash-algorithm-md2.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@ rules:
message: >-
Detected MD2 hash algorithm which is considered insecure. MD2 is not
collision resistant and is therefore not suitable as a cryptographic
signature. Use SHA256 or SHA3 instead.
signature.
Use a modern hash algorithm from the SHA-2, SHA-3, or BLAKE2 family instead.
metadata:
source-rule-url: https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/blacklists/calls.py#L59
cwe:
Expand All @@ -12,6 +13,7 @@ rules:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
references:
- https://www.pycryptodome.org/src/hash/hash#modern-hash-algorithms
- https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html
- https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability
- http://2012.sharcs.org/slides/stevens.pdf
Expand All @@ -23,7 +25,12 @@ rules:
- vuln
likelihood: LOW
impact: MEDIUM
confidence: MEDIUM
confidence: HIGH
functional-categories:
- crypto::search::hash-algorithm::pycryptodome
- crypto::search::hash-algorithm::pycryptodomex
options:
symbolic_propagation: true
severity: WARNING
languages:
- python
Expand Down
11 changes: 9 additions & 2 deletions python/pycryptodome/security/insecure-hash-algorithm-md4.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@ rules:
message: >-
Detected MD4 hash algorithm which is considered insecure. MD4 is not
collision resistant and is therefore not suitable as a cryptographic
signature. Use SHA256 or SHA3 instead.
signature.
Use a modern hash algorithm from the SHA-2, SHA-3, or BLAKE2 family instead.
metadata:
source-rule-url: https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/blacklists/calls.py#L59
cwe:
Expand All @@ -12,6 +13,7 @@ rules:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
references:
- https://www.pycryptodome.org/src/hash/hash#modern-hash-algorithms
- https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html
- https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability
- http://2012.sharcs.org/slides/stevens.pdf
Expand All @@ -23,7 +25,12 @@ rules:
- vuln
likelihood: LOW
impact: MEDIUM
confidence: MEDIUM
confidence: HIGH
functional-categories:
- crypto::search::hash-algorithm::pycryptodome
- crypto::search::hash-algorithm::pycryptodomex
options:
symbolic_propagation: true
severity: WARNING
languages:
- python
Expand Down
11 changes: 9 additions & 2 deletions python/pycryptodome/security/insecure-hash-algorithm-md5.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@ rules:
message: >-
Detected MD5 hash algorithm which is considered insecure. MD5 is not
collision resistant and is therefore not suitable as a cryptographic
signature. Use SHA256 or SHA3 instead.
signature.
Use a modern hash algorithm from the SHA-2, SHA-3, or BLAKE2 family instead.
metadata:
source-rule-url: https://github.com/PyCQA/bandit/blob/d5f8fa0d89d7b11442fc6ec80ca42953974354c8/bandit/blacklists/calls.py#L59
cwe:
Expand All @@ -12,6 +13,7 @@ rules:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
references:
- https://www.pycryptodome.org/src/hash/hash#modern-hash-algorithms
- https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html
- https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/sha-1-collision-signals-the-end-of-the-algorithm-s-viability
- http://2012.sharcs.org/slides/stevens.pdf
Expand All @@ -23,7 +25,12 @@ rules:
- vuln
likelihood: LOW
impact: MEDIUM
confidence: MEDIUM
confidence: HIGH
functional-categories:
- crypto::search::hash-algorithm::pycryptodome
- crypto::search::hash-algorithm::pycryptodomex
options:
symbolic_propagation: true
severity: WARNING
languages:
- python
Expand Down
28 changes: 17 additions & 11 deletions python/pycryptodome/security/insufficient-dsa-key-size.yaml
Original file line number Diff line number Diff line change
@@ -1,14 +1,5 @@
rules:
- id: insufficient-dsa-key-size
patterns:
- pattern-either:
- pattern: Crypto.PublicKey.DSA.generate(..., bits=$SIZE, ...)
- pattern: Crypto.PublicKey.DSA.generate($SIZE, ...)
- pattern: Cryptodome.PublicKey.DSA.generate(..., bits=$SIZE, ...)
- pattern: Cryptodome.PublicKey.DSA.generate($SIZE, ...)
- metavariable-comparison:
metavariable: $SIZE
comparison: $SIZE < 2048
message: >-
Detected an insufficient key size for DSA. NIST recommends
a key size of 2048 or higher.
Expand All @@ -20,14 +11,29 @@ rules:
- A02:2021 - Cryptographic Failures
source-rule-url: https://github.com/PyCQA/bandit/blob/b1411bfb43795d3ffd268bef17a839dee954c2b1/bandit/plugins/weak_cryptographic_key.py
references:
- https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf
- https://www.pycryptodome.org/src/public_key/dsa
- https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf
category: security
technology:
- pycryptodome
subcategory:
- vuln
likelihood: LOW
impact: MEDIUM
confidence: MEDIUM
confidence: HIGH
functional-categories:
- crypto::search::key-length::pycryptodome
- crypto::search::key-length::pycryptodomex
options:
symbolic_propagation: true
languages: [python]
severity: WARNING
patterns:
- pattern-either:
- pattern: Crypto.PublicKey.DSA.generate(..., bits=$SIZE, ...)
- pattern: Crypto.PublicKey.DSA.generate($SIZE, ...)
- pattern: Cryptodome.PublicKey.DSA.generate(..., bits=$SIZE, ...)
- pattern: Cryptodome.PublicKey.DSA.generate($SIZE, ...)
- metavariable-comparison:
metavariable: $SIZE
comparison: $SIZE < 2048
9 changes: 7 additions & 2 deletions python/pycryptodome/security/insufficient-rsa-key-size.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,16 @@
from Crypto.PublicKey import RSA as pycrypto_rsa
from Cryptodome.PublicKey import RSA as pycryptodomex_rsa

# ok:insufficient-rsa-key-size
# ruleid:insufficient-rsa-key-size
pycrypto_rsa.generate(bits=2048)
# ok:insufficient-rsa-key-size
# ruleid:insufficient-rsa-key-size
pycryptodomex_rsa.generate(bits=2048)

# ok:insufficient-rsa-key-size
pycrypto_rsa.generate(bits=3072)
# ok:insufficient-rsa-key-size
pycryptodomex_rsa.generate(bits=3072)

# ok:insufficient-rsa-key-size
pycrypto_rsa.generate(4096)
# ok:insufficient-rsa-key-size
Expand Down
30 changes: 18 additions & 12 deletions python/pycryptodome/security/insufficient-rsa-key-size.yaml
Original file line number Diff line number Diff line change
@@ -1,17 +1,8 @@
rules:
- id: insufficient-rsa-key-size
patterns:
- pattern-either:
- pattern: Crypto.PublicKey.RSA.generate(..., bits=$SIZE, ...)
- pattern: Crypto.PublicKey.RSA.generate($SIZE, ...)
- pattern: Cryptodome.PublicKey.RSA.generate(..., bits=$SIZE, ...)
- pattern: Cryptodome.PublicKey.RSA.generate($SIZE, ...)
- metavariable-comparison:
metavariable: $SIZE
comparison: $SIZE < 2048
message: >-
Detected an insufficient key size for RSA. NIST recommends
a key size of 2048 or higher.
a key size of 3072 or higher.
metadata:
cwe:
- 'CWE-326: Inadequate Encryption Strength'
Expand All @@ -20,14 +11,29 @@ rules:
- A02:2021 - Cryptographic Failures
source-rule-url: https://github.com/PyCQA/bandit/blob/b1411bfb43795d3ffd268bef17a839dee954c2b1/bandit/plugins/weak_cryptographic_key.py
references:
- https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf
- https://www.pycryptodome.org/src/public_key/rsa#rsa
- https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf
category: security
technology:
- pycryptodome
subcategory:
- vuln
likelihood: LOW
impact: MEDIUM
confidence: MEDIUM
confidence: HIGH
functional-categories:
- crypto::search::key-length::pycryptodome
- crypto::search::key-length::pycryptodomex
options:
symbolic_propagation: true
languages: [python]
severity: WARNING
patterns:
- pattern-either:
- pattern: Crypto.PublicKey.RSA.generate(..., bits=$SIZE, ...)
- pattern: Crypto.PublicKey.RSA.generate($SIZE, ...)
- pattern: Cryptodome.PublicKey.RSA.generate(..., bits=$SIZE, ...)
- pattern: Cryptodome.PublicKey.RSA.generate($SIZE, ...)
- metavariable-comparison:
metavariable: $SIZE
comparison: $SIZE < 3072

0 comments on commit 5fbf176

Please sign in to comment.